Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Internet of Things (Iot)
Similar to Internet of Things (Iot) (20)
Recently uploaded
Recently uploaded (20)
Internet of Things (Iot)
- 2. What is IoT Why IoT? Smart objects Internet of Things - Evolution Difference between M2M and IoT Relationship to the Internet of Everything (IoE) IoT Is Here Now – and Growing! Unlocking the Massive potential of IoT What Comprises IoT Networks? IoT Technologies Overall Architecture IoT Architecture The hardware interface to “things” Challenges IoT Expands Security Needs IT Breach via OT Network Threat vs. Opportunity The Secure IoT Architecture – IT Plus OT! Agenda
- 3. What is IoT Internet connected objects (things) working together to solve a business problem Has been around for quite a while, but only recently has become affordable for personal use Internet of Things (IoT) comprises things that have unique identities and are connected to the Internet The focus on IoT is in the configuration, control and networking via the Internet of devices or “Things” that are traditionally not associated with the internet Eg: pump, utility meter, car engine IoT is a new revolution in the capabilities of the endpoints that are connected to the internet The Scope of IoT is not limited to just connecting things (device, appliances, machines) to the Internet
- 4. M2M (Machine to Machine) “Internet of Everything” (Cisco Systems) “World Size Web” (Bruce Schneier) “Skynet” (Terminato r movie) Education – Partnership – Solutions Information Security Office of Budget and Finance Various Names, One Concept
- 5. Education – Partnership – Solutions Information Security Office of Budget and Finance It’s everywhere! Where is IoT?
- 6. Smart Appliances Healthcare Education – Partnership – Solutions Information Security Office of Budget and Finance Wearable Tech
- 7. Education – Partnership – Solutions Information Security Office of Budget and Finance
- 8. What are the “Things” in the IoT? •Physical •Virtual Could be anything
- 9. Generate, collect, process and use acquired information to make better decisions Smart objects: Make things that weren’t meant to talk to each other interact smartly Gartner says the Internet of Things installed base will grow to 26 Billion units by 2020; I want to be well aligned and prepared for that Why IoT?
- 10. Smart objects Phone Location detection, presence detection Thermosta t Doorbell activation CCTV takes picture Email + SMS + Tweet Fire Alarm Email + SMS Security System CCTV Email + SMS Climate control presence @ home & weather forecast Hot water tank 1 Hot water tank 2 our presence, weather forecast Dog CCTV + Email Weather notificatio ns email Make things that weren’t meant to talk to each other interact smartly
- 11. Education – Partnership – Solutions Information Security Office of Budget and Finance Internet of Things - Evolution
- 12. Education – Partnership – SolutionsDifference between M2M and IoT
- 13. People Connecting People in More Relevant, Valuable Ways Process Delivering the Right Information to the Right Person (or Machine) at the Right Time Data Leveraging Data into More Useful Information for Decision Making Things Physical Devices and Objects Connected to the Internet and Each Other for Intelligent Decision Making IoE Relationship to the Internet of Everything (IoE)
- 14. 7.2 6.8 7.6 Rapid Adoption Rate of Digital Infrastructure: 5X Faster Than Electricity and Telephony 50 Billion “Smart Objects” 50 2010 2015 2020 0 40 30 20 10 BILLIONSOFDEVICES 25 12.5 Inflection Point TIMELINE Source: Cisco IBSG, 2011 World Population IoT Is Here Now – and Growing!
- 15. Education – Partnership – SolutionsLooming Opportunity
- 16. Education – Partnership – SolutionsConnected Rail Operations PASSENGER SECURITY In-station and onboard safety Visibility into key events ROUTE OPTIMIZATION Enhanced Customer Service Increased efficiency Collision avoidance Fuel savings CRITICAL SENSING Transform “data” to “actionable intelligence” Proactive maintenance Accident avoidance
- 17. Education – Partnership – SolutionsSmart City CONNECTED TRAFFIC SIGNALS Reduced congestion Improved emergency services response times Lower fuel usage PARKING AND LIGHTING Increased efficiency Power and cost savings New revenue opportunities CITY SERVICES Efficient service delivery Increased revenues Enhanced environmental monitoring capabilities
- 18. Education – Partnership – SolutionsIoT Applications : Intelligent Home
- 19. Education – Partnership – SolutionsUnlocking the Massive potential of IoT
- 20. Application Interfaces Infrastructure Interfaces New Business Models Partner Ecosystem Applications Device and Sensor Innovation Unified Platform Infrastructure APPLICATION ENABLEMENT PLATFORM APPLICATION CENTRIC INFRASTRUCTURE APPLICATION AND BUSINESS INNOVATION Data Integration Big Data Analytics Control Systems Application Integration … But It Also Adds Complexity
- 21. Information Technology (IT) Operational Technology (OT) Smart Objects What Comprises IoT Networks?
- 22. Education – Partnership – SolutionsIoT Technologies Hardware (Device) Communication Technology Protocols for IoT Software (IDE) Cloud Platforms
- 23. Overall Architecture Business logic Thing Interface M2M Prot ocol Interface Visualiza tion, BI Control UI Prot ocol Read proper ties Set Prope rty Pro toc ol Pro toc ol Ra w Proces sed Logi c Storage
- 24. Education – Partnership – SolutionsIoT Architecture Integrated Application Information Processing Network Construction Sensing & Identification Smart Grid Green Building Smart Transport Env. Monitor Data Center Search Engine Smart Decision Info. Security Data Mining WWAN WPAN WMAN WLAN Internet GPS Smart Device RFID Sensor Sensor
- 25. The hardware interface to “things” The ‘Funky’ project It is an Arduino-compatible multi purpose micro that is: • Very small: 20×21.2mm (0.78″x0.83″) • Very light: 3 grams • Low power (up to 1 year on coin cell battery) • Wireless capable (RFM12B transceiver)
- 26. Education – Partnership – SolutionsChallenges Global cooperation • Proprietary and incompatible protocols • Lack of APIs • Example: Common external power supply Technological challenges • Power usage • Scalability • Security • Communication mechanisms Ethics, control society, surveillance, consent and data driven life Rapid Evolution
- 27. IoT CONNECTIVITY Converged, Managed Network Resilience at Scale Security Application Enablement Distributed Intelligence Increased Attack Surface Threat Diversity Impact and Risk Remediation Protocols Compliance and Regulation IoT Expands Security Needs
- 28. CEO Fired Reputation Damage* 46% drop in year-over-year profit 5.3% drop in year-over-year revenue 2.5% drop in stock price Breached via Stolen Credentials from HVAC Vendor 40 Million Credit And Debit Cards Stolen PII Stolen From 70 Million Customers * Source: KrebsonSecurity, May 2014 IT Breach via OT Network
- 29. If misunderstood and misconfigured, IoT poses risk to our data, privacy, and safety If understood and secured, IoT will enhance communications, lifestyle, and delivery of services Education – Partnership – Solutions Information Security Office of Budget and Finance Threat vs. Opportunity
- 30. Services Application Interfaces Infrastructure Interfaces New Business Models Partner Ecosystem Applications Device and Sensor Innovation Application Enablement Platform Application Centric Infrastructure Security APPLICATION AND BUSINESS INNOVATION Data Integration Big Data Analytics Control Systems Application Integration Network and Perimeter Security Physical Security Device-level Security / Anti-tampering Cloud-based Threat Analysis / Protection End-to-End Data Encryption Services The Secure IoT Architecture – IT Plus OT!
- 31. THANK YOU Q & A
Editor's Notes
- British entrepreneur Kevin Ashton first coined the term in 1999 while working at Auto-ID Labs (originally called Auto-ID centers - referring to a global network of Radio-frequency identification (RFID) connected objects).[10] Typically, IoT is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine communications (M2M) and covers a variety of protocols, domains, and applications.[11] The interconnection of these embedded devices (including smart objects), is expected to usher in automation in nearly all fields, while also enabling advanced applications like a Smart Grid,[12] and expanding to the areas such as smart cities. Cisco Systems refers to IoT as the “Internet of Everything”… Bruce Schinerer recently referred to two new colloquial terms – World Spanning Robot and Benign Organization. There is also the term “Skynet” in reference to the Terminator movies that is frequently discussed in Blog and online postings/jargon.
- IoT is everywhere! (Audience Participation)
- In our daily lives, we have become more reliant on IoT with our wearable tech, appliances, our cars, how we receive health care.
- M2M/IoT Sector Map :: Beecham Research http://www.beechamresearch.com/article.aspx?id=4 The following graphic from Beecham Research depicts how the Internet of Things may interact with various service sectors within the public/private sectors and ordinary consumers. Public sector entities (such as universities) may have some level of involvement and interaction within all service sectors depicted; ranging from the operation and industry elements of buildings, to levels of research, retail entities, transportation, and IT/Networks. **Place emphasis on service sectors, that it is likely that at least one example of devices may be found within university networks.
- Physical Objects such as Climate control Security/Disaster alarm system Energy/Resource metering (Electricity, Gas, Water) Water boiler, Solar boiler Car (OBDII, vehiclepi) The Sun (sunrise/set times, azimuth) Living things People (self quantification) Presence Location Health metrics Weight Activity tracking Temperature Blood Glycose monitors Fitbit Pets Virtual Personal schedule/calendar Social Email Twitter/FB Online notification platforms WWW resources Weather forecasting Stocks Traffic DB Storage Visualization dashboards Presence
- Provide intelligence Improve efficiency
- IoE is the networked connection of people, process, data and things. IoE brings together people, processes, data, and things to make networked connections more relevant and valuable than ever before – turning information into actions that create new capabilities, richer experiences, and unprecedented economic opportunity for businesses, individuals, and countries. IoT is the “Things” portion. To be clear, by “things” we’re really talking about the network of sensors, objects, etc – not concentrating on the devices, themselves.
- … and IoT isn’t “science fiction” or something that will happen in the future – it’s real, and it’s here now. Cisco believes that the inflection point – the point at which the number of connected devices began outnumbering the number of men, women, and children on the planet – happened about five years ago; others in the industry believe that it happened about a year and a half ago. Similarly, Cisco believes that the number of connected objects will grow to about 50 billion over the next several years, while other estimates put that number at 25, 30, or even as high as 200 billion! Who’s right doesn’t really matter … the point is that we all universally agree on two things: 1) the point of inflection is in the past; and 2) gap is expected to widen exponentially over the next several years. So, IoT is here today, and will continue to grow!
- Using ruggedized cameras and communications equipment that can handle the vibration and jolts of a rapidly moving train, a connected network of IoT-enabled cameras can help improve passenger safety by analyzing and correlating events at various stations, as well as on trains – for actionable security intelligence. The intelligence gained from multiple connected systems can help identify bottlenecks, enable routes and schedules to be tuned for greater efficiency, and even avoid collisions. Likewise, sensors attached to critical parts such as wheels can proactively determine if a part needs to be replaced – before it can cause a devastating accident. Sensors can also alert supervisors if the train is being operated in an unsafe manner, or alert the operator of important changes in track conditions.
- IoT requires that connectivity tools be added to the platform, as well as some network elements such as smaller, more self-contained switches and routers for fields, plants, and other operational environments. These network elements are frequently deployed in challenging environments that include harsh weather conditions, significant amounts of vibration, etc., so they need to be ruggedized to function under these conditions. [ANIMATE] Now here’s where it gets interesting … one of the primary differences between your existing IT network and an IoT network is all of these additional devices, sensors, and other “smart objects”. It’s important to note that these objects are networked together, yet they’re independent of your network – you don’t own them; oftentimes can’t see them; and you don’t control them in any way, shape, or form. Yet they’re sending petabytes of data through your network – data that’s required by the applications to function properly. [ANIMATE] Another difference is in the applications, themselves. Unlike today’s monolithic applications, where the main value is delivered locally from the application’s code, IoT applications derive most of their value from the intelligence that is collected from, and distributed throughout, the network; the application itself is merely the method employed to access that intelligence. [ANIMATE] Which leads us to the other major infrastructure difference in an IoT network, which is required to communicate and process all of this intelligence …
- As mentioned on the previous slide, the “IoT Network” isn’t a completely separate entity … rather, it utilizes the existing IT network as its foundation, and then supplements it with operational technology (OT) and the billions of sensors, devices, and other smart objects.
- Data produced by the connected things is acquired, processed and logged; DQ, what data to collect (collecting nothing with great accuracy) Run on a R/O fs raspberry pi; considering moving to the cloud As “Things” become increasingly smarter, they can talk directly to M2M layer It is possible to have multiple interfaces on the same “Thing”, specializing on interfacing with certain its property (AC power, temperature, control) It is possible that multiple interfaced “Things” have one and the same interface on the M2M end, as long as they use same protocol Storage: Abstract and treat a “thing” with “interface”. EmonCMS, ThingSpeak, NoSQL; Retrieval of data API; Visualization: in-built EmonCMS, Thingspeak; collect an relate data for better insight. Actionable analytics.
- I’ve created a miniature Arduino compatible clone with wireless connectivity to use as interface to physical objects. The project is open hardware/source. YAPM,
- Despite its many business benefits, IoT increases security challenges in several ways: Increased attack surface – Due to the billions of new devices that are now connected Threat diversity – Due to the variety of objects – many of which are in insecure locations Impact & risk – More sensitive data is flowing through more connected devices, in more places throughout the world – and BTW, mostly outside the secure embrace of the existing network Remediation – Need to think differently about security – can’t necessarily isolate a system, because the cost of shutting it down may be greater than the cost of an infection … also, rather than hardening the outside but leaving the inside relatively insecure, need pervasive protection) Protocols – Security systems need to be considered as a continuous process – in addition to secure access, the system needs to be content-, context-, and threat-aware) Compliance & regulation – Regulatory compliance organizations are requiring tighter security and privacy controls than ever before, which is affecting a growing number of industries)
- The Target breach is an excellent example of why IT and OT networks need to be converged, with centrally-managed security across them … - Centralized management and control, IPS/IDS, access control policies, and system segmentation could have prevented this PR and financial disaster
- In closing, while, how we as security professionals work, support, and provide the security expertise for Higher Education business initiatives is crucial to success in the scope of IoT.
- As I mentioned earlier, it’s important to understand that IoT doesn’t replace your existing network; rather, it supplements it, and relies on it in many ways. [ANIMATE] But then we add the emerging set of intelligent, IoT-enabled applications. [ANIMATE] … and, of course, billions of additional devices, sensors, and other “smart objects” that will create the intelligence for the applicatoins. [ANIMATE] Of course, services will need to be expanded to cover the new capabilities … [ANIMATE] And we’ll need additional layers of security to enjoy the many business benefits of IoT while maintaining a high level of data privacy and protection. Now remember I mentioned in the beginning that IoT is not a new network, but rather adjunct – and complementary – to your existing network. As a result, you still need network and perimeter security. In fact, the billions of connected objects in IoT networks create new attack vectors, so this layer of security is more important than ever. And since those billions of objects can be located quite literally anywhere in the world – in both secure and insecure environments – existing network security needs to be supplemented with device-level security and anti-tampering, to protect devices against low-tech attacks. Because it’s now connected, even the simplest object can provide a direct line into the core of your network if compromised. Finally, physical security should be implemented throughout your network, and integrated with your network security. Connected cameras, badge readers, RFID tags and other sensors, as well as video analytics, can add essential security intelligence to help protect your network, physical assets, critical data, and employees.