Maintenance, Machine Learning and the IIoT - Brad Nicholas Keynote Xcelerate17Brad Nicholas
Brad Nicholas from Uptake delivers the keynote presentation for day 1 of the 2017 Xcelerate Fluke/eMaint CMMS conference.
As IIoT adoption expands actionable insight at scale becomes possible. Maintenance staff will play a critical role in realizing the improved performance made possible by machine learning.
Integrated Analytics for IIoT Predictive Maintenance using IoT Big Data Cloud...Hong-Linh Truong
For predictive maintenance of equipment with In-
dustrial Internet of Things (IIoT) technologies, existing IoT Cloud
systems provide strong monitoring and data analysis capabilities
for detecting and predicting status of equipment. However, we
need to support complex interactions among different software
components and human activities to provide an integrated analyt-
ics, as software algorithms alone cannot deal with the complexity
and scale of data collection and analysis and the diversity of
equipment, due to the difficulties of capturing and modeling
uncertainties and domain knowledge in predictive maintenance.
In this paper, we describe how we design and augment complex
IoT big data cloud systems for integrated analytics of IIoT
predictive maintenance. Our approach is to identify various
complex interactions for solving system incidents together with
relevant critical analytics results about equipment. We incorpo-
rate humans into various parts of complex IoT Cloud systems
to enable situational data collection, services management, and
data analytics. We leverage serverless functions, cloud services,
and domain knowledge to support dynamic interactions between
human and software for maintaining equipment. We use a real-
world maintenance of Base Transceiver Stations to illustrate our
engineering approach which we have prototyped with state-of-
the art cloud and IoT technologies, such as Apache Nifi, Hadoop,
Spark and Google Cloud Functions.
Integrating AI into IoT networks is becoming a prerequisite for success in today’s data-driven digital ecosystems. The only way to keep up with IoT-generated data and gain the hidden insights it holds is using AI as the catalyst of IoT. Join this webinar to understand how IoT and AI may work together.
Maintenance, Machine Learning and the IIoT - Brad Nicholas Keynote Xcelerate17Brad Nicholas
Brad Nicholas from Uptake delivers the keynote presentation for day 1 of the 2017 Xcelerate Fluke/eMaint CMMS conference.
As IIoT adoption expands actionable insight at scale becomes possible. Maintenance staff will play a critical role in realizing the improved performance made possible by machine learning.
Integrated Analytics for IIoT Predictive Maintenance using IoT Big Data Cloud...Hong-Linh Truong
For predictive maintenance of equipment with In-
dustrial Internet of Things (IIoT) technologies, existing IoT Cloud
systems provide strong monitoring and data analysis capabilities
for detecting and predicting status of equipment. However, we
need to support complex interactions among different software
components and human activities to provide an integrated analyt-
ics, as software algorithms alone cannot deal with the complexity
and scale of data collection and analysis and the diversity of
equipment, due to the difficulties of capturing and modeling
uncertainties and domain knowledge in predictive maintenance.
In this paper, we describe how we design and augment complex
IoT big data cloud systems for integrated analytics of IIoT
predictive maintenance. Our approach is to identify various
complex interactions for solving system incidents together with
relevant critical analytics results about equipment. We incorpo-
rate humans into various parts of complex IoT Cloud systems
to enable situational data collection, services management, and
data analytics. We leverage serverless functions, cloud services,
and domain knowledge to support dynamic interactions between
human and software for maintaining equipment. We use a real-
world maintenance of Base Transceiver Stations to illustrate our
engineering approach which we have prototyped with state-of-
the art cloud and IoT technologies, such as Apache Nifi, Hadoop,
Spark and Google Cloud Functions.
Integrating AI into IoT networks is becoming a prerequisite for success in today’s data-driven digital ecosystems. The only way to keep up with IoT-generated data and gain the hidden insights it holds is using AI as the catalyst of IoT. Join this webinar to understand how IoT and AI may work together.
Mike Killian from Cisco was in attendance at Next Dimension to discuss IoT, IT/OT Convergence, and all things Smart Manufacturing. This presentation showcases the impact of Smart Manufacturing strategies as implemented across Cisco's supply chain.
Businesses across the world are rapidly leveraging the Internet-of-Things (#IoT) to create new products and services that are opening up new business opportunities and creating new business models.
The resulting transformation is ushering in a new era of how companies run their operations and engage with customers. However, tapping into the IoT is only part of the story [6].
For companies to realize the full potential of IoT enablement, they need to combine IoT with rapidly-advancing Artificial Intelligence (#AI) technologies, which enable ‘smart machines’ to simulate intelligent behavior and make well-informed decisions with little or no human intervention [6].
Marcellus Buchheit (Wibu-Systems) and Terrence Barr (Electric Imp) talk about how to secure IIoT endpoints, why they are so vital to secure, and how the Industrial Internet Security Framework (IISF) can help. This talk was given during a webinar as part of the #IICSeries, a continuous series of webinars on the industrial internet hosted by the Industrial Internet Consortium.
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?360mnbsu
The Internet of Things (IoT) has the potential to drive new innovation in products, services, and improve "how things are done" in manufacturing. However IoT also brings-to-light safety and security issues when purpose-built computing and network devices are exposed to the internet. This session will review case studies of IoT enabled exploits, explore some of the underlying cause of the vulnerabilities, and briefly review of steps vendors and end-users are taking to mitigate the risk.
From the 2014 Taking Shape Summit: The Internet of Things & the Future of Manufacturing.
Robert Mercier, Senior Network Services Lead at Next Dimension, Reviews IIoT and its impact on the Manufacturing sector. He specifically addresses the value of IT/OT convergence; something that is highly valuable for the Automotive Manufacturing space.
In IoT StreamConf's keynote, Todd Greene, CEO of PubNub, kicked off the conference with an optimistic keynote address, looking forward to solving the challenges of Internet of Things communication.
The Convergence of IT, Operational Technology and the Internet of Things (IoT)Jackson Shaw
Did you know that today, there are over 30 billion connected IoT devices? And that in 2020, that number will double? Do you know how these devices connect to the internet? To each other? To their manufacturer? How many IoT devices are used within your company? If you’re a security professional you’ll need to be able to answer these questions and more. In this session, Jackson Shaw (Dell) will discuss the convergence (collision?) of IoT with IT and OT, what it means to him as a consumer and what it means to us as identity and IT security professionals.
Keynote presentation at European Identity Conference 2015, Munich, Germany.
https://www.id-conf.com/eic2015
Cloud is recognized as facilitating “speed-to-market” – and for its ability to drive business agility. This is because cloud supports rapid experimentation and innovation by allowing companies to quickly try and even adopt new solutions without significant up-front costs. The Cloud can be a highly agile wrapper around different systems, different behavior and bringing it all together in an engagement cycle. By changing the way people interact with technology, cloud enables new forms of consumer engagement, expand collaboration across the value chain and bring innovation to companies’ core business models.
Industry 4.0 has widespread application across Industries (Manufacturing, Logistics, Mobility etc.). In case of manufacturing and processing industries Industry 4.0 means Smart Manufacturing using IIoT (Industrial Internet of Things or simply Industrial IoT) in a connected smart factory.
It enables an Organization to make smart data-driven decisions based on Big Data, Artificial Intelligence and Machine Learning. Industry 4.0 IIoT has several benefits such as Resource Optimization, Cost Reduction, Automation, Predictive Maintenance and Prescriptive Analytics and Control etc.
IIoT solutions are providing operators with massive volumes of data while making it easier to apply them to improvements in quality and efficiency. However, the cybersecurity risk to IIoT solutions is often overlooked. Many IIoT devices reside on networks that use open connections such as Wi-Fi, cellular, or satellite. Those could inadvertently increase an ICS threat surface.
Participants in this session will learn how to configure new and existing IIoT devices in a manner that will continue providing the value of the IIoT solution while reducing the exposure to cyberattacks. Guidelines will also be provided in cases of IIoT devices, which do provide inherent security configuration options.
Strong Security Elements for IoT Manufacturing GlobalSign
GlobalSign’s Vice President of IoT Identity Solutions, Lancen LaChance, presented a session on Strong Security Elements for IoT Manufacturing at the Internet of Things Expo in New York.
Lancen will run through some ideas and perspectives around incorporating strong information security elements into your IoT devices during the manufacturing process. Within this context we'll look at how we are examining the risks associated with IoT Products, Then we'll discuss some of the approaches for implementing these technologies in the manufacturing cycle. And finally we'll cover some example IoT use cases which are well aligned with the application of these technologies
As we look at the evolving IoT space, one bet we're willing to make is that the privacy and security of IoT products will continue to become more distinguishing features and differentiators. In this vein, Lancen address' how products can be built to achieve these goals through security by design, leveraging past technology successes, as well as the nuances and requirements of implementing within the manufacturing process
If you didn’t get a chance to make it to the conference and see Lancen live, we wanted to share the recorded presentation with you.
Watch the whole talk here: https://www.youtube.com/watch?v=fycAaOkpMrs
Industry 4.0 Smart Factory IoT Solutions- building the digital enterprise to ...Solution Analysts
Secure transformation toward a smart factory with Solution Analysts, Our IoT Solution does resource allocation, production processes, materials handling, and the workforce.
How to Become a Thought Leader in Your NicheLeslie Samuel
Are bloggers thought leaders? Here are some tips on how you can become one. Provide great value, put awesome content out there on a regular basis, and help others.
Mike Killian from Cisco was in attendance at Next Dimension to discuss IoT, IT/OT Convergence, and all things Smart Manufacturing. This presentation showcases the impact of Smart Manufacturing strategies as implemented across Cisco's supply chain.
Businesses across the world are rapidly leveraging the Internet-of-Things (#IoT) to create new products and services that are opening up new business opportunities and creating new business models.
The resulting transformation is ushering in a new era of how companies run their operations and engage with customers. However, tapping into the IoT is only part of the story [6].
For companies to realize the full potential of IoT enablement, they need to combine IoT with rapidly-advancing Artificial Intelligence (#AI) technologies, which enable ‘smart machines’ to simulate intelligent behavior and make well-informed decisions with little or no human intervention [6].
Marcellus Buchheit (Wibu-Systems) and Terrence Barr (Electric Imp) talk about how to secure IIoT endpoints, why they are so vital to secure, and how the Industrial Internet Security Framework (IISF) can help. This talk was given during a webinar as part of the #IICSeries, a continuous series of webinars on the industrial internet hosted by the Industrial Internet Consortium.
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?360mnbsu
The Internet of Things (IoT) has the potential to drive new innovation in products, services, and improve "how things are done" in manufacturing. However IoT also brings-to-light safety and security issues when purpose-built computing and network devices are exposed to the internet. This session will review case studies of IoT enabled exploits, explore some of the underlying cause of the vulnerabilities, and briefly review of steps vendors and end-users are taking to mitigate the risk.
From the 2014 Taking Shape Summit: The Internet of Things & the Future of Manufacturing.
Robert Mercier, Senior Network Services Lead at Next Dimension, Reviews IIoT and its impact on the Manufacturing sector. He specifically addresses the value of IT/OT convergence; something that is highly valuable for the Automotive Manufacturing space.
In IoT StreamConf's keynote, Todd Greene, CEO of PubNub, kicked off the conference with an optimistic keynote address, looking forward to solving the challenges of Internet of Things communication.
The Convergence of IT, Operational Technology and the Internet of Things (IoT)Jackson Shaw
Did you know that today, there are over 30 billion connected IoT devices? And that in 2020, that number will double? Do you know how these devices connect to the internet? To each other? To their manufacturer? How many IoT devices are used within your company? If you’re a security professional you’ll need to be able to answer these questions and more. In this session, Jackson Shaw (Dell) will discuss the convergence (collision?) of IoT with IT and OT, what it means to him as a consumer and what it means to us as identity and IT security professionals.
Keynote presentation at European Identity Conference 2015, Munich, Germany.
https://www.id-conf.com/eic2015
Cloud is recognized as facilitating “speed-to-market” – and for its ability to drive business agility. This is because cloud supports rapid experimentation and innovation by allowing companies to quickly try and even adopt new solutions without significant up-front costs. The Cloud can be a highly agile wrapper around different systems, different behavior and bringing it all together in an engagement cycle. By changing the way people interact with technology, cloud enables new forms of consumer engagement, expand collaboration across the value chain and bring innovation to companies’ core business models.
Industry 4.0 has widespread application across Industries (Manufacturing, Logistics, Mobility etc.). In case of manufacturing and processing industries Industry 4.0 means Smart Manufacturing using IIoT (Industrial Internet of Things or simply Industrial IoT) in a connected smart factory.
It enables an Organization to make smart data-driven decisions based on Big Data, Artificial Intelligence and Machine Learning. Industry 4.0 IIoT has several benefits such as Resource Optimization, Cost Reduction, Automation, Predictive Maintenance and Prescriptive Analytics and Control etc.
IIoT solutions are providing operators with massive volumes of data while making it easier to apply them to improvements in quality and efficiency. However, the cybersecurity risk to IIoT solutions is often overlooked. Many IIoT devices reside on networks that use open connections such as Wi-Fi, cellular, or satellite. Those could inadvertently increase an ICS threat surface.
Participants in this session will learn how to configure new and existing IIoT devices in a manner that will continue providing the value of the IIoT solution while reducing the exposure to cyberattacks. Guidelines will also be provided in cases of IIoT devices, which do provide inherent security configuration options.
Strong Security Elements for IoT Manufacturing GlobalSign
GlobalSign’s Vice President of IoT Identity Solutions, Lancen LaChance, presented a session on Strong Security Elements for IoT Manufacturing at the Internet of Things Expo in New York.
Lancen will run through some ideas and perspectives around incorporating strong information security elements into your IoT devices during the manufacturing process. Within this context we'll look at how we are examining the risks associated with IoT Products, Then we'll discuss some of the approaches for implementing these technologies in the manufacturing cycle. And finally we'll cover some example IoT use cases which are well aligned with the application of these technologies
As we look at the evolving IoT space, one bet we're willing to make is that the privacy and security of IoT products will continue to become more distinguishing features and differentiators. In this vein, Lancen address' how products can be built to achieve these goals through security by design, leveraging past technology successes, as well as the nuances and requirements of implementing within the manufacturing process
If you didn’t get a chance to make it to the conference and see Lancen live, we wanted to share the recorded presentation with you.
Watch the whole talk here: https://www.youtube.com/watch?v=fycAaOkpMrs
Industry 4.0 Smart Factory IoT Solutions- building the digital enterprise to ...Solution Analysts
Secure transformation toward a smart factory with Solution Analysts, Our IoT Solution does resource allocation, production processes, materials handling, and the workforce.
How to Become a Thought Leader in Your NicheLeslie Samuel
Are bloggers thought leaders? Here are some tips on how you can become one. Provide great value, put awesome content out there on a regular basis, and help others.
By John Breitenbach, RTI Field Applications Engineer
Contents
Introduction to RTI
Introduction to Data Distribution Service (DDS)
DDS Secure
Connext DDS Professional
Real-World Use Cases
RTI Professional Services
Global C4IR Masterclass Cambridge Hayward - CIR 2017Justin Hayward
Global platform for industry40, investment, innovation, capital, trends, drivers, tipping points, productivity gains, turnaround time, marketing automation, business automation, process automation, industrial automation, connectivity, AI, business models, growth. Relative competitiveness: abundance of cheap labour becomes less compelling when have extreme automation. Balance may move towards developed countries, but reverse diffusion and general automation adoption improves quality of life through more meaningful work even in low wage countries.
The global C4IR(TM) event series is available to franchise via www.cir-strategy.com as C4IRx.
Cyber Risk in Real Estate Sales - Workshop PresentationBrad Deflin
The presentation is for the real estate sales professional seeking to protect themselves, their clients, and their practice from information theft, fraud, and cyber crime.
Hacking your Connected Car: What you need to know NOWKapil Kanugo
Cars these days are 90% controlled by electronics and 10% using mechanics. The average new car already contains around 20 individual processors to monitor and control various functions — everything from the transmission’s shift points to the operation of the defroster — with about 60 megabytes of software code.
Many new cars are as “wired” as a home office — with onboard GPS navigation and wireless communications networks including Bluetooth, Wi-Fi or Internet run on Embedded OS's which run on converged Electronics to control these actions.
What if modern car’s onboard electronics be “hacked” or infected by a computer virus introduced through a wireless device that might corrupt or disable or controlled by a Hacker sitting at home?
The software does come with built in security but this is not enough and there is a need to offer a full Security package along with Car to guarantee Car's security. Life of people is more important than a gadget and people will pay and buy this package with a new car or upgrade to ensure that their car is not hacked by Hackers to malfunction or be used for other pervert interests.
WHITE PAPER▶ Building Comprehensive Security Into CarsSymantec
Over the past few years, automotive security threats have gone from theory to reality. Tech-savvy thieves have stolen cars throughout Europe and North America. Online videos show hackers remotely hitting the brakes on cars in ways that can endanger drivers and passengers. Hackers can exploit some of these vulnerabilities from an adjacent lane without forewarning to the driver.
Other vulnerabilities are open to attack over the cellular network—from halfway around the world—and for large numbers of cars simultaneously.
Even though technology exists to solve many of these security problems, the challenges of deploying such technology in cars loom far larger than similar challenges do in traditional information technology (IT) systems. In traditional IT systems, most problems can be solved with a quick install, update, or configuration change—or at worst, restoring from a backup, executing a failover to a disaster recovery site, or calling in a breach response team to tackle the most sophisticated threats.
However, cars don’t work like that. Multi-year safety certification processes to meet Federal Motor Vehicle Safety Standards (FMVSS) requirements don’t engender the weekly, daily, and real-time security updates that IT teams enjoy. Nobody can call in a breach response team to investigate the millions of cars you’ve built, now happily garaged in millions of homes. A car can’t safely fail over to another car. Companies often use redundancies at critical IT layers to keep high-volume web services running reliably, but few, if any, carmakers can afford the NASA-like investment of doing this for every vehicle.
Protecting cars against such threats has to be done in a context that works both within the car, and at scale for carmakers. The responsibility doesn’t stop at the assembly line: It extends all the way from the carmakers to the full breadth, depth, and complexity of auto supplier relationships. Security is a concern at each tier of the value chain, and attackers seek the weakest links.
Network Security for Automotive Embedded SystemsTonex
In the past decade, the automotive industry has undergone tremendous technological changes in terms of connectivity and personal mobility.
Modern cars are more and more like computers rather than mechanical products. It is not uncommon for modern cars to have remote connectivity and high-tech features, such as touch-sensitive dashboards, which can keep themselves up to date through regular software updates.
In the automotive industry, the consequences can be severe-if safety-related functions are compromised, it can cause injury or death, and if a large number of vehicles are threatened or required to be recalled, it can cause serious damage to reputation.
In the new digital age, due to the vehicle’s wireless communication capabilities, mobile devices (such as cellular phones or tablets connected to the vehicle via USB, Bluetooth or Wi-Fi) may have vulnerabilities inside or inside, and this problem is becoming more and more disturbing Third-party equipment connected through the vehicle diagnostic port.
Tonex's Automotive Cybersecurity Training
Automotive Cyber Security Training (Network Security for Automotive Embedded Systems) is a 3-day course. Participants will discuss the basic principles of embedded systems and the application of cyber security in vehicles to illustrate unique vulnerabilities that are commonly exploited.
Who Should Attend:
Chief Product Security Officers (CPSO)
Control Platform
Developers working with embedded systems
Embedded software engineers and testers
Ethernet and CAN Bus Software Engineers and Testers, Hardware Testers
Functional Safety Electrical Engineering
Information security professionals
Machine Learning Platform Engineers and Managers
Mechatronics Engineer, Sensor Cleaning Engineers and PMs
The Main Points of This Course Include:
Check how to adapt to network security in automotive embedded systems
The basics of automotive network security.
Automotive network security, threats, threat agents/vectors, vulnerability and risk assessment; defense in depth, etc.
Embedded system foundation
Basic knowledge of automotive embedded system product design cycle, project management, production design, V&V and O&M.
And many more.
Course Outline:
Cybersecurity Applied to Automotive
Introduction to Embedded Systems and their Applications in Automotive
Automotive Cybersecurity Strategies
Automotive Embedded System Vulnerability Analysis
Automotive Cybersecurity and Layers of Protection
Cybersecurity Best Practices for Modern Vehicles
Standards Development and Best Practices
Securing Automotive Embedded Systems Interfaces and Protocols
Cybersecurity Attacks and Best Mitigation Practices for Automotive Embedded Systems
Evaluating Cybersecurity Practices for Modern Vehicles
Learn More:
https://www.tonex.com/training-courses/automotive-cybersecurity-training-course/
Read more at www.harmaninnovation.com
HARMAN: Securing Connected Infotainment Systems Against Hackers
Connected vehicles can offer a gateway for cyber criminals to hack into automotive systems. How can infotainment systems help automakers combat this threat?
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
Mohamed Bedewi, Offense Security Division Head and Sr. Penetration Testing Consultant at DTS presented also during one of the security sessions titled - "Your Network in the Eyes of a Hacker – The 0ff3ns!v3 Version" which raised a few eyebrows to say the least. The presentation slides can be found here….
Product security by Blockchain, AI and Security CertsLabSharegroup
Three themes You need to think about Product Security — and some tips for How to Do It
I have been working with software security laboratories and IT security firms for years. I have talked with clients, read and watched dozens of articles/videos and talked with several experts about product security themes, future, technologies.
The three themes are:
Is the blockchain the new technology of trust?
Blockchain has the potential to transform industries. However, some security experts raised questions: If blockchain is broadly used in technology solutions will security standards be adopted? How to protect the cryptographic keys that allow access to the blockchain applications? Although it is true that the potential is huge such as securing IoT nodes, edge devices with authentication, improved confidentiality and data integrity, disrupting current PKI systems, reducing DDoS attacks etc.
AI (Machine Learning, Deep Learning, Reinforcement Learning algorithm) potential in Product Security
Machine learning can help in creating products that analyse threats and respond to attacks and security incidents. There are several repositories on GitHub or open-source codes by IBM available for developers. Deep learning networks are rapidly growing due to cheap cloud GPU services and after Reinforcement learning algorithm’s last success nobody knows the upper limit.
Product Security by International security standards and practices
The present, future, and developmental orientations of independent third party certificates Industry. How can the international standards answer the rapid growth of new technologies and maintain secure applications in IoT, Blockchain or AI-driven industries?
Are IT products reliable, secure and will they stay that way?
I would like to explain Product Security in a simple way. My goal is the introduction of product security for Tech startups, fast-growing Tech firms. Furthermore, I would like to emphasize the benefits of product security certification.
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
How to design secure software products for IoT, embedded application, smart metering, smart lighting, medical application with the help of Common Criteria
How to keep your IT environment secure using IAM while deploying BYOD and mobile
presentation delivered at the BYOD and Mobility Forum, London on 26 March 2014
Security Architecture for Cyber Physical SystemsAlan Tatourian
Slides I presented at the Automotive Cybersecurity conference at Detroit on Friday. The main message is captured in the last bullet in the Summary: We do not know how to build 100% reliable systems, we only know how to manage risk – your system will fail and you have to build for failure. This was one of the first lessons I was taught when I worked in the aerospace.
Cyber security for Autonomous Vehicles.pdfDorleControls
An overview of Cyber security for Autonomous Vehicles will be given in this introduction, along with a focus on the significance of protecting these cutting-edge modes of transportation.
Open Source Insight: Auto Security & Hackers, Killer Robots, & Containers Gon...Black Duck by Synopsys
According to the Linux Foundation’s 2017 Open Source Jobs Report, 89% of hiring managers are finding it difficult to find talent with open source expertise. Black Duck technical evangelist Tim Mackey explores how good containers go bad in a freewheeling interview with Linux.com.
IOactive and UBTech Robotics face off on “killer robot” claims and the UK Department for Transport and the Alliance for Telecommunications Industry Solutions issue connected car cybersecurity proposals.
All this and more cybersecurity and open source security news in this week’s edition of Open Source Insight.
Similar to Countering Cybersecurity Risk in Today's IoT World (20)
ER(Entity Relationship) Diagram for online shopping - TAEHimani415946
https://bit.ly/3KACoyV
The ER diagram for the project is the foundation for the building of the database of the project. The properties, datatypes, and attributes are defined by the ER diagram.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
2. THE RIGHT SECURITY FRAMEWORK
We cannot solve our problems with the same
thinking we used when we created them.
—Albert Einstein
Security controls
are shifting away
from the traditional
perimeter
Adoption of cloud
platforms and security
as a service will
continue
Where and how
data is stored is
key to evaluating
risks
4. ASSESS RISKS IN A STRUCTURED WAY
AND DEVELOP A ROADMAP
DEVICES
APPS
NETWORK
DATA
PEOPLE
IDENTIFY PROTECT DETECT RESPOND RECOVER
(NIST FRAMEWORK)
Pre-compromise
Post-compromise
5. A CULTURE OF SECURITY FACILITATES
RESPONSIBLE BUSINESS
German steel mill suffers
“massive damages” after
hackers accessed a
blast furnace that
workers could not
properly shut down
1
2
Recipient of targeted
email is tricked into
downloading malware
to their computer Attackers make their
way from corporate
network into production
networks to access
systems controlling
plant equipment
3
6. MAKE SECURITY A SHARED
RESPONSIBILITY
COMMUNICATE Spearhead security as a product.
Make it bold and important internally.
INNOVATE Be strategic about security
architecture and standardization.
ACCELERATE
Leverage agile practices to iterate and
improve controls implementation.
INTEGRATE Move security testing as close to the
developer as possible.
8. IOT ADDS THE “PHYSICAL WEB”
IoT is about the physical web of
everything around you
A whole slew of smart connected
products + services are coming
Multiple networks, all interacting
with you or on your behalf
MORE COMPLEXITY
NEW ATTACK SURFACES
COMPOUND EFFECTS
9. SMART PRODUCTS NEED BROADER,
NON-TRADITIONAL EXPERTISE
• Krebs & Cisco: IoT Reality: Smart Devices, Dumb Defaults
“Consider whether you can realistically care for and feed the security needs of yet another IoT thing that is:
-chewing holes in your network defenses;
-gnawing open new critical security weaknesses;
-bred by a vendor that seldom and belatedly patches;
-tough to wrangle down and patch”
• NW World: 500K WeMo users could be hacked; CERT issues advisory
“when CERT tried to contact Belkin, Belkin chose not to respond at all”
• IBM: Smart Building Security Risks
“Connected building systems fly under the Cybersecurity radar, creating a Shadow IoT”
http://www.networkworld.com/article/2226371/microsoft-subnet/500-000-belkin-wemo-users-could-be-hacked--cert-issues-advisory.html
http://krebsonsecurity.com/2016/02/iot-reality-smart-devices-dumb-defaults/
http://www.techrepublic.com/article/ibm-x-force-finds-multiple-iot-security-risks-in-smart-buildings/
10. WE HAVE A LONG WAY TO GO
• Hidden, hardcoded
credentials and passwords
• Credentials stored as static
text within files
• Insecure default
configurations
• Insufficient network
segmentation enabling
attacks from within
• Weak support and
nonexistent updates,
exacerbated by economics
• Some/all of the above
present in combination
IBM smart building infographic
11. THE CHRYSLER JEEP HACK
Lessons to be Learned
WITH MUCH THANKS TO:
Charlie Miller & Chris Valasek
White-hat Superheroes
12. thecavalry.org
“Modern [vehicles] are computers
on wheels and are increasingly
connected and controlled by
software.
Dependence on technology in
vehicles has grown faster than
effective means to secure it.”
13. MICRO-CONTROLLERS, EMBEDDED SOFTWARE AND
NETWORKING EVERYWHERE
Federally mandated “OBD” vehicle
diagnostics since 1996
Dozens of networked control
systems and millions of lines of code
“Black boxes” silently record vehicle
dynamics
“OnStar” telematics since 1996
Fleet management, and usage based
insurance are now widespread
Remote access adds MAJOR
security implications, mandating
disciplined design Graphic: Quora
14. CONNECTED VEHICLES
A MASSIVE OPPORTUNITY
An executive order from the White House in March 2015 called for
federal agencies with fleets of more than 20 vehicles to use
telematics systems whenever possible to improve vehicle efficiencies
E.O. section 3(g)(iii):
Collecting and utilizing as a fleet efficiency management tool, as soon
as practicable but not later than two years after the date of this order,
agency fleet operational data through deployment of vehicle
telematics at a vehicle asset level for all new passenger and light duty
vehicle acquisitions and for medium duty vehicles where appropriate
https://www.whitehouse.gov/sites/default/files/docs/eo_13693_implementing_instructions_june_10_2015.pdf
16. How hackable
is your car?
Most Hackable: Jeep Cherokee,
Escalade, Infiniti Q50, 2010 Prius
The Q50’s radio & adaptive controls
(adaptive cruise control and adaptive
steering) were directly connected to
engine and braking systems.
Older cars are least hackable.
Not a confidence inspiring trend..
http://illmatics.com/remote%20attack%20surfaces.pdf
17. RollJam
$32
Hacks keyless entry systems,
alarm systems and garage
door openers
Proven on Nissan, Cadillac, Ford,
Toyota, Lotus, Volkswagen,and
Chrysler vehicles; Cobra and
Viper alarm systems; and Genie
and Liftmaster garage door
openers.
http://www.wired.com/2015/08/hackers-tiny-device-unlocks-cars-opens-garages/
18. OwnStar
Any On-Star equipped GM car
could be located, unlocked
and started via the phone app
uses SSL encryption,
Kamkar says it doesn’t
properly check the certificate
http://arstechnica.com/security/2015/07/ownstar-researcher-hijacks-remote-access-to-onstar/
19. Progressive
‘Snapshot’
“The firmware running on the
dongle is minimal and insecure.
It does no validation or signing of
firmware updates,no secure boot, no
cellular authentication,no secure
communicationsor encryption,no data
execution prevention or attack
mitigation technologies… basically it
uses no security technologies
whatsoever.”
http://www.forbes.com/sites/thomasbrewster/2015/01/15/researcher-says-progressive-insurance-dongle-totally-insecure/
20. TomTom
OBDII dongle
Used to reduced insurance
rates for customers.
Hacked by UCSD by
sending SMS messages to
control the CAN bus to
control brakes, steering,
etc. Confirmed in Corvette,
Prius, Escape.
http://www.wired.com/2015/08/hackers-cut-corvettes-brakes-via-common-car-gadget/
21. DEALERS AND MECHANICS
• Infections of equipment used by
mechanics and dealerships to
update car software and run
vehicle diagnostics.
• An infected vehicle can spread
an infection to a dealership’s
testing equipment, which in turn
would spread the malware to
every vehicle the dealership
services.
23. DON’T HIDE BEHIND THE DMCA
• Auto Alliance and General Motors actively make legal threats against anyone who
tinkers with the code in their own vehicles, and actively fight proposed auto
exemptions in the Digital Millennium Copyright Act.
• “The proposed exemption could introduce safety and security issues as well as
facilitate violation of various laws designed specifically to regulate the modern car,
including emissions, fuel economy, and vehicle safety regulations” - GM
http://copyright.gov/1201/2015/comments-032715/class%2021/General_Motors_Class21_1201_2014.pdf
• “a vehicle owner does not own a copy of the relevant computer programs in the
vehicle.” - GM
• John Deere argues that “bypassing of cars’ protection mechanisms could allow
drivers to listen to pirated music, audio books or films, adding that this might
encourage others to partake in the enjoyment of illegal material.”
24. IAMTHECAVALRY.ORG
5 STAR AUTOMOTIVESAFETYPROGRAM
1. Safety by Design via standards compliance and secure software
development lifecycle
2. Third Party Collaboration between the automotive industry and
security researchers
3. Evidence Capture: tamper evident, forensically-sound logging
and evidence capture
4. Security Updates in a prompt and agile manner (not a mailed
USB drive)
5. Segmentation and Isolation: internet-connected infotainment
systems shouldn’t be able to talk to brakes or transmission.
https://www.iamthecavalry.org/domains/automotive/5star/
25. A FEW ATTACK VECTORS
• Bluetooth, WiFi, keyless entry
• Cellular gateways (e.g., modems, Femtocells)
• OnStar or OnStar-like cellular radio
• Insecure OS configuration, update media, interprocess comms
• Static, clear text/hex strings in executable files
• Android app on the driver’s phone synched to the car’s network
• Malicious audio file burned onto a CD in the car’s stereo.
• Radio-readable tire pressure monitoring systems
28. BUT IT WASN’T DESIGNED THAT WAY!
HOW DID THEY DO THAT?
29. A CASCADE OF VULNERABILITIES
• You can reach a cell network from the Internet
• You can port scan the car from the cell network!
• The car is listening to the cell network in an un-protected
manner
• The head unit (radio/nav) runs an OS that isn’t configured
properly
• The head unit’s application software is not secured properly
• The head unit is connected to both vehicle CAN networks
(infotainment and powertrain)
• Head unit nav upgrade software delivery includes flashing
tools and lots of commented script files
• The CAN interface firmware in the head unit isn’t code signed
http://illmatics.com/Remote%20Car%20Hacking.pdf
32. SO HOW DID CHRYSLER HELP CUSTOMERS
FIX THEIR VEHICLES?
• Plug in a USB flash drive you receive in the mail,
then update the firmware in the head unit
or
• Go to a dealer and they’ll take care of it
• No remote software updates