This document summarizes a presentation on standards-based machine-to-machine (M2M) implementations. The presentation discusses how 5G and IoT applications will need more security than previous technologies due to increased attack surfaces and data volumes. It promotes the use of common standards like oneM2M to provide reliable connectivity, security, and interoperability. The presentation also outlines proposals for new standards around vehicle identification and an open bootstrap framework to enable trusted connectivity across networks.
This presentation shows you what exactly is an eSIM, what are the eSIM connectivity implementation barriers and how it can change our understanding of IoT. And what can you expect from IoT eSIM providers.
Imperatives for the Smart Sustainable CitiesBalvinder Kaur
Presentation by Mr. Sharad Arora, Founder & MD, Sensorise Digital Services at the Virtual Conference on 100 Smart Cities India 2020, hosted by Bharat Exhibitions on 27th August 2020
This presentation shows you what exactly is an eSIM, what are the eSIM connectivity implementation barriers and how it can change our understanding of IoT. And what can you expect from IoT eSIM providers.
Imperatives for the Smart Sustainable CitiesBalvinder Kaur
Presentation by Mr. Sharad Arora, Founder & MD, Sensorise Digital Services at the Virtual Conference on 100 Smart Cities India 2020, hosted by Bharat Exhibitions on 27th August 2020
"How Standardization Enables The Next Internet Evolution," 1st in a series of 4 webcasts introducing oneM2M, the global standards initiative for Machine-to-Machine communications and the Internet of Things, delivered via BrightTALK on October 16th, 2014.
A Fresh Approach to Remote IoT ConnectivityPodsystem M2M
Our infographic “A Fresh Approach to remote IoT Connectivity” has been designed to provide IoT applications developers – particularly those focused on remote, roaming and mission critical applications – with information and advice on connectivity options, device design and future-proofing to prolong the lifespan of the application and avoid costly mistakes.
Our infographic “A Fresh Approach to remote IoT Connectivity” has been designed to provide IoT applications developers – particularly those focused on remote, roaming and mission critical applications – with information and advice on connectivity options, device design and future-proofing to prolong the lifespan of the application and avoid costly mistakes.
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWAREFIWARE
Presentation by Parwinder Singh (Technical Specialist, NEC Technologies India Pvt Ltd.) and Satinder Jeet Singh (Group Project Manager, NEC Technologies India Pvt Ltd.)
FIWARE Global Summit
23-24 October 2019 - Berlin, Germany
Learnings of how to simplifying io t solutions and securing business valueDan Mårtensson
Sierra Wireless presentation from M2M Forum April 2015 covering:
- Key learnings and recommendations from IoT projects
- Tips on how to simplify IoT implementations and securing business value
- Customer references
Intro to IoT & the role of LwM2M Technologies (Internet of Things World 2017,...Open Mobile Alliance
Presentation for the LwM2M Ecosystem Workshop during the Internet of Things Show 2017 in Santa Clara, CA,, title: "Introduction to IoT and role Light weight machine to machine Technologies"
Presentation given by:
*Vasu Kadambi - Dean’s Executive Professor, Leavey School of Business, Santa Clara University
*Shivakumar Mathapathi - Co-Founder and CTO, Dew Mobility / Industry Advisor, Electrical Engineering / Guest Lecture, IoT and Mobile application development, Santa Clara University / Industry Advisor, Electrical Science, Sonoma State University
Session 1908 connecting devices to the IBM IoT CloudPeterNiblett
IBM MessageSight and the IBM Internet of Things cloud enable connectivity across a wide variety of devices - from existing devices in silos and systems through the wide range of new devices that are appearing on a daily basis. This session covers patterns of connectivity, how to make it happen, including sending events like measurements and receiving of commands. The session goes into detail on how to use the industry standard MQ Telemetry Transport protocol to achieve this and encompasses best practices for topics and message format.
Industry 4.0 or the fourth industrial revolution, which has been introduced by German government in 2012 [1], which is depends on the integration of different categories of electrical and electronic devices, from personal computers, smartphones, smartwatches, machinery robotics and enterprise resource planning systems, which can be integrated together and communicated with others to analyse the optimal criteria of potential solutions for improving productivity via internet [2]. however, the requirements of the new technology will force the old technology to retired. which will will force the big companies to change the specification of the industrial components to keep up with the latest processors. Ultimately, the goal of Industry 4.0 is to produce smarter and resource-efficient factories which are more productive and competitive says Mika Lomax [3]. Which mean that the Devices are getting smarter. "Not only does the IIoT enable real-time monitoring on smartphones and via emails, but, in plants, everyone has LCDs (liquid-crystal displays), TV screens and marquees showing the production staff useful information," says Kumar. "The technology in the modern HMI, including drivers and connectivity, is moving to message displays and marquees. This will enable programming and monitoring in these smart displays. Technology is pushing PLC and HMI functionality to text displays and it will all be connected to the IIoT."[4] The characteristics of high-technology industries include steady order quantities, standardized product features and high product value [3].
BearingPoint’s “Connectivity for IoT” (Internet of Things)
approach supports industrial customers launching IoT based
solutions. Our accelerator aims to cut time and to reduce costs
to design and deploy mobile connectivity ecosystems. Our
customers will take advantage of BearingPoint’s cross-boarder
IoT experience.
Building a Raspberry Pi Robot with Dot NET 8, Blazor and SignalR - Slides Onl...Peter Gallagher
In this session delivered at Leeds IoT, I talk about how you can control a 3D printed Robot Arm with a Raspberry Pi, .NET 8, Blazor and SignalR.
I also show how you can use a Unity app on an Meta Quest 3 to control the arm VR too.
You can find the GitHub repo and workshop instructions here;
https://bit.ly/dotnetrobotgithub
More Related Content
Similar to Industry_Day-2019-0010-Enabling_the_IoT_domain.pptx
"How Standardization Enables The Next Internet Evolution," 1st in a series of 4 webcasts introducing oneM2M, the global standards initiative for Machine-to-Machine communications and the Internet of Things, delivered via BrightTALK on October 16th, 2014.
A Fresh Approach to Remote IoT ConnectivityPodsystem M2M
Our infographic “A Fresh Approach to remote IoT Connectivity” has been designed to provide IoT applications developers – particularly those focused on remote, roaming and mission critical applications – with information and advice on connectivity options, device design and future-proofing to prolong the lifespan of the application and avoid costly mistakes.
Our infographic “A Fresh Approach to remote IoT Connectivity” has been designed to provide IoT applications developers – particularly those focused on remote, roaming and mission critical applications – with information and advice on connectivity options, device design and future-proofing to prolong the lifespan of the application and avoid costly mistakes.
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWAREFIWARE
Presentation by Parwinder Singh (Technical Specialist, NEC Technologies India Pvt Ltd.) and Satinder Jeet Singh (Group Project Manager, NEC Technologies India Pvt Ltd.)
FIWARE Global Summit
23-24 October 2019 - Berlin, Germany
Learnings of how to simplifying io t solutions and securing business valueDan Mårtensson
Sierra Wireless presentation from M2M Forum April 2015 covering:
- Key learnings and recommendations from IoT projects
- Tips on how to simplify IoT implementations and securing business value
- Customer references
Intro to IoT & the role of LwM2M Technologies (Internet of Things World 2017,...Open Mobile Alliance
Presentation for the LwM2M Ecosystem Workshop during the Internet of Things Show 2017 in Santa Clara, CA,, title: "Introduction to IoT and role Light weight machine to machine Technologies"
Presentation given by:
*Vasu Kadambi - Dean’s Executive Professor, Leavey School of Business, Santa Clara University
*Shivakumar Mathapathi - Co-Founder and CTO, Dew Mobility / Industry Advisor, Electrical Engineering / Guest Lecture, IoT and Mobile application development, Santa Clara University / Industry Advisor, Electrical Science, Sonoma State University
Session 1908 connecting devices to the IBM IoT CloudPeterNiblett
IBM MessageSight and the IBM Internet of Things cloud enable connectivity across a wide variety of devices - from existing devices in silos and systems through the wide range of new devices that are appearing on a daily basis. This session covers patterns of connectivity, how to make it happen, including sending events like measurements and receiving of commands. The session goes into detail on how to use the industry standard MQ Telemetry Transport protocol to achieve this and encompasses best practices for topics and message format.
Industry 4.0 or the fourth industrial revolution, which has been introduced by German government in 2012 [1], which is depends on the integration of different categories of electrical and electronic devices, from personal computers, smartphones, smartwatches, machinery robotics and enterprise resource planning systems, which can be integrated together and communicated with others to analyse the optimal criteria of potential solutions for improving productivity via internet [2]. however, the requirements of the new technology will force the old technology to retired. which will will force the big companies to change the specification of the industrial components to keep up with the latest processors. Ultimately, the goal of Industry 4.0 is to produce smarter and resource-efficient factories which are more productive and competitive says Mika Lomax [3]. Which mean that the Devices are getting smarter. "Not only does the IIoT enable real-time monitoring on smartphones and via emails, but, in plants, everyone has LCDs (liquid-crystal displays), TV screens and marquees showing the production staff useful information," says Kumar. "The technology in the modern HMI, including drivers and connectivity, is moving to message displays and marquees. This will enable programming and monitoring in these smart displays. Technology is pushing PLC and HMI functionality to text displays and it will all be connected to the IIoT."[4] The characteristics of high-technology industries include steady order quantities, standardized product features and high product value [3].
BearingPoint’s “Connectivity for IoT” (Internet of Things)
approach supports industrial customers launching IoT based
solutions. Our accelerator aims to cut time and to reduce costs
to design and deploy mobile connectivity ecosystems. Our
customers will take advantage of BearingPoint’s cross-boarder
IoT experience.
Building a Raspberry Pi Robot with Dot NET 8, Blazor and SignalR - Slides Onl...Peter Gallagher
In this session delivered at Leeds IoT, I talk about how you can control a 3D printed Robot Arm with a Raspberry Pi, .NET 8, Blazor and SignalR.
I also show how you can use a Unity app on an Meta Quest 3 to control the arm VR too.
You can find the GitHub repo and workshop instructions here;
https://bit.ly/dotnetrobotgithub
Google Calendar is a versatile tool that allows users to manage their schedules and events effectively. With Google Calendar, you can create and organize calendars, set reminders for important events, and share your calendars with others. It also provides features like creating events, inviting attendees, and accessing your calendar from mobile devices. Additionally, Google Calendar allows you to embed calendars in websites or platforms like SlideShare, making it easier for others to view and interact with your schedules.
1. Session:
Standards
based
M2M
implementations
Enabling the IoT domain with accountable, reliable &
future proof M2M connectivity, security by design and
interoperable service
Sharad Arora
Founder and Managing Director, Sensorise Digital Services
25Sep2019
25-Sep-2019 6th oneM2M Industry Day hosted byTSDSI 1
2. Session:
Standards
based
M2M
implementations Speaker Introduction: Sharad Arora
• Engineer by education and profession
• Embedded Design Engineer at Xerox
• Head of Information Systems at Escotel
• Global ManagementTeam member, SmartTrust
• Over the Air SIM, Device and App Mgmt Platforms
• Root certification Authority in India
• Chief Officer,Wireless Solutions atTata
Teleservices
• Launched 3G and 3G enabled Solutions
• Leader of theWireless Solutions Sub Committee of
Docomo andTata
• Member of theTata Industries Innovation Council
• Founder & MD, Sensorise Digital Services
• Credited with the introduction of multi-network
solderable SIM in the Indian market place
• US Patent “Method and System to control expense &
usage of subscriptions in a mobile device”
• Stevie Business Award 2019: Most Innovative
Telecom Product & Services
Author
•Technical Report on IntelligentTransport Systems,Vehicle to
Vehicle Communications and Embedded SIMs (Nov, 2015)
•Author of the ITU Paper on Digital Identity and eKYC for
Automotive Industry (Mar 2016, Sep 2017, Jul 2018)
•LeadAuthor of theTechnical Report, Recommendations for M2M
Security (Jan, 2019)
Editorial Group,TEC M2MTechnical Reports
•CommunicationTechnologies in M2M / IoT (May 2015)
•M2MGateway &Architecture (May 2015)
•M2M Enablement in Safety & Surveillance System (Nov 2015)
•ICT deployment and strategies for Smart Cities (Jul 2016)
Contributor
•TRAI Consultation on ‘Spectrum, Roaming and QoS related
requirements in Machine-to-Machine (M2M) Communications
•Member of the MTCTECommittee on Certification
•Member of theTelematicsWorking Group of NitiAayog
•Member,Telecom Standards Development Society of India
•Member of National Working Group 13, 17 & 20 aiding the ITU
StudyGroups
•Rapporteur, Smart Cities StandardsAdvisory Committee
•Member, 5G Application Layer Standards
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 2
4. Session:
Standards
based
M2M
implementations 5G and IoT Apps need more Security than before
• IoT Applications and M2M Communications
are exposed to a wider attack surface when
compared to the Mobile and the Internet
• Other than wireless and mobile, IoT Devices
are dispersed
• IoT / M2M value chains has several
Stakeholders
• There is an absence of common standards
and certifications
• Absence of inter-operability and
transferability standards exposes users
• IoT use cases are often mission critical
• Devices are constrained for resources
(Battery, Size, Compute power, etc.)
• Price competition exposes the industry to
take short cuts
25-Sep-2019 6th oneM2M Industry Day hosted byTSDSI 4
• 5G architecture pushes what was formerly
core functionality out to the “edge” of the
network
• This has big implications for 5G network
security
• Billions of Devices, Device to Device interactions
(relegating the core network to a non-essential
element for some types of communications)
• 200 times 4G bandwidth
• Security concerns
• potential for unsecure or compromised devices to
be used for malicious activity
• Increases attack surface by orders of magnitude
due to software virtualisation and cloud
• Data explosion leading to difficulty in detecting
malicious traffic
• Major share of global economic output will come to
rely on global data networks
5. Session:
Standards
based
M2M
implementations Apps need Reliable Connectivity & Trust
Available,
Reliable,
Resilient,
Remote
Manageable
Connectivity
Device Security Connectivity Application Security
Trust and Privacy
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 5
6. Session:
Standards
based
M2M
implementations Guiding OneM2M Reference Architecture
Horizontal framework, APIs,
Objects as Resource
Access Control Policy
IoT Ontologies (formal description of
concepts and relationships, e.g. W3C
Semantic Sensor Network) as well as
big data frameworks
Legacy Solutions are Technology
Verticals (Zigbee, DLMS for smart
meters, etc.)
Automotiv
e
Application
Energy
Application
Home
Application
Automotive
Application
Energy
Application
Home
Application
Communication Technologies & Protocols
Communication Networks
Common Service Layer
Communication Devices & Hardware
OneM2M Common
Framework
Disparate
Machines and
Applications
IoT Ready Ecosystem
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 6
7. Session:
Standards
based
M2M
implementations The Effects on the Ecosystem
(++)
• TRAI has recommended an IoT Security Framework
based on a
• Security by Design and End to End Encryption
• NationalTrustCentre, Registration of M2M Service
Providers
• TSDSI / DoT /TEC are paving the way for National
Standards for IoT
• TEC Mandatory Testing and Certification Program for all
connected Devices is under way
• Ministries have initiated deployment of sectoral
standards
(-)
• Unreliable connectivity has crippled the effectiveness of
1000’s of crores invested in the R-APDRP program
• Several large SmartCities Projects are feeling the heat
from lack of Standards
• State wide implementation for tracking services cannot
distinguish good devices from rogue devices, plug
submission of Data from unidentified sources
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 7
8. Session:
Standards
based
M2M
implementations
New Proposals for Standards | Secure Element based Digital
ID for Vehicles
Proposes a way to identify and
secure vehicles for tracking,
transfer and compliance
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 8
9. Session:
Standards
based
M2M
implementations New Proposals for Standards | Open Bootstrap Framework
• In its current form, the 3GPP GAA Framework
is meant for the Mobile network operators
(MNO) and 3GPP Network Connected
Devices that use the UICC based SIM / USIM /
ISIM
• A MNO may or may not want to play the role
envisaged by the GAA framework. Further,
only useful only useful whenALL MNOs offer
the framework to allow for seamless changes
in subscription during the lifecycle of a
connected Device
• GAA must become network technology
independent
• For the global applicability and usefulness of
the ETSIGAA, the User / Use Case must be
able to benefit from the GAA framework,
independent of any one MNO and Network
Technologies
• The objective of the concept described below
is to enhance the 3GPP GAA to be an Open
Bootstrap framework that can be MNO and
NetworkTechnology independent
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 9
Modem/Device
IMEI/Sno
SIM/UICC/eUICC
IccID/Eid
Buyer
Citizen ID/Mobile
Physical
Telecom Industry
3GPP Identities
GBA / GAA as
the 3GPP
Vertical Trust
Framework
Modem/Device
IMEI/Sno/MAC/EAP
Secure Element
IccID/Eid
Vehicle/Mobile/IoT/…
Registration No
Buyer / Permit Holder
Citizen ID/Mobile
Physical
Telematics Industry
Identities
OBF
as the
technology
neutral Trust
Framework
HLR/HSS
MNC/MCC/GT
Application Server
M2MSP_Server_ID.M2MSP_Registrant-
ID.M2MSP_App_Name
NAF
xcap.ims.mncXXX.mccYYY.pub.
3gppnetwork.org
BSF
bsf.ims.mncXXX.mccYYY.pub.
3gppnetwork.org
Authentication
Server
GBA NAF
Proxy
OBF
Proxy
Resource Server
ra1.net.sensorise.SmartCampus
OBF Unified KMS
PKI / Keys
Figure: 3GPP and Open Bootstrap Framework Concept
10. Session:
Standards
based
M2M
implementations Simplified Security Objective
Private
MPLS
Wireless WAN
Internet
Public
Cloud
Enterprise DC / Cloud
Automotive Transport Health
Financial Surveillance Automation
Utilities
Industrial
Objective:
1. Only Known and Trusted Devices Connect to the Network and Apps
2. Only Known and Trusted Servers deliver Data
3. Data from the Device to End Application is end to end secured tolerating a variety
of communication media and protocols along the way
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 10
11. Session:
Standards
based
M2M
implementations Possible Approach to National Trust Centre
National Trust Centre
- M2M SP / ASP Registry (Company ID as per MCA)
- M2MSP Server Certificate from Root CA (M2MSP Digital ID)
- Application ID Registry (Issued by NTC)
- Device Series (Issued to Company by NTC / By IMSI and IMEI)
- Device Keys issued by M2MSP/ASP
M2MSP/ASP Security Infra
- Server Certificate bound to Company ID issued by MCA
- App Server IP, Domain, URL, Location bound to Certificate issued by CCA
- Device Series and Device Keys issued by M2MSP/ASP
National Trust Centre App
Registry
- M2M SP / ASP Registry (Company ID as per
MCA)
- Application ID Registry (Issued by NTC)
Connected Device Security
- Secure Element (UICC or Device based) with Device Keys
- Device Serial Number from NTC Issued Device Series
- Minimum Firmware Features for Device Control from NTC
(identification and control – see next slide)
Indian Root of Trust
- Server Certificate Issuance from
Indian Root Certification Authority
- Device Keys Issued by the M2M SP
Control of Devices
- Command the Device to
reveal its identity
- Command the Device to
reveal its OS version and
Checksum
- Shut Down the Device from
the NTC
Device Identity Register
- White / Grey / Blacklist
- Reuse the 3GPP EIR Functional
Model
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 11
12. Session:
Standards
based
M2M
implementations
Frugal Schema for Standards based IoT Connectivity,
Security and Remote Management
Client/Device Side Server Side
Data
Collector
Device
Management
SenseLCM
OneM2M
/
OCF
QoSec
Library
SenseProM
Secure
Messenger
RSP
QoSim QoSec
MAID FW
OneM2M
/
OCF
Data
Sender
Sensor
Config
Device
Config
Data
API
Conf
API
Subscription
API
Use Case Specific
FW
Implementation
ETL, Analytics, ML
KMS
Sensing
Device(s)
Controller
/
Processor
HMI
Target
Measure
• Identification,
authorisation,
routing and
management
• Optimisation of
application
performance
over multiple
path hybrid
underlying
network
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 12
13. Session:
Standards
based
M2M
implementations Security by Design | QoSec and C-DoT OneM2M Platform
QoSec Applet
Counter
# Session Key
Generation
Session
Key
Shared Key
Session
Key
Counter
QoSec Server
Session Key
Generation
#
Client Application
TLS Set-up
Server Application
TLS Set-up
“Hello” “òáßÞÆ” “Hello”
Keyset 1:
TLS based Device
Auth using PSK based
Session Keys
Keyset 2:
Encryption of actual
data between Device
and its Application
Context
1. C-DoT Common Service
Layer Infrastructure
Node uses the QoSec
Security framework
2. Application Server uses
another PSK Keyset for
Application level Data
Encryption and
Decryption
3. Frugal Architecture
requiring virtually no
change to Device PCBs
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 13
14. Session:
Standards
based
M2M
implementations Security by Design for Connected Meters
Context
1. Remote Meter
Authentication and Data
Encryption from the
Secure Element in the
eSIM
2. Application Server uses
another PSK Keyset for
Application level Data
Encryption and
Decryption
3. Frugal Architecture
requiring virtually no
change to Device PCBs
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 14
15. Session:
Standards
based
M2M
implementations Security by Design for Connected Car Platform
• eSIM / Secure Element
• Pre-Shared Keys
• Choice of Algorithms
• Remote provisionable
Connectivity
• Secure Element
https://www.st.com/en/applications/body-and-convenience/body-control-module-bcm.html
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 15
16. Session:
Standards
based
M2M
implementations
State Tracking Infra | Solving for Security | As-is security
challenged architecture
Secure backend
Application
GGSN
Field Device
Private APN
Objective
1. Only Known and Trusted Devices connect to the Network and Apps
2. Only Known and Trusted Servers connect to each other
3. Data from the Device to Application is end to end secured tolerating a
variety of communication media and protocols along the way
Not Secure
- Any server can send data to the
Application
- Exposed to man in the middle
attack
Partly Secure
- Device can send data only to
known IPs
- Exposed to rogue devices
Rogue
Server
Threat
- Rogue Server can
send data to the
Secure Application
Rogue
Device
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 16
17. Session:
Standards
based
M2M
implementations
State Tracking Infra | Solving for Security | IPSEC security –
eliminates rogue servers
Secure backend
Application
GGSN
Field Device
Private APN
Secure
- All the GGSNs of all participating TSPs
will exit SenseORSAC through a named
IP, which IP will be whitelisted at the
App backend
Partly Secure
- Device can send data only to
known IPs
- Exposed to Rogue Devices
Rogue
Server
Threat
- Rogue Server can no
longer send data to
the Secure
Application
Named
IP+IPSEC
IPSEC
Tunnel
over
Internet
X
Rogue
Device
X
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 17
Objective
1. Only Known and Trusted Devices connect to the Network and Apps
2. Only Known and Trusted Servers connect to each other
3. Data from the Device to Application is end to end secured tolerating a
variety of communication media and protocols along the way
18. Session:
Standards
based
M2M
implementations
State Tracking Infra | Solving for Security | TSP, OEM, Device
independent tamper resistant end to end security
Secure backend
Application
GGSN
Field Device
Private APN
Not Secure
- Any server can send data to the
Application
- Exposed to man in the middle
attack
Partly Secure
- Device can send data only to
known IPs
- Exposed to Rogue Devices
Rogue
Server
Threat
- Rogue Server can
send data to the
Secure Application
Named
IP+IPSEC
IPSEC
Tunnel
over
Internet
X
Rogue
Device
QoSec
Client
Secure
QoSec
Server
Periodic Device Authentication with QoSim Secure Element
X Sends QoSim Secure Element verified device independent
Device IMEI, Location and timestamp to secure server
Secure
Device
Authenticat
ion Server
Captive Tamper
Proof Interface
X
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 18
Objective
1. Only Known and Trusted Devices connect to the Network and Apps
2. Only Known and Trusted Servers connect to each other
3. Data from the Device to Application is end to end secured tolerating a
variety of communication media and protocols along the way
19. Session:
Standards
based
M2M
implementations AIS140 Showcase | Sectoral standard for Transport
• Uniform Ontology and Semantics for Devices and
the Public ServiceVehicleTracking Backend
• Common Service Layer Platform
• Certification of Devices and Infrastructure
• Unique Identity of Device, Make and Model
through theTamper resistant ESIM
• ESIM for factory fitment, secure identity and
tamper resistant connectivity
• Quality of Service with Remote Manageable
Multi-Network Connectivity
• Machine and Custodian KYC
• Secure Remote Management of Devices
AIS140 has
embraced a
significant number
of good practices
required by the
emerging Standards
– but not onem2m
compliant
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 19
20. Session:
Standards
based
M2M
implementations Benefits of a uniform, published and integrated approach
• 56VLTD approved vendors
integrated on the Platform
• Over 43000 device uploaded
• VLTD implementation All over
India,Vehicles from over 24
States
• Secure authetication of
devices as per AIS-140
• ALL India Maps, as per Survey
of India Guidelines
Application and Database Integrated to
VAHAN for upload of activation as well as
Other status as required forAIS-140
compliance
Integration with State Emergency
Response System: Multiple Modes like
API integration, alerts
Dashboard, boundary wise alerts routing
- as per state Guidelines
VLT Manufacturers pay online for the
maintenance of Device on the back end,
other modes available as per the State
requirement
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 20
21. Session:
Standards
based
M2M
implementations Summary and Close
International Business
Awards 2019:
Most InnovativeTelecom
Product & Services
TEMA+ITU
Award 2019
Innovative IoT Services
What is good
• The right level of government, industry and SDO awareness
exists towards the need for standards, security and privacy for
IoT and 5G Applications
• OneM2M provides an excellent starting reference and starting
point for the above
• Domain specific engagement (SmartCities, Railways)
What more can be done
• National Standards for the orderly implementation of key
initiatives such as NationalTrust Centre, M2M Service Provider
Registration, MTCTE and Connectivity QoS to enable rapid
development of services with assured Inter-operability,
Connectivity, Security, Privacy and Remote Management to
address problems at scale (R-APDRP,Telematics, Smart Cities
etc)
• OneM2M Endorsement of show case Projects and Solutions,
other than Certification of Platforms
• Greater Start-Up engagement, critical to enable simultaneous
proliferation of innovative solutions and standards
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 21
23. Session:
Standards
based
M2M
implementations 4G and 5G Authentication | SIM is still the SE!
HSS (AuC)
UE
USIM (IMSI,
TMSI, Ki + Auth
Algo)
UDM (ARPF+SIDF)
AUSF
SEAF
UE
USIM (IMSI, SUPI,
SUCI, AKA’/5G AKA)
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 23
24. Session:
Standards
based
M2M
implementations 5G Authentication Framework
• 5G Networks can use the same SIM card as the
one for 4G
• Possible new 5GAuthentication with encrypted
SUPI, and a fallback to 4G Authentication
• SIMToolkit enforced to have mandated NMR,
TA, Network Reject type events
• Secure temporary keys for 5G but also non
3GPP security context such as WiFi are stored
in EF_5GAUTHKEYS
• A key called KAUSF derived from CK/IK, left at
the AUSF and that home operator can use on
its own policy.
ETSI TS 133501v150400p: 5G; Security architecture
and procedures for 5G System
- UE and serving network shall support EAP-AKA'
and 5G AKA authentication methods
NOTE: It is the home operator's decision which
authentication method is selected
- The USIM shall reside on a UICC. The UICC may
be removable or non removable
NOTE: For non-3GPP access networks USIM applies
in case of terminal with 3GPP access capabilities. If
the terminal supports 3GPP access capabilities, the
credentials used with EAP-AKA' and 5G AKA for non-
3GPP
access networks shall reside on the UICC
25-Sep-2019 3rd oneM2M Industry Day hosted byTSDSI 24
25. Session:
Standards
based
M2M
implementations The plumbing for the AIS140 Standard
20-Sep-2017 3rd oneM2M Industry Day hosted byTSDSI 25
Secure Process for Device Activation
• VLT Manufacturer Certification
• Certification Agency Login for submission ofVLT Manufacturer Data
• VLT Manufacturer authentication and Login for creation of Dealers
• Dealer Login for upload of Device Info
• M2M Service Provider API for Secure Authentication Data upload
including SIM-Device-Vehicle- Custodian-KYC- Subscriptions /Validity
• Dealer / OE / OEM Login for update of AIS140 Backend Subscription
Payment
• Periodic Device Health & KYC Analytics
• Upload of Secure Authentication Data toVaahan
Data Security
• Health Data Logging from Devices
• PVT Data Logging from Devices
• Alarms Data Logging from Devices
• Health Data Analytics, Speed Alerts and Permit Holder /Vaahan
Update
• Vehicle LocationTracking and MapViews
• Alarms Data presentation on MapView and Distribution
26. Session:
Standards
based
M2M
implementations The plumbing for the AIS140 Standard
20-Sep-2017 3rd oneM2M Industry Day hosted byTSDSI 26
Emergency Alarms
The Emergency Alarms handling is a
capability of the Alarms andAlerts Server,
which is a part of the AIS140 backend
• The Server undertakes to
• Rules based Alarms Management
• integrate with Police Department to
send PanicAlarm and related PVT
data
• integrate withVahan for sending
the health data
• integrate with the State Authorities
for sending the Over speeding data