2. About Myself
• IIT KanpurAlumnus
• 19+ year Industry experience
• Presently working as Director at UniConvergeTechnologies Pvt. Ltd.
(UCT)
• Chief Mentor ofThe IoT Academy “Skill development andTrainings”
• Worked with many MNCs
• Ericsson AB, Sweden (for 7 years)
• STMicroelectronics Pvt. Ltd, Noida
• UbiNetics India Pvt Ltd, Bangalore
• SASKENCommunicationTech., Bangalore
3. What to discuss today?
• Glimpse of a real usecase
• IoT LayeredArchitecture
• DesignChallenges in each layer
• Sensor selection
• Gateway selection
• Connectivity selection
• IoT Cloud platforms
• DeploymentChallenges
• Best Practices
• Today's Takeaway
• Q&A 3
4. 4
IoT is not a technology,
but
It is a complex ecosystem
6. Indian Railways Scenario (Northern railways case)
Outdoor Signals (Most of signals
will be captured by control box)
Indoor Signals (Relay
Room)
7. 7
Requirements
• Sampling time of the analog input should be of the order of 100 msec or less for
few equipment's
• Line of site requirement for recommended technology if any.
• Which time will be taken in time stamps of measure quantity.
• Maximum permitted analog inputs can be connected with your offered device,
at some places analog inputs are concentrated of the order of few hundreds and
at some places of the few tens, do considered this fact while giving any
recommendations.
• Is there any means to distinguish between the parameter measured so that only
during variations let us say more then 2% of measure quantity only then data
will be sent to the server otherwise not.
• All these analog inputs are distributed in the distance range of 2-3 km. but also
mention the solution you are providing will deliver in which distance range.
12. Technologies around “DATA”
12
• From where Data come from : IoT/ Embedded
• How data is communicated from source to destination : Networking
& Communication Technologies
• How and where data is managed : Cloud Computing/
Big Data
• What to do with Data : Machine Leaning
• How to secure data : Cyber Security
19. 19
Functional requirements of IoT Platform
Data collection from the devices over different protocols and network topologies,
Device Registry and management
User and Access Management
On-device data processing (Edge processing)
Data Representation and Visualization
Reporting, Rule Engine, Alerts and Notification
Data processing and BI
Components for frontend analytics
Cloud-based deployment
Security : TLS/ Encryption
Remote device configuration and control
Over-the-air firmware updates
Scalable (cloud native) / Load Balancing
Customizable
Integration with 3rd party software
20. 20
Performance requirements of IoT Platform
• Scalability
• Stability with increase of Data volume
• Ease of use
• Good User Experience
• Easy deployment
• MQTT Performance (How many devices per client thread)
• Multi threaded
• Multi Client
• Multi topics
29. Simple Database integration
29
Data Acquisition
Module
DB
DVS
(DASHBOARD/WebUI)
Predictive Maintenance
Business Intelligence
&
Third Party ERPAPPs
Device Registry, Mgmt and
Server Config.
30. 30
DB Selection
• What is good choice of DB at server?
• How can we make DB load and multiple access agnostic?
• Data queue management tool e.g. Kafka etc
• Scalability and Stability
• How many devices/channels/TAGs can be supported?
• In case of Edge computing,
• Huge volume of IOT Data acquisition, filtering, storage in DB
• How DB is managed for high volume?
• Highly loaded access of DB
33. Challenges
• IoT suffers from Market Failures and Externality Effects e.g., Accrual of
societal benefits depend on the broad adoption of IoT-enabled solutions
(thermostats/health). E.g., Competitiveness Externalities
• IoT suffers from “Chicken-and-Egg” Challenges e.g.,The success of many
IoT apps depends on the success of complementary technologies/systems
(e.g., energy/transit).
• Interoperability and Standards-Setting Issues e.g. Governments have an
important coordinating role to play in developing large-scale deployments
of sensor networks and smart infrastructure that spans multiple
jurisdictions.
• Ensuring adequate radio spectrum and coherent regulatory approach.
34. Challenges
• Global cooperation
• Proprietary and incompatible protocols
• Lack ofAPIs
• Example:Common external power supply
• Technological challenges
• Power usage
• Scalability
• Security
• Communication mechanisms
• Ethics, control society, surveillance, consent and data driven life
35. IoT Data- Challenges
• Multi-modal and heterogeneous
• Noisy and incomplete
• Time and location dependent
• Dynamic and varies in quality
• Crowed sourced data can be unreliable
• Requires (near-) real-time analysis
• Privacy and security are important issues
• Data can be biased- we need to know our data!
35
36. 36
IoT Data Challenges
• Interoperability: various data in different formats, from different sources
(and different qualities)
• Discovery: finding appropriate device and data sources
• Access: Availability and (open) access to resources and data
• Search: querying for data
• Integration: dealing with heterogeneous device, networks and data
• Interpretation: translating data to knowledge usable by people and
applications
• Scalability: dealing with large number of devices and myriad of data and
computational complexity of interpreting the data.
42. 42
Response
• Sampling of AnalogSignals < 100ms
• LPWAN gives better Range (upto 3km in Rural) in case of line of site. In case of
No LOS, range may vary from 500 meters to 2000 meters.
• Measurement quantity will carry server time stamp that is sync with device time.
• If analog signals are concentrated then they can be sent over Modbus, Gateway
can handle upto 100 Analog signals but if Modbus is not possible then data
needs to be sent over LPWAN to Gateway, that can handle 10 Analog signals
(Need to write correct figures, check original question)
• Data is sent to server only when it exceeds more than preset threshold
variations.
44. IoT Solution
*
*
*
Analog to RS485
converters
(8AI to RS485)
DAMS HW
Modbus over
RS485
Modbus over
RS485
Modbus over
RS485
DAMS HW
DAMS HW
Multiport
Ethernet to
2G/4G Modem
Cloud Server
Ethernet
Ethernet
Ethernet
Analog
Signal
Sources
Air Inteface
45. IoT Solution
*
*
*
Analog to
LoRA
Converters
LoRA to Ethernet
Converter
LoRA Air Inteface
DAMS HW
DAMS HW
Cloud Server
Ethernet
Ethernet
Ethernet
Analog
Signal
Sources
Air Interface
Multiport
Ethernet to
2G/4G Modem
LoRA Air Inteface
LoRA Air Inteface
46. IoT Solution
Closer to
Station?
CASE 1:
No. in order of 10s
CASE 2:
No. in order of 100
If No. of Analog Sources are
Farfrom
Station?
Is Internet
Connectivity
Availableover
Ethernet?
Use 2G/4G forCloud
Server Connectivity
No
Yes
Yes
Send data from Endsource
Node to GW over RS485
Send datafrom End source
Nodeto GW over LoRA
Use UCT Monitoringsolution
forall cases mentioned above
Yes
Use Ethernet forCloud
Server Connectivity
No
No
Yes
If End node are
clustered and close by
48. Why be concerned about IoT?
• It’s just another computer, right?
• All of the same issues we have with access
control, vulnerability management,
patching, monitoring, etc.
• Imagine your network with 1,000,000 more
devices
• Any compromised device is a foothold on
the network
Education – Partnership – Solutions
Information Security
Office of Budget and Finance
49. Security & Privacy
• Are they important?
• What is the risk?
• What are the challenges?
• Device level
• Network level
• System level
• User level
• Solutions?
49
50. What Can Breach IoT Networks?
• What can’t?
• Billions of connected devices
• Secure and insecure locations
• Security may or may not be built in
• Not owned or controlled by IT … but data flows through
the network
• Any node on your network can potentially provide
access to the core
51. Unintended Security Exposures*
• Farm Feeding System in the U.S.
• MineVentilation System in Romania
• Hydroelectric Plant in the U.S.
* Source: Wired, November 2013
52. IT Breach via OT Network
• Breached via Stolen Credentials from HVACVendor
• 40 MillionCredit And Debit Cards Stolen
• PII Stolen From 70 MillionCustomers
• Reputation Damage*
• 46% drop in year-over-year profit
• 5.3% drop in year-over-year revenue
• 2.5% drop in stock price
• CEO Fired
* Source: KrebsonSecurity, May 2014
53. Attacking IoT
• Default, weak, and hardcoded credentials
• Difficult to update firmware and OS
• Lack of vendor support for repairing vulnerabilities
• Vulnerable web interfaces (SQL injection, XSS)
• Coding errors (buffer overflow)
• Clear text protocols and unnecessary open ports
• DoS / DDoS
• Physical theft and tampering
Education – Partnership – Solutions
Information Security
Office of Budget and Finance
54. Conclusion: Securely Embrace IoT!
• New challenges require new thinking!
• avoid operational siloes
• networking and convergence are key
• a sound security solution is integrated throughout
• build for the future
• Security must be pervasive
• inside and outside the network
• device- and data-agnostic
• proactive and intelligent
• Intelligence, not data
• convergence, plus analytics
• speed is essential for real-time decisions
55. The Secure IoT Architecture – IT Plus OT!
Services
Application Interfaces
InfrastructureInterfaces
New Business Models Partner Ecosystem
Applications
Device and Sensor Innovation
Application Enablement Platform
Application Centric Infrastructure
Security
APPLICATION AND BUSINESS INNOVATION
Data
Integration
Big Data Analytics
Control
Systems
Application
Integration
Network and
Perimeter
Security
Physical
Security
Device-level
Security /
Anti-tampering
Cloud-based
Threat Analysis
/ Protection
End-to-End
Data
Encryption
Services
57. Recommendations
Accommodate IoT with existing
practices:
• Policies, Procedures, & Standards
• Awareness Training
• Risk Management
• Vulnerability Management
• Forensics
Education – Partnership – Solutions
Information Security
Office of Budget and Finance
58. Recommendations
• Plan for IoT growth:
• Additional types of logging, log storage: Can you
find the needle in the haystack?
• Increased network traffic: will your firewall / IDS /
IPS be compatibleand keep up?
• Increased demand for IP addresses both IPv4 and
IPv6
• Increased network complexity– should these
devices be isolatedor segmented?
Education – Partnership – Solutions
Information Security
Office of Budget and Finance