ADLINK is a global leader in edge computing driving data-to-decision applications across industries. The company recently introduced I-Pi SMARC for Industrial IoT prototyping.

-       AdLInk I-Pi SMARC consists of a simple carrier paired with a SMARC Computer on Module

-       SMARC Modules are available from entry level PX30 Rockchip to top of the line Intel Apollo Lake.

-       SMARC modules are specifically designed for typical industrial embedded applications that require long life, high MTBF and strict revision control.

-       Use popular off the shelve sensors and create prototypes or proof of concepts on short notice.

Additional information can be found here

By: Kelly McNelis

We have faced unprecedented disruption from the many challenges of COVID-19, and PTC’s LiveWorx was no exception. The definitive digital transformation event went virtual this year, and despite the transition from physical to digital, LiveWorx delivered.

Of the many insightful virtual keynotes, one that caught everyone’s attention was ‘Digital Transformation: The Technology & Support You Need to Succeed,’ presented by PTC’s Executive Vice President (EVP) of Products, Kevin Wrenn, and PTC’s EVP and Chief Customer Officer, Eduarda Camacho.

Their keynote focused on how companies should be prioritizing the use of best-in-class technology that will meet their changing needs during times of disruption and accelerated digital transformation. Wrenn and Camacho highlighted five of our customers through interactive case studies on how they are using PTC technology to capitalize on digital transformation to thrive in an era of disruption.

Below is a summary of the five customers and their stories that were highlighted during the keynote.

1. Royal Enfield (Mass Customization)

Royal Enfield is an Indian motorcycle company that has been manufacturing motor bikes since 1901. They have British roots, and their main customer base is located in India and Europe. Riders of Royal Enfield wants their bikes to be particular to their brand, so they worked to better manage the complexities of mass customization and respond to market demands.

Royal Enfield is a long time PTC customer, but they were on old versions of PTC technology. They first upgraded Creo and Windchill to the latest releases so they could leverage the new capabilities. They then moved on to transform their processes for platform and variant designs, introduced simulation much earlier by using Creo Simulation Live, and leveraged generative design by bringing AI into engineering and applying it to engine and chassis complex custom forged components. Finally, they retrained and retooled their engineering staff to fully leverage the power of new processes and technologies.

The entire Royal Enfield team now has digital capabilities that accelerate new product designs, variants, and accessories for personalization; as a result, they are able to deliver a much-shortened design cycle. Royal Enfield is continuing their digital transformation trend, and will invest in new ways to create value while leveraging augmented reality with PTC's Vuforia suite.

2. VCST (Manufacturing Efficiency, Quality, and Innovation)

VCST is part of the BMT Group and are a world-class automotive supplier of precision-machined power train and brake components. Their problem was that they had high costs for their production facility in Belgium. They either needed to improve their cost efficiency in their plant or face the potential of needing to shut down the facility and relocate it to another region. VCST decided to implement ThingWorx so that anyone can have instant visibility to asset status and performance. VCST is also creating the ability to digitize maintenance requests and the ability to acquire about spare parts to improve the overall efficiency in support of their costs reduction goals.

Additionally, VCST has a goal to reach zero complaints for their customers and, if any quality problems appear to their customers, they can be required to do a 100% inspection until the problem is solved. Moreover, as cars have gotten quieter with electrification, the noise from the gears has become an issue, and puts pressure on VCST to innovate and reduce gear noise.

VCST has again relied on ThingWorx and Windchill to collect and share data for joint collaborative analysis to innovate and reduce gear noise. VCST also plans to use Vuforia Expert Capture and Vuforia Chalk to train maintenance workers to further improve their efficiency and cost effectiveness. The company is not done with their digital transformation, and they have plans to implement Creo and Windchill to enable end-to-end digital thread connectivity to the factory.

3. BID Group Holdings (Connected Product)

BID Group Holdings operates in the wood processing industry. It is one of the largest integrated suppliers and North American leader in the field. The purpose of BID Group is to deliver a complete range of innovative equipment, digital technologies, turnkey installations, and aftermarket services to their customers. BID Group decided to focus on their areas of expertise, an rely on PTC, Microsoft, and Rockwell Automation’s combined capabilities and scale to deliver SaaS type solutions to their own industry.

Leveraging this combined power, the BID Group developed a digital strategy for service to improve mill efficiency and profitability. The solution is named OPER8 and was built on the ThingWorx platform. This allowed BID Group to provide their customers an out of the box solution with efficient time-to-value and low costs of ownership. BID Group is continuing to work with PTC and Rockwell Automation, to develop additional solutions that will reduce downtime of OPER8 with a predictive analytics module by using ThingWorx Analytics and LogixAI.

4. Hitachi (Service Optimization)

Hitachi operates an extensive service decision that ensures its customers’ data systems remain up and running. Their challenge was not to only meet their customers uptime Service Level Agreements, but to do it without killing their cost structure. Hitachi decided to implement PTC’s Servigistics Service Parts Management software to ensure the right parts are available when and where they are needed for service. With Servigistics, Hitachi was able to accomplish their needs while staying cost effective and delighting their customers.

Hitachi runs on the cloud, which allows them to upgrade to current releases more often, take advantage of new functionality, and avoid unexpected costs.

PTC has driven engagement and support for Hitachi through the PTC Community, and encourages all customers to utilize this platform. The network of collaborative spaces in a gathering place for PTC customers and partners to showcase their work, inspire each other, and share ideas or best practices in order to expand the value of their PTC solutions and services.

5. COVID-19 Response 

COVID-19 has put significant strain on the world’s hospitals and healthcare infrastructure, and hospitalization rates for COVID brought into question the capacity of being able to handle cases. Many countries began thinking of the value field hospitals could bring to safely care for patients and ease the admissions numbers of ‘regular’ hospitals. However, the complication is that field hospitals have essentially no isolation or air filtration capability that is required for treating COVID patients or healthcare workers.

As a result, the US Army Corp of Engineers has put out specifications to create self-contained isolation units, which are fully functioning hospital rooms that can be transported or built onsite. But, the assembly needed to happen fast, and a group of companies (including PTC) led by The Innovation Machine rallied to help design and define the SCIU’s.

With buy-in from numerous companies, a common platform was needed for companies to collaborate. PTC felt compelled to react, and many PTC customers and partners joined in to help create a collaboration platform, with cloud-based Windchill as the foundation. But, PTC didn’t just provide software to this collaboration; PTC also contributed with digital thread and design advice to help the group solve some of the major challenges. This design is a result of the many companies coming together to create deployments across various US state governments, agencies, and FEMA.

Final Thoughts

All of the above customers approached digital transformation as a business imperative. They all had sizeable challenges that needed to be solved and took leadership positions to implement plans that leveraged digital transformation technologies combined with new processes.

PTC will continue to innovate across the digital transformation portfolio and is committed to ensuring that customer success offerings capture value faster and provide the best outcomes.

Original Post Link: https://www.ptc.com/en/product-lifecycle-report/liveworx-digital-transformation–technology-and-support-you-need-to-succeed

Author Bio: Kelly is a corporate communications specialist at PTC. Her responsibilities include drafting and approving content for PTC’s external and social media presence and supporting communications for the Chief Strategy Officer. Kelly has previous experience as a communications specialist working to create and implement materials for the Executive Vice President of the Products Organization and senior management team members.

About The Eclipse Foundation
The Eclipse Foundation provides our global community of individuals and organizations with a mature, scalable, and business-friendly environment for open source software collaboration and innovation.

Helium, the company behind one of the world’s first peer-to-peer wireless networks, is announcing the introduction of Helium Tabs, its first branded IoT tracking device that runs on The People’s Network. In addition, after launching its network in 1,000 cities in North America within one year, the company is expanding to Europe to address growing market demand with Helium Hotspots shipping to the region starting July 2020. 

Since its launch in June 2019, Helium quickly grew its footprint with Hotspots covering more than 700,000 square miles across North America. Helium is now expanding to Europe to allow for seamless use of connected devices across borders. Powered by entrepreneurs looking to own a piece of the people-powered network, Helium’s open-source blockchain technology incentivizes individuals to deploy Hotspots and earn Helium (HNT), a new cryptocurrency, for simultaneously building the network and enabling IoT devices to send data to the Internet. When connected with other nearby Hotspots, this acts as the backbone of the network. 

“We’re excited to launch Helium Tabs at a time where we’ve seen incredible growth of The People’s Network across North America,” said Amir Haleem, Helium’s CEO and co-founder. “We could not have accomplished what we have done, in such a short amount of time, without the support of our partners and our incredible community. We look forward to launching The People’s Network in Europe and eventually bringing Helium Tabs and other third-party IoT devices to consumers there.”  

Introducing Helium Tabs that Run on The People’s Network
Unlike other tracking devices,Tabs uses LongFi technology, which combines the LoRaWAN wireless protocol with the Helium blockchain, and provides network coverage up to 10 miles away from a single Hotspot. This is a game-changer compared to WiFi and Bluetooth enabled tracking devices which only work up to 100 feet from a network source. What’s more, due to Helium’s unique blockchain-based rewards system, Hotspot owners will be rewarded with Helium (HNT) each time a Tab connects to its network. 

In addition to its increased growth with partners and customers, Helium has also seen accelerated expansion of its Helium Patrons program, which was introduced in late 2019. All three combined have helped to strengthen its network. 

Patrons are entrepreneurial customers who purchase 15 or more Hotspots to help blanket their cities with coverage and enable customers, who use the network. In return, they receive discounts, priority shipping, network tools, and Helium support. Currently, the program has more than 70 Patrons throughout North America and is expanding to Europe. 

Key brands that use the Helium Network include: 

• Nestle, ReadyRefresh, a beverage delivery service company
• Agulus, an agricultural tech company
• Conserv, a collections-focused environmental monitoring platform

Helium Tabs will initially be available to existing Hotspot owners for $49. The Helium Hotspot is now available for purchase online in Europe for €450.

To participate in the 2020 IoT Developer Survey, organized by the Eclipse IoT Working Group, simply click here.  This survey should take less than 10 minutes to complete.

by Jack Ganssle

jack@ganssle.com

Recently our electric toothbrush started acting oddly – differently from before. I complained to Marybeth who said, “I think it’s in the wrong mode.”

Really? A toothbrush has modes?

We in the embedded industry have created a world that was unimaginable prior to the invention of the microprocessor. Firmware today controls practically everything, from avionics to medical equipment to cars to, well everything.

And toothbrushes.

But we’re working too hard at it. Too many of us use archaic development strategies that aren’t efficient. Too many of us ship code with too many errors. That's something that can, and must, change.

Long ago the teachings of Deming and Juran revolutionized manufacturing. One of Deming's essential insights was that fixing defects will never lead to quality. Quality comes from correct design rather than patches applied on the production line. And focusing on quality lowers costs.

The software industry never got that memo.

The average embedded software project devotes 50% of the schedule to debugging and testing the code. It's stunning that half of the team’s time is spent finding and fixing mistakes.

Test is hugely important. But, as Dijkstra observed, testing can only prove the presence of errors, not the absence of bugs.

Unsurprisingly, and mirroring Deming's tenets, it has repeatedly been shown that a focus on fixing bugs will never lead to a quality product - all that will do is extend the schedule and insure defective code goes out the door.

Focusing on quality has another benefit: the project gets done faster. Why? That 50% of the schedule used to deal with bugs gets dramatically shortened. We shorten the schedule by not putting the bugs in in the first place.

High quality code requires a disciplined approach to software engineering - the methodical use of techniques and approaches long known to work. These include inspection of work products, using standardized ways to create the software, seeding code with constructs that automatically catch errors, and using various tools that scan the code for defects. Nothing that is novel or unexpected, nothing that a little Googling won't reveal. All have a long pedigree of studies proving their efficacy.

Yet only one team out of 50 makes disciplined use of these techniques.

What about metrics? Walk a production line and you'll see the walls covered with charts showing efficiency, defect rates, inventory levels and more. Though a creative discipline like engineering can't be made as routine as manufacturing, there are a lot of measurements that can and must be used to understand the team's progress and the product's quality, and to drive the continuous improvement we need.

Errors are inevitable. We will ship bugs. But we need a laser-like focus on getting the code right. How right? We have metrics; we know how many bugs the best and mediocre teams ship. Defect Removal Efficiency is a well-known metric used to evaluate quality of shipped code; it's the percentage of the entire universe of bugs found in a product that were removed prior to shipping (it's measured until 90 days after release). The very best teams, representing just 0.4% of the industry, eliminates over 99% of bugs pre-shipment. Most embedded groups only removed 95%.

Where does your team stand on this scale? Can one control quality if it isn’t measured?

We have metrics about defect injection rates, about where in the lifecycle they are removed, about productivity vs. any number of parameters and much more. Yet few teams collect any numbers.

Engineering without numbers isn’t engineering. It’s art.

Want to know more about metrics and quality in software engineering? Read any of Capers Jones’ books. They are dense, packed with tables of numbers, and sometimes difficult as the narrative is not engaging, but they paint a picture of what we can measure and how differing development activities effect errors and productivity.

Want to understand where the sometimes-overhyped agile methods make sense? Read Agile! by Bertrand Meyer and Balancing Agility and Discipline by Barry Boehm and Richard Turner.

Want to learn better ways to schedule a project and manage requirements? Read any of Karl Wiegers’ books and articles.

The truth is that we know of better ways to get great software done more efficiently and with drastically reduced bug rates.

When will we start?

Jack Ganssle has written over 1000 articles and six books about embedded systems, as well as one about his sailing fiascos. He has started and sold three electronics companies. He welcomes dialog at jack@ganssle.com or at www.ganssle.com.

“We won't stop until we see every vehicle on the road being electric,” said Elon Musk, the person who works to revolutionize transportation both on earth and in space. “China is about to ban the internal combustion engine,” said a mining financier, Robert Friedland. Tesla Model 3 needs approximately 65 kilograms of copper per vehicle. Cities are now demanding zero-emission buses. Whether it’s electric cars, buses, trucks, solar energy or wind energy generation – as we transit to a sustainable world, we need more copper, nickel, cobalt, lithium, platinum, palladium, zinc and aluminum. That’s why, mining products will be in huge demand. Nevertheless, in the present world, these minerals and other mining products are already a backbone for most industries.

However, just because mining products are vital to run industries and build a low-carbon future, it doesn’t mean that the society should turn a blind eye to the damages caused due to mining operations.

Concerns from communities and governments regarding the environmental effects of digging up the earth to extract metals and minerals is battering the sector. Also, current investors have become restless and new investors are reluctant to finance mining activities as mining operations have not altered significantly since decades. This puts pressure on mine owners to bring a change in traditional mining practices. Such a situation drives many mine owners to bring data-driven practices into their routine mining operations.

Like most industries, the technology that disrupts the traditional ways of mining will be a significant driver of change in mining. The goal is to make mining more effective, sparing, energy intensive and environmental-friendly.

From decades, the mining industry has been deploying PLC and SCADA systems for monitoring and controlling. But these monitoring and control systems are generally proprietary systems and offer limited interoperability with other systems. This is where IoT-based systems prove to be advantageous. IoT-based systems are based on open and highly connected Internet Protocol (IP) network structure. Such open network architectures enable current mining operations to move toward the next generation of smart mining.

Let's look at how IoT implementation empowers mine owners with its ability to transform traditional mining practices and:

Say NO to carelessness

Since the advent of mining, fires and explosions are serious safety issues. Specifically, in coal mines, spontaneous coal seam combustion turns into a catastrophe mainly due to carelessness. Besides, in the biggest coal producer nation like China, approximately 25.1% of their main coal mines are extremely gaseous mines, which after burning could lead to a disaster. Also, the environment surrounding mines can be vulnerable during combustion as massive quantities of toxic gases, including CO2, CO, SO2 and H2S, are emitted when a mine catches fire. Therefore, prevention and protection from fires is important for secured mining production as well as the global environment.

The mechanism of spontaneous combustion of the coal seam is like a typical spontaneous combustion, which requires oxygen. Hence, measuring the concentration of O2 is the key. In addition to O2, other gas contents, such as CO, CO2, N2, CH4, C2H4, C2H6, Rn and so forth, can be evaluated to detect spontaneous coal combustion at the surveillance spot.

As shown in the image above, an IoT-based system continuously monitors the sensed values and displays them to remote users through a web dashboard. Besides, the system can send alerts to such users in the case of detecting abnormal values and it can activate mitigation devices (e.g., forced ventilation) to decrease gas concentrations smartly.

Say NO to waste of resources

There is an increasing demand of mining products, mining equipment and resources – such as conveyors, shearers, boring machines, hydraulic pump stations, hydraulic support stations, crushers, loaders, motor vehicles, water pumps and ventilation fans – to run mining operations continuously. Moreover, to increase profitability form the existing resources, mine owners need an effective and safe resource management platform that can bring resource wastage time to zero. In such situations, an IoT network can help mine owners or managers to know the locations of these expensive resources and its usage statistics. Further, the underground staff can also be monitored via an IoT network.

Dundee Precious Metals sets the best example for this. They have deployed nearly 280 wireless access points over 50 km (31 miles) of tunnels in their flagship gold mine placed in Chelopech, Bulgaria. The firm quadrupled production from 0.5 million to 2 million tons by using an IoT-based system to track miners and vehicles locations, monitor vehicles status and automate safety and maintenance operations.

An IoT-based system is not only helpful to mine owners but original equipment manufacturers (OEMs) as well. The open connectivity of IoT architecture enables OEMs to monitor their product performance in their lifetime, even after the product is sold. Such data can be used to initiate a new revenue stream and to improve product design as well.

Say NO to casualties

In the case of a calamity, miners are taught to escape from the mine first with handy self-rescue equipment and enter a refuge alternative when escaping is cut off. Refuge alternatives are designed to provide 96 hours of breathable air, food and water for underground staff. Although refuge alternatives are only planned for use in post-accident occurrences, so their functionality should be checked periodically to ensure that they are working as intended in an emergency. In addition, a system should be in place to signal the surface instantly when a refuge alternative is triggered after a calamity. One way to monitor a refuge alternative's feasibility status from the ground is to attach sensors, such as a magnetic switch sensor, air quality and temperature sensors to the door of a refuge alternative. These sensors detect the occupancy status, air quality and temperature to ensure that a refuge alternative always stays safe.

To sum up, whether you need to cut expenses, lessen downtime, increase productivity or reduce environmental footprint – an IoT-based system is the right choice.

Having a smart home is all well and good until you become a victim of data leakage. 

This is not a discouragement against IoT implementation into your home, however. The Internet of Things market has been on the rise, and thanks to that, even our homes have become smarter. We don’t have to worry about doing our laundry, or making coffee manually anymore. With just a command we can do these things without having to move away from that comfy couch. 

But over the last couple of years, some incidents have shown that the matter of smart homes might not be all it’s hyped up to be. Just like everything, IoT implementation in smart homes has a bright and a dark side, but it seems the dark side is more sinister than the bright one. 

Incident one:

The combined research conducted by Northeastern University and Imperial College of London has shown how consumer devices are not to be trusted when dealing with client data. The researchers conducted 34,586 controlled experiments on 81 different IoT devices, 46 of which are from the US and 35 are from the UK, and this is what they found out-

• 72 out of these 81 devices are connecting to services that are not the first party. Which means they are connecting domains and addresses that have no business connecting to the device. 
• The research showed that 56% of the US devices and 83.8% of the UK devices were connecting to domains that were not in their region. 
• The safety of the data on an online connection depends on the level of encryption, but here’s the kicker- according to the research, all the tested devices have at least one plain-text flow, which means at least one data flow from all the devices is non-encrypted. Not to mention, any cyber-evesdroppers can analyze device traffic, encrypted or not, and figure out the user and device behavior. 

But in any case, this is just research. What happens when a smart home management platform leaves a server with important user data exposed on the internet without any password or protection?

Incident Two:

Around mid-June, the security team at vpnMentor, lead by security researchers Noam Rotem and Ran Locar, spotted a completely exposed server containing the customer details of 2 million users, including their usernames, passwords, and password reset codes. 

The server in question belongs to a Chinese smart home management platform Orvibo. Their smart home management Smartmate helps users control every aspect of their smart home, from security to closing the curtains. 

Not only a smart-home management system, but Orvibo also deals in self-manufactured smart home products such as smart light bulbs, HVAC systems, home entertainment systems, security cameras, smart power plugs, and many more. 

The open server containing user information poses a huge threat to everyone who’s data has been exposed. Since the data breach being exposed, Orvibo has taken steps to secure the server. Even then, the data breach can have serious repercussions for the users. What are these repercussions though? Let’s find out what can happen to your data if it is leaked by your smart home device. 

What will happen if your data is breached?

When hearing about IoT and data breach, the user can have two kinds of reactions.

One group would panic, and probably stop using all kinds of smart devices. 

Another group would ask so what if their data is being breached? And this point is to answer the question for the latter group. 

There is a reason why smart home security is something to be concerned about. The personal and sensitive data, the users enter in order to run the devices, can be manipulated in various ways, and each one would only harm the users. 

So what are the ways hackers can manipulate the IoT devices and data that make your home smart?

1. Manipulating The Devices

The first thing you might do after getting a smart device for your home is to configure its username and password. 

However, this is not a widespread practice. Most people often end up using the same default username and password the device came with, which means that it’s going to be super easy for the hackers to get your data and gain access to your device. And from there on, it’s an open sandbox for them to play with. They can do whatever they want with your device, but there’s one guarantee- whatever they do is not going to do you any good. 

2. Holding Your Data And Device For Ransom

The ransomware attack is the most familiar in the IoT industry. Through this, what the hacker usually does is that they would gain access to an IoT device, and cut off the legitimate user’s access. Then they would ask for a ransom for restoring the user’s access to that device. 

While this may not seem to be as dangerous, it is a serious threat. Once the hackers have gained access to your data, they can use it for many malicious ends, things you don’t even have any idea about. And not to mention, there is no guarantee that they would give you back the access to your data once you pay them. And that’s why implementing some serious security protocols in place is needed to prevent your device and data from ransomware attacks. 

3. Doing Serious Damage To Your Home

This one might seem a little petty, but here we go anyways. 

Imagine having a smart thermostat, which you can control using online access. Now imagine going out on a vacation with your family, making sure that everything around the house is shut down, even the thermostat. However, when you get back, you see that the thermostat turned up to its highest setting on its own, melting every plastic thing in your house. 

But did it happen on its own? How are you going to find out whether it just happened or someone purposefully hacked into your smart home system and used the thermostat to seriously damage your home? Stealing the authorization details, hackers can do this for multiple reasons, ranging from personal vendetta to trivial entertainment because they were bored. Either way, it is your home that will be damaged. 

4. Actively Robbing Your Home

When details such as passwords and user IDs, along with device IDs are being sent to an unknown third-party domain without any encryption, the data can be used in many ways, and one of them can be to rob your home. 

Think about how a hacker-robber group can hack into the security system of your home, disable it and then walk into your home to steal everything from you. This is a bold use of smart home data breaches, and it can be quite fatal in case someone is home when they decided to hit the house. In this case, the loss of data security can result in serious loss of physical property as well. 

5. Launching A Botnet Attack

Last but not least, gaining access to your IoT smart home devices, the hackers can turn these devices into zombie devices and launch a botnet attack. A botnet is a number of internet-connected devices. Each of these devices is running one or more bots, which can be used to perform distributed denial-of-service attacks. 

Through this, the hackers can also steal important data, send spam emails, getting the attacker access to the device, this is not only going to create a problem for you but others as well. 

With a DDoS attack, the botnets can connect to a website, generating so much traffic that the website crashes, leaving them vulnerable for many data exploitations. Using your IoT device, the hackers can launch a similar botnet attack to that of the Mirai Botnet attack of 2016. The Mirai botnet attack brought down a french host OVH. and that’s how your smart home devices can be turned into a weapon to bring down popular websites around the world. 

What Is Going To Be The Solutions?

Every problem has a solution, and so does this one. 

There have been plenty of solutions suggested for the data security of IoT devices. But so far only two of these solutions stand out. One is the use of machine learning, another being Blockchain. 

The Machine Learning Solution For Smart Homes

Rather than looking for a security solution for each device, AI and machine learning can create a shield of security for all the IoT devices for your home network. Deep learning and machine learning can not only monitor each and every device connected to the network, but they can also detect and prevent any unwanted and unknown device trying to connect with the home network. 

The use of AI comes in handy when analyzing the network traffic. This way the AI can keep up with the general traffic flow of each of the devices and detect any anomalies in the normal flow of traffic. Which means fewer chances of any hackers getting inside your home network. You can check out these top 10 highly performing smart home apps making it big.

Along with these benefits, the use of Machine learning and deep learning can also detect botnet activity, manage device authentication and access management. This way they can manage to give your smart home network 360-degree security without worrying you. 

The Blockchain Solution To All Things Smart-homes

The main problem with the smart home network is the centralization of data, which could be easily hacked into. And that’s why Blockchain can provide a decentralized solution to this problem. 

Once the smart home IoT systems start utilizing the blockchain system for data communication, the security will increase tenfold, because it is close to impossible to hack into a blockchain network and change the data. To do so, the hacker would have to have control of 51% of the devices connected, and when the number of connected devices spans millions, it can be a little tough. 

Not to mention, blockchain in IoT will end the trend of data monopolization. Your data won’t be a subject of daily business deals with large conglomerates. Blockchain can bring affordability and security for smart homes that people have been asking for a long time.

Conclusion 

So does it mean you should not be using smart home technology?

The answer is no, absolutely not. It is undeniable that smart home technology has its own benefits and you should be able to take advantage of that. But only after you have made sure of your data security. Once you have made sure that all the devices you are using are secure. You can make use of IoT devices for your home as much as you want. Always remember that the security measures for your home IoT devices are not a matter of joke.

When Refrigerators Attack - How Cyber Criminals Infect Appliances, and How Manufacturers Can Stop Them

Alan Grau, VP of IoT, Embedded Systems, Sectigo

Homes and businesses worldwide are vulnerable to attacks from cyber thieves and other bad actors – and not just through their computer networks. The embedded electronics inside appliances present an easy path of entry. It’s already been happening. According to Business Insider and Proofpoint, one of the first refrigerator incidents occurred in late 2013 when a refrigerator-based botnet was used to attack businesses.

Some of these attacks, such as infecting appliances with botnet malware, don’t really have much effect upon a family’s security and safety. In fact, if a “smart” refrigerator gets infected by a bot, the homeowner might not even notice anything wrong.

However, connected-appliance based cyberattacks are not limited to just refrigerators – and they are rarely one-off incidents. Almost any type of appliance can be hacked and used to host a botnet that could attack the web. According to Wired Magazine, a botnet of compromised water heaters, space heaters, air conditioners and other big power consuming home appliances, could suddenly turn on simultaneously, creating an immense power draw that could cripple the country’s power grid.

A bot, quite simply, is an infected computer. Many cyberattacks, like the Mirai Malware and the Dyn attacks, infect a network of computers, including “smart” connected devices such as home appliances, security cameras, baby monitors, air conditioning/heating controls, televisions, etc., and turn them all into compromised servers. These compromised servers then act as nodes in an attack and together create a botnet. They can participate in a variety of coordinated attacks, infecting other devices and expanding the network of bots, or participating in Denial of Service attacks.

Caption: A bad actor or cyber criminal can send infected messages to a home or business network that targets various appliances or machines. Once infected, that machine is under the control of the bad actor and can be used to send out thousands of infected messages to new targets worldwide. The botnets can also send out millions of dummy messages to a single target – overwhelming it and putting it out of service. 

Without any apparent symptoms or notice, a criminally enhanced refrigerator could be generating and sending out thousands of attacks every minute. In addition to the homeowner or business manager never realizing what is going on, these attacks may be unstoppable until unless the machine itself is disconnected from its web connection.

Additionally, the infected refrigerator could spread malware from the kitchen to the home’s “smart” TVs, to the home’s computer networks, to other smart devices in the home, and even to connected smart phones. Every target could be transformed into malicious bots that distribute millions of infected spam messages and cyber-attacks.

So how do we combat this threat?

Unfortunately, end users really have no power to fix this problem. There is probably no way for a homeowner, office manager – or even an experienced refrigerator repair person – to talk to a refrigerator’s electronics. No way to get into the appliance’s software and middleware to identify and kill an infection. However, if the homeowner suspects an infection, they could disconnect the refrigerator from the its internet connection to make it “dumb” again.

Fridge caught sending spam emails in botnet attack - In the first documented attack of its kind, the Internet of Things has been used as part of an attack that sent out over 750,000 spam emails

It is up to device manufacturers to protect against these attacks. 

So how do manufacturers combat this type of attack? How can they ensure that appliances in homes and offices do not get infected to cause mayhem?

Security starts in the design process for the refrigerator itself, as well as for the appliances’ various electronic components and control surfaces. Most appliance manufacturers get their control sub-assemblies from a wide network of smaller manufacturers, sometimes with a worldwide supply chain. These suppliers need to make sure that the chips and sub-assemblies they use are secure from hacks.

Two important security practices can be utilized by appliance makers:

• Embedded Firewall with blacklist and whitelist support – Protect appliances and edge devices from attacks by building firewall technology directly into the appliance. An embedded firewall can review incoming messages from the web or over the home network and, via a built in, and regularly updated blacklist, reject any that are not previously approved.

• Secure Remote Updates and Alerts – Validate that the firmware inside the device is authenticated and unmodified before permitting installation of any new firmware updates. Updates ensure the incoming software components have not been modified and are authenticated software downloads modules from the appliance manufacturer.

Most consumer and device manufacturers have heard about the potential for attacks on smart devices like door locks, baby monitors, and home thermostats, but this risk awareness needs to expand to types of connected systems – including appliances. An infected refrigerator sending out malware is not just a funny story. These systems have been attacked and used to spread malware.  Ensuring the security of these devices is necessary to protect home network, slow the spread of malware and even protect credit card numbers or other personal data stored in smart home devices.

# # #

EXTRA PROOF POINT FOR COLUMN

Refer to: https://www.cnet.com/news/fridge-caught-sending-spam-emails-in-botnet-attack/

 Author Bio - Alan Grau, VP of IoT, Embedded Solutions, Sectigo

Alan has 25 years of experience in telecommunications and the embedded software marketplace. He is VP of IoT, Embedded Solutions IoT at Sectigo, the world’s largest commercial Certificate Authority and provider of purpose-built, automated PKI solutions. Alan joined Sectigo in May 2019 as part of the company’s acquisition of Icon Labs, a leading provider of security software for IoT and embedded devices, where he was CTO and co-founder, as well as the architect of Icon Labs' award-winning Floodgate Firewall. He is a frequent industry speaker and blogger and holds multiple patents related to telecommunication and security.

Prior to founding Icon Labs, Alan worked for AT&T Bell Labs and Motorola.  He has an MS in computer science from Northwestern University.

About Sectigo

Sectigo provides award-winning, purpose-built and automated PKI management solutions to secure websites, connected devices, applications, and digital identities. As the largest commercial Certificate Authority, trusted by enterprises globally for more than 20 years, and more than 100 million SSL certificates issued in over 200 countries, Sectigo has the proven performance and experience to meet the growing needs of securing today’s digital landscape. For more information, visit www.sectigo.com.

The Internet of Things promises a smart, fully-connected world where physical objects and services are interlinked to benefit society. According to a Statista report, by 2020 the number of IoT-enabled devices worldwide will reach 30.73 billion. From smart home appliances to connected medical devices to self-driving cars — we are moving full steam ahead towards the Internet of Everything.

But such ubiquitous connectivity raises many concerns regarding safety, and rightfully so. In October 2016, Mirai, arguably the most infamous IoT botnet, caused major disruptions and resulted in several high-profile Internet services inaccessible. 

With the continuously expanding IoT attack surface, the existing security practices often fall short. To address the new threat landscape, engineers harness the power of machine and deep learning to deliver robust, secure IoT solutions for a safer connected world.

Network traffic analysis

The sheer amount and diversity of IoT devices make it extremely difficult for network administrators to reliably monitor M2M and M2H interactions. Various network communication protocols — Bluetooth, Zigbee, WiFi, LoRaWAN, MQTT — add another layer of complexity.

To tackle the challenge at hand, researchers are leveraging machine learning to analyze IoT device traffic and establish legitimate behavioral profiles. Trained to recognize baseline behavior, ML algorithms can successfully detect any traffic anomalies and intrusions. Unsupervised learning goes further and detects even previously unseen attacks, helping to boost IoT security.

Botnet activity detection

The above mentioned Mirai botnet managed to infect over 600,000 IoT devices to pull off one of the largest DDoS attacks on record. The thing with IoT botnets is that they work silently, without compromising the infected device performance..

Traditional signature-based botnet detection methods prove ineffective as bots with slightly different signatures can go undetected. The same goes for zero-day attacks. Deep learning, in its turn, has the potential to improve botnet detection and enhance cybersecurity. As one of the options, researchers suggest using deep autoencoders — unsupervised neural networks — that can learn complex patterns and detect infected IoT devices with low false alarm rates.

IoT device authentication

Viewed as the first line of security, authentication ensures that users and devices can be trusted to be what they declare to be. In large IoT ecosystems with millions of connected devices, strong authentication becomes as important as it is challenging.

In addition to network heterogeneity and complexity, limited computational ability and power of IoT-enabled devices do not allow using traditional authentication techniques. Minimal storage capacity of embedded systems also contributes to the complexity.

Machine learning offers new capabilities in enforcing secure authentication and improving resistance to identity-based spoofing attacks. Recent researches demonstrated the success of deep learning-based RF fingerprinting for highly accurate IoT device identification based on RF emissions. 

IoT access management

Another pillar in IoT security, access control helps keep unauthorized users and devices away from protected network resources. Given the complexity of IoT ecosystems and enormous amounts of IoT-generated data, static, context-unaware access control rules cannot ensure adequate levels of protection.

Keeping in mind these limitations, a reinforcement learning model can be applied to dynamically optimize access control policy. The model continues to improve over time and takes into account multiple contexts that smart devices are used in. The authors also suggest leveraging blockchain technology to provide a distributed access control architecture that can be a better fit for a decentralized IoT environment.

Summing up

As the number of connected devices is growing at a breathtaking pace, IoT security remains top of mind for manufacturers, enterprises, and consumers alike. An IoT ecosystem is only as strong as its weakest link. Without proper security in place, an infected IoT device cannot only compromise thousands of others but give access to your personal information or participate in a massive DDoS attack. 

New security threats and vulnerabilities require new approaches, and machine learning lends itself well to the challenge. From detecting anomalous behavior of IoT devices to accurate fingerprinting to adapting access control policy, machine and deep learning help enhance IoT security.

The smart technology of IoT or Internet of Things is really changing the technological landscape from all aspects. It is a network of connected devices that work through exchanging data between each other through a cloud network.

IoT technology has had a deep impact on the world of technology and web development is one of them. You might ask how these two things are connected, well, as it turns out, IoT devices need to work with web development because it needs both a front-end and back-end development, and that is where web development comes in. in the past few years, IoT has changed the web development in a lot of ways. Here are a few examples of that. 

• Continuous Website Optimization

Internet of Things is a constantly evolving sector and there is no possibility of this stopping soon. And that is why the web developers have to constantly keep on optimizing their websites to match the evolving nature of the website. This is the only true way to stay relevant in the industry of IoT.

• Raising The Bar On The Expertise

IoT has definitely increased the bar on the expertise when it comes to the knowledge of coding and framework. IoT developers need better knowledge of web development languages and database management. 

This need for advanced knowledge has definitely raised the bar for the developers to enter the game. They can’t just start with web development with just JavaScript knowledge anymore. They need serious knowledge of coding today. That’s hiring a reliable web development company in NYC is a necessity. 

• Speed Of Data Transaction

The traditional data process is through request analysis by web servers. But this process is not useful when it comes to IoT. for IoT devices, the data transaction speed is much higher and that is why the traditional process is replaced by the cloud data transmission process. This way the devices work faster by transmitting data faster.

• Need For An Increase In Security

IoT devices are more prone to get hacked and manipulated by hackers. And that is why web developers have to up their security game. A normal security protocol for web development is not enough for IoT devices. They need stricter security design pattern for the connected device's network to keep it safe for the users. You can follow the best practices for mobile app security here as well. 

• Power Management Needs

On an IoT network, the programs that run in the background drain a lot of power. This results in decreased communications and work. And that is why web developers have to design the layout in such a way that it will minimize the amount of power being used. Before you go forward with the web development plan for IoT device network, you have to design a power management plan.

• Dynamic UI

The normal UI design process by web developers has changed a lot due to the IoT industry. And that is why the developers have to rethink their UI development approach. Following the best practices to develop IoT based designs is the right way to go for web developers today. 

The impact of IoT is all-encompassing and even web development is not out of its impact. The developers have to change the normal practices they used to follow to match pace with the constantly evolving process of Internet of Things. Above mentioned are only a few ways IoT is effecting web development. The impact is even deeper than you think and it is going to get even deeper with time. 

Bad Cars: Anatomy of a Ransomware Attack

By Alan Grau, VP of IoT, Embedded Systems, Sectigo

TV and science fiction writers have let their imaginations run wild with theories about what could happen if your car was attacked by bad actors. There have been a few real-world cases where white-hat hackers and researchers have been able – in limited, controlled instances – to actually penetrate a car’s electronics and communications systems, take over the car’s steering and acceleration systems, and potentially do real damage.

However, there are other scenarios that might not be as obvious or as dramatic.

For example, what if your car’s computer was infected by a virus that greatly reduced the engine’s efficiency or capped the car’s maximum driving speed? What if the virus did something less dramatic, such as make the car unable to lock the controls for automatic window operation, or simply prevent the car from starting? No one would die, but the car owner would be very upset, posing a disaster for the automobile’s manufacturers.

Motor City Ransomware

Electric Vehicles require sophisticated control and safety technologies for their electrical power systems to safely manage the high voltages that store and distribute from their battery systems. If something goes wrong, the car cannot operate, people could get electrocuted, or the car could burst into flames or explode. These are real dangers that are managed by the car’s network of fuses, circuit breakers, and control systems.

What would happen if a cyber hacker got into these sensitive electronic systems and turned off the safety and control system?

Why would someone do this? Money, of course.

Suppose the bad guys successfully penetrated and infected these vehicles? Imagine now that they had the software or security keys that could fix these problems, but hold them as ransom, jeopardizing an automaker’s entire fleet of new cars.

How many millions (or tens of millions) of dollars would the automaker pay to get that solution? Holding a manufacturer hostage is a very real possibility, as evidenced by the results that today’s hackers are getting by attacking hospitals and cities and successfully extracting substantial ransoms to just return these institution’s data. In a recent WIRED article, The Biggest Cybersecurity Crisis of 2019 So Far, which discusses the risks to “things” and across supply chains, the FBI explained, "We are seeing an increase in targeted ransomware attacks. Cyber criminals are opportunistic. They will monetize any network to the fullest extent.”

Pre- and Post-Assembly Infections

It is possible that cars could be infected before they even hit the auto dealers’ lots. Bad actors have the capability to infect a small electronic part, essential to the auto manufacturing food chain, purchased from one of the hundreds of component suppliers.

How could auto manufacturers possibly test each electronic element? It is almost impossible - and requires that parts manufacturers themselves take more care in their software development process to ensure the software in these components are not infected during manufacturing process, or during the testing and shipping processes.

Of course, cyber infections could happen on the actual assembly line where the cars are put together. With many car manufacturing plants using IoT connected robots and machines, there is always a possibility of infection happening on the assembly line.

These components could even become infected after assembly, during the manufacturers’ testing and process. Infection, during installation, or with after-market parts and upgrades, could arise after the vehicles arrive at the dealers’ facilities.

Already aware of the possibility and the potential disastrous effects of infected cars reaching the market, manufacturers throughout the supply chain need to become more aware of how their devices could be attacked and infected even before they leave the warehouse. This means embedding IoT security from day one - from the smallest electronic components to final assembly of motors, transmissions and other large vehicle components.

About Sectigo

Sectigo (formerly Comodo CA) provides award-winning, purpose-built and automated PKI management solutions to secure websites, connected devices, applications, and digital identities. As the largest commercial Certificate Authority, trusted by enterprises globally for more than 20 years, and more than 100 million SSL certificates issued in over 200 countries, Sectigo has the proven performance and experience to meet the growing needs of securing today’s digital landscape. For more information, visit www.sectigo.com.

Heavy equipment is mainly used extensively in industries such as construction, oil and gas, mining, forestry, energy, civil engineering, military engineering, transportation, and many others. Industrial heavy machines include construction equipment, wheel loaders, oilfield pieces, manufacturing equipment, earthmovers, hydraulic cranes, bulldozers, oversized trucks, forklifts, and more. Organizations rely on heavy machinery to speed up production and to avoid human errors or health risks.

With developments in IoT, it is possible to decrease equipment downtime while improving the efficiency of the output. Companies that supply industrial machinery and components are seeing strong interest in connected machinery and components which providing many IoT consulting Companies. IoT-powered asset management solutions offer a host of benefits, including predictive maintenance to prevent equipment failure, increased asset reliability, improved asset health, accident avoidance in the workplace, and downtime reduction.

Smart Asset Monitoring with IoT

Safety of personnel and assets, theft or pilferage of assets, accidents and resulting injuries, and bottlenecks in the supply chain are some of the common challenges that are prevalent in asset-intensive industries like manufacturing, utilities, construction. By improving visibility into day-to-day operations, replacing legacy systems with an integrated solution and automating manual processes, many of these challenges can be overcome. 

Digitalization, combining connected devices with IoT-based solutions, can help to overcome these issues. End-to-end clarity on the status of the equipment enables improved decision-making, increases asset reliability, and also improves the people and process efficiency. With the advances in technology, mature organizations have heavy machinery that is computerized, automated and enabled with connectivity and big data analytics, which increases the efficiency of the overall product development process.

Use cases: IoT in heavy machinery management

Let’s take a look at some of the use cases where IoT is transforming the way heavy equipment and related assets are managed.

Smart heavy equipment in warehouse management

Material handling equipment like trucks, forklifts, pallet trucks, and pump trucks are very important for any warehouse to perform daily activities such as loading, unloading, transporting goods to different areas, and picking goods from risky areas. Needless to say, these machines and their operators need to be managed properly to minimize the chances of accidents. Warehouse operators need to take preventive measures for vehicle accidents and injuries that occur while from shifting material, and take proper care while handling hazardous materials.

Today, futuristic warehouses are using driverless robotic equipment to assist in picking and moving operations. Guidance systems like global positioning system (GPS), lasers, and radio-frequency identification (RFID) are used in such warehouses and equipment.

For example, advanced driverless pallet trucks and forklifts are equipped with audible warnings and lights and have built-in sensors to detect obstructions. These sensors come with lasers or camera systems, which are positioned to detect objects and activity from the floor and are able to determine the height and distance around all sides of vehicles and warehouse corners. This makes the equipment intelligent – it knows when to slow down and stop to avoid a collision.

With the recent advances in IoT for warehouse equipment, the market has a new breed of smart forklifts that come equipped with 360-degree detection forklift antenna, which is able to detect when the workers come into forklift zone. When a worker is detected within the predefined danger zone, audio and visual alarms are set off inside the forklift cab to alert the driver. This helps to reduce the risk of injuries and property damage.

Smart heavy equipment in the construction sector

According to a MarketandMarkets report, the heavy construction equipment market size is estimated to grow from USD 121.46 Billion in 2015 to USD 180.66 Billion by 2020, at a CAGR of 7.0%. Depending on the construction application, heavy machines are mainly categorized into four types:

• Earth moving equipment
• Construction vehicles
• Material handling equipment
• Construction equipment

Wireless technology has a huge impact on the construction industry to provide connectivity for heavy equipment. These machines use technology-enabled devices combined with cloud computing, allowing storage and sharing of data.

IoT is playing a key role in boosting productivity, improving preventive maintenance, minimizing downtime, and reducing repair costs. Sensors integrated with the equipment are able to detect and send automated alerts related to the status of the equipment systems and parts. They can also compile and analyze usage and maintenance data, helping with preventive and predictive maintenance.

One of the major problems in the construction industry are injuries caused due to accidents involving people and heavy equipment. As the number of heavy equipment continues to rise, the risk also increases. IoT can help to make the equipment smarter and safer.

Additionally, IoT can help to track assets as they move around the site, or to a different site, ensuring that the assets are never stolen or lost – an ongoing issue on large construction sites that causes delays and decreases productivity.

Smart heavy equipment in transport and logistics

Transportation and logistics businesses want to optimize the supply chain. Many transportation companies are already using mobile devices, such as barcode scanners, mobile computing devices, and radio frequency identification (RFID) to solve challenges related to the supply chain. With RFID, many companies are achieving a high level of shipping and receiving accuracy, inventory accuracy, and faster order processing, along with a reduction in labor costs.

However,  due to drivers’ careless behavior, while driving heavy trucks or conveyors, company owners have to shell out a big amount for accident-related injuries, material loss or shipping delays. By using advanced technology that is capable of monitoring driver’s behavior and delivering alerts in case of possible collisions, the risk of these issues can be minimized.

Computer vision-based techniques and ADAS solutions, with a number of onboard sensors, can help with lane detection, traffic signal detection, driver behavior detection, GPS tracking, fuel management, report generation, notification alert, and predictive maintenance.

Using such solutions, the driver receives support to detect and avoid accidents. It is also possible to monitor a driver operating a heavy machine and automatic alerts can be generated if the driver is sleepy or inactive for a long duration.

Another effective solution for tracking of heavy machines/vehicles is based on installing GPS fleet tracking devices on the vehicles to gain real-time data updates. This is an efficient and secure solution that helps to resolve issues related to operational inefficiencies, theft, and fleet maintenance, increasing the overall productivity of the machines and vehicles.