JB Systems Media and Tech Covering the High-Tech Semi-Electronics-Systems Industries
IoT Insight event highlighted building automation, software gateways and silicon hardware security from Intel, Rudin Management, Wind River, and McAfee.
By “IoT Embedded Systems” Staff
Intel has been working hard to create a platform and ecosystem that makes it easier for engineers to create Internet-of-Things (IoT) applications. For example, the latest iteration of the Edison platform is helping to move IoT to mainstream deployments with a repeatable foundation of customized building blocks for a great many solutions.
Mobile, Home and Industrial IoT
As an example of building automation using IoT, Doug cited Rudin Management, a New York City real estate company that developed its own building management system software called DiBoss. , The company has demonstrated that it can intelligently manage fans and other energy systems in its buildings. John Gilbert, COO, said that in one year at one major office building, the company saved nearly $1 million. That dollar amount translates to a savings of 50 cents for every square foot of building space.
Key to the management and savings is an intelligent gateway that collects sensor data at the network edge. Further, the gateway acts as a filter to analyze and normalize the data to be share through the company’s network of application via the cloud. Intel has developed a family of gateway solutions that enables connectivity between both new and legacy sensors/devices by putting together technologies for networking, embedded control, enterprise-grade security, and manageability (see Figure 2).
Lorie Wigle, VP of IoT Security Solutions at Intel, noted that IoT devices often have a very long operation cycle (see Figure 3). They are not re-booted very often, if ever, and are often part of a system of systems. The challenge for designers is that these devices are not updated as often as they should be. That’s why it is important to track the device ID – for perhaps hundreds of devices – and maintain an operation status for all. Intel’s mantra for this type of security is, “harden the devices, secure the communications, and monitor while taking advantage of analytical tools.”
The Wind River Edge Management System provides cloud connectivity to facilitate device configuration, file transfers, data capture, and rules-based data analysis and response. This pre-integrated technology stack enables customers to build industry-specific IoT solutions and integrate disparate enterprise IT systems, using API management. The middleware runs from the embedded device up to the cloud thus reducing time to market and total cost of ownership.
Integrated with the Intel IoT Gateway platform, McAfee ePolicy-Orchestrator (ePO) maintains system integrity by allowing only authorized code to run (application whitelisting) and only authorized changes to be made (change control). It simultaneously protects embedded system integrity and automates the enforcement of software change control policies. It allows an administrator to remotely configure and update the system. When you have 5,000 nodes you don’t want to have to send a person out to upgrade each of those. The solution reduces the cost and complexity of security and compliance administration.
The McAfee Security Information and Event Management (SIEM) provide the analytics tools to identify critical threats and respond quickly. And, built for big data security, McAfee Global Threat Intelligence for Enterprise Security Manager (ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent Security Information and Event Management (SIEM). These can be deployed on premises or on the cloud.
The McAfee Next Generation Firewall (NGFW) is the key element for watching over the Gateway communications. It has an intrusion prevention system (IPS), built-in VPN, and deep packet inspection. Then McAfee adds anti-evasion technologies that decode and normalize network traffic — before inspection and across all protocol layers — to expose and block the most advanced attack methods.
Silicon Security First
Intel Fellow, Steve Grobmen spoke about having a foundation for security in silicon. The connected world requires proof-of-identity and hardware based key generation. The Trusted Connection Service from Intel is a part of the proof-of-identity approach. For example, Intel has developed an Enhanced Privacy ID (EPID) for remote, anonymous authentication of a hardware device. It is a two layer system – ID of what type of device and ID of a specific device. Using EPID, a hardware device can prove to a remotely located verifier that it is a valid device, certified by the hardware manufacturer, all without revealing its identity and without the verifier being able to link multiple authentication attempts made by the device. For example, an EPIC can determine whether a car is a valid device and thus able to receive secure information. However, the EPIC system will not reveal who owns the device to prevent the car owner from unknowingly being tracked as they drive.
Discover more from JB Systems Media and Tech
Subscribe to get the latest posts sent to your email.
