By Mary Catherine O’Connor
IIC Members Testing Time-Sensitive Networking Standard
The Industrial Internet Consortium, a member-led organization that is helping to accelerate the deployment of networked sensor-based technology (the Internet of Things) in the industrial sector, has announced its latest testbed initiative, which will evaluate time-sensitive networking for industrial applications. The IIC is supporting this testbed because IEEE standards for time-sensitive networking (TSN)—which employs time-synchronized, low-latency streaming services delivered via an Ethernet-based network—are moving through the ratification process, and end users are interested in running use cases and conformance testing for Industrial Internet applications.
National Instruments, which makes electronic testing and embedded control solutions for industrial applications, will host the testbed at its headquarters in Austin, Texas, with the help of fellow IIC members Bosch Rexroth, Cisco, General Electric, Schneider Electric and TTTech.
TSN will be an important foundational technology for Industrial Internet of Things (IIoT) platforms, says Todd Walter, National Instrument’s chief marketing officer, because it enables the movement of data, including audio and video (AV), quickly and predictably across a network. Currently, many companies have developed specialized Ethernet variants to support AV data transmissions across industrial networks, but this is done using specialized fieldbuses and proxies that would create a data bottleneck for many IIoT applications, such as those using robotics or integrated vision systems.
The partner companies are currently building components based on TSN-compliant chips, while mapping out the use cases they will pilot during the testbed, which will begin during the third quarter of this year.
Senate Bill Calls for Research, Support for IoT in U.S.
A group of U.S. senators this week introduced a bill, the Developing Innovation and Growing the Internet of Things (DIGIT) Act, that directs the Federal Communications Commission (FCC) to complete a report assessing spectrum needs required to support the Internet of Things. It also convenes a public-private working group that would send recommendations to Congress on how to plan for, and encourage, the growth of the Internet of Things in the United States. DIGIT builds on a previous bill, The Internet of Things Resolution, which the same group of senators—Cory Booker (D-N.J.), Deb Fischer (R-Neb.), Kelly Ayotte (R-N.H.), and Brian Schatz (D-Hawaii)—passed through the Senate last year. That resolution states that “the United States should develop a strategy to incentivize the development of the Internet of Things in a way that maximizes the promise connected technologies hold to empower consumers, foster future economic growth, and improve our collective social well-being.”
Govtech.com notes that the federal government has already signaled some support for the IoT by dedicating 75 MHz of spectrum within the 5.9 GHz band for Dedicated Short-Range Communications (DSRC), a protocol for vehicle-to-vehicle and vehicle-to-infrastructure networks. Carmakers and their suppliers are planning to build DSRC capabilities into cars sold throughout the United States.
AgeCheq Introduces New System for Securing Consumer Data
AgeCheq—a subsidiary of PrivacyCheq, a company that offers IoT product manufacturers a platform for communicating their data security policies to consumers—has added a new feature to its AgeCheq 3.0 privacy compliance cloud service, which is designed to protect consumers’ personally identifiable information (PII) collected and stored by product manufacturers through connected devices, such as those used in IoT networks. Some Web and mobile game publishers already use AgeCheq to help them collect user age data in order to comply with the U.S. Children’s Online Privacy Protection Act (COPPA) and the European Union General Data Protection Regulation (GDPR).
The new service, called PIICRYPT, could prevent the types of data breaches through which hackers have access to personal photos and other PII, such as one that toymaker VTech experienced by failing to secure the names, e-mail addresses, passwords and home addresses of 4.8 million parents who had purchased connected toys for their children.
PIICRYPT provides a platform for storing PII collected through apps and websites in encrypted “vaults” on Amazon‘s S3 cloud. The service sequesters each user’s data into this segmented storage area and protects it with a unique AES 256-bit key, which is saved only on the consumer’s device. By divvying user data into these segmented storage areas, AgeCheq explains, PIICRYPT will make it impractical for hackers to carry out a large data breach, since using brute force to crack potentially millions of these 256-bit encrypted vaults would be too onerous.
HARMAN, NXP Demo V2X Product at Auto Show
At the Geneva International Motor Show 2016, HARMAN International Industries, a tier-one automotive supplier of audio and connectivity systems, demonstrated its Life-Enhancing Intelligent Vehicle Solution (LIVS) Connected Car Compute Platform, which is designed to enable vehicle-to-x (V2X) communications infrastructure, based on the Dedicated Short-Range Communications (DSRC) protocol, and using RoadLINK technology provided by NXP Semiconductors. V2X refers to communications between vehicles or between a vehicle and infrastructure, such as a short-range radio device attached to a light post or traffic light.
The HARMAN-NXP solution uses radios compliant with the IEEE 802.11p standard, which is designed for creating ad-hoc networks between infrastructure and vehicles, or between multiple vehicles, based on proximity. Use cases for a V2X system include enabling an ambulance to transmit alerts to drivers of other vehicles as it approaches an intersection, alerting them of its location. Another use case is employing a radio mounted on a speed-limit sign to alert drivers that they are entering a reduced speed zone. The V2X application software runs on the i.MX 6Solo applications processor from NXP, and uses HARMAN’s data security architecture, known as 5+1, which employs data encryption; a virtual machine manager (hypervisor), which segregates operating systems to better protect those running security applications within a connected vehicle’s connect CPU; an intrusion-detection system; and other security features, all of which can be updated over-the-air.
Pwnie Express Details Most Data-Insecure Devices
Pwnie Express, a provider of digital security solutions for enterprise customers, has released a research report, titled “The Internet of Evil Things: Top Connected Device Threats 2016.” As the title implies, the report surveys the security risk associated with IoT devices. The report is based, in part, on the results of an online survey that Pwnie Express conducted in December 2015. The respondents included more than 400 global information security professionals. Half of the respondents said they are either “very concerned” or “extremely concerned” by security threats posed by devices connected to their enterprise’s network, and 86 percent expressed at least some level of concern. Sixty-seven percent said they are more worried about connected-device threats than they were a year ago, while 55 percent have witnessed an attack via a wireless device, and 38 percent have witnessed an attack via a mobile device.
A major source of worry is the growing use of cellular and other mobile devices linked to corporate networks but not administered or managed by the company, respondents said. In fact, 37 percent of respondents said they can’t tell how many devices are connected to their networks, while 40 percent indicated that their organizations are “unprepared” or “not prepared at all” to detect security threats posed by IoT devices connected in their networks.
As part of this research initiative, Pwnie Labs (the research and development division at Pwnie Express) aggregated and analyzed more than seven million wireless and wired devices detected by its SaaS-based Pwn Pulse platform, which enables broad-spectrum device visibility of bring-your-own (BYO) mobile, wireless, Bluetooth, wired and other connected devices on and around enterprise networks. It compared this analysis to data collected in 2014. Among its findings are that Xfinity Wi-Fi had taken the lead as the most common default open wireless network; that Hewlett-Packard printers are the most prevalent wireless devices deployed with a vulnerable default communication settings configuration (exposing confidential print jobs and compromising corporate client devices to hackers) and offering a backdoor into private corporate networks; and that 35 percent of wireless access points deployed within the last six to 12 month show weak or no encryption. The full report can be downloaded from the Pwnie Express website.
GlobalSign, Infineon Partner on Security Solutions
GlobalSign, a provider of identity and security solutions, has partnered with chipmaker Infineon Technologies and the InterOperability Lab at the University of New Hampshire (UNH-IOL) to demonstrate the application of hardware, public key infrastructure (PKI) and cloud services in IoT environments. GlobalSign’s PKI security platform will be deployed with Infineon’s OPTIGA Trusted Platform Module (TPM) SLB9645 chip, which stores the private key required to execute cryptographic functions, such as authentication and encryption.
This combined solution employs the TMP standard from the Trusted Computing Group and can be easily integrated into a variety of IoT platforms, according to the companies. In addition to providing a laboratory to demonstrate this IoT security solution, UNH-IOL will provide interoperability testing for their combined products.