Securely Connected to the Internet of Things

Size: px
Start display at page:

Download "Securely Connected to the Internet of Things"

Transcription

1 3

2 Wireless Technologies: Neratec is known as specialist in wireless technologies: WLAN, Bluetooth, Bluetooth Smart, RFID, NFC, EnOcean, Zigbee, GPRS, GPS,.. Embedded Products: Neratec develops products and cares about the whole product life cycle: starting from the product idea, going over to production and maintenance and ending with the end-of-life of the product. WLAN Products: Neratec has own WLAN products which have outstanding robustness and performance: Industrial Wireless LAN Stations, WLAN Outdoor Access Points, WLAN Module Customized Products: Neratec develops products based on customer specification, initiates and cares about the production, enables and provides Life-Cycle-Management and product support. Normally ODM products are based on a Neratec-Platform (e.g. Neratec Embedded Platform) Engineering Services: Based on our Know how we provide services like: Feasibility Studies, System Design, Specification, HW/SW Development, Project management, Verification, Validation & Certification Testing Quality: Due to the fact that one of our most important customers for our WLAN products is from the railway industries, Neratec is used to develop products which fulfill highest quality Introduction of Presenter: Adrian Freihofer: System Architect of the Neratec Embedded Platform Markus Hüppi: Platform Manager of the Neratec Embedded Platform 4

3 Before we can discuss about the risks and challenges related to IoT, we need to understand some basics. Agenda: Internet of Things (IoT) What is the IoT? What are its targets and requirements? Where are the challenges? IoT Framework How to realize the IoT today? How to cope with the IoT challenges? Device Life Cycle How does a Device Life Cycle look like? Why is a bullet prove IoT Framework essential? 5

4 6

5 Internet of Things (IoT), M2M, Industries 4.0 and Smart Factory are all buzzwords from today. They all are not only focusing the same target but are also based on the same concept: The networking of devices shall optimize processes and create an added value (= money) In the IoT many different devices (Sensors, Actuators, Controllers) are connected with each other and are able to exchange data (more or less real-time). This data (big data) can be used to provide new services which shall optimize processes and make our lives easier 7

6 A good Example is the heating system in your house. Itmakes sure it is comfortable warm in winter. However, it is not only about comfort. In Switzerland, the heating costs are not negligible. Even nowadays most heating controller work still very rudimentary. There is an outdoor temperature sensor and a heating curve which is programmed in the controller. Some heating system do not even have an indoor temperature sensor. 8

7 By help of the IoT, the comfort can be increased and the heating costs can be lowered. How it might work: Due to the data from MeteoSwiss, the heating controller knows, that in the afternoon a warm front is going to arrive. As consequence, the heating controller reduces the heating power in such a way, that overheating can be avoided. This mechanism does not only safe energy but also improves the comfort in the house. Based on the data from Calandawindthe heating controller can benefit from cheap energy at the time of energy overproduction. However, even though it sounds pretty easy, it is not at all. According to the IoT visionaries, the devices in the IoT will talk to each other without any barriers in the future. However, for the time being standards and protocols for such communication are missing. On of the major challenges is to guarantee a secure and reliable data exchangebetween the devices. Nevertheless, the IoT is not fiction. The solution from today just looks slightly different. 9

8 Neratec sees the IoT of today as follow: The IoT is not a network of devices but a network of Device Clouds. A Device Cloud consist of many devices and a server called cloud manager. The Device Cloud is a private network and is managed by an administrator. The administrator defines which devices are integrated into the cloud. He knows how the devices are functioning and how they need to be maintained. Finally, he defines which data are provided to the Internet (e.g. IoT) or to superior processes (e.g. ERP). This IoT solution based on a Device Clouds is not the IoT described by the visionaries where each device can freely talk to any other device but it is a first step towards the IoT. Much more important: It can be realized today. The Device Cloud has one characteristic which solves all the open issues in the IoT and this is the fact that somebody (the administrator ) is responsible for the Device Cloud and cares about: Data Security Reliability Maintenance Especially the maintenance of a device (e.g. Identification of failure, SW update,..) can not be delegated to the self-controlled IoT and must be under control of an administrator. Example: MeteoSwisshas to install, observe and maintain all its distributed sensors for being able to make a reliable weather forecast. Calandwindknows best, how to pitch the rotor blade to get highest performance Only the Heating Manufacturer itself shall release and deploy new SW for its controllers in the field This is the view of Neratec how the IoT looks today. However, we are sure it will look different in a couple of years. 10

9 A Device Cloud has many stakeholders who have different requirements. Here is the view of the user: He does normally not really care what s behind the Cloud as long as it works. Example Heating Controller: It has to be warm and efficient (= cheap)! 11

10 The Administrator of a Device Cloud has some burning questions like: How to provide the needed security against viruses, hackers? How to deploy SW-Updates in case of another Heartbleed? How to handle users with different access rights (e.g. User, operator, adminstrator,...)? 12

11 The boss makes an investment which shall pay-off in a certain time. This can onlybe achieved when the system: is stable, reliable and secure suits the customer needs 13

12 The developer is the onewho has to implement the Device Cloud in such a way, that it complies to all the requirements of all stakeholders (User, Admin, Boss,..). Furthermore, he is the one who has to guarantee that the system is not only working today but also tomorrow. In the Industries, life-cycles of 10 years and more are not uncommon. The maintenance of such a system over multiple years can become very complex and might cost a fortune if the life-cycle-maintenance is not cared about in detail at the very beginning. 14

13 Since devices such as the raspberry pi are available on the market, everybody is enabled to connect an embedded device to the Internet. However, the operation and the maintenance of a Device Cloud in a industrial environment is rather complex. Where the complexity to connect a raspberry pi to the internet is almost comparable to connect a PC to the internet, running a device cloud might be comparable to administrate a company network of PCs. 15

14 Devices which are connected to IoThave at least one common and complex property: Internet connectivity. To address this in a generic way Neratec developed a software framework which provides basic functionality of a Device Cloud. As already mentioned, a Device Cloud consist of embedded devices which are connected to a server (Cloud Manager) via Internet. Internet Connectivity is a complex requirement. But it is a generic requirement which demands for an IoTframework. The Neratecsoftware framework contains a basis implementationfor the embedded device as well as for the CloudManager. Further on the platform provides implementations for common services such as remote accessand SW Update functionality. To fulfill Industrial requirements not only the implementation matters. Processes are important as well. To implement complex SW development processes tools such as a build framework or a release helper are required and therefore part of the Neratec framework too. If embeddeddevices are connected to the internet a strategy to deal with external influences such as a hacker attack or a technology change is absolutely mandatory. In comparison to gadgets with Internet connectivity the life cycle of an industrial device is normally much longer. Industrial devices are often part of a complex infrastructure where exchanging one device is complex, risky and expensive. The requirements towards industrial devices can not be compared with commercial devices like smart phones. To realize Industries 4.0 a next generation of industrial embedded software is required. The software needs to be as agile as current IT solutions and the software needs to be maintainable for a long time. The focus of the Neratec IoTframework is on efficient maintenance even for huge deployments, on Internet Security and on long term software support. 16

15 Thus all of us have about the same idea, we start with an example setup. 17

16 Thispicture provides a graphical overview about the reference setup described on the previous slide. On the left side there are 1000 embedded devices. All of them are connected to the Cloud Manager via Internet. 18

17 The connection is realized with a VPN tunnel. The VPN tunnel (TLS) provides security as well as connectivity across NAT routers. The picture shows the physical connection to the internet via firewalls as well as the virtual connection provided by the VPN in parallel. Due to the VPN based architecture there is no need for listening network ports on the devices. This minimizes the risk for security holes. The initial device configuration which is required by the device to join to the VPN is generated by the Cloud Manager or a dedicated PKI/CA System. 19

18 The data provided by the devices can be processed and stored todatabases such as an ERP system. The Cloud Manager acts as a middleware pre-processing and serving the data e.g. to an ERP system. 20

19 The web based administration interface provided by a device can be accessed via VPN. The Cloud Manager acts as a http proxy for the devices. The proxy approach simplifies setup and maintenance. 21

20 The infrastructure is designed for many devices as well as for many users. This requires user authentication e.g.against an existing domain controller. A Kerberos based user authentication can be implemented on the proxy (Cloud Manager) or on the devices. 22

21 This figure gives an overview of the device architecture. The yellow part represents the application. The orange part represents the generic IoT platform. Normally the platform part exceeds size and complexity of the application. Further more, many companies have big know how and experience in the application but not in building an Internet enabled platform. Therefore, it is important to build upon a proven platform. A platform does not only consist of the components visible in the orange box. It also includes a sophisticated development processes, an automated build and test system and last but not least hardware which provides the needed functionality. The Neratec IoT platform is based on Yoctoproject which provides most of the components required for an IoT platform. 23

22 Several projects tried to add network connectivity to existing software running on a simple upand a limited operating system. This might work for devices connected to a well known network environment. In the IoT scenario, the devices are connected to the Internet. A secure design as well as SW-Update possibility are mandatory. This requires a full featured network stack as provided e.g. by Linux. Another reason to use a full featured network operating system like Linux is the possibility to add features later on. Often people have lots of ideas for additional services and features at the time they really realize how powerful Internet connectivity is. At this point it might be hard to explain that there are limitations which do not allow to implement a simple feature. Of course, a full featured Linux demands for appropriate hardware. However, the HW requirements are not so relevant anymore. The evolution of electronics has lead to powerful and cheap CPUs, Processors and RAM. State of the art SOCs provide at least a DDR2 RAM interface. The cheapest DDR2 memory chip which is available is 128MB and this enough to operate a full featured Linux. But Attention: An SOC which provides the needed HW resources and features is not automatically suitable to run Linux. To run Linux on a SOC, the SOC has to be supported by Linux. Hence, there are two options available: Either an SOC with Linux support is chosen or the Linux is extended that it supports the chosen SOC. Nevertheless, the second option is connected with vast effort and does normally not pay off. Therefore the first option is normally the way to go. Especially for projects where a few hundred devices are required, the costs for SW development often exceed the costs for the HW itself. It s important to choose a HW which is known to run Linux with minimal development effort. For the given IoT setup with a life cycle of 10 years one has to think about long term maintainability. This is not possible as long as support for a HW is not mainlined. 24

23 On the right side is a snapshot of the commit history of the latest Linuxkernel releases. For example: The difference between kernel version 3.14 and kernel version 3.15 are13720 patches. This patches were provided by 183 companies and additional individuals. We can conclude: The changes from release to release are huge and complex. Bad project example: Let s assume a project is based on a SOC which got support for kernel 3.10 (red dot) provided by the SOC vendor. Unfortunately the code can only be downloaded from SOC vendors home page and not from kernel.org. The vendor does not care about kernel updates he simply offers Linux support for kernel version Let s assume, there is a major technology change ongoing (e.g. support for a new IPv6 related feature). For whatever reason this feature is required on the devices. Kernel 3.15 would provide everything needed by the project. However, the Kernel 3.15 does not support the SOC used in the project. Porting SOC support from kernel 3.10 to kernel 3.15 is a complex task and almost impossible. The patches provided for kernel 3.10 are not compatible to kernel Back porting the IPv6 related changes from kernel 3.15 to kernel 3.10 is not possible as well. Good project example: Ifall parts of the code which is used by the project is part of the mainline kernel, a kernel update probably works automatically. Just pull the latest version of the kernel sources, apply the configuration of the previous kernel does the kernel update. Of course a system with an new kernel needs intensive testing. Conclusion: Choosing a HW with mainlined Linux support is crucial to protect the investment into an IoT cloud.it s not always simple to find out if a HW fulfils this criteria or not. Therefore, it is important to verify the quality of Linux support on the evaluation board. If it is not possible to get the evaluation board running by just using source code from kernel.org, the Linux support might be considered as insufficient. Currently, SOC vendors are still learning the process of mainlining their source code. There is definitively an increasing demand from user side for HW which is supported by mainline Linux. Since the code needs high quality to be merged into official kernel releases, mainlining is a time consuming process. Most SOC vendors are not able to push their code into mainline kernel during the HW development phase. Currently, for most new SOC mainline support is unavailable. Some SOCs get support over time. Others remain on a forked kernel provided for download from the SOC vendors homepage. 25

24 One of the main goalsof the Yoctoproject is mainlining the code of a complete embedded reference system. Especially for headless devices, the Yoctoproject is currently one of the most supported by SOC vendors. Apart from standardizing the code basis and defining the development process, Yocto has several advantages to realize projects as the example mentioned in this speech. 26

25 To summarize up we go trough a fictitious life cycle of an IoT device. 27

26 Given a life cycle of 10 years for devices with Internet connectivitycertain unexpected issues will pop up for sure... Shortly after the rollout of the first devices a bug in the project specific application needs to be fixed. This is not a big deal as long as we are able to recompile the application and we have a package based update procedure disposed. Later on a vulnerability getsknown. We have to patch a system library. This requires to be able to recompile the Linux distribution. We do not want to patch other things than just this lines of code containing the bug. Since Yoctoenables us to build a Linux Distribution 100% from source code, this is no problem. A new feature is requested. New features are possible at any time. After five years, a more cost effective HW is available on the market. A second generation of devices is developed and deployed. Both HW generations need to be supported by one SW. Therefore a major software update is required. To get support for the new HW, at least the kernel needs to be updated. The new kernel configuration is based on the old kernel configuration with additional features enabled. Since both HW platforms are supported by the mainline kernel this is mainly a matter of configuring the kernel without changing source code. Finally a system update is required to get readyfor IPv6. Since the Linux Distribution is a close as possible to the Yoctoproject, we have many choices to get this target reached. Probably the easiest approach is to pull the latest kernel from upstream and integrate it otthe locally developed modules again. Automated system tests are very important to verify that a new system is compatible to the old system. Yoctoprovides automated image tests. 28

27 Realizing industrial IoTsolutions is challenging for software engineers. The buzzwords IoT, M2M or Industries 4.0 merge the requirements of different device classes to a new device class which could be named Industrial IoT Device. The requirements to an IoT Device can be summarized as follow: The quality of SW must be higher then ever The complexity of a device with Internet connectivity and specific functionality is much higher compared to a device without Internet connectivity. However, Internet connectivity can be implemented in a generic way which demands for a generic platform. Internet requires compatibility between endless number of devices. This demands for open standards. One way to standardize SW is to provide an open implementation. The Internet is changing fast. Sometimes, technological changes have to be followed by connected devices. This requires flexible SW update possibilities. Updating SW is a complex task. It needs appropriate processes and frameworks. The application specific software needs to be integrated into the platform to support one common SW update process. Finally, an efficient test strategy is required to allow a fast release of a new SW version. For industrial applications an extended life cycle is mandatory. Exchanging an industrial device is normally not as simple as buying a new smart phone. Therefore industrial devices absolutlyneed long term software support. An IoTsystem has many stakeholders and many technical dependencies. Each dependency can turn out as a show stopper especially for the life-cycle-management. Therefore external dependencies have to be kept as low as possible. This is one of the main reason for following the Yoctoproject. The Yoctoproject allows to share generic parts of the SW between many projects. If the core of the SW is based on mainlined code, there is a high probability that latest updates from the community can be merged with reasonable effort. Since the source code is completely archived and the build system and the release process allow to reproduce the SW any time, even a small patch can be applied to solve an issue. 29

28 30

29 31

Short-range Low Power Wireless Devices and Internet of Things (IoT)

Short-range Low Power Wireless Devices and Internet of Things (IoT) Short-range Low Power Wireless Devices and Internet of Things (IoT) Mats Andersson, CTO, connectblue Phone: +46 40 630 71 00 Email: mats.andersson@connectblue.com Web: www.connectblue.com Version 1.1 February

More information

In the pursuit of becoming smart

In the pursuit of becoming smart WHITE PAPER In the pursuit of becoming smart The business insight into Comarch IoT Platform Introduction Businesses around the world are seeking the direction for the future, trying to find the right solution

More information

KURA M2M/IoT Gateway. reducing the distance between embedded and enterprise technologies. Tiziano Modotti, October 28 th, 2014

KURA M2M/IoT Gateway. reducing the distance between embedded and enterprise technologies. Tiziano Modotti, October 28 th, 2014 KURA M2M/IoT Gateway reducing the distance between embedded and enterprise technologies Tiziano Modotti, October 28 th, 2014 IoT Architecture @ M2M/IoT Integration Platform on Cloud Business Applications

More information

Network Configuration Management

Network Configuration Management Network Configuration Management Contents Abstract Best Practices for Configuration Management What is Configuration Management? FCAPS Configuration Management Operational Issues IT Infrastructure Library

More information

ClearOS Network, Gateway, Server Quick Start Guide

ClearOS Network, Gateway, Server Quick Start Guide ClearOS Network, Gateway, Server Quick Start Guide Welcome ClearOS is computer Operating System (OS) that provides enterprise-level network security and application services to the Small/Medium-sized Business

More information

Perimeter Firewalls. Brandon Napier Rick Archibald Pete Jamison HAL PC & HLUG 09/22/2007. brought to you by: in association with

Perimeter Firewalls. Brandon Napier Rick Archibald Pete Jamison HAL PC & HLUG 09/22/2007. brought to you by: in association with Perimeter Firewalls 09/22/2007 brought to you by: Brandon Napier Rick Archibald Pete Jamison in association with HAL PC & HLUG Who am I? Brandon Napier Got interested in computers in 1992, in high school

More information

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS By Bill Graham and Michael Weinstein INNOVATORS START HERE. EXECUTIVE SUMMARY Driven by the convergence of cloud technology, rapidly growing data

More information

CARRIOTS TECHNICAL PRESENTATION

CARRIOTS TECHNICAL PRESENTATION CARRIOTS TECHNICAL PRESENTATION Alvaro Everlet, CTO alvaro.everlet@carriots.com @aeverlet Oct 2013 CARRIOTS TECHNICAL PRESENTATION 1. WHAT IS CARRIOTS 2. BUILDING AN IOT PROJECT 3. DEVICES 4. PLATFORM

More information

Design for Success: Designing for the Internet of Things with TiWiConnect

Design for Success: Designing for the Internet of Things with TiWiConnect Design for Success: Designing for the Internet of Things with TiWiConnect Today s presenters Scott Lederer Senior Software Architect Dave Burleton Vice President of Marketing LSR.com Today s Agenda Why

More information

Developing reliable Multi-Core Embedded-Systems with NI Linux Real-Time

Developing reliable Multi-Core Embedded-Systems with NI Linux Real-Time Developing reliable Multi-Core Embedded-Systems with NI Linux Real-Time Oliver Bruder National Instruments Switzerland oliver.bruder@ Embedded Product Design Surveys 66% Product designs complete over budget

More information

Short range low power wireless devices and Internet of Things (IoT)

Short range low power wireless devices and Internet of Things (IoT) Short range low power wireless devices and Internet of Things (IoT) White paper Author Mats Andersson Senior Director Technology, Product Center Short Range Radio, u-blox Abstract This paper discusses

More information

Industrial Network Security and Connectivity. Tunneling Process Data Securely Through Firewalls. A Solution To OPC - DCOM Connectivity

Industrial Network Security and Connectivity. Tunneling Process Data Securely Through Firewalls. A Solution To OPC - DCOM Connectivity Industrial Network Security and Connectivity Tunneling Process Data Securely Through Firewalls A Solution To OPC - DCOM Connectivity Manufacturing companies have invested billions of dollars in industrial

More information

Operating System Security

Operating System Security Operating System Security Klaus Schütz Windows OS Security Microsoft Redmond Before I start My VP love(d) me A frustrated friend 1 Agenda Evolution of Threats Client vs. Server Security Operating System

More information

WISE-4000 Series. WISE IoT Wireless I/O Modules

WISE-4000 Series. WISE IoT Wireless I/O Modules WISE-4000 Series WISE IoT Wireless I/O Modules Bring Everything into World of the IoT WISE IoT Ethernet I/O Architecture Public Cloud App Big Data New WISE DNA Data Center Smart Configure File-based Cloud

More information

White Paper: Cloud Identity is Different. World Leading Directory Technology. Three approaches to identity management for cloud services

White Paper: Cloud Identity is Different. World Leading Directory Technology. Three approaches to identity management for cloud services World Leading Directory Technology White Paper: Cloud Identity is Different Three approaches to identity management for cloud services Published: March 2015 ViewDS Identity Solutions A Changing Landscape

More information

H MICRO CASE STUDY. Device API + IPC mechanism. Electrical and Functional characterization of HMicro s ECG patch

H MICRO CASE STUDY. Device API + IPC mechanism. Electrical and Functional characterization of HMicro s ECG patch H MICRO CASE STUDY HMicro HMicro is a wireless healthcare chip company to enable industry s first fully disposable wireless patches with high reliability, high data integrity, low cost, small form factor

More information

IO Visor: Programmable and Flexible Data Plane for Datacenter s I/O

IO Visor: Programmable and Flexible Data Plane for Datacenter s I/O IO Visor: Programmable and Flexible Data Plane for Datacenter s I/O LINUX FOUNDATION COLLABORATIVE PROJECTS Introduction Introduction As an industry, we have been building datacenter infrastructure for

More information

DIY Device Cloud Documentation

DIY Device Cloud Documentation DIY Device Cloud Documentation Release 1.0 Tony DiCola May 11, 2014 Contents 1 Overview 3 1.1 What is a device cloud?......................................... 3 1.2 Why do you want a device cloud?....................................

More information

Move to IPv6 for business continuity

Move to IPv6 for business continuity Move to IPv6 for business continuity About NewMedia Express Managed hosting service provider SGNIC accredited registrar (.sg Domain) APNIC member BGP4 Multihome Network (AS38001) Peers with NTT, China

More information

Cloud computing is a marketing term that means different things to different people. In this presentation, we look at the pros and cons of using

Cloud computing is a marketing term that means different things to different people. In this presentation, we look at the pros and cons of using Cloud computing is a marketing term that means different things to different people. In this presentation, we look at the pros and cons of using Amazon Web Services rather than setting up a physical server

More information

Zone Labs Integrity Smarter Enterprise Security

Zone Labs Integrity Smarter Enterprise Security Zone Labs Integrity Smarter Enterprise Security Every day: There are approximately 650 successful hacker attacks against enterprise and government locations. 1 Every year: Data security breaches at the

More information

MANAGED FIREWALL SERVICE. Service definition

MANAGED FIREWALL SERVICE. Service definition MANAGED FIREWALL SERVICE Service definition Page 1 of 4 Version 1.2 (03/02/2015) NSMS Managed Firewalls Service Definition Understanding of a firewall service The function of any firewall service is to

More information

Affordable Building Automation System Enabled by the Internet of Things (IoT)

Affordable Building Automation System Enabled by the Internet of Things (IoT) Solution Blueprint Internet of Things (IoT) Affordable Building Automation System Enabled by the Internet of Things (IoT) HCL Technologies* uses an Intel-based intelligent gateway to deliver a powerful,

More information

Domus, the connected home

Domus, the connected home Domus, the connected home Amazouz Ali, Bar Alexandre, Benoist Hugues, Gwinner Charles, Hamidi Nassim, Mahboub Mohamed, Mounsif Badr, Plane Benjamin {aamazouz, abar, hbenoist, cgwinner, nhamidi, mmahboub,

More information

Guideline on Safe BYOD Management

Guideline on Safe BYOD Management CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version

More information

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is 1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the

More information

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT. April 2009 EXAMINERS' REPORT. Network Information Systems

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT. April 2009 EXAMINERS' REPORT. Network Information Systems THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT April 2009 EXAMINERS' REPORT Network Information Systems General Comments Last year examiners report a good pass rate with

More information

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk Proposed PhD Research Areas I am looking for strong PhD candidates to work on the projects listed below. The ideal candidate would have a mix of theoretical and practical skills, achieved a distinction

More information

What is Really Needed to Secure the Internet of Things?

What is Really Needed to Secure the Internet of Things? What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices

More information

Generic RFID Software Platform for Any Application

Generic RFID Software Platform for Any Application FALKEN Secure Networks Inc. (FSN) has introduced a new paradigm to the RFID industry with its generic software platform to simplify System Integration, drive custom development costs out of system acquisition

More information

PAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ

PAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ PAVING THE PATH TO THE ELIMINATION A RSACCESS WHITE PAPER 1 The Traditional Role of DMZ 2 The Challenges of today s DMZ deployments 2.1 Ensuring the Security of Application and Data Located in the DMZ

More information

Streamlining Patch Testing and Deployment

Streamlining Patch Testing and Deployment Streamlining Patch Testing and Deployment Using VMware GSX Server with LANDesk Management Suite to improve patch deployment speed and reliability Executive Summary As corporate IT departments work to keep

More information

Easily Connect, Control, Manage, and Monitor All of Your Devices with Nivis Cloud NOC

Easily Connect, Control, Manage, and Monitor All of Your Devices with Nivis Cloud NOC Easily Connect, Control, Manage, and Monitor All of Your Devices with Nivis Cloud NOC As wireless standards develop and IPv6 gains widespread adoption, more and more developers are creating smart devices

More information

Cross-Platform Software Considerations for Internet of Things

Cross-Platform Software Considerations for Internet of Things Cross-Platform Software Considerations for Internet of Things Tuukka Ahoniemi Technical Product Marketing Manager tuukka.ahoniemi@theqtcompany.com 10th Central and Eastern European Software Engineering

More information

elan Technology White Paper Why Linux?

elan Technology White Paper Why Linux? elan Technology White Paper Why Linux? Bow Networks Inc. Page 2 Introduction This white paper summarizes the reasons Linux was selected as the operating system for BOW Network s elan platform. Linux has

More information

UPnP: The Discovery & Service Layer For The Internet of Things April 2015

UPnP: The Discovery & Service Layer For The Internet of Things April 2015 UPnP: The Discovery & Service Layer For The Internet of Things April 2015 The First Chapter: The Connected Home In late 1999, the founding members of what would become the UPnP Forum started to put together

More information

CiscoWorks Resource Manager Essentials 4.3

CiscoWorks Resource Manager Essentials 4.3 . Data Sheet CiscoWorks Resource Manager Essentials 4.3 Product Overview CiscoWorks Resource Manager Essentials (RME) 4.3 is the cornerstone application of CiscoWorks LAN Management Solution (LMS). CiscoWorks

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

GHG Protocol Product Life Cycle Accounting and Reporting Standard ICT Sector Guidance. Chapter 7:

GHG Protocol Product Life Cycle Accounting and Reporting Standard ICT Sector Guidance. Chapter 7: GHG Protocol Product Life Cycle Accounting and Reporting Standard ICT Sector Guidance Chapter : Guide for assessing GHG emissions related to software DRAFT January 0 Table of Contents GHG Protocol ICT

More information

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc. SSL-TLS VPN 3.0 Certification Report For: Array Networks, Inc. Prepared by: ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 USA http://www.icsalabs.com SSL-TLS VPN 3.0 Certification

More information

OPCNet Broker TM for Industrial Network Security and Connectivity

OPCNet Broker TM for Industrial Network Security and Connectivity OPCNet Broker TM for Industrial Network Security and Connectivity Tunneling Process Data Securely Through Firewalls A Solution To OPC - DCOM Connectivity from Integration Objects Compatible for DA, HDA

More information

Release Version 4.1 The 2X Software Server Based Computing Guide

Release Version 4.1 The 2X Software Server Based Computing Guide Release Version 4.1 The 2X Software Server Based Computing Guide Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless

More information

Process-Based Security Testing in a Carrier Environment

Process-Based Security Testing in a Carrier Environment Process-Based Security Testing in a Carrier Environment Sven Weizenegger, Heikki Kortti 02.07.2008 1 Introduction Sven Weizenegger T-Systems Lead of Security Testing and Senior Consultant Heikki Kortti

More information

Are You in Control? MaaS360 Control Service. Services > Overview MaaS360 Control Overview

Are You in Control? MaaS360 Control Service. Services > Overview MaaS360 Control Overview Services > Overview MaaS360 Control Overview Control Over Endpoints Ensure that patches and security software on laptops and distributed PCs are always up to date. Restart applications automatically. Block

More information

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

SECURITY TRENDS & VULNERABILITIES REVIEW 2015 SECURITY TRENDS & VULNERABILITIES REVIEW 2015 Contents 1. Introduction...3 2. Executive summary...4 3. Inputs...6 4. Statistics as of 2014. Comparative study of results obtained in 2013...7 4.1. Overall

More information

Bitnami Packaging and Deployment Technology for Server Software

Bitnami Packaging and Deployment Technology for Server Software Bitnami Packaging and Deployment Technology for Server Software A TECHNICAL OVERVIEW Started in 2015, Bitnami s Software Partner Program provides a number of engineering benefits to Independent Software

More information

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions

A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions A M D DA S 1. 0 For the Manageability, Virtualization and Security of Embedded Solutions AMD DAS (DASH, AMD Virtualization (AMD-V ) Technology, and Security) 1.0 is a term used to describe the various

More information

Patch Management Policy

Patch Management Policy Patch Management Policy L2-POL-12 Version No :1.0 Revision History REVISION DATE PREPARED BY APPROVED BY DESCRIPTION Original 1.0 2-Apr-2015 Process Owner Management Representative Initial Version No.:

More information

Secure, Efficient, and Open Standard Internet of Things

Secure, Efficient, and Open Standard Internet of Things Secure, Efficient, and Open Standard Internet of Things Zach Shelby Director of Technology, IoT ARM acknowledges the trademarks and copyrights of 3 rd parties included in this presentation What is the

More information

Key requirements for Interoperable IoT systems

Key requirements for Interoperable IoT systems Key requirements for Interoperable IoT systems Pratul Sharma Technical Marketing Manager, ARM Inc. May/08/2014 Agenda Why Interoperability? Open standards for interoperability Data Communication Standards

More information

Niagara IT Manager s Guide

Niagara IT Manager s Guide 3951 Westerre Parkway, Suite 350 Richmond, VA 23233 804.747.4771 Phone 804.747.5204 FAX Niagara IT Manager s Guide A White Paper An IT Manager s Guide to Niagara This document addresses some of the common

More information

WIND RIVER INTELLIGENT DEVICE PLATFORM XT

WIND RIVER INTELLIGENT DEVICE PLATFORM XT WIND RIVER INTELLIGENT DEVICE PLATFORM XT The Foundation for Building Devices That Connect to the Internet of Things The opportunities presented by the burgeoning Internet of Things (IoT) may be new, but

More information

Release Version 3 The 2X Software Server Based Computing Guide

Release Version 3 The 2X Software Server Based Computing Guide Release Version 3 The 2X Software Server Based Computing Guide Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless

More information

From Network Security To Content Filtering

From Network Security To Content Filtering Computer Fraud & Security, May 2007 page 1/10 From Network Security To Content Filtering Network security has evolved dramatically in the last few years not only for what concerns the tools at our disposals

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

Zorp and KZorp: Integrating Packet Filtering and Userspace proxying

Zorp and KZorp: Integrating Packet Filtering and Userspace proxying Zorp and KZorp: Integrating Packet Filtering and Userspace proxying Balázs Scheidler Zorp Has been established in 2000, as the first BalaBit product Code was GPLd right from the start

More information

Using Opensource VPN Clients with Firetunnel

Using Opensource VPN Clients with Firetunnel This document describes how to use VPN Clients. Since the number of VPN Tunnels using PPTP is limited to 4, this is your way to connect up to 10 parallel tunnels using VPN/IPSEC technology. The method

More information

JBoss enterprise soa platform

JBoss enterprise soa platform JBoss enterprise soa platform What is it? The JBoss Enterprise SOA Platform includes serviceoriented architecture (SOA) open source middleware such as JBoss Enterprise Service Bus (ESB), JBoss jbpm, JBoss

More information

Why Migrate from Citrix to Parallels?

Why Migrate from Citrix to Parallels? Why Migrate from Citrix to Parallels? On 3 March 2015, Citrix reviewed the lifecycle of XenApp and Presentation Server, confirming that the end of extended support for Windows Server 2003 will be on 24

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

The Future Of The Firewall

The Future Of The Firewall SECURITY The Future Of The Firewall Jeff Wilson Jeff Wilson is principal analyst, VPNs and security with Infonetics Research (www.infonetics.com), specializing in firewalls, IDS/IPS, VPNs, integrated security

More information

Cloud Servers in the Datacenter: The Evolution of Density-Optimized

Cloud Servers in the Datacenter: The Evolution of Density-Optimized Cloud Servers in the Datacenter: The Evolution of Density-Optimized Jean S. Bozman Research Vice President IDC Enterprise Platforms Group October 24, 2013 Copyright 2010 IDC. Reproduction is forbidden

More information

An Overview of Embedded Computing

An Overview of Embedded Computing Embedded Computing Introduction to Embedded Computing......................................-2 Software Tools for Embedded Computing An Overview of Embedded Computing Moxa Protocol Converter.................................................-6

More information

TFE listener architecture. Matt Klein, Staff Software Engineer Twitter Front End

TFE listener architecture. Matt Klein, Staff Software Engineer Twitter Front End TFE listener architecture Matt Klein, Staff Software Engineer Twitter Front End Agenda TFE architecture overview TSA architecture overview TSA hot restart Future plans Q&A TFE architecture overview Listener:

More information

Future Multi-Mission Satellite Operations Centers Based on an Open System Architecture and Compatible Framework

Future Multi-Mission Satellite Operations Centers Based on an Open System Architecture and Compatible Framework Future Multi-Mission Satellite Operations Centers Based on an Open System Architecture and Compatible Framework GSAW 2014 Thomas J. Sullivan, Aerospace Ground Systems Lab Rico Espindola, MMSOC Flight Operations

More information

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support m-satut@northwestern.edu

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support m-satut@northwestern.edu Microsoft Software Update Services and Managed Symantec Anti-virus Michael Satut TSS/Crown IT Support m-satut@northwestern.edu Introduction The recent increase in virus and worm activity has created the

More information

CYBER PHYSICAL SYSTEMS@FRAUNHOFER IIS

CYBER PHYSICAL SYSTEMS@FRAUNHOFER IIS F R A U N H O F E R I N S T I T U T E F O R I N T E G R AT E D C I R C U I T S I I S CYBER PHYSICAL SYSTEMS@FRAUNHOFER IIS CPS@FRAUNHOFER IIS Cyber physical systems: it is no longer possible to separate

More information

eguide: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success

eguide: Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success : Designing a Continuous Response Architecture 5 Steps For Windows Server 2003 End of Life Success FAST FACTS Over 10 Million Windows Server 2003 Devices Still In Use Less Than 250 Days To Windows Server

More information

Parallels Virtuozzo Containers

Parallels Virtuozzo Containers Parallels Virtuozzo Containers White Paper Virtual Desktop Infrastructure www.parallels.com Version 1.0 Table of Contents Table of Contents... 2 Enterprise Desktop Computing Challenges... 3 What is Virtual

More information

Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows

Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows Compulink Business Systems, Inc. 2645 Townsgate Road, Suite 200 Westlake Village, CA 91361 2013 Compulink

More information

NVM memory: A Critical Design Consideration for IoT Applications

NVM memory: A Critical Design Consideration for IoT Applications NVM memory: A Critical Design Consideration for IoT Applications Jim Lipman Sidense Corp. Introduction The Internet of Things (IoT), sometimes called the Internet of Everything (IoE), refers to an evolving

More information

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced

More information

Document ID. Cyber security for substation automation products and systems

Document ID. Cyber security for substation automation products and systems Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has

More information

GPX Business CLOUD. Electronic Data Interchange. www.inposia.com

GPX Business CLOUD. Electronic Data Interchange. www.inposia.com GPX Business CLOUD Electronic Data Interchange EDI via GPX Business CLOUD This booklet shall give You an overview on the GPX Business CLOUD services What the difference makes Why EDI via GPX Business CLOUD

More information

8 Steps for Network Security Protection

8 Steps for Network Security Protection 8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because

More information

Using the AVR microcontroller based web server

Using the AVR microcontroller based web server 1 of 7 http://tuxgraphics.org/electronics Using the AVR microcontroller based web server Abstract: There are two related articles which describe how to build the AVR web server discussed here: 1. 2. An

More information

8 Steps For Network Security Protection

8 Steps For Network Security Protection 8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their

More information

Who s Endian? www.cloudrouter.dk

Who s Endian? www.cloudrouter.dk Who s Endian? Endian was founded in 2003 at Appiano, Italy, by a team of experienced network specialists and Linux enthusiasts. Endian s goal and path of development are immediately clear: creating sophisticated

More information

Cisco PIX vs. Checkpoint Firewall

Cisco PIX vs. Checkpoint Firewall Cisco PIX vs. Checkpoint Firewall Introduction Firewall technology ranges from packet filtering to application-layer proxies, to Stateful inspection; each technique gleaning the benefits from its predecessor.

More information

Xerox SMart esolutions. Security White Paper

Xerox SMart esolutions. Security White Paper Xerox SMart esolutions Security White Paper 1 Xerox SMart esolutions White Paper Network and data security is one of the many challenges that businesses face on a daily basis. Recognizing this, Xerox Corporation

More information

Technical White Paper BlackBerry Enterprise Server

Technical White Paper BlackBerry Enterprise Server Technical White Paper BlackBerry Enterprise Server BlackBerry Enterprise Edition for Microsoft Exchange For GPRS Networks Research In Motion 1999-2001, Research In Motion Limited. All Rights Reserved Table

More information

Ubuntu Linux Reza Ghaffaripour May 2008

Ubuntu Linux Reza Ghaffaripour May 2008 Ubuntu Linux Reza Ghaffaripour May 2008 Table of Contents What is Ubuntu... 3 How to get Ubuntu... 3 Ubuntu Features... 3 Linux Advantages... 4 Cost... 4 Security... 4 Choice... 4 Software... 4 Hardware...

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

Firewall Security: Policies, Testing and Performance Evaluation

Firewall Security: Policies, Testing and Performance Evaluation Firewall Security: Policies, Testing and Performance Evaluation Michael R. Lyu and Lorrien K. Y. Lau Department of Computer Science and Engineering The Chinese University of Hong Kong, Shatin, HK lyu@cse.cuhk.edu.hk,

More information

CLOUD COMPUTING SOLUTION - BENEFITS AND TESTING CHALLENGES

CLOUD COMPUTING SOLUTION - BENEFITS AND TESTING CHALLENGES CLOUD COMPUTING SOLUTION - BENEFITS AND TESTING CHALLENGES PRAKASH.V, GOPALAKRISHANAN.S Assistant Professor Department of Computer Applications, SASTRA University Associate Dean Department of Computer

More information

Android Application for Accessing KNX Devices via IP Connection

Android Application for Accessing KNX Devices via IP Connection Android Application for Accessing KNX Devices via IP Connection J. A. Nazabal, J. Gómez, F. Falcone, C. Fernández-Valdivielso, P. E. Branchi and I. R. Matías Electrical and Electronic Engineering Department,

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

It's All About HVAC Systems and Saving Big Bucks Using DDC Systems!

It's All About HVAC Systems and Saving Big Bucks Using DDC Systems! Energy-Facilities Connections Conference Leavenworth, Washington It's All About HVAC Systems and Saving Big Bucks Using DDC Systems! May 12 th, 2010 Session 2, 10-11:20 am by Greg Jourdan 1 Agenda-It's

More information

MaaS360 Mobile Service

MaaS360 Mobile Service Services > Overview MaaS360 Mobile Service Go Mobile! Everything for mobile work - visibility, control, easy mobile connectivity, management tools and security - all in one economical, hosted solution.

More information

7 things you need to know about SQL Server 2008 R2

7 things you need to know about SQL Server 2008 R2 E-Guide 7 things you need to know about SQL Server 2008 R2 Many consider SQL Server 2008 R2 a business intelligence (BI) release because of the most talked about BI functionality of this version. But there

More information

Cloud computing for noise monitoring

Cloud computing for noise monitoring Cloud computing for noise monitoring Thorvald Wetlesen 1 1 Norsonic Gunnersbråtan 2, 3421 Lierskogen, Norway ABSTRACT Cloud computing is the use of computing resources that are delivered as a service over

More information

UPnP Internet of Things Dec 2014

UPnP Internet of Things Dec 2014 UPnP Internet of Things Dec 2014 Keith Miller Intel Wouter van der Beek Cisco UPnP Internet of Things Task Force 2014 UPnP Forum Overview Scope Architecture Local components description Sensor Management

More information

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring A White Paper from the Experts in Business-Critical Continuity TM Executive Summary With continued efforts to reduce overhead,

More information

The BiGuard SSL VPN Appliances

The BiGuard SSL VPN Appliances The BiGuard SSL VPN Appliances ERP Application Guide 1. What is ERP (Enterprise Resource Planning)? 2. The current status of ERP 3. Billion s solutions for several ERP usage scenarios A. Small to medium

More information

A Novel Distributed Wireless VoIP Server Based on SIP

A Novel Distributed Wireless VoIP Server Based on SIP A Novel Distributed Wireless VoIP Server Based on SIP Yuebin Bai 1,Syed Aminullah 1, Qingmian Han 2, Ding Wang 1, Tan Zhang 1,and Depei Qian 1 1 (School of Computer Science and Engineering, Beihang University,

More information

GLOBAL PARTNER TRAINING

GLOBAL PARTNER TRAINING GLOBAL PARTNER TRAINING Introducing Red Hat Enterprise Linux 6 November 2010 The RHEL Team Agenda The market opportunity and landscape Introducing Red Hat Enterprise Linux 6 Key features and benefits Product

More information

Copyright 2014, Oracle and/or its affiliates. All rights reserved.

Copyright 2014, Oracle and/or its affiliates. All rights reserved. 1 Java Micro Edition (ME) 8: Bringing Java to the Internet of Things Robert Clark Senior Software Development Director Safe Harbor Statement The following is intended to outline our general product direction.

More information

Making Sense of Internet of Things Protocols and Implementations

Making Sense of Internet of Things Protocols and Implementations Making Sense of Internet of Things Protocols and Implementations Author: Kim Rowe, RoweBots Higher level protocols for Internet of Things have various features and offer different capabilities. Most of

More information

Sun Constellation System: The Open Petascale Computing Architecture

Sun Constellation System: The Open Petascale Computing Architecture CAS2K7 13 September, 2007 Sun Constellation System: The Open Petascale Computing Architecture John Fragalla Senior HPC Technical Specialist Global Systems Practice Sun Microsystems, Inc. 25 Years of Technical

More information

HMS Industrial Networks

HMS Industrial Networks HMS Industrial Networks Putting industrial applications on the cloud Whitepaper Best practices for managing and controlling industrial equipment remotely. HMS Industrial Networks AB Stationsgatan 37 30245

More information