Home/ Blog/Posts Tagged "Internet of Things"

IoT Development with Wireless Communications: Getting Started

Posted on:

Embarking on an IoT development project presents many questions that need to be answered — whether you have extensive experience in machine-to-machine communications or you are just starting out. This enormously fast growing field offers a growing selection of supporting components and connectivity methods, and for developers it can feel like the landscape changes daily. In this post we’ll lay some groundwork to help make sense of it all, and talk about the key things to consider as you are preparing to launch an IoT development project.

While we may not be able to completely mitigate the overwhelm factor, we can certainly help to highlight the important considerations that drive decision making and provide resources for getting answers.

Wireless Technology in IoT Product Design

At the heart of the explosion of the Internet of Things (IoT) and the Industrial IoT (IIoT) is wireless technology, made possible via RF or radio frequency. This technology enables devices to communicate with another without being physically connected. With its roots in the early 20th century, RF technology is not new. But it has grown to include cellular devices and other advances, keeping in stride with an enormous demand for new consumer and industrial applications.

Technological enhancements that support this incredible growth include the speed and bandwidth of the underlying networks, extended battery life of IoT devices, broader capabilities of wireless communication protocols, and more secure management of devices and networks. These advancements have allowed a significant number of industries to replace expensive, and often unreliable, wired communication with wireless communication.

Wireless communication in smart city applicationsMillions of miniature wireless devices — sensors and radio modules — now gather and send data in a vast array of environments from smart cities to manufacturing facilities and other industrial settings, and deliver that data faster than you can blink.

To manage it all, cloud applications such as Digi Remote Manager® allow network administrators to monitor the health and security of their devices from a central console, update the firmware of many devices with one command, automate security monitoring, and get notified quickly in the event of a problem anywhere those devices are deployed, worldwide.

That said, how do you get started designing and developing a successful IoT or IIoT product? While there’s far too much to cover in a single blog post, we can talk about some of the key things you will need to know if you are going to develop a product incorporating wireless technology.

Oh, and we have exciting news: Digi has an upcoming guide to all the concepts and important considerations in wireless communications for IoT product design. Sign up now to get notified of its release.



Key Considerations for Wireless Design in IoT

Launching a wireless design project can be daunting. You need on-staff expertise, supporting professional services, or both, to define your requirements, design and develop your IoT product, and ensure that it will pass testing and certification to meet your time-to-market promise. You will need to carefully assess the costs involved in building your product against your go-to-market pricing and ROI goals. And you will need to ensure that you have a strategy for secure device operation.

The considerations vary by the type of application, and there is no one-size-fits-all process. For example, an industrial tank sensor and a wearable device that reports heart metrics are both IoT applications, but with very different requirements. However, in most cases, the key considerations can be summarized as follows, regardless of the product parameters and its intended use.

Product Requirements

Be sure to take time to assess all of your product requirements. It is far too common for teams to launch the design process without taking the critical first step of accurately identifying the market needs, which can be a costly mistake. Some of the considerations in this phase include:

  1. Market and use case: What is the intended use for the finished product? How much data does it need to process, and how fast? Are you solving a real business problem with the product? Time to market is also a key consideration, as market opportunities can be short lived before other competitors fill the space.
  2. Target price: How will you price your product against any competing products? You want to ensure that you can build sell your product within that market’s price expectations.
  3. Physical placement: How and where will the product be used? For example, will your IoT product be placed in a stable location, such as a medical facility, warehouse or industrial tank? Or will it be on a moving vehicle such as a bus, or perhaps worn by a cyclist or runner?
  4. Geographic location: Where in the world do you want to sell the product? This will affect several design decisions, your entire go-to-market strategy, and the types of certifications required.

Wireless Connectivity and Range

There are several questions to answer in the process of determining your IoT product connectivity requirements:

  1. How will the product connect and transmit data? Will the product have access to a reliable wireless connection, and will it need to communicate over Wi-Fi or cellular for best performance? This decision has several ramifications. For example, a Wi-Fi network will need a gateway for data routing, and local technical support personnel, while a cellular network is maintained by the carrier and requires less maintenance, but it will require a data plan. Note that you can also enable both Wi-Fi and cellular connectivity.
  2. Will the deployment location have structures or objects that can obstruct the signal, or will it be deployed in a remote area?  For example, are you developing an industrial IoT product to be deployed deep in a mine or on a remote oil derrick? If so, you will need a strategy for managing connectivity issues.
  3. What type of antenna will you need to support your connectivity requirements? Antenna requirements are based on several factors including the wireless range needed, size of the device, its location and placement, the radio hardware and wireless communication protocol, and whether the device is indoors or outdoors.

Battery Life

Determining whether your IoT product will be wireline powered or battery powered is a significant decision and involves several considerations. The type and location of the device will help to determine whether it should be rechargeable, or whether it is more important to design for proactive battery management to support long battery life. For example, you would expect to regularly recharge most cellular devices, such as wearables, but a device that monitors a remote industrial tank would require a battery that needs to be changed out infrequently. Another key consideration in IoT development is that some wireless protocols are better suited to battery-powered devices than others.

Certifications and Time-to-market

Wireless products have certification requirements based on the region(s) in the world in which they are deployed. For example, in the U.S., wireless products must pass FCC and cellular certifications. Other regions have different requirements, and you will need to meet them all if you want to market your product worldwide, or in multiple regions. This process can be arduous if you have not planned and designed your product with knowledge of the various certification requirements in mind. On the other hand, planning for certification, and even starting with pre-certified communication modules, can dramatically reduce the time, cost and pain involved in moving through the certification process.

Building your product using a pre-certified module and designing your product for rapid certification can also help speed your time-to-market. IoT product developers often struggle with the question of whether to build their product from the ground up or start with pre-built components. If you have plenty of time and your application’s end-user cost is more important than time-to-market, you may want to build. If you need to get to market quickly to release a competitive or in-demand product, building your IoT application based on pre-certified modules will likely give you more advantage.

Launching Your Product Design

Once you have determined your IoT product requirements in detail, and ensured that you have a feasible product that meets a market requirement, you are finally ready to embark upon your product design. The electrical design of a wireless product includes the layout of your PCB, considerations around isolation of your RF signal, impedance matching, types and locations of ports and connectors, and power supply. To make these determinations, you will need to have an experienced RF engineer and mechanical engineer on staff, or have the ability to consult with a professional RF design services team to create the board layout and ensure component decisions match the product requirements.

As a best practice, consider performing a feasibility study to ensure your design plan is going to work, and start by prototyping the product to learn about any obstacles you may encounter in your final design. Resolving these issues in the prototyping phase of your project can save an enormous amount of time and cost, and ensure that you get to market on schedule.

Design and Build Resources

Digi offers a wide range of solutions for every aspect of your wireless product design process, from a complete suite of product components, to professional design services that can support your design, feasibility, certification, testing, security and deployment requirements, to documentation and Knowledge Base articles. To learn more about Digi’s end-to-end solutions for IoT development, contact Digi today.

>>Be sure to sign up to get notified of the release of our upcoming guide, Wireless Communication Basics: A conceptual guide to RF technology for IoT.

Who Is Responsible for IoT Device Security?

Posted on:

If this was a test question on a college exam, you would have a set of multiple choice answers, such as:

    A. The device manufacturer that initially builds the device.
    B. The device integrator, who builds the device into an end-user product.
    C. The value added reseller that distributes the device to consumers.
    D. The customer, who installs or sets up the device or third-party product in the end-user environment.
    E. All of the above.

The answer may be surprising to some, but it is of course “E. All of the above.” Everyone along the chain from manufacturing to integrating and using the product plays a role in ensuring that the device is properly set up to thwart improper access, device hacking and malware attacks.

Many people believe that security can be fully implemented by the device manufacturer, or that it’s possible to install a security-focused software program to detect and thwart hacking. But in fact, true device security is a combination of technologies, processes and best practices.

Why Device Security Requires a Multi-Pronged Approach

There are several key reasons why device security requires multiple technologies and practices across the chain from manufacturing to end-use:

  1. Each enterprise has a different security requirement. Retail and financial institutions that process transactions need a high level of security to protect customer data. Healthcare organizations that handle sensitive personal information also require a very high level of security. At the other end of the spectrum, there are many use cases in which extreme security is not required, and it does not make sense to take the extra measures, as it results in additional cost to the consumer.
  2. The threats change. The technologies and practices in use today may not be enough to thwart the attackers of tomorrow. See our previous post, Lessons Learned from the KRACK Vulnerability, for additional insights.
  3. Consumers do not want to pay for the amount and type of built-in security that businesses require.

Device Security from the Manufacturing Perspective

In this post, we will talk specifically about the key security measures that should be designed into the product by your device manufacturer if you are a product integrator or value added reseller, so that others further down the chain can implement proper security. For example, if you are seeking to incorporate one or more vendors’ embedded modules and radio frequency products into your product design, it is important to review the security measures taken in the manufacturing phase.

In these instances, the devices must enable secure functionality. The device manufacturer’s responsibility is to build in secure features, which can then be implemented by the integrator or end-user. As a best practice, the manufacturer should include a comprehensive set of controls that can be enabled as needed. These controls are essentially the laws that govern the product and ensure it behaves in a secure manner. In this article, we refer to this set of controls as a “manufacturer security framework.”

To demonstrate, let’s look at some specific examples.

Example 1: A Security Feature Implemented Within a Device

In this example, we will discuss a feature called “secure boot.” The intent of secure boot is to make sure no unauthorized code ever runs on the device. At Digi, for example, we have defined a number of controls within our manufacturer security framework for this purpose.

The controls we have assigned to secure boot include the following:

  • When the device boots, all code objects that are loaded are cryptographically verified as coming from the device manufacture.
  • When software is updated, all updates are cryptographically verified as coming from the device manufacturer.

While we require the secure boot control, our developer has many technical options for how to implement it. For example, when sourcing a manufacturer’s CPU, our developer must first evaluate the capabilities of that component to determine how to implement the control. In the case of secure boot, if the CPU offers the High Assurance Boot (HAB) feature, the Digi developer can implement the HAB on the product under development to meet the secure boot control requirement.

This security framework ensures that a full range of critical security controls is built in during the development of the product, but still provides the developer with some choice as to the method. When all security controls are in place and development is complete, each of these controls must then be tested and validated.

Example 2: A Security Feature Implemented by the End User

Another example of a secure code feature is the ability to do code validation on end-user code that runs on a device. With the future trend of edge computing, code validation and the infrastructure to support this on an edge device is becoming critical. Validating scriptable end-user objects does not happen at the manufacturer’s level, but at the end-user level. The manufacturer needs to support the functions to make this happen. End-users must then enable these functions on their devices and code upon deployment.

It is important to note that it is the validation of a control that ensures secure operation. This happens not only at the manufacturing level, but across all phases of product implementation. For a set of framework controls for end users to implement for device security, see the Center for Internet Security (CIS) site at www.cisecurity.org.

Digi’s framework of manufacturer security controls, called Digi TrustFence™, includes:

  • Secure boot
  • Authentication and secure connections
  • Encrypted storage
  • Secure updates
  • Certificate and policy management
  • Protected hardware ports
  • Device identity
  • Ongoing monitoring and support

The Digi TrustFence™ solution is not a single security feature, such as a software program that can be hacked. It is a multi-pronged approach designed to ensure that devices are secure from common attacks, and that device integrators and end users have the ability and functions needed to establish a secure configuration in deployment.

The intent of Digi TrustFence™ is to start the secure IoT story from the manufacturing perspective. If you are an integrator, or application developer, there are similar security frameworks such as the OWASP top 10 (www.owasp.org) for security controls on IoT devices. These frameworks provide controls that can be implemented at multiple phases from the manufacturer to the end user.

To continue this story, your own organization must assess what you have in place for a security framework. Does your organization have a set of published best practices? Does your supplier offer a security framework for its customers? Are you fully implementing all available controls to avoid any single point of failure?

>>Take a look at  Digi TrustFence for more details on how to solve security challenges across the IoT landscape.

Internet of Things Device Security: Five Simple Steps (video)

Posted on:

Device security is a critical and complex step in designing an Internet of Things strategy. Digi’s Chief Technology Officer, Joel Young, discusses five critical areas of IoT security.

Cover these, and you’re on the right path:

  • secure boot
  • authentication
  • protected ports
  • storage
  • secure connections

In this five minute video, Joel shares which questions to ask and what steps to take in order to ensure strong IoT device security.

You can get the transcript of this video here, and learn more about Digi TrustFence here.

Endress+Hauser Chose Digi Connect Sensor+ Cellular Gateway for Inventory Management

Posted on:

Endress+Hauser, a manufacturer of instrumentation measurement technology for the process industry, looked to Digi to help develop a more robust inventory management system to take better advantage of the data from their flow, level, pressure and temperature measurement devices.

“We are serving the chemical industry, oil and gas, pharmaceutical, food and beverage, primaries and water and wastewater reserve-focused industries,” explains Thiemo Fichter, head of product management inventory management solutions, Endress+Hauser. “There, we can measure pretty much every process variable.”

Most customers were still in the manual inventory monitoring mode, unable to automate the replenishment process to get product when and where they needed it consistently. Digi Connect Sensor helped E+H collect and deliver the information customers needed to make more timely replenishment decisions.

“We provide this inventory information into the business process. Our customers can get everything out of one hand, from the sensor in the physical world via the connectivity of the data, converting this into information up to the level where we integrate this information into our customer’s business process, their ERP landscape.”

In the video below, Ficthter explains why Endress+Hauser chose Digi Connect Sensor+ Cellular Gateway

Learn more about Digi Connect® Sensor+ here >> 

5 Lessons Learned from the Mirai DDoS Attack

Posted on:

Security is always top of mind when it comes to IoT devices and applications. The recent Mirai DDoS attack in October 2016 is an important reminder that IoT device manufacturers—and consumers—need to be vigilant with security, both out of the box and at home.

Recently, Andrew Lund, Digi’s Product Marketing Manager for Wireless M2M and IoT, shared his thoughts with IoT Evolution on the Mirai attack and what lessons could be learned to help improve security for IoT devices and applications. Below is an excerpt of five of Andrew’s best practices from IoT Evolution’s piece, which you can read in full here.

  1. Change default passwords:
    Given the attack vector that Mirai used, it’s clear that one area Device OEMs can make design decisions to increase security is with respect to passwords. The days of leaving the default password unchanged are over, so manufacturers must either force users to change passwords or create a “default” passwords that are unique to each individual IoT device.
  2. Don’t allow insecure ingress protocols:
    Mirai malware contains “killer” scripts that remove other worms and Trojans, allowing Mirai to maximize its use of the infected host device. But Mirai also goes one step further and closes processes that are used for remote ingress attempts, like Telnet, SSH, and HTTP.
  3. Secure remote management tools:
    Efficient, cost-effective method of remotely monitoring, updating and managing connected devices. Users can set performance parameters for healthy devices and create reports and alarms for suspicious activity. Using a remote manager that incorporates PCI-DSS and other relevant security certifications in the cloud such as HIPAA and NIST allow users to define a device profile, assign the profile to all devices in a group, and monitor and auto-remediate any variances. The best remote management tools can also restrict incoming traffic to only allow SSL connections, eliminating unencrypted TCP connections.
  4. Firmware updates:
    Firmware updates must be completed securely (authentication) and automatically, or at a minimum, users must be notified/prompted when a new firmware update is available.
  5. Packet encryption:
    This consists of basic encryption, such as FIPS-197/AES, to protect messages from unauthorized viewing or malicious changes. This method is easy to implement and use, especially in conjunction with private keys.

TO LEARN MORE, READ THE FULL POST HERE >>

Big Data and IoT Team Up for the Gaming and Lottery Industries

Posted on:

Online gaming and virtual gambling have risen significantly due to increased mobile accessibility, social media, technology advancements and expanded internet connectivity. Big Data and the Internet of Things (IoT) are proving to be even more of a game changer for these industries by collecting large amounts of data, from a variety of gameplay data sources, while rapidly connecting and communicating to thousands of sites.

You may experience this IoT evolution when you are playing Words With Friends® on your smartphone with college classmates across the country, or when you play poker on your computer with complete strangers across the globe. Regardless of your gaming or gambling experience, we all know how critical real-time connection is when we are trying to win. Now translate those wins into $6 billion of revenue, and the stakes of rapid connectivity are significantly heightened like for the world’s largest slot machine manufacturer International Game Technology (IGT) . With more than 400,000 point-of-sale devices in 100 countries, watch the video below to learn why IGT turned to Digi TransPort® LTE wireless routers to keep those bets and wagers flowing:

The 10 Security Factors Every Device Designer Should Consider

Posted on:

The following is an excerpt from our recent whitepaper, IoT Device Security, Built-in, Not Bolt-on: The 10 Security Factors Every Device Designer Should Consider. This guide was written to help you navigate security consideration before they become threats, so you can get back to designing the best IoT product or application possible.

The Rising Tide of Security Threats

Limited only by designers’ imaginations, the Internet of Things (IoT) is changing how people live. From medical devices and fitness trackers to tank sensors, smart thermostats, intelligent streetlights, water monitors, and more, the IoT is in more places than ever.

However, by relying on wireless networks, those hundreds of millions of IoT devices present a greater “attack surface,” making them tempting frontline targets for competitors, hackers, disgruntled employees, and other bad actors. Unfortunately, the tools and techniques we’ve applied to PC/smartphone platforms often don’t work well in the IoT, for several reasons:

  • Resource Limitations – Small-footprint IoT devices typically have far less battery power, processing speed and memory. They lack the power and sophistication required to support traditional security measures.
  • Data Complacency – Many companies view the data in their IoT networks as mundane and having little intrinsic value outside the organization. But many breaches are motivated by other factors, such as competitive advantage, social status, or revenge. The data isn’t the goal – the hack is.
  • Availability of Tools– The tools and expertise to analyze and modify embedded/IoT devices are widely available – even to hobbyists.
  • No Physical Access Required– One of the advantages of the IoT is that devices can be remotely configured/upgraded without the need for dispatching a truck. However, thanks to wireless connections, hackers don’t need physical access to devices such as USB or other I/O ports.
  • Interface Differences– Embedded devices have no GUIs, and error messages can be as basic as a coded series of beeps or flashing lights. This is particularly true for security status and control functions allowing for security alarms to be overlooked.
  • Hardwired Ports– These provide unfortunate opportunities for compromise. IoT solutions can’t simply implement a strong password over a TLS connection – the most common approach for PC/Internet applications.

IoT solutions need a different approach and the effort required to identify and mitigate unique security risks in embedded systems is often underestimated, if not overlooked entirely.

>> To learn more, read the full whitepaper here.

3 Holiday DIY Internet of Things Projects

Posted on:

With Black Friday and Cyber Monday behind us, the holidays are officially in full swing. To help get you in the holiday spirit, we’ve curated some of our favorite connected creations that take holiday celebration to the next level.

Here are some of our favorite Internet of Things-powered projects to keep you occupied this holiday season.

Enjoy!

Internet of Things (IoT) meets the Internet of Holidays (IoH)

The OpenDNS Security Labs team took a look at IoT patterns throughout the holiday season and examines the patterns that emerged.

Internet of Things Christmas Tree

Make your own IoT Christmas tree with this handy how-to from our friends at Instructables!

The IoT Holiday Lights Project

Find out what Twitter, a Christmas tree, and minions all have in common with this clever IoT holiday project.


Have you seen a worthy holiday IoT project? Let us know in the comments below, and we’ll add it to the list!

Contact a Digi expert and get started today! Contact Us
Have a Question?