Challenges of the Internet of Things

The Internet of Things industry will face numerous implementation challenges as most M2M solutions are highly fragmented and rely on the industry’s move to Internet Protocol Version 6 to ensure the rapid development and global adoption of the Internet of Things and continued growth of M2M technology and future large-scale applications, Frank Weber, director of cybersecurity for the energy sector with NSS Labs noted.

Weber has heard of discussions about whether IPv6 is the right protocol for the Internet of Things. While there are infinitesimal IP addresses in IPv6, which can be allotted to the billions of Internet of Things-connected devices, there is the proverbial flip-side of the coin that says that IPv6 is too bloated of a protocol stack for a sensor to handle by itself.

“I think many view the ultimate costs of these devices, electrical power, batteries and sheer computer power as factors since there will be so many of them – potential costs can be an inhibiting factor in the future.” Weber commented. “Therefore, a debate on the intelligence of a sensor itself is becoming more of a topic. Do these sensors need to have more memory, RAM, or otherwise be a miniature computer, or should they be more of a less-intelligent device that receives data and sends its payload when polled. These are all dependent on the specific use case that the end user will use to deploy these nodes.”

Some enterprises may want real-time analytics and a requirement will then be focused on low latency and quality of service of the network or protocol that is being utilized. Or the data may only need to be polled once a day or less, which may require less of a focus on having on-demand network access and connectivity to the sensors and gateways themselves, Weber noted.

Cybersecurity is also another issue associated with Internet of Things technology. Context Information Security researchers found a security weakness in a WiFi-enabled, energy efficient LED light bulb that can be controlled from a smartphone, according to a July 7 article from Net-Security.org. In February, IOActive Inc., which offers comprehensive computer security services, reported that Belkin’s WeMo home-automation products, several of which had major security flaws and vulnerabilities.

Weber said that the weak links in these solutions are the connectivity links, regardless if they are wireless solutions such as WiFi, Bluetooth, cellular, satellite, or microwave, and how they are connected to a cloud-based solution such as platform-as-a-service and software-as-a-service, and other servers and services set up to query, poll or receive data from the nodes and edges of a specific Internet of Things application.

One company, Kepware Technologies, has proposed a new distributed architecture for remote technologies, which it argues is needed to replace the Host-Centric model that is used by the oil and gas industry.

The oil and gas industry and other business sectors that rely on satellite networks also must contend with security in satellite communications (SATCOM), according to a white paper published by IOActive. Satellite communications play a vital role in the global telecommunications system, allowing people in remote locations to access the Internet, aiding vessels and aircraft in safe operation, and providing the military and emergency services with critical communication links during armed conflicts or natural disasters.

However, an internal SATCOM research project conducted by IOActive researchers from October to December 2013 uncovered multiple high-risk vulnerabilities in all SATCOM device firmware examined in the study.

“These vulnerabilities have the potential to allow a malicious actor to intercept, manipulate, or block communications, and in some cases, to remotely take control of a physical device,” IOActive reported in the paper.

The classes of vulnerabilities uncovered in the research included hardcoded credentials, undocumented protocols, insecure protocols, and backdoors.

IOActive is currently working with government CERT Coordination Center and the vulnerable vendors to help remediate all security findings uncovered in this initial phase of research. Specific details how replicating or testing for the vulnerabilities discovered in this research phase will be released later this year to allow time for relevant fixes to be developed and deployed.



WHAT DO YOU THINK?


Generated by readers, the comments included herein do not reflect the views and opinions of Rigzone. All comments are subject to editorial review. Off-topic, inappropriate or insulting comments will be removed.

sofia hunt  |  March 22, 2016
Very nice and interesting post. I also wrote similar lines on testing challenges for IoT. Hope you would like it - http://bit.ly/1MyR2zZ


Most Popular Articles