Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Key Aspects of Cybersecurity in the Context of IoT
IoT Roadmap and Security
Omendra K. GovindALTTC, INDIA
ITU CoE Progam
Cybersecurity12 – 16 May 2018
IoT Roadmap and Security 2
Agenda
• Introduction to IoT
• IoT Technolgies and challenges
• ITU Standards
• M2M / IoT Standardization activities India
IoT Definition
Note1 - Through the exploitation of identification, data capture, processing andcommunication capabilities, the IoT makes full use of things to offer services to allkinds of applications, whilst ensuring that security and privacy requirements arefulfilled.
Note 2 – From a broader perspective, the IoT can be perceived as a vision withtechnological and societal implications.
A global infrastructure for the information society, enabling advanced services byinterconnecting (physical and virtual) things based on existing and evolvinginteroperable information and communication technologies
Source: ITU-T Y.2060 (06/2012)
Introduction
Source: ITU-T Y.2060 (06/2012)
New dimension introduced in the IoT
Technical Overview
Device Types and their relationship with physical things
IoT ArchitectureNode
Gateway
Services
Sensor
Fundamental Characteristics
of IoT
Interconnectivity
Things-related services
Hetero-geneity
Dynamic changes
Enormous scale
Fundamental Characteristics / Requirement of IoT
Identification-based connectivity
Identification-based connectivity
InteroperabilityInteroperabilityAutonomic networkingAutonomic networking
Autonomic services provisioning
Autonomic services provisioning
Location-based capabilities
Location-based capabilities
SecuritySecurity
Privacy protectionPrivacy protection
High quality and highly secure human
body related services
High quality and highly secure human
body related services
Plug and playPlug and play
ManageabilityManageability
Source: ITU
Enabling Technologies and Drivers for IoT
Ubiquitous Connectivity
Widespread Adoption of IP-based Networking
Computing Economics
Miniaturization
Advances In Data Analytics
Rise of Cloud Computing
IoT Elements
•Object ID
•AddressingIdentification
•Gatherning Data from related objectsSensing
•Using low powerCommunication
•Processing units and Software Applications represent “brain” and computational ability of IoTComputation
•Use casesServices
•Ability to extract knoweldge smartly by different machines to provide the required servicesSemantics
8
M2M / IoT applications
Vertical Markets
• Domain Specific Applications
Horizontal Markets
• Ubiquitous computing and analytical services
IoT Applications
Building blocks of IoT
Source: Frost & Sullivan
Internet of Things is the organization of objects and things into a Internet like structure and enables:
1. The virtualization of everyday objects,
2. Endowing physical and virtual objects with an identity,
3. And interconnecting the objects for the purpose of monitoring and interacting with them.
• Consumer electronics
• Sensing devices
• Embedded Systems and Controllers
• Virtual Objects
• Wireless sensor networks, short range sensors and capture devices
• Wireless transmitting devices/ modules
• Personal Computers and Smartphones
• Wired and Wireless Networks
• Enterprise and SP Gateways
• Network Management
• Data Centers
• Discovery management
• Identity management
• Device management
• Performance management
• Applications
• Domain specific applications
• Enterprise application (ERP, CRM, SCM)
• Social networking apps
• Analytics
Objects Translation Connectivity Platforms Applications
Mature Developing Mature Developing Emerging
DEVICE GATEWAY PLATFORM HEADEND APPLICATIONS
IDG IGP IPA
UNDERLYING NETWORK
IMN
M2M Layer
M2MGateway
M2MPlatform
IGG IPP
Devices(Sensors/Actua
tors)
M2M HeadEndApplications
M2MPlatform
M2MGateway
Network Services
Generic M2M / IoT Network Architecture Model
IoT Roadmap and Security 12
Five main challenges in IoT
Various Communication Technologies
Source: KEYSIGHT
Fixed & Short Range
• RFID
• Bluetooth
• Zigbee
• WiFi
IoT Roadmap and Security 14
IoT Communication Technologies
Long Range technologiesNon 3GPP Standards (LPWAN)
• LoRaWAN• Sigfox• Weightless• RPMA• Others
3GPP Standards• LTE-M• EC-GSM• NB-IoT• 5G
IoT Roadmap and Security 15
IMT 2020
IoT Communications Models
Device-To-Device Communications
Device-To-Cloud Communications
Device-to-Gateway Model
Back-End Data Sharing Model
IAB RFC 7452 - “Architectural Considerations in Smart Object Networking’’
IoT Standardisation Challenge- Many related vertical and horizontal activities
IoT Roadmap and Security 18
IoT Roadmap and Security 19
IoT Roadmap and Security 20
IoT Roadmap and Security 21
IoT Roadmap and Security 22
IoT Roadmap and Security 23
Mapping objects to identifiers
IoT Reference Model
Interoperability and Open Interfaces• Rec. ITU-T Y.4200 defines the requirements for the interoperability of a smart city platform and
its reference points in order to ensure the correct functioning of city services. Interoperability allows:
– Increase in the number of services provided and their quality.
– Enables provision of better services, maximum efficiency, scalability and simple integration.
– Interoperability with other platforms will encourage local economic development through innovation and competition.
Reference framework of an SCP
Source: Rec. ITU-T Y.4201 (02/2018)
The value of the network is proportional to the
square of the number of its nodes – while
cost follows a more or less linear functions
MetCalfe’s Law
Platform based integration, open
standards and open source are key
24
Security and Privacy concern
Security
• Massive Scale, Homogeniety , Anticipated Service Life, Cyber Security issues, Physical security, BYIoT
Privacy
• Users privacy preferences and data collecting behavior
Interoperability and Standards
• Proprietary ecosystems and consumer choice
Legal, Regulatory, and Rights Issues
• Challenges that didn’t previously existed, IPR
IoT Roadmap and Security 26
IoT Roadmap and Security 27
Domain Knowledge Vertical and Horizonal Insight
• The data can be provided back to the devices,
people, or analysis programs to build further insight.
• There can be continuous flow of data, travelling
between devices, networks, and gateways.
• Data Flood - IoT is opening the networks
that were previously closed, making them
more vulnerable to the hackers
• Analytics - Think beyond conventional
business intelligence tools eg. Medical
emergency – data needs to analyse in real
time
• Complexity - IoT technology will connect
equipment and devices that have never been
connected before, and hence, there must be
ease in the design and development to have
more connections.
• The technologies required to create intelligent
systems can get extremely complex and broad, and
to provide seamless experience, the solutions need
to be customized to some extent.
M2M / IoT Standardization activities India
IoT Roadmap and Security 29
M2M / IoT Roadmap
Policy & Regulatory Features of Roadmap• KYC Norms for M2M• M2M SIMs with International Roaming state• Soft, Embedded & Virtual SIMS in M2M• M2M Service Providers (MSP)
The ‘National Telecom M2M Roadmap’ will lead to• A reference document to all M2M eco system stakeholders in India• Single Government interface for optimum planning of networks in
smart infrastructure• Unambiguous roles and responsibilities for various stakeholders
including Government bodies for harnessing full M2M potential• Facilitate in realizing the policy goals of Make in India and Digital
India
• Numbering Related Issues• Roaming issues in M2M• Location and connectivity issues
National Telecom M2M roadmap released (2015).
IoT Roadmap and Security 30
Building Communication Infrastructure
M2M Communication Technologies
Spectrum availability for M2M Communication
QoS in M2M Communications
Energy footprints of M2M Network
NOFN – Enabling M2M reach in rural India
Building M2M Network
• Ducts alongside planned roads and mandate to provide for communication cables
• Common Data Centre for services
• Energy footprint and Environment
• Selection of Communication Technologies
• Security and Privacy perspective
• Smart Infrastructure Management System
IoT Roadmap and Security 31
M2M / IoT Standardization Activities
Released Technical Reports on:• M2M Gateway & Architecture.• M2M Enablement in Power Sector• M2M Enablement in Intelligent Transport System• M2M Enablement in Remote Health Management• M2M Enablement in Safety & Surveillance Systems• M2M Number resource requirement & options• V2V / V2I Radio communication and Embedded SIM• Spectrum requirements for PLC and Low power RF communications• ICT Deployments and strategies for India’s smart cities: A curtain raiser• M2M/ IoT Enablement in Smart Homes• Communication Technologies in M2M / IoT domain
Technical reports are available on
www.tec.gov.in/technical-reports
IoT Roadmap and Security 32
Actionable points emerged from the Technical Reports
1. Based on TR and consultations with all the stake holders, TEC proposed 13 digit M2M Numbering plan for SIM baseddevices/ Gateways.
2. Embedded SIM : Based on TR, IR has been prepared in TEC. MoRTH included in AIS140 standard for VTS.
3. Additional Spectrum requirement for Low power RF communications in Sub GHz band was sent to WPC/ DoT.
4. Any device / Gateway having direct connectivity with PSTN / PLMN should have static IP (IPv6 or dual stack). BIShas mandated IPv6 for Smart meters to be connected on Cellular technologies, IS16444.
5. Multi protocol gateways.
6. M2M Network architecture and various Service delivery models for providing services in M2M domain.
7. Spectrum requirement for DSRC technology.
8. Licensing for LPWAN on non cellular technologies, providing public services.
9. Common service layer requirement at the platforms, important for data sharing, Security and interoperability.
10. Device testing and certification
– M2M devices need to conform to safety standards from radiation/ power perspectives.
– M2M devices need to be certified, while focusing on international standards deployment
IoT Roadmap and Security 33
Testing and Certification requirements
• Gazette notifications issued.
• Regulatory and legal compliance requirements - Devices with communication facility needs testing and certification against the International standards on
– EMC (Electro magnetic compatibility),
– Safety,
– Technical protocols including Interoperability & Conformance testing, Security
– Others (SAR, IPv6 or RoHS )
• Minimum Essential requirements are being formulated
• Testing will be done in the accredited labs in India
• In case of MRA (Mutual Recognition Arrangement) with the other countries, devices may be tested there and no need of further testing in India.
IoT Roadmap and Security 34
Draft National Digital Communications Policy – 2018
Strategic Objectives by 2022
1. Provisioning of Broadband for All
2. Creating 4 Million additional jobs in the Digital Communications sector
3. Enhancing the contribution of the Digital Communications sector to 8% of India’s GDP from ~ 6% in 2017
4. Propelling India to the Top 50 Nations in the ICT Development Index of ITU from 134 in 2017
5. Enhancing India’s contribution to Global Value Chains
6. Ensuring Digital Sovereignty
Vision
To fulfil the information and communication needs of citizens and
enterprises by establishment of a ubiquitous, resilient, secure and
affordable Digital Communications Infrastructure and Services;
and in the process, support India’s transition to a digitally
empowered economy and society.
Missions
National Digital Communications
Policy, 2018 envisages three Missions:
1. Connect India:
2. Propel India:
3. Secure India:
IOT SOLUTIONS
TELEMATICS / AUTOMOTIVE
SMART CITY
EDUCATION
MANUFACTURING
OTHER VERTICALS
Fleet Management
Telematics for Insurance
Connected Bike Connected Car
Smart Street Light
Smart Bin Smart Meter
Student TrackingCampus
MonitoringBooks Tracking
Solution
Asset Tracking (Trolleys)
Employee Monitoring
Container Tracking
Blood Bank Monitoring
HEALTHCARE
Solar Health Monitoring
Cell Tower Monitoring
Data Center Monitoring
mSell – Sales Force Tracking
Smart Refrigerator Monitoring
Water Monitoring
Launched by TSPL with its partner
Building Energy Management
System (BEMs)
IoT Roadmap and Security 36