IoT to Thrive, Overcoming Security Concerns, Say Experts

Security should not be an impediment but should aid in development of new technology.

TECHNOLOGY is set to deliver the promise of intelligent devices to revolutionalise how enterprises develop products and engage customers.

New ways of designing security right into the next generation of Internet devices and sensors will enable them to reliably provide timely information on anything from the number of car park lots available in a given area, to customer feedback, changing the way people live and how enterprises do business.

That was the view of a panel of experts discussing the latest issues with regard to the Internet of Things (IoT) at the Fuji Xerox DocuWorld 2015 last week at the Grand Copthorne Waterfront hotel.

The panelists were: Manish Gupta, vice-president at Xerox Corporation and director of Xerox Research Centre in India, Pete Carrier, Asia-Pacific senior vice-president and managing director for Siemens PLM Software and David Siah, country manager of Trend Micro. The discussion was moderated by Amit Roy Choudhury of The Business Times.

IoT refers to the growing network of physical objects that feature an IP address for Internet connectivity, and the communication that occurs between these objects and other Internet-enabled devices and systems. It is estimated that the number of such Internet enabled objects in the Asia Pacific, excluding Japan (APEJ) region, will grow from 2.59 billion in 2013 to 8.98 billion in 2020.

While there is genuine concern about IoT enabled devices being rolled out quickly without adequate safeguards, the panelists were optimistic that the industry will get things right and solve potential security issues.

Windows PCs were initially very vulnerable to attack until Microsoft in recent years decided to pay a lot more attention to combat these security issues, noted Dr Gupta.

"So are we going to go through a similar phenomenon," he said about the growth of IoT.

Agreeing, Mr Siah said that security should not be an impediment but instead should assist the development of the new technologies. Security is like the brakes in a sports car, he explained, enabling it to travel faster because the driver knows for sure that he can stop in time if needed.

Security has been a growing worry among governments, companies and consumers, even as the promise of a new IoT based economy begins to bear fruit with some early rollouts around the world.

In parts of Los Angeles, for example, carpark toll is automatically adjusted, through sophisticated algorithm and sensors, according to the demand and supply of the day. Through this, revenues have increased on the whole for the city government while charges have reduced for most drivers, who may not use the most expensive carpark spaces.

This smarter allocation of resources has been possible because of a combination of connected sensors as well as advanced analytics applied to the data collected, often on the fly.

Helped by falling prices in broadband services, quantum leaps in computational power and the miniaturisation of computers, IoT has seen tremendous growth as the next big technological wave.

In the APEJ region, the IoT market will grow from US$408 billion in 2013 to US$862 billion by 2020, according to research firm IDC. That is at a compound annual growth rate of 11.3 per cent.

Besides allocating resources better, smart sensors have also helped alleviate manual work that would previously have required humans to be on the job.

In the US, Xerox has a solution for checking if cars passing through toll booths have passengers in them when they are on an express lane reserved for car pools. Even at high speed, the system is able to reliably inspect this, said Dr Gupta.

He also pointed to other advances in smart, connected sensors that are changing the way people live. In healthcare, for example, cameras are able to detect a number of vital signs in a body. With a simple webcam, a person can detect possible medical conditions if he is able to check for signs such as body temperature over a long period of time.

"So I think the possibilities are endless. Look at any industry vertical, with the sensors becoming very inexpensively available, and with a lot of power to measure all kinds of things," he said. "With the Internet of Things, you can now Google reality."

In the enterprise, in particular, IoT is also set to change the way business is done.

To get products out to market quickly today, companies have to make use of all the information they have on hand, from the way they design manufacturing tools to garnering feedback from customers, Siemens PLM's Mr Carrier noted.

Taking the smart phone market as an example, he stressed that companies have to design prototypes digitally today rather than create a physical one and then test it. Instead of months, they have to look at days to complete a prototype, he added.

"New products are going to have to be developed more quickly, they're more complicated, they're more global," he noted.

Now, through virtual commissioning, where you actually have the machine simulated on a computer, you can do and see exactly how the machine is going to operate, he added.

Mr Carrier added: "You can simulate the programme of logic control, you can simulate all the control interfaces virtually, and do that virtual commissioning in a matter of days. So you think about going from months, to a matter of days. That's huge savings."

Security as an afterthought

But first, security has to be beefed up - and from the ground up. This was the consensus few of the panel. The way smart devices and networks are protected from cyber attacks has to be different from how PCs and servers are defended today, the panel members noted.

One issue has to do with the sheer volume of "things" - weather sensors, wearable computers and car navigation systems, to name some - connected to this new Internet. The constant updating and patching of vulnerabilities on PCs and servers today would not work well in an environment with billions of connected devices.

"The approach should be different, because the end points are more proliferate - 26 billion more end points, everywhere," said Trend Micro's Mr Siah.

"And the ability to touch, patch, and harden the end point, is lesser now, because the power to touch those end points is at the device manufacturers', and not on your company system administrators' end," he noted.

Recent high-profile cyber intrusions into corporations have resulted in the loss of private information, reinforcing a worry that IoT enabled devices could be even harder to defend against intruders in future, he added.

One way forward could be to harden the defences from ground up, rather than through constant patching and updating.

"We need some kind of fundamental advances in how systems are designed, to be secure from the beginning," said Dr Gupta. "I really think we need to move away from this culture of Patch Tuesday. We just can't afford to keep dealing with patches."

He pointed to a Xerox research effort at PARC, an R&D arm of Xerox, which centred on a technology called content-centric networking. This called for end points to communicate based on named content rather than IP addresses, so that administrators can address security in a more fundamental manner, he said.

"Because now you're securing individual objects, you're securing content, rather than trying to secure a connection, which is, as we've seen, a very hard thing to do," he added.

Yet another way to address the security issue is by compartmentalising the information, thus reducing the risk should a breach occur.

For example, a designer of the engine of a new car would not have access to, say, the designs of its interior or its safety features, said Mr Carrier. This way, each department in a car maker would also be more productive because they are only looking at the information they can use.

All three panellists agreed that security breaches will be a huge concern in future, especially as companies depend on more connected devices to provide intelligence critical to their business. However, they believe the industry will find a way to address these concerns.

Mr Siah argued that taking the right security approach will boost usage of IoT enable devices and systems, rather than slow it down. "If you track back historically, security concerns have never stopped innovation. It will still carry on."

Mr Carrier said: "Companies are trying to figure out what this means to how I design things, bring things to market, how things are used, how I collaborate with my suppliers."

Future of connected devices

"Innovations that are going to come up in the future are going to be more exciting than we've seen in the past," he added. "And we'll get through the security issues, and all these other things ultimately, I think. That's the exciting future that I see happening in the IoT."

All the panelists agreed that a world of connected devices is going to change things radically for businesses as well as consumers. In some cases, the future is still unclear because it is in uncharted waters, they add.

"I see IoT as ultimately a consequence of this exponentially growing computational power, which has now made it much more economically feasible, for anything, any object, to have the intelligence and the electronics to be able to sense the world around them," said Dr Gupta.

Enterprises which are able to take advantage of that data, now available in real time and at almost any point in the world, will have a leg up over their competitors, he added. "And those enterprises which are unable to take advantage of that data are going to basically disappear."

In some ways, too, the future is yet to be decided, as the disruptions that the IoT brings along with its massive amount of data are just starting to be observed. One new area could be artificial intelligence.

Said Mr Carrier: "What's happening is, we're creating almost a new dimension, an artificial intelligence of information that, quite honestly, I'm not sure we know where that's going exactly. There's so much information out there that can be used in, and analysed in, different ways, that it's very interesting and exciting."

Alluding to the popular Matrix movie series, he added: "We're starting to see robots that are artificially intelligent, that can work hand-in-glove with humans and learn. And we see these things in science fiction movies, but this stuff is becoming reality with the advent of more computing power and connectivity on the Internet.

"I hate to sound like a sci-fi person up here, but it has got some significant implications, and I think we're just starting to understand what those might be," he added.

By Alfred Siew

This article was first published on The Business Times on 23 March 2015.


Like this article? Rate it!