Say in the coming weeks of your ideation you spoke to people, validated your idea and say you also found some people who are genuinely interested in your product. Your product is most definitely a value addition in their lives and they are ready to pay for it as well.

But the bigger question is what are you trying to sell? You can definitely sell an idea but if you want to build more trust then you need to show something working! This something working is called the Proof of Concept (POC).

The understanding behind creating a POC is very simple:

1. The most important thing here is that you are able to validate your idea. What you have gone and sold to people and they have put their trust in you, you want to make sure you can deliver.
2. Secondly, you can sell someone an idea and make the other person believe what you are saying is actually possible but getting something tangible to show and demonstrate is comparatively difficult. So creating a POC makes something tangible for you to show-and-tell.
3. At the POC stage you can decide a preliminary feature set of your product. What is feasible to be added at the POC stage and what you want to keep on your product road-map are some of the things that become clear at the POC stage.

Over and above all the three points mentioned here one point needs special attention. You will be able to understand your manufacturing costs to a considerable extent. Based on the costs you will also be able to validate if the market still exists for your product. If your manufacturing costs are higher than what your target audience is ready to pay for you need to take a closer look at your product. Depending on how far off you are from the estimated cost there are several ways to go on from there but some of them are listed below:

• Re-think the features you are looking to add and see how cost can change based on that removing/modifying features.
• Re-think your target audience and try to pivot your product to a different market where people can afford your product.
• Think about how the economies of scale will work for you. What I mean is can you build a larger quantity and hence bring your costs down. The thumb rule is for every 10x the manufacturing qty you come down by 5-10% but this number goes down as the qty increases.

All the above steps that were mentioned basically point you to your Minimum Viable product (MVP). Once your MVP is decided you are ready to scale to the next level.

In conclusion, creating a POC is a great exercise. Use that exercise to your advantage and don’t treat it as a formality. Your MVP and your road-map can really make or mar your product/company’s future

This is the third article of a series of articles that we are publishing. If you have just logged in please refer to the previous article here.

The post A Hardware start-up (Part 3) – Proof of Concept (POC) appeared first on Ciright.

On a random day you see a problem around you. It might be something in your house or something in your neighborhood store, or something on your road to school or work. You also see that a lot of people are getting affected by the problem and you decide to solve it. Ideas can even come from discussing a challenge someone else is facing like your family, your friends, your colleagues at work, your neighbors, etc.

You are a person with an entrepreneurial mindset decide to solve the problem. So what is the first thing you will do? Ask yourself. Will you start thinking of a designing a solution to the challenge? You are not an engineer yourself, so will you reach out to the first engineer who comes to mind and talk to him/her? NO.

The first thing to do in such a case is to validate your problem statement. You need to know if this is a problem that people in your locality or people of a specific demographic are facing or is it a problem that a large number of people are facing. So where do you start then? Ask people around you. Gauge their response. Ask people from different demographics, call your friends or family from a different city or state even country and see if they relate to your problem statement. See if there is a similar solution out there and what is their value proposition.

Here are some of the challenges we see with the start-up founders we interact with:

1. They don’t make sure that the product they are building adds significant value to your target audience’s life. At one point in time you will want your target audience to buy the service/product you are trying to sell and if they are not willing to pay for it or to pay as much as you expect such that you are profitable then it defeats the purpose of making the product
2. They want to build a me-too product. Someone else is already making the product and they expect to sell the product at a cheaper price and they expect to win their audience. This will work for them but not forever. At one point in time when they try and increase their price they will eventually loose their client base
3. They see a product sold outside the country and will want to customize it such that it works for their target audience in another country. Such products run a high risk of NOT being accepted in the intended market place. If a product is successful in one country doesn’t mean it is going to be accepted with the same enthusiasm in a different country.

In conclusion, please remember the following points:

• Validate your idea
• Make sure you have a saleable product and that people will buy the product at the price you want it to be sold at
• Don’t build a me-too product unless you know you are adding significant value to the product that is already made.

This is the second article of a series of articles that we are publishing. If you have just logged in please refer to the previous article here.

The post A Hardware start-up (Part 2) – Ideation/Conceptualization appeared first on Ciright.

India is now being seen as a hub of not just software engineers but also some really cool hardware developers. The entire #MakeInIndia campaign by the Government of India has provided an impetus to indigenously developing hardware products in the country and it gives me a feeling that this is just the beginning.

Over the past 5 years, since Ambimat stepped into the field of servicing startups we have seen a lot of enthusiasm from very young founders. As a matter of fact, it gives us immense pleasure to be in this field at it’s nascent stage and to lend a helping hand to make sure that the dream of these young entrepreneurs reaches their fulfillment.

At the same time as we see enthusiasm, we see failure. Failure not because the founders did not put in the required amount of hardware work or were not dedicated enough. Failure because they did get the right direction when they got in. So many kids just out of school want to start their hardware development company but are faced with challenges like:

1. Lack of cash to bootstrap the company
2. Lack of experience to know what to do.
3. Lack of experience to know what NOT to do.
4. Incorrect estimates of what the product needs to get to market.
5. Even with correct estimates not being able to build a prototype/product in time.

Because of so many such small and big challenges, dreams remain only dreams and never become reality. Being an entrepreneur myself I know how much it hurts. Investors have also become wary of investing in hardware startups and that has had a negative snowballing effect on the number of entrepreneurs pursuing their dreams.

Hence, Ambimat has decided to dedicate a new series of articles explaining to entrepreneurs how to build hardware and make history!

Stay tuned!

The post A Hardware start-up (Part 1) – Our view of the market appeared first on Ciright.

IoT Security is one of the least talked about areas today since the world focuses more and more on Information security, Blockchain, and others.

Ambimat Electronics with its experience of over 4 decades as an ODM of IoT products wishes to draw the attention of its customers and readers of blog posts towards this neglected field.

Challenges with IoT security are many hence we have decided to break it down into two articles, this being the first of the two parts.

Care has been taken to keep the language simple enough for readers with varied experience to understand.

  IoT Devices with outdated secure firmware.

A few years ago, security professionals were focused solely on protecting mobile devices and computers. Today, there is a proliferation of IoT devices. With more than a billion devices around communicating back to the enterprise, there are potentially billions of open points from where different attacks can be launched on the enterprise, by simply exposing the security vulnerabilities across the enterprise.

Since the IoT devices are being used increasingly, the manufacturers of these devices are focusing on building new ones and not paying enough attention to security.
 A majority of these devices don’t get enough updates, whereas some of them never get a single one. What this means is that these products are secure at the time of purchase but become vulnerable to attacks when the hackers find some bugs or security issues specifically when open source software was used. When these issues are not fixed by releasing regular updates for hardware and software, the devices remain vulnerable to attacks.

In addition to the vulnerabilities of the IoT devices, the other concern is with interconnected legacy systems. In an enterprise with a growing number of IoT devices, legacy technologies might seem out of place. A breach of an IoT device could also result in a breach of a legacy system that lacks modern security standards.

 Use of weak and default credentials.

Many IoT companies are selling devices and providing consumers default credentials with them — like an ‘admin’ username and ‘password’ as a password. Hackers need just the username and password to attack the device. When they know the username, they carry out brute-force attacks to infect the devices.
The Mirai botnet attack is an example that was carried out because the devices were using default credentials. Consumers should be changing the default credentials as soon as they get the device, but most of the consumers are never informed about the same by the manufacturers.

 Lack Of Encryption

Although encryption is a great way to prevent hackers from accessing data, it is also one of the leading IoT security challenges. These devices lack the storage and processing capabilities that would be found on a traditional computer. At times what has also been seen is the unused bandwidth or the unused processing power of the same IoT device is used to launch an attack on the device.

The result is an increase in attacks where hackers can easily manipulate the algorithms that were designed for the protection of the device. Unless an enterprise resolves this issue, encryption won’t be a security asset.

 Malware and Ransomware.

The rapid rise in the development of IoT products will make cyberattack permutations unpredictable. Cybercriminals have become advanced today — and they lock out the consumers from using their own device.

For example, an IoT-enabled camera that captures confidential information from home or the work office — and the system is hacked using a virus which is called Malware. The attackers will encrypt the webcam system and not allow consumers to access any information. Since the system contains personal data, they can ask consumers to pay a hefty amount to recover their data. When this occurs, it’s called Ransomware.

Another example: When an IoT device in a City-Wide infrastructure is uploaded with malware it can also launch an attack like a DDos or a Man-in-the-middle eventually compromising the entire city’s command and control infrastructure.

Predicting and preventing phishing attacks.

Cybercriminals are proactively finding out new techniques for security threats. Phishing is already a security concern across all enterprise technologies, and IoT devices represent the latest attack vector. Hackers could send a signal to an IoT device that triggers numerous complications. Although it is one of the most common forms of security attacks, and it can be stopped, many organizations fail to properly train their workers about the latest phishing threats.

In such a scenario, there is a need for not only finding the vulnerabilities and fixing them as they occur but also learning to predict and prevent new threats.

The challenge of security seems to be a long-term challenge for the security of connected devices. Modern cloud services make use of threat intelligence for predicting security issues. Other such techniques include AI-powered monitoring and analytics tools. However, it is complex to adapt these techniques in IoT because the connected devices need processing of data instantly.

 Wide Area Networks.

Additionally today we see the rise of WAN (Wide Area Networks) everywhere. Such networks are city-wide networks and control the communication between essential services such as Smart Meters and Smart Street Lights. A breach by someone who simply uploads a malware into one of the ‘trusted’ devices means compromising the security of the entire enterprise.

 Smart Homes Devices

Today, more and more homes and offices are getting smart with IoT connectivity. The big builders and developers are powering the apartments and the entire building with IoT devices. While home automation is a good thing, not everyone is aware of the best practices that should be taken care of for IoT security. 
Even if the IP addresses get exposed, this can lead to exposure of residential address and other contact details of the consumer. Attackers or interested parties can use this information for evil purposes. This leaves smart homes at potential risk.

Check out these case studies regarding Smart Home devices

Case Study #1:

Case Study #2:

The post Challenges to IoT Security (Part 1) appeared first on Ciright.

Let’s start with the abbreviation: WAN. WAN simply stands for a Wide Area Network. In other words a network that encompasses a wide area such as a town, a city, a state, a county, a country are all called WANs. Eg: Your cellular network is a WAN, the internet we seamlessly use to communicate is also a WAN. Your landline is also a part of the WAN. That said, unless your landline is battery operated and has a really long battery life you cannot take it and move around. Hence to make the WAN truly scalable you need it to be low powered: LPWAN (Low Power Wide Area Network)

LPWANs use wireless communications to link devices together over very long ranges using very low power signals. A major drawback of LPWAN is that they are too slow when compared to your home Wi-Fi or mobile data networks such as 4G. A couple of LPWANs can manage close to 125KB/s per channel, and the slowest operate at around 12B/s. This drawback is, however, acceptable because the size of the payload is really low and the focus is more on the longer battery life. Eg: Many LPWAN networks connect battery-operated sensors that are miles apart and have to run for years between battery changes to be practical.

What are the types of LPWANs?

The following types of LPWANs exist today:

Popular Cellular network based LPWANs

• NB IoT
• LTE M / CAT M1

Popular Non Cellular network based LPWANs

• LoRa
• SigFox
• Weightless

Cellular network based LPWANs:

Out of both the LPWANs here the most popular is LTE-M, which uses smartphone infrastructure, making it a very wide network indeed. The ‘M’ is standing in for MTC (Machine Type Communication) over the LTE standard cell phone infrastructure. LTE-M networks operate at the high end in terms of bitrate at up 125KB/s.

Telecom providers can make LTE-M LPWAN gateways out of their cellular towers by adding a bit of software – no new hardware needed. In India none of the major cellular network providers currently provide an LTE-M network/gateways to its customers.

NB-IoT stands for Narrowband Internet of Things, and it does just what it stands for. It has perhaps a quarter the maximum bitrate of the LTE-M systems at around ~30KB/s, and it does not use the LTE in the same way mobile devices do. It relies on DSSS modulation instead. It can be used on LTE bands, or on GSM bands at around 180 kHz.

NB-IoT, interestingly, does not require a gateway. Devices can send data directly to the server, if the other physical and data infrastructure is in place. It is also considered a very reliable protocol, so it is preferred for high priority monitoring applications. It also requires dramatically less power to operate than LTE-M.

More information on the comparison between NBIoT and LTE-M will follow in the upcoming articles.

Non cellular network based LPWANs:

Out of the three LPWANs the most popular is LoRa also known as LoRaWAN. The LoRaWAN® specification is a Low Power, Wide Area (LPWA) networking protocol designed to wirelessly connect battery operated ‘things’ to the internet in regional, national or global networks, and targets key Internet of Things (IoT) requirements such as bi-directional communication, end-to-end security, mobility and localization services.

SigFox, is another popular LPWAN network. Sigfox has designed its technology and network to meet the requirements of mass IoT applications; long device battery life-cycle, low device cost, low connectivity fee, high network capacity, and long range. A device is not attached to a specific base station unlike cellular protocols. The broadcasted message is received by any base station in the range, which is 3 in average.

Also gaining popularity is another protocol called Weightless originally written by a company called Ubiik. Weightless technology delivers wireless connectivity for low power, wide area networks (LPWAN) specifically designed for the Internet of Things. Weightless can operate in both sub-1GHz licence exempt and licensed spectrum. The Weightless SIG is a non-profit, interestingly enough. They have made Weightless and open standard, ideally to increase uptake and innovation. However, it isn’t very popular, and there is not a lot of hardware available. The one exception is the Nwave smart parking company, they use a proprietary version of the old Weightless N standard which is very widespread.

Want to learn more? The experts at Ambimat Electronics can help with all the details, including choosing the solution that’s best for you. Reach out to us on our contact us page

The post What is LPWAN and types of LPWAN networks appeared first on Ciright.

This blog is a follow up from our earlier blog introducing LPWANs and their types. If you have not seen that article we urge you to visit the article by clicking here

NB-IoT and LTE-M

NBIoT and LTE-M are two new Low Power Wide Area (LPWA) technologies developed for IOT applications. Both are protocols for low bandwidth cellular communications that connect to the internet devices that need to transmit small amounts of data, with the lower costs (both hardware and subscription) and the higher battery life. They’re expected to connect hundreds of millions of things to the Internet in the next few years and there are some clear benefits that make these two technologies essential for the future of IOT communications

We are talking about connecting everyday objects to the internet (IoT) and in a few years we’ll be immersed in the Internet of Everything (IoE), so it’s not weird to have a wide variety of verticals in which these new LPWAN technologies can be applied.

NB-IoT (Narrowband-IoT)

NB-IOT is developed to enable efficient communication and long battery life for mass distributed devices and uses the already established mobile networks to connect these “things”. It is Europe focused and, after the first NB-IOT commercial launches have been completed, the global roll out will be for this 2018.

There are multiple features that can make this technology lead the IOT communications market in a short future (*have a look at the following table), but let us highlight 3 key elements:

• Low costs: The NB-IOT modules have lower costs than the modules for other communication technologies in the market (like, 3G, 4G, GPRS…) and also LTE-M. This cost is, currently, around 10 dollars, and is expected to be between 5 and 7 in a short future. From a user point of view, it is important to underline that the subscription cost will be cheaper than current M2M communications.
• More cellular devices per cell: NB-IOT devices use 180 KHz bandwidth so it is estimated the network supports more than 100.000 connections per cell.
• Excellent penetration: Indoors and underground.

LTE-M (Long Term Evolution for Machines)

LTE-M, also known as CAT-M1, uses the LTE installed bases and is optimized for higher bandwidth and mobile connections, including voice. At this moment is rolled out in North America and the commercial launches of LTE-M networks will take place globally, also, in 2018.

There are three main aspects to focus on when talking about LTE-M:

• Uplink and Downlink speed: Up to 1 Mbps which is quite more than NB-IOT.
• VoLTE: This technology supports voice.
• Mobility: LTE-M is prepared for devices in movement.

NBIoT vs LTE-M

However, they differ in two aspects: latency and speed. Hence one must carefully consider his needs before opting for one solution over the other.

In some cases, you may find that you don’t have to make a choice between the two options at all; some applications get the same benefits from both. After analysing the similarities and differences between LTE-M and NB-IoT, you can make an informed decision that will set your system up for success well into the future.

The choice between LTE-M and NB-IoT depends largely upon the amount of data that you plan on using and how much latency is acceptable for your application (i.e. whether or not you require real-time communication).

Latency

Latency is the amount of time it takes to get on a network and send a message. A device can either collect information and send a packet to the cloud in intervals or it can communicate in real time. This is where you’ll see the most difference between LTE-M and NB-IoT.

For mission-critical applications, LTE-M is the only option. It supports devices that need to communicate in real time to ensure the application meets user-experience requirements. Some examples of real-time communication include voice, emergency data and precision tracking data.

Speed

Higher speeds mean that you can push more data through the network in a given timeframe. Speed is especially important for more data-intensive IoT applications like home security or wearable devices. Although LTE-M will never compete with the standard LTE and LTE-Advanced network bandwidth or speeds, it does allow for more data throughput compared to NB-IoT.

It may not be completely wrong to say that there are no NB-IoT use cases that LTE-M can’t also support. In other words, LTE-M supports any LPWA application, whereas NB-IoT is designed for simpler static sensor type applications.

Use Case comparison

Use cases like patient monitoring devices would likely require real-time communication leaving LTE-M as the clear winner. Similarly as application like Fuel tank monitoring for a remotely located emergency generator which is where LTE-M can be the clear winner. However, an application like pipeline monitoring would likely work with sending batch communication and therefore either NB-IoT or LTE-M could be used. Another example where either technology could be used would be a smart city application, like waste management, where sensors report on how full a city dumpster is. You don’t need up-to-the-second alerts on this type of information—you can receive updates periodically. Plus, there’s very little data to report at any given time. For these types of applications, you have the flexibility to choose based on regional availability or pricing.

Conclusion

In a nutshell, NB-IoT offers low bandwidth data connections at low cost and is currently Europe-focused while it is coming up in India, whereas LTE-M is optimised for higher bandwidth and mobile connections, including voice. It will start rolling out in North America.

LTE-M has higher throughput with lower latency and battery use is optimized accordingly. It works on-the-go, so it’s appropriate for applications in transportation and supply-chain tracking. It can also carry voice for applications such as residential security systems. NB-IoT is designed for lower data rates, where small delays are fine.

For example, a smart meter sending infrequent updates from a fixed location. Its battery use is optimized for that type of situation.

For people in India, the choice is even simpler. In India the NBIoT network is in the works by leading cellular service providers like Reliance Jio, Bharti Airtel, Vodafone Idea Ltd. LTE-M hasn’t gotten widespread or actually any real adoption in the Indian market.

The post Cellular Network based Wide Area Networks appeared first on Ciright.

This blog is a follow up from our earlier blog introducing LPWANs and their types. If you have not seen that article we urge you to visit the article by clicking here

As previously discussed there are a two of the most popular Non Cellular Network based WANs

– Sigfox

– LoRa and LoRaWAN

Sigfox:

Sigfox is a French company founded in 2009 that builds wireless networks to connect low-power objects such as electricity meters and smartwatches,; which need to be continuously on and emit small amounts of data.

Sigfox employs a proprietary technology that enables communication using the Industrial, Scientific and Medical ISM radio band which uses 868MHz in Europe and 902MHz in the US. It utilizes a wide-reaching signal that passes freely through solid objects, called “ultra narrowband” and requires little energy, being termed “Low-power Wide-area network (LPWAN)”. The network is based on one-hop star topology and requires a mobile operator to carry the generated traffic. The signal can also be used to easily cover large areas and to reach underground objects.

It has partnered with a number of firms in the LPWAN industry such as Texas Instruments, Silicon Labs and ON Semiconductor. The ISM radio bands support limited bidirectional communication. The existing standard for Sigfox communications supports up to 140 uplink messages a day, each of which can carry a payload of 12 Bytes (excluding message header and transmission information) and up to 4 downlink messages per day, each of which can carry a payload of 8 Bytes.

LoRa and LoRaWAN

The LoRa Alliance is an open, non-profit association formed to foster an ecosystem for certain LPWAN technologies. It has about 400 member companies throughout North America, Europe, Africa, and Asia, and its founding members include IBM, MicroChip, Cisco, Semtech, Bouygues Telecom, Singtel, KPN, Swisscom, Fastnet, and Belgacom.

LoRaWAN is the open-standard networking layer governed by the LoRa Alliance. However, it’s not truly open since the underlying chip to implement a full LoRaWAN stack is only available via Semtech. Basically, LoRa is the physical layer: the chip. LoRaWAN is the MAC layer: the software that is put on the chip, to enable networking.

Simply put LoRa has the range of your mobile phone with the flexibility of Bluetooth or WiFi and the battery life of your watch for the cost of a beer.

The functionality is similar to SigFox in that it’s primarily for uplink-only applications—data from sensors/devices to a gateway—with many end-points. Instead of using narrowband transmission, however, it distributes information across different frequency channels and data rates using encoded packets. These messages are less likely to collide and interfere with one another thereby increasing the capacity of the gateway.

The main characteristics of LoRaWAN are:

• Long range (>5 km urban, >10 km suburban, >80 km VLOS)
• Long battery life (>10 years)
• Low cost (<$5/module)
• Low data rate (0.3 bps – 50 kbp, typically ~10 kB/day)
• Secure (largely depends on the implementation)
• Operates in unlicensed spectrum
• Localisation support
• Bidirectional

As you can see in the list of characteristics, everything sounds outstanding except when we’re looking at the data rate and security. Unfortunately, physically limited, wireless communication is always a trade off between distance, speed and power (energy). LoRa was designed with use cases in mind where this data rate should be enough and the other characteristics are way more important. Security in most cases is considered a relative term. One technology is more secure than the other and the concept of a 100% secure solution is, unfortunately, still a myth.

LoRaWAN was also designed with large service providers in mind. Just as with the cellphone network: a few operators that maintain and control the network and millions of users that exploit the network and do not need to care about the infrastructure. Nevertheless, since LoRa is operating in unlicensed spectrum, it’s perfectly possible to set up your own gateway(s), have a coverage of a few kilometers and run your own network.

Use cases

As mentioned before, LoRa allows for low power, long range but low data rates. Typical use cases can be found in the IoT (Internet of Things), IoE (Internet of Everything) or M2M (Machine to Machine) area. We’re typically looking at (small) sensors/devices/things that are battery operated and communicate limited information on a limited interval.

Some examples of use cases:

• Metering:
  • Sends 1 to 5 messages a days about the current usage
  • For example: gas/water/electricity
  • >10 years on battery

• Smart parking:
  • Sends a message when a vehicle arrives or leaves a parking spot
  • Can be combined with an app to find a free parking spot
  • No cabling required, low maintenance

• Smart bin:
  • Sends a message when a trash can is full
  • Optimise route for garbage collection, save labor and fuel

• Smart lighting:
  •  Control streetlight status and operation

• Environment monitoring
  • For example:  sound, temperature, pollution, radiation, humidity,…
  • Create valuable insights in combination with geolocation

• Asset management
  • Check status and location of various assets
  • Control relays, locks, lights,…

• Healthcare
  • For example: activity/fall detection, personal alarm, surveillance
  • No need for charging, great network coverage

• Tracking
  • Track goods, vehicles, animals

Conclusion

For most people, Sigfox is not an option—the network is not available everywhere. LoRa, however, is an option for most people because, with this, you can set up and manage your own network. That aside, both are equivalent when it comes to use cases, with a few caveats to be aware of.

LoRa is likely the better option if you need true bidirectionally because of the symmetric link. So if you need command-and-control functionality—for, say, electric grid monitoring—LoRa is your best option.

With Sigfox, you could use bidirectional command-and-control functionality,; but to work appropriately, network density would need to be higher (due to the asymmetric link). Therefore, it is better for applications that send only small and infrequent bursts of data, like alarms and meters.

Other than these minor differences, Sigfox and LoRa serve similar markets. It’s worth noting that both technologies were originally designed for the European regulatory bands between 865 and 868 MHz, and they’ve both faced challenges in coming over to the regulated markets in the U.S. Progress is being made, and both technologies are working toward optimization for FCC use.

The post Non Cellular Network based Wide Area Networks appeared first on Ciright.

IoT Security is one of the least talked about areas today since the world focuses more and more on Information security, Blockchain, and others.

Ambimat Electronics with its experience of over 4 decades as an ODM of IoT products wishes to draw the attention of its customers and readers of blog posts towards this neglected field.

Challenges with IoT security are many hence we have decided to break it down into two articles, this being the first of the two parts.

Care has been taken to keep the language simple enough for readers with varied experience to understand.

  IoT Devices with outdated secure firmware.

A few years ago, security professionals were focused solely on protecting mobile devices and computers. Today, there is a proliferation of IoT devices. With more than a billion devices around communicating back to the enterprise, there are potentially billions of open points from where different attacks can be launched on the enterprise, by simply exposing the security vulnerabilities across the enterprise.

Since the IoT devices are being used increasingly, the manufacturers of these devices are focusing on building new ones and not paying enough attention to security.
 A majority of these devices don’t get enough updates, whereas some of them never get a single one. What this means is that these products are secure at the time of purchase but become vulnerable to attacks when the hackers find some bugs or security issues specifically when open source software was used. When these issues are not fixed by releasing regular updates for hardware and software, the devices remain vulnerable to attacks.

In addition to the vulnerabilities of the IoT devices, the other concern is with interconnected legacy systems. In an enterprise with a growing number of IoT devices, legacy technologies might seem out of place. A breach of an IoT device could also result in a breach of a legacy system that lacks modern security standards.

 Use of weak and default credentials.

Many IoT companies are selling devices and providing consumers default credentials with them — like an ‘admin’ username and ‘password’ as a password. Hackers need just the username and password to attack the device. When they know the username, they carry out brute-force attacks to infect the devices.
The Mirai botnet attack is an example that was carried out because the devices were using default credentials. Consumers should be changing the default credentials as soon as they get the device, but most of the consumers are never informed about the same by the manufacturers.

 Lack Of Encryption

Although encryption is a great way to prevent hackers from accessing data, it is also one of the leading IoT security challenges. These devices lack the storage and processing capabilities that would be found on a traditional computer. At times what has also been seen is the unused bandwidth or the unused processing power of the same IoT device is used to launch an attack on the device.

The result is an increase in attacks where hackers can easily manipulate the algorithms that were designed for the protection of the device. Unless an enterprise resolves this issue, encryption won’t be a security asset.

 Malware and Ransomware.

The rapid rise in the development of IoT products will make cyberattack permutations unpredictable. Cybercriminals have become advanced today — and they lock out the consumers from using their own device.

For example, an IoT-enabled camera that captures confidential information from home or the work office — and the system is hacked using a virus which is called Malware. The attackers will encrypt the webcam system and not allow consumers to access any information. Since the system contains personal data, they can ask consumers to pay a hefty amount to recover their data. When this occurs, it’s called Ransomware.

Another example: When an IoT device in a City-Wide infrastructure is uploaded with malware it can also launch an attack like a DDos or a Man-in-the-middle eventually compromising the entire city’s command and control infrastructure.

Predicting and preventing phishing attacks.

Cybercriminals are proactively finding out new techniques for security threats. Phishing is already a security concern across all enterprise technologies, and IoT devices represent the latest attack vector. Hackers could send a signal to an IoT device that triggers numerous complications. Although it is one of the most common forms of security attacks, and it can be stopped, many organizations fail to properly train their workers about the latest phishing threats.

In such a scenario, there is a need for not only finding the vulnerabilities and fixing them as they occur but also learning to predict and prevent new threats.

The challenge of security seems to be a long-term challenge for the security of connected devices. Modern cloud services make use of threat intelligence for predicting security issues. Other such techniques include AI-powered monitoring and analytics tools. However, it is complex to adapt these techniques in IoT because the connected devices need processing of data instantly.

 Wide Area Networks.

Additionally today we see the rise of WAN (Wide Area Networks) everywhere. Such networks are city-wide networks and control the communication between essential services such as Smart Meters and Smart Street Lights. A breach by someone who simply uploads a malware into one of the ‘trusted’ devices means compromising the security of the entire enterprise.

 Smart Homes Devices

Today, more and more homes and offices are getting smart with IoT connectivity. The big builders and developers are powering the apartments and the entire building with IoT devices. While home automation is a good thing, not everyone is aware of the best practices that should be taken care of for IoT security. Even if the IP addresses get exposed, this can lead to exposure of residential address and other contact details of the consumer. Attackers or interested parties can use this information for evil purposes. This leaves smart homes at potential risk.

Check out these case studies regarding Smart Home devices

Case Study #1:

Case Study #2:

The post Challenges to IoT Security (Part 1) appeared first on Ciright.

This post is a follow up post from our earlier post on Challenges with IoT security posted last week. If you have not read that we urge you to click here and view it before continuing to read this blog.

Ambimat Electronics with its experience of over 4 decades as an ODM of IoT products wishes to draw the attention of its customers and readers of blog posts towards this neglected field.

Care has been taken to keep the language simple enough for readers with varied experience to understand.

IoT Security is one of the least talked about areas today since the world focuses more and more on Information security, Blockchain, and others.

Difficult to find if a device is affected.

Enterprises have numerous methods of detecting data breaches, which involve spotting common indicators, monitoring user activity, and other security protocols. However, due to the growing number of IoT devices —and the complexities of each device — normal threat dedication methods could be less reliable and more of a challenge. Although it is not really possible to guarantee 100% security from security threats and breaches, the thing with IoT devices is that most of the users don’t get to know if their device is hacked.

When there is a large scale of IoT devices, it becomes difficult to monitor all of them even for the service providers. It is because an IoT device needs apps, services, and protocols for communication. Since the number of devices is increasing significantly, the number of things to be managed is increasing even more.

Hence, many devices keep on operating without the users knowing that they have been hacked.

Security professionals need to be proactive in order to prevent IoT security breaches before they occur. However, some enterprises might lack a robust management system that could monitor activity and provide insights into potential threats. Without this type of solution, an enterprise won’t have the capabilities to spot potential breaches ahead of time.

Data protection and security challenges.

In this interconnected world, the protection of data has become really difficult because it gets transferred between multiple devices within a few seconds. One moment, it is stored in mobile, the next minute it is on the web, and then the cloud.

All this data is transferred or transmitted over the internet, which can lead to data leak. Not all the devices through which data is being transmitted or received are secure. Once the data gets leaked, hackers can sell it to other companies that violate the rights for data privacy and security.

Furthermore, even if the data doesn’t get leaked from the consumer side, the service providers might not be compliant with regulations and laws. This can also lead to security incidents.

 Use of autonomous systems for data management.

From a data collection and networking point-of-view, the amount of data generated from connected devices will be too high to handle.

It will undoubtedly need the use of AI tools and automation. IoT admins and network experts will have to set new rules so that traffic patterns can be detected easily.

However, the use of such tools will be a little risky because even a slightest of mistakes while configuring can cause an outage. This is critical for large enterprises in healthcare, financial services, power, and transportation industries.

 Small Scale Attacks In IoT

Although security professionals are focused on preventing large scale attacks, it is actually the small scale attacks that could be among the more serious IoT security challenges. Small scale attacks are more difficult to detect and could easily occur without an enterprise being aware of it. Hackers can breach common enterprise technologies such as printers and cameras.

 Infrequent Firmware Updates

Software updates are one way that IT professionals ensure that computers and mobile devices are as secure as can be. Some IoT devices may lack the number of software updates that other technologies may receive. In addition, enterprises struggle to provide critical security updates to IoT devices in the field.

 IoT Financial-Related Breaches

With some enterprises using IoT devices for electronic payments, there is always a risk for a hacker to breach and steal the money. Some organizations are integrating machine learning or blockchain to stop financial fraud before it happens to an internet-connected device. However, not every organization has tried this solution yet.

 Security of autonomous vehicles.

Just like homes and Wide Area Networks, the self-driving vehicles or the ones that make use of IoT services, are also at risk. Smart vehicles can be hijacked by skilled hackers from remote locations. Once they get access, they can control the car, which can be very risky for passengers.

 User Privacy

Enterprises must protect user data (that goes for both a company’s external and internal users). This is especially a concern because many workers are using IoT devices provided by their employers. When a breach happens and private data is compromised, an enterprise’s reputation would take a big hit, which is why this is one of the top IoT security challenges that can’t be ignored.

Conclusion

Undoubtedly, IoT is a technology that should be called a boon. But since it connects all the things to the Internet, things become vulnerable to some sort of security threats. Big companies and cybersecurity researchers are giving their best to make things perfect for the consumers, but there is still a lot to be done.

The post Challenges to IoT Security (Part 2) appeared first on Ciright.

We have tried to analyze the street the transformation of city street lighting in the blog below.

Ambimat Electronics with its experience of over 4 decades as an ODM of IoT products wishes to draw the attention of its customers and readers of blog posts towards the city street lighting market.

Introduction

LED lighting and communication networks are transforming street lighting. As a consequence, city lighting networks are becoming the platform for a wide variety of smart city innovations. This vision of the city lighting network as a smart city platform is the next frontier for street lighting. Falling costs and improvements in quality are making LED lighting the default option as cities replace and upgrade existing lighting systems. LEDs can reduce energy consumption for street lighting by up to 50%, and as the price and the quality of LED lighting continue to improve, that appeal is growing. New York City, for example, expects $6 million annually in energy savings from replacing its 250,000 street lights with LEDs and a further $8 million in maintenance cost savings.

But installing LED lighting is only the first step. Many municipalities now realize that upgrading street lights also provides an excellent opportunity to install a lighting controls network. This network, in turn, offers cities an opportunity to deploy a range of solutions that can save money, keep residents safe, improve sustainability, and attract new people and businesses.

Connecting street lights together in a computer-controlled network opens the door to a wide range of innovative capabilities that save energy and improve the performance of the lighting system. Beyond those applications lie the broader possibilities for deploying non-lighting solutions on the lighting network, making it a ubiquitous platform for smart city applications. Enabling a connected network at the same time as upgrading to LED lighting also reduces overall costs and removes the need for a second installation program.

Industry and Market analysis

Northeast Group projects that globally 19.9 million LED streetlights will be deployed in 2019. In addition, 3.1 million streetlights will be networked or “smart.” These figures confirm that this continues to be a rapidly growing market.

Most cities and utilities networking streetlights are now doing so as part of larger “smart city” plans. In practice, no other use cases have been developed at scale so far. But cities can earn immediate savings now through smart street lighting while “future-proofing” their investments by deploying technology that can be later used for future smart city applications.

Street lighting currently accounts for up to 40% of many cities’ energy costs. This can be reduced by as much as 70% through LEDs and smart streetlights. Meanwhile, cities can earn revenue through attachment rights on their street lighting infrastructure, in many cases by selling space to local telecom operators for 4G and 5G small cells and related telecom equipment.

After years of steady decline, prices for LEDs have begun to bottom out, after roughly reaching parity with most legacy technologies. Meanwhile, in the past two years, prices for smart streetlight nodes have also fallen precipitously. These lower costs – which are not expected to fall much further – make the business case for LED and smart streetlights clear in most cities.

In the past year, there have been several large-scale project announcements, including multiple utilities in the US with hundreds of thousands of streetlights, dozens of medium-sized tenders in Europe, the first major projects in Latin America, and full conversions in places like Singapore. These projects ensure steady growth, but growth can accelerate further in the 2020s, particularly if more telecom operators get involved in the market through NB-IoT solutions.

LED streetlights are now the default in much of the world, with even India reaching over 30% penetration. But there remains ample room for growth. Many US cities do not have LED streetlight plans, while legacy inventory is stalling deployment in some countries. LED sales will, therefore, remain steady throughout the forecast period, averaging over 21 million lights per year.

There are hundreds of vendors in the smart streetlight market and new lower-cost LPWAN communications options are creating even further opportunities for market entrants. At the same time, some legacy vendors who had been early leaders – such as Echelon and Harvard Engineering – have now exited the market, demonstrating quickly evolving customer demands.

Conclusion

The over 303 million streetlights globally help form the backbone of the world’s cities, towns, and highways. Until recently, this corner of the municipal infrastructure market had largely been ignored, but streetlights are now viewed as a critical asset to unlocking billions of dollars in smart city potential. Previously viewed as a major cost– up to 40% of a city’s energy budget – streetlights are now viewed as a revenue opportunity. This is suddenly a dynamic market and forecasts the market for energy-efficient street lighting, streetlight networking, and additional smart city applications attached to streetlights.

As with any dynamic market, challenges remain. Cities must work both with utilities and regulators and between municipal departments to ensure that the benefits of smart streetlights are realized. Meanwhile, a rapidly evolving vendor landscape, including new technology options, highlights the importance of recently developed standards organizations. These challenges can partly mask what is a clear business case for most cities in the world, one that ensures cost savings, environmental benefits, and improved public safety. But these benefits are now increasingly becoming understood, which will lead LED and smart streetlights to reach a projected 85% and 24% of the total streetlight market, respectively, by 2028. This will total a $50.4 billion market opportunity over the next decade.

The post The Transformation of City Street Lighting appeared first on Ciright.