IoT Security Concerns Remain

Article By : Nitin Dahad, EE Times

Connectivity, security, and technical incompatibility worrying IIoT reps

LONDON — Research for the recent industrial internet of things (IIoT) security Special Report revealed a fundamental lack of awareness among the wider ecosystem about the importance of and need for implementing security in connected devices.  Now a new survey confirms that the big issues in IoT continue to be related to fragmentation and security.

The, survey, commissioned by mobile R&D firm InterDigital and carried out by the GSMA, revealed that despite the IoT’s potential, there are significant challenges. Half the respondents identified the development of sustainable business models as the first or second biggest challenges, while the availability of connectivity (42%), security fears (30%), and technical incompatibility (30%) were also highlighted as significant challenges.

Technical incompatibility or interoperability is a clear concern for the mobile industry – 92% of respondents identified fragmentation as a major or moderate issue. Respondents identified connectivity technologies and connectivity management as the areas in greatest need for standardization.

While you’d expect an audience of people in the mobile industry to question the sustainability of business models — as the operators clearly still haven’t found the sweet spot for their part in the IoT ecosystem that brings profitability — the security and interoperability challenges are clearly common threads across the IoT ecosystem.

Other findings of the report, Mobile and the Internet of Things: Unanimity around fragmentation, surprises in connectivity and geography, include highlighting the key role to be played by 3GPP standards-based technology in the IoT, the expectation that North America will lead the world in adoption, and the current small scale of IoT revenue amid hopes for rapid growth.

The report concludes that the successful deployment of IoT will be heavily reliant on cellular technologies such as 5G, LTE, NB-IoT and GSM. Of the connectivity technologies listed as key to IoT, six of the top seven emerged from 3GPP standards – and only 4% of respondents considered Wi-Fi as an important connectivity option for IoT.  One third of respondents agreed that by 2023, 5G would likely become the most important connectivity technology for the IoT.

On revenue opportunities from the IoT, almost half of respondents said current revenue from the IoT accounts for less than 1%. However, by 2023, respondents indicated that IoT could account for 20% of operator revenues. The consumer, smart home and smart cities segments are where they think they will benefit significantly from the IoT, with 66% of respondents naming these as their top choice for revenue generation.

Additional findings from the report include:

• North America will lead IoT adoption with 73% of respondents identifying the region as the most likely early adopter of large-scale IoT.

• 59% of respondents believe IoT growth will be driven by demand for data to develop machine learning and artificial intelligence.

• 42% of operator respondents expect mobile operators to drive the adoption of the IoT, compared to only 29% of non-operator respondents. Non-operator respondents also view system integrators (SIs) and application developers as key players in IoT adoption.

• The future of IoT could be in the hands of new companies, with 64% of respondents believing that new players (39%) and yet-to-emerge companies (25%) will have the most influence over the development of IoT in the next 10 years.

The report is based on an online survey of 393 global respondents in the mobile industry: 34% of respondents were from mobile operator companies, including mobile virtual network operators (MVNOs), 24% were from software developers and 14% were from hardware vendors. The remaining respondents were made up of players within the mobile ecosystem, including SIs, testing providers, industry bodies and consultants.

Given the importance of the U.S. in driving IoT growth, Infineon announced two new initiatives to expand its U.S.-based IoT security research and development programs. These include a new development initiative in Silicon Valley, and a corporate partnership with the CyLab Security and Privacy Institute at Carnegie Mellon University, as part of a new “Secure and Private Internet-of-Things (IoT) Initiative” launched by the university along with other partners Amazon Web Services (AWS) and Nokia Bell Labs.

The new Security Research Group, part of Infineon’s Silicon Valley Innovation Center (SVIC) in Milpitas, Calif., will help identify and address requirements for robust, reliable security solutions that users can trust.

The Security Research Group will focus on next-generation security solutions to address ease of use and interoperability for a wide range of applications and emerging use cases for all connected devices. This ranges from innovations in smart cards, identity documents and computer security, to methods for securing connected devices used in smart homes, Industry 4.0, smart cities and autonomous transportation. The group will complement existing SVIC teams now working on key projects for the automotive and artificial intelligence (AI) markets.

“As the US leads the world in IoT innovation, it is important that we support American-driven efforts both with our own regional R&D activities and with partners who share similar commitments,” said Robert LeFort, president of Infineon Americas.

Infineon’s second initiative is a three-year strategic partnership with the CyLab Security and Privacy Institute at Carnegie Mellon. Through the initiative, CyLab, AWS, Infineon, and Nokia Bell Labs aim to develop a suite of innovative hardware and software solutions that address five key challenges facing IoT today: scalability, speed and cost, safety and security, uptime and reliability, and privacy and compliance.

CyLab is one of the largest university-based cybersecurity research and education centers in the world has, and its “Secure and Private IoT Initiative” is a multi-year project looking to develop novel software, tools, methods and models to protect networks and devices. The initiative addresses risks associated with attacks on the electronic systems that comprise the IoT, which can expose confidential information such as know-how, intellectual property, customer data and process intelligence. Such attacks also can interrupt operations, compromise business continuity and even endanger a company’s brand image, success and very existence.

One focus area of the Secure and Private IoT initiative will target large, city-scale IoT ecosystems that have heterogeneous, long-lived devices mixed with new infrastructure. Additionally, prototypes will be tested in a living lab that is reflective of system-wide and cross-layer challenges and industry vetted for realism.

— Nitin Dahad is a European correspondent for EE Times.