Tag Archives: EELive!

Understanding IoT security requirements

Leave a reply

The power of objects in the Internet of Things (IoT) to change the state of environments will likely prompt chief information security officers (CISOs) to redefine the scope of their efforts beyond current responsibilities.

According to Gartner, IoT security requirements will “reshape and expand” over half of all global enterprise IT security programs by 2020 due to changes in supported platform and service scale, diversity and function.

“The IoT is redrawing the lines of IT responsibilities for the enterprise,” explained Earl Perkins, research vice president at Gartner. “IoT objects possess the ability to change the state of the environment around them, or even their own state; for example, by raising the temperature of a room automatically once a sensor has determined it is too cold or by adjusting the flow of fluids to a patient in a hospital bed based on information about the patient’s medical records. Securing the IoT expands the responsibility of the traditional IT security practice with every new identifying, sensing and communicating device that is added for each new business use case.”

To be sure, traditional “information” technology is now being supplemented by purpose-built, industry-specific technologies that are defined by where and how that technology is used and what function it delivers. Simply put, information remains a critical deliverable and is the fuel for IoT devices. The device’s ability to identify itself (such as RFID tags that identify cargo), sense the environment (such as temperature and pressure sensors) or communicate (such as devices in ocean buoys that transmit environmental changes to the areas around them) requires information to be generated, communicated and/or used.

Although traditional IT infrastructure is capable of many of these tasks, functions that are delivered as purpose-built platforms using embedded technology, sensors and machine-to-machine (M2M) communications for specific business use cases signal a major change in the traditional concept of IT and the concept of securing IT.

“This is an inflection point for security. CISOs will need to deconstruct current principles of IT security in the enterprise by re-evaluating practices and processes in light of the IoT impact. Real-time, event-driven applications and nonstandard protocols will require changes to application testing, vulnerability, identity and access management (IAM) — the list goes on,” said Perkins.

“Handling network scale, data transfer methods and memory usage differences will also require changes. Governance, management and operations of security functions will need to change to accommodate expanded responsibilities, similar to the ways that bring your own device (BYOD), mobile and cloud computing delivery have required changes — but on a much larger scale and in greater breadth.”

Although the business use cases being identified daily are indeed innovative and new, the technologies and services that deliver them are seldom new as well — they are also rarely uniform in architecture and design. Each use case risk profile has specific requirements that may result in the use of old platform and service architecture with a new technology “overlay” to improve performance and control.

“This represents an interesting challenge for CISOs when delivering secure services for the IoT,” Perkins continued. “In some cases, it may be a ‘past is future’ exercise in evaluating mainframe, client/server, Web, cloud and mobile security options as part of an overall IoT business use case. Even out-of-maintenance systems such as Windows XP may still play a critical role for some industry infrastructure as part of an IoT security system. Security planners should not throw away their old security technology manuals just yet.”

In addition, says Perkins, CISOs should not automatically assume that existing security technologies and services must be replaced. Rather, they should evaluate the potential of integrating new security solutions with old. Simply put, many traditional security product and service providers are already expanding their existing portfolios to incorporate basic support for embedded systems and M2M communications, including support for communications protocols, application security and IAM requirements that are specific to the IoT.

According to Perkins, CISOs should resist the temptation to overthink security planning while patterns and solutions are still emerging. Rather, they should start small and develop initial security projects based on specific IoT interactions within specific business use cases. CISOs can build on these use case experiences to develop common security deployment scenarios, core architectural foundations and competency centers for the future.

“The requirements for securing the IoT will be complex, forcing CISOs to use a blend of approaches from mobile and cloud architectures, combined with industrial control, automation and physical security,” he concluded. “Fortunately, many of the security requirements for the IoT will look familiar to the CISO. The technologies and services that have been used for decades to secure different eras of computing are still applicable in most cases.”

Interested in learning more about the IoT? You can check out Atmel’s recent IoT SoMa panel on the subject here, Patrick Sullivan’s EELive! 2014 presentation and our extensive Bits & Pieces IoT article archive here.

EELive! Conference a big splash in Silicon Valley

1 Reply

I went to the EELive! Conference in San Jose last week and it was a blast. This is the new incarnation of the old Embedded Systems Conference (ESC). Last year it was branded Design West, but I suspect that was too generic, since it is not aimed at mechanical engineers that might read Design News. Another problem with the word “design” is that in the semiconductor industry, only IC engineers are considered “designers.”

I was delighted to hear that UBM, the folks that run the show are considering moving it to Santa Clara convention center next year. I like Santa Clara better since the parking is free, it’s easier to get to, and its right near my house.

So following are some snaps I took on the show floor. Bear in mind that another big part of the EELive! is the conference part, where you can learn about the latest secrets and tips and tricks from technical experts. You have to pay for the conference, but they were nice enough to give a single-class pass to regular shmucks like me that were just attending the free show on the exhibit hall.

EELive!-2014_theater

As you entered the show floor there was this great theater (or should I say theatre) set up. Here we see show runner Karen Field and EETimes editor Max Maxfield doing a fun give-away. I ran into Max later that evening and he gave me his business card, which lists his title as “Editor of all things fun and interesting.”

EELive!-2014_theater_crowd

There was always a healthy crowd at the theatre, and they were always having a good time. It’s really great to see this combination of social and technology at technical conferences.

EELive!-2014_Rohde-&-Schwarz

If you work with RF, you know that Rohde & Schwarz makes some of the best test equipment on the planet. They are best known for their spectrum analyzers, but now they are making oscilloscopes and hand-held instruments.

EELive!-2014_Rohde-&-Schwarz_ZVL

Where Rohde & Schwarz really stands out in my mind is network analyzers like this baby. They have some of the lowest-noise units in existence. A network analyzer is like a spectrum analyzer that also measures the phase change of a signal. So rather than just read the spectrum, the unit sends out a signal you connect to your circuit, and then you can get a gain-phase plot, or in this case, you can see a Smith Chart displayed right on the screen. Note the frequency range for this instrument—9 kHz to 6 GHz. That is 9,000 to 6,000,000,000, or nearly 6 decades of range. That is quite an accomplishment. Those N-type connectors on the front belie what a fast beast this is. BNC connectors are not suitable for multi GHz frequencies.

EELive!-2014_Rohde-&-Schwarz_Steve-McMoyler

Here is Rhode & Schwarz account manager Steve McMoyler in front of a display of a bunch of cool test equipment he sells. I complained that Rohde & Schwarz stuff is so good we can never find a cheap deal on eBay. He laughed, and pointed out a lot of their new stuff is really cost competitive. I put this to outfits like Rigol selling 400-dollar scopes that, while not the greatest, will actually trigger and show you a waveform. These cheap scopes have put pressure on all the test equipment manufacturers. Then again, the Maker movement has increased the market for these inexpensive products, so the manufacturers can archive high-volume cost efficiencies.

EELive!-2014_National-Instruments

National Instruments had a great booth at EELive! this year. This pic was as the show opened on Thursday, but before long, the booth was swamped with engineers interested in everything from Labview visual programming to the MultiSim Spice simulation program so loved by colleges around the world.

EELive!-2014_Element14

Element14 was at the show, the folks previously know as Newark Electronics. Everything from game controllers to motor control was on display.

EELive!-2014_audience

One nice feature of EELive! are these little classes put on in glass booths throughout the show floor. You can see this one was packed, standing room only. There is a real hunger to learn the expertise to design and program embedded systems.

EELive!-2014_Segger_James-Murphy_Shane-Titus

The Segger folks were there. Atmel uses Segger debugging technology in a lot of their eval boards. Here we see James Murphy and Shane Titus ready to answer any questions.

EELive!-2014_Segger_Atmel-SAMA5D3

Here is the Atmel SAMA5D3 evaluation board with Seggar technology running their emWin graphics library.

EELive!-2014_PCB-POOL

The PCB fab companies were there, including the PCB-POOL folks my buddy Wayne Yamaguichi liked so much.

EELive!-2014_PCB-POOL_Tony-Shoot

Here we see Tony Shoot from PCB-POOL showing some of their capabilities, as they segue into a full prototype shop.

EELive!-2014_LeCroy-scopes

The LeCroy folks were at the show. I can’t get over how beautiful the display is on these modern scopes. I bought one of their $60k units when I was at National Semiconductor. The engineers used to Tek or Agilent would complain the user interface was weird, but once they bothered to learn it, you could not tear the LeCroy scope out of their hands. I myself have a LeCroy 9360 digital scope at my home lab.

EELive!-2014_LeCroy-SDA

Here is a LeCroy serial data analyzer on the left and a HDO4000 scope on the right. Its got a 4k screen and 12-bit resolution. Those big 12-inch screens sure can spoil you. Note they have a web-cam perched on top of the scope with a real-time video displayed on the top right of the screen. They are piping the scope screen to the TV, talk about reducing eye strain when you debug. Sweet.

EELive!-2014_Screaming-Circuits_Scott-Pohlmann

The Screaming Circuits folks had a booth. These are the people that will assemble small quantities of your circuit boards. They have special machinery so they don’t need 3 feet of tape and real parts for any build. You can send them your Digi-Key cut-tape parts and they can feed them into their tape and reel machines. That way you can check out your insert file and assembly drawing and have circuit boards made in a real IR reflow oven. Here Scott Pohlmann was ready to answer any questions about protying and their partnering with Sunstone and other fab houses, as well as Digi-Key. They can even have your designed kitted up, get the boards fabbed at Sunstone and delivery you assembled boards.

EELive!-2014_Atmel-Tech-on-Tour_Michele-Zamora

Atmel had their giant Tech on Tour trailer at right on the show floor. Michelle would buzz you in to checkout all the demos and give access to Atmel applications people that could answer your questions or help with your next project.

EELive!-2014_Atmel-makerbot

One demo that people loved was the MakerBot, which would make items like this while you watched.

Here is a little movie of the Makerbot in action. It is hypnotizing to watch.


ARM @ Atmel’s EELive! ToT booth

Leave a reply

ARM’s Andy Frame stopped by Atmel’s EELive! 2014 ToT booth to chat with our very own Andreas Eieland (@AndreasMCUguy), who looks after Atmel’s SAM D Cortex-M0+ based family of devices.

As you can see, Frame snapped a great picture of Andreas standing next to Atmel’s tricked-out Tech on Tour Truck which travels around the US showcasing a wide range of Atmel-powered products, including those based on ARM’s Cortex-M and Cortex-A5.

ARM’s Ronan Synnott was also at Atmel’s EELive! booth giving a presentation about ARM’s DS-5 support for Atmel SAMA5D3 devices. Ronan described how, with DS-5 Professional Edition, ARM provides a leading-edge software development tool chain for bare-metal, RTOS and Linux based projects. 

For the SAMA5D3 devices, ARM offers full debug support out of the box when used in conjunction with DSTREAM or ULINKproD JTAG debug units, the Streamline System Performance Analysis tool and the highly optimizing ARM C compiler.

We hope to hear more from Ronan over the next few weeks, so be sure to check Bits & Pieces for additional embedded news and reports.

Meanwhile, Atmel’s Tech on Tour trailer will be headed to Austin, Texas on April 8th. We’ll be talking about low-power system design using Atmel’s ARM-based SAM4L MCU, touch and wireless solutions, as well as offering an introduction to Atmel’s versatile SAM D20 microcontroller.

atmeltot

Interested in learning more? You can register here and check out future ToT stops here.

Atmel @ EELive! 2014: Day 1

Leave a reply

Atmel kicked off EELive! 2014 with a full schedule of well-attended Tech Talks across a wide variety of topics including the IoT, Maker Movement, battery management, embedded security and Cortex-M (ARM) SAM D20 microcontrollers (MCUs).

totline

Meanwhile, hundreds of EELive! attendees lined up outside of Atmel’s Tech on Tour trailer for the opportunity to pick up a free Atmel XMEGA-E5 Xplained evaluation kit and check out the following exhibits:

atmeltot1

Atmel, along with Xively, also co-hosted an Internet of Things (IoT) Engineering Summit at the event.

patrick1

Atmel’s very own Patrick Sullivan discussed a number of IoT-related subjects, including embedded processing, security, connectivity, interface, as well as software, tools and development.

panorama

Stay tuned to Bits & Pieces for more EELive! 2014 updates.

Atmel’s ToT hits the road for EELive!

Leave a reply

Atmel’s Mobile Training Center is heading to Las Vegas Nevada on March 26th and EE Live! in San Jose in early April.

We’ll be at the McEnery Convention Center on 150 W San Carlos on Tuesday, April 1 – Thursday, April 3, showcasing a wide variety of tech across a number of spaces 
including touchsecuritymicrocontrollers (MCUs), wirelesslighting and automotive.

More specifically, you can check out:

Atmel, along with Xively, will also be co-hosting an Internet of Things (IoT) Engineering Summit at EE Live! on Tuesday, April 1, 2014 @ 11:00 – 11:45 am. Participants are slated discuss the following IoT-related topics:

  • Embedded processing and security
  • Connectivity and interface
  • Software tools and development

You can register for Atmel’s ToT Las Vegas stop here and EE Live! here.

Interested in learning more about Atmel and the IoT? You can check out our article archive on the subject here as well as Atmel’s recent SoMa panel discussion on the IoT here.