Showing posts with label Smart Home and Cities. Show all posts
Showing posts with label Smart Home and Cities. Show all posts

Friday, 22 June 2018

5G and IoT Security Update from ETSI Security Week 2018

ETSI Security Week 2018 (link) was held at ETSI's Headquarters in Sophia Antipolis, South of France last week. It covered wide variety of topics including 5G, IoT, Cybersecurity, Middlebox, Distributed Ledger Technology (DLT), etc. As 5G and IoT is of interest to the readers of this blog, I am providing links to the presentations so anyone interested can check them out at leisure.


Before we look at the presentations, what exactly was the point of looking at 5G Security? Here is an explanation from ETSI:

5G phase 1 specifications are now done, and the world is preparing for the arrival of 5G networks. A major design goal of 5G is a high degree of flexibility to better cater for specific needs of actors from outside the telecom sector (e.g. automotive industry, mission-critical organisations). During this workshop, we will review how well 5G networks can provide security for different trust models, security policies, and deployment scenarios – not least for ongoing threats in the IoT world. 5G provides higher flexibility than legacy networks by network slicing and virtualization of functions. The workshop aims to discuss how network slicing could help in fulfilling needs for different users of 5G networks.

5G will allow the use of different authentication methods. This raises many interesting questions. How are these authentication methods supported in devices via the new secure element defined in ETSI SCP, or vendor-specific concepts? How can mission-critical and low-cost IoT use cases coexist side-by-side on the same network?

The 5G promise of higher flexibility is also delivered via its Service-Based Architecture (SBA). SBA provides open 3rd party interfaces to support new business models which allow direct impact on network functions. Another consequence of SBA is a paradigm shift for inter-operator networks: modern APIs will replace legacy signaling protocols between networks. What are the relevant security measures to protect the SBA and all parties involved? What is the role of international carrier networks like IPX in 5G?

Event Objectives
The workshop intends to:

  • Gather different actors involved in the development of 5G, not only telecom, and discuss together how all their views have shaped phase 1 of 5G, to understand how security requirements were met, and what challenges remain;
  • Discuss slicing as a means to implement separate security policies and compartments for independent tenants on the same infrastructure;
  • Give an update of what is happening in 3GPP 5G security;
  • Explain to IoT players what 5G security can (and cannot) do for them, including risks and opportunities related to alternative access credentials;
  • Understand stakeholders' (PMNs, carriers, GSMA, vendors) needs to make SBA both secure and successful. How can SBA tackle existing issues in interconnect networks like fraud, tracking, privacy breaches;
  • Allow vendors to present interesting proposals for open security questions in 5G: secure credential store, firewalling SBA's RESTful APIs;
  • Debate about hot topics such as: IoT security, Slicing security, Privacy, Secure storage and processing and Security of the interconnection network.


So here are the relevant presentations:

Session 1: Input to 5G: Views from Different Stakeholders
Session Chair: Bengt Sahlin, Ericsson

Hardening a Mission Critical Service Using 5G, Peter Haigh, NCSC

Security in the Automotive Electronics Area, Alexios Lekidis, SecurityMatters

Integrating the SIM (iUICC), Adrian Escott, QUALCOMM

Smart Secure Platform, Klaus Vedder, Giesecke & Devrient, ETSI SCP Chairman

Network Slicing, Anne-Marie Praden, Gemalto

Don't build on Sand: Validating the Security Requirements of NFV Infrastructure to Confidently Run Slices, Nicolas Thomas, Fortinet

5G Enhancements to Non-3GPP Access Security, Andreas Kunz, Lenovo

Security and Privacy of IoT in 5G, Marcus Wong, Huawei Technologies

ITU-T activities and Action Plan on 5G Security, Yang Xiaoya, ITU-T SG17

Wrap up: 5G Overview from 3GPP SA3 Perspective and What is There to Be Done for Phase 2, Sander Kievit, TNO


Session 2: Security in 5G Inter-Network Signalling
Session Chair: Stefan Schroeder, T-Systems

Presentation on SBA: Introduction of the Topic and Current Status in SA3, Stefan Schroeder, T-Systems

5G Inter-PLMN Security: The Trade-off Between Security and the Existing IPX Business Model, Ewout Pronk, KPN on behalf of GSMA Diameter End to End Security Subgroup

Secure Interworking Between Networks in 5G Service Based Architecture, Silke Holtmanns, Nokia Bell Labs

Security Best Practises using RESTful APIs, Sven Walther, CA Technologies

Identifying and Managing the Issues around 5G Interconnect Security, Stephen Buck, Evolved Intelligence

Zero Trust Security Posture in 5G Architecture, Galina Pildush, Palo Alto Networks (Missing)


Session 1 & 2 Workshop Wrap up: 5G Phase 1 Conclusions and Outlook Towards Phase 2 - Stefan Schroeder, T-Systems and Bengt Sahlin, Ericsson


Session 5: Benefits and Challenges of 5G and IoT From a Security Perspective
Session Chair: Arthur van der Wees, Arthur's Legal

Setting the Scene, Franck Boissière, European Commission

ENISA's View on Security Implications of IoT and 5G, Apostolos Malatras, ENISA

Smart City Aspects, Bram Reinders, Institute for Future of Living

The Network Operators Perspective on IoT Security, Ian Smith, GSMA


Related Links:

Friday, 4 December 2015

Mobility challenges in Future Cities


I got an opportunity this week to attend an interesting 'Sir Henry Royce Memorial Lecture 2015' organised by The IET. The topic of the presentation was "Mobility for the 21st Century".

Professor John Miles reflected upon the reasons why the car dominates our urban environments and explored the challenges of freeing our cities from the log-jam of traffic congestion and associated pollution which currently seems inevitable. He proposition that, to be successful, future public transport and shared ridership systems must simply represent a better journey option than taking the car. The question is, as engineers, how we might meet this challenge and deliver success in the coming decades?

Some reactions from twitter:




Anyway, the video of the presentation is as follows:





Related news:

Sunday, 5 July 2015

A tale of two Smart Cities

Over the last few months I heard quite a few talks about Smart Cities. Here are two that I thought its worth posting and a very good TEDx talk at the bottom



I think we all agree that more and more people will move from rural to urban areas and the cities will not only grow in population but also in size. The infrastructure will have to grow to be able to cope with the influx of people and increased demand on services.



I guess in most developed nations we have the 1.0 Era Digital City which is long way away from the 3.0 Era Smart City.



To be a full fledged 3.0 Smart City, every aspect of our life may need to evolve into "Smart". Anyway, here is the complete presentation:





While IoT would be important, access, big data, applications, etc. all will have a role to play.



If you want to find out more about the Milton Keynes smart city, also see this video on Youtube. There are driverless pods and other autonomous cars which may be considered as initial step towards smart cities, see this interesting video here.

Finally here is the TEDx talk about designing these smart cities for future:


Saturday, 16 May 2015

Smart Homes of the Future and Technologies


Saw the above picture recently on Twitter. While its great to see how connected our future homes and even cities would be, it would be interesting to see what technologies are used for connecting these devices.

Cambridge Wireless had a smart homes event last month, there were some interesting presentations that I have detailed below.


The first of these technologies discussed is LoRa. As can be seen, its billed as ultimate long range (10 mile) and low power (10 year battery lifetime) technology. It uses spread-spectrum making it robust to channel noise. Here is the presentation:




The next technology is Zigbee 3.0. According to Zigbee Alliance:

The new standard unifies ZigBee standards found in tens of millions of devices delivering benefits to consumers today. The ZigBee 3.0 standard enables communication and interoperability among devices for home automation, connected lighting, energy efficiency and other markets so more diverse, fully interoperable solutions can be delivered by product developers and service providers. All device types, commands, and functionality defined in current ZigBee PRO-based standards are available to developers in the new standard.

ZigBee 3.0 defines the widest range of device types including home automation, lighting, energy management, smart appliance, security, sensors, and health care monitoring products. It supports both easy-to-use DIY installations as well as professionally installed systems. Based on IEEE 802.15.4, which operates at 2.4 GHz (a frequency available for use around the world), ZigBee 3.0 uses ZigBee PRO networking to enable reliable communication in the smallest, lowest-power devices. Current ZigBee Certified products based on ZigBee Home Automation and ZigBee Light Link are interoperable with ZigBee 3.0. A complete list of standards that have been merged to create ZigBee 3.0 can be seen on the website at www.ZigBee.org.

“The ZigBee Alliance has always believed that true interoperability comes from standardization at all levels of the network, especially the application level which most closely touches the user,” said Tobin J. M. Richardson, President and CEO of the ZigBee Alliance. “Lessons learned by Alliance members when taking products to market around the world have allowed us to unify our application standards into a single standard. ZigBee 3.0 will allow product developers to take advantage of ZigBee’s unique features such as mesh networking and Green Power to deliver highly reliable, secure, low-power, low-cost solutions to any market.”



Finally, we have Bluetooth Smart mesh.

CSRmesh enables Bluetooth® low energy devices not only to receive and act upon messages, but also to repeat those messages to surrounding devices thus extending the range of Bluetooth Smart and turning it into a mesh network for the Internet of Things.



While the CW event was not able to discuss all possible technologies (and believe me there are loads of them), there are other popular contenders. Cellular IoT (CIoT) is one if them. I have blogged about the LTE Cat-0 here and 5G here.

A new IEEE Wi-Fi standard 802.11ah using the 900MHz band has been in works and will solve the need of connectivity for a large number of things over long distances. A typical 802.11ah access point could associate more than 8,000 devices within a range of 1 km, making it ideal for areas with a high concentration of things. The Wi-Fi Alliance is committed to getting this standard ratified soon. With this, Wi-Fi has the potential to become a ubiquitous standard for IoT. See also this article by Frank Rayal on this topic.

Finally, there is SIGFOX. According to their website:

SIGFOX uses a UNB (Ultra Narrow Band) based radio technology to connect devices to its global network. The use of UNB is key to providing a scalable, high-capacity network, with very low energy consumption, while maintaining a simple and easy to rollout star-based cell infrastructure.

The network operates in the globally available ISM bands (license-free frequency bands) and co-exists in these frequencies with other radio technologies, but without any risk of collisions or capacity problems. SIGFOX currently uses the most popular European ISM band on 868MHz (as defined by ETSI and CEPT) as well as the 902MHz in the USA (as defined by the FCC), depending on specific regional regulations.

Communication on SIGFOX is secured in many ways, including anti-replay, message scrambling, sequencing, etc. The most important aspect of transmission security is however that only the device vendors understand the actual data exchanged between the device and the IT systems. SIGFOX only acts as a transport channel, pushing the data towards the customer's IT system.

An important advantage provided by the use of the narrow band technology is the flexibility it offers in terms of antenna design. On the network infrastructure end it allows the use of small and simple antennas, but more importantly, it allows devices to use inexpensive and easily customizable antennas.


Sigfox is also working on project Mustang, a three-year effort to build a hybrid satellite/terrestrial IoT (internet of things) network. According to Rethink Research:

The all-French group also contains aerospace firm Airbus, research institute CEA-Leti and engineering business Sysmeca. The idea is to use Sigfox as the terrestrial data link, with satellite backhaul and connections to planes and boats provided by a low-earth orbit (LEO) satellite constellation.
...
The satellite link could be added to either the end devices or the base station, so that if a device was unable to connect to the terrestrial Sigfox network, it could fall back to the satellite.

While the power requirements for this would be prohibitive for ultra-low power, battery-operated devices, for those with a wired power supply and critical availability requirements (such as smart meters, alarms, oil tankers and rigs) the redundancy would be an asset. These devices may transmit small amounts of data but when they do need to communicate, the signal must be assured.

The Sigfox base station could be fitted with a satellite uplink as a primary uplink as well as a redundancy measure in some scenarios where terrestrial network reach cannot be achieved. With a three-year lifecycle, Mustang’s participants are looking to create a seamless global network, and note that the planned dual-mode terrestrial/satellite terminal will enable switching between the two channels in response to resource availability.

The group says that the development of this terminal modem chipset is a priority, with later optimization of the communication protocols being the next step before an application demonstration using an airplane.

The project adds that the full potential of the IoT can only be achieved by offering affordable mobile communications at a global scale and reach. Key to this is adapting existing networks, according to the group, which explains why Sigfox has been chosen – given that the company stresses the affordability of its system.

Well, there are a lots of options available. We just have to wait and see which ones work in what scenarios.