Technologies and threats for the IoT November 24th 2015 Anders P. Mynster apm@delta.dk
Outline DELTA in 2 slides What is the Internet of things? Trends in the digital world: IoT, Industry 4.0, connected vehicle and smart grid The structures project risks to the society from IoT Preparation Detection Framework for prevention Example of application in EMC by HALT Combinatorial exposure
Danmark #1 til høj-teknologi udvikling Universitet Uafhængig Selvejende Almennyttig GTS Industri Teknologi forskning Teknologi rådgivning og godkendelser Produktion og markedsføring
Test & consultancy Every year we perform around 2,500 product tests, which all helps to ensure that your product can be successful in the real world Requirements: Does your product comply with statutory requirements and standards? Users: What do users think and how can we improve the quality of your product? Electromagnetic noise: Can your electronic product coexist with other electronic products? Environmental impact: What effect do the weather and environment have on your product? Function and technology: Does the technology work?
IoT is
Sensor aggregator gateway www big data Source: Intel
Internet of things Source: Beecham Research
Internet of things SOURCE
Industry 4.0
Automotive and smart grid
Standards
It all starts at the sensor Example TI sensortag Limited processing power, memory, software & hardware
The structures project
Threats The big guns
Threats the smaller guns
Mobility and risk
Targets SOURCE
Protection and preparation
Protection and preparation Recovery Protection, following an interruption or disaster are implemented the prioritized actions required to return business functions to operational stability. Continuity Protection, implementing advance arrangements enabling an organization to respond to an event in such a manner that critical business functions continue without interruption or essential change.
Protection and preparation
The framework for solutions is there Systems engineering approach to model based agile development
How does it fail? Purpose for test EM Environment Query Malfunction Database Decision outcome Product properties Derive Product design Feedback and updates Immunity test SLIDE 22
Regulatory requirements vs. Potential exposure HALT: Highly accelerated limit testing ICNIRP: International Commission on Non-Ionizing Radiation Protection 1952 V/m 896 V/m 61 V/m 28 V/m 10 V/m 3 V/m
Cellphone simulation E[V/m]
Cell phone immunity test 60601-1-2 Edition 4 Today typically 3 V/m but Edition 4 is mandatory from 2017 Test to 9 to 28 V/m We have cheated and made our own which is faster can test more devices at once
With real life complex spectrums 100 Level [dbµv/m] 80 60 40 20 0 30M 50M 70M 100M 200M 300M 500M 700M 1G Frequency [Hz] MES RE 30-1000 bag MaxPk LIM RE, EN 55011 30m, QP Radiated Emission 26
Model based testing The output of tests are a model used for test through software Defining an input vector and output vector Including the exceptional values
Malcunftion examples
Model based simulations Propagate the values through the system Multi stressor exposure
Systems of systems of systems of systems of.. Source: Intel
Test of equipment in hospitals Criticality of medical device: life supporting, used to monitor critical patients, drug delivery, diagnosis Device has been tested according to EMC standards Potential impact of device failure or malfunction, e.g. patient injury or death Known EMI problems with similar devices Sensitive components RF transmitters are frequently used near the device If medical device has been known to operate erratically If device is repeatedly referred for service but with good performance
Combinatorial cyber attacks
Cybersecurity Do you take cybersecurity as serious as software, hardware and mechanical failures?
Cyber physical systems Source: Daimler AG
Conclusion The world is becoming ever more wireless and digital both for our systems and the criminals This results in increased risk of interference, communication failure and hacking due to channel open media The IoT devices are starting to penetrate into the industrial and infrastructure domains in ever increasingly complex systems of systems Since the system devices cannot be guaranteed to function correctly the error modes must be known and the consequences simulated in the entire system
Questions? October 28th 2015 Anders P. Mynster apm@delta.dk