Posts

Remote Control without a Direct Connection

Part 5 of Data Communication for Industrial IoT

As discussed previously, the idea of using a cloud service as an intermediary for data resolves the problems of securing the device and securing the network.  If both the device and the user make outbound connections to a secure cloud server, there is no need to open ports on firewalls, and no need for a VPN. But this approach brings up two important questions for anyone interested in remote control:

  1. Is it fast enough?
  2. Does it still permit a remote user to control his device?

The answer to the first question is fairly simple.  It’s fast enough if the choice of communication technology is fast enough.  Many cloud services treat IoT communication as a data storage problem, where the device populates a database and then the client consults the contents of the database to populate web dashboards.  The communication model is typically a web service over HTTP(S).  Data transmission and retrieval both essentially poll the database.

The Price of Polling

Polling introduces an inevitable trade-off between resource usage on the server and polling rate, where the polling rate must be set with a reasonable delay to avoid overloading the cloud server or the user’s network.  This polling does two things – it introduces latency, a gap in time between an event occurring on the device and the user receiving notification of it, and it uses network bandwidth in proportion to the number of data items being handled.  Remote control of the device is still possible through polling if you are willing to pay the latency and bandwidth penalty of having the device poll the cloud.  This might be fine for a device with 4 data values, but it scales exceptionally poorly for an industrial device with hundreds of data items, or for an entire plant with tens of thousands of data items.

Publish/Subscribe Efficiency

By contrast, some protocols implement a publish/subscribe mechanism where the device and user both inform the cloud server that they have an interest in a particular data set.  When the data changes, both the device and user are informed without delay.  If no data changes, no network traffic is generated.  So, if the device updates a data value, the user gets a notification.  If the user changes a data value the device gets a notification.  Consequently, you have bi-directional communication with the device without requiring a direct connection to it.

This kind of publish/subscribe protocol can support bidirectional communication with latencies as low as a few milliseconds over the background network latency.  On a reasonably fast network or Internet connection, this is faster than human reaction time.  Thus, the publish/subscribe approach has the potential to support remote control without a direct connection.

Continue reading, or go back to Table of Contents

DoublePulsar – Worse Than WannaCry

In a world still reeling from the recent WannaCry attacks, who wants to hear about something even worse?  Nobody, really.  And yet, according to a recent article in the New York Times, A Cyberattack ‘the World Isn’t Ready For’, the worse may be yet to come—and we’d better be prepared.

Reporting on conversations with security expert Mr. Ben-Oni of IDT Corporation in Newark, NJ, the Times said that thousands of systems worldwide have been infected with a virus that was stolen from the NSA at the same time as the WannaCry virus.  The difference is that this second cyber weapon, DoublePulsar, can enter a system without being detected by any current anti-virus software. It then inserts diabolical tools into the very kernel of the operating system, leaving an open “back door” for the hacker to do whatever they want with the computer, such as tracking activities or stealing user credentials.

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

The concern is that DoublePulsar can remain hidden, providing a platform from which hackers can launch attacks at any time.  It may already be running on systems in hospitals, utility companies, power infrastructure, transportation networks, and more.  Ben-Oni had secured IDT’s system with three full sets of firewalls, antivirus software, and intrusion detection systems.  And still the company was successfully attacked, through the home modem of a contractor.

Closing the Door on DoublePulsar

Severity of the threat aside, this scenario points out once again the inherent weakness of relying on a VPN to secure an Industrial IoT system.  Had that contractor been connecting to a power plant, an oil pipeline, or a manufacturing plant over a VPN, it is likely that DoublePulsar could have installed itself throughout the system.  As we have explained in our white paper Access Your Data, Not Your Network, this is because a VPN expands the plant’s security perimeter to include any outside user who accesses it.

This threat of attack underscores the importance of the secure-by-design architecture that Skkynet’s software and services embody.  By keeping all firewalls closed, a cyber weapon like DoublePulsar cannot penetrate an industrial system, even if it should happen to infect a contractor or employee.  SkkyHub provides this kind of secure remote access to data from industrial systems, without using a VPN.

Top 10 IoT Technology Challenges for 2017 and 2018

Gartner, Inc., the IT research firm based in Stamford, Connecticut, recently published a forecast for the top ten IoT technology challenges for the coming two years.  The list covers a lot of ground, from hardware issues like optimizing device-level processors and network performance to such software considerations as developing analytics and IoT operating systems to abstract concepts like maintaining standards, ecosystems, and security.

“The IoT demands an extensive range of new technologies and skills that many organizations have yet to master,” said Nick Jones, Gartner vice president analyst. “A recurring theme in the IoT space is the immaturity of technologies and services and of the vendors providing them.”

Heading the list of needed expertise is security.  “Experienced IoT security specialists are scarce, and security solutions are currently fragmented and involve multiple vendors,” said Mr. Jones. “New threats will emerge through 2021 as hackers find new ways to attack IoT devices and protocols, so long-lived ‘things’ may need updatable hardware and software to adapt during their life span.”

To anyone considering the IoT, and particularly the Industrial IoT (IIoT) or Industrie 4.0, this should be a wake-up call.  As the recent power-grid hack in the Ukraine shows us, old-school approaches like VPNs will not be sufficient when an industrial system is exposed to the Internet. In the IoT environment, Skkynet’s secure by design approach ensures not only a fully integrated approach for the security issues that many are aware of today, but also a forward-looking approach that will meet future challenges.

Having taken security into consideration, there are other items on the list that we see as significant challenges, and for which we provide solutions.  Among these are:

  • IoT Device Management – Each device needs some way to manage software updates, do crash analysis and reporting, implement security, and more. This in turn needs some kind of bidirectional data flow such as provided by SkkyHub, along with a management system capable of working with huge numbers of devices.
  • Low-Power Network Support – Range, power and bandwidth restraints are among the constraints of IoT networks.  The data-centric architecture of SkkyHub and the Skkynet ETK ensure the most efficient use of available resources.
  • IoT Processors and Operating Systems – The tiny devices that will make up most of the IoT demand specialized hardware and software that combine the necessary capabilities of low power consumption, strong security, tiny footprint, and real-time response.  The Skkynet ETK was designed for specifically this kind of system, and can be modified to meet the requirements of virtually any operating system.
  • Event-Stream Processing – As data flows through the system, some IoT applications may need to process and/or analyze it in real time.  This ability, combined with edge processing in which some data aggregation or analysis might take place on the device itself, can enhance the value of an IoT system with little added cost.  Skkynet’s unique architecture provides this kind of capability as well.

According to Gartner, and in our experience, these are some of the technical hurdles facing the designers and implementers of the IoT for the coming years.  As IoT technology continues to advance and mature, we can expect other challenges to appear, and we look forward to meeting those as well.

Skkynet Technology Featured in IEEE Paper and Presentation

The feasibility and value of cloud-based data communications for power generation smart grid testbeds presented at IEEE General Meeting.

Mississauga, Ontario, July 19, 2016 – Skkynet Cloud Systems, Inc. (“Skkynet”) (OTCQB: SKKY), a global leader in real-time cloud information systems, announces that its SkkyHub™  technology supported research leading to a published paper presented at the IEEE Power and Energy Society General Meeting in Boston yesterday. The paper, “Cloud Communication for Remote Access Smart Grid Testbeds” by Mehmet H. Cintuglu and Osama A. Mohammed of Florida International University, concludes that “cloud communication can be successfully implemented for actual smart grid power systems test beds.”

“We are pleased that the IEEE has accepted this paper for publication,” said Paul Thomas, President of Skkynet. “This is a significant milestone in demonstrating the value of cloud-based, real-time data connectivity for industrial and infrastructure applications.”

The object of the research was to determine the effectiveness of cloud-based communication for integrating data coming from diverse, heterogeneous electrical system testbeds.  These testbeds allow students and researchers to quickly test and verify innovations and proof-of-concept systems. While networked testbeds are useful for testing large deployments of smart devices, traditional WAN approaches are costly.  “In cloud based systems operational costs are significantly reduced compared to dedicated high bandwidth wide area links which was previously a pre-requisite for creating successful networking test beds,” the paper states.

The cloud communications technology used for the research was Skkynet’s SkkyHub service, which the paper describes as “a SaaS platform providing secure end-to-end networking for smart grid devices such as IEDs and PMUs,” which can be “implemented on virtually any new or existing system at a low cost capital and provides a web-based human-machine-interface (HMI) for remote access and supervisory control.”

The SkkyHub service allows industrial and embedded systems to securely network live data in real time from any location. It enables bidirectional supervisory control, integration and sharing of data with multiple users, and real-time access to selected data sets in a web browser. The service is capable of handling over 50,000 data changes per second per client, at speeds of just microseconds over Internet latency. Secure by design, it requires no VPN, no open firewall ports, no special programming, and no additional hardware.

About Skkynet

Skkynet Cloud Systems, Inc. (OTCQB: SKKY) is a global leader in real-time cloud information systems. The Skkynet Connected Systems platform includes the award-winning SkkyHub™ service, DataHub®, WebView™, and Embedded Toolkit (ETK) software. The platform enables real-time data connectivity for industrial, embedded, and financial systems, with no programming required. Skkynet’s platform is uniquely positioned for the “Internet of Things” and “Industry 4.0” because unlike the traditional approach for networked systems, SkkyHub is secure-by-design. Customers include Microsoft, Caterpillar, Siemens, Metso, ABB, Honeywell, IBM, GE, BP, Goodyear, BASF, E·ON, Bombardier and the Bank of Canada. For more information, see http://skkynet.com.

Safe Harbor

This news release contains “forward-looking statements” as that term is defined in the United States Securities Act of 1933, as amended and the Securities Exchange Act of 1934, as amended. Statements in this press release that are not purely historical are forward-looking statements, including beliefs, plans, expectations or intentions regarding the future, and results of new business opportunities. Actual results could differ from those projected in any forward-looking statements due to numerous factors, such as the inherent uncertainties associated with new business opportunities and development stage companies.  Skkynet assumes no obligation to update the forward-looking statements. Although Skkynet believes that any beliefs, plans, expectations and intentions contained in this press release are reasonable, there can be no assurance that they will prove to be accurate. Investors should refer to the risk factors disclosure outlined in Skkynet’s annual report on Form 10-K for the most recent fiscal year, quarterly reports on Form 10-Q and other periodic reports filed from time-to-time with the U.S. Securities and Exchange Commission.

Will Time-Sensitive Networking (TSN) Improve the IIoT?

Is current Internet technology sufficient for the needs of Industry 4.0 or the IIoT?  Or could it be better?  How can we enhance Ethernet to improve real-time data communications? These are the kinds of issues that some key players in Industrial IoT plan to address by developing the world’s first time-sensitive networking (TSN) infrastructure.

TSN has been defined as “a set of IEEE 802 standards designed to enhance Ethernet networking to support latency-sensitive applications that require deterministic network performance,” according to Mike Baciodore in a recent article in Control Design titled “How time-sensitive networking enables the IIoT

Put simply, the goal of TSN is to provide the IoT with the same kind of real-time performance that is now limited to individual machines like cars and airplanes, or to distributed control systems in industrial applications.  The Industrial Internet Consortium (IIC), along with Intel, National Instruments, Bosch Rexroth, Cisco, Schneider Electric and others have joined forces to achieve this goal, to enable a truly real-time IoT.

TSN is Good News for Skkynet

This collaboration to develop TSN comes as good news to us here at Skkynet.  Since we currently provide secure, bidirectional, supervisory control capabilities over TCP, we understand how much more effective our software and services will be when supported by TSN.

With TSN, our latencies of a few ms over Internet speeds would be reduced to simply a few ms.  Data dynamics would be better preserved, and system behavior more deterministic.  This effort to develop TSN validates our thinking that the IIoT works best with low-latency, high-speed networking.  Unlike those who operate on the assumption that web communication technology (REST) is the way forward, the TSN approach means that networked data communications can approximate or equal in-plant speeds and latencies.

Several participants and commentators on the TSN project point out that typical cloud architectures are not ideal counterparts for TSN.  Something fundamentally different is required.  Putting their individual ideas and suggestions together, what they envision for an architecture is remarkably close to what Skkynet currently provides.  It should be secure by design, fully integrate edge computing, and keep the system running without interruption during any network outages.  Above all, it must provide secure, selective access to any process data, in real time.

“One of the cool concepts out there is that people will want to have a cyberphysical representation of the equipment in the cloud,” said Paul Didier, solutions architect manager at Cisco. “That doesn’t mean the physical plant will be controlled in the cloud. Optimization and maintenance can be done in the cloud and will filter its way back to the machine.”

Our recent case study showcasing DataHub and SkkyHub technology illustrates this “cyberphysical representation.”  During the deployment and test of a mineral processing system, developers thousands of miles away monitored the machine logic and tweaked the system in real time. “It was as if we were sitting beside them in the control room,” said one of the team, “and through live monitoring, we were able to continue developing the application, thanks to the real-time connectivity.”

It’s a small step from this to machine control, and time-sensitive networking will be a welcome technology in that direction.  To the Industrial Internet Consortium (IIC) and everyone else involved in this project, we say keep up the great work!  We’re ready to put TSN to good use when it becomes available.

Industrial IoT, Big Data & M2M Summit―Takeaways

Last week several of us here at Skkynet had the pleasure to attend and present a case study at the Industrial IoT, Big Data & M2M Summit in Toronto.  IoT specialists representing a wide range of industries, from mining, manufacturing, and energy to telecom and software gathered to share insights and learn from collective experience how to get the most out of Industrial IoT.

Challenges to IoT adoption was a key topic of discussion.  There was considerable agreement among summit participants that one of the primary challenges is not technical, but cultural.  Switching from software ownership to data as a service requires a new mind-set, which not everyone is willing to adopt.  Speaker after speaker underlined the need to communicate value and get buy-in from all concerned parties. You should start with a small pilot project, with minimal investment, and demonstrate ROI.  Other challenges discussed included incompatible protocols and security risks.

Summit Theme: Partnerships

A common theme that prevailed in presentations and comments throughout the summit was that the IoT casts such a wide net that nobody can do all of it well.  We need to work together.

“IoT is all around partnerships,” said Christopher Beridge, Director of Business Development – IoT and Business Solutions at Bell Mobility.

“A lot of people have a part to play when you are talking IoT,” according to Matthew Wells, Senior Product General Manager at GE Digital.

“Smartness depends on how interconnected you are,” commented Steven Liang, Associate Professor at the University of Calgary, and conference chair.

Above all, there was agreement that the IoT is here to stay. “Our focus is to make things more efficient, reliable, affordable, and convenient, and the IoT is a way to do it,” said Michael Della Fortune, Chief Executive Officer of Nexeya Canada.  “It powers and upholds the 4 Vs—Variety, Volume, Velocity, and Veracity—of Big Data.”

Perhaps Timon LeDain, Director, Internet of Things at Macadamian summed it up best when he said, “IoT will be done by you, or done to you.”