The Internet of Things (IoT) has the ability to make a big impact on everything, from the way businesses are run to how we consume the Earth’s resources. By now, there is no doubt that the real IoT revolution is around the corner. As we develop and adopt solutions that improve how we consume energy, water, and gas, while making life more comfortable and efficient, it is important to realize exactly what IoT is and how to safely use it.
So, what is IoT? IoT, or Internet of Things, refers to the network of web-enabled objects that can connect and exchange information. Here, the “things” refers to the physical objects or devices that are embedded with technologies making them able to connect with other devices. We use IoT devices in our everyday lives, some examples including smart boards, electric and water meters, motion sensors, mobile phones, and smart watches. Our previous blog post talks more about the many applications of IoT in our present and future lives.
This diversity, although useful, can lead to more security concerns. Some key areas of concern are listed below:
- Vulnerabilities can lead to compromised systems, which may cause serious security issues such as threat actors gaining access to company security controls or taking control of company equipment.
- Infected devices can be used to infect other devices and mask malicious activity
- Connected devices have increased chance of online exposure, which may lead to information theft from the stored personal information.
Thus, it is incredibly important to make sure your IoT solutions are secure. Having an unsecure network will not only lead to losses, but might put your company and its employees’ security at risk.
How does IoT work?
Generally, all IoT solutions are built based on the following architecture:
Data is first collected by the sensory devices. Then, using a gateway, the data moves through a communication network to the data processing domain where the IoT process and visualize it.
Obviously, such a system requires a secure mechanism for data transmission and protection. Many solutions have emerged to tackle this issue, each of which impact different requirements like data consumption, scalability, availability, and reliability.
Overall, a system is secure if the following criteria are satisfied:
- Integrity
- Availability
- Confidentiality
Different application systems prioritize different criteria. For example, for a banking system, integrity is most important to preserve customer data and prevent them from being manipulated.
IoTrack™
In Edgecom Energy’s IoT solution, IoTrack™, our focus is high availability. The goal is to design and use our product in a highly available way and keep it running for a long period of time. This is not achievable without lightweight, durable technologies and longer battery life. Compared to other existing technologies, IoTrack™ has considered all aspects of security and reliability and achieved a satisfactory level of availability (95%+) in serving our customers. The rest of this blog explains how our system is designed to achieve this goal in more detail.
The following figure points out the two main areas of concern:
To ensure security in the connection between the sensor and the gateway (1), we have utilized LoRa to achieve highly secured, long-range connectivity and optimized the battery life for minimum power consumption. The sensor and the gateway are paired using complex parameters to make it impossible for hackers to decode. Additionally, to ensure the integrity and accuracy of our data, we have implemented checksum bits into our packets so incoming data is verified at the gateway.
To keep the connection between the gateway and application servers (2) secure, the data is transmitted through a private IoT LTE network. Between the gateway and the IoT platform, we have utilized the MQTT protocol with a mix of token and key values to assure the security of our connection and make sure the data and connection are not compromised. On top of that, we have implemented an end-to-end public key encryption/decryption algorithm to guarantee that no fake data can be injected between the sensor and the IoT platform. Hence, alongside data integrity, public key deployment also addresses data confidentiality.
With proper security measures, IoT will lead to increased comfort and productivity while improving efficiency, ensuring our planet’s limited resources are used responsibly. In the end, measuring and monitoring our day-to-day energy use and finding ways to improve our performance will help us reach our goal of becoming a sustainable society.