As more and more businesses and consumers adopt connected devices that comprise the so-called Internet of Things (IoT), it begets the question: what security risks are those users also adopting? A wide range of security research — much of which has made its way to mainstream media — has demonstrated some pretty serious IoT security flaws in a number of different device types. However, all of those findings seemed to feel disjointed; are these flaws coincidentally similar, and limited to the particular device or manufacturer studied? Or is there a larger issue at play?
At Independent Security Evaluators, we had the hypothesis that these IoT security flaws in connected devices might plague the entire IoT industry, not just the few manufacturers who had been studied to date. So in order to prove (or disprove!) that hypothesis, we organized a hacking event known as IoT Village.
IoT Village first debuted at esteemed security conference DEF CON from August 7-9, 2015. Over the course of the event, we had researchers from a wide range of security organizations present their work on various aspects of the IoT security flaw problem. In conjunction with these talks, we also had security researchers teaching hands-on workshops about how to break devices and how to harden them. Finally, we had a hacking contest, where we bought a range of devices and encouraged attendees to hack them together.
Upon conclusion of IoT Village, we had unequivocally proven that IoT security flaws in connected devices are pervasive. Here is a snapshot of some of the metrics to support that finding:
66: 0-day vulnerabilities discovered/presented overall
14: 0-day vulnerabilities discovered/presented in the contest
27: Unique devices
18: Different manufacturers
IoT Village proved that security issues are pervasive across connected devices; the event served as a platform that produced 66 previously undiscovered security vulnerabilities across a wide array of manufacturers and distinct device types. Fourteen of those vulnerabilities were discovered on-site during the hacking contest that occurred during the few days of the event. In so doing, IoT Village highlighted the fact that security is an industry issue for manufacturers of connected devices, as these issues are not relegated to any particular manufacturer or device type. Furthermore, many violations of the underlying secure design principles were repeated across devices and manufacturers. This suggests that building security into connected devices is not yet seen as a business-critical mandate in most cases. As connected devices continue to become rapidly adopted, it is imperative that manufacturers better build security in and, through security assessment, better validate that those security measures are effective.
IoT security flaws: Examples
SmartThings Motion Sensor: An attacker could exploit a vulnerability in such a way to interfere with the device’s ability to monitor motion. This would be very useful for a property thief or violent criminal, who could run the attack from outside the physical premise, break in to steal items or attack a tenant, and then leave the premise. After leaving the premise, the adversary would stop the attack against the device, returning it to normal operation. The motion sensor would not have triggered, and thus the adversary could circumvent the entire purpose of the device. (Credit: Wes Wineberg, Synack).
iSpy Tank: Adversaries could exploit vulnerabilities that enable them to take over control of the wheels and the video capture. Effectively, an adversary would be able to obtain a remote controlled, powered, spying machine. This is especially concerning because this toy is intended for children, so most likely anyone victimized by this attack would potentially have exposed their children as well. (Credit: Ken Munro, PenTest Partners).
Parrot Drone: Using a single command, the attacker can make the drone drop out of the sky. As drones are being deployed for an ever-widening array of purposes, so too do the implications of this attack broaden. (Credit: Ryan Satterfield, Planet Zuda).
IoT Village is scheduled to run in future iterations at other upcoming conferences throughout the year. If you are a researcher in this space, manufacturer of connected devices, or in the business of deploying connected devices, we encourage you to get involved. Together we can make meaningful change to resolve this problem.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Bob Whitaker, chief science and technology officer at the Produce Marketing Association, thinks the Internet of Things (IoT) will draw CIOs and CTOs into the field of food safety.
In his role at the Produce Marketing Association, a trade organization for companies in the fresh produce and floral supply chain, Whitaker focuses on food safety and security as well as supply chain technical innovation. He said CIOs and CTOs historically have not been involved with food safety initiatives, but predicted that the emergence of IoT will change that situation.
Indeed, IoT is already intersecting with food safety, with projects getting underway or soon to begin. Over time, sensors installed across the supply chain — from local growers to processing plants to distribution centers — will gather data that will provide greater visibility into food safety from farm to fork.
“I think the IoT is going to make food safety transparent within our supply chain and eventually to consumers,” Whitaker said.
And as IoT becomes more embedded in food safety programs, CIOs and CTOs may find themselves being pulled into those initiatives.
That’s largely due to the amount of data expected to be generated from various points along the food supply chain. Bags and boxes of produce equipped with RFID tags will report location data as items traverse the supply chain. Temperature sensors will keep tabs on whether food is being stored or transported within a safe temperature range.
In addition, more equipment in the food supply chain will be built to give off digital signals. Whitaker pointed out that produce washing systems in a number of food processing plants already include equipment that monitors and reports the level of disinfectant in the wash water and the water’s pH level to ensure the disinfectant is at the right acidity level to be effective. Operators use disinfectants in wash water to kill microorganisms that might exist on the surface of fruits or vegetables when they come in from the fields.
“If [microorganisms] slough off into the water, you want to kill them so they do not build up to potentially dangerous levels and contaminate all of the product that might be washed over a given period of time,” Whitaker explained.
The monitoring systems generate data that can be captured and used to analyze wash water quality, he said. Armed with that data, operators can make decisions on whether to add more disinfectant, adjust the pH or change the water to maintain proper operating conditions.
Both processing plants and growers will increasingly find themselves awash in data. Whitaker said even small or mid-sized operations can potentially generate thousands of data points.
He said many people in the industry are starting to ask which types of data are the most important and how they can put that data to use. IT leaders in the food supply chain, he believes, will be called on to help with data analysis.
“You will see the CIO and CTO become much more involved in food safety,” Whitaker said.
Spring is around the corner, so thoughts will soon turn to de-cluttering, and what better way to apply it to the IoT world than to try to lend some structure to the amorphous mass of middleware, software and actual platforms collectively titled “IoT Platforms” — over 200 at last count. The platforms space has grown so much that the term “IoT platforms” has become overused and misunderstood. Machina Research has put together a taxonomy of platforms that defines the types of IoT platforms that exist; types of platforms may be considered under the groupings “connectivity,” “applications enablement,” “device management,” and “analytics and business services.” There is no one vendor that can provide a single end-to-end platform comprising all four groups of platforms on its own.
Therein lies one of the unique attributes of the IoT platforms space: the role of the partner ecosystem. If a customer wants an end-to-end solution, there can be one single vendor point of contact, but that vendor will be the client-facing frontend of at least two partners that are providing the solution. Usually, one of the partners will be a systems integrator as the lead or in a supporting capacity, as projects have a requirement to either piece different vendors’ components together and/or frequently to connect with the existing business systems of the customer.
Integration with customer systems like CRM or ERP is no coincidence as IoT serves to enrich the offering of the customer by taking sensor data collected by a machine in a traditional M2M solution and integrating it with other points of information to create a solution that is transformative to the business. As a result, for example, instead of just gathering meter data in order to manage capacity, a utility can now provide a more enriched user offering through integrating into their CRM system to offer individualized solutions to customers based on their usage, on a timely basis.
As the platforms space grows, it also matures. And like other maturing industries, there can no longer be a features bake-off. As IoT vendors move from being engineering-driven to customer-driven, being able to explain business value not only becomes necessary, but the norm. This is especially true in IoT, where the transformative and strategic nature of its impact on the business means that other business units outside of IT are stakeholders, if not outright decision makers. Business technology decisions as big as what CRM system to use, what handset OS, what enterprise email solution, are explained to an organization’s team members outside the IT team in terms of what it means for productivity, efficiency, ease of use, integration with legacy systems, ROI, impact on running the business and impact on the customer, among other metrics. Why is it then that when determining why a type of IoT platform should be considered, the default is still to only talk about APIs, architectures, MQTT, HLRs and more? That may be part of a platform’s value, but it cannot be all of it.
Technology powerhouses such as IBM, Microsoft, Amazon and others know about mature technology solutions and therefore know that the above is the way to be successful in business. As platform vendors grow from start-up and mid-market, the key way to succeed is to speak and engage in the way the successful older players do — and because technological one-upmanship is ephemeral.
If a vendor knows what type of platform it is selling, it has partnerships (where applicable including systems integrators in place), it can speak to its features, it knows how it connects to customers’ systems and how it will provide transformative business value, then the amorphous mass that is “IoT platform” is now tidied up into something that can be productized.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
The forecasts for IoT are huge, with some pundits suggesting that there will be 50 billion devices connected by 2020. Whether or not these forecasts are correct, it is clear IoT is already gaining meaningful market momentum, buoyed by a seemingly endless array of applications for consumers enterprises and public services. Unfortunately, as these applications proliferate, they create a multitude of security vulnerabilities and attack surfaces, exacerbated by a variety of factors including:
Poor system designs that lack basic IT security measures, such as encryption and secure authentication. Commonly these poor designs reflect inadequate security skills and, in some cases, aggressive time to market demands among ecosystem players.
Integration with legacy systems not designed for secure connectivity.
Security vulnerabilities and associated attack surfaces increase as more devices are connected. This is particularly the case for IoT devices with limited computing capabilities that operate in unsupervised and hostile environments.
The stakes can be higher for the many IoT applications that interact with machines. This was clearly illustrated last year on prime-time television as viewers saw a Jeep Cherokee drive into a ditch after security researchers demonstrated how they could remotely disable its brakes.
IoT solutions commonly use proprietary and specialized standards to enable specific use cases and large scale deployments, and to integrate into legacy environments such as M2M. The security vulnerabilities of these proprietary and specialized standards are typically greater than those associated with mainstream standards.
To make matters more challenging, enterprises cannot protect themselves by banning IoT applications. Unfortunately, IoT applications are well suited to shadow IT implementations since they are increasingly embedded in connected infrastructure and are proliferating in a slew of consumer markets. As a result, enterprises must arm themselves with the necessary tools, procedures and expert support to address IoT security. Much of these efforts involves getting back to basics, including network assessments to identify and investigate the behavior of IoT device connections, and IoT device audits to ensure that they have trusted identities, encrypted traffic and safe software/firmware.
IoT is also well suited to advanced policy and heuristic-based security solutions. In particular, IoT devices tend to have narrowly defined functions that can be validated by policy enforcement platforms. For example, an IoT-connected device that monitors the temperature in a manufacturing plant should not accept temperature updates through a remote connection. Similarly, machine learning and artificial intelligence-based heuristics can be used to monitor the activities of IoT devices based on learned activity profiles. While both policy and heuristic based platforms are well suited for IoT security, they require regular maintenance to ensure that the implemented policies and learned behaviors are valid.
Since large-scale data breaches are on the increase, the stakes are potentially high for IoT systems that harbor confidential information. This is particularly important when protecting the privacy of individuals, commercial and national secrets, and regulatory compliance. For a growing number of IoT applications, stored data is increasingly becoming a liability and therefore there is growing interest in processing and filtering data at the IoT devices so that only the meta-data is stored. For example, a video surveillance solution might be used to classify highway traffic for a smart city application. Rather than storing the video streams for post processing, some solutions process the videos in real-time and store only the vehicle counts.
With the continued expansion of IoT solutions, IoT security vulnerabilities and attack surfaces will increase, and security breaches are inevitable. To reduce the incidence of these breaches, it is crucial that security becomes a core component of IoT design principles, which should include effective remediation for incidences when security is compromised.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
There is certainly no shortage of buzz surrounding the Internet of Things. Thanks to sharp declines in the costs of sensing technology and data processing, we saw momentum grow more last year than ever before. According to Harbor Research, some 4.3 billion new devices (excluding laptops and PCs) were connected to the Internet in 2015 alone. But for all the blinding spew of headlines and news events, we’re missing the deeper implication for connecting these billions of devices.
After all, the Internet of Things isn’t about the things (i.e., the sensors); it’s about the vast and wide-sweeping value constructs sensors and the data they emit, enable. To understand these implications, let us begin with the sensor and zoom outwards…
IoT is about visibility. When we connect a sensor to something (e.g., a fitness tracker, a cow, a car, a streetlamp and so on,) we thereby give it a data stream and thus context. By monitoring some variable of its existence — temperature, location, pressure, frequency of interaction — we gain visibility into its nature and a frame of reference for its function with an environment. For example, if we add sensors to packaged meat, we suddenly have the potential to gain visibility into such variables as:
- Movement: The origin (e.g., location, time, date of initial packaging); where and when the meat is scanned as it moves from farm to distribution center to grocery and beyond.
- Environment: The ‘state’ of the meat as it moves through time and space, with particular emphasis on the variables that may impact its quality and health (e.g., temperature, pressure, contamination, changes in state, etc.)
- Actors: Those entities with whom the piece of meat has some interaction, from the individual packaging the meat at the farm, to the transporter, to the individual stocking the meat in-store, even to the purchaser.
The point here is not that we’re adding a sensor to packaged meat, but rather that by doing so, we gain visibility into the movement, forces, interactions and environment which impact the meat and its movement through the value chain.
IoT is about new services enabled. The visibility and context enabled through sensors is powerful, transformative even. But it’s only part of the story. When we add sensors and connectivity to objects and products, we can interact with them. This allows the function of a product to transcend the product itself and enable entirely new service layers.
A good example of this can be found in a connected light bulb. A smart light bulb isn’t merely about the ability to turn the bulb on and off from a mobile app, nor is it only about significant increases in energy conservation, although these are extremely important. A smart light bulb is about enabling new services through the interactions of the product itself, wherein the light bulb serves as an dynamic source of real-time data that informs new opportunities.
Goeee, a platform connecting lighting OEMs, has outfitted a bulb with sensors, embedded processors and Bluetooth connectivity to monitor temperature, humidity, ambient vs. color-tuning light, energy consumption, nearby motion, foot traffic and LED performance. The environmental, workforce and asset intelligence these light bulbs enable translate to new ‘value-added’ offerings for lighting manufacturers, including but certainly not limited to:
- Preventative maintenance
- Predictive maintenance
- Energy management and conservation
- Security services
- Automated control
- Performance reporting and analytics
- Occupancy detection and traffic monitoring
- Customer experience personalization and product engagement
- Interoperability with other RFID, GPS, mobile, beacon or connected nodes
What this means is that product-centric companies must now think beyond the physical form of the product and consider how the function, visibility, and interactions of/with the product create new value. This is, understandably, a fundamental hurdle for traditionally product-centric organizations to overcome. After all, if the focus shifts beyond the product, product manufacturers and retailers must consider significant modifications or entirely new business models.
IoT is about the ecosystems. As we zoom out from sensors and connectivity, even from services enabled by any single product, what we find is that the greatest implications (and disruptions) the Internet of Things promises exist at the ecosystem level. While businesses have been incorporating data and electronic intelligence into their models for years, IoT ushers in an era where digital information becomes the core business asset. New services enabled by connected products break down historically siloed industries and stakeholders and connect value chains in ways that are, at first, difficult to conceptualize, or threatening to existing models.
Because this era-defining sea change involves a sweeping paradigm shift from human-centric computing to ubiquitous sensor and machine-centric computing, we call it “the Ubiquity Shift.” To understand the ecosystem of a [connected] thing is to understand its broadest ecology and how to design a Smart System around that ecology. Consider the ecosystem participants in the example of packaged meat:
- Farmer, cow, manufacturers of processing and packaging equipment
- Distributors, merchandising controllers, transporters
- Wholesalers, retailers, groceries, scanners, shoppers
- Restaurants, diners, health inspectors
- Waste collectors, landfills, environmental inspectors
How do data and information impact these entities? How do these data and relationships enable entirely new modes of business? How can information platforms enable real-time value for diverse ecosystem players? Organizations must identify the dynamics between the diverse entities involved across the entire value chain, including technology suppliers, OEMs, integrators, retailers, brands, agencies, developers, end users, consumers and so on. As the economy continues to evolve towards networked business and collaboration models, understanding IoT through the ecosystem lens will separate the trend followers from the true innovators and disruptors.
Tuesday after trading had closed, Cisco held a press briefing to announce its $1.4 billion acquisition of IoT platform provider Jasper. Rowan Trollope, General Manager of Cisco’s Internet of Things (IoT) and Collaboration Technology Group, said Cisco saw Jasper as “a unique opportunity because it has built a platform that is disrupting a massive market.” The acquisition, Trollope said, was particularly valuable because it wouldn’t result in duplication of capabilities. “If you overlay the map of Cisco’s IoT portfolio with Jasper’s portfolio,” he said, “there’s no overlap.”
Jasper’s founder and CEO Jahangir Mohammed said the deal would enable Jasper’s reach into new markets beyond their current 3,500 enterprise customers.
Cisco’s Trollope noted that Jasper had become very strong in the “Internet of moving things” by working with telecom service providers, but that Cisco has technologies “at a lower level of the stack. What we’re seeing more and more is that mobility is a key part of the solution but that we can offer an extended and broader set of connectivity options.” Rowan also noted that Cisco could bring much to Jasper-based IoT implementations in the way of real-time and streaming analytics as well as its service exchange platform.
The Jasper business model — SaaS and the recurring revenue model that tends to come with it — is certainly also part of the appeal to Cisco and was mentioned during the briefing.
In a blog post, Rob Salvagno, Cisco vice president of corporate business development, said that Jasper and its founder Mohammed Jahangir had recognized early that cellular connectivity was about more than cell phones. Salvagno wrote that “this early insight has proved fruitful, and now many millions of “things” are connected to the network and working on Jasper’s platform.”
Salvagno said Jasper’s Mohammed will be leading a newly formed IoT Software Business Unit under Cisco’s IoT and Collaboration SVP/GM Rowan Trollope.
A new buzzword has entered the executive corridors: Enterprise IoT. Within the last five years, new terms have emerged, reflecting the digitalization of the physical world through a growing base of connected devices, transmitting data through the greater use of connectivity technologies, and ultimately, with rapid developments in innovative applications, transforming that data into actionable insights. M2M, IoT, big data, Industrial IoT and now Enterprise IoT are closely related terms in this new digital world.
For the enterprise with products, services and processes supported by enterprise-wide systems such as ERP, CRM and SCM solutions to name a few, the objective has extended itself from optimizing the processes around production and distribution to optimizing the products and services themselves through their “connectedness.” In conjunction, bringing a closer integration between operational technology (OT) and information technology (IT) has emerged as recent technology changes in process improvements. In many ways, supporting IT technologies has moved from the back-office to the front-office. A few examples illustrate these developments.
Manufacturers of home security systems such as FrontPoint, Vivint and ADT or air-conditioning units by GE, LG, Carrier and Maytag have long focused on the quality of their products — and how greater efficiencies and performance could be achieved. With these units connected and sharing data, not only are enterprises able to monitor and manage the performance and condition of these machines, but also use and learn from the data about the predicted condition of the machines, the behaviors of the users and, in combination with other information sources, how power may be better managed in the home or how additional features in security devices can help detect other possible incidents and activities at home such as water leakage, entry to specific areas or cupboards, and/or forgot-to-turn-off the cooker solutions. For enterprises designing and launching these new products and services, Enterprise IoT has enabled many new opportunities.
At the industrial level, the monitoring and management of equipment such as pipelines, presses, extruders and assembly lines have all benefitted from M2M and Industrial IoT. The goal of automated systems — substantially more efficient and productive — provides significant benefits for many enterprises, and the convergence of operational technologies (the IT behind and within operational equipment) is becoming less and less discernible from back-end information technologies. As one example, operations within virtual power plants from, say, Schneider Electric now illustrate this convergence of OT and IT, operations tightly integrated with energy trading systems and energy storage facilities, all managed through OT & IT integrations.
Transformation and “servitization”
As products generate and provide data about their performance, usage and, in many cases, their physical environments, enterprises have started to transform their industries, processes and relations with customers in what has been termed as “servitization.” In a nutshell, servitization is the process by which traditional manufacturing companies have started to transform their industries from pure product-oriented production and distribution processes to significantly greater focus on opportunities in service-led processes. These service-led opportunities can be identified in four key areas as illustrated below.
Figure 1: Four key new services from Enterprise IoT [Source: Machina Research, 2016]
Common to all four areas are the fundamental attributes of Enterprise IoT: connected devices, real-time data, defined applications and integration with back-end enterprise systems. This leads to the working definition of Enterprise IoT by Machina Research as: “smarter, connected industrial devices and products, capturing, sharing and processing data about the environment, and integrating and enriching this data in enterprise architectures and systems in real-time.”
Enterprise IoT is about connecting devices and monitoring and managing the processes in an intelligent way. It is also about “transformational business outcomes,” (part of the definition of Industrial IoT by the Industrial Internet Consortium), and these transformations are driven by new business models with new processes such as billing, customer services and data sharing. And inherent to all these transformations are the new and real-time integrations to enterprise systems, moving from the back-office to the front-office with the assistance of cloud services, APIs and OT & IT integrations.
So what does Enterprise IoT mean? Enterprise IoT is not just another technology enablement step in terms of connecting devices, a new platform or application, or some new analytics. It is all of that plus the significant opportunities that emerge for enterprises in creating new and innovative processes around their products and services. Enterprise IoT extends not only the technology enablement landscape within the enterprise, it has firmly started to disrupt many traditional manufacturing industries with new service propositions and created new expectations and relations with customers.
One of the main themes that came out of Thursday’s PTC live-stream event is that “service is the killer app” — and augmented reality will help that app flourish.
“While the Internet of Things and machine learning have been transforming the way we operate and service things,” PTC President and CEO Jim Heppelmann said, “a new technology has arrived on the scene that will allow us to transform the way we interact and experience those things. That technology is augmented reality.”
In the hour-long event, viewers and attendees heard about and saw demonstrations of augmented reality in real-life use cases.
“Augmented reality — frequently referred to as AR — is a way of superimposing digital information in the form of computer graphics onto a live view of the physical world,” Heppelmann said. “In other words, it converges and melds together the digital and physical worlds into a single, unified visual experience.”
“We need applications to deliver value — the type of applications that generate and then augment dynamic digital content onto the physical world. The type of content you get, for example, when you blend 3D digital product descriptions with connectivity and analytics. In other words, when 3D CAD meets IoT and AR, magic happens.”
Large brands including Pepsi, Band-Aid and Kentucky Fried Chicken are already using AR platform Vuforia, which was acquired last November by Needham, Mass.-based PTC, to change the way things work.
For example, Vuforia has helped Mattel transform toys and gaming, allowed the Guinness Book of World Records to drive new types of interaction, and let Bumble Bee change how marketers brand products.
However, as much as consumer AR applications abound and are seemingly limitless, it’s time for AR to make a bigger impact, this time on the enterprise.
“While augmented reality is already transforming the way we play, it’s about to completely disrupt the way we work,” Heppelmann said.
Now companies including Hyundai, John Deere and Caterpillar are using AR to revolutionize business processes and provide services to their clients and users.
In a number of demonstrations, viewers saw firsthand how augmented reality helps make up for lack of technician experience and creates a diagnostic platform for motorcycles; helps reduce medical equipment downtime by using augmented controls to help service systems; and helps industrial equipment service providers by offering real-time support and diagnostics — no need to waste precious time flipping through a manual.
At the event, PTC also announced two new features being added to the Vuforia platform: support for Windows 10 devices (it already supports Android and iOS), as well as VuMark, a universal solution that helps developers create a “unique AR experience on any object.” One of VuMark’s touted features was how its identifier not only overcomes the limitations of bar codes, but also replaces the unsightly bar code or QR code with a customizable icon.
Vuforia’s two new features are set to be publicly available this spring.
With more than 75% of healthcare costs linked to chronic conditions, it’s easy to apprehend the upside potential of the medtech market. Wearables have typically been associated with consumer-focused fitness-promoting technologies (such as Fitbit or Jawbone), but there is substantial promise in the development and use of FDA-cleared, medical-grade wearables for use in clinical settings. These types of medical wearables allow for the better treatment of a patient and promote greater insights for the attending physician; moving away from consumer wearables to embrace clinical FDA wearables is a particularly profitable (and less capricious) shift in the medtech approach. Analysts forecast that the medical technology market will balloon to more than $50 billion over the next 3-5 years. This is largely due to the demand for technology that allows for continuous monitoring, preventative health insights and personalized treatment based on the individual’s physiology, medical history and lifestyle. For medtech companies capitalizing on the trends in medical technology, innovation is the key to success and marketplace viability. Developing a meaningful medtech wearable solution will not only allow patients to enjoy a better quality of life, but also ensure the competitiveness of your business.
Leadership and innovation
Everyone loves “innovation,” but its backbone is constructed entirely from that inglorious and time-consuming substance known as R&D. Success with medical wearables is closely linked with experimentation and knowledge aggregation; the fact of the matter is that no company can afford to skimp on R&D. With heavyweights like Samsung sinking more than $10.4 billion into R&D (2013), it is unthinkable for companies that want to stay viable in the marketplace to avoid significant investments in R&D, new technologies, and employees. Moreover, expect agile wearables startups founded by MDs and former medtech executives to nip away market share from traditional medtech companies. Innovation is no longer optional.
Market leadership hinges on tech investment: now is not the time for corporate solipsism. Competition in medtech will not be limited to your own vertical, either. Your company may not only be contending with startups, but also with large, established companies one or two verticals away from your usual competition that will encroach into your space with their medical wearables. For example, you may need to compete with Google, which is developing a wearable device that allows for better medical assessments. Enterprises on the cutting edge of technology are in the best position to lead. For example, Elfi-Tech develops advanced biosensors and sophisticated algorithms for non-invasive monitoring. The sensor module monitors an array of metrics, from the skin blood flow, blood velocity and coagulation to a general fitness assessment of the user. The obvious implication of a multi-metric device is that it can be utilized in a broad range of settings (for example, hospitals, walk-in clinics and research facilities) to cut costs and better target patient care. A strong commitment to experimentation and learning also pays dividends. For example, a medtech startup is taking advantage of advanced research to monitor nitric oxide levels in asthma sufferers; the company’s device would allow for improved treatment and the avoidance of possible complications from the disease, such as increased rates of pneumonia.
For wearables companies, devices need to have meaningful and trustworthy healthcare benefits that are reliable and cost- and time-efficient. Inaccurate fitness data is no longer acceptable. In addition to moving towards FDA grade accuracy, soon the single-function device will be a thing of the past as healthcare providers move to embrace technology that fulfills a variety of purposes (think of Dr. McCoy’s tricorder). Medtech wearable devices need to be able to monitor multiple functions and support physician analysis in promoting the individual’s health and treatment options.
Other than the IRS or NSA, few three-letter agencies cause a visceral response like the FDA. FDA regulations may seem insurmountable, but applying for clearance is being eased by companies like ClearRoadmap, which helps guide wearable developers and medical professionals through the search and FDA clearance process. Most medtech devices fall into the second category of devices; Class I devices have no potential risk to the user (band-aids), Class II devices may expose the user to minimal risk (powered wheelchairs) and Class III devices may expose the patient to significant risk (implants). A number of companies are already capitalizing on their clearance. For example, HealthInterlink (now owned by Welch Allyn) received FDA 510(k) Class II clearance for its Beacon 2.0, a mobile software system for home health devices. Nexus6 obtained FDA clearance for its smartphone-connected inhaler, SmartTouch, as a Class II medical device.
Lead, innovate, invest
In order to enjoy success and growth in healthcare, medtech companies need to focus on leadership and innovation. Acting as a trailblazer in this medtech wearable arena will not only allow your company to compete, but it will open up new market opportunities to drive growth. Innovation is the key to developing the best products that target illnesses or health problems, but this will require a serious commitment to R&D, with emphasis in wearable medical devices that will provide unrivaled continuous patient monitoring and invaluable, trustworthy data. The future belongs to those medtech companies who can offer innovative, cost-efficient and holistic healthcare approaches to preventative and diagnostic medical care. Medtech firms must consider medical wearables.
Big data for the Industrial Internet of Things is far different from big data for the Internet of Things, namely because what takes seconds — or more — must now take microseconds or less.
To overcome the time constraints associated with Industrial IoT and provide real-time monitoring, gathering and analyzing of IIoT data, elluminance Monday announced new product set that should help organizations capitalize on the insights derived from physical and real-world events, sensors and actuators, instrumentation, and software/IT infrastructure.
The Austin, Tex.-based company’s Real-time Data Platform and Time to Insight are deployed on National Instruments technology — which uses field programmable gate arrays (FPGAs) — and backend technology runs on Hewlett Packard Enterprise’s Moonshot development platform.
“The feedback data from sensors is under-utilized,” said Barry Hutt, elluminance CEO. The company’s diagnostic, predictive and prescriptive technology, he continued, are critical to harnessing the value of real-time industrial data to, for example, prevent failures in industrial engines or build a smart grid that can automatically detect and respond to issues (such as a crack in a utility pipe) or seamlessly put energy back onto the grid.
“I could just predict a behavior,” Hutt said, “But before I even know I have a problem, I’ve already fixed it by deriving from lots of different sources of data.”
Venture-backed elluminance, which was founded in October 2015, is able to do this as it is comprised of experts from various backgrounds — including sensors, instrumentation, IT and hardware — all places data is derived from.
This team of experts also knows that real-time computation and algorithms are two of the most costly barriers of IIoT analytics.
“Real-time doesn’t just mean fast,” said Darren Schmidt, chief technology officer of elluminance, “It means reliable and stable.”
Elluminance is prepared to help every step of the way — from sensor to backend. Its technologies connect data with the appropriate sense of real time — be it with FPGAs, CPUs or GPUs — as well as the proper algorithm which can pull value from operational technology. The company works with clients to map out the problem, response time (be it categorized “slow” at 10+ seconds or mission critical at 20 μs) and problem size, and then connect it with the proper algorithm, execution environment and data management solution.
“As the new networks link data from sensors to IT analytics systems, new and compelling insights and knowledge will be revealed, and those will boost operational efficiencies. The wisdom gained will enhance decision making and transform businesses,” said Hutt in a press release. “Our roots run deep in the technologies that are driving the growth of the Industrial IoT. Our customers reach new understandings of complex real world problems that can lead to ground-breaking solutions in months instead of years.”