IoT Agenda

April 17, 2018  10:52 AM

Boost built-in IIoT security with VPNs

Julian Weinberger Profile: Julian Weinberger
Authentication, Certificates, cybersecurity, end to end encryption, IIoT, Industrial IoT, Internet of Things, iot, iot security, Managed VPNs, patching, Virtual Private Network, VPN

According to Gartner, IIoT devices are projected to reach 3.17 billion units in 2020. This includes manufacturing field devices, process sensors for electrical generating plants and real-time location devices for healthcare. Companies taking advantage of these IP-connected business devices are already benefiting from new revenue opportunities, operational efficiencies and substantial cost savings.

However, technology developments in this space are fast outpacing industry standards — earning them an unwelcome reputation for exposing sensitive data to security risks. Developments in IIoT data protection are currently failing to keep up with the rapid rate of innovation and demand. Securing the confidentiality and integrity of data passing between all these devices remains a major challenge for many businesses as IT professionals have to familiarize themselves with multiple IIoT designs, often with immature security features, that present clear data breach risks. Data from IIoT and M2M systems is especially prized by cybercriminals as they seek to intercept and sell intellectual property and personally identifiable information.

Recent research by Forrester found that the top three challenges for IT professionals are IIoT integration, migration/installation risks and privacy concerns. In the study, 92% of C-level respondents reported that they implemented security policies for managing IoT devices, yet less than half (47%) reported that they did not have enough tools in place to enforce those policies. Undeterred, businesses are continuing to invest in IP-connected devices — 49% of respondents expect to increase spending on IIoT security this year.

While business spending on cybersecurity is projected to amount to $134 billion by 2022, the majority of industry experts agree that built-in security is the answer to establishing a trusted standard of IIoT security. Incorporating security into the initial IIoT design process will maintain the privacy and integrity of highly sensitive data from the beginning.

Built-in security properties

Security should never be an afterthought. Device manufacturers must adopt a security-by-design approach and build better security into the initial development of IIoT devices. Being proactive with cybersecurity practices can save a business from a widespread data breach or prevent a hacking incident that results in revenue loss and customer mistrust. The following security measures are recommended for built-in IIoT protection:

  • In-depth protection: Device software should have multiple defense layers;
  • Automated security patching: The ability to automatically patch and update IIoT device software that is in line with prevailing threat developments;
  • Unique hardware identity: Every device should be assigned a unique identifier inextricably linked to its hardware that marks it out as trustworthy;
  • Independently tested trusted computing base: Device operating systems and security mechanisms including access control, authorization and authentication, virus protection and data backup are verified according to recognized industry standards;
  • Compartmentalization: Applying network security segregation within the device hardware to prevent attacks from spreading;
  • Software failure alerts: Software failures should be automatically reported to the manufacturer; and
  • Authentication with certificates: Device authentication should always use certificates rather than passwords.

Virtual private networks

Even when the above properties are built into IIoT devices, there is one major security measure that businesses must implement. All remote connections and monitoring of IIoT devices should be secured with industry-proven encryption technology such as virtual private network (VPN) software. VPNs can secure the IP-connection of every IIoT device so that data traffic is encrypted as it passes between individual devices and the remote central management point over the internet. When combined with remote access controls and certified authentication measures, VPNs form an effective barrier that shields company confidential data from the unwanted attention of unauthorized parties.

In summary, the phenomenal growth in development and adoption of IIoT devices is rapidly outpacing manufacturers’ ability to make them completely secure. In the next few years, we should see more manufacturers building best-practice security measures into devices. Though there are several recommended properties for built-in security, such as security patching and authentication with certificates, encrypting communications with VPNs is essential. Centrally managed VPN software provides vital data encryption for the many thousands of remote connection points that make up an IIoT environment. In combination with built-in security features and processes, VPNs provide robust protection for maintaining the privacy and integrity of highly sensitive IIoT data.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 16, 2018  1:22 PM

A new era for the connected mobile ecosystem

Tim Sherwood Tim Sherwood Profile: Tim Sherwood
Connectivity, Internet of Things, iot, IOT Network, Mobile, mobile network, Mobility, SIM, SIM card, Wireless

In a world that is increasingly digital and virtual, the use of embedded SIMs (eSIM) and soft SIMs are starting to gather pace. Simply put, a device with an eSIM comes with a SIM chip built in, straight out of the box. A device with a soft SIM doesn’t have any SIM hardware at all; the SIM functionality is delivered onto the device virtually, or over the air (OTA), once the user switches it on.

Both these technologies make the process of starting to use a new device, such as a smartphone, simpler and quicker. And they help break down traditional (and costly) geographical barriers when it comes to mobile connectivity between different countries. What’s also exciting is that they open up a new world of possibilities when it comes to form factors: to date, having to squeeze in a SIM or even a micro SIM has limited manufacturers’ options when it comes to items that can be equipped with connectivity. That’s no longer an issue, spurring innovation by bringing connectivity to previously unconnected “things.”

Truly borderless mobility

Imagine you are on a round-the-world trip of a lifetime — starting from the U.S. East Coast, stopping in the UK, then venturing down to South Africa, moving on to discover the Asia-Pacific region, and then flying back to Europe before returning home to the U.S. Currently, most of us would buy local SIM cards when travelling — they are cost-effective and offer good network connectivity. The issue is that a device may be locked for a specific MNO’s SIM — and it’s a pain having to buy a new SIM the moment you step off the plane in a new country. Now, thanks to global Wi-Fi hotspot devices, people can stay connected while roaming, without the hassle of changing SIM cards or fearing bill shock due to high roaming charges.

Soon, billions of IoT devices will be connected worldwide — and just like when people travel from country to country, eSIMs and soft SIMs will play a central role in how quickly and seamlessly all those things connect too.

The challenge for IoT device manufacturers is that the standard method of soldering or inserting IoT SIMs by hand into devices is time-consuming and expensive. eSIMs enable device manufacturers to not only embed connectivity into anything without a physical chip, but to also reprogram SIMs OTA for millions of devices simultaneously.

Take the manufacturing industry for an example. Imagine a global steel plant, where all workers wear an IoT-enabled activity tracker type bracelet to monitor key variables, such as air quality and heart rate, to help ensure their health and safety in tough conditions. Being able to reprogram eSIMs inside all the wearable devices OTA simplifies their management and helps to make global IoT deployment more practical and affordable.

Another example is a logistics business with hundreds of vehicles in its fleet, each vehicle equipped with IoT-enabled sensors collecting huge amounts of telemetry data every day. The challenge for the company is how to harness the full power of all this data for maximum insights and efficiencies, without breaking the bank due to roaming charges as its vehicles cross from one country to the next. eSIMs and soft SIMs can help slash roaming costs in this scenario by automatically switching mobile networks, or reprogramming the SIM OTA with a new profile to ensure best rates and coverage. It doesn’t stop there though — an eSIM-enabled managed service can also include other value-add services for logistics, such as localization, scheduling, asset management, temperature sensing, video monitoring and vehicle diagnostics — all integrated with the core supply chain management systems of the business.

Adapt and thrive

As eSIMs and soft SIMs start to become mainstream, we may well see a shift in the competitive landscape for not just MNOs, but for the whole mobile ecosystem. New device form factors and IoT applications will emerge, and businesses will be able to unleash the full potential of truly global mobile and IoT services.

So, rather than the end of an era, these new SIM technologies should be considered as a new beginning — one that gives all businesses in the mobile world the chance to renew and reinvigorate what they bring to the sector today and tomorrow. This evolution will favor those who are ready, willing and able to adapt and become more agile in response to new competitive pressures and opportunities.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 16, 2018  12:50 PM

The IoT evolution versus IoT revolution debate in the Cognitive Age

Francisco Maroto Francisco Maroto Profile: Francisco Maroto
ai, Artifical Intelligence, Enterprise IoT, IIoT, Internet of Things, iot, robot, Robotics, ROBOTS

During all my years evangelizing the internet of things, I have been explaining to customers, partners and friends that IoT can positively change the way we do business and the way we live our lives. I have been asked if IoT is a new revolution in our society or if it is just one step in the technological evolution of the digital revolution. Today, the debate continues, but whether evolution or revolution, the internet of things is here to stay.

I definitely think it’s an evolution. The development of the internet of things is a bold move. IoT is not just a leap from the internet. The internet of things brings with it an evolutionary force that we rarely see in technology.

It is important to not scare conservative enterprises. It is not about ripping out current automation systems to replace them with new technologies. End users will resist rapid and radical change because of the increased risk of downtime and associated costs.

Therefore, I think this debate should be framed in a more general question: What Age period are we living?

The Connected Age

I consider the start of the Connected Age when the term “internet of things” was coined by Kevin Ashton in 1999. Kevin probably envisioned the move to sensorization would transform every industry in the world.

The main driving force behind the Connected Age is data: data that can be collected, data that can be analyzed, data can be shared and data can be used to improve service offerings. Data is the new oil in this Age.

Global sensorization is driving new ideas and thoughts that will ultimately drive innovation in our personal, business and working lives. Sensors data is opening up new opportunities, driving new business models and taking innovation to new levels.

We are still living in the Connected Age. I expect this Age to end in 2025, not because there will not be more things to connect, but because it is when most “things” will become intelligent and start being controlled by robots.

The Robotic Age

Reading “Genesis of AI: The first hype cycle,” I rediscovered how artificial intelligence was born and evolved until now. But it wasn’t until after I read “Your data is crucial to a Robotic Age. Shouldn’t you be paid for it?” that I realized we are entering before 2025, not without a certain fear, the Robotic Age.

According to IDC, “By 2019, 40% of digital transformation initiatives — and 100% of IoT initiatives — will be supported by AI capabilities.”

Qualcomm also envisions a world where edge AI makes devices, machines, automobiles and things much more intelligent, simplifying and enriching our daily lives.

AI has emerged as the most exciting capability in today’s technology landscape. Its potential is rich for large, complex organizations that generate massive amounts of data that can be fed into AI systems. AI-driven companies will represent the future of broader parts of the economy, and we may be headed for a world where labor’s share falls dramatically from its current roughly 70% to something closer to 20-30%. At the same time, the number of robots will increase.

Robotics and artificial intelligence have reached a crucial point in their evolution. A robot is no longer just a mechanical device capable of interacting with its environment and carrying out an assigned task. At present, research laboratories all over the world are developing and implementing sophisticated robots in technical, practical and even philosophical tools. Nevertheless, we cannot forget that there are still problems in the land of AI.

The Cognitive Age

For those of you who believe the mind is the center of all things, New York Times columnist David Brooks wrote two editorials that point to wider transformations that are shaping the world in which we live.

We could consider the start of Cognitive Age being when Facebook abandoned an experiment after two artificially intelligent programs appeared to be chatting to each other in a strange language only they understood. The two chatbots came to create their own changes to English that made it easier for them to work — but which remained mysterious to the human.

Are we sure Facebook shut down its artificial intelligence program? Facebook is not the only company — or government — running secret AI programs. Are you scared?

There are many myths about Cognitive. This article, published by Deloitte Consulting, may help dispel five of the most persistent myths.

“Start thinking how to prepare yourself and your business for the Cognitive Age.”

As I explain in “Bring your own cyber human (BYOCH) part 1: Augmented humans,” we are on the path to becoming cyber humans. To live in the Cognitive Age, I encourage companies to invest in how to enhance our senses and increase our intelligence to compete with and win over robots.

Key takeaways

The Connected Age is a fact. Arm predicts 1 trillion IoT devices will be built by 2035. For those who think IoT is a revolution, don’t be worried because we are just living in an evolutionary process.

With the introduction of AI and machine learning, enterprises will be able to embark on projects never thought possible before. The Robotics Age is going to be a great challenge for humanity. The fear of being inferior to our creation, not being able to control them, competing with machines for jobs and having to obey them will really mean the beginning of a revolution.

What does AI mean for the future? What will the implications and the risks be? Will AI really understand humans? With its current skills, humanity will be inferior to the cognitive systems that will populate the Cognitive Age. That is why I encourage governments, private laboratories and researchers to work on Augmented Human projects so we do not become slaves to our uncontrolled inventions.

Thanks for your likes and comments.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 12, 2018  3:59 PM

Four common myths about AI

Ben Pietrabella Profile: Ben Pietrabella
ai, Artificial intelligence, consumer experience, Digital transformation, NLP, User experience, UX

Artificial intelligence has moved from science fiction to science fact, and the market for AI functionality in business is growing by leaps and bounds. In fact, innovative companies worldwide are mining considerable business value with the implementation of AI capabilities, such as natural language processing, across a broad spectrum of industries. Yet, despite the popularity of AI among early adopters, myths and misunderstandings make it challenging for businesses to integrate and deploy AI effectively.

Let’s take a look at four enduring myths about AI and address why businesses need to reboot their thinking …

1. If you build it, they will come … or will they?

It’s no longer enough to just build and sell a product for the sake of it. The market is crowded and fast-paced as digital startups and legacy enterprises vie for innovative ways to realize their digital future. Forward-looking companies are putting plans in place to generate predictable demand for new sources of digital revenue.

Analyst firm IDC predicts that by 2020, 50% of global 2000 companies will see the majority of their business being dependent on the creation of digitally enhanced products, services and experiences. Pioneering companies that have already made the shift are reporting faster growth than their competition. In this new world, data fuels new and predictable revenue streams on the back of AI, connected things and other digital technologies.

While any company can embark on a digital platform strategy, a differentiated value proposition is essential — and it is required to build at scale. The customer experience is critical. For example, the latency for refreshing images on a virtual reality (VR) headset shouldn’t exceed 10 milliseconds. To accomplish this today, VR gaming headsets require bulky hardware to control sensors and run compute-intensive software.

However, with multi access edge computing (MEC) and AI-based technologies, a mobile edge computing platform would sit close to the point of consumption, taking over the heavy lifting while avoiding unwanted latency. By using MEC and AI, a number of mobile operators, including Deutsche Telekom and Verizon, have recently made announcements related to applications and devices where millisecond response times and customer usage patterns and preferences matter. In other words, by placing AI at the core of their offering and using edge computing, network service providers can make the digital transformation to generate new sources of revenue based on consumer and business demands.

2. One AI size surely fits all, right?

It sounds cliché, but the possibilities with AI are limitless. AI will eventually find its way into just about every product and service. However, not every new product or service will succeed. Success or failure will be based on the business case, and for a number of companies, the right AI use case continues to remain a mystery. In a recent global study conducted by the McKinsey Global Institute, only 20% of C-level executives surveyed said they currently use any AI-related technology at scale, and many firms noted they are uncertain of the business case or the ROI.

Sure, Alexa and Siri seem to have all the answers, but AI for its own sake is not the answer. AI technology is a means to an end, and it should be applied thoughtfully to achieve a real customer value proposition. To achieve revenue growth, operational efficiency and market differentiation, the key question to ask is: What problem are you trying to solve and how can AI play a role?

For example, an industrial equipment manufacturer will benefit from agile machine learning to improve predictions about the onset of failure, allowing maintenance to be scheduled in advance. Likewise, better usage predictions can help a mobile operator reduce the time it takes to resolve network congestion and isolate instability. Failure pattern analysis can enable a software developer to root out priority bugs faster.

Today, an estimated 1,800-plus AI companies have captured more than $16 billion in funding — yet, not all of them will survive. To maximize your product’s value, first and foremost be sure to focus on delivering the best user experience balanced with the best possible business case.

3. AI is revolution not evolution

As digital penetrates every industry segment in varying degrees, there is a sense of urgency for legacy enterprises to go digital fast. Real fast. Even luxury carmaker Porsche is shifting value from horsepower to digital power, with services such as finding nearby parking spots or warning drivers of hazardous road conditions. Soon, it is anticipated that software-based offerings will account for about 10% of the $89,400 sticker price of the new Porsche 911 sports car.

It’s important for companies to map out a digital transformation roadmap — yes, it is evolution — for their mature products before they near the end of life, in order to reduce the negative impacts on the business. The objective is to ensure the core business remains profitable for as long as possible, while successfully incubating fresh product lines shaped by strategic priorities. But be sure to design products around people — the focus should be on how to go above and beyond what the customer expects to meet their digitally focused future expectations. When compared to their peers, revenue growth for companies focused on customer experience outperforms competitors by a wide margin.

Many established companies have already embarked on this digital transformation journey. A prime example is a partnership between GE and AT&T to deploy networked sensors in streetlights. The smart lights can dim or brighten, monitor air quality, keep an eye on parking spots, and even detect and report gunshots. To move digital transformation efforts further and faster, companies need to ensure their R&D organizations have the right business focus, incentives, culture and processes for growth. Ultimately, businesses need to see AI as an evolutionary technology that can deliver outstanding digital experiences for customers.

4. Technology trumps design

Today, the old adage “form follows function” can more accurately be rephrased “form follows emotion.” Designing for the “average user” is outdated. The more personal the experience, the more valuable it will be to the customer — and the more successful your product or service is likely to become. Whether it is a developer console, business productivity application or application for a consumer device, personalization matters.

While AI can be a powerful force for disruption, it is important to focus on what really matters most. From qualitative to end-user participatory research and concept evaluation, the goal of human-centered design is to find new ways to engage with the target audience on their terms. And the stakes couldn’t be any higher. According to a recent study by Salesforce Research, 64% of customers now expect real-time responses and interactions with brands. Half of those surveyed are likely to switch brands if companies do not anticipate their needs.

AI-based machine learning allows companies to collect and analyze data in real-time for a better understanding of the user’s experience with a product. It provides insight and intelligence on how customers are interacting with other users and services. In other words, AI offers the perfect opportunity to create digital growth opportunities, provided that you reimagine products from the end-user’s perspective. This means looking beyond the assumptions and misconceptions of using AI as a technology to using AI-specific use cases with true focus on understanding the needs, preferences, attitudes and motivations of a wide range of customers.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 12, 2018  2:48 PM

Improved customer experience through IoT drives manufacturing efficiency

Jeff Nedwick Profile: Jeff Nedwick
"Automotive industry", automotive, Connectivity, Customer satisfaction, Downtime, IIoT, Industrial IoT, Internet of Things, iot, Manufacturing, Predictive maintenance

It is a disruptive time in the automotive industry. The industry that famously proclaimed customers could purchase a car in “any color, as long as it’s black” has been turned on its collective head. Henry Ford, the legendary automotive pioneer who uttered those words, was adamant in his belief that demands for more colors and options represented only 5% of the customer base and automakers should focus on the other 95%.

What a difference a few decades make. Automotive manufacturers who not so long ago only worried about styling and horsepower must now anticipate the demands of an ever-more sophisticated customer base; a customer base that often values connectivity and convenience over aesthetics and performance. These customers will no longer settle for two or three option packages.

This insistence on an abundance of options and the flexibility to change the mix of those options at any time places increased pressure on margins for automakers — especially considering they are already dealing with competition from nontraditional automotive companies, an unpredictable regulatory environment and the natural, cyclical nature of the industry.

Despite the uncertainty and increased demand for customization, one constant remains: metal must be bent, poured or ground, plastic must be injected, and components must be assembled into a finished vehicle. Manufacturing is the one constant in an otherwise volatile industry and therefore it is extremely important that automakers make their manufacturing processes as efficient as possible.

Support for more customization and fast reaction to customer requests is important in today’s automotive landscape, but it comes at a significant cost. For decades, manufacturing processes achieved efficiency through standardization; fewer variables meant higher economies of scale, lower labor costs and fewer defects. Increased customization and flexibility requires more sophisticated, costly manufacturing processes. Factor in the lower sales volumes to spread those costs across and it is easy to understand the push for more efficiency.

It is no surprise then that auto manufacturers are investing heavily in industrial internet of things.

Fortunately, the automotive industry has a head start with IIoT. Automotive manufacturers were automating and connecting manufacturing equipment on the plant floor long before the term “internet of things” was coined. That experience makes it easier to see the value in collecting and analyzing data being generated by plant floor equipment.

The advanced shop floor management techniques of IIoT rely on this data to calculate actual machine performance versus planned machine performance in real time. This immediate feedback detects and predicts breakdowns or inefficiencies — in both processes and equipment — and allows operators to take corrective action if a deviation from target is detected.

At a macro level, plant managers can compare manufacturing performance between plants, lines or machines to ensure all processes are running at peak efficiency.

Data collected from plant floor equipment can also eliminate unscheduled downtime by assessing the health of critical equipment and predicting equipment failure to schedule repairs before a breakdown occurs. This paradigm shift from preventive to predictive is enabled through analysis of plant floor equipment data and seamless integration to enterprise asset management applications.

In a typical high-volume automotive manufacturing environment, it can be difficult to trace with precision the production lineage of a given product. But with IIoT technologies, access to historical data collected from manufacturing operations enables both backward and forward end-to-end traceability to the root cause of a product defect.

In the automotive industry, niche products are becoming more and more important and as automakers struggle to meet the demands of more sophisticated and demanding consumers. IIoT technology provides an effective way to offset the increased costs associated with lower volumes and highly customized vehicles.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 12, 2018  12:35 PM

Where the rubber meets the road: Blockchain, AI and automobiles

Scott Zoldi Profile: Scott Zoldi
ai, Artificial intelligence, Bitcoin, Blockchain, Cars, Connected car, driving, FICO, Insurance, Internet of Things, iot, Relationships

Between coin heists and ICOs, much of the attention around blockchain technology centers on bitcoin and other cryptocurrencies. (There’s even a bitcoin heist movie, if you’re interested). But as blockchain, the technology that underlies bitcoin and its brethren, grows in usage, there are intriguing opportunities for AI to work with it to transform the way all manner of financial transactions occur, and not just in the financial industry.

Last year at FICO’s Automotive Mastermind conference, we discussed broad automotive applications for blockchain-focused analytics and AI-driven scoring technology that is the basis of many FICO technologies. These were in addition to blockchain’s micro-transaction enablement, which I blogged about as part of my 2018 analytics and AI predictions. Here’s a recap of that:

Blockchain technology will soon record “time chains of events,” as applied to contracts, interactions and occurrences. In these “time chains,” people and the items we interact with will have encrypted identities. The blockchain that is distributed will be the single source of truth, allowing audit trails of data usage in models, particularly in data permission rights.

Today, to rent a car, you’d go to a traditional car rental agency like Hertz or Avis, or belong to an “alternative” rental organization like Zipcar or car2go. In the future, you will be able walk up to a car to lease it, but you’ll do so with a micro-loan for which you are approved to lease the car for, say, an afternoon. This micro-loan will have insurance contracts attached to the chain and a codified history of the car’s history of drivers, events and maintenance. As you drive through the city and interact with toll roads and parking spaces, all of this information will be automatically recorded and monitored on the blockchain. When you leave the car and lock it, the lease is complete and auditable on the chain.

Blockchain comes to the drivetrain

This concept of auditable “time chains” enabled by blockchain can be applied to, for example, tracking faulty components from their source to every affected vehicle. Such an approach could dramatically improve safety flaws that are today addressed by inefficient mass recalls.

Beyond “time chains,” data event chains will create new opportunities for graph analytics and novel new AI algorithms to consume relationship data at scale. In 2018, we will see new analytics around relationship epochs, which has fascinating implications for the automotive industry. Here’s a quick definition: Think of your car’s daily interactions with drivers, other cars, fuel stations and service establishments. Most days are relatively routine, but sometimes chains of events occur that have new meaning, perhaps indicating impaired or poor driving, collisions and repairs, preventive service opportunities and many others. Clearly, understanding these webs of relationships of events will add more insight to any analysis of individual components. These webs, or relationship epochs, will feature scoring based on shifting chains and graphs, delivering tremendous predictive power.

For example, relationship epochs and scoring techniques could be applied to:

  • Used cars: Purchasing a used car is fraught with uncertainty. Blockchain and AI can be used to create relationship epochs that will inform buyers of the car’s “past life,” i.e., if the car has been in accidents, how rough it was driven, if the parts comprising the vehicle are authentic and correct, and much more.
  • Defensive driving: As roads become increasingly populated with driverless cars, it becomes critical to know how much to trust the car in front of you. What is its history on the blockchain? In the moment, should you back up or change lanes? Cars’ sensors add another dimension of information, helping human drivers to make better decisions.
  • Insurance risk assessment: As the roads we drive on essentially become a network of trust, individuals’ identities may not be known, but there is goodness and normality associated with the individuals who comprise driving populations. In this way, blockchain technology can help insurance companies to assess and score drivers’ safety habits and aggregate risk levels.

As for me, I am excited to hear about how my future used Porsche may be enhanced by blockchain technology. Since I’ve just sold my much loved, and much maligned, classic Porsche 996, a new track car may be in my future sooner than I think. Follow me on Twitter @ScottZoldi.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 11, 2018  2:38 PM

The need for network assurance in a world of connected healthcare

Eileen Haggerty Profile: Eileen Haggerty
Connected Health, Internet of Things, iot, IoT applications, IoT devices, IOT Network, iot security, Network performance, visibility

In an environment of ever tighter budgets and resources, where providers are increasingly expected to do more with less, advances in technology are proving to be a boon in the delivery of healthcare services.

Secure, real-time access to a patient’s electronic medical records (EMR) and test results is now widely taken for granted, with the ability to access and input data anywhere, from virtually any device, delivering efficiency savings for healthcare providers. At the same time, ongoing development of innovative IoT applications continues to open up new ways of monitoring patients’ health and the efficacy of their treatment.

The Memorial Sloan Kettering Cancer Center in New York, for example, is working with cloud research firm Medidata Solutions, Inc. to test the use of activity trackers in monitoring the reaction of patients with multiple myeloma to their treatment, enabling improvements to be made over time.

Elsewhere, pharmaceutical giant Novartis AG is undertaking research with Qualcomm Technologies, Inc. and Propeller Health to develop connected inhalers for the treatment of chronic obstructive pulmonary disease. Propeller’s device connects to a dedicated mobile app via sensor to passively record and transmit usage data, allowing doctors to keep accurate track as to whether patients are sticking to their treatment plan.

The application of technologies such as these will only prove beneficial in allowing the secure delivery of more efficient, patient-centric healthcare. However, the complexity they will introduce to a healthcare provider’s network is likely to pose something of a challenge.

Vital visibility

As a result of the transformative effect of digital technology, healthcare staff generally expect to be able to access information almost instantaneously. They are likely to blame the EMR, therefore, when they experience delays in accessing patient records, or curse the email system when they don’t get the message approving a patient’s insurance. In many cases, however, the source of the fault is likely to be a supporting service rather than the EMR or the email system. But without full visibility into the network, this source would be hard to diagnose and remedy.

The fault may well lie with a configuration issue, or a bandwidth problem, or in a poorly designed application. However, when you consider that hospitals and health systems are coming under attack from cybercriminals at a rate of almost one a day in in 2017, any device connected to a network, from iPads to MRI machines to smart beds, can be a target, potentially putting the lives of patients at risk.

One in five healthcare organizations has more than 5,000 devices connected to its network, each one of which represents an endpoint that could be exploited for nefarious purposes. It is easy to understand how the need for visibility becomes significantly more serious.

The value of service assurance can, quite literally therefore, be a matter of life and death. It is vital that hospitals have visibility into their entire networks in order to mitigate any risk before it becomes a problem.

Reliance on the internet of things

Healthcare providers depend on high availability as they adopt new digital services. The increasing use of IoT technology, for example, means that whenever a delay or an outage in network performance occurs, the delivery of patient care can quickly grind to a halt which, in some instances, might prove harmful to patients.

Our reliance on the hyper-connected IoT depends on more than just the application or service currently being used by the healthcare staff, however. The proper function of patient-facing websites and wearable heart monitors alike is dependent on a range of factors, including physical and virtualized infrastructure, hybrid cloud, wired and wireless connectivity, multiple vendors and supporting networks, each of which requires high availability.

IoT has certainly improved the delivery of high-quality healthcare, but faced with the constant and expanding threat from malicious outsiders and with the ongoing development of ever more innovative technologies, the need for complete visibility and service assurance is only set to grow.

This article was co-written by Michael Segal, area vice president of strategic marketing at NETSCOUT.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 11, 2018  12:01 PM

IoT-enabled security cameras: How to avoid the headaches

George Bentinck Profile: George Bentinck
Internet of Things, iot, IoT applications, IoT data, IoT sensors, IP, IT, Scalability, Security Cameras, Sensor, Sensors

Security cameras are meant to hide in plain sight. They are built to be small and unobtrusive. But this doesn’t mean that a security camera can’t make a noticeable impact on your business — in both positive and negative ways. Today, an IP-enabled security camera isn’t just for security. Instead, it is a camera that can monitor and relay useful business information, while also monitoring for physical security purposes. It is also a new endpoint on the growing list that lives on the network, managed by IT.

The security camera industry has come a long way in the past few years. From analog to digital, security cameras have experienced the same transformation as many other workplace technologies that have become IP-enabled. Just like the migration of telephony from traditional private branch exchanges to today’s VoIP systems, cameras are transitioning from a technology traditionally managed by operations to one managed by IT.

IP-enabled security cameras can spell trouble for the network if not managed properly, and the technology you buy to keep your organization safe could end up doing more harm than good. In order for IT to avoid the pitfalls, businesses need to:

  • Make sure IT has a seat at the table during the buying process. Cameras and their associated infrastructure are now connected devices on the network with a myriad of components and applications. The traditional decision-makers in Facilities, loss prevention or even corporate security are not experts in making decisions about IT infrastructure. By leaving IT out of the loop, long-term Opex and platform capabilities aren’t scoped properly, and camera functionality can suffer. This can also lead to problems during deployment and troubleshooting.
  • Not underestimate the threats introduced by IP camera technologies. Again, a camera becomes an endpoint when added to the network, and because of this, needs to be secured. Most network video recorders and cameras either don’t offer encryption, don’t offer encryption for all components of the system or make it very hard to deploy encryption. Ensure the system you choose offers the right level of encryption for your business. Additionally, consider the ease in which you can update firmware and drivers. Many of today’s camera options use outdated security protocols and are poorly managed because they are cumbersome to keep up to date, making them a target for cyberattacks, not unlike those we saw derailing business across Europe when WannaCry and Petya hit in 2017. We see the blame placed on the IT team for network breaches, regardless of whether the cameras are supposed to be under their control.
  • Weigh costs by looking at the full picture, including long-term operations. As always, price is a major factor when making a buying decision, but take the time to look beyond the sticker price and consider the long-term operational costs. Cost isn’t just about the cameras; there are the servers, software packages (like VMS or additional analytics), recabling costs and more to consider. Inexpensive, poorly built cameras may fail after a short period of time, provide poor user experiences or require a lot of time-consuming manual configuration. And as mentioned, cameras that leave businesses vulnerable to a hack could cost the business exorbitant amounts of money. If a camera lacks proper support, customers could be left high and dry if, and when, the camera fails. Choose a system that offers an adequate level of support.
  • Consider scalability and long-term effectiveness. Camera technology is rapidly evolving. How will today’s cameras meet the needs of tomorrow if camera features are set in stone the day they are purchased? The ability to quickly and easily deploy new features is essential. Scalability becomes a major issue with security systems as well. Using cloud storage to solve scaling issues leads to unrealistic bandwidth requirements, and sky-high costs when used in an enterprise deployment. Choose a system that can grow with your business, both in terms of features and in size.

While the IT team may find itself largely responsible for the security and performance of security cameras, there is also an immense opportunity to bring enormous value to the business with IP-based cameras. Cameras are visual sensors by nature, so it is only natural that, by adding analytics capabilities, a business can extrapolate a great deal of useful trend information when the data is anonymized and consolidated. Understanding how traffic flows through a retail store is one example, but we’ve had customers who have used cameras to do much more — whether a city using motion heat maps to see which equipment in the city gym is used most frequently, allowing for better business decisions about when to replace equipment, or a farm in Australia, which was able to monitor and deduce useful grazing and behavior pattern of sheep.

The security camera market is evolving at a rapid rate. IT needs to be involved in the discussion, and is in a prime position to help bring new levels of visibility and analytics to the business.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 10, 2018  3:16 PM

IoT in e-commerce logistics: Where’s the money? Part 3

Subhash Chowdary Subhash Chowdary Profile: Subhash Chowdary
Digital transformation, E-commerce, Ecommerce, Enterprise IoT, Industrial IoT, Internet of Things, iot, Logistics, Supply chain, Supply Chain Management

In my previous post, the top three “where’s the money” opportunities mentioned using IoT in logistics were e-commerce, the food chain and third-party information logistics. I addressed opportunities in agri-food supply chains that benefit a large global population. This post addresses the opportunities for IoT in e-commerce.

Global growth markets

Retail e-commerce global sales are estimated to reach $4.5 trillion by 2021. We just witnessed another record-breaking season of e-commerce with Amazon making headlines in the U.S. and Alibaba in China. Alibaba set a new single-day sales record of $25.3 billion, a 40% increase from last year.

If you are an enterprise thinking of what’s included in the scope of e-commerce, it may be easier to think of what cannot be included in e-commerce. Nothing prevents e-commerce technologies and concepts from being extended to B2B commerce.

What’s IoT got to do with e-commerce?

Ninety percent of the $25 billion order value on Alibaba’s single-day sales was done using mobile devices. Smartphones play an essential role in the success of e-commerce. As an IoT device, it has transformed how humans search and buy products from anywhere in the world at any time. The ease of ordering a product is setting new expectations on delivery of product. The delivery time expectations are reaching “read my mind” speed, or with IoT devices like Alexa, “are you listening?” While the ordering process moves at digital speed, the physical goods delivery logistics processes are limited by humans. IoT devices that don’t require human interaction will soon digitize and transform the supply chain. Digitizing the collection and flow of data without human intervention using IoT will be critical to improving the speed of delivery logistics.

Digital transformation

Supporting $25 billion in sales in a day is an example of digital technology, people and processes working without breaking down. The Alibaba digital infrastructure at its peak supported 325,000 orders per second, from 225 countries/regions. The next challenge is in order fulfillment logistics to ensure that deliveries are made to keep the customers coming back to order more the next time. To build technologies that will sustain your business into the future, you have to think different from the current practices.

Is delivery logistics a supply chain function or customer service? Delivery of goods ordered is taken for granted. But, customer satisfaction is a self-service digital experience of knowing and seeing order fulfillment meeting the customer’s expectations. Intervention because of exceptions, if any, needs to be proactive, preferably before the customer is aware of an exception that could result in cancellations, returns, support costs and additional avoidable costs. To be proactive, actionable information (not data) and intelligence is critical.

Digital transformation does not mean waiting for robots to replace humans. IoT provides a clean, new source of accurate and real-time data and events to generate intelligence to expose the inefficiencies in your existing systems, processes and KPI/metrics used to make decisions. If you are considering blockchain for a more trusted source of data, IoT-based data and events are a new, clean source for recording in blockchain that is not corrupted by existing systems.

The ‘big squeeze’ is coming

Investors have poured billions into e-commerce. Now, investors want a return on their investments. As e-commerce growth stabilizes, fulfillment cost reduction will be targeted. The squeeze will be felt by the ecosystem of suppliers and supply chain logistics services providers to become more cost efficient and competitive. The pressure on lowering total costs across the entire e-commerce business will force changes. This is the opportunity for innovative technologies to break though legacy thinking and practices. Every aspect of the supply chain management process, including procurement, first mile, last mile and everything in between, is an opportunity for improvement.

Live case study

India is a live case study of e-commerce in evolution with no dominant market leader. A billion potential customers and a growing economy with an appetite for smartphones is an obvious target.

eCommerce market competition

E-commerce market grab

Amazon, Alibaba, Walmart and investors such as Softbank have their sights set on Flipkart and India. Billions of dollars are being invested. The Indian government has its own initiatives to support digitization, including “Made In India” for manufacturing; regulatory changes, such as the Goods and Services Tax Bill; e-payments; e-waybills; modernization of ports, road and rail transportation; and cold chains are just a few of many initiatives in progress. The recognition of supply chain logistics as key to the success of the Indian economy by the government is a perfect opportunity for IoT to make a big difference. What works in the U.S. or China does not directly transfer to India; ethical digital transformation of supply chains with Indian “jugaad” can make a big difference to millions of people.

Similar thinking is taking place on the African continent. What works in India will be easier to transfer to Africa.

Opportunities for using IoT in e-commerce logistics

IoT bridges information technology with supply chain operations to make supply chains faster, better and cheaper. Digitization of data enables automation to scale operations. A few operational areas where IoT can make a big difference immediately, in addition to the obvious last mile, are:

  • Ocean ports: Inbound/outbound container/reefer logistics and operations
  • Airports: Inbound/outbound cargo logistics and operations
  • Intermodal transportation: Road-rail-road-port/distribution centers
  • Inland container depots: Container, chassis, truck, yard logistics
  • Central customs and excise: Compliance, verification, monitoring
  • Cold chain: End-to-end management
  • Food chain: Agriculture lifecycle logistics
  • Pharma chain: End-to-end management
  • Security: Product integrity, quality, leakage/diversion
  • Procurement: Multi-tiered supply chain network management

Can you see the opportunities that Amazon, Alibaba, Walmart and Softbank see in e-commerce? Do you think they will be using inefficient processes and legacy technologies? Doing nothing or cutting costs are not viable options for survival. Working smarter using IoT-based technology with intelligence is an option worth considering. Smart and ethical use of IoT-based technologies can differentiate, mitigate and overcome competitive barriers. Eliminate your implementation risk with technologies that deliver the measurable value you want on first use.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

April 10, 2018  10:35 AM

Behavioral eManipulation: Attacking the care delivery workflow to deliver harm

Ted Harrington Profile: Ted Harrington
Authentication, Compliance, Connected Health, Internet of Things, iot, IoT devices, iot security, medical devices, Workflow

Here, we introduce and analyze the novel security concept of Behavioral eManipulation, the attack methodology with which an attacker uses technical exploits to influence human behavior in order to arrive at an adverse outcome.

Technical exploit + human behavior = Adverse outcome

Behavioral eManipulation entails tricking a competent professional into making an error that he otherwise might not make. This concept is relevant to scenarios where all of the following conditions are present:

  • The workflow relies on technology that could be exploited,
  • The workflow relies on humans, whose behavior could be influenced, and
  • There is potential for a tangible or intangible adverse outcome resulting from modified data, stolen assets, denial of service or system availability, etc.

A high-profile example of Behavioral eManipulation was Stuxnet, where an Iranian nuclear centrifuge was attacked while simultaneously the alarms to alert technicians of mechanical issues were silenced, thereby preventing the necessary human intervention. This denial of human interaction resulted in severe damage to the centrifuge, which would take years to repair.

Other adverse outcomes might include scenarios such as revenue prevention, profit erosion, negative customer/user experience, customer attrition/exodus, stock price decline, brand damage or physical harm. For illustrative purposes, we narrow scope to focus on the lattermost of those outcomes, by analyzing the specific workflow of delivery of healthcare. We do this for a few reasons: first, it provides compelling examples for illustration; second, it involves the most valuable possible asset (human safety); and third, it is an industry that is not adequately preparing itself to address this concept. In the context of the healthcare delivery workflow, the formula for Behavioral eManipulation can be summarized as follows:

Technical exploit + human behavior = Patient harm

Research context
The foundation for this research is based upon the key findings of “Hacking Hospitals,” a 24-month study of hospitals across the United States, that published exploitable technical vulnerabilities inherent in medical devices and their supporting networks, business shortcomings inherent within the healthcare industry that lead to the introduction of these exploitable technical vulnerabilities, and a blueprint for how to solve these issues. We focused the following body of research on this concept of Behavioral eManipulation to extrapolate the ways in which exploitable security vulnerabilities manifest themselves in the real-world delivery of care. For this phase of the research, we consulted renowned trauma surgeon Konstantinos M. Triantafillou, MD, a practicing orthopaedic trauma surgeon, certified by the American Board of Orthopaedic Surgery, who serves patients at University of Tennessee Medical Center, a Level I trauma center. Over the course of the 14 months following the publication of “Hacking Hospitals,” through interviews and exploit mapping exercises, we have used Dr. Triantafillou’s perspective as an actively practicing trauma surgeon to help parse out the unlikely theoretical outcomes from the high-risk areas on which the security community should focus.

Core to this paper and the concept of Behavioral eManipulation is the assumption that the most important asset that the healthcare ecosystem must protect is patient safety. The key finding of the seminal “Hacking Hospitals” is that the healthcare industry is focused primarily on protecting patient data, with inadequate protections of patient safety; the concept of Behavioral eManipulation reinforces this assumption by demonstrating how this misalignment of the security mission in healthcare could undermine the Hippocratic Oath, a concept which most healthcare professionals have sworn to uphold. This oath advocates that first and foremost, medical professionals shall do no harm. The integrity of this oath can be undermined through Behavioral eManipulation.

Medical devices: Active versus passive
Much of the healthcare-oriented security research to date has focused on active medical devices, which are those that actively do something to the patient, such as delivering medication or modifying the heartbeat. Some groundbreaking findings related to active medical devices have been published in the areas of insulin pumps, drug infusion pumps and pacemakers. It’s fairly straightforward to understand how manipulating active devices might result in harm to a patient. However, prior to “Hacking Hospitals,” minimal attention was paid to passive medical devices, which are not doing something to the patient, but instead are reacting to the patient. Examples of passive medical devices include patient monitors, imaging and lab equipment. While the direct correlation between device input and patient outcome in the context of active medical devices makes it easy to understand how manipulating active medical devices could harm a patient, what is lesser understood is how similar patient safety outcomes could arrive in the context of passive medical devices. Behavioral eManipulation shows how this is possible, by using such devices to attack the workflow; the workflow in turn delivers the adverse outcome rather than the device directly.

Attack scenarios

Behavioral eManipulation is best understood in the context of conventional cyberattack methods:

  • Technical exploits attack systems. This is where an attacker finds and exploits a security vulnerability (or vulnerabilities) in an application or network. A well-known example of this is when an American teenager hacked the International Space Station’s life support systems, causing $41,000 to repair the damage.
  • Social engineering attacks people. This is where an attacker takes advantage of human susceptibility to exploit the human. Perhaps the most famous example of all time is the original Trojan Horse, where a seemingly defeated Greek army left a trophy for the seemingly triumphant Trojans, who then unwittingly brought the trophy inside the walls only to later find it filled with invading Greeks.
  • Behavioral eManipulation attacks workflows. This is where an attacker exploits a device or system that an unwitting human victim relies upon to make decisions, and then the workflow delivers the adverse outcome as a result of reliance on that bad information. Examples of this include the variety of scenarios described below in this section.

Behavioral eManipulation has a few discrete phases to the attack flow:

  1. Understand the workflow
  2. Manipulate the data
  3. Rely on humans to unwittingly deliver the adverse outcome
    1. In the context of healthcare, phase 1 is actually a mitigating factor, it requires many years of medical training for aspiring physicians to learn the many care delivery workflows. However, while that limits the potential pool of viable attackers who can use this attack method efficiently, it does not prevent any attacker from acquiring this knowledge.
    2. Phase 2 is where most security research to date has focused.
    3. Not including accidental exploits, phase 3 is only possible when the combination of phases 1 and 2 have concluded.

Diagnostic attack scenarios: Overview
Most medical errors are communication errors. Behavioral eManipulation is essentially an amplification of communication errors, thereby compounding medical errors. In a healthcare context, Behavioral eManipulation manifests itself most dramatically in diagnostic workflows, which are the parts of the care delivery workflow that require a physician, nurse or other medical professional to interpret data in order to diagnose a patient’s health issue, for purposes of prescribing a treatment plan. Such diagnostic scenarios largely fall into one of two categories:

  1. Workflows that have failsafes built in, also known as “system of checks,” or
  2. Workflows that do not have failsafes and rely heavily on the physician to interpret the data.

Each of these diagnostic attack scenarios has different implications to patient safety if the information upon which the physician bases decisions is manipulated.

Diagnostic attack scenarios: Systems of checks
Diagnostic attack scenarios with systems of safety checks are typically those which involve biographical data, systems or other information which are known to deliver harm if the workflow is flawed. An ever-growing body of statistics demonstrates that errors related to blood and allergies are known to have harmful or even fatal implications; for that reason, healthcare providers have numerous safety checks in place to ensure such errors are minimized. If, in a typical care workflow, the physician notes an anomaly, there are procedures in place that would trigger certain actions1 by the physician to verify the anomaly before prescribing a potentially harmful procedure or dosage. Through Behavioral eManipulation, an attacker would trigger anomalies that require physicians to re-perform diagnostics, order new tests, and/or consult additional medical professionals. Time is critical in the kinds of settings where such diagnostics would take place (e.g., acute care settings, operating rooms, etc.), and such additional steps all require critical time. As a result, in some cases time impedes care, while in other cases the physician may lose trust in the diagnostics system – assuming it to be faulty – and revert to other diagnostic methods that circumvent the established system of checks. All of these conditions dramatically increase the likelihood of medical error that could result from such manipulation of the care delivery workflow.

Proper workflow

  1. Patient produces data
  2. Physician reviews data
  3. Physician consults duplicative sources for data (failsafe)
  4. Physician makes diagnosis
  5. Physician administers treatment plan

Manipulated workflow

  1. Patient produces data
  2. Physician reviews data
  3. Attacker exploits security vulnerability*
  4. Attacker manipulates duplicative data sources
  5. Physician consults duplicative data sources (failsafe)
  6. Physician notes anomalies
  7. Physician measures patient again
  8. Physician reviews new data
  9. Physician consults/compares with duplicative sources for data (failsafe)
  10. Physician notes anomalies
  11. Physician measures patient again
  12. Physician reviews new data
  13. Physician proceeds on bad data, or loses trust in system
  14. Physician makes diagnosis
  15. Physician administers invalid treatment plan

*Example technical exploit: As outlined in “Hacking Hospitals,” we discovered a privilege escalation security vulnerability in lobby check-in kiosks that allowed an attacker to take the kiosk out of kiosk mode, gain administrative control, pivot to other systems on the same subnet and manipulate the data accessible by those other systems. One such system was a bloodwork system.

Diagnostic attack scenarios: Data interpretation
By contrast, some attack scenarios do not have safety checks to them and rely solely on the physician’s experience and interpretation of data to process the diagnosis and resulting treatment plan. Examples of these would pertain to monitoring equipment or lab results. The physician is unlikely to question the validity of the information coming off such systems unless the readouts fall unusually outside of expected parameters. As there are not additional failsafes in place, if acting upon manipulated information, the physician operating in the care delivery workflow would likely unwittingly deliver harm.

Proper workflow

  1. Patient produces data
  2. Physician reviews data
  3. Physician makes diagnosis
  4. Physician administers treatment plan

Manipulated workflow

  1. Patient produces data
  2. Attacker exploits security vulnerability*
  3. Physician reviews data
  4. Physician makes diagnosis
  5. Physician administers invalid treatment plan

*Example technical exploit: As outlined in “Hacking Hospitals,” we discovered an authentication bypass vulnerability that, when combined with a remote code execution exploit, allowed a remote attacker to take administrative control over a patient bedside monitor. This enabled the attacker to manipulate the data feeding the screen, thereby triggering invalid physician response or preventing valid and necessary physician response.


The safety implications introduced with the attack concept of Behavioral eManipulation are significant; they usher in a new area of how the security community and the device manufacturing community should think about security vulnerabilities. However, many of the recommended solutions to the situation are either long-proven approaches or are new takes on long-proven approaches.

Return on investment: Training physicians versus securing devices
Many security professionals advocate for training physicians as a necessary solution to the many security vulnerabilities that plague healthcare. However, training of physicians is unlikely to lead to a considerable improvement on security posture. This is due to the fact that physician behavior is a byproduct of decades of medical training that prioritizes delivery of care in the most time-efficient manner. The most important aspect of this is that physicians are trained to recognize patterns; when they notice irregularities is when they investigate further for possible intervention. Compound this with the fact that medical professionals already invest extreme hours per week on the core medical training required to become a licensed and effective physician and there is simply insufficient time to teach a new behavior on something that is not aligned with either pattern recognition or the core medical foundation of their education. Given the confluence of these reasons, it is our position that the most effective model for addressing the workflow-related security implications introduced by this article is by focusing not on physician training, but rather on securing the devices themselves. By eliminating the workflow problems at the source of the data manipulation, the entire concept of Behavioral eManipulation is thwarted. What follows are some effective approaches for securing medical devices.

Think like an attacker thinks
First and foremost, it should go without saying that if devices have the ability to be manipulated to arrive at an outcome of harm, then they should first be investigated for how they will be attacked. This is commonly known as a security assessment, or in some vernacular as penetration tests. However, these approaches are significantly different, do not share the same goal and do not both best remediate security risk. Vendors of connected medical devices – especially of passive medical devices, which until now have not historically been considered relevant to patient safety in a security context – should not be satisfied with cursory approaches to security like automated scanning, commodity penetration testing, baseline compliance and deferring risk to the hospital. Instead, vendors should:

  • Apply the same level of rigor to security assessment as a sophisticated adversary would;
  • Engage in white box security assessments, not just black or gray box;
  • Investigate for not just known and common vulnerabilities, but also custom and zero-day vulnerabilities; and
  • Work with proven, research-focused, services-only consulting firms.

Security models: Threat model + trust model
Over the years of executing security assessments and performing security research, we’ve found that many companies either aren’t familiar with the concepts of both threat modeling and trust modeling, or of those who do, very few have both implemented. This inherently undermines a successful security mission, as both are required in order to deploy a successful security program. A threat model is an exercise through which an organization identifies what it wants to protect (i.e., its assets), who is it trying to defend against (i.e., its adversaries), and the areas against which attacks will be launched (i.e., its attack surfaces). By contrast, a trust model is an exercise through which an organization defines who and what it trusts, why it trusts those people and systems, and how access based on that trust is provisioned, revoked and validated for authorization and authentication. All device vendors should:

  • Define and implement their threat model
  • Define and implement their trust model
  • Update both frequently
  • Work with trusted third-party security experts to investigate how well the actual design and implementation of the systems adheres to both security models

Recognize role of compliance
The Health Insurance Portability and Accountability Act (HIPAA) governs much of what the healthcare industry does related to security. However, many of the issues inherent with Behavioral eManipulation are actually out of HIPAA’s scope. When it comes to medical devices in particular, the Food and Drug Administration (FDA) has published guidelines that outline security approaches relevant to medical device security. However, there is common and widespread misunderstanding about these guidelines and whether they require new rounds of FDA approval – and these approvals typically take many years. In some cases, these guidelines are not enforceable (an issue that this author investigated in a separate analysis).

In either the case of HIPAA or FDA, it is important to note that compliance typically does an adequate job of establishing the baseline requirements for the foundation of a security program; however, compliance should not be seen as the entire security program unto itself. Effective security organizations recognize the role of compliance as being important to satisfying stakeholder needs, but will go beyond the outlined minimum if delivering a robust security posture is important. To be effective in this domain, organizations should:

  • Define what a successful outcome of the security model looks like,
  • Define the delta between compliance and the desired outcome, and
  • Mobilize security investments accordingly to address the delta between regulatory compliance and security mission.


Behavioral eManipulation is the combination of technical exploit and human behavior to arrive at adverse outcomes. It represents an evolution in long-standing attack models, and should be immediately incorporated into defense schema across all organizations in all industries, with the baseline condition that those organizations have something worth protecting. For the purposes of this article, we narrowed the scope of the analysis to focus on patient harm issues related to exploited passive medical devices, but the principles of attacking workflows are relevant across virtually every industry, such as the Stuxnet example provided earlier. We advocate for suppliers of applications, devices and systems to work with security experts to identify and remediate any workflow-related security risks that may not have historically been considered in threat models and trust models for your systems. This research will first be presented at RSA Conference USA 2018.

Konstantinos M. Triantafillou, M.D. is a practicing orthopaedic trauma surgeon, certified by the American Board of Orthopaedic Surgery. He serves patients at University of Tennessee Medical Center, a Level 1 trauma center. Dr. Triantafillous is active in advancing the field of orthopaedic surgery through research, and pursues his interest in medical security due to concerns from a practitioner’s perspective about the vulnerability in medical devices deployed across surgical, acute care and in-patient settings. He is widely published across medical journals and has presented medical research at conferences such as the American Academy of Orthopaedic Surgeons. He pursued his BA, MD and residency at Georgetown University, and his fellowship in orthopaedic traumatology at the renowned Campbell Clinic.

1 For the purposes of this article, we intentionally leave details of the care workflows opaque, as it would be irresponsible to equip malicious entities with an attack blueprint on well-established medical workflows that are unlikely to change quickly. Such details can be disclosed under signed agreements – contact authors for more information.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: