Académique Documents
Professionnel Documents
Culture Documents
Internet
of Things
HANDBOOK
THE
INTERNET OF THINGS
HANDBOOK
39 28
35
02 Will connected homes catch on? Reality doesn't 28 Bet ter development systems for IoT apps
match the marketing. It can be tough for engineers to plan IoT systems
around services based in the cloud. New generations of
06 How Mr. Robot hacked the IoT development systems simplify the task.
The popular TV drama Mr. Robot once portrayed a
penetration of a building automation system. Security 32 Building security into IoT/IIoT end devices
experts say the same exploit could have happened in real Tools, operating systems, platforms, and services help
life. open new doors for developers building security into
their connected, modern-day IoT infrastructure.
12 Modulating 5G
The IoT will make heavy use of fifth-generation mobile 35 Thwarting hackers on the IoT
networks that use a yet-to-be-determined modulation A few best practices can drastically improve the security
scheme. Here are the major contenders. of IoT devices and help maximize the benefits they
provide.
DESIGN WORLD does not pass judgment on subjects of controversy nor enter into dispute with or between any individuals or organizations. DESIGN WORLD is also an
independent forum for the expression of opinions relevant to industry issues. Letters to the editor and by-lined articles express the views of the author and not necessarily of
the publisher or the publication. Every effort is made to provide accurate information; however, publisher assumes no responsibility for accuracy of submitted advertising and
editorial information.
2014 Winner
Non-commissioned articles and news releases cannot be acknowledged. Unsolicited materials cannot be returned nor will this organization assume responsibility for their care.
DESIGN WORLD does not endorse any products, programs or services of advertisers or editorial contributors. Copyright 2017 by WTWH Media, LLC. No part of this publication
may be reproduced in any form or by any means, electronic or mechanical, or by recording, or by any information storage or retrieval system, without written permission from
the publisher.
Subscription Rates: Free and controlled circulation to qualified subscribers. Non-qualified persons may subscribe at the following rates: U.S. and possessions: 1 year: $125; 2
years: $200; 3 years: $275; Canadian and foreign, 1 year: $195; only US funds are accepted. Single copies $15 each. Subscriptions are prepaid, and check or money orders only.
Subscriber Services: To order a subscription or change your address, please email: designworld@halldata.com, or 2011 - 2016
visit our web site at www.designworldonline.com
POSTMASTER: Send address changes to: Design World, 6555 Carnegie Ave., Suite 300, Cleveland, OH 44103
I N T E R C O N N E C T C O m P O N E N T S & h a R d wa R E
Battery Clips, Contacts & Holders Fuse Clips & Holders Terminals and Test Points
E L E C T R O N I C S C O R P.
EE-IT-THiNK
keystone -- IoT
Corp_4-17.indd
handbook 4.17 1
.indd 7 3/9/17 10:46
4/13/17 1:11 PM
AM
INTERNET OF THINGS
What a t hermost at looks l ike o n a BACnet
Perhaps the most basic question BACnet objects have a set of properties used to exchange
information with other objects. This example of a thermostat
about this scenario is whether or not shows a few properties which might be available, although
youll typically find a hole behind a wall thermostat big in practice there would be many more.
enough to push a Pi through. After all, removing the
thermostat in your home will typically reveal only a small
hole big enough for a couple wires. No chance there for a The bigger question is whether a Pi added
Mr. Robot-style Pi hack. to a climate control network could legitimately
But the situation can be different in commercial cause the kind of destructive overheating depicted
buildings, according to the security experts. The holes in Mr. Robot. The answer to the question lies in
behind these devices can be quite large, says Billy Rios. I the make-up of industrial building automation
don't think inserting a Raspberry Pi behind one them would protocols typically used for buildings.
be difficult. It's certainly not something I would worry Major HVAC vendors such as Honeywell and
about if I were doing something similar. Johnson Controls have their own proprietary
Nevertheless, interviews given by Mr. Robot staff network protocols, and there are also standard
indicate that getting the Pi into the wall had its challenges, protocols for building automation systems. Expert
though it was only done for TV. Speaking to Rolling Stone familiar with these protocols say they all lack
magazine, Mr. Robot chief technical adviser Kor Adana said security features that would recognize and isolate
on ordinary Pi was too big to fit through the thermostat bogus devices.
hole and had to be modified. He explained that a network To cite a specific example, consider BACnet,
cable had to be soldered directly to the board after the for Building Automation and Control network. It is
removal of a wireless network port. (Of course, the an ASHRAE, ANSI, ISO 16484-5 standard. Some
version of the Pi available in 2015 when the show aired 842 HVAC vendors now use it. So it is probably
didnt contain wireless capabilities. We surmise Adana was a good candidate for controlling E Corp.s Steel
referring to the RJ45 jack for an Ethernet connection.) Mountain tape back-up facility.
Every day thousands more control systems Given that the Mr. Robot
show up on Shodan, says Michael Chipley. episode was filmed a few years
People dont realize that when they have a ago, you might wonder if a similar
misconfigured thermostat or HVAC controller, it is scheme would still work today.
exposed. And technically, when you see an HVAC Odds are that it would, say the
system on Shodan you havent hacked anything security experts.
because the owner has posted the information for Network security for these
the whole world to see. devices hasn't improved very much
since 2014, says Billy Rios. The
INSIDE THE NETWORK underlying BacNET protocol simply
Elliot Alderson and his cohorts used one other doesn't have security built into it.
piece of software in their penetration of the That's something that cannot easily
Steel Mountain HVAC system. Called Kali Linux, be overcome by a single vendor or
it, too, is a real-world program. It is basically even a collection of vendors.
an operating system designed by two security The vulnerabilities will be out
experts for doing network penetration tests. It there forever, says Chipley. You
contains a toolkit for such tasks as cracking Wi-Fi just have to assume systems are
passwords, creating fake networks, and analyzing going to be exploited. So when
network traffic. There are versions of it available they are compromised, you need
for the Raspberry Pi. It is small enough to run from to design them so they just fail
the Pis SD card. gracefully. You have to adopt that
In the case of the Mr. Robot hack, we might approach because there is no way
RESOURCES
surmise that Kali was the means by which Elliot you are going to stop a determined
and his colleagues watched network traffic and aggressor from taking over. When
White Scope determined which devices were the thermostats we run simulated attacks, it is not
Whitescope.io controlling the tape storage rooms. With that a matter of if we are getting in the
information, the Pi would have mimicked the system, it is a matter of how fast.
PMC Group
Pmcgroup.biz thermostats and generated commands to the For real hackers, it is typically less
HVAC controller to boost the temperature in than 30 minutes before they own
those rooms. everything.
IIoT
READY
www.wago.us/PLC-VPN
Modulating 5G
The IoT will make heavy use of fifth-generation mobile
networks that use a yet-to-be-determined modulation
scheme. Here are the major contenders.
LEE TESCHLER | EXECUTIVE EDITOR
H A N D B O O K
Fifth-generation mobile
networks,
Several of the ideas proposed for 5G are hybrids of QAM
and OFDM principles.
abbreviated 5G, will form the telecommunications First a few basics. Quadrature techniques represent a
standards for the internet of things. Planners say transmitted symbol as a complex number and modulate a
5G will have a higher capacity than the current cosine and sine carrier signal with the real and imaginary
4G equipment partly to support the device- parts. This lets the symbol be sent with two carriers. The
to-device, ultra reliable, and massive machine two carriers are generally referred to as quadrature carriers.
communications expected to help define the A coherent detector can independently demodulate
IoT of the future. Among the goals of 5G: lower these carriers. This principle of using two independently
latency than 4G equipment and lower battery modulated carriers is the foundation of quadrature
consumption, data rates of tens of megabits modulation.
per second for tens of thousands of users, QAM conveys information by modulating the
several hundreds of thousands of simultaneous amplitudes of the two carrier waves, using either amplitude-
connections available for wireless sensors, along shift keying (ASK) for digital data or straight amplitude
with better spectral signaling efficiency. modulation for analog. The two carrier waves of the same
The better spectral efficiency will partly be a frequency, usually sinusoids, are out of phase with each
function of the modulation schemes used in 5G. other by 90. The modulated waves are summed, and the
However, those modulation schemes have yet to final waveform is a combination of both phase-shift keying
be standardized. There are several contenders, and (PSK) and amplitude-shift keying (ASK).
derivatives of the same quadrature-style schemes in QAM is said to be spectrally efficient, and the reason
use by mobile networks today havent been ruled becomes clear by comparing a QAM signal with that of
out for 5G. So it is interesting to review the major an ordinary AMed carrier. A straight amplitude-modulated
modulation techniques now up for consideration as signal has two sidebands. The carrier plus the sidebands
part of 5G. occupy twice the bandwidth of the modulating signal. In
Techniques discussed for 5G tend to contrast, QAM places two independent double-sideband
use multiple carriers as a means of obtaining suppressed-carrier signals in the same spectrum as one
spectral efficiency. At present 4G LTE uses QAM ordinary double-sideband suppressed-carrier signal.
(quadrature amplitude modulation) with OFDM QAM can give arbitrarily high spectral efficiencies
(orthogonal frequency division multiplexing) as by setting a suitable constellation size. As a quick review,
modulation and OFDMA (OFDM multiple access)
as access scheme. 5G will provide a high bit rate so
it will need to make efficient use of the spectrum.
Quadrature amplitude modulation conveys two analog message signals, or two digital bit
streams, by changing (modulating) the amplitudes of two carrier waves, using the ampli-
tude-shift keying (ASK) digital modulation scheme or amplitude modulation (AM) analog mod-
a constellation diagram represents the signal ulation scheme. The two carrier waves of the same frequency are out of phase with each other
as a scatter diagram in the Q and I axes and by 90 and are thus called quadrature carriers. The modulated waves are summed, and the final
represents the possible symbols as points on waveform is a combination of both phase-shift keying (PSK) and amplitude-shift keying (ASK),
or, in the analog case, of phase modulation (PM) and amplitude modulation.
the plane. The more symbols defined in the
modulation scheme, the more points on the
constellation diagram. The number of points
at which the signal can rest, i.e. the number The primary advantage of OFDM over using a single carrier is
of symbols, is indicated in the modulation its ability to cope with severe interference as caused by RF sources
format description: 16QAM uses a 16-point at nearly the same frequency or frequency-selective fading from
constellation, and so forth. multipath. OFDM may be viewed as using many slowly modulated
Constellation points are normally arranged narrowband signals rather than one rapidly modulated wideband
in a square grid with equal vertical and horizontal signal. The low symbol rate makes the use of a guard interval between
spacing. Use of higher-order modulation symbols affordable, making it possible to eliminate intersymbol
formats, i.e. more points on the constellation, interference (ISI) and use echoes and time-spreading to improve
makes it possible to transmit more bits per signal-to-noise.
symbol. However, use of higher-order symbols The orthogonality of OFDM comes from the selection of the
positions constellation points closer together, sub-carrier frequencies so they are orthogonal to each other. This
making the link more susceptible to noise. basically means the spectrum space between sub-carriers obeys a
Specifically, it takes less noise to move the signal mathematical relationship where it is inversely proportional to the
to a different decision point on the constellation symbol duration. Sub-carriers spaced this way dont experience any
diagram. cross-talk and thus eliminate the need for inter-carrier guard bands,
A point to note about QAM is that it is simplifying the design of both the transmitter and the receiver.
considered a single-carrier system. The two
digital bit streams come from one source that is
split into two independent signals.
QAM signals are often sent via multi-
Simple O FD M t ransmit ter & receiver m a ke - u p
carrier modulation schemes that transmit one
QAM signal over one of several subcarriers.
The point of doing this is to simplify the task
of compensating for distortions arising in the
communication channel. Each of the subcarriers
has a small bandwidth. The communication
channel has a relatively flat frequency response
over each of these small bands. So it is relatively
easy to compensate for distortions over each of
the small subcarrier bands.
In OFDM, many closely spaced orthogonal
sub-carriers carry data on several parallel
data streams or channels. Each sub-carrier is
modulated with a conventional modulation
scheme such as QAM at a low symbol
rate, maintaining total data rates similar to
conventional single-carrier modulation schemes
in the same bandwidth.
OTHER IDEAS
RESOURCES
Though multi-carrier systems seem to be getting most of the attention for 5G,
experts say single-carrier modulation could still be part of the spec. There are
also what might be termed odd-ball techniques still in the mix. One is called QAM,
Onlinelibrary.wiley.com/
faster than Nyquist (FTN) modulation. It is a non-orthogonal subcarrier system
doi/10.1002/0471219282.eot284/abstract;-
that actually makes use of intersymbol interference to pack more data into a jsessionid=8B34B69579559C1A80066D-
communication channel. Another non-orthogonal idea is called time-frequency 15266C41A1.f03t04?userIsAuthenticated=-
packing. The carriers are close together, and a super-sophisticated detector in false&deniedAccessCustomisedMessage=
the receiver decodes the closely packed signals. TFS is implemented either with
QAM or OQAM. F-QAM,
Finally, a couple of ideas from independent companies have been floated as Metis-ii.5g-ppp.eu/wp-content/uploads/
publications/2016/2016-09-PIMRC-FQAM-FB-
5G specs. One is called wave modulation (WAM) which comes from MagnaCom,
MC-Design-and-Its-Application-to-Ma-
an Israeli startup acquired by Broadcom. Here a set of algorithms implement a chine-Type-Communication.pdf
form of spectral compression. Details about WAM are sparse, but the spectral
compression is said to enable a higher signaling rate thereby affording the use of OFDM,
lower-order symbol alphabet, which reduces complexity. It is also said to give an Radio-electronics.com/info/rf-technology-de-
overall 10% system gain advantage, up to 4x increase in range, a 50% spectrum sign/ofdm/ofdm-basics-tutorial.php
savings, improved noise tolerance, and increase in data speed.
Another company called Cohere Technologies patented a modulation
technology called Orthogonal Time Frequency and Space (OTFS). Again, details
about OTFS are sparse, but press releases put out by Cohere speak highly of it.
attacks that disrupted highprofile companies The security dangers with the
including Airbnb, Netflix, Reddit, Twitter and IoT should not be underestimated.
Spotify, said SonicWall. In September and Cyber criminals will continue to
October 2016, attackers leveraged hundreds use ransomware and malware with
of thousands of IoT devices with weak telnet IoT connected devices. Notes
passwords to launch DDoS attacks using the SonicWall, attackers will use malware
Mirai botnet management framework. to take control of IoT devices,
The main reason IoT devices are easy to possibly even demanding ransom.
H A N D B O O K
attack (and you already know this) is because An attacker could, suspend
its more important to get to market fast/first, company production lines, affect
then to deliver a strong, safe design. city power grids, and even tap into
A few design changes can help, however. personal health devices in exchange
Install programming that forces users to for ransom.
change default passwords, for example. If More IoT devices will be subject
possible, install features that look for specific to DDoS attacks thanks in part to the
IoT malware like Mirai. success of the Mirai virus.
For users, a best practice is to segregate If sufficient protection is not
IoT devices into separate zones in case one is included in drones and smart cars,
compromised. That way, only part of a network hacker will take control of them.
is compromised. Incidents of such attacks will rise.
breakers, drives and actuators. The Edge Control layer helps users machine starts collecting data. The data
manage their operations on-premise as well as from the cloud. This from selected controllers are sent to the
management includes connected control platforms with remote FactoryTalk cloud application securely
access, advanced automation and operator override capabilities. with minimal configuration by either the
Local control and firewall protection is included for mission-critical equipment builder or the end user. The
applications. equipment builder then has access to real-
EcoStruxure also enables vendor-agnostic apps, analytics and time analytics and actionable information
services on open IP protocols to work with any hardware, system, through prebuilt dashboards. This is a
or control. It is designed to meet the core customer challenge of cloud-based application provided as
implementing IoT solutions seamlessly, cost-effectively and at scale. software-as-a-service (SaaS).
Schneider Electric also offers cybersecurity protection IoT data is noisy and complex to
services that help industrial customers manage and secure their analyze, which has limited its impact on
connected plants. Cyber Update services automatically distribute business applications to date. We created
the companys operating system patches and endpoint protections, Eureqa to overcome this challenge, said
reducing the risk of applying improper patches and updates. Michael Schmidt,
Nutonians founder
and CTO.
Nutonian, a
machine intelligence
company, announced
an OEM relationship
with Autodesk, a
global leader in
design software and
It also eliminates potentially unsecure sources of data from services. Autodesks Fusion Connect, an
affecting plant and business operations. IoT cloud platform, will embed Nutonians
The services, which meet IEC62443 and other leading industry artificial intelligence (A.I.) modeling engine,
standards, automatically deliver third-party-tested operating Eureqa, to interpret IoT data.
system security patches and anti-virus endpoint protection updates Eureqa automatically discovers the
through a secure, authenticated and encrypted Windows Software simplest possible predictive models from
Update Server to a customers on-site server. raw data, enabling users to solve data-
to replace
a battery. 40
YEAR
OPERATING
LIFE *
www.tadiranbat.com
* Tadiran LiSOCL2 batteries feature the lowest annual self-discharge rate of any competitive battery, less than 1% per year, enabling these batteries to operate
over 40 years depending on device operating usage. However, this is not an expressed or implied warranty, as each application differs in terms of annual energy
consumption and/or operating environment.
in the
found Nutonian has many significant advantages that
enable us to deliver a one-of-a-kind IoT analytics service.
AR
Eureqa can be used to determine the baseline
for how a piece of machinery behaves under normal
conditions. If a machines sensors indicate abnormal or
suboptimal behavior, Fusion Connects predictive analytics,
powered by Eureqa, will generate end-user alerts and
Heat Curing, dashboards explaining whats happening and why. This will
Two Part Epoxy EP112LS enable customers to automatically anticipate machinery
maintenance, identify product flaws and develop smart,
proactive business processes.
Outstanding optical clarity &
non-yellowing properties Continued Schmidt, The integrated power of Eureqa
and Fusion Connect enables businesses to use IoT
Refractive index: 1.55
data to automatically predict and explain in real time why
events happen, like equipment failure or maintenance.
High temperature resistance With scalable analysis and predictive foresight,
Serviceable from -60F to +450F businesses can optimize their operations and gain
competitive advantage.
RESOURCES
Reliable electrical insulation
Volume resistivity: >1014 ohm-cm Rockwell Automation Inc.
Autodesk
Autodesk.com Rockwell.com
SMARTPHONES AS CONTROLLERS
I remember feeling mildly alarmed during
a 2012 research interview with a medical
equipment designer. At that time, her main
project was to estimate the potential cost
savings of using the electronics and display of
smart phones as part of the control system. The
idea was for every user to dock their phone into
the equipment.
The design study was looking at user
identification, login, and privacy. My instant reaction
was hygiene - this is medical equipment, are those
phones clean? And what about the operating theatre -
would there be enough staff with phones to operate all
the machines? Then the security gorilla reared its head -
how could anyone be confident the phones were free
of malware?
Then also in 2012, I first became aware of Ecomove's Qbeak
electric vehicle design. At that time, it used a similar concept.
The driver docks their phone into the car, and the phone becomes
K
the instrument cluster, sat-nav, and the infotainment system. I don't remember OC
IST
Y OF
IMAGE COURTES
feeling alarmed by the Qbeak. It's a few years ago, but I imagine this means the
phone did not control the brakes or steering!
Lets try and break that statement down. THE NEED TO CHANGE DEVELOPMENT,
Communication with a connected-product can be both OPERATIONS, AND SERVICE
ways - in and out. The communication can be with the product With barriers of distance and location
itself, and with its digital twin, and with some variation of the eliminated, people, other machines, and
digital twin or its environment - to try out 'what-if' scenarios. external systems can observe a connected
Cloud-connected products can be accessed from any product (and its digital twin) and respond in
Internet access point. new ways.
The interaction can include any or all of the sensor readings If youre involved in product
and control settings. Data sources and systems external to the development for machinery, youve been
product can be fed into the interaction. For example: thinking about these possibilities for some
H A N D B O O K
in a production machine, visibility of customer orders helps time. Your priority is probably new product
for agricultural machines, crop yield histories help farmers function, and better service options. And, of
to optimize their fertilizer application. course, the cost reduction pressure is always
product sensor readings and cloud-based analytics there.
enable predictive maintenance - the technician arrives Obviously, you know what your
with the right spare part just before the problem results in machines are used for, but this new
unplanned downtime environment means you need more insight
across the whole product lifecycle.
SO WHO NEEDS THOSE DIALS AND SWITCHES? What could your machine do to make
One question, though. itself easier to make, test, buy, configure,
If remote control is possible, then whats the point in having install, learn-to-use, and operate?
connected product with displays and instruments for local Your firm has probably run many
control? Why not remove these expensive components? initiatives focused on the design-to-
The connectivity will allow any authorized user with the manufacturing interface, from early days of
right app on their phone or tablet to stand beside the machine developing the manufacturing concept, to
- or indeed, anywhere on the planet - and use the app to check creating the process, ramping up to volume,
readings and adjust controls. and managing the continuous change to
And the software that provides this capability may offer handle manufacturing and field feedback.
more than you expect - for example, review of recent control So the product development process
inputs and sensor readings. is probably multi-disciplinary, bringing
development, manufacturing (and perhaps
ADD A TOUCH OF AUGMENTED REALITY even service engineers) together to improve
Augmented reality (AR) technologies add information to a live decision-making by taking a broad view of
video of a product. The video feed could come from: the requirements.
a camera built-in to the machine Of course, when you remove the
a camera installed so that is has a view of several machines switches and displays from your machine,
the camera on an operator's phone or tablet you are making some of your manufacturing
colleagues' tasks simpler - fewer parts,
The value comes from breakthroughs. For example, the fewer display, switch and button cut-outs in
ability to display an X-ray of the product, which can be used to the exterior panels so generally simpler
highlight faulty components. production.
In some use-cases, there's not even any need for the and rewrite existing business models.
product itself! Why should a distributor tie up capital in a But this view is just the beginning.
showroom full of machines? Why not markers in place of the Taking the visible controls and displays
machines, and an AR application that provides a viewport for away from a product is a great way of
your customers to walk around and study a detailed product triggering the question "so who is
image from all angles? monitoring and controlling this machine?"
Since it's AR, they could see alternative options and This is where your engineering initiative
configurations, and call up specifications all at the touch of a can help develop your organization's
button (or screen). business model.
a range of reasons including: distributed development teams, global supply chains, and
gaining regulatory approvals.
Software from the Product Lifecycle Management (PLM) stable provides the tools
needed to manage data, and manage workflows. PLM has the structures needed to handle
the new dataflows.
H A N D B O O K
THINK OF:
Agile systems definition: Agile methods are established in software development,
and include characteristics that would be described as "just good engineering" by
traditionalists and hardware developers. But few tools for agile software development offer
the visibility and control needed for exchange of complex requirements databases between
customer and a complex supply chain.
Configuration management, product line engineering and platform architectures
all offer partial answers, but smart connected products will create demand for new agile
systems definition tools to support concept and early stage architecture development,
capable of driving consistent use of the
many early stage simulations product
architects will need.
ALM or PLM or both? In software
development, Application Lifecycle
Management (ALM) tools play the role
that PLM plays for the physical parts of a
product. So how can integrated software/
hardware teams manage their work?
There are several ways of answering this
question.
One is to separate out
'management' of everything into a
higher level function that supports
access control, versions, workflows,
baselines, variants, dependencies
everything excluding the content of
the object being managed. Others
compete with this concept by creating
integrated environments - the Integrated
Some of the Development Environment (IDE) used
emerging
engineering in software development is an example
dataflows. - in which authoring and test tools are
included, so the result manages the
content as well as the status of the managed objects. Our research Simulation. Embedded software is critical
interviews have indicated that engineering managers feel that 'software to smart product performance. Simulation
is different, yet still expect PLM vendors to take the lead on how to technologies have grown to handle multi-
configure tools for integrated hardware/software development. physics and interconnected sub-systems,
software is a new technology to handle.
The BoM boundaries. When talking about product definition, the The simulation battle ground for
problem has always been "Which Bill?" As designed, as planned, as engineering software vendors is active on
manufactured, as installed, as maintained - they all have a claim. many fronts, including:
This situation has been a traditional battle ground between PLM simulation data management
providers and ERP providers. PLM has been secure in control of the the practicality of flexible ways of
engineering parts list. The battle starts as this is translated into the as enabling hardware (and software) "-in-
designed bill of materials. For many companies, this is where ERP takes the-loop" as the various prototypes of
over, and becomes of the owner of the BoM (bill of materials) used for electronics, sensors, actuators become
production scheduling, including all the handling of alternate parts. available
Similarly, PLM has control of development of the manufacturing process, the feedback of actual test and product
and the manufacturing process plan for each product, sometimes performance to calibrate and improve
called the 'Bill-of-Process." But ERP providers can get involved as this simulation models, enabling simulation
gets translated into shop floor documentation and electronic work at an early stage in development
instructions. Adding embedded software as a component of the product making simulation accessible to a wider
will disrupt this battle. range of engineers
Service and Over-the-Air update: Most service organizations will
want to make sure that engineering has no more than read-only access In addition, as the role of the digital
to products in the field. Similarly, service organizations will want control twin of a product becomes larger, there will
over the applications that handle data (especially alarms) from in-service be more demand for simulation to support
products. product operation decisions.
The service organization will want their process of escalation Getting used to a product with no
and adherence to service-level-agreements, to take priority over visible means of control is just the start.
engineering's desire to identify root causes. This is a new and Security, Internet access, the likely need to
interesting area, because PLM systems already contain all the replace controllers with new generations of
configuration dependencies. Could PLM be extended so that these electronics during the lifetime of a machine,
dependencies can drive service decisions in the field? Or does service these are just some of the new factors for
need to own an as-maintained BoM and configurator rules? product developers to think about.
As with previous technologies,
Test management: Some design methods start with 'how can this engineering processes and dataflows will
capability be tested.' It is also possible to parameterise tests, and link adapt.
these parameters to product parameters - so the final choice of the For PLM vendors with ALM capability,
product parameter in effect generates the test specification: this is a time of opportunity - the
Will these concepts help manage and automate test creation and information their technology holds about
execution for smart products? a product now has even more value in
To what extent will the tests on software that allow the master manufacturing, as well as for operation and
version to be released to manufacturing need to be supplemented maintenance.
with further tests once the software is loaded onto the smart But ERP vendors will point out that
product? their systems help match processes to
Will the simulation environments used during product development costs, and that is often the message budget
define the external operating conditions or the response of the holders want to hear.
product in a way that allows re-use in testing?
Better development
systems for IoT apps
It can be tough for engineers to plan IoT systems
H A N D B O O K
WIREN PERERA
ON SEMICONDUCTOR
while some are still emerging. Among the wireline protocols limited functions available at individual nodes. The ability
will be power-line communications (PLC), power-over- to use relevant apps via the cloud will free IoT system
ethernet (PoL), KNX and CAN for both industrial and designs from node limitations and allow full use of the
building automation. valuable data that has been captured.
Most wireless communication protocols will focus on To date, electronics hardware vendors and cloud
short-range, ultra-low power operation. Examples include service providers have tackled IoT development in almost
Thread, zigbee, and Bluetooth Low Energy (BLE). Other total isolation of one another. Both parties have stayed
wireless options include Low-Power Wide-Area Network within the boundaries of their own core competencies
(LPWAN) protocols, which cover long range, low data This practice has, however, limited the proliferation
volumes while dissipating little power (such as SIGFOX). As of IoT -- the thought of combining hardware and cloud
an alternative to the low-power protocols, there will also be software development has understandably been off-
cellular-based protocols for higher performance wide area putting. Hardware engineers dont want to move outside
network (WAN) coverage - such as LTE-M, NarrowBand IoT their comfort zone and face the difficulties of writing large
(NB-IoT) and in a few years time, 5G. amounts of code. Likewise, software developers dont want
Sensors/actuators are what will make IoT work. All the to be confined by a development platform that wont give
data can be captured and subsequently analysed through them enough room to maneuver.
sensors. Conversely, actuators can be used to drive motors, IoT implementations have several concerns. At the
initiate lighting, etc. Here are a couple of examples where node level, the primary concern will be making operations
the combination of sensors and actuators (along with the as efficient and reliable as possible - so data captured by
supporting connectivity) will be of real value. sensors can be passed back for analysis/manipulation, or
In a home/building automation application, a network actuators can be initiated when needed. The connectivity
of passive infrared (PIR) detectors can sense the presence employed must be optimized for the task at hand. Moving
of room occupants and LED drivers can accordingly activate further back through the system, the focus will be on
the lighting. An industrial application, such as a large-scale ensuring effective interaction with the cloud.
horticultural site, can employ several different sensors to The IoT sector has been in real need of technology
monitor the ambient light, temperature, humidity, soil that simultaneously addresses the disparate elements
moisture, and so forth. involved. Engineers need the connectivity, sensor
The system can activate when certain parameters are and actuator functions to create IoT nodes that match
not within the accepted pre-set thresholds. For instance, application requirements. Software developers need a
if the temperature was too high and had to be regulated, foundation upon which they can build the cloud-based
motors could open the greenhouse windows. Alternatively, apps that support the hardware.
were light levels not optimal
for crop yields, connected LED
drivers could make adjustments.
The makeup of an ID K
The combination of
space, cost and power budget
restraints all force IoT nodes
to follow streamlined design
concepts, with no provision for
extra functions beyond what
they can comfortably support.
This strategy will call for use of
microprocessor and memory ICs
that are budget priced, dont
consume much power or take
up excessive board real estate.
Therefore, nodes will use cloud-
based services (where data can
be processed and subsequently
analysed) to make up for the Schematic showing hardware and software
elements of ON Semiconductors IDK.
RESOURCES
ON Semiconductor,
Onsemi.com
Stay current with the latest electronic tips, resources, and news, visit
eeworldonline.com and stay on Twitter, Google plus, Facebook
and Linkedin. Its updated regularly with relevant technical information
and other significant news to the electrical design engineering community.
eeworldonline.com
WA R R E N K U R I S U | M E N T O R G R A P H I C S
Nucleus SafetyCert RTOS allows developers include the UART and USB interface, but exclude Ethernet
to shorten the path to regulatory certification. It access. The Ethernet might instead be dedicated to the
encompasses a complete certified solution that secure world where a separate RTOS or application runs
includes artifacts required for the development for the sole purpose of managing all Ethernet traffic,
of mission-critical applications. This safety- independent of the normal world software stack.
certified RTOS has been documented to meet the ARM TrustZone architecture contributes to the overall
certification requirements for IoT devices requiring system security by preventing normal-world software from
International Electrotechnical Commission (IEC) accessing the secure-world resources. It is important to
standard 61508 SIL 3 certification. understand that ARM TrustZone does little to improve the
safety or security of the software that runs in the secure
H A N D B O O K
SECURITY THROUGH ARM TRUSTZONE world except to prevent unwanted secure-world access by
ARM TrustZone architecture carves out or normal-world software. It goes without saying that for the
segregates a hardware subset of the SoC. It secure world to be completely trusted, the system must
does this by defining processors, peripherals, initially boot in a trusted state (see the earlier discussion
memory addresses, and even areas of L2 cache about trusted boot). Beyond that, it is the developer who
to run as secure or non-secure hardware. An determines which software is trusted, typically through
SoC that utilizes ARM TrustZone technology can rigorous development processes, testing, certification, and
dynamically, with only a few clock cycles delay, supporting a chain of trust strategy in the secure world.
transition a system into secure world processing, All in all, IIoT system security is a complex subject.
where a subset of the hardware is partitioned, and Security for an IIoT edge device involves secure boot, code
data and processing is completely invisible to the authentication, chain of trust, and several other well-known
rest of the system. measures. These fundamental security capabilities should
The normal world (or non-secure world) be part of any connected device development.
created and enforced by the ARM TrustZone
can be used to define a hardware subset of the
RESOURCES
SoC. ARM TrustZone ensures that non-secure
processing can access only non-secure resources
and receive only non-secure interrupts. For Mentor Graphics, ARM-based design,
example, a normal-world hardware subset might Mentor.com/solutions/arm/
The news back in March was certainly alarming WikiLeaks There are more than six billion connected devices
announced it had internal CIA documents revealing that in use globally, expected to hit 20 billion by 2020. So
the spy agency had found a way to access Android and Apple the stakes certainly are highfor both hackers and
smartphones, Samsung smart TVs, and internet-enabled cars. The their victims. ForeScouts IoT Enterprise Risk Report1,
leak named dozens of device-specific vulnerabilities and attacks. developed with research by ethical hacker Samy
A regular string of headlines brings stories about the hacking Kamkar, identified seven internet of things (IoT) devices
of seemingly innocuous items like baby monitors, home security that can be hacked in just three minutes:
cameras, and even dolls. The scary part is, entry into these types IP-connected security systems
of devices can potentially open avenues into the larger enterprise IP-connected infrastructure such as climate control
network. From here, scenarios such as spying, physical break-ins, and energy meters
identity theft, malware injection, and further attacks can become Smart video conferencing systems
reality. Connected printers
Unfortunately, the smarter and more connected our devices, Voice-over-IP phones
the more vulnerable they can be to hackers. Scripts and bots Smart refrigerators
are on the hunt, randomly scanning ports for opportunities to Smart lightbulbs
attack. Products themselves are often developed with plenty of
entry points and little in the way of security. For example,
proprietary RF technology may lack authentication
or encryption. Sometimes, the issue is on the
part of the end user employing default
passwords and usernames, not updating
apps, or using weak passwords on
vulnerable devices such
as routers.
Asymmetric key
authentication
relies on public
and private keys.
It is critical to deploy technology that provides an It is critical to use a function with adequate mathematical
authenticated data chain, from a protected sensor node properties to ensure the result cant be mimicked, known as
to the web server. Also important is strong protection of a replay attack. SHA-256 and similar secure hash functions
the IoT device via a secure microcontroller, for example, meet this need. In fact, because SHA-256 is non-reversible,
one that provides a secure boot and can establish secure it is computationally infeasible to determine the input, which
communication between the host system and device. includes the secret, corresponding to a message authentication
Secure authentication is essential, offering the code (MAC). Theyre collision-resistant as well, making it
assurance that an IoT device and any endpoints are impractical to find more than one input message producing a
genuine, trusted, and safe. Also important is ensuring given MAC.
that the information either consumed or produced by the These characteristics make SHA-256 highly effective
device has cryptographic integrity. There are different for secure authentication. For a comparable security level,
methods for implementing authentication. They range symmetric key authentication offers less algorithm complexity
from password-based, which is weak, to the stronger and shorter computation time than another approach
cryptographic digital signature method. This latter called asymmetric cryptography. However, the shared key
method comes in two different flavors of algorithms: requirement results in a key distribution challenge.
symmetric and asymmetric. Well take a closer look at
each approach. ASYMMETRIC CRYPTOGRAPHY
Symmetric cryptography-based authentication Asymmetric cryptography-based authentication uses a
utilizes a shared secret key between the host and the mathematically linked key pair, a private key and public key.
device to be authenticated. This shared key is securely Only the device that needs to be authenticated knows the
stored in both locations and never disclosed. The host private key. The public key, on the other hand, can be shared
sends a random number, the challenge, to the device. with any entity with a requirement to authenticate the device.
The device then computes a digital signature as a As with symmetric cryptography, the host sends a
function of the secret and the challenge, sending it back challenge to the device. The device then computes a signature
to the host. based on the challenge and the private key, sending it back to
Next, the host runs the same computation and the host. In this method, the host uses the public key to verify
compares the result. The device is considered authentic the signature.
if both computations match. Similarly, the host could Also, as in the previous example, information consumed
request information from the device by sending a or produced by the device can be authenticated within this
command with a random challenge. The device would asymmetric structure. Again, the function used to compute the
generate the information -- for example an environmental signature must have certain mathematic properties to prevent
measurement -- and compute a digital signature with replay attempts and key disclosure.
the secret, challenge, and measurement, sending the An efficient solution for embedded environments is the
signature and measurement back to the host. For this asymmetric Elliptic Curve Digital Signature Algorithm (ECDSA).
example, the host can verify the measurement has not It provides strong security for systems where its hard or even
been modified and comes from an authentic device. impossible to secure host keys. As compared to the symmetric
approach, asymmetric
key authentication has a
more complex algorithm Authentication based on symmetric
and longer computation cryptography relies on a secret number
shared between the host and the device.
time for a comparable
security level. However,
key distribution is efficient given theres no security For example, Maxims MAXREFDES155# IoT
risk in openly transmitting a public key. embedded security reference design provides a
Secure microcontrollers and authenticators, means to implement ECDSA public-key asymmetric
such as those offered by Maxims DeepCover cryptography to protect IoT devices and data paths.
portfolio, integrate advanced hardware-based Optionally, the MAXREFDES143# protects devices
cryptography with physical security to provide and data paths with SHA-256 secret-key cryptography.
strong protection against tampering and reverse Use of these reference designs can help simplify the
engineering. In the portfolio are microcontroller and process of developing devices that can authenticate
authenticator products that support both symmetric and manage a sensing node with control and
and asymmetric cryptography for digital signature, notification from a web server or a network controller.
authentication, and encryption algorithms. The task of designing security for an IoT design
The devices selectively have hardware neednt be onerous, nor must it be costly. Developers
accelerators for SHA, RSA, ECDSA, and AES, a full just need to ensure the amount of security tips the
cryptography library with a turnkey API aligned to risk-versus-reward balance. A system that is too
standards, and built-in secure boot capabilities to difficult, expensive, and/or time-consuming to hack
guarantee firmware or file download authenticity. could turn the attention of cybercriminals toward
One example is the DeepCover cryptographic other devices with more lax security.
controller for embedded devices, the MAXQ1061. Furthermore, technologies like secure
A turnkey pre-programmed secure microcontroller, microcontrollers and authenticators, along with fully
the MAXQ1061 offers secure key storage, digital integrated reference designs, make it faster and
signature, and encryption services. easier to guard designs from the prying intentions
To shorten design time and accelerate time of hackers. Design safeguarding can go a long way
to market, Maxim provides an evaluation kit that in protecting reputations, customer experiences,
can plug directly onto a Raspberry Pi board. A networks, and, ultimately, bottom lines.
comprehensive set of software libraries including a
full TLS stack makes it a turnkey solution.
Reference designs provide another way to RESOURCES
design for security early on and efficiently. Todays
high-quality reference designs are highly integrated
ForeScout IoT Enterprise Risk Report,
and thoroughly vetted. Providing much more than Forescout.com/wp-content/uploads/
just hardware and source software, good reference 2016/10/iot-enterprise-risk-report.pdf
designs now commonly include Gerber files, test
data, a detailed bill of materials (BOM), drivers, and Maxim Integrated,
evaluation and development tools. Maximintegrated.com
Batteries boost
wireless connectivity
to the IIoT S O L J A C O B S | TA D I R A N B AT T E R I E S
including the highest energy density, highest Bobbin-type LiSOCl2 batteries were first deployed
capacity, the widest temperature range, and back in the 1980s to power meter transmitter units
extremely low annual self-discharge rate. These (MTUs) for water and gas utilities. In the process of
performance qualities permit the construction being replaced by newer generation devices, these
of small power sources having incredibly long pioneering RFID devices were tested and found to
operating lives. Certain cells can operate for up to still have plenty of available capacity even after 28+
40 years. years in the field. But such incredible long-life is not
Standard bobbin-type LiSOCl2 cells are not a guaranteed certainty. Inferior quality bobbin-type
designed to deliver high pulses, so they must be LiSOCl2 batteries can exhibit annual self-discharge rates
combined with a patented hybrid layer capacitor two or three times higher than leading brands. This is
H A N D B O O K
(HLC) to serve high-pulse applications. The standard important, as many devices lose more energy through
LiSOCl2 cell delivers low background current to annual battery self-discharge than through actual
power the device in stand-by mode, while the HLC battery use.
delivers the periodic high pulses necessary for A bobbin-type LiSOCl2 battery is manufactured
wireless communications. such that the quality of its raw materials can greatly
Consumer electronic devices often rely on impact the self-discharge rate. For instance, a superior
supercapacitors to store the energy for high pulses quality bobbin-type LiSOCl2 cell can feature a self-
in an electrostatic field rather than as chemical discharge rate of 0.7% per year, retaining 70% of its
energy. However, supercapacitors are poorly suited original capacity after 40 years. By contrast, a lesser
for most industrial applications because of inherent quality bobbin-type LiSOCl2 cell can have a 3% annual
limitations that include short-duration power, linear self-discharge rate, thus exhausting 30% of its capacity
discharge qualities that do not allow for use of every 10 years, making 40-year battery life virtually
all the available energy, low capacity, low energy impossible. These performance differences may not
density, and high self-discharge (up to 60% per become apparent for over a decade, so thorough
year). Supercapacitors linked in series also require diligence is required when evaluating competing
cell-balancing circuits that draw additional current. brands.
Resensys chose a bobbin-type LiSOCl2 battery that the IIoT. They save millions of dollars in initial
features a self-discharge rate of 0.7% per year, thus allowing installation costs by eliminating the need to hard-
a long guaranteed service life. The cost of accessing a sensor wire metropolitan sidewalks.
attached to a bridge abutment far exceeds the cost of the These wireless networked solar powered
sensor itself, so it was critical that Resensys offer long-term, parking meters are state-of-the-art and include
no-maintenance power that works reliably in all environments. multiple payment system options; access to
The question sometimes arises about the difference real-time data; integration to vehicle detection
between inexpensive consumer grade rechargeable Li-ion sensors; user guidance and enforcement modules.
cells and more rugged industrial versions. Consumer grade All parking meters are wirelessly networked to a
Li-ion batteries have a life expectancy of less than five years comprehensive web-based management system.
and 500 recharge cycles. They also operate within a moderate Small photovoltaic panels gather solar energy,
temperature range of 0 - 40C. For applications involving with industrial grade rechargeable Li-ion batteries
remote, inaccessible locations and extreme temperatures, used to store energy and to deliver the high
an industrial grade rechargeable Li-ion battery has been pulses required for advanced, two-way wireless
developed that delivers up to 20 years of operating life communications, thus ensuring 24/7/365 system
with 5,000 full recharge cycles. It also works over an reliability for up to 20 years.
expanded temperature range of -40 to 85C, and Technological advancements are creating
can deliver high pulses (5A for a AA-size cell). dynamic opportunities for bobbin-type LiSOCl2
Industrial grade Li-ion cells are constructed batteries and industrial grade Li-ion rechargeable
with a hermetic seal, whereas batteries to deliver intelligent, long-term power to
consumer grade rechargeable all sorts of remote wireless devices, thus enabling
batteries use crimped seals the IIoT to become truly wireless.
that may leak.
For example, IPS
solar-powered parking
meters use industrial RESOURCES
grade rechargeable Li-ion
batteries to deliver true Tadiran
wireless connectivity to Tadiranbat.com
T O M PA N N E L L | S I L I C O N L A B S
Wireless protocols that are widely used in the IoT have a lot
of common attributes. Multiprotocol SoCs able to run them
all can simplify many kinds of wireless designs.
We have many innate expectations for The promise of the IoT is raising the bar. New
controlling the myriad devices and systems wireless-sensor-node deployments are now much
in our lives. When I enter a room in my home or easier with the advent of multiprotocol technology.
office, I expect to be able to control the lights with This technology includes hardware and software
a switch. When I leave home, I expect to set my that enables a single system-on-chip (SoC) device to
security alarm and lock the door. Many of these support multiple wireless protocols such as Bluetooth
systems are already installed and part of a well- low energy, zigbee and Thread. And it spans multiple
established infrastructure. frequencies scaling from sub-gigahertz bands to 2.4
The promise of the Internet of Things (IoT) is GHz.
changing our expectations. Now, I expect to be However, because IoT infrastructure is built on
able to monitor and control the temperature of my legacy systems, we must also consider the challenge
home remotely through my smartphone. I expect of adding new 802.15.4 wireless technologies to
my office building to inherently conserve energy by existing infrastructure deployed in the early days
turning off lights when no one is present. I expect of the IoT. The support of legacy systems is not the
the building to know when I am there and make only challenge. In addition, there is a complexity that
sure my surroundings are comfortable and safe. arises out of the competing protocol standards often
To enable our increasingly connected world, used to solve similar connectivity challenges.
countless IoT devices and systems have been
deployed that we barely notice. Wireless security A TYPICAL IoT NODE
systems, access cards, occupancy sensors, remote The first thing to understand about the vast web of
temperature sensors, and many other connected sensor networks around us is that they are based
devices are omnipresent in our homes, offices, on microcontroller (MCU) technology coupled with
factories, and urban infrastructure. some sort of sensing element. Together they convert
The complex network of wired and wireless the analog surroundings to digital packets. Once
sensors that underpins the IoT has been developed quantized, data often must go to the cloud for
and deployed over decades. To replace these further processing. The transport method of choice
sensor networks would be an expensive proposition. in many cases is wireless. The wireless sensor data
Features: Applications:
Ultra low on-resistance RDS(on) and gate charge Qg High-eciency switched-mode and resonant-mode power supplies
Fast body diode Electric vehicle battery chargers
Superior dv/dt ruggedness AC and DC motor drives
Avalanche capability DC-DC converters
Low package inductance Robotics and servo control
PLUS264
Power Factor Correction (PFC) circuits
Renewable energy inverters
www.ixys.com
code reuse and efficiency can be gained For example, the RF portion must have separate elements to
when a single device can be deployed across handle the different frequency requirements. But the modem
many end products. Engineers can specify a -- which consists of a modulator, demodulator and some of the
single SoC part number that can run zigbee, encryption hardware -- can be shared across both radio front-
Thread, BLE, or proprietary protocols. They ends.
can then decide at the time of production This radio architecture creates a highly optimized,
whether the product will run Bluetooth consistent and economical approach to multiprotocol,
or operate as a sub-gigahertz product. multiband SoC design. Different protocol stacks can share the
This approach enables manufacturers to modem to implement various communications standards. The
minimize financial exposure while maintaining modem is also multiplexed between RF portions to receive and
maximum flexibility in production. transmit packets. This shared architecture is also well suited to
Switched multiprotocol has a strong software development because it provides a common interface
value proposition for the end consumer. This to the radio functions. So it allows developers to create a
technology, for example, enables installers radio configuration layer that can be shared between different
on job sites to provision and calibrate protocol stacks.
products via smartphone apps. This feature is The software necessary to implement a multiprotocol,
particularly useful when deploying a Thread multiband system is complex. Wireless protocol stacks must
or zigbee node. be efficient and must work across a broad set of hardware
Provisioning across a wide range products. They must also work in multithreaded environments
of networks can be difficult. Switched with real-time operating systems (RTOS). In a multiprotocol
multiprotocol technology simplifies this task application, the stacks must work seamlessly together or
index
IXYS ................................................................................................... 45
KEB America, Inc. ................................................................................ 1
Keystone Electronic Corp. ................................................................... 7
Marathon Special Products ................................................................ 18
Master Bond ...................................................................................... 22
Memory Protection Devices, Inc. ......................................................... 3
Rutronik ............................................................................................. 25
Tadiran Batteries ................................................................................ 21
WAGO Corp. ..................................................................................... 11
DESIGN WORLD does not pass judgment on subjects of controversy nor enter into dispute with or between any individuals or organizations. DESIGN WORLD
is also an independent forum for the expression of opinions relevant to industry issues. Letters to the editor and by-lined articles express the views of the author
WTWH Media, LLC and not necessarily of the publisher or the publication. Every effort is made to provide accurate information; however, publisher assumes no responsibility for
accuracy of submitted advertising and editorial information.
6555 Carnegie Ave., Suite 300 Non-commissioned articles and news releases cannot be acknowledged. Unsolicited materials cannot be returned nor will this organization assume responsibility
for their care.
Cleveland, OH 44103
DESIGN WORLD does not endorse any products, programs or services of advertisers or editorial contributors. Copyright 2017 by WTWH Media, LLC. No part
Ph: 888.543.2447 of this publication may be reproduced in any form or by any means, electronic or mechanical, or by recording, or by any information storage or retrieval system,
without written permission from the publisher.
FAX: 888.543.2447 Subscription Rates: Free and controlled circulation to qualified subscribers. Non-qualified persons may subscribe at the following rates: U.S. and possessions: 1
year: $125; 2 years: $200; 3 years: $275; Canadian and foreign, 1 year: $195; only US funds are accepted. Single copies $15 each. Subscriptions are prepaid, and
check or money orders only.
Subscriber Services: To order a subscription or change your address, please email: designworld@halldata.com, or
visit our web site at www.designworldonline.com
POSTMASTER: Send address changes to: Design World, 6555 Carnegie Ave., Suite 300, Cleveland, OH 44103
thinkallied.com 1.800.433.5700
Allied Electronics, Inc 2017. Allied Electronics and the Allied Electronics logo are trademarks of Allied Electronics, Inc. An Electrocomponents Company.
Due to their constant power operating envelope the P-series power supplies are uniquely suited for test
applications requiring a wide range of high voltage/low current and low voltage/high current stimulus
Chromas 62012P-80-60 thereby reducing the number of supplies needed in typical applications. The 62000P Series also includes
Conventional power supply
built in 16 bit readback capability for accurate input voltage and current readings. This means ATE
systems no longer need complex shunt/multiplexers to make accurate pass/fail readings of the UUTs
input parameters. These instruments also include I/O ports providing 8 bit TTLs, DC-ON, fault output
signal and remote inhibit as well as an output trigger signal for system timing measurements.