NoT Model Defines IoT
Wednesday, August 10, 2016 @ 04:08 PM gHale
There is now a basic model aimed at helping better understand the Internet of Things (IoT) and its security challenges.
The model, published by National Institute of Standards and Technology (NIST), gives examples of IoT systems include a smart electric grid, a home controlled by sensors, self-driving cars, smart factories, and heart health monitors.
There are many ways to describe the IoT. More than 20 professional and research groups have worked to characterize the IoT, but so far there is not one universally accepted definition.
Despite that, the International Data Corporation (IDC) predicts the global market for IoT solutions to grow to $1.7 trillion by 2020. After studying the recent attempts to define the IoT, NIST computer scientist Jeff Voas determined that “there is no formal, analytic or even descriptive set of building blocks that govern the operation, trustworthiness and lifecycle of IoT components,” according to his introduction in the just-released NIST publication, Networks of ‘Things.’
Voas created a new model based on distributed computing, which has been in use for decades. In distributed computing, computer components are networked and share messages about tasks to operate efficiently. A simple example is the local area network in an office where computers share a printer.
The Network of Things (NoT) model relies upon four fundamentals at the heart of IoT— sensing, computing, communication and actuation.
The model’s five building blocks, called “primitives,” are core components of distributed systems. They provide a vocabulary to compare different NoTs that can end up used to aid understanding of IoTs.
A simple NoT in a home is a simple way to understand the primitives.
The NoT is programmed to turn off the overhead light if no one is in the living room. The first primitive is a sensor, in this case a motion detector, that measures physical properties. The second primitive, a communications channel, transmits the data from the motion sensor to an aggregator primitive. The aggregator is software that processes the sensor’s raw data into information using an external utility primitive such as a laptop computer. The decision-trigger primitive determines whether or not the light should be turned off.
The model of the NoT includes six elements—environment, cost, geographic location, owner, snapshot-in-time and a unique device ID — that all play a role in the reliability and security of a NoT.
A car is also a network of things with potential vulnerabilities. For example, the car’s speed sensor might malfunction after years of being exposed to heat and water in its natural environment. In an instance of poor sensor security, an attacker might access a smart building’s temperature sensors (which control the temperature of a server room) and physically replace them with inactive ones. The result could be that the air conditioning in the server room is turned off, overheating the drives and causing computers to fail.
These simple examples just touch upon the reliability and security issues that can occur in networks. The NoT model was developed to assist researchers as they model simple problems, and help them understand what is needed to secure larger, more important networks.
“The vocabulary and science of the Network of Things will help researchers understand how the components of IoT interoperate, and compare the security risks and reliability tradeoffs,” Voas said.