encryption and battery

By Stephen Lurie, Marketing Manager of IoTerop.

There is not one, but many IoTs. Each with its own benefits, challenges, and constraints. Mention IoT and some people think of baby monitors, but when industry is eagerly eyeing how to use IoT to reduce waste and improve operations.

Among the most challenging solutions to build are battery operated IoT solutions like we find in smart metering.

Industry is keen on these solutions because they solve real problems like improving billing operations, identifying leaks, and reducing costly human interventions. Cost-competitive energy and water benefit the economy while improving everybody’s quality-of-life.

As IoT technology matures and smart metering integrates with other IT systems the benefits continue to expand. Organizations are also getting better at measuring IoT’s full costs many of which are hidden to the non-expert. A useful analogy is cheap printers. They seem attractive until you have to replace the cartridge.

Smart meters cost just a fraction of what they cost a generation ago and these solutions are intended to have lifespans measured in decades. But like printers the real costs not understood until operations begin. However, unlike the printer you can’t just run out to the store and change it once you’ve figured out you’ve been had.

The key to limiting smart metering operational costs is limiting human interventions. This is very much the idea behind device management and Lightweight M2M, a device management standard. From device commissioning, to routinely provisioning devices with security certificates, to remote over-the-air firmware updates, to modifying something as simple as a reporting frequency, everything must be automated, minimizing human interventions.

Battery-operated IoT solutions, like smart metering, add energy management to already consequential challenges. Ideally a smart meter, using a single double A battery, like we find in a baby monitor, can if properly developed and optimized, operate for ten plus years.

Technically this is very difficult, but all the more so when we consider these devices operate in less than ideal conditions and are dependent upon lossy, high-latency LPWAs to connect to the cloud. None of this matters. Simply put, the longer a smart meter can remain in the field untouched the better the ROI.

This simple calculation means no stone is left unturned in the search to improve solution performance. File formats. Composite operations. Transport protocols. And finally security all must be evaluated, integrated and optimized.

Take Constrained Application Protocol (CoAP) which is part of LwM2M. CoAP is a transport protocol, conceived specifically for IoT, to help constrained objects communicate efficiently over lossy, high-latency LPWAs like NB-IoT.

For battery-operated IoT solutions, CoAP’s ability to reduce message size and improve messaging efficiency translates into microwatts saved and better ROIs. Unfortunately CoAP relies on DTLS for security, and DTLS although better than alternatives, is not optimized for IoT. However, combining CoAP with DTLS was architecturally considered the best practice for securing IoT until…

Introducing OSCORE

Object Security for Constrained RESTful Environments (OSCORE) is the first standardized security IoT security protocol. It has three advantages over DTLS and TLS its IT centric predecessors:

    1. Flexibility: unlike TLS with TCP and DTLS with CoAP OSCORE is transport independent and can be used in conjunction with CoAP, SMS, NIDD, TCP, or any other data transport mechanism.
    2. Security: unlike TLS and DTLS which encrypt data only from the device to the next intermediary, OSCORE encrypts data from end-to-end or from the device to a pre-defined endpoint.
    OSCORE encryption diagram
    3. Performance: OSCORE, unlike TLS and DTLS which encrypt the entire message, encrypts just the payload or the key part of a message, reducing CPU and memory requirements, resulting in up to 30% energy savings.
    OSCORE resource consumption table

Conclusion

IoT fundamentally changes the cost of collecting and acting upon data. Standardized device management like LwM2M fundamentally changes the calculus of building, deploying, and operating IoT solutions.

Solutions aligned with LwM2M are interoperable. But what does that mean? For one it means a single solution can be deployed anywhere in the world increasing access to markets for businesses of all sizes, accelerating innovation and investment.

But it also provides important strategic assurances. If you have a LwM2M server you can support any device. Inversely if you have a LwM2M solution you can use any LwM2M compliant back-end. Put simply build to LwM2M you can use any cloud. Build to Azure and you are going to be using…Azure. Technology is cool, but choice, convenience, and common-sense are the ultimate features.

No one builds their own web server. You build your web server on top of Apache. No one builds their own cloud either. You evaluate the existing cloud offerings and choose the one that best aligns with your business.

As IoT matures, and the issues become better known, businesses are increasingly turning to LwM2M as a strategic repository of money saving best practices. The list is long and continues to expand.

For data, LwM2M provides standardized data objects speeding application development and increasing data portability. For operations, core device management services like remote device onboarding and certificate management facilitate large-scale deployments. To securely updating solutions and meeting legislative requirements with a standardized firmware update mechanism. To efficient data transport over lossy LPWAs using CoAP. And now, OSCORE for security, that meets IoT’s technical and economic constraints.

IoTerop NEBRASKA Webinar with Amazon Web Services : Register for IoTerop’s webinar to find out how easy it is to connect LPWA solutions with AWS IoT Core.
OSCORE: Get IoTerop’s whitepaper to learn more about OSCORE.



Source link