Hottest information about 5th Annual M2M and IoT Strategies Summit
19 JUNE 2019
Head of IT
3 Questions For Manish Mishra
How do you envision the future of IoT-based innovations in manufacturing?
IoT related technologies seem to have a huge potential, especially in monitoring the pace and usage of statistics in order to be used in enriching the production on-the-fly in an agile manner. By this means, manufacturing methodologies are nominees to be digitalised by using IoT technologies. As everybody agrees, without having enough clues about your domain, you cannot manage it in a perfect way. The more detailed information about each object in your production you get, the more precisely you can act.
How to ensure trust in IoT in factories?
Using certified devices with high level of security, ensuring the communication protocols and forming an active encryption/decryption mechanism would reduce the potential risk. Keeping everything up-to-date is a part of this situation as well. Moreover, depending on the nature of IoT devices, regular system checks, especially on calibration and communication infrastructure, will definitely increase the accuracy and trust to these systems.
What are the key steps to take to enhance IoT security in manufacturing? How do you expect this evolving in the following years?
Using two-factor authentication, using light and speedy protocols such as message queue telemetry telegram aka. MQTT, never loading the hard logic to the IoT nodes but keeping those as dummy agents for just transmitting input and output would be some of the steps to be taken to secure the IoT in manufacturing as additional security related precautions. Especially, inevitable uptrend of 5G will change the paradigms and evolve the security aspects in Manufacturing.
Erkut studied Computer Science, Engineering and Informatics and started his professional life in a software development company as a Developer and then Project Manager. He worked for Philip Morris-Production more than 10 years and involved many Manufacturing Systems implementation which provided him to have a detailed Manufacturing know-how in many aspects. Before Hugo Boss, he worked with several companies from Public and Private sector as Business Development Manager, especially on Business Intelligence. He has been working for Hugo Boss since 2010 as Head of IT and the last 3 years he has focused on Industry 4.0 and Smart Factories. His main interests are IoT, System Integration, Big Data Analytics, Robotics, Simulation and Artificial Intelligence (AI). He is working on Digital Transformation of the organisation not just in creating the strategies and also execution of all these related projects. Beyond the technical studies, he also takes care of all employees’ commitment to this Digital Journey which HB Izmir has already set on to “Smart Factory”. His hobbies are skiing, tennis, swimming, and of course following technology and new innovations at all time.
16 MAY 2019
Head of Excellence & Innovation, IoT, BA Technologies and New Businesses
3 Questions For Manish Mishra
How to ensure that value delivery to consumers is at the centre of global connectivity management?
Global connectivity management is at heart of IoT ecosystem turning business concepts into realities. New capabilities and business models that are driving Industry 4.0 transformation, likes of; Smart Manufacturing, Self-driven vehicles, remote surgery & mining etc. are all dependent on seamless connectivity management at the base.
Key challenges faced in IoT adoption and deployments are:
- Complex and fragmented ecosystem, multiple players requiring interoperability.
- Difficult connectivity, coverage and capacity trade-offs.
- Long development cycles and slow time to market.
- Lack of standardisation and control of the IoT lifecycle.
Ericsson strongly believes cellular connectivity is key to successfully resolve these challenges and Ericsson’s IoT Accelerator platform drives global connectivity and device management services towards this objective, as I describe below.
- Global coverage to tap into existing global network infrastructure covering 95% of population.
- Use case flexibility, handling more diverse use cases (from massive IoT to mission critical IoT) than any competing wireless technologies.
- Reliable, secure and resilient connectivity for all types of IoT devices
Standardised connectivity, working exactly same across the world.
Ericsson’s IoT Accelerator solution enables growth of IoT by lowering the barriers of cellular connectivity to three segments of IoT users:
- Enterprises: Help them turn concepts into realities with shorter development times for IoT solutions, fast and simple deployment, and profitable growth at any scale.
- Service providers: Help scale their IoT business by making it easy for their enterprise customers to connect and manage IoT devices locally and globally.
- Ecosystem partners: Help them with faster time to market and seamless integration into any ecosystem, supported by an existing global ecosystem that provides coverage in over 100 countries.
How to ensure a customer trust in the IoT?
Based on number of industry predictions, including latest Ericsson Mobility Report, we will have 22 billion+ connected devices globally within next 5 years. As the diversity of IoT services and the number of connected devices continue to increase, the threats to IoT systems are changing and growing even faster. IoT is great opportunity, but with high risks.
There are three key factors impacting IoT security considerations:
- Data-based decisions which are at heart of industry digitisation, heed secure & reliable data. Vital decisions related to business, safety and health are increasingly based on data. To make the right decisions, data must be accurate and secure.
- Different devices require different security solutions. Some devices are constrained with very limited capabilities and for such devices traditional security methods are not possible to use.
- End-to-end ecosystems security. In IoT, success depends on collaborative ecosystems of device manufacturer network providers, platform providers, app developers and end-users. Ensuring end-to-end security of the ecosystem is crucial.
IoT systems support new business models that involve new actors. Trust in IoT services hence:
- Depends on how these actors govern identities and data, security and privacy, and the degree to which they comply with the agreed policies and regulations.
- Will be built at different user experience levels i.e. IoT solutions need to be trusted by individual consumers, by enterprises deploying IoT solutions, by network & connectivity infrastructure providers and by vendors of IoT technology and devices.
These multiple dimensions of user trust in IoT are based on:
- Trusted identities of devices at connectivity & application level.
- Trusted data by protection at both storage and in-transit. Any breaches need to be detected as quickly as possible to limit possible damage.
- Trusted connectivity provided by ICT infrastructure. Traffic separation (incl. 5G network slicing) and protection technologies are reducing the risk of downtime and denial-of-service (DoS).
- Privacy and confidentiality. Regulations such as EU GDPR are good steps in this direction.
Thus, IoT ecosystem needs a comprehensive IoT security and identity management solution that is able to manage and orchestrate the IoT components horizontally (from device to service and consumer) and vertically (from hardware to application).
Ericsson’s E2E IoT security and identity management architecture is designed with this in mind, managing and orchestrating the IoT domains both horizontally and vertically, and addressing both security and identity from the IoT device throughout the service life cycle.
What are the key steps to take to enhance IoT security? How do you envision this evolving in the following years?
As pointed out in last answer, most important is to understand that IoT security needs are very unique and hence implement an E2E approach towards full IoT ecosystem. This also means that IoT security management must be approached in new ways, moving from reactive and manual to proactive and automated. The sheer volume of devices that will get connected calls for security automation, and enhanced security analytics capabilities.
Ericsson is working (also with partners) to build these capabilities and we strongly believe that we will see fast evolution of IoT security towards this wanted position. Let me explain evolution of this approach through key capabilities, part existing and part being built.
An IoT solution spans from devices via network interfaces to the cloud that hosts the platform and applications providing services consumed by IoT users. Each element of the chain will be considered when designing an E2E approach to security and identity in the IoT.
Ericsson’s E2E security architecture consists of:
- E2E security and identity management layer.
- Domain specific (e.g. device, gateway, access, platform and applications) management layers.
- Security and identity functions in each domain (in #2) component.
According to this approach:
- The IoT service provider is responsible for managing #1, E2E security and identity management layer, whereas
- #2, Domain-level management layers can be delegated to the IoT platform service provider and connectivity service provider etc.
This approach will also leverage advances in security analytics and machine learning to provide threat, risk and fraud management at both #1 E2E and #2 domain management layers.
Thus, an E2E security management solution must drive overall security and privacy policies and compliance and be able to coordinate across multiple domain management systems through the establishment of cross-domain identities and relevant policies.
Also, rapid detection of attacks is crucial as no IoT ecosystem or network will ever be 100% secure. Security monitoring and analytics functionalities must have the ability to analyse logs, events and data from IoT domain components combined with external data about threats and vulnerabilities. Machine learning technology makes it possible to learn from and make predictions based on data. Coupling a machine learning analytics engine with central threat intelligence improves the detection and reduces the response time for known threats.
On top of a monitoring and analytics engine, solutions relating to vulnerability, threat, fraud and risk management along with security policy, orchestration components are also required to automate security controls and maintain them at desired levels.
It is also crucial to have an efficient security incident management process that ensures rapid response and recovery. Real-time insights and audit trails from tools such as security monitoring, analytics and log management help to find the root cause of an incident.
Manish has 18+ years of experience in Tech. Leadership, Business Development, Customer engagements and Consulting, across diverse domains like Telco OSS/BSS, Cloud, Analytics and IoT, with global ICT organisations; Ericsson, IBM and TCS.
In his current role, he is based out of Stockholm, leading Excellence and Innovation unit in Ericsson IoT with responsibility of driving platform scaling, self-service, automation, AI and quality of service, for Ericsson IoT platform.
He has experience across both products and services portfolios, being part of key components of e2e value chain in ICT industry; selling, building and delivering technology solutions.