As the Internet of Things (IoT) continues to mature, organisations are looking to select enabling technologies, services and solutions to turn their business ideas into reality. Among the many fundamental capabilities required, connectivity and security are among the most visible as Richard Stamvik, managing ecosystem and partnerships at MultiTech, discusses in this interview with IoT Now.
IoT Now: There are many decisions to be made to ensure optimal IoT deployments. What factors should organisations take into account when making connectivity decisions?
Richard Stamvik: There are several challenges for organisations: How large is the area they intend to operate in – is it a building or a country? What quality of service do they need and how much are they prepared to pay for that? What’s the acceptable energy consumption of the IoT solution as this relates to the cost of power from, for example, batteries? And what’s the amount of data to be transmitted and what are the related speed and latency requirements?
Different technologies have different pros and cons. For example, short range Bluetooth technology offers low energy consumption and high data rates. Similarly, you can roll-out low energy, long range low power wide area (LPWA) technologies such as LoRa or narrowband IoT (NB-IoT) but these won’t offer the high data rate of 3G or 4G.
A key learning here is that one size does not fit all.
IoT Now: Choosing between licensed and unlicensed spectrum is a core challenge. How can organisations judge the relative merits?
RS: The right to use licensed spectrum costs money, payable to the body managing the regional radio spectrum allocation. Here we find the 3GPP cellular ecosystem with operators offering worldwide network coverage and equipment providers with footprint across the globe. Licensed spectrum offers good quality of service, high reliability and low latency, and is suitable for critical or real-time control usecases.
Anyone can use unlicensed spectrum and this offers a quick route to market and cost advantages for infrastructure, devices and services which are all becoming widespread, with both private and public deployments across the world. Here we find LoRa and a several other technologies. Licensed and unlicensed spectrum both have their pros and cons and usecase requirements must govern which to select.
IoT Now: Among the wide range of unlicensed options, why are organisations choosing LoRa solutions?
RS: There has been a big uptake of LoRa solutions because other unlicensed technology alternatives are either immature, have small ecosystem and deployment footprint or unsuitable business proposition, and licensed technology alternatives such as cellular NB-IoT or LTE category M1 haven’t been widely available. Cellular options such as 3G and 4G were not really designed for low bandwidth and low energy consumption applications whereas LoRa would fit the requirements as well as offer an industry standard and a growing ecosystem of product and service providers.
There’s a massive diversity in use cases which means many different approaches are required. Consider the business case options; once you have bought your cellular devices you pay a recurring fee to an operator, whereas after your investment in unlicensed technology you have a choice including a recurring fee or a no-fee model. In the unlicensed camp LoRa’s maturing ecosystem also offers cost competition resulting in a very nice business proposition for many usecases.
IoT Now: MultiTech is launching further LTE Cat M and NB-IoT products. Please can you tell me about them and why you are supporting both options?
RS: We have a comprehensive cellular product portfolio including IoT modems, routers and gateways, and we support a wide range of cellular wireless connectivity options including HSPA, LTE and NB-IoT.
In the US market, LTE Cat M1 has had traction with operators and device vendors for while, while in Europe and Asia NB-IoT is more widely considered, and we thus have to address both. Over time we’re going to see a mix of both technologies spread around the world.
IoT Now: What is MultiTech doing to help companies develop solutions utilising either of these technologies?
RS: We are bringing NB-IoT and LTE Cat M1 connectivity to both current and future cellular products. For customers this offers an opportunity to quickly hook up their IoT devices to the latest version of the cellular IoT network, and for operators this offers a way to quickly deploy devices on their new networks.
IoT Now: Moving on from connectivity, security is another fundamental challenge to the success of IoT. What security aspects should be priorities for organisations?
RS: Again it comes down to the use case. You need to understand what’s required to protect your assets. It’s like the front door lock to your house. You choose one based on functionality, performance and price protecting against the average burglar. You don’t want to spend more on it than the value of the assets you’re looking to protect.
Beyond the basic economics, consider what you actually need. For example, do you need secure communication from the sensor to the cloud? Do you need end-to-end encryption? Do you want device authentication? Is there a need for the system to be future-proof and, if so, do you need a means to update all the nodes on the network?
There are many other aspects to consider but first you need to decide what’s important to you.
IoT Now: Is the focus on hardware security at the expense of other aspects such as secure VPNs?
RS: Hardware security includes ringfencing a storage or a code execution area. Various technology enablers can be used for this, such as secure element, software virtualisation or a Trusted Execution Environment.
You also need a secure link between devices and cloud. Cellular and LoRa connectivity offers encryption, and this in turn requires secure management of encryption keys. You also need management of access rights to devices, and of device and user policies.
Device integrity includes secure boot, watchdog functionality and tamper resistance and prevent unauthorised changes in software and hardware.
The technologies and enablers above enable services such as end-to-end encryption of data in motion and at rest, policy management, authentication of users and devices, provisioning of devices, device update ensuring the latest software is used, device and user management and private networking and VPN.
IoT Now: What developments and advances are you seeing in authentication and non-repudiation?
RS: We offer a range of related features in our products, and we’re also partnering with companies with experience from various parts of the security landscape, for instance private networking and end-toend services including authentication.
An interesting area is how cost for device identification can be saved by smart use of device entropy, or by embedding a secret using a suitable mechanism. It comes down to security that is good enough for the money you pay.
IoT Now: Is encryption the answer – can it assure sufficient security?
RS: Encryption allows you to ship data from A to B or store it, all while ensuring nobody has interfered with your data and compromised its integrity.
Encryption is just one of the many aspects of security to consider as outlined above. To sum up; you need to provide privacy by securing the devices, securing the end-toend architecture, and providing management and control of the above.