Following on from the interview with Remi de Fouchier, featured on pages 8-9 of this issue of IoT Now, Robin Duke-Woolley, the chief executive of Beecham Research, also interviewed Eva Rudin, the vice president of Mobile Connectivity Solutions at Thales’ Digital Identity and Security Business, to find out more about Thales’ plans for the IoT market.
Robin Duke-Woolley: With the rapid growth in prospect for IoT and the increasing interest among traditional OEMs to move towards a service model, what sort of feedback are you seeing from the market on the challenges OEMs and IoT service providers are facing in implementing large IoT deployments?
Eva Rudin: Firstly, let me clarify that when we talk about IoT, this covers many different sectors and applications as well as the connectivity itself. Thales positions itself in cellular connectivity, so this is the focus for this discussion
With OEMs shifting from selling just devices to more of a service model, many see value in cellular connectivity but also may lack experience and expertise in cellular connectivity, especially if it’s a new area of focus for the company. Understanding the cellular technology, the network options and best practices can be a significant hurdle and Thales is here to support them.
It’s the same with security for IoT. Understanding the issues in security for IoT is challenging, yet it is also becoming much more important to get right. As IoT continues to become more central to business and service operations, the potential reputational damage to a brand in the market due to a security breach is escalating quickly, as are the potential legal and liability costs and the cost of downtime in operations. The costs could be huge and security for IoT is really an insurance against this risk.
Cellular can be complex to integrate into IoT hardware. That includes integrating cellular modules, antennas and power management systems into the devices.
IoT devices may also be deployed in challenging environments, such as extreme temperatures or harsh conditions. Ensuring device durability and reliability in these environments is a concern and these need specific hardware and software. Regarding scalability too, as the number of IoT devices grows, ensuring that the IoT solution being used can scale to accommodate all of them is essential.
Then there is connectivity management. This is all about ensuring the best connectivity – in terms of coverage, price and usage – depending on where any particular device is deployed.
Cellular can be complex to deploy as well, with multiple stock keeping units (SKUs) for multiple connectivity providers. IoT service providers today are looking for agile solutions, in terms of choice of connectivity, time to market and breadth of use cases. For example, low power options are now available with specific constraints.
Then there are security and privacy issues. IoT devices can be vulnerable to cybersecurity threats. Ensuring security of data and devices is a critical concern. IoT security threats are rapidly evolving, yet security can be complex and costly to implement and deploy. Having access to skilled security resources is difficult and diverts attention from the core business.
RD-W: Can you describe the key industry requirements as Thales sees them?
ER: Let’s think about ten key considerations. These vary in importance depending on the use case.
First and foremost, security always tops the list of priorities in industry surveys. This is the ability of a solution to ensure secure communications and data transfer with the device while also protecting it against cyber-attacks. Not only does this relate to the reputational risk and potential legal risk that I mentioned just now. This is also of fundamental importance because security engenders trust. Trust in the connection and trust in the data transferred – that the data has not been corrupted in any way. Just a reminder that data collection and analysis is the basis of IoT for making decisions and actions. Without trust, there is no prospect of remote monitoring or control and the IoT cannot function.
Cost is also always a key requirement. The annual total cost of ownership (TCO) may need to be as low as less than US$10 in verticals such as smart metering that have very low data rates, while in others such as cellular routers it may need to be considerably higher to cater for very high data rates.
Related to TCO is ease of installation. Installation and maintenance/repair/operations (MRO) costs can amount to 10-20% of annual TCO so can be a key consideration.
Also related to cost is bandwidth. This is the ability of the solution to satisfy all bandwidth needs, including data intensive applications such as high-resolution video.
Quality of coverage is always important. This is the ability of the solution to provide consistent connection and fluid handover between connectivity providers within its coverage. For example, for a well-functioning supply chain across multiple levels and geographies, data must be collected, integrated and analysed to provide a single view of the supply chain at any time or location. This requires very high quality of coverage of the IoT solution end-to-end.
Device lifetime is often critical, especially when it is embedded in larger and more complex systems where MRO activities could be complex. Closely related to this is the power requirement, particularly where the device is reliant on batteries that must last for up to ten years in some cases.
Related to device lifetime is the contractual model. Contract duration can be an important consideration depending on user sensitivity to the need for flexibility and fear of stickiness to one MNO. For long life devices, such as smart meters, there may be a need to consider changing the MNO during the lifetime of the device in the field.
Environmental resilience is critical in many applications. This is the ability to operate in harsh environments, such as with vibrations, severe temperature variations and in locations with high levels of dust. For example, physical SIM cards and connectors must be reinforced to withstand harsh transport conditions that can induce movement and friction, causing long-term damage to connectors.
Interoperability is adaptability to interact with a wide range of types of connectivity provider, platform provider or application technology.
Finally, regulatory compliance is the ability to comply with use case specific and local regulatory constraints, such as temperature monitoring regulations. Safety and security are also often of concern, particularly in healthcare and also critical infrastructure monitoring.
Thales’ Digital Identity
and Security Business
RD-W: You say these vary in importance depending on the use case. Can you give examples of this?
ER: Let’s consider four very different use case examples – smart metering, connected health, security – as in physical alarms and surveillance – and then track and trace.
For smart metering, the most important requirements tend to be: security; cost; quality of coverage; device lifetime and of course regulatory compliance. This use case is particularly demanding, with applications that have the highest importance requirements.
On the other hand, for connected health, the most important tend to be: security; quality of coverage and, again, regulatory compliance. Security in this case is heavily weighted towards safety and risk to life. Regulatory compliance is heavily weighted towards data protection.
Then for security, the most important tend to be: security; bandwidth and quality of coverage. Without bandwidth and quality of coverage, surveillance for example cannot operate and is particularly weighted towards safety.
While for track and trace, the most important tend to be: ease of installation; environmental resilience; interoperability and regulatory compliance. This gives an idea of how requirements vary between use cases. It means that different support strategies are needed for each of these cases.
RD-W: Taking smart metering as an example, how does Thales utilise its Build, Run, Protect approach for this?
ER: We can take smart metering as an example, but just to point out that Thales addresses other key segments such as the ones already mentioned – connected health, security and track and trace – as well as automotive and many more.
To define and deploy an IoT connected device there are different stages. Thales provides solutions at each of these stages and helps the OEM to select the best technical solution to meet the specific objectives and use cases for its IoT devices.
Thales identifies three main steps during the life of an IoT device: Build, Run and a transversal one we call Protect:
Build covers the device design and engineering.
Run encompass the device production and the deployment in the field from first activation through to decommission.
Protect for cyber protection is transversal across the full device and application lifecycle.
The Thales product and solution portfolio has been designed to help IoT stakeholders in their challenges across each of these three steps. Let’s illustrate this with a specific industry/field of applications – smart metering.
Smart metering, or more globally smart utilities, covers energy with electricity and gas, and water. This is a highly important area right now due to the increasing need to manage scarce resources and respond to climate change issues. These have raised the need for real time monitoring and analysis of consumption and leakages.
With this in mind there are several challenges where Thales solutions can help lifecycle management of the device:
- Design: simplification of the device ‘build’ with a soldered eSIM – avoiding complex sourcing
- Production: a single stock-keeping unit (SKU) ready to be deployed all over the world versus many regional SKUs, complicating logistics and manufacturing processes
- Installation: Out-of-the-box first installation, with automatic connection to the best network versus trying multiple SIMs from different MNOs
- Operation: many events can impact the connectivity in the field (network quality) with consequences for disruption of the data flow. Five, ten or 15 years is a long period of time and there may be a need to adapt the connectivity plan for business reasons. To avoid a costly truck roll, being able to remotely change temporarily or permanently the connectivity provider.
Across all these steps cyber protection is of the utmost importance: avoid data hacking and device identity theft; protect and guarantee service delivery and continuity.
Thales focuses mainly on data and device identity protection. We do this through a process of: Generate, Manage and Revoke smart meter credentials, and by storing secret keys and certificates to protect data exchanged from edge to cloud.
With the high importance industry requirements for smart metering noted earlier in mind, Thales products and services that support these are as follows:
For Regulatory compliance, we have embedded and integrated SIM (eSIM/iSIM) plus Thales Adaptive Connect (TAC) for connectivity and the need to be able to change provider. We also have IoT SAFE – the SIM Applet For Secure End-to-End Communication – plus Trusted Key Manager (TKM) for security, to align with sector regulations.
For Cost, we have iSIM plus TAC as suitable for narrowband IoT (NB-IoT) deployments both from technical and cost perspectives. This is increasingly important for smart water meters that are ramping up quickly using NB-IoT.
For Security, again we have IoT SAFE plus TKM to facilitate deployment and life cycle management of credentials, which is key. As threats are evolving, so are security protection solutions.
For Quality of coverage, TAC enables the ability to monitor coverage issues and to change the connectivity provider on a per device basis.
Then for Device lifetime, eSIM/iSIM have a very long lifespan that matches the requirements of utilities companies. Thales lifecycle management capabilities complement this to adapt fleets of devices to changing conditions over their lifetime of up to 20 years.
RD-W: Are there case studies to illustrate these?
ER: Yes, we have three case studies to share, (see page 14) covering:
- the connection of aircraft in airports for downloading safety-relate and maintenance data.
- monitoring the location and condition of containers as they are shipped in any country.
- the deployment of smart water meters in multiple countries that are in place for more than 15 years.
These illustrate that each individual case has its own requirements. The challenge that Thales is addressing is how to cater for all of these individual requirements in a straightforward, flexible and cost-effective way.
