Let’s face the M2M security challenges

April 13, 2013

hackersInitially technical innovators focus all they have on making it do whatever they want their innovation to do. Shortly after the breaking news about their brand new product, solution or service we use to receive the follow-on news about problems with things like security, health impact, integrity or fair trade. The scope of the problems obviously relates to what the new thing actually is.

Lets face it, it has always been like this. Telephone systems, microwave ovens, TV set-top boxes, ATM:s, door locks, PCs and Wi-Fi networks are all examples of things that quite easily were possible to manipulate, at least initially. But when we connected people and businesses to the Internet the magnitude of the problem increased many times. Having almost everything using the same communication protocols and even the same network gained us a lot of efficiency but also raised the security bets drastically. Most attacks are not reported publicly but the ones we hear about are serious enough. Fire Eye claims one security attack to enterprises every third second, based on analysis of information on more than 89 million security related attacks reported. Some specific examples since last summer, picked up from Network World: 450.000 stolen passwords from Yahoo, 5,8 million passwords from LinkedIn, 1,5 million from eHarmony, 8 million online credentials from Gamigo and about 3.6 million Social Security numbers and 387,000 credit and debit card numbers from South Carolina. And we all remember the series of password thefts at Sony some two years ago. We’re already at the point where this belongs to the daily news feed and is business as usual.

Now we are connecting also things to the Internet and we will inevitably enter a new era of security and integrity issues, yet on another scale. Imagine hackers manipulating traffic lights, road signs, railroad control systems, power grids, nuclear plants, TV broadcasts, elections, pacemakers, airplanes, stock exchanges or hospitals. Media is quite frequently presenting examples along those lines and even if it is hard to differ between urban legends and real life cases it is safe to say that security will be a very important part of the M2M industry.

Recent examples from media include the Techspot.com story about a security consultant and pilot who claims he can hijack a commercial airplane remotely with his Android app, a story about a hacked pacemaker in the US where almost five million pacemakers and implantable defibrillators have been sold the last five years and several stories about hacked cars including the most recent research from Rutger University and University of South Carolina where they manipulated cars in motion via the TPMS system. At the Hack in the Box conference in Amsterdam the other day electrical vehicle charging stations were identified as potential targets for hackers to cripple parts of the electricity grid.

If the issues of security, safety and integrity aren’t taken seriously by the industry they will slow down or even prevent deployment of M2M solutions. Since perception is reality we need to go beyond just fixing the issue – we also have to make people believe it is taken care of seriously.


Enable M2M trials by proper training

April 8, 2013

STF-200x962013 is the year when M2M aka Internet of Things entered the productivity phase which I have been writing about before. Focus moves from the actual connection to what value comes out. The value we look at in this phase is typically operational thus quantifiable and ROI-calculation friendly. In the next phase, probably as little as 1-2 years away, we will start harvest also the strategic value and that is when industries and society will change drastically.

Already a couple of month into “the year of M2M productivity” I can share a great Swedish example: STF Ingenjörsutbildning is a postgraduate education institute targeting engineers and technicians. They run some 2000 training activities per annum with 15000 attendees, mainly in Sweden but also abroad. STF just announced a one day training on “M2M – from products to services” aiming at providing practical guidance to the attendees. Where to start? Who to turn to? Legal implications? Purchasing considerations? Pitfalls? Hopefully the attendees will have information and confidence enough to start their first in-house project when they come home.

I have been quite involved in this training and believe this is a very important step forward for the industry. We simply need to make people understand the value of M2M for them and give them knowledge enough to start playing around with ideas, prototypes and trials. It is simply not possible to figure out before hand what will happen and which new opportunities we will have when we connect our products. This to me is a great way to drive technology driven innovation.


M2M in its teens – the industry is shifting gear

April 5, 2013
The M2M industry is rapidly leaving the first connectivity focused baby phase – thank god! – and enters the productivity phase. This is where we look at operational issues, capabilities and value. Vendors and operators are preparing themselves to be able to serve the market better and more efficiently. And new partnerships, alliances, initiatives and M&A activities pop up on a daily basis. This is all very good and makes life easier for developers, integrators and customers. But it is more about preparing for the business to take off than making it taking off. It mainly improves the capabilities to deliver in an efficient way.

Today’s initiatives are signs of a developing industry. Building blocks are put together into candidate platforms and architectures. As always most of them will fail over time but still it is an important part of growing up. Let’s look at a couple of recent M2M “teenager activities”:

  • Telefónica and Telit cooperate in M2M Air, providing managed M2M services globally
  • Etisalat group just joined KPN, NTT DOCOMO, Rogers Communications, SingTel, Telefonica, Telstra and VimpelCom in the M2M Multi-Operator Alliance
  • Ericsson and SAP announced a partnership at MWC and talk about the M2M Eco-system
  • Satellite operator Orbcomm acquired MobileNet who provides custom mobile data solutions for the heavy equipment and railroad industries
  • Wipro and Axeda announced a strategic alliance to provide services and end-to-end solutions to help organizations connect with any asset, leverage machine data to enhance business processes and develop new innovative enterprise applications.
  • TeliaSonera, France Telecom-Orange and Deutsche Telekom collaborate to increase the quality of service and interoperability for machine-to-machine (M2M) communications
  • Claro Brazil joins a growing list of Jasper Wireless operator partners including AT&T, América Móvil, NTT DOCOMO, Telefónica, VimpelCom, KPN, SingTel, Etisalat, Telstra, Rogers, CSL and more
  • Several operators including TeliaSonera, Swisscom, XL and have signed up with Ericsson to use DCP for improved M2M service delivery
  • AT&T has several M2M initiatives including AT&T Control Center together with partners like Jasper Wireless, Axeda, Sierra Wireless and SensorLogic.
  • Airbiquity and China Unicom are teaming up to provide telematics services for the Chinese automotive market
  • Vodafone Vehicle Connect and Towers Watson’s ‘DriveAbility’ programme will accelerate the pace at which insurers can get new services to market, and at a competitive cost
Looking at mobile operator subscriptions for M2M, the market continues to grow roughly 25-30% per annum. The number of cellular M2M subscriptions nearly doubled between 2010 and 2012 to reach 143.7 million according to Pyramid Research. They also claim China is growing over 40% per annum and will become the largest cellular M2M market this year. We should remember that a lot of M2M applications share cellular subscriptions or use other technologies to connect.

So operator’s M2M business is growing quite rapidly but from small numbers. In a fairly well-developed M2M market like Sweden, M2M subscriptions are roughly 20% of all mobile subscriptions today. But still most of the market potential is untouched. Policy-driven markets like smart meters, big global markets like connected cars and consumer oriented stand-alone solutions are all fairly well addressed. But small business is big business also when it comes to M2M, and these companies are only addressed by independent Service Enablers, developers, integrators and turn-key solution providers. The alliances, partnerships and M&A activities aren’t reaching that far. A company connecting 100 of their “things” per year in maybe 25 countries across the globe is simply of no interest to any of the large players. The same goes for ,a company who want to develop a specific application to connect 25 of their “things” in a country, unless they are filthy rich.

Success in SME will come from successful platform support for specialist service enablers, developers, integrators and turn-key solution providers. That has little to do with technical issues and a lot to do with trust and business models. This has to be resolved before M2M will grow up.


%d bloggers like this: