The highest ranking hub for IoT in India

Data At Rest Is As Important As Data At Motion

10.01K 0
Home » Blog » Data At Rest Is As Important As Data At Motion

Spokespeople: Alex Wilson, Director of Business Development, Aerospace & Defense, Wind River, Dinyar Dastoor, Vice President and General Manager, Operating Systems Platform, Wind River


Alex Wilson

Alex Wilson, Director of Business Development, Aerospace & Defense, Wind River

Q. Failure of components has always been there but how does analytics help in predictive maintenance?
A. Dinyar: The main objective is to prevent a machine or a system from failing. The more data that we get back, the better the analytics, logistics and support that could be provided.

Predictive maintenance is just one of the applications to get M2M (machine to machine) communication. It is now possible to network these machines on the battlefield in real time for activities which relate to homeland security, the battlefield commanders would be able to see the complete picture through these machines.

Dinyar Dastoor

Dinyar Dastoor, Vice President and General Manager, Operating Systems Platform, Wind River

For example sensors on a battle tank help detect unusual vibrations from let’s say ball bearings, pointing to the fact that it might fail sometime in the future. Data analytics will be the game changer that can now predict these anomaly and increase savings in logistics.

Q. Latest security and safety challenges?
A. Dinyar: Security is not like a gate that you can lock. Security is the whole system. Back in the days, most of the systems were physically isolated. In the present scenario, the devices are online and talking to themselves or the cloud. The question to be answered is if the trust factor- from cloud to end point and avoiding the “Man in the Middle” attack. The first layer of security is the key which forms the primary security function. Then comes the exchange of keys and handshakes wherein the access to device would be blocked in case of a key mismatch.

From the software standpoint, if one could breach the second layers, they can see the binaries surpassing the source code. This could be reverse engineered or a malicious code could be inserted. Classic examples include credit card hacks. Now to curb this, the whole binary is encrypted in to a spaghetti code which is almost impossible to break. In case of powered down devices, it is possible that data could be extracted and this is more likely to happen if the data is stored in an open format.

Q. What are the various steps to ensuring security?
A. Alex: A security assessment is important to assess what the vulnerabilities are, the worth of data and what the cost is of losing that data. Mathematically prudent kernel could be used to create highly secure systems. The key is figuring out the vulnerabilities, worthy of the data and budget. As Dinyar says, we have AAA authentication and security protocols built in to the products.

This is especially true when it comes to national security; for instance the Indian defence would want to use cryptography algorithms rather the standard open source.

Another aspect to be considered is that it needs to tie back to the hardware. Software just gives information assurance but one really needs to tie back to the hardware. As soon as the system boots it has to be running in a protected environment.

Step1: Start from a secure boot

Step2: Multiple layers of protection and security.

A lot of companies do not understand security as they never had to worry about it before. As we start to use IoT and with its benefits, we are taking a system and exposing it to a network and in the worst case exposing it to the internet. All these legacy systems which are isolated cannot be connected to a network, but if needed the security must be built from ground up. I think that is what a lot of companies are missing. Money and effort has to be spent on building security. Educating the staff is important as they could probably be the biggest threat.

For part I of the story click here.

Leave A Reply

Your email address will not be published.