Wireless Security for the Internet of Things

If you believe the futurologists, then the Internet of Things (IoT) is going to be the next big thing.  Depending on who you listen to, by 2020 there will be up to 50 billion connected devices, an order of magnitude greater than the number of mobile phones.  You can already see the start of that, whether it’s smart meters, connected information signs, or the increasing number of fitness devices, like Fitbit and Nike’s Fuel wristband.  To get a better idea of what else may be emerging to make up that number, a good place to start is Kickstarter – the website for crowd-sourced funding.  It shows that a significant number of potential start-ups are looking for money to produce a bewildering array of gateways and sensors.

It’s great that there is so much innovation going on in this area.  I’ve been trying to help it take off for almost two decades and at last I can convincingly say it’s happening.  But underneath the enthusiasm, I’m concerned that not enough attention is being given to security.

A few weeks ago, a speaker at a security conference in Australia talked about wireless attacks on pacemakers.  Possibly because of the combined press frenzy around Superstorm Sandy, Obama’s re-election and Jimmy Savile, that piece of information wasn’t picked up by the mass media.  At the same time, I’ve been playing with some of the latest consumer products that have come to market and found very little evidence of security.  In fact, recent coverage in the technical press suggests there is a worrying feeling of complacency.  I suspect that may be because wireless and end-to-end security is a new concept for many of the engineers designing IoT devices.  But it is important that it makes its way onto the agenda, otherwise it may seriously impact the potential for growth.

Read More

In Praise of Cables

For most of the last twenty or so years I seem to have started off the year by writing an article claiming that this would finally be the one when wireless data takes off.  It’s nice to see things changing: Wi-Fi is finally starting to move outside internet access for PCs and Phone, Bluetooth Smart is appearing in desirable consumer devices and should trigger an avalanche of connected accessories, and smart metering is bringing ZigBee and Wireless M-Bus into homes as a static PAN.  That doesn’t mean that there are not still massive unexplored opportunities in M2M, but it’s good progress.

Instead of the obvious call for more, I’d like to look back at the many advantages of cables.  As designers rush into wireless, it’s easy to forget what they’re giving up.  Wireless offers new opportunities, but only at the expense of many serious compromises.  In this brave new world of wireless it’s apparent that some people are forgetting those compromises.  In this and the following article I’m going to look at what they are and then address the misconception that wireless standards can be treated in the same way as wired ones, debunking the common misconception that they follow the OSI model.

Read More

Electronic Health Records, Data Integrity, Consumer Apps and Continua.

A few weeks ago I was talking to someone who mentioned the Talisman SOS bracelet that she and her family wore and suggested that people should be encouraged to add basic medical information into their phone.  In the UK there have been a number of campaigns to persuade people to add an ICE (In Case of Emergency) number into their list of contacts.  Her suggestion was that this could be expanded to include key medical details.  Plenty of such phone apps like this already exist, such as My Life Record, Smart-ICE, Hermes and Allscripts Remote.  The problem they bring is how much they can be trusted, particularly in an emergency.  It’s something that is causing considerable anguish not only within the medical profession, but also within industry groups who are trying to move medical monitoring into the home. It was a hot topic at this week’s Wireless Communications in Healthcare Conference in London.

At the heart of the problem is the integrity of data that goes into a clinical record.  Until recently, data was only ever entered by members of the medical profession.  The advent of accessible electronic health records means that patients can begin to enter their own data or modify their records.  Whilst I believe that’s the way the world has got to move, it raises important issues.

Take the case of Julia…

Read More

2009 – The year of Bluetooth low energy

 This year will see the arrival of a new short range wireless standard that is set to revolutionise the way that devices are made.  That’s not a new claim – I recall it being made for Bluetooth, Wi-Fi, ZigBee, Home-RF and DECT, amongst others.  Some succeeded massively, some struggled on and some failed.  This year sees another technology join the fold and I’m confident that it will make a bigger change that any that has preceded it.


The technology I’m talking about is called Bluetooth low energy.  Don’t be fooled by thinking it’s a variant of Bluetooth – that would be a mistake.  Although it’s part of the Bluetooth family of standards, and designed to coexist within an existing Bluetooth chip, it’s a totally new standard, designed from the bottom up to fulfil a new set of requirements.


Those requirements are to enable a new generation of products that can connect to mobile phones.  It covers everything from fashion accessories, watches, fitness and medical devices to office and security products.  The essential thing is that they can be low power, low cost devices that only need to send small amounts of data.  That allows them to be run off batteries that don’t need regular charging. In fact most of them will run for years on single coin cells.


As well as connecting to your phone as accessories, they’ll also be able to use the phone to send their data over your mobile network to a remote web service.  That’s where Bluetooth low energy becomes really powerful, as it allows your mobile phone to act as a gateway.

Read More