Trust me i m an m2m device
Sponsored Links
This presentation is the property of its rightful owner.
1 / 33

Trust Me, I’m an M2M Device PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Trust Me, I’m an M2M Device. Noel Poore Architect, Oracle.

Download Presentation

Trust Me, I’m an M2M Device

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Trust me i m an m2m device

Trust Me, I’m an M2M Device

Noel Poore

Architect, Oracle

Trust me i m an m2m device

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Program agenda

Program Agenda

  • The Internet of Things

  • Topic 2, Arial, 24 pt

  • Topic 3, Arial, 24 pt

  • Topic 4, Arial, 24 pt

  • Topic 5. More than 5 topics, add second agenda slide.

What is m2m

What is M2M?

  • According to Wikipedia…

    Machine to Machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability

Internet of things

Internet of Things

Different Services,Different Technologies

Different Meanings for Everyone

Miniaturization & advances in packaging technologies

Advances in flash

New class of powerfulbut low-cost & low-power MCUs

Cloud-based services

And the Word“SMART”

Is Everywhere!

Iot is more than m2m

IoT Is More Than M2M

The Internet of Things (IoT) is about Machine to Entity (M2E):

Machine to Machine:

Automatic diagnostics for cars: Automatic information collection from your car’s engine management system and sending real-time alerts to drivers or service centers

Machine to Infrastructure:

Automatic bridge monitoring: Sensing and monitoring the structural integrity of a

bridge in case of flooding

Machine to Human:

Automatic health monitoring for people: Implant monitoring services or disease management via implantable electronics

Machine to Nature/Environment:

Early detection of earthquakes: Distributed sensors to detect early tremors in specific places

Slide title arial 28 pt one line

Slide Title: Arial, 28 PT, One-Line

Subtitle: Arial, 20 pt, One-Line Max

  • Bullets are sentence case. Use Arial, 20 pt font.

    • Sub-bullets are Arial, 18 pt font.

  • Keep bullets short.

  • One idea per bullet.

  • No more than five bullets.

  • NOTE: Arial is the ONLY font that should be used in the Oracle corporate presentation template.Times and other serif fonts are not acceptable.

To ensure that slides are properly formatted to this template, see pages 7 and 8 for instructions.

Iot architecture

IoT Architecture


M2M Area Network

M2M / IoT Applications


M2M Core

Service Capabilities


M2M Area Network

Direct Connection

Client Application


Iot use case smart home smart health pervasive remote monitoring and or control

IoT Use Case: Smart Home & Smart HealthPervasive Remote Monitoring and /or Control

Human being’s vital statistics monitored via edge nodes communicating through body area network s(BAN) and personal area networks (PAN)

Many other “things” in the smart home using local area network (LAN)

All communicate with a home hub / gateway, which, in turn, communicates to the cloud via wide area networks (WAN)

CLOUDMonitor Anywhere


Home Hub



Wireless WAN





End to end security is a barrier for iot adoption

End-to-End Security is a Barrier for IoT Adoption

“The horizontal evolution of M2M will require full end-to-end security. Significant efforts need to be invested into M2M application security in order for the M2M market to fully evolve. Whether this is through open source initiatives or standards development, the demand for increased M2M application security will have to be answered, and sooner rather than later.”

ABI Research, M2M Dream Challenged by Alarming Security Concerns, Feb 2013


Of embedded systems and applications developers have not proactively addressed security in existing development projects


Median CAGR growth (2011-2014) in shipments of security solutions for industrial automation, medical devices, consumer electronics, automotive and retail

Source: VDC Research

Strategic Insights 2012: Embedded Software & Tools Market, Security Development & Runtime Solutions

Insecure devices and services

Insecure Devices and Services

  • Connected light bulbs with IP-based controller

  • Not enough attention paid to security

  • Inadequate hardware

  • Poorly thought through software

  • Saving on BOM cost may be a poor investment

Internet as a top security concern

Internet as a Top Security Concern

Testifying at the Senate Intelligence Committee’s annual hearing on worldwide threats, Director of National Intelligence James Clapper told lawmakers that terrorist groups are increasingly pursuing the ability to wage cyber attacks, which, if successful, could bring businesses and the government to a collapsing halt.

“Our statement this year leads with cyber, and it’s hard to overemphasize its significance,” said Clapper, reading a statement on behalf of himself, FBI Director Robert Mueller, CIA Director John Brennan and National Counterterrorism Center Director Matthew Olsen.

Despite the growing number of terror and nuclear related threats, officials and lawmakers concentrated much of their attention on cyber security — a signal that momentum is growing on Capitol Hill to try topass another bill on the issue.

Intelligence Chiefs Warn that Cyber Attacks are Nation’s Top Security Threat

By JordyYager and Carlo Munoz – 03/12/13 4;00 PM ET

Privacy who

Privacy Who?

The Internet is a Surveillance State

By Bruce Schneier, Special to CNNupdated 2:04 PM EDT, Sat March 16, 2013

The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks u s on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies trackedhis Internet useduring one 36-hour period.

Facebook, for example, correlates your online behavior with your purchasing habits offline. And there’s more. There’s location data from your cell phone, there’s a record of your movements from closed-circuit TVs.

In today’s world, governments and corporations are working together to keep things that way. Governments are happy to use the data corporations collect – occasionally demanding that they collect more and save it longer – to spy on us. And corporations are happy to buy data from governments. Together the powerful spy on the powerless, and they’re not going to give up their positions of power, despite what the people want.

Information must be secure and trusted

Information must be secure and trusted

  • Information needs to be

    • Timely

      • Most information has to be up-to-date to be useful

    • Confidential

      • Information owner needs to be able to control access to information

    • Integrity assured

      • Assurance that information is complete and authentic

  • If the data can’t be trusted, the entire service paradigm breaks down

Top challenges in iot security

Top Challenges in IoT Security


  • Non-repudiation

  • Confidentiality

  • Integrity

  • Anonymity

  • Weak trust relationships

M2M Area Network

  • Electrical

  • Tampering

  • Physical

M2M / IoT Applications


M2M Core

Service Capabilities


M2M Area Network

Direct Connection

Client Application


Device Domain

Network Domain

Challenges in iot security

Challenges in IoT Security


Over/under voltage

Power analysis

Frequency analysis

Electrostatic discharge

Circuit probing


Change functionality

Secure boot

Flash protection

Device Domain

  • Physical

    • Temperature variation (into extremes)

    • Temperature analysis

    • De-processing

    • System theft

    • Partial destruction

    • Hardware addition/substitution

Challenges in iot security1

Challenges in IoT Security


Mutual authentication

Digital signatures

Identity verification


Secure data transfer

Protection of data from unauthorized eavesdropping

Network Domain

  • Integrity

    • Data integrity verification

    • Protection of data from unauthorized modifications

    • Exclusivity

  • Anonymity

    • Protection of device identity from unauthorized network eavesdropping

Challenges in iot security2

Challenges in IoT Security

Weak trust relationships

Network Domain

Devices supplied by service provider

Devices owned by end user

Cellular/wired network

IoT Service Providers

Strong trust relationship

Devices owned by end user or supplied by operator

Weak trust relationship



Critical factor for IoT success

  • Unless consumers can trust IoT devices, there will not be mass adoption

  • Need to develop “implicit” trust

    • You don’t worry about your snail mail

  • Trust requires security at all levels

    • Hardware

    • Network

    • Data

    • Application

Example of mcu system security

Example of MCU System Security

Hardware random number generator

Protected flash memory

Encrypted communications





Memory protection unit

Optional external memory system





Restrict external code accesses




Hardware cryptographic acceleration

Tamper detection,

Secure RTC

Unique chip identifier

Secure key storage,

Unique chip ID

Graphic section divider

Graphic Section Divider

Oracle s internet of things platform

Oracle’s Internet of Things Platform

Complete, Best in Class & Engineered Together


Java on ANY Device or Gateway

Faster, portable and more reliable development

Oracle Middleware and Database

Performance, scalability, security, integration









Oracle Engineered Systems to deliver cloud services and manage Big Data




Iot conceptual architecture

IoT Conceptual Architecture

Device Identity Management

Device Identity & Access Governance

Smart Sensor

Device Communications Management

Device Management

Core Network

Wired Sensor

Big Data

Regional Network


Capillary Networks


Data Routing & Analysis


Wireless Sensor

Enterprise Service Bus & Business Intelligence



WSN: Wireless Sensor Network

Oracle iot security solution

Oracle IoT Security Solution

Key Features

Onboarding & Enrollment

  • Mutual authentication between devices and server

  • Confidentiality of data transfer over multi-protocol networks

  • Device data management

  • Governance of trust relationships in IoT networks

  • Device applications provisioning & management

Authentication & Authorization

Device Metadata & Control

Policy & Key Management

Application Management & Provisioning

Device management

Device Management

  • Must be remote

    • “Man with USB stick in pocket” is not the right admin model

  • Must be secure

  • Must be scalable

  • Must work with “sleeping devices”



  • Important for managing entities within an IoT solution

    • Device

    • Tenant

    • Application

  • Secure device registration process

  • Central management of policies, relationships and rules

  • Key management on a massive scale

Multi tenancy


  • Applications from many different vendors

  • Need to be separated

  • But able to share when required

Trusted execution environment

Trusted Execution Environment

  • Secure element integrated into the chipset

  • Separated from the rich OS

  • Can store secrets and use them to operate on data

  • Secrets never leave the TEE

  • Secure local storage of trust information



  • Trust is key for IoT

  • Everything has to be secure to enable implicit trust

  • Identity is one ingredient for securing IoT and building trust

  • Login