1. What are the three main parts of Internet of Things (IoT) systems?

Connected devices
Devices are the primary physical objects connected to the system. For Asset Control
Systems, sensors are the components of the device connectivity layer. These smart sensors
are continuously collecting data from the environment and transmit the information to the
next layer. Latest techniques in the semiconductor technology can produce micro smart
sensors for various applications.

Central Control Hardware

A Control Panel manages the two-way data traffic between different networks and
protocols. Another function of the control panel is to translate different network protocols
and make sure interoperability of the connected devices and sensors.

Data Cloud
Internet of things creates massive data from devices, applications and users which must be
managed in an efficient way. IoT cloud offers tools to collect, process, manage and store
huge amount of data in real time. Industries and services can easily access these data
remotely and make critical decisions when necessary.

User interface
User interfaces are the visible, tangible part of the IoT system which can be accessible by
users. Designers will have to make sure a well-designed user interface for minimum effort
for users and encourage more interactions.

User interface design has higher significance in today’s competitive market; it often
determines the user whether to choose a particular device or appliance. Users will be
interested in buying new devices or smart gadgets if it is very user-friendly and compatible
with common connectivity standards.

Network Interconnection
The IoT’s major significant trend in recent years is the explosive growth of devices connected
and controlled by the internet. The wide range of applications for IoT technology means that
the specifics can be very different from one device to the next, but there are basic
characteristics shared by most.

There are many technologies that enable IoT. Crucial to the field is the network used to
communicate between devices of an IoT installation, a role that several wireless or wired
technologies may fulfil.

2. List the three benefits of IoT.

Access information
You can easily access data and information that is sitting far from your location, in real time.
This is possible because of the network of devices, a person can access any information
sitting from any part of the globe. This makes it very convenient for people to go about their
work, even if they are not physically present.
 Communication
Better communication is possible over a network of interconnected devices, making the
communication of devices more transparent, which reduces inefficiencies. Processes, where
machine must communicate with each other, are made more efficient and produce better,
faster results. The perfect example for this is machinery at a manufacturing or production
unit.

Cost-effective
As mentioned in the point above, communication between electronic devices is made easier
because of IoT. This helps people in daily tasks. Transferring data packets over a connected
network save time and money. The same data that would take a long time to transfer can
now be done much faster, thanks to IoT.
3. What are the major security concerns related to IoT?

A) Lack of Compliance on The Part of IoT Manufacturers

New IoT devices come out almost daily, all with undiscovered vulnerabilities. The primary
source of most IoT security issues is that manufacturers do not spend enough time and
resources on security.

For example, most fitness trackers with Bluetooth remain visible after the first pairing, a
smart refrigerator can expose Gmail login credentials, and a smart fingerprint padlock can be
accessed with a Bluetooth key that has the same MAC address as the padlock device.

This is precisely one of the biggest security issues with IoT. While there is a lack of universal
IoT security standards, manufacturers will continue creating devices with poor security.
Manufacturers that started to add Internet connection to their devices do not always have
the “security” concept as the crucial element in their product design process.

The following are some security risks in IoT devices from manufacturers:

Weak, guessable, or hard-coded passwords

Hardware issues
Lack of a secure update mechanism
Old and unpatched embedded operating systems and software
Insecure data transfer and storage
IoT Security Issues
A smart thermostat

B) Lack of User Knowledge & Awareness.

Over the years, Internet users have learnt how to avoid spam or phishing emails, perform
virus scans on their PCs, and secure their WIFI networks with strong passwords.

But IoT is a new technology, and people still do not know much about it. While most of the
risks of IoT security issues are still on the manufacturing side, users and businesses processes
can create bigger threats. One of the biggest IoT security risks and challenges is the user’s
ignorance and lack of awareness of the IoT functionality. As a result, everybody is put at risk.
Tricking a human is, most of the time, the easiest way to gain access to a network. A type of
IoT security risk that is often overlooked is social engineering attacks. Instead of targeting
devices, a hacker targets a human, using the IoT.

Social engineering was used in the 2010 Stuxnet attack against a nuclear facility in Iran. The
attack was directed to industrial programmable logic controllers (PLCs), which also fall into
an IoT device category. The attack corrupted 1,000 centrifuges and made the plant explode.
It is believed that the internal network was isolated from the public network to avoid
attacks, but all it took was a worker to plug a USB flash drive into one of the internal
computers.

C) IoT Security Problems in Device Update Management

Another source of IoT security risks is insecure software or firmware. Although a
manufacturer can sell a device with the latest software update, it is almost inevitable that
new vulnerabilities will come out.

Updates are critical for maintaining security on IoT devices. They should be updated right
after new vulnerabilities are discovered. Still, as compared with smartphones or computers
that get automatic updates, some IoT devices continue being used without the necessary
updates.

Another risk is that during an update, a device will send its backup out to the cloud and will
suffer a short downtime. If the connection is unencrypted and the update files are
unprotected, a hacker could steal sensitive information.

D) Lack of Physical Hardening

The lack of physical hardening can also cause IoT security issues. Although some IoT devices
should be able to operate autonomously without any intervention from a user, they need to
be physically secured from outer threats. Sometimes, these devices can be in remote
locations for long stretches of time, and they could be physically tampered with, for example
using a USB flash drive with Malware.

Ensuring the physical security of an IoT device begins from the manufacturer. But building
secure sensors and transmitters in the already low-cost devices is a challenging task for
manufacturers, nonetheless.

Users are also responsible for keeping IoT devices physically secured. A smart motion sensor
or a video camera that sits outside a house could be tampered with if not properly
protected.

E) Botnet Attacks
A single IoT device infected with malware does not pose any real threat; it is a collection of
them that can bring down anything. To perform a botnet attack, a hacker creates an army of
bots by infecting them with malware and directs them to send thousands of requests per
second to bring down the target.
 Much of the uproar about IoT security began after the Mirai bot attack in 2016. Multiple
DDoS (Distributed Denial of Service) attacks using hundreds of thousands of IP cameras,
NAS, and home routers were infected and directed to bring down the DNS that provided
services to platforms like GitHub, Twitter, Reddit, Netflix, and Airbnb.

4. Identify the top five Machine to Machine (M2M) applications in the world?

a) Consumer automotive. These applications have been around for over two decades
now.
b) Alarm and security. Our first customer in 1997 was an alarm manufacturer, who
deployed a backup communications service using our cellular network.
c) Fleet/Trucking. Applications for data gathering and transmissions to the truck are
natural for using a cellular network service.
d) Utility and grid. Meter reading, grid management, etc. are common growth areas -
not just cellular, but also alternatives like mesh networks.
e) Remote data gathering and control. Access to heavy remote equipment, have been
using cellular M2M services - almost as long as the consumer automotive industry.

5. How might Internet Address (IPv6) affect the development and implementation of the
Internet of Things (IoT)?

A potential barrier to the development of IoT is the technical limitations of the version of the
Internet Protocol (IP) that is used most widely. IP is the set of rules that computers use to
send and receive information via the Internet, including the unique address that each
connected device or object must have to communicate. Version 4 (IPv4) is currently in
widest use. It can accommodate about four billion addresses, and it is close to saturation,
with few new addresses available in many parts of the world.

Some observers predict that Internet traffic will grow faster for IoT objects than any other
kind of device over the next five years, with more than 25 billion IoT objects in use by
2020,76 and perhaps 50 billion devices altogether. IPv4 appears unlikely to meet that
growing demand, even with the use of workarounds such as methods for sharing IP
addresses.

Version 6 (IPv6) allows for a huge increase in the number IP addresses. With IPv4, the
maximum number of unique addresses, 4.2 billion, is not enough to provide even one
address for each of the 7.3 billion people on Earth. IPv6, in contrast, will accommodate over
1038 addresses? more than a trillion trillion per person.

It is highly likely that to accommodate the anticipated growth in the numbers of Internet-
connected objects, IPv6 will have to be implemented broadly. It has been available since
1999 but was not formally launched until 2012. In most countries, fewer than 10% of IP
addresses were in IPv6 as of September 2015. Adoption is highest in some European
countries and in the United States, where adoption has doubled in the past year to about
20%.

Globally, adoption has doubled annually since 2011, to about 7% of addresses in mid-2015.
While growth in adoption is expected to continue, it is not yet clear whether the rate of
growth will be enough to accommodate the expected growth in the IoT. That will depend on
several factors, including replacement of some older systems and applications that cannot
handle IPv6 addresses, resolution of security issues associated with the transition, and
availability of enough resources for deployment.

Efforts to transition federal systems to IPv6 began more than a decade ago. According to
estimates by NIST, adoption for public-facing services has been much greater within the
federal government than within industry or academia. However, adoption varies
substantially among agencies, and some data suggest that federal adoption plateaued in
2012. Data were not available for this report on domains that are not public-facing, and it is
not clear whether adoption of IPv6 by federal agencies will affect their deployment of IoT
applications.