Designed & Made
in America (DMA)

BASIL Networks Blog BN'B | September 2016

26 Sep, 2016

Internet of Things (IoT) -Security, Privacy, Safety-Platform Development Project Part-1

Part 1: Introduction - IoT Core Platform - Setting the Atmosphere

IoT_Main_Index Quick Links

2nd Anniversary Update (Jan 14, 2019)
A lot has transpired since we first started this IoT Platform Development Project series.  We witnessed the 2 billion records breach mark from multiple companies that contain a lot of PII (Personal Identifying Information) account data.  These records may not show up for some time maybe never, but the fact remains that many have now been enlightened that the Internet is not private at all.

Technology Connects Everything
The market introduced listening and camera devices that are able to listen and monitor our movements and issue commands to devices connected to the Internet, not to ignore the smart phones already tracking data.  The things to keep in mind here is for these listening and camera devices the data is going to some third party and being sold to other third party marketers to send advertising on the go for profit.  That means that your gestures and voices are stored and shared with multiple unknown third parties.  Now think of ordering products through this audio/visual device and giving personal information to these unknown third party data gatherers.  Oh by the way make sure the TV in the bedroom is off, oops!

Now enter the Internet of Things, everything interconnected and beyond with IPv6 huge addressing capability, security and privacy is gaining high visibility as the predominate issue.  The privacy and security issue is not just for the home environment is extends to the industry, from transportation, retail, marketing, engineering and more.  The world of access through IoT sensors of all types, video, audio, control networks like traffic lights, electric grids and municipal utilities that monitor and control the safety of our everyday lives.  Ok, enough of Gloom and Doom.

Wireless Communication Networks
Now the unspoken good bad and ugly of the new "5G" network.  Look, all companies have a right to monitor their product usage, especially if there product entails Power, Time, and Bandwidth as product entities.  Encouraging the monitoring of competitive products brings the best results in a competitive free market environment.  What we also encourage is accountability for product safety!!!  

I have been following the 5G network development for a some time and would not comment on it until there were substantial facts to present, vetted by recognized accountable scientists and medical professionals.  Well here is the 2nd annual update to this blog about the IoT which includes the new 5G smart phone.  

OK, the last thing we want here is another global warming controversy, lets stick to the scientific facts only, to date (Jan 1, 2019) 240 Scientists and doctors in 41 nations have published research findings on the 5G technology, (vetted at   Cell Phones 5G Network Health Risks.  OK we went through this as well with 3G, 4G networks as stated in the publications.  Granted there have been cases of health issues with the wearable devices incorporating 3G and 4G and they are isolated to a specific locations and use.  

This brings up the next fact, 3G and 4G are different transmission technologies than 5G transmission technologies and BASE stations are in unique locations that are generally away from direct proximity of residential areas.  As for the technology, RF (Radio Frequency) transmission from a cell phone is low power generally under 1 watt, however from a BASE station since it is a Power/Bandwidth transmitter the power is higher; however, the power is transmitted along with the transmit methodology differ as well as antenna designs.

So: Why does this matter?  How does it affect my health?
OK, we have been living with cell phones for over 20 years now and there have been some health issues as with every new technology that comes on board.   A problem with relating illness with a conclusive source is the variances in lifestyles as well as conditional parameters of use, diet etc. of all the individuals that use them. So let me try and break this down to understand this a bit better.  To start I have many years in NMR (Nuclear Resonance Spectroscopy, IR (Infrared Spectrophotometry) sonar, ultrasonic's and frequency modulation and generation for the analog and digital world, (Wooppiiee, so what does that have to do with the facts?).  

All matter has what is called a resonance (parallel or series) frequency that will (absorb, pass or reflect) energy, this includes all life as we know life that is a breathing biological "earth" entity.  Solids also have a resonance frequency as shown many times by the old breaking a glass with a sound-waves experiment.  

So, if the energy is reflective or passive when it comes in contact with an objects surface there will be very little effect on the internal structure past the objects surface, hence: it either bounces off or just passes through the object without any absorption of the transmitted energy.  Just like the glass will only break if the frequency is resonance to the glasses material structure.  

At resonance the energy is absorbed, when enough energy is absorbed within the glass structure the structure becomes compromised and resonates and literally shakes itself apart and shatters.  Now keeping this concept in mind and applying it to biological life form structures is where we get similar disruptions with how the biological structures react to this intrusion of energy.

Biological's and Energy Absorption
Low power radiation produced by low power RF fields seems to be passive or is handled by the biological's anti-intrusion mechanism, that is until we start to focus the energy, like 24/7 connected wireless cell phone headsets while we holster the cell phone on our side day in and day out.  Because of the low power this would take years on some people to create a health issue if any depending on the individual diets, exercise etc., yes, diet is an effective means for neutralizing small doses of radiation poisoning, do an Internet search on Iodine and other minerals that the body absorbs.

Now the 4G and 5G broad band network, base frequencies for 3G range 2GHz to 8GHz, while 5G range 3GHz to 300Ghz.  As we see there is a wide overlap of frequencies that are used to define the range characteristics of the technology as defined in   Hence: 4G is incorporated as part of the 5G network to address various bandwidths within the communications range.  OK, now, when you start to get beyond reasonable RF frequencies, radiation tends to have a greater effect on the biological's of a living organism.

Electromagnetic Absorbtion by Water  and "wait for it" --  the body is made up of about 80% water - oops!.  The real issue arises with the 5G channel frequencies that are used within the GigaHertz frequency ranges of the technology,  the 2MHz to 10GHz that makes up the digital bandwidth modulation schemes.   These are digital RF pulses (square-waves) being carried on the higher RF base frequency that have many harmonic frequencies as part of the waveforms being transmitted.  These modulation frequencies add to the transmission energy fields being absorbed or reflected that pass through the air in all directions.  

Now, the new 5G uses several of the 4G technologies along with a "focused" transmission technology that will allow the signal to travel along High Tension power lines.  The theory is to put a focused RF base station every 10 or 12 blocks on these transmission line poles.  This is where most of the 5G experimentation has been performed and where much of the health issues have been researched and published.

OK, nice presentation but what does this have to do with our IoT Platfrom Project?
The IoT core platform will incorporate wireless technology!  The issues we will discuss when we enter the wireless peripheral design stage are what wireless technology will be applied and locations it will be applied.  Designing wireless products entails a bit more research than that of direct connect (wired) devices.  

As we read through each of the parts of the series we see how the series direction finds its own way to be incorporated into product development.  As we developed the series we incorporated the typical engineering design approach, "We want it to do everything" alt.  Totally unrealistic, however that is how design engineering mind-sets are wired.  Have to give management credit to bring the blue-skying back down to earth with many discussions on reality.

This IoT Core Platform series developed after we discussed the inner workings of the Internet architecture, "The Information Highway" and progressed from a conceptual blue sky at 50,000 feet and landed safely and was separated into reasonable functional parts that addresses both managerial, marketing, sales and design on just what is involved in the product development of an IoT core platform that is capable of addressing multiple applications.

The IoT Core Platform development series addresses real security issues on privacy, control and safety that the industry has ignored to get the product to the market first.  The old tale of the tortoise and hare race, in this case the briar patch was a bit too dense for the hare.  In the interim of being first on the market, networks have been hacked through IoT devices as coffee maker controllers, fish tank controllers to name a couple and the list goes on.  Hackers are using IoT devices for controlled DDoS APT attacks as well.

I want to sincerely thank all the readers and those that contacted me privately for their support, advice and suggestions to improve this series.

I also want to thank a few for contacting me on some spelling errors on this blog.  I do use a dictionary and a thesaurus, however there are times as a true focused design engineer I fall into the narrow view of the industries classification of engineers and their issue with spelling. Cool
Enjoy the Series - Sal Tuzzo

Where do we start? 
Setting an atmosphere for a topic like this requires solid facts.  It is very important the reader keeps an open mind-set in order to address both positive and negative aspects of this thing called IoT (Internet of Things).

Lets Begin. The techies are not confused; the hackers are not confused at all they see an on-going buffet of opportunities.  However, observations and discussions give the appearance that the average public is totally confused about what IoT is, how it will affect businesses, homes etc. and the questions keep coming.  This series will address the range of what IoT is from the basics to the complex and answer those questions as well as many of the hidden questions that are part of the IoT technology buzz.  Our intent of the series is to enlighten the public on what to look for when purchasing the next generation of appliances that are capable of being monitored through the Internet.  We will start with a short summary with a presentation of facts then advance through actual designs of IoT devices for the technologists out there that are entering into this arena as well as companies that are interested in product development.

The IoT is not a new technology; the acronym arose due to the advancements in chip density technology hence, the amount of features one can put in a single low power integrated circuit.  The higher the chip density the more functions like TCP/IP, Bluetooth, WiFi may be incorporated onto a single low cost chip.  The order of magnitude may be analogous to the first desktop IBM-PC back in August 1981 (64K Memory, 360K floppy disk) to the smart phone today (32Gig Storage, 4Gig software system, Internet, cell Phone network) that is an order of magnitude thousands of times faster and stores millions of times more data, photos etc., at the touch of a screen.  So in summary the IoT is miniaturizing what we already are capable of in larger form factors.

This being said, what is the big deal? 
The IoT issues are not the number of devices, size or the chip density technology being used, those issues are only limited to ones imagination.  The issues for this discussion relating to the IoT are how many ways will these miniature “connected” devices impact our lives?

The many “active” discussions/debates about Internet Privacy, PII (Personal Identifiable Information), accountability and information access have positioned us in the current debacle for lack of a better word.  Every day we read about Internet data breaches and the millions of PII data that has been stolen by groups, countries and of course the unknown/unidentifiable hacker.  To name a big one – Yahoo system has been breached since 2014 to put the breach data combined in 2016 to over 2 billion.

The Big Deal:
The Global IoT market is an overwhelming new business market that will without doubt change the way people live in just about every country and in every social networking group on this planet (”Earth”-Third planet from the Sun J) at this time.  Many web services and social networks already have facial recognition search abilities like Google’s image search and others.  This technology is easily incorporated into and website for photographers, researchers and investigators especially law enforcement.

Information of all types about individual behavior is the businesses gold mine to manipulate and incorporate into our everyday lives to sell product and as well as other “interests”.  Product marketing is a way of life globally, that is fine and has been the mode of operation for centuries.  The “difference” is the way information is collected, stored, and analyzed; who has it, how it is being used and the list goes on.  It is of no surprise that putting facts like this on the table for discussion creates difficulties and in many cases are held in strictly controlled private business meeting.

The quest to change individual mind-sets for product purchases is challenging if not impossible without behavioral data, unless your product is one of those exceptional necessities like soap and a few other sanitary products.  However, stylish or fad type products demand a large marketing effort.  Now just think if you had access to every individual’s personal behavioral habits, likes, dislikes and many other types of personal information and then be able to time your marketing adds to trigger impulse buying.   This is what the new trend in BI (Business Intelligence) and CI (Cognitive Intelligence) is all about.  The IoT devices not only encourage this trend it will make it a norm if the depth of data being monitored is not understood and incorporates some type of accountability.  To date it is not illegal for a business to collect marketing data on their customers or potential customers.  In a public business, stores etc. there are many cameras monitoring the activity of the people entering and purchasing products, how they browse through the store etc.  All Stores are laid out for maximum purchase and actually direct the public through a maze for better product exposure.   Businesses are moving at great speeds to collect and save this data before the courts decide to declare it either unconstitutional and stop the practice or make it officially legal.  Information of this magnitude if allowed on the open network without some type of protection just encourages many other types of behavior including criminal.  When looking at the cost to companies that suffer a data breach and the loss of intellectual property as well as behavioral data give a new level of control for the predator.  Business security weakest link is human behavior as it always has been, be it just neglect, recklessness, disgruntled, begrudged or just not caring about security.

How does this apply to the IoT devices?
The majority (98%) of the current generation of appliances have some sort of micro-controller or microcomputer.  The next generation of appliances will have an enhanced microcomputer that will have embedded Bluetooth, WiFi  or some type of Internet connection that will connect to your local home network or a local public network controlled by the municipalities (SmartGrid).  The home entertainment market is already connected, your smart phone is already connected, game stations are connected all connecting your home network to many other network providers and the list goes on.  Now just think about this for a short time and ask yourself – do you want some person in another country or state able to view when you are washing your clothes, cooking in the kitchen, being able to see your environment inside your house, what temperature you set your thermostat to even listening and storing your conversations while you watch a movie, or while you are driving your vehicle to wherever with your family or friends.  This is just a small introduction of the implications of IoT advanced technology that the legal system has to be prepared to mitigate and hopefully set some sort of guidelines and laws to protect privacy.  This is a double edge sword, on one hand there has to be privacy laws with accountability as well as individual controls to disconnect the IoT devices from the public domain, or disconnect them completely to revert back to manual mode.   The latter is up to the manufacturer and is usually forced on them by the public requirements.   Think if there is no way to disconnect the appliance from the Internet or to completely turn off the wireless connection I wonder how many people would purchase the product.  There have been many attempts to install back doors on private computers in the home and many are still prone – they are called botnets and they infect a smart phone, personal computer, any device with an operating system and are used maliciously for criminal gain.  IoT devices are now part of this arena.  There is no doubt that the automated home is already here and privacy is surfacing more and more and is now a high visibility issue as it should be. 

What Infrastructure Is In Place Now?
The Smart Grid is the main infrastructure network in place nationwide currently the main use is for monitoring and billing utilities, electricity, water and gas.  The Smart Grids main entry point initially is through the Electric meter and incorporates a high power duty cycled transmitter as well as a receiver for other devices to be connected.  The utility companies also use this usage data for load balancing in order to provide a steady service to its customers.  That does not mean that this data is not used for other purposes as well.  The public is not privileged to other type of analysis. 

There have been many complaints about the Smart Grid causing health issues because of the transmission energy levels on continuously timed intervals.  These issues are still being researched and factual data is being gathered and presented to the public and is not well accepted by the utility companies and other businesses that have visions of connecting to the Smart Grid.  You can Google “Smart Grid” and Smart Meter Health Complaints” for more information, be prepared to get a lot of information both good and bad.  The details will enlighten you as to the depth of detailed data being collected. 

What has to be addressed first and at what cost?
The IoT implementation would not happen without the Internet infrastructure upgrade from IPv4 to IPv6, (we will get to that later in the series) which increases the Internet address capability to assign a unique address to every new IoT device that could be imagined for many years.   This infrastructure requires an Internet equipment upgrade that is very costly.

What our research has uncovered is that everyone including governments globally considers IoT to be open game to monitoring everything these products are connected to.  To date there are several of the high end systems in larger companies that perform monitoring of the environmental systems through a network.  In time expect to see many households equipped with custom monitoring systems based on service contracts for these smaller house base systems where the data is collected to private service companies for the “convenience of customers”.

Data Security today is a Risk Management issue and when applied to a product cost it becomes a difficult task to prove the cost effectiveness without an actual breach to reference to.  Therefore in many cases it is held at a lower risk over the product life.  The IoT is in that category and as stated it is open game to all who want to monitor and use that data.  The way this may be controlled is through the end user who either decides during the actual purchases of the product.  If those appliances that have no user control then only the user can decided to buy or not buy and that is if they are aware the connection exists.

Part 2 IPv4  IPv6 - The Ins and Outs of IP Internet Addressing (November 11, 2016) 

IoT_Main_Index Quick Links

Publishing this series on a website or reprinting is authorized by displaying the following, including the hyperlink to BASIL Networks, PLLC either at the beginning or end of each part.

BASIL Networks, PLLC - Internet of Things (IoT) - Security, Privacy, Safety - The Information Plaground Part-1: Setting the Atmosphere for the Series (September 26, 2016)

For Website Link: cut and paste this code:

<p><a href=";articleId=3&amp;blogId=1" target="_blank"> BASIL Networks, PLLC - Internet of Things (IoT) - Security, Privacy, Safety - Platform Development Project Part-1 - <i>Setting the Atmosphere for the Series</i></a> (September 26, 2016)</p>



Sal (JT) Tuzzo - Founder CEO/CTO BASIL Networks, PLLC.
Sal may be contacted directly through this sites Contact Form or
through LinkedIn




Copyright© 1990-2019 BASIL Networks, PLLC. All rights reserved