Digital Twins: the Ultimate in Internet of Things Real-Time Monitoring

Get ready for the age when every product will have a “digital twin” back at the manufacturer, a perfect copy of not just the product as it left the factory floor, but as it is functioning in the field right now. That will be yet another IoT game-changer in terms of my 4th IoT Essential Truth, “rethink products.”

Oh, and did I forget to mention that we’ll each have a personal body twin from birth, to improve our health?

For the first time we’ll really understand products, how they work, what’s needed to improve them, and even how they may be tweaked once they’re thousands of miles from the factory, to add new features, fix problems, and/or optimize efficiency.

Key to circular organizations

Even better, the twin can play a critical role in accomplishing my vision of new circular organizations (replacing obsolete hierarchies and linear processes), in which all relevant departments and functions (and even supply chain members, distribution networks and customers, where relevant) form a continuous circle with real-time IoT data as the hub).  Think of the twin as one of those manifestations of the real-time data to which all departments will have simultaneous access.

GE Digital Twin visualization

               GE Digital Twin visualization

I’ve often remarked how incredible it was that companies (especially manufacturers) were able to function as well as they did and produce products as functional as they were despite the inability to peek inside them and really understand their operations and/or problems. Bravo, industrial pioneers!

However, that’s no longer good enough, and that’s where digital twins come in.  In a WSJ blog post this week, General Electric’s William Ruh, my fav IoT visionary/pragmatist, talked about how the company, as part of its “Industrial Internet” transformation, is making digital twins a key tool:

“Every product out there will have one, and there will be an ability to connect a system, or systems of digital twins, easily. The digital twin is a model of an asset, a product such as a jet engine or a model of the blades in a jet engine. Sensors on those blades pull the data off and feed them into the digital twin. The digital twin is kept current with the data that is run off the sensors. It is in sync with the reality of the blade. Now we can ask what is the best time to change the blade, how the blade performs, options to get greater efficiency.”

Proof of the pudding?

Ruh says they’ve created a wind turbine and twin they call the “Digital Windfarm,” which generates 20% more electricity than a nearby conventional turbine.

PTC is also working on digital twins. According to the company’s Executive VP for Digital Twin, Mike Campbell,:  “It’s a model that uniquely represents a physical occurrence in the real world. This one-­to­one mapping is important. You create a relationship between the digital data and a unique product occurrence from a variety of sources: sensors, enterprise data on how it was made, what its configuration was, its geometry, how it is being used, and how it is being serviced.”

Predix

The key to digital twins is GE’s “Predix” predictive analytics software platform, which the company is extending across its entire product line. As always, the key is a constant stream of real-time data:

“weather, component messages, service reports, performance of similar models in GE’s fleets—a predictive model is built and the data collected is turned into actionable insights. This model can perform advanced planning, such as forecasting a ‘plan of the day’ for turbine operation, determining a highly efficient strategy to execute planned maintenance activities, and providing warnings about upcoming unplanned maintenance events, all of which ultimately generates more output and revenue for the customer.”

Digital doppelgängers

Here’s where the really sci-fi part kicks in: Ruh also predicts (Predix??, LOL) that GE’s medical division will soon create digital twins for you and me — at birth!

“I believe we will have a digital twin at birth, and it will take data off of the sensors everybody is running, and that digital twin will predict things for us about disease and cancer and other things. I believe we will end up with health care being the ultimate digital twin. Without it, I believe we will have data but with no outcome, or value.”

And, frankly, there’s also a spooky aspect to what GE’s doing, working with retailers to create psychographic models of customers based on their buying preferences. I’m dubious on that account: I do appreciate some suggestion about what might interest me, especially books, based on my past purchases. On the other hand, a couple of weeks I shopped for — but didn’t buy — biz cards online. Now, I get AdSense ads for these cards everywhere — even on this homepage (sorry for stuff that isn’t IoT, dear reader) Get over it, OK? Count me out when it get’s down to really granular psychographic profiles — too many risks with privacy and security.

I suspect digital twins will become a staple of the IoT, yielding critical real-time info on product status that will enable predictive maintenance and, as Ruh has written elsewhere, speeding the product upgrade process because, for the first time, designers will know exactly how the products are functioning in the field, as opposed to the total lack of information that used to be the norm. Stay tuned.

IoT’s Future Makes iPhone Privacy Case Even More Important

Yesterday’s NYT had the most thoughtful piece I’ve seen about the long-term implications of the FBI’s attempts to get Apple to add a “backdoor” to the iPhone that would allow the agency to examine the data on the phone of terrorist Syed Farook, who, along with his wife, killed 14 late last year.

The growth and potential impact of the Internet of Things on our lives will only make the significance of this landmark case greater over time, and I stand totally with Apple CEO Tim Cook (“this is not a poll, this is about the future”) on what I think is a decision that every thinking person concerned about the growing role of technology in our lives should support. It’s that important!

First, my standard disclaimer about Apple, i.e., that I work part-time at the Apple Store, but know as much as you do about Apple’s decision-making process and have zero impact on it.  Now for a couple of other personal considerations to establish my bona fides on the issue:

  1. I’m pretty certain I was the first person to suggest (via a Boston Globe op-ed two weeks [“Fight Terrorism With Palm Pilots”] or so after 9/11 that the early mobiles could be used to help the public report possible threats and/or respond to terrorism.  Several years later I wrote the first primitive app for first-generation PDAs (“Terrorism Survival Planner”) on the subject, and did consulting work for both the Department of Homeland Security and the CTIA on how first-generation smart phones could be used as part of terrorism prevention.
    I take this possibility seriously, support creative use of smartphone in terrorism preparation and response, and also realize that cellphone contents can not only help document cases, but also possibly prevent future ones.
  2. As I’ve said before, I used to do corporate crisis management consulting, so I understand how fear can cloud people’s judgment on issues of this sort.
  3. I’m also proud to come from a 300+ year line of attorneys, most particularly my younger brother, Charles, who had an award-winning career defending indigent clients on appeal, including many where it might have been tempting to have abridged their civil rights because of the heinous nature of the crimes they were accused of committing.

I like to think of myself as a civil libertarian as well, because I’ve seen too many instances where civil liberties were abridged for one extremely unlikeable person, only to have that serve as precedent for future cases where good people were swallowed up and unjustly convicted  (yea, Innocence Project!).

And this case comes right on the heels of my recent blog posts about how federal authorities such as James Clapper were already taking far too much (IMHO) interest in obtaining a treasure trove of data from our home IoT devices.

All in all, there’s a very real threat that the general public may become rightly paranoid about the potential threats to their privacy from cell phones and IoT devices and toss ’em in the trash can. 


That’s all by way of introduction to Farhad Manjoo’s excellent piece in the Times exploring the subtleties of Apple’s decision to fight the feds (see Tim Cook’s ABC interview here) — with plenty of emphasis on how it would affect confidence in the IoT.

As his lede said:

“To understand what’s at stake in the battle between Apple and the F.B.I. over cracking open a terrorist’s smartphone, it helps to be able to predict the future of the tech industry.”

Manjoo went on to detail the path we’re heading down, in which the IoT will play an increasingly prominent place (hmm: in my ardor for Amazon’s Echo, I’d totally ignored the potential for the feds or bad guys or both [sometimes in our history, they’ve sadly been one and the same, for more details, consider one J. Edgar Hoover..] to use that unobtrusive little cylinder on your kitchen counter to easily monitor everything you and your family say! Chilling, non?).

Read and weep:

“Consider all the technologies we think we want — not just better and more useful phones, but cars that drive themselves, smart assistants you control through voice or household appliances that you can monitor and manage from afar. Many will have cameras, microphones and sensors gathering more data, and an ever more sophisticated mining effort to make sense of it all. Everyday devices will be recording and analyzing your every utterance and action.

“This gets to why tech companies, not to mention we users, should fear the repercussions of the Apple case. Law enforcement officials and their supporters argue that when armed with a valid court order, the cops should never be locked out of any device that might be important in an investigation.

“But if Apple is forced to break its own security to get inside a phone that it had promised users was inviolable, the supposed safety of the always-watching future starts to fall apart. If every device can monitor you, and if they can all be tapped by law enforcement officials under court order, can anyone ever have a truly private conversation? Are we building a world in which there’s no longer any room for keeping secrets?” (my emphasis)

Ominously, he went on to quote Prof. Neil Richards, an expert prognosticator on the growing threats to privacy from our growing dependence on personal technology:

“’This case can’t be a one-time deal,’ said Neil Richards, a professor at the Washington University School of Law. ‘This is about the future.’

“Mr. Richards is the author of “Intellectual Privacy,” a book that examines the dangers of a society in which technology and law conspire to eliminate the possibility of thinking without fear of surveillance. He argues that intellectual creativity depends on a baseline measure of privacy, and that privacy is being eroded by cameras, microphones and sensors we’re all voluntarily surrounding ourselves with.

“’If we care about free expression, we have to care about the ways in which we come up with interesting things to say in the first place,’ he said. ‘And if we are always monitored, always watched, always recorded, we’re going to be much more reluctant to experiment with controversial, eccentric, weird, ‘deviant’ ideas — and most of the ideas that we care about deeply were once highly controversial.’”

Manjoo also points out that laws on these issues often lag years behind technology (see what Rep. Ted Lieu, one of only four Representatives to have studied computer science, said about the issue).

Chris Sogogian, the ACLU’s chief technologist, brings it home squarely to the IoT’s future:

“’What we really need for the Internet of Things to not turn into the Internet of Surveillance is a clear ruling that says that the companies we’re inviting into our homes and bedrooms cannot be conscripted to turn their products into roving bugs for the F.B.I.,’ he said.”

Indeed, and, as I’ve said before, it behooves IoT companies to both build in tough privacy and security protections themselves, and become actively involved in coalitions such as the Online Trust Alliance.

The whole article is great, and I strongly urge you to read the whole thing.

IMHO, this case is a call to arms for the IoT industry, and the hottest places in hell will be reserved for those who continue to sit at their laptops planning their latest cool app and/or device, without becoming involved in collaborative efforts to find detailed solutions that preserve our personal privacy and civil liberties on one hand, and, on the other, realize there’s a legitimate need to use the same technology to catch bad guys and protect us. It will take years, and it will require really, really hard work.


Oh, and it will also take the wisdom of Solomon for the courts to judge these issues. Sorry to be a partisan, but please feel free to let Sen. McConnell know how you feel about his unilateral decision to keep the Supreme Court deadlocked on this and other crucial issues for well over a year. Yes, even King Solomon couldn’t get past the Senate this year…

Internet of Things Can Pay Off for Small & Medium Businesses Too

Think again, if you’re a small and medium-sized business (SMB) that is holding back on Internet of Things projects until the price of software and components such as sensors came down and the technology is more robust!

INEX Advisors’ IoT Impact LABS, an accelerator program in New Bedford, MA brings together IoT startups, top technology and industrial suppliers such as Analog Devices, Dell, and PTC/ ThingWORX, plus legal and policy experts to use the IoT help innovative, sustainable small and medium-sized businesses in the region in fields such as “smart cities,” food and agriculture, water and maritime, and energy and transportation.

One is particularly noteworthy because it is bringing fishing into the 21st century.

Island Creek Oysters of Duxbury MA, was plagued by the need to do a five-step, paper-based food safety inspection reporting on variables such as water temperature and pH, that had to be recorded precisely during the two-hour window after low tide when it had to harvest the oysters.  It’s difficult to do both.

The Mass. Department of Fisheries Management brought together INEX and Island Creek to develop a real-time digital program to both monitor the oysters and do the data collection. Chris Rezendes, partner at Inex Advisors, said the department contacted IoT Impact Labs to figure out a digital traceability program for shellfish farmers in Massachusetts, which includes Island Creek’s farm in Duxbury Mass., just a half-hour south of Boston.

IoT Impact Labs put together a solution to enable monitoring of conditions in real time, wirelessly.

“There are just dozens of instrumentation opportunities. That means dozens of opportunities for sensors, and firmware, and connectivity, and analytics vendors,” Rezendes told CRN.

The project included replacing time-consuming human monitoring of more than 60 water pumps with wireless sensors.

The LABS will release more information about the other projects in coming months, and will host one of our Boston/New England IoT Meetups on February 29 in New Bedford (6 PM, 1213 Purchase Street), with speakers including:

  • Dave Wiley, PhD. NOAA, Research Director, Stellwagon National Marine Sanctuary. He has led the development and deployment of sensor buoys and marine mammal tracking, including supporting a recreational marine application based on his team’s work.
  • Dave Duquette, Founder and CEO, Littoral Power Systems which recently closed its Seed Round, including a prestigious ARPA-E grant. Their kinetic energy harvesting systems are breaking ground in tidal energy capture.
  • Brian Coffey, environmental sensing and instrumentation lead at Analog Devices.

 

Day 2, Live Blogging from SAP’s IoT2016 Internet of Things Event

I’m up first this morning, & hope to lift attendees’ vision of what can be achieved with the Internet of Things: sure, cool devices and greater efficiency are great, but there’s so much more: how about total transformation of businesses and the economy, to make them more creative, precise, and even environmentally sustainable?

I’ve just revised my 4 IoT Essential Truths, the heart of my presentation, bumping make privacy and security the highest priority from number 4 to number 1 because of the factors I cited last week. I’ll draw on my background in crisis management to explain to the engineers in attendance, who I’ve found have a problem with accepting fear because it isn’t fact-based, how losing public trust could kill the IoT Golden Goose.

I’ll go on to explain the three other Essential Truths:

  • Share Data (instead of hoarding it, as in the past)
  • Close the Loop (feed that data back so there are no loose ends, and devices become self-regulating
  • Rethink Products so they will contain sensors to feed back data about the products’ real-time status, and/or can now be marketed not as products that are simply sold, but services that both provide additional benefits to customers while also creating new revenue streams for the manufacturer.

I’ll stress that these aren’t just truisms, but really difficult paradigm shifts to accomplish. They’re worth it, however, because making these changes a reality will allow us to leave behind old hierarchical and linear organizational structures that made sense in an age of limited and hard-t0-share data. Instead, we can follow the lead of W.L. Gore and its cyclical “lattice management,” in which — for the first time — everyone can get the real-time data they need to do their jobs better and make better decisions. Equally important, everyone can share this data in real time, breaking down information silos and encouraging collaboration, both within a company and with its supply chain and distribution network — and even with customers.

Amen.


Back with Michael Lynch of SAP!

  • we can change the world and enhance our understanding greater than ever.
  • can help us solve global warming.
  • great case study on heavy truck predictive maintenance in GoldCorp Canadian gold mines.
  • IoT maturity curve:
  • Critical question: who are you in a connected future?  Can lead to re-imaginging your corporate role.
  • UnderArmour is now embedding monitors into clothing.
  • Tennant makes cleaning equipment. Big problem with lost machines, now can find them quickly.
  • Asset Intelligence Network — Facebook for heavy equipment — SAP will launch soon.
  • example of a tractor company that’s moving to a “solutions-based enterprise.” What is the smallest increment of what you do that you could charge customer. Like the turbine companies charging for thrust.

SAP strategy:

  • “Our solution strategy is to grow by IoT-enabling core industry, and providing next generation solutions for millions of human users, while expanding our platform market by adding devices.”
  • they have an amazing next-gen. digital platform. More data flow through there than Alibaba & Amazon!
  • CenterPoint Energy — correlating all sorts of data such as smart meter & weather. Better forecasting.
  • Doing a new home-based diabetes monitoring system with Roche.
  • Doing a lot of predictive maintenance.
  • Connected mining.
  • Building blocks:
    • Connect (SAP IoT Starter Kit)
    • Transform
    • Re-imagine

Ending the day with my presentation on first steps for companies to take in beginning an IoT strategy, with special emphasis on applying analytical tools such as HANA to your current operations, and building “precision operations” by giving everyone who needs it real-time data to improve their job performance and decision-making. Much of the presentation will focus on GE, with its “Brilliant Factories” initiative!

Live Blogging from SAP’s HANA IoT event

Hmm. Never been to Vegas before: seems designed to bring out the New England Puritan in me. I’ll pass on opulence, thank you very much…

 SAP HANA/ IoT Conference

SAP HANA/ IoT Conference

Up front, very interested in a handout from Deloitte, “Beyond Linear,” which really is in line with speech I’ll give here tomorrow on the IoT “Essential Truths,” in which one of my four key points will be that we need to abandon the old, linear flow of data for a continuous cyclical one.  According to Deloitte’s Jag Bandia,

“Among users with a complete, 360-degree view of relevant data for each specific process can help avoid missed opportunities. The ‘all data’ approach means relevant data can and should come from anywhere — any application, any system, any process — not just the traditional channels associated with the process.”

Bravo!

First speaker: SAP Global Customers Operations CTO Ifran Khan:

  • “digital disruption”: catalyst for change & imperative to go digital.
  • digression about running going digital (I put in my 30 minutes this morning!!!), creating a totally new way of exercising (fits beautifully with “Smart Aging“!)
  • new macro tech trends are enabling digitalizations: hyper-connectivity, super computing, cloud computing, smart world, and cybersecurity (horrifying stat about how many USB sticks were left in dry cleaning!)
  • those who don’t go digital will go under…. (like John Chambers’ warning about IoT).
  • new opportunities in wide range of industries
  • need new digital architectures — “driving locality of data, integrated as deep as possible into the engine.
  • HOLY COW! He starts talking about a circular, digitally-centered concept, with a buckyball visual.  Yikes: great minds think alike.
  • sez HANA allows a single platform for all digital enterprise computing.
  • running things in real-time, with no latency — music to my ears!

Jayne Landry, SAP:

  • too few in enterprise have real-time access to analytics — oh yeah!
  • “analytics for everyone”
  • “own the outcome”
  • “be the one to know”
  • SAP Cloud for Analytics — “all analytics capabilities in one product.” real-time, embedded, consumer-grade user experience, cloud-based. Looking forward to seeing this one!
  • “Digital Boardroom” — instant insight. Same info available to board also available to shopfloor — oh yeah — democratizing data!

Very funny bit by Ty Miller on using SAP Cloud for Analytics to analyze Area 51 data. Woo Woo!

Ifran Khan again:

  • how to bring it to the masses? Because it’s expensive and difficult to maintain on the premises, extend and build in cloud! Add new “micro services” to SAP HANA cloud platform: SAP Application Integration, Tax Service, Procurement, Customer Engagement, Predictive, and, ta da, IoT.
  • video of Hamburg Port Authority. Absolutely love that and what they’re doing with construction sites!

Jan Jackman, IBM:

  • customers want speed. Cloud is essential. IBM & HANA are partners in cloud…

This guy is sooo neat: Michael Lynch, IoT Extended Supply Chain for SAP (and former opera student!):

  • “Connecting information, people, and things is greatest resource ever to drive insightful action.”
  • “big deal is the big data processing potential is real & chips are cheaper, so you can build actual business solutions”
  • STILL gmbh (forklifts) great example!
  • phase 1: connect w/ billions of internet-enabled things to gain new insights
  • phase II: transform the way you make decisions and take action
  • phase III: re-imagine your customer’s experience.
  • they do design thinking workshops — would luv one of those!
  • great paradigm shift: Hagleitner commercial bathroom supplies
  • Kaeser compressors: re-imaging customer service
  • working with several German car companies on enabling connected driving
  • once again, the  Hamburg Port Authority!!

SAP’s strategy:

  • offers IoT apps. platforms, and facilitates extensions of IoT solutions
  • work closely with Siemens: he’s talked with them about turbine business.
  • SAP has several solutions for IoT
  • Cloud-based predictive maintenance!
  • “social network for assets”: Asset Intelligence Network
  • They did the Harley York PA plant! — one line, 21-day per bike to 6 hrs.  (displays all around the plant with KPIs)
  • 5 layers of connectivity in manufacturing “shop floor to top floor”  SAP Connected Manufacturing
  • They have a IoT Starter Kit — neat
  • SAP Manufacturing Integration and Intelligence
  • SAP Plant Connectivity
  • SAP Event Stream Processor
  • SAP MobiLink
  • SAP SQL Anywhere/SAP ultralite
  • 3rd Party IoT Device Cloud (had never heard of “device cloud” concept — specialize in various industry verticals).

“Becoming an Insight-Driven Organization”  Speakers: Jag Bandla and Chris Dinkel of Deloitte.

  • Deloitte is using these techniques internally to make Deloitte “insight-driven”
  • “an insight-driven organization (IDO) is one which embeds analysis, data, and reasoning into every step of the decision-making process.” music to my ears!
  • emphasis on actionable insight
  • “when humans rely on their own experiences and knowledge, augmented by a stream of analytics-driven insights, the impact on value can be exponential”
  • benefits to becoming an IDO:
    • faster decisions
    • increased revenue
    • decreased cost of decision making
  • challenges:
    • lack of proper tech to capture
    • oooh: leaders who don’t understand the data…
  • 5 enabling capabilities:
    • strategy
    • people
    • process
    • data
    • tech
  • developing vision for analytics
  • Key questions: (only get a few..)
    • what are key purchase drivers for our customers?
    • how should we promote customer loyalty?
    • what customer sentiments are being expressed on social media?
    • how much should we invest in innovation?
  • Value drivers:
    • strategic alignment
    • revenue growth
    • cost reduction
    • margin improvement
    • tech
    • regulation/compliance
  • Organize for success (hmm: I don’t agree with any of these: want to decentralize while everyone is linked on a real-time basis):
    • centralized (don’t like this one, with all analyzed in one central group.. decentralize and empower!)
    • consulting: analysts are centralized, but act as internal consultants
    • center of excellence: central entity coordinates community of analysts across company
    • functional: analysts in functions such as marketing & supply chain
    • dispersed: analysts scattered across organization, little coordination
  • Hire right people! “Professionals who can deliver data-backed insights that create business value — and not just crunch numbers — are the lifeblood of an Insight-Driven Organization”
    • strong quantitative skills
    • strong biz & content skills (understand content and context)
    • strong data modeling & management skills
    • strong IT skills
    • strong creative design skills (yea: techies often overlook the cool design guys & gals)
  • Change the mindset (critical, IMHO!):
    • Communicate: build compelling picture of future to steer people in right direction.
    • Advocate: develop cohort of leaders to advocate for program.
    • Active Engagement: engage key figures to create pull for the program
    • Mobilize: mobilize right team across the organization.
  • How do you actually do it? 
    • improve insight-to-impact with “Exponential Biz Processes” — must rebuild existing business processes!  Involves digital user experience, biz process management, enterprise science, all data, and IT modernization.
      • re-engineer processes from ground up
      • develop intuitive, smart processes
      • enable exception-based management
  • Data:
    • “dark data:” digital exhaust, etc. might be hidden somewhere, but still actionable.
      • they use it for IoT: predictive personalization (not sure I get that straight…).
    • want to have well-defined data governance organization: standards, data quality, etc.
  • Technology: digital core (workforce engagement, big data & IoT, supplier collaboration, customer experience
    • HANA
  • Switch to digital delivery: visualizations are key!
    • allow for faster observations of trends & patterns
    • improve understanding & retention of info
    • empower embedded feeds and user engagement

 

IoT and the Data-Driven Enterprise: Bob Mahoney, Red Hat & Sid Sipes, Sr. Director of Edge Computing, SAP

  • What’s driving enterprise IoT?
    • more connected devices
    • non-traditional interactions such as M2M and H2M
    • ubiquitous internet connectivity
    • affordable bandwidth
    • cloud computing
    • standards-based and open-source software
  • Biz benefits:
    • economic gains
    • new revenue streams (such as sale of jet turbine data)
    • regulatory compliance
    • efficiencies and productivity
    • ecological impact
    • customer satisfaction
  • example of Positive Train Control systems to avert collisions. Now, that can be replaced by “smarter train tech”
  • SAP and edge computing (can’t move all of HANA to edge, but..)
    • improve security in transmission
    • reduce bandwidth need
    • what if connection goes down
    • actual analysis at the edge
    • allows much quicker response than sending it to corporate, analyzing & send it back
    • keep it simple
    • focused on, but not limited to, IoT
  • they can run SQL anywhere on IoT, including edge: SQL Anywhere
  • Red Hat & SAP doing interesting combination for retail, with iBeacons, video heat map & location tracking: yields real insights into consumer behavior.

Even More Reason to Boost Internet of Things Security: Feds Spying

As if there wasn’t already enough reason to make privacy and security your top IoT priority (see what I wrote earlier this week), now there’s more evidence Uncle Sam may be accessing your IoT data as part of its overall surveillance efforts (MEMO to NSA Director: we notice the lights at the Stephenson household went on precisely at sunset. Was that a signal to launch Operation Dreadful Winter?).

The Guardian reports that US. Director of National Intelligence James Clapper told the Senate:

“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.”

Shades of former CIA Director David Petraeus, who I noted several years ago was also enamored of smart homes as the motherlode for snooping:

“‘Transformational’ is an overused word, but I do believe it properly applies to these technologies,’ Petraeus enthused, ‘particularly to their effect on clandestine tradecraft.’ All those new online devices are a treasure trove of data if you’re a ‘person of interest’ to the spy community. Once upon a time, spies had to place a bug in your chandelier to hear your conversation. With the rise of the ‘smart home,’ you’d be sending tagged, geolocated data that a spy agency can intercept in real time when you use the lighting app on your phone to adjust your living room’s ambiance. ‘Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters — all connected to the next-generation internet using abundant, low-cost, and high-power computing,’ Petraeus said, ‘the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing.’ Petraeus allowed that these household spy devices ‘change our notions of secrecy’ and prompt a rethink of’ ‘our notions of identity and secrecy.’”

Yikes!

Gathering data on spies, terrorists and other malefactors is always such a double-edged sword: I’m generally in favor of it if there’s demonstrable, objective proof they should be under surveillance (hey, I went to school with uber-spy Aldrich Ames!) but if and when the NSA and CSA start hoovering up gigantic amounts of data on our homes — and, even more questionably, our bodies [though Quantified Self devices] then we’ve got to make certain that privacy and security protections are designed in and tough, and that there is some sort of effective civilian oversight to avoid gratuitous dragnets and trump(ooh, gotta retire that word from my vocabulary)ed up surveillance.

Big Brother is watching … your thermostat!

No Debate: Protecting Privacy and Security Is 1st Internet of Things Priority

This just in: your Internet of Things strategy will fail unless you make data privacy and security the absolute highest priority.

I didn’t always think that way.

Long-time readers know one of my favorite themes is what I call the IoT “Essential Truths,” the key priorities and attitudinal shifts that must be at the heart of all IoT strategies. I’ve always ranked privacy and security the last on the list:

  1. Share Data (instead of hoarding it, as in the past)
  2. Close the Loop (feed that data back so there are no loose ends, and devices become self-regulating:
  3. Redesign Products so they will contain sensors to feed back data about the products’ real-time status, and/or can now be marketed not as products that are simply sold, but services that both provide additional benefits to customers while also creating new revenue streams for the manufacturer.
  4. Make Privacy and Security the Highest Priority, because of the dangers to customers if personal or corporate data becomes available, and because loss of trust will undermine the IoT.

No longer.

I’ve reversed the order: privacy & security must be the precondition for anything else you do with the IoT, because their absence can undermine all your creativity.

      Newsweek article about Shodan

Newsweek article about Shodan

The specific incident that sparked this reordering of priorities was a recent spate of articles about how Shodan (in mid-2013 I blogged about the dangers of having IoT data show up there — did you pay attention??) — the “search engine for the Internet of Things” — had recently added a new feature that makes it easy-peasy to search unsecured webcams for video of everything from sleeping babies to marijuana farms. According to CNBC:

“‘Shodan has started to grab screenshots for various services where the existing text information didn’t provide much information,’ founder John Matherly wrote in an email. ‘This was launched in August 2015 and the various sources for screenshots have expanded since then — one of those recent additions is for webcams.'”

I’ve written before that I feel particularly strongly about this issue because, unlike engineers who are hell-bent on getting their IoT products and services to market ASAP and at as little cost as possible, I have an extensive background before my IoT days as a crisis management consultant to Fortune 100 companies that had screwed up big time, l0st public trust, and now had to earn it back. As a result, I see IoT privacy and security threats differently.

As I’ve said, a lot of engineers — as left-brained and analytical as I am right-brained and intuitive — simply don’t understand factors such as the fear parents feel when their sleeping babies can be seen anywhere and creeps can yell obscenities at them. After all, fear isn’t factual, its emotional. However, that can no longer be an excuse.

No more Mr. Nice Guy! you must make privacy and security a priority on the first day you brainstorm your new IoT product or service, or you risk losing everything.

As cyber-security expert Paul Roberts says:

“The Internet of Things means that the impact of cyber attacks will now be felt in the physical world and the cost of failing to security IoT endpoints could be measured in human lives, not simply zeroes and ones.
“Like any land grab, the rush to own a piece of the Internet of Things is chaotic and characterized by the trampling of more than a few treasured and valued principles: privacy, security, accountability. As companies clamor to develop the next Nest Thermostat or simply to whitewash aging gear with a web interface and companion mobile app, they’re conveniently forgetting the lessons of the past two decades.”
The key is “security by design.”As Gulio Corragio puts it:
“the principle of data protection by design requires data protection to be embedded within the entire life cycle of the technology, from the very early design stage, right through to its ultimate deployment, use and final disposal. This should also include the responsibility for the products and services used by the controller or processor….
The benefits include:
  • “limit the risk that Internet of Things devices are deemed not compliant with privacy laws avoiding sanctions that under the new EU Privacy Regulation will reach 5% of the global turnover;
  • reducing the potential liabilities deriving from cybercrimes since data breaches have to be reported to privacy regulators only if the data controller is unable to prove to have adopted the security measures adequate to the data processing and
  • exclude liabilities in case of processing of data that are not necessary for the provision of the service also through the usage of anonymization techniques which is relevant especially for B2B suppliers that have no relationship with final users.”

Privacy and security are never-ending requirements for the IoT, because the threats will continue to evolve. Making it a priority from the beginning will reduce the challenge.


I’ll speak on this subject at SAP’s  IoT 2016 Conference, Feb. 16-19, in Las Vegas.