Digital Key

Digital security will protect our connected devices from theft

Digital security will protect our connected
devices from theft


There has been much media attention applied to the massive hacking of various web sites to steal data. A lot less attention has been showered on the thieves that use radio receivers to capture and duplicate the electronic codes used for key-less car ignition. As a prudent strategy if you own a car that does not have a physical key, you should always avoid using the remote to lock the vehicle. This is especially true in a parking lot where it is impossible to detect whether a car thief is lurking in a nearby car. The current reality is unfortunate because our smart phones have the potential to increase security. It will take a lot more sophistication than we currently apply. We may need to delay the disabling of the device for a few days to enable a return trip home on a electric bicycle when your cell phone has died.
Electric bikes are less attractive as a theft target  if they become disabled

Electric bikes are less attractive as a theft target if they become disabled


Just like insurance has a cost, it may be necessary to subscribe to a cloud security service. Within the cloud it is possible to store unique key codes series for each device. The location capability of the cell phone system, combined with a suitable app, can create a cloud based log that records the cell phone number and when and where the device was unlocked which will enable multiple users. We will hear stories about stupid thieves who use their cell phone to activate stolen devices.
As a teenage at Halloween, we thought it was funny to do a drive-by garage door opener run. This worked because the system was based on only a few codes, and a collection of remotes would result in enough matches to be fun. If the activation codes are ever changing, there is no advantage in thieves listening in. Thieves who use a radio (or blue tooth) to obtain a code will discover that it has been changed. In the transition period, not everyone will want to use a cell phone based key. A chip key should also be included such that the device is active when it is plugged in. Obviously, the advantage of the cloud database is that it becomes possible to sell replacement keys. The cell phone based replacement can happen quickly but a physical chip based key requires delivery. We can all relate to loosing a key sometime or other.

SaaS- Software as a Service

You shall enjoy the fruit of your labor

You shall enjoy the fruit of your labor


We are migrating to an economy where more of our intellectual property is embodied in digital format. The practitioners who create this intellectual property are not second class people who are undeserving of the fruits of their labor. Even though the developers who created companies like Twitter were compensated, the venture capitalists who funded this style business model are running out of money. I am aware that many of these start-ups planned an advertising funded business model. However, the available total advertising dollars available means that less than 25% of them will survive. Since the first world nations elected to offshore their manufacturing, insuring that compensation is paid for intellectual property is even more important in reversing balance of trade deficits and eventual bankruptcy.
US trade balance

US trade balance


Enter the SaaS- Software as a Service business model. We are aware that most of the creation cost of intellectual property in digital form is spent making the first copy. Our modern communication and computer technology has reduced the cost of making duplicate copies to almost nothing. This has resulted in an elimination of more than 1/2 of the revenue stream in fields like music, motion pictures and pharmaceuticals. Having seen the fruits of the efforts to create intellectual property siphoned away, prudent planners choose to insure that they will retain the fruits of their effort. “Sometimes the questions are COMPLICATED and the answers are SIMPLE” Dr Seuss Geisel. People who need food on their table and roofs over their heads cannot afford to give away the effort that funds their life. New software will only be sold as SaaS. The development effort to create the first copy will be shared by all users because it will be the only copy. Unfortunately, SaaS is too late for Windows 95, Android, Office that already have generic copies in the marketplace. It is too late to close the barn door after the horses have left. Some of the first SaaS offerings will be in Internet Security. The current system of maintaining defenses on everyone’s computer will fade. The embedded back doors in the basic computer operating systems are the problem. Once the intruders use the back doors to gain control, the first action they perform disables the defenses. Users who wish to enjoy the benefits of secure data and reliable computer operation will discover that SaaS can deliver a service that isolates them from the web hackers and dangers using encrypted links. All communication to the unprotected web will be routed through the proxy server with a resident up to the date SaaS protection program. It is very possible that it will be necessary in the short term to add Wifi or internet dongles to circumvent the unsecured communication hardware that came with the users device. I can picture the entire industry migrating back to a new variation of its roots. In the very beginning, computer users used dumb telex machines to interact with time-sharing computers that housed all of the programs and data.
A Teletype Model ASR_32 by Jamie-Flickr

A Teletype Model ASR_32 by Jamie-Flickr

Industrial Demilitarized Zone

Korean DMZ -picture by Lim Yeongsik search operation Korean armed forces

Korean DMZ -picture by Lim Yeongsik search operation Korean armed forces


Just like the north Koreans are continuously trying to penetrate the demilitarized zone, there are hostile elements who use the world wide web as a corridor to attack. Since many historic IoT (Internet of Things) devices have very little protection, a browser program like Shodan can crawl the web and create map of connected devices. “Shodan’s been used to find webcams with security so low that you only needed to type an IP address into your browser to peer into people’s homes, security offices, hospital operating rooms, child care centers and drug dealer operations.”Kashmir Hill September 23, 2013 issue of Forbes. The real question is what do you do to protect your castle. it takes thinking in military terms to protect yourself from attack. I am not surprised that this picture of a turnstile was taken within a communist country. Their society has a lot more military control. It is curious that they think youth hostels are where the control is needed.
PERCo Turnstile Territory of student's hotel St Petersburg by Bestar

PERCo Turnstile Territory of student’s hotel St Petersburg by Bestar


Camouflage is a great military tactic. After you progress past having wide open door to your industrial control by implementing a second 10/100 gate with a guard post, it is helpful to hide your new entrance in plain sight. In programming terms it is called spoofing. The hackers who are using programs like Shodan ignore you if you appear to be an uninteresting application. A USB to 10/100 converter costs less than US $50. The USB driver programs can be configured such that the echo seen by the search engines looks like a baby monitor for example. The only other major requirement is to invent a quick staged authentication so that a DOS (denial of service) attack does not block the legitimate users from logging onto the system.
A simple USB to 10/100 converter can be programmed as a gate keeper

A simple USB to 10/100 converter can be programmed as a gate keeper

I can picture a time in the very near future when “lights out” manufacturing is IoT enabled. Current impediments such power outages can be remotely corrected if we can trust the remote access.

OBD II – On Board Diagnostics

Modern car repair is guided by IoT on board diagnostics

Modern car repair is guided by IoT on board diagnostics

It is not surprising that the general public is unaware of the user invisible computers running their vehicles. It is a testament to the skill of the automotive engineering community that computer controls were adopted with the care and testing which enabled them to remain hidden in the background. On Board Diagnostics were included within these controls due to the magnanimous donation of thousands of hours to industry committees who hammered out the standards. Access to the “big data” is just the starting point. Many iterations of testing and development are needed to weed out the “false positive” alarms that shake our confidence in the “code”. We evolved from OBD 1 through OBD 1.5 to the OBD II standard that came into effect in 1996. The upgrade to the standardization of OBD II was the result of emission requirements but the industry implementation included useful features such as common connection hardware, standardized diagnostic trouble codes, and access to the computers.
Vehicle computer controls are very sophisticated these days. Artificial intelligence in the form of mapping is used to keep up with the vehicle processes in real time and adjust the response to accomplish better outcomes like lower emissions, better fuel economy, traction control, straight line stopping and smoother ride.

Real time controls choose  their actions using a map like this NASA map which shows where people live.

Real time controls choose their actions using a map like this NASA map which shows where people live.

New values are continuously stored in a digital map which is used to avoid computing from scratch when the same conditions occur in the future.
The embedded On Board Diagnostics are able to spot failures which are above even my talent and vision. More important than that is that they continuously track simple failures
like disconnected wires. My college roomate electrical engineer, stated that there are no electrical failures. There are only mechanical failures. Electricity will flow if you give it a path. On Board Diagnostics is like having a mechanic who rides with you every mile of the way watching for even the simple failures. Nothing is more frustrating than having an intermittent problem that clears up every time you schedule an appointment with the mechanic.
As an automotive engineer and trained auto mechanic, I championed the display of the diagnostic trouble codes in addition to the “idiot light” on the dash panel. Now that I have seen this IoT application evolve, I realize that simply displaying the diagnostic trouble code number (some cars use the odometer display to do this currently) is of marginal usefulness compared to simultaneously providing the technical data and links like YouTube instructional video related to the indicated code. Applications such as my www.mileagetrakker.com grow in the marketplace because most car users also need lots of actionable related information, like the nearby location of appropriate repair shops.
Capture your full mileage deduction

Capture your full mileage deduction


The IoT has emerged into the marketplace in true “overnight success” fashion. Volkswagen brought out the first on board computer with scanning capability in 1968. The car repair industry was disrupted and gas stations with repair bays were replaced by convenience stores. In the 1940’s and 50’s tape driven digital servo motor controls were added to drive the motions of milling machines. CNC machining centers (and their intranet linked CAD and cutter path generation and management software) now dominate, displacing most Bridgeport milling machines. (And the Bridgeport company itself) In 1968 Bedford Associates brought out the first PLC (now Modicon) for GM. As a result, historic relay industrial controls have been replaced by PLC computer systems with their embedded intranet links.

Will we ever see the first disruptive Internet of Things success? Now that I have seen the security agencies complain that encryption is blocking interception of ISIS phone conversations, my prediction is that it will arrive as an extension of the Intranet of Things. Most IoT applications, like home security, require that any intranet extension onto the web includes the emerging communication encryption.

Kludge

Treasure is camouflaged in the digital jungle

Treasure is camouflaged in the digital jungle

kludge
[klooj]
noun – Computer Slang
1. a software or hardware configuration that, while inelegant, inefficient, clumsy, or patched together, succeeds in solving a specific problem or performing a particular task.

*definition from Dictionary.com

Whoever came up with this term must have been assigned to marry legacy IoT (Internet of Things) digital controls. Lots of ones and zeros show on the logic analyzer, with obscure or forgotten protocols for interpreting what they mean. In the arms race to stay ahead of the newest start-up, many of the companies who built the previous generation equipment with embedded internet communication no longer exist. However, even the first internet connected device is still a part of our IoT infrastructure. At the blinding communication speed of two bits per week, the transmitter shuts off the water feed pump every Sunday when the water tower is full.

We take running water out of our taps for granted

We take running water out of our taps for granted

I used to worry about terrorists gaining control of our infrastructure using the internet. It is theoretically possible to inflict some serious damage and injury. My concern was based on the fact that early IoT devices have very little access protection. Now that I have integrated some legacy systems I realize the lack of standardization will be our saving grace. It is next to impossible to apply experimentally the right combination of ones and zeros without a guide.
I was discussing the evolution of CNC position encoders with the technician who was upgrading the control on one of our CNC machining centers. In mold making, the cutter path software that converts 3D models (3D printing) into physical shapes, originally used a layer by layer contour line approach. We would like to use the more modern climb milling software because it eliminates the contour lines. (and the hours of hand draw polishing to remove them) The upgraded control will position X Y and Z at high speed instead of just X and Y which is all the contour line method requires. The embedded computer in each axis position encoder sends a high speed serial data stream including error correcting bits back to the control. This is a far cry from the first GE (now Fanuc) CNC control retrofitted to a Buffalo milling machine that I first programmed – yes, there is still a lot of legacy stuff in operation out there. This control also had position encoders without the local embedded computer. It only lost about 2500 count per shift (about 1/4 inch of position) and it came with a switch to shut off the Z axis so that you did not mill too deep. We evolved through resolvers and glass scales and back to a smart encoder. Don’t expect to do “big data” analysis of this type of IoT real time data stream. Bad things happen if the transmission of position is interrupted.
Who will bridge the genetation gap?

Who will bridge the genetation gap?


On the hardware side it is very convenient to connect the 10/100 port of my laptop to the ethernet switch. In my latest control I added ethernet cables so that it can be used in convenient locations without exposing it to the open internet. The generation gap became painfully obvious on the software side. The desire of the Windows operating system coders to download daily changes exceeds the ability of any custom low volume application software creator to keep up. We are finding that the latest version of custom application software is obsolete before it is sold. In the short term we will keep the systems synchronized by isolating them from the internet once we solve the inter-connectivity issues. This solution does not work for every IoT software mismatch issue. In my mileage trakker www.mileagetrakker.com IoT connected car application, it is necessary to have a staff who continuously monitors the functionality of the links and keeps up with interfacing with each model and car maker as they evolve. This becomes part of the monthly charge which enables our trakkers to obtain a couple thousand dollars in annual savings. Many of my mileage trakker competitors have gone out of business because they got caught continuously rewriting their cell phone based code in order to keep up with a rapidly changing software platform.
The IoT is evolving like the power grid. New IoT applications emerge based on the cost and performance drivers. Each implementer chooses a variation that matches the application without regard for the broader inter-connectivity issues. This will generate employment for the people with the STEM skills to link users to the vast data pool.

Modern Moats

Herstmonceux Castle and Moat for TO6410 cc Dave Croker

Herstmonceux Castle and Moat for TO6410 cc Dave Croker


Planners who were trying to safeguard valuables back in the middle ages discovered that it takes more than fortifications to succeed. This is especially true when the fortifications have secret doors that were installed by the builder. I suspect that the fortress defenders discovered that the addition of a moat also flooded the tunnels under the walls. In this digital age, the task of defending a company’s digital fortress is daunting. The magnitude of this task will only increase as more of our foreign-built devices become internet connected.
by Stan Schneider Real Time Devices

by Stan Schneider Real Time Devices


As revelations by Edward Snowden and others have demonstrated, the fortress walls of these IoT (Internet of Things) devices come with pre-installed secret doors. This fact has not escaped the thieves that exploit these weaknesses. In much the same way that Google crawls the web looking for home pages, a search engine named Shodan crawls the web looking for the hidden back doors http://www.forbes.com/sites/kashmirhill/2013/09/04/shodan-terrifying-search-engine/. Using this search engine to help them, I am not surprised that the thieves find that some of these doors are unlocked. So how do you go about installing a moat before the thieves make off with the crown jewels? What does a modern moat look like? The first moat of the electrical age was related to the high voltage wires needed to transmit power for long distance. Nickolai Tesla working for George Westinghouse developed the high voltage power system we use today. Glass insulators kept the high voltage from shorting to ground.
Sophisticated insulators stop the loss of high voltage power

Sophisticated insulators stop the loss of high voltage power

It is very exciting when the salt we use on the road causes massive fires in the substations melting the conductors. Obviously the fuses blow, but most of us have also lost a TV, radio or computer because the high voltage finds its way into our electronics. The fragile electronics in our computer chips died regularly, until we discovered how to use light in the form of opto isolators to build a non-conducting moat around the processor.
light waves protect microprocessors from voltage spikes  by Inductiveload

light waves protect microprocessors from voltage spikes by Inductiveload


Light can also be used to protect the program running the computer from hacking and malware. Early in the development of microelectronics a type of memory called UVprom was invented. Bright ultraviolet light bathed on the chip erases the memory.
Ultraviolet light erases this chip CC by SA 2.5  ST Microelectronics M27C2568-12FI

Ultraviolet light erases this chip CC by SA 2.5 ST Microelectronics M27C2568-12FI

The convenience of the electrically erasable chip has led to its wider use. In general, it is not convenient if spyware and malware are remotely added using the electrically erasable chip to steal the crown jewels. I suspect that the vandals of the middle ages would have liked conducting their raids without ever having to leave home. I believe that we will go back to locking in the operating program. It is promising to hear that Google is unveiling their Vault micro SIM card for a mobile phones. We will all be watching to see whether it actually improves security or is just to keep out every one but Google (and the NSA by hidden deal) http://www.cnet.com/news/googles-project-vault-is-a-security-chip-disguised-as-an-micro-sd-card/ This is probably why so many users cling to Windows XP (also named Windows NT) Daily web updates to fix the bugs in incomplete operating systems are a big gap in the moat we are trying to build around our data fortress.
In the early days of computing, many of us used time sharing. The derivative virtual machine adds one more level of security but it does not protect against back doors that were embedded in the parent operating system.
Virtual Marble Machine  CC by Torley

Virtual Marble Machine CC by Torley

I like playing video games, but if I am interested in data security I will go back to build and maintaining the moat. Windows NT is very stable and bug free operating system if is isolated from the web. Thinking in military terms it is better to have a mine field between you and the theives. We have all played minesweeper.
Memory with embedded "mines" can be built into the cables that connect to the internet

Memory with embedded “mines” can be built into the cables that connect to the internet

Remote probing is a lot more difficult if only a small amount of data is availaible at one time in a two directional buffer memory and random memory addressed are mined.
Currently 40% of the cost of new vehicles is software. Companies who wish to remain in business must take building a moat against the “Great Cannon of China” more seriously

Connectivity

Humans are all interconnected

Humans are all interconnected


The first long distance communication link was actually digital. The telegraph replaced flags, smoke signals and mirrors as the first reliable long distance link.
A telegraph key and sounder

A telegraph key and sounder

My dad’s best friend was a HAM radio enthusiast who worked for NASA. As a young child, I remember watching a teletypewriter translate radioed Morse Code and print at 20 words per minute. I thought the transmission was coming from Mars. Funny on today’s scale, in that this transmission was at the blinding baud rate of 8 bits/second. (still faster than you could send and receive Morse Code using the key.) The general public never wanted to learn Morse code so they migrated to the telephone, radio and television. My parents cottage / retirement home is on Lake Erie in a small village called Saybrook.
A lineman on a telephone pole.

A lineman on a telephone pole.


No it was no longer necessary to climb the pole to answer the phone. But, I can remember when a live operator came on the line to ask you what number you were calling from for billing. For us non-residents, it is mandatory to keep the cell phone plugged into the car charger so that you have enough broadcast power to last though a normal phone call. I am not surprised that Saybrook was a Finnish community. The equally sparse Finnish landscape prompted a Finnish company Telenokia in 1991 to invent the digital GSM G2 cell phone protocol. A digital link, initially at 40,000 bits/sec (the old telephone modems are at 48,000 bits/sec) replaced the G1 analog cell phone networks. This digital strategy made simultaneous voice and data transmission possible. We quickly adopted this communication link. Connected car services such as my IoT (Internet of Things) http://mileagetrakker.com automated milege report generation system became possible. Mileage Trakker even works in places like Saybrook which isn’t scheduled to upgrade beyond G2 cell coverage until next year.
Capture your full mileage deduction

Capture your full mileage deduction


Humans are funny creatures. In the near future we will all be transported by self-driving vehicles. I suspect that the resulting traffic jams will cause us to want enough cell bandwidth to synchronize the flow.
Computer control will stuff the roads

Computer control will stuff the roads

This is very similar to the task of keeping track of Kiva robots scurrying around a warehouse. Very high capacity “blanket” WIFI systems at 450,000,000 bits/sec by Extricom http://www.extricom.com are the minimum needed for this task. The actual bandwidth we will want is probably higher, in that it takes 32,000,000 bits per second, to transmit TV images to entertain us during the trip. We are watching all of our communication links converge into a single interconnected system.