Ignite 2016 Feedback for IoTWG

Transcript

1. None

2. Speaker’s profile

3. Taiji HAGINO Software Engineer Mitsui Knowledge Industry Research & Development,

   Education, and DevRel (Mobile/Web/IoT) taipon.rock @taipon_rock taijihagino

4. http://dist.tokyo/ http://mkidev.connpass.com/ https://ios.or.jp/ https://nodered.jp/ http://devrel.connpass.com/ https://ios.or.jp/topics_detail.html?news_id=299

5. None
6. None
7. None

8. North Carolina Highway Signs Compromised By a Foreign Hacker* Penetration

   of a Water Treatment Facility by a Foreign Hacker* *NSTAC Report to the President on the Internet of Things. www.dhs.gov/sites/default/files/publications/

9. Information Technology Operational Technology System of Systems

10. How? • Secure Development Lifecycle • Secure Network Technologies •

    Threat & Vulnerability Mitigation • Monitoring and Alerting • Software/Firmware Auto-Updates • Privacy Models Mission of IT Design and maintain software, hardware and network resources which run securely and provide privacy Information Technology (IT) the application of computers and telecommunications equipment to store, retrieve, transmit and manipulate data* *en.wikipedia.org/wiki/Information_technology

11. How? • Robust machines, with built-in safety features • Automated

    monitoring and control • Isolate and control – cut off all interaction with the world • Design to protect against natural and man-made disasters Mission of OT Design and maintain machines which run reliably, and safely (do not cause injury or harm to other machines, humans, and the environment) Operations Technology (OT) collects information and causes changes in the physical world through the direct monitoring and control of physical devices in industrial contexts

12. Information Technology Operational Technology System of Systems

13. Information Technology Specialists Hardware Device Specialist System of Systems

14. Trustworthy IoT Security Privacy Reliability Safety Environment Threats System faults

    Human Errors

15. WINDOWS 10 IOT  Partha: Remove the background pictures, need

    to move ‘Trusted’ pillar in the place of connected and connected moves to the bottom. Slide 10 should become the next slide and should have a similar design as this slide with IoT Core. PRODUCTIVE Commercial OS platform that brings modern user experience to your things TRUSTED Trusted platform for cloud- connected devices CONNECTED Open platform that easily connects things, endpoints, and the cloud

16. Windows 10 Enterprise for IoT devices Windows 10 IoT Enterprise

    Windows 10 Mobile for IoT devices Windows 10 IoT Mobile Windows 10 for small footprint IoT devices Windows 10 IoT Core

17. Windows platform provides secure key handling Developers can easily build

    secure cloud applications for Windows IoT Connected Service for Azure IoT Hub

18. Security from the ground up Microsoft Cloud Largest online services

    in the world Centers of excellence Operational Security Assurance (OSA) process Security Development Lifecycle (SDL) azure.microsoft.com/documentation/articles/securing-iot-ground-up/

19. Azure IoT Suite Device Connectivity & Management Data Ingestion and

    Command & Control Stream Processing & Predictive Analytics Workflow Automation and Integration Dashboards and Visualization Preconfigured Solutions Predictive Maintenance Remote Monitoring

20. Analyze and act on new data Integrate and transform business

    processes Connect and scale with efficiency ----101010110101010001101000101 11----˃ And more. . . Business Systems --- 101 0110001010111--˃

21. Defense in depth Securely connect millions of devices . .

    . Over a secure internet connection . . . To Microsoft Azure – built with security from the ground up ----1010101101010101010110101110100100100010111----˃ ˂---1010101101010101010110101110100100100010111---- Device Security Connection Security Cloud Security

22. … represents the use of multiple computer security techniques to

    help mitigate the risk of one component of the defense being compromised or circumvented* *en.wikipedia.org/wiki/Defence_in_depth#Information_security Each role is responsible for a layer of depth, and each layer has further layers of safeguards so as to build defense in depth

23. Roles IoT solution operator IoT solution deployer IoT cloud and

    solution provider IoT solution developer IoT hardware manufacturer and integrator

24. Element S T R I D E External entity 

     Process       Data Store  ?   Data Flow    The STRIDE model Spoofing Identity Tampering with Data Repudiation Information Disclosure Denial of Service Elevation of Privilege User Device Field Gateway Cloud Gateway Front End Services Backend Services Identity System User Data Federation Partners Local User Zone Local Zone Device Zone Field Gateway Zone Cloud Gateway Zone Trust Boundary Azure Services Zone Remote User Zone Gateway Zone Services Zone

25. Follow Us! Blog : https://blogs.microsoft.com/iot/ Partners – join the community:

    http://aka.ms/CEPartnerForm (select IoT) Go to www.InternetOfYourThings.com

26. • Learn how to build in security from the ground

    up • Gartner Predicts 2016: Security and the Internet of Things • https://azure.microsoft.com/en- us/documentation/articles/iot-hub- security-ground-up/ IoT Site Azure.com Site

27. www.microsoft.com/itprocareercenter www.microsoft.com/itprocloudessentials www.microsoft.com/mechanics https://techcommunity.microsoft.com

28. BRK2299

29. Digital transformation Digital is rapidly changing how business gets done…

    ess is the creation of new business designs by blurring the digital and physical worlds.” Source: Gartner Building and Expanding a Digital Business Primer, 2016, 29 March 2016, Jorge Lopez Innovating with crowdsourcing and data Adapting the business through intelligent operations Working smarter with smart machines Staying ahead by anticipating what’s next Delighting customers with richer experiences

30. Digital transformation in smart manufacturing Traditional factories Search for data

    needed for root-cause analysis Take days or weeks to reroute and reconfigure devices Maintain technicians onsite to determine and resolve issues Complete corrections within hours, including rerouting processes and reconfiguring machines Access devices remotely to diagnose and resolve issues Access comprehensive data almost immediately to perform root-cause analysis Smart factories

31. Digital transformation in smart retail Traditional retail Manually track deliveries

    Manually track inventory data and separately coordinate with distributors Perform regular inventory to determine what products are selling and need to be reordered Access real-time inventory data on your devices As inventory is removed from store shelf, store info updates in real time Configure the system to notify an employee to restock inventory when below a preconfigured range Smart retail

32. Digital transformation in smart home Traditional home Siloed lighting; each

    light requiring individual, manual interaction Static, reactive temperature control system targeting a single temperature setting at all times Siloed passive alarm system Smart home Cloud-connected temperature controls download predictive weather modeling and sense when user is home to apply resources most efficiently Integrated alarm sensors and cameras communicate with one another and to user device 24/7 Sensors monitor user presence and coordinate with connected lighting units for efficiency, etc.

33. Cost Reduction Risk Reduction Flexibility gains Performance and Efficiency gains

    IT top concerns System processes and IT infrastructure efficiencies Reduce IT costs Manage business risks Grow business and revenue opportunities Improve operational efficiencies Gain competitive advantage OT top concerns Benefits of Convergence

34. Why Enterprise IT should care Ensure Secure Productive Enterprise IT

    Need a proactive IT Strategy for IoT Consistent device management approach Optimize resources and reduce IT costs Train IT workforce to help business make the right IoT investment decisions Make no security comprise with IT & business assets Proliferation of devices at your doorstep Market predicts huge growth for IoT devices at the Enterprises

35. IoT is driving digital transformation today

36. None

37. Building IoT solutions can be complex Professionals in all industries

    must understand the tremendous risk associated with IoT-enabled, connected solutions and help their organizations adopt such technologies safely with a comprehensive security strategy. – An S&R Pro's Guide To IoT Security, August 2015, Forrester Research “IoT devices will need to interoperate and communicate, and many IoT business models will rely on sharing data between multiple devices and organizations” - Gartner Press Release, Gartner Identifies the Top 10 Internet of Things Technologies for 2017 and 2018, February 2016 http://www.gartner.com/newsroom/id/3221818 “IoT remains a complex collection of technology and services for enterprises to navigate” - IDC Innovators for the 2016 Internet of Things Platforms Market – Press release, 17 May, 2016

38. Building IoT solutions can be complex “There is a shifting

    balance between edge computing and cloud computing” - ABI Research Edge Analytics in IoT 2Q2015 Successful IoT solutions demand robust edge computing capabilities
39. None

40. Smart Things bring intelligence to the edge

41. Smart Things bring intelligence to the edge Role of Smart

    Things Attributes of Smart Things Basic connectivity No/light manageability Basic hardware Resource constrained Basic security/identity Attributes of Basic Things Transmit data Perform instant actions Generate data Role of Basic Things

42. Enterprise IT concerns on IoT How can I keep the

    corporate assets secure? How I am going to manage and deploy these devices? How can I apply IT policies consistency across all our assets? How am I going to train my workforce to tackle these new IoT devices?

43. Windows 10 IoT Intelligence at the Edge

44. Get Enterprise ready with Windows 10 IoT Emerging Smart Things

    Industry and ruggedized devices Purpose-built industry solutions 72° 120 80

45. Windows 10 IoT Editions

46. Windows 10 IoT Windows 10 IoT

47. Device Management OS Update and Control Windows Store Servicing Familiar

    Developer Tools & Resources Commercial Ready Interactive & Innovative UX Universal Windows Platform Cortana Natural User Experiences – Touch, Speech, Ink Productive Commercial-ready IoT platform that brings modern user experience to your things

48. Consistent Device Management for all Windows 10 IoT devices 3rd

    Party MDM SC Config Man OMA DM Purpose built Industry Devices One Windows Platform • Converged MDM Stack • Converged Servicing Stack • Common CSPs Windows 10 IoT
49. None

50. One toolset; one app Support for C#, HTML/JS, C++, and

    more Device-aware runtime light up One Dev Center Flexible device family targeting Detailed analytic reports Existing code welcome Desktop applications Mobile websites Cross-platform apps (e.g. Unity, Xamarin) Familiar tools, familiar processes Microsoft provides the tooling and services to bring your app to market faster

51. • Secure Boot • Trusted Boot • Windows Defender ATP

    • Device Guard • Device Lockdown Protect Devices • Bitlocker • TPM • Enterprise Data Protection (EDP) Protect Data Protect Identities • Credential Guard • Windows Hello Trusted Trusted platform for cloud-connected devices

52. Boot malware resistance with UEFI Secure Boot Secure device identity

    and health attestation Identity protection and access control Advanced lock-down capabilities Native UEFI Verified OS Loader Kernel Drivers System Drivers 3rd Party Drivers User Login Apps Signature Verification Boot Measurements Access Control Lockdown Code Integrity
53. None

54. • Ubiquitous Connectivity • USB, Wi-Fi, Bluetooth Smart, Cellular •

    Standards Based Approach to IoT Interoperability • AllJoyn/OCF Integration for Consumer IoT • OPC-UA for Industrial IoT Open Standards & Interface • Secured Azure Connection with TPM • Best-in-class Connectivity with Azure Azure Cloud Integration Connected

55. Latest connectivity options Interoperability across devices Seamless connectivity to Microsoft

    Azure Extensive options for connecting devices in your environment • Ethernet & Wi-Fi • Broadband • Bluetooth • Bluetooth Smart

56. Latest connectivity options Interoperability across devices Seamless connectivity to Microsoft

    Azure Today: AllJoyn in Windows 10 Tomorrow: OCF Bridge and connect other ecosystems Including: Modbus BACNet Zigbee OPC-UA support for industrial scenarios

57. Latest connectivity options Interoperability across devices Seamless connectivity to Microsoft

    Azure Windows 10 IoT Core platform Azure Certified for IoT Secure Azure connection with TPM Including: MQTT AMQP Building secure cloud apps is easy
58. None

59. What’s in the Anniversary Update

60. HORM Enterprise Data Protection WLAN enhancements to improve performance and

    resiliency Bluetooth improvements—factory pairing, AVRCP browsing New “Anniversary Update” LTSB Version in 2016 New “Anniversary Update” CBB version in 2016 Assigned Access Improvements

61. Enterprise-grade security specifically designed for mobile devices TPM 2.0 support

    Leading user experiences and connectivity to empower business scenarios Windows Store for Business Streamlined manageability Bulk Provisioning Assigned Access improvements

62. Windows Update and Store app servicing Windows manageability 64-bit support

    IoT Remote Client RPi3 & Intel Joule support

63. Designed for Smart Things that brings secure intelligence to the

    edge The Cloud Solution designed to easily connect devices and analyze data to help transform your business
64. None

65. Leverage the opportunity to through new devices and services Bring

    to your things with Windows 10 IoT platform your enterprise assets with Windows IoT similar to your PCs and Phones Untap the power of data with Microsoft IoT technologies while to build your next innovation with Windows 10 IoT
66. None
67. None
68. None
69. None

70. Low power devices Existing IoT devices IoT Client Solution UX

    Provisioning API Identity and Registry Stores Stream Processors Analytics & Machine Learning Business Integration Connectors and Gateway(s) Device State Store Gateway Storage Cloud Gateway App Backend Data Path Optional solution component IoT solution component IoT Client Presentation & Business Connectivity Data Processing, Analytics and Management Device Connectivity Personal mobile devices IP capable devices IoT Client Business systems Azure IoT Reference Architecture

71. https://www.azureiotsuite.com/

72. None

73. Devices Azure IoT Suite Remote Monitoring Back end systems and

    processes Event Hub Storage blobs DocumentDB Web/ Mobile App Stream Analytics Logic Apps IoT Hub Web Jobs C# simulator www.azureiotsuite.com
74. None

75. Devices Azure IoT Suite Predictive Maintenance Back end systems and

    processes Event Hub Storage blobs DocumentDB Web/ Mobile App Stream Analytics Logic Apps IoT Hub Web Jobs C# simulator Azure ML www.azureiotsuite.com

76. Real Customers

77. https://www.azureiotsuite.com/

78. None
79. None

80. Cloud-scale messaging Two-way communication Per-device authentication Multi-protocol support Cloud-scale gateway

    Hyper scale IoT solution

81. Designed for IoT Connect up to 10 million devices Cloud-scale

    messaging Device-to-cloud and Cloud-to-device Durable messages (at least once semantics) Per-device authentication Individual device identities and credentials Multi-protocol support Natively supports AMQP, MQTT, HTTP, AMQP- WS Designed for extensibility to custom protocols Service assisted communications Secure bi-directional communication Command and control Cloud-facing telemetry ingestion Delivery receipts, expired messages Device communication errors Connection multiplexing Single device-cloud connection for all communications (C2D, D2C) Multi-platform Device SDKs available for multiple platforms (e.g. RTOS, Linux, Windows) Multi-platform Service SDK

82. Your IoT Hub Field GW / Cloud GW Device Device

    id C2D queue endpoint D2C send endpoint Device … Device … Device… IoT Hub management Device provisioning and management Device identity management C2D send endpoint Event processing (hot and cold path) Device business logic, Connectivity monitoring D2C receive endpoint Msg feedback and monitoring endpoint

83. IoT Hub Device id C2D queue endpoint D2C send endpoint

    Device… … Device … Device … D2C receive endpoint C2D send endpoint IoT Hub management Compatible with Event Hubs • Partitioned receiver, client check-pointing • Integrations with Azure Stream Analytics, Storm, … • 100% compatible with Event Hubs receivers Interface • AMQP, MQTT, AMQP-WS and HTTPS device-side endpoint • AMQP service-side endpoint • Device and service SDKs IoT Hub services for D2C • Millions of simultaneously connected devices • Per-device authentication • Connection-multiplexing: • C2D and D2C traffic • Across multiple devices for gateway scenarios

84. • Contains per-device security materials • Individual device blocking •

    No queries  keep a device registry to query by app-data Identity registry • AAD integration • “Master” key for gateway scenarios Custom • Label incoming telemetry • Ensure identity of devices receiving messages Authenticated comms • IoT Hub (identity registry) • Device registry (e.g. DocDB, SQL) • Other(e.g. ERP) Device provisioning orchestration

85. https://www.azureiotsuite.com/

86. None
87. None
88. None
89. None

90. https://www.azureiotsuite.com/

91. None
92. None

93. https://www.azureiotsuite.com/

94. None
95. None
96. None
97. None
98. None

99. Guest Executables • Bring any exe • Any language •

    Any programming model • Packaged as Application • Gets versioning, upgrade, monitoring, health, etc. Reliable Services • Stateless & stateful services • Concurrent, granular state changes • Use of the Reliable Collections • Transactions across collections • Full platform integration • Any communication stack Reliable Actors • Stateless & stateful actor objects • Simplified programming model • Single Threaded model • Great for scaled out compute and state Service Fabric Programming Models

100. https://www.azureiotsuite.com/

101. None
102. None
103. None

104. Azure IoT Reference Architecture https://azure.microsoft.com/en-us/updates/microsoft-azure-iot-reference-architecture-available/ Internet of Things Security Architecture

     https://azure.microsoft.com/en-us/documentation/articles/iot-security-architecture/ Azure IoT Suite https://www.azureiotsuite.com/ Github: Azure – IoT https://github.com/azure?utf8=%E2%9C%93&query=iot Github: OPC UA .Net Standard Library Stack and Samples https://github.com/OPCFoundation/UA-.NETStandardLibrary
105. None

106. Good Luck C

107. Taiji HAGINO Software Engineer Mitsui Knowledge Industry Research & Development,

     Education, and DevRel (Mobile/Web/IoT) taipon.rock @taipon_rock taijihagino