Internet of Things IoT Scotland 2015

#iotscotland
Mark Stephen
BBC Scotland

#iotscotland
Theo Priestley
Forbes Online

I Predict A (R)IOT
Why everything is connected and everything will change
Theo Priestley
IOT Scotland 2015
Our Dynamic Earth

Theo Priestley
Technology Analyst, Advisor, Forbes
Twitter: @ITredux
http://www.linkedin.com/in/theopriestley

50.19.500.6.2020
The Numbers Game

Three Things Will Occur
• Data will become open to all
• Real-time analysis will occur at source
• Blockchain technology will become a
critical component for security

Change Driven By Open Data Not Things

Planning For Change
Plan Do Check Act
Devices Data Insight Action

Changing Of The Guard
This is not a place for your Grandfather’s
Data Protection Act
Privacy today is not the privacy of 1998

Business Models Will Change
DIGITAL
INTERNET OF STUFF

The Customer Will Own Their Data
And You Will Rent It From Them

Internal And External Opportunities
Appirio gives all employees Fitbit trackers
Google Hangouts offer employees live video
sessions with a trainer
Data mined from Chatter groups and Fitbit
devices lead to 5% reduction in annual
insurance premiums at approx. $300k

Theo Priestley
Technology Analyst, Advisor, Strategist
Twitter: @ITredux
http://www.linkedin.com/in/theopriestley

#iotscotland
Pilgrim Beart
1248

Turning innovative ideas
into tangible value

The past & future of connected devices
…from my perspective

1998-2006
Splashpower
1998-2001
2000-
2001-2008

Energy Controls
‘Hive’
Home Automation
‘Iris’

An Innovation lesson
it takes time

Persistence
New
Science
New
Technology
New
Product
New
Sector
Profitable
Growth

Revenue
Zone of
temptationVision
Easy
money
Market
10y+

Embedded
platform Fog?
ManagementAnalytics
UX
Security
Cloud
Platform
Search

#iotscotland
Steve McKee
Cisco

© 2014 All rights reserved. Do not distribute. Hosted by
Driving Real Business Outcomes
with IoT
Steve McKee
Solution Architect

© 2014 Cisco and/or its affiliates. All rights reserved. 33
IoT is Here Now. And it’s Growing !
TIMELINE
2010 2015 2020
BILLIONSOFDEVICES
0
10
20
30
50
Adoption rate of digital
infrastructure:
5X faster than electricity
and telephony
25
12.5
7.26.8 7.6
World Population
50+ Billion
Smart Objects
Inflection
point

IoT Investments Are Growing
Source: Cisco IoT Survey 2014; % of survey respondents N=1230
86%
76%
86%
79%
91%
89%
77%
% of Respondents Increasing IoT Investments in
the Next 3 Years

2014 Microsoft
Entered the
IoT Market
Schnieder and
ioBridge Announce
Partnership
Siemens Announces
$100M IoT Fund
UK Creates £45m
IoT Fund
Zebra Acquires
Motorola Wireless
$3.45B
June 2014
Apple Announces
Their First Home
Automation Initiative
Feb 2014 AT&T and
IBM Announce Join
IoT Vision
Barcelona Smart City:
$3.6B Value Creation
Google Buys Nest
for $3.2B
Announces
IoT Group
IoT Market Is Here Now
0 1 2 3 4 5 6 7 8 9 10
11
Estimated Potential Economic Impact of Technologies Across Sized
Applications in 2025 ($ Trillion, Annual)
A Gallery of Disruptive Technologies
Source: McKinsey Global Institute
Mobile Internet
Automation of Knowledge Work
Internet of Things
Cloud
Advanced Robotics
Autonomous / Near-Autonomous Vehicles
Next-Generation Genomics
Energy Storage
3-D Printing
Advanced Materials
Oil and Gas Exploration and Recovery
Renewable Energy

Applications
Things
App Enablement
Workflow /
Rules Engine
Event
Management
Video
Sensing
Data Normalization
and Modeling
Protocol
Mediation
Enterprise App
Integration
Infrastructure
Software Defined Networking
Network Compute Storage
Applications
App Enablement
Workflow /
Rules Engine
Event
Management
Video
Sensing
Data Normalization
and Modeling
Protocol
Mediation
Enterprise App
Integration
Cloud and Fog
Analytics
Security and
Identity Management
Open and
Programmability
(APIs)
Ease of use
and Management
Infrastructure
Software Defined Networking
Network Compute Storage
Things
IoT Technology Platform – Accelerating Adoption

Environment
Great Barrier
Reef in Australia
Buoys equipped with
sensors collect
biological, physical,
and chemical data to
minimize and prevent
reef damage.

Healthcare
Medication in
The United States
Smart pill bottles
remind patients to take
their medication and
records that the patient
has taken the correct
dosage.

Smart
Buses
Smart
Bus Stop
Smart
Water
Smart
Lighting
Smart
Parking
Smart
Citizens
Smart
Waste
Revenue Citizen
Experiences
Productivity
Cost
Avoidance
Jobs
Barcelona: Smart City
$3.6 Billion
Value Creation
“We are obsessed with
building quality of life for
our citizens.
That is our present and
the future of our city.”
Antoni Vives
Deputy Vice Mayor
City of Barcelona, Spain

TRANSPORTATION
Reduced
Traffic Congestion
in SF
Deployed 20,000
Smart Parking
Spaces
Innovative
Demand-
Responsive
Pricing
40© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
San Francisco
Gets Smarter
Parking Spaces
IoE Solution
Parking, garage and
roadway sensors for real-
time parking
and traffic analysis
San Francisco, CA

Harley-Davidson Accelerates Product Cycles
Manufacturing
York, PA
Manufacturing flexibility across
supply chain
IoT Solution
Solution Partners
Sped up Product
Cycles by 10–20%
Accelerated Triage
and
Troubleshooting
Improved
Working Culture

Hamburg Is on Its Way to Becoming a Smarter City
Smart Cities
Hamburg, Germany
Citywide traffic incident
management solution,
Smart Street lighting and
environmental sensing, smart
shipping container management
IoT Solution
Solution Partners
Deployed Smart
Traffic and
Street Lights
Improved
Traffic Flow
Optimized Power
Consumption

And Many, Many, More……….
Becoming an Engaged and
Connected City
Driving new levels of Utility
efficiency and uptime
Gaining Double Digits
Manufacturing Productivity

IoTWF Working Groups
Horizontal Working Groups
Vertical Working Groups
Security,
Privacy,
Compliance
Standards &
Interoperabilit
y
Architecture,
Management,
Analytics
Innovations,
Start-Ups
Sensors &
Embedded OS
GTM:
New Business
Models
Marketing
Education Health Manufacturing Energy Retail Transportation Smart City

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Prof. Michael Nelson,
Georgetown University
“Trying to determine the market size for the
Internet of Things is like trying to calculate the
market for plastics, circa 1940.
At the time, it was difficult to imagine that
plastics could be in everything.”

The
Internet
of Things.
Here.
Now.

#iotscotland
John Swinney MSP
The Scottish
Government

#iotscotland
Questions &
Discussion

www.it500-conference.com
ITinThePark

#iotscotland
Refreshments &
Networking. Please
check badges for
breakout locations

www.scot-data.com
2nd Annual Big Data Scotland

#iotscotland
David Holder
Erion

© Erion Ltd 2015 - All rights reserved
IoT:
Integration and
Standardisation
Making your way through the “Fog”
Dr David Holder CEng FIET MIEEE
david.holder@erion.co.uk http://www.erion.co.uk
IoT Scotland 2015

Profile: David Holder
 CEO and Chief Consultant Erion
 Author of numerous reports and whitepapers including
recent CGN and IPv6 studies for Ofcom
 Chairman of IPv6 Task Force Scotland
 Regular speaker at global conferences on IPv6
 Extensive experience of IPv6 spanning over 17 years
 Builds sensor networks for fun!
• PhD in electronic engineering
• (Microwave Semiconductor Devices)
• Fellow of IET (FIET)
• Member of IEEE (MIEEE)
• Chartered Engineer (CEng)

Integration & Standardisation
Why you should care
The consequences of getting it wrong
Standards
Take your pick
What will the future be?
Predicting the future is difficult
Backing the “right” standard/s
How to make the “right” choice

Why Standards are Important
 Compatibility
 Interoperability
 Functionality
 Flexibility
 Longevity
 Ease of use
 Maintainability
 Manageability
 Ease of application development
Impact on bottom line

Bewildering Array of IoT
Standards to Choose From
Examples of standards bodies and standards
How do you choose?
802.15.4
CoAP HTTP

The Ideal
 Devices talk directly to each other (the “Fog”)
 No complex translators, gateways or “Upperware”
 Devices communicate directly with the Internet
Internet

The Reality
 “Vertical Silos” – islands of standards
 “Upperware” necessary for interoperability
 Devices cannot talk to each other or to the Internet
Incompatible datalinks, WiFi, IEEE 802.15.4, NFC, Bluetooth etc cannot communicate directly
Upperware Upperware
X

The Solution
 One standard beings all together
802.15.4
?

 The current Internet Protocol IPv4 is not suitable
 IPv4 addresses are exhausted* – none left for IoT
(* IPv4 never have had enough, as it only supports 4 billion addresses)
 Address conservation using NAT/CGN* break
connectivity to other IoT devices and the Internet
(* Network Address Translation / Carrier Grade NAT )
 Backwards support for IPv4 is often provided usually
through some form of translator or gateway
50 Billion
Why IPv4 is NOT the Solution
Devices by 2020

IPv6 a Solution for IoT
340,282,366,920,938,463,463,374,607,431,768,211,456
 Practically unlimited number of addresses
 No Network Address Translation (NAT or CGN)
 Better performance
 End-to-end Internet connectivity is possible
 Network layer security is possible
 6LowPAN is IPv6 designed for IoT
 Works across many technologies
 Internet standards have a long shelf life
 Internet is over 30 years old
802.15.4 etc...

Why is 6LowPAN Good?
 Uses standard Internet Protocols
 Interoperates across many radio types
 Designed for Low-power, Lossy IoT networks
 Familiar APIs for software developers
 Allows direct connection between devices
 Allows connection to global Internet
802.15.4
Internet(IPv6)
802.15.4 etc...

IPv6 Status Today
 No more IPv4 addresses
 Today 70% of a dual-stack user’s traffic is IPv6
 Over 50% of top web sites are IPv6 enabled
 IPv6 connections are faster – no NAT/CGN
 UK ISPs are rolling out IPv6
 Number of IPv6-capable users doubles annually
At this rate everyone will be using IPv6 by 2020
Please sir can I have some more?
RIPE

The Future of IoT Standards
 Many contenders
 Historically Zigbee was the biggest player
 6LowPAN is taking off rapidly
 A number of big players are 6LowPAN based
 Zigbee-IP brings together Zigbee and 6LowPAN
 Thread is 6LowPAN (Wide industry support)
 Longevity of installed devices and significant
investments by players may make the move to a
common set of standard/s a long process

Preparing for IoT
 Be aware of the huge range of options
 Understand the consequences
 Choose your standards carefully
 Include 6LowPAN in your options
 Prepare for IoT by deploying IPv6

Personal Example
 Bespoke IoT network house & grounds
 Avoided commercial options due to vertical tie-in
 Chose Zigbee initially due to immaturity of
6LowPAN products at time of deployment
 Downside learning new standards and APIs
 Currently migrating to 6LowPAN
 Gates, door bells, temperature, security,
weather, garden etc...

Thank you for listening
Further Information
 6LowPAN
 6LowPAN and IoT
http://www.erion.co.uk/Training/6lowpanandtheinternetofthings.html
 IPv6 Training http://www.ipv6training.com
 IPv6 Consultancy http://www.ipv6consultancy.com

#iotscotland
Martin Sloan
Brodies LLP

ABERDEEN • EDINBURGH • GLASGOW • BRUSSELS www.brodies.com
Internet of Things
Retaining privacy and security in an ever connected
world
Martin Sloan, Partner, Brodies LLP
Blog: http://techblog.brodies.com
Twitter: @Brodies TechBlog
30 September 2015

"We, Siemens, have the technology to record [energy
consumption] every minute, second, microsecond, more or
less live... From that we can infer how many people are in
the house, what they do, whether they're upstairs,
downstairs, do you have a dog, when do you habitually get
up, when did you get up this morning, when do you have a
shower: masses of private data.”
Martin Pollack, Director of M&A, Siemens Energy
Smart Grids and Cleanpower Conference 2010
(as reported by Reuters)

Or….
BBC News: Not in front of the telly: Warning over 'listening' TV
http://www.bbc.co.uk/news/technology-31296188

Privacy and security –
what does the law say?

Xkcdhttps://xkcd.com/1269/
LicensedunderaCreativeCommonsAttributionNonCommercialLicence2.5

What does the law say?
• EU-wide laws on data protection
• Other rules apply elsewhere – understand your markets
• Data Protection Act 1998
– imposes obligations on data controllers
– in connection with processing
– of personal data
– about living individuals, known as data subjects, who
have certain corresponding rights under the DPA
• If you are not processing personal data then DPA will not
apply

Data protection principles
• Principle 1 – processed fairly and lawfully
• Principle 2 – processed only for specified and lawful
purposes
• Principle 3 – adequate, relevant and not excessive
• Principle 4 – accurate and (where necessary) up to date
• Principle 5 – kept only for so long as is necessary
• Principle 6 – processed in accordance with rights of the
data subject
• Principle 7 – kept secure
• Principle 8 – not transferred outside EEA, unless the
country ensures “adequate” protection

Fair and lawful processing
• Must satisfy a Schedule 1 condition – includes:
– consent
– necessary for pursuit of legitimate interests
• Sensitive personal data – more limited conditions
(Schedule 2)
• Fair processing code
– must ensure “so far as practicable” that data subject
is informed of the processing
• Processing must otherwise be fair and lawful in all the
circumstances

Secure processing
• Obligation to put in place “appropriate” technical and
organisational measures to prevent
unauthorised/unlawful processing and accidental loss,
damage or destruction
• “Appropriate” depends on nature of data and
consequences of a security breach
• ISO 27001 and other relevant standards?
• Techical and organisational measures:
– not just IT
– Needs holistic approach
– Use of third party processors

Where is the law going?
• New Data Protection Regulation
• European Commission
– Digital Single Market Initiative
– Alliance for Internet of Things Innovation
• ICO guidance
– ANPR, body worn cameras, drones
• Article 29 Working Party
– Opinions to date on geolocation, smart metering

It’s not just about privacy
• CMA investigation into consumer data
• Liability – what if
– your fridge orders too much milk?
– your health monitoring device fails to report an issue?
– your connected car crashes?
• Cyber attacks
– Not just about personal data – also reputational
• IP
– Who owns the IP? What can you do with it?

What should you be doing to protect
personal privacy?

BBC News: Smart devices to get security tune-up
http://www.bbc.co.uk/news/technology-34324247

Key issues to consider
• Consumer understanding
• Privacy by Design
• How do you enable ongoing security improvements?
• Will you collect data about/from children?
• Will you collect sensitive personal data?
• Will you share data with third parties?
• Privacy impact assessments
• Privacy policy/fair processing notice
– What does it say?
– How do you future proof?
– How do you communicate that to individuals?

Developing a privacy aware product
• Conduct a privacy impact assessment
• Anonymisation – do you need to process personal data
at all? Can it be anonymised?
• Repurposing – is the processing consistent with the
original purpose? Do you need consent?
• Data minimsation – how do you achieve this?
• Transparency – how do you convey what you are
doing?
• Subject access requests – design your system to
enable you to comply with rules on subject access rights
• Data management policy

Online Trust Alliance
• Alliance of technology businesses
• Industry initiative to address privacy concerns
• Draft framework on best practices
• Covers:
– Transparency
– Limitations on use of data and data retention
– Rights of the individual
– Security
• Consultation closed 14 September 2015

xkcdStandards
https://xkcd.com/927/

Questions?
• Blog: http://techblog.brodies.com/
• Twitter:
– @BrodiesTechBlog
– @lawyer_martin
• Email: martin.sloan@brodies.com

#iotscotland
Colin Birchenall
Future City
Glasgow

Internet of
Things
in the City of
the Future
http://futurecity.glasgow.gov.ukColin Birchenall
Glasgow City Council
30th September 2015

The
“Internet” of
“Things”
…The Convergence of our Physical Worlds and Dig

Quality of Life Economic Growth Environment
City
Priorities

Demonstrate ScaleIntegrated City Services

Health Energy
Transport Public Safety

Research Moisture & Temperature
Insight
Insulation
Retrofit Sensors

Dynamic Routing Route
Optimisation
Integrated
Social Transport

Energy Smart Grid/Building Integration
Insight
Demand-Side
Management

Energy Maintenance Public Safety
Insight
Intelligent
Street Lighting

New Sensors
New Insight
Air Quality
Sensors

Re-Use of Existing & New Sensors New
Insight
Footfall Sensors

Re-Use of Existing Sensors
New Insight
Traffic Sensors

Remote
Monitoring
Benefits to the
City
Proactive
Maintenance
Data
Collection &

Real-Time/
Predictive
Targeted
Service
Reactive to
Proactive
Transformation
through Insight

Better Outcomes
Economy Learning Vulnerable
Environment Vibrancy

Better Services
Improved Efficiency Better
Customer Experience

Better
Engagement
Community Engagement Community
Empowerment

New
Opportunities
New Markets New Industries
Economic Growth

Find out more
http://futurecity.glasg
ow.gov.uk
http://open.glasgow.gov
.uk
Follow us @openglasgow

Designing
value in
the
Internet of
Things@chrisspeed
Design Informatics, Edinburgh

!"#$%"&' ()*!"#$%"&' ()*
Domestic markets: Verticals

! " $%"&' ()*! " #$%"&' ()*
Domestic markets: Horizontals

Stefan Michel
Domestic markets: Horizontals

Domestic markets: Hub of All Things

Doors were closed
Domestic markets: Hub of All Things

What would 20,000 Things design?What would 20,000 Things design?
Dat
a
Things
Patterns
Usages
Ideas
Prototypes
Publications
Patents
NewThings
Data
hings
Patterns
Usages
deas
Prototypes
Publications
Patents
NewThings
Tactics and horizontals

ThingTank
“By 2017, asignificant disruptive digital businesswill belaunched
that wasconceivedbya computer algorithm.”
Gartner Report 2014, www.networkedworld.com, October 2014
More than human horizontals: ThingTank.org

ThingTank
Solo
Designer
The Crowd
Things

853 people designed this
854 people
invented
Pivot Power
http://www.quirky.com

What would 20,000 Things design?More than human horizontals: ThingTank.org

! " $%"&' ()*! " #$%"&' ()*

Stefan Michel

Stefan Michel
Algorithm

www.stream-technologies.com Simplifying the Complex

Vision
To be THE Leading Global enabler for
Managing, Monitoring and Monetizing IoT across all
Connectivity Technologies
Cellular Satellite Wi-FiLPWA
Simplifying the Complex

PROPRIETARY AND CONFIDENTIAL © 2015 STREAM TECHNOLOGIES LTD
We started with the concept of a Customer in the Stream
environment that subscribes to multiple networks using various
technologies.
We treat network problems like software problems.
Scale • Integration • Speed • Efficiency
Stream: A completely differentiated approach
165

Data Routing & Transit: Device to Enterprise
Device
Device
Device
Device
Enterprise
Applications
Data Stores
IT Services

Stream’s Customers
Stream’s Customers Comprise Leading Companies
from the following sectors:
MNOs Solution & Service
Providers
Enterprise Government

IoT-X™ Development Timeline
2002
ENTERPRISE CLIENTS
MNO’s
SP’s
2005
2009
2011
2013
2014
2015
Wholesale
Agreements
Cellular
+
+
Telefonica
Vodafone
EE
Satellite
LPRN
Wi-Fi
+
+
+
Predictive Analytics
Platform & Billing
Backhaul Infrastructure
Network Optimisation +
+
Iridium
Avanti
Inmarsat
Data Services Exchange +
LoRa
NWave
B&B Wizzard
Orion
Application Enablement

Services all Verticals & Solutions
Construction
Manufacturing & Distribution
Utilities
Retail
Healthcare
Transportation
Government
Wireless Backup
Digital Signage
Remote Monitoring
Wi-Fi for Public Transportation
Video Communication
Fleet Tracking
Smart Metering
169

IoT-X™ Network Partners
170

Stream Technologies – Since 2000
Comprehensive
• Industry Leading Platform
• Deep Technical Expertise
• Highly Flexible and Reliable
Proven
• 15 Years IOT/M2M Experience
• >20 Network Operators Integrated
• 500+ Enterprise/Solution Providers
Open
• Connectivity Agnostic
• Industry Standard API’s
• Rapid Development Cycles
171

• Nigel Chadwick – CEO (Founder)
• Kevin McDowell – COO (Founder)
• Tracy Hopkins – SVP LPWA
• Mellissa Jenkins – SVP Innovation
• Kurt Kelly- VP Strategic Partnerships
• Lawrence Latham - CMO
• Susan McGee – Associate Director
• Niall Strachan – CSA
• Alan Tait - CTO
The Stream Leadership Team
172

IoT-X™ Recognized & Awarded - Innovation in IoT
173
IoT-X recognized by ABI Research as
“one of the most disruptive technologies to hit the IoT market in years,”
Hot Tech Innovators Report

Glasgow
Miami
Amsterdam
Silicon Valley
Edinburgh Manchester London
Singapore
Miami
Points of Presence
Offices
Stream's Cellular & Satellite Global Footprint Continues to Expand & Includes
Points of Presence Worldwide
Global Footprint & Reach
174
*2016

Stream Industry Affiliations
175
AIOTI
Alliance for Internet of Things Innovation

IoT-X™ Comprises 3 Key Products:
176
IoT-Xlerate
Ecosystem will accelerate IoT
business rollout with full-stack
end-to-end IoT solutions
• Ecosystem To Xlerate the IoT business
rollout.
• Productized, Full-Stack, end-to end IoT
solutions.
• Certified & pre-integrated best of breed
solutions.
• Ready-to-go fully integrated
monetizable solutions that reduce time
to market & shorten time to revenue.
IoT-Xpand
Global Wireless Connectivity
Enables organizations to expand
their global IoT footprint
• To Xpand global IoT footprint with Global
Wireless Connectivity.
• Data Plans for cellular, Low Power Radio,
Satellite.
• Resilient, Scalable, Manageable & Secure.
• Up to 40% faster than most network operators.
• Global footprint on 20+ networks covering
multiple networking technologies including
Cellular, LPWA and Satellite
IoT-Xtend
Connected Device
Platform to extend IoT
capabilities
• Connected Device Platform to
monitor, manage & monetize device
endpoints.
• Subscriber Management, Billing, Data
Routing.
• Multi-Network capability in single
comprehensive platform.
• Serve and support complex multi-
tenant & multi-tiered sales channels.

IoT-Xtend™ Platform Services
Subscriber
Management
Billing & Monetization Data Routing
IoT-X provides these 3 primary services for all connectivity types:
£$¥€
Cellular Satellite Wi-FiLPWA
177

• Single click activation process
• Unified interface across all communication types
• Unique realm support allows resell to customer channels
• Enables multi-tenant & multi-tiered capabilities
• Easily integrate additional technologies
• Enables customer segregation turning private networks into
public networks (LPWA)
Subscriber Management
178

• Rating & billing of all traffic types
• Allows billing for complete solution bundles
• including M2M hardware, applications, and connectivity
• Create plans across communication types and networks
• Single invoice for all subscribers
Robust Billing Solution
179

• Define network routing
• Route data to any application/store
• Integrate new services easily
• Apply standard routing models to non-IP data
• Built in libraries for common data services
Advanced Data Routing
180

Manage All Connectivity on Single Pane of Glass
181

Consolidated Billing for Any Type of Connectivity
182

For Carriers that Already have a Cellular Platform
IoT-X can simply Xtend that platform to include other network technologies:
Avoids need to replace existing investments in the current platform.
Simply use IoT-X to extend platform capabilities.
IoT-X makes it simple to add satellite, low power radio, Wi-Fi, and even other cellular network to
benefit from entire scope of connectivity options. capabilities.
Additional
Cellular
Satellite Wi-FiLPWA
183

IoT-Xtend adds simplicity to LPWA networks
• Provides subscription and network management, data routing, and billing
• Multiple Backhaul options to LPWA base stations/gateway from the same platform
• Future Proofing: enables LPWA networks to be agnostic to gateway or end device.
• Any LPWA wireless protocol can be used as the ‘over the air’ communication
• ‘Real Time’ transformation of data from all end points – conversion of any wireless protocol
including legacy or prototyping variants.
• The Complex value chain and IoT ecosystem is made simple
• LPWA networks can be deployed end to end with pre-integrated technology partners
• Removes risk as multiple technologies can be deployed individually or simultaneously

Cellular Coverage Map
Unsteered
2G & 3G Roaming
with 592 partners
worldwide
IoT-Xpand™ For Global Wireless Connectivity
185

Local 2G, 3G, & 4G Map
Local
2G, 3G & 4G LTE
Xpand Local Coverage
186

Satellite Coverage Map
Store & Forward
Satellite
Connectivity
TCP/IP Based
Satellite
Connectivity
Xpand Satellite
187

LPWA Coverage Map
Low Power
Radio
Networks
Xpand LPWA
188

Stream’s Xchange program consists of
• Xpand Platform
• Xlerate Connectivity
• Xchange Global SIM
The Xchange program allows MNOs and Global Enterprises to exchange
connectivity without having to deal directly with each other.
• MNOs to retain control of their Enterprise customers
• MNOs capture wholesale business with no customer acquisition costs
• Multi-National Enterprises can become a MVNO on a global scale
IoT-Xchange™
189

Xpand Core Values
• Un-steered roaming SIM card that works across
2G/3G Network roaming partners
• Coverage is paramount and designed so that
data can be transferred securely over any
network to your infrastructure and applications.
• Stream provides a high level of resilience with
Multi-site infrastructure and N+1 service
redundancy
• Can be used with GSM, CDMA, Satellite and Low
Powered Radio for a mixture of technologies into
their solutions.
• Stream also provides location based services (LBS)
which track and geo fence remote devices and
report location to customers’ applications
throughout the UK, Europe and globally.
• Real-Time management and reporting of
SIMs. View connectivity, data usage levels, set
monitoring alerts and manage invoices.
• Troubleshoot and diagnose problems or get
help with any SIMs.
• Provides real-time GSM, WIFI or Satellite
network based lookup or triangulation.
• Stream’s network monitoring and
diagnostics along with technical &
operational support expertise ensure
optimal network management and
connectivity of devices.
ManageableResilient
Scalable Secure
190

• 99.999% APN uptime in the last year
• Operators can offer custom APN purpose built for M2M and IoT data traffic
• Fixed Private IP Addressing with VPN Access
• Dynamic IP Addressing, both private pooled & unpooled
• Stream provides a high level of resilience
• Multi-site infrastructure
• Built on an N+1 box redundancy scheme.
• Stream customers benefit from unparalleled Quality of Service (QoS)
• Two-way IP traffic to devices.
• A fault tolerant self-healing network
• A higher level of data statistics available in IoT-X™
• Data limiting and data warnings via Email, SMS or API calls
Xpand - Advanced Network Services
191

Xlerate™ – A Complete IoT Business in a Box
192

PROPRIETARY AND CONFIDENTIAL © 2015 STREAM TECHNOLOGIES LTD 193
Xlerate - Our Customers become our Partners
Construction
Manufacturing & Distribution
Utilities
Retail
Healthcare
Transportation
Government
Wireless Backup
Digital Signage
Remote Monitoring
Wi-Fi for Public Transportation
Video Communication
Fleet Tracking
Smart Metering

Xlerate Productized Solutions
• Complete Turnkey solutions made easy to sell for operators
• Over 500+ existing service providers
• Best of breed partners for hardware, software &
applications
• Covering 16 Verticals
• Cellular, Satellite, Dual Mode, and Low Power Radio

• Xtend Platform - IoT Scale revenue share
• Xpand
• Data Plans for direct customers
• IoT scale revenue share where the platform is used
to broker connectivity between MNOs
• Xlerate – revenue & margin share
Revenue Model
195

Connectivity Platform Competitive Comparison
CELLULAR SATELLITE LPWA USR
Stream
Ericsson
Jasper
1%
10%
16%
63%
2020 Market Share
SATELLITE CELLULAR LPWA USR
By 2020, cellular will be only 10% of all IoT connections*
196
* Source: James Brehm & Associates

IoT-Xpand ™ Global Wireless Connectivity
CELLULAR SATELLITE LPWA Wi-Fi/USR
Stream √ √ √ √
Kore √ √
Jasper Alliance √
Bridge Alliance √
Vodafone √
Sat Providers √
SIGFOX √
Hubble √
Stream Uniquely offers
global approach to connectivity
across all network types
197

• Stream are a wireless internet operator designed for IoT
technology & scale
• IoT-X enables swift commercialization of data networks
• Stream are a data routing company, from the device to the
many various applications
• IoT-X treats network problems like software problems
Think - Amazon Web Services (AWS) for IoT
Final Thoughts…..
198

The Big Money Internet of Things
A case study from 4 years in the US shale Oil & Gas business
Tim Everitt
www.tfe.expert
working for

Key points from the Thing sprint:
Scale – millions of Things
Value – $billions
Mobility – 20% fixed, 80% in slow/medium/fast motion
Sensors – low-risk, public Internet ok
Actuators – high-risk, regulation, private Internets only
Rip & Replace – not possible
Roadmaps – must support legacy and convert to Things

Key points from the Internet sprint:
Laws – Physics implemented as technology and products
Laws – Government, FCC, classification societies
Laws – Money realism
Public Internet – ok for sensors
Private Internets – needed for actuators
Industrial Grade – 5x9, high-capacity, all IP, secure, managed
Customer Demarcation – at tier 1 communications hub
Rip & Replace – not possible
Roadmaps – accept legacy networks and transition to IoT

Killer apps – for high-end IoT:
Sensors – Tag data historians, e.g. PI, Proficy, Wonderware, etc.
Actuators – SCADA/DCS, e.g. ABB, Siemens, Honeywell, etc.
but that’s enough about …

Thank you… and an offer
Any questions
Tim Everitt
www.tfe.expert
working for

CENSIS & IoT
Derek Liddle – Technical Director
Kevin Power – Software Architect

Agenda
CENSIS
IoT & Bluemix
Connected Devices Development Centre

Our HEI Partners
ABERDEEN
INVERNESS
DUNDEE
ST ANDREWS
EDINBURGH
STIRLING
GLASGOW

About CENSIS
Industry-led with Sensor and Imaging
Systems (SIS) focus to generate GVA
Bringing researchers and industry
together for knowledge-driven
innovation
In-house team of engineers
and project managers
Straightforward commercial
framework
Shaping long-term R&D
in key sectors

Hub and Spoke Model
Articulate
industry need
Hub: CENSIS office
Spokes: Virtual
communities of
interest
Understand research
landscape
Identify and shape
potential interventions
Advanced
Data
Analysis &
Visualisation
Advanced
Devices &
Fabrication
Imaging
& Optics
Remote &
Distributed
Systems
Signal
Processing,
Networking
& Comms
Hub: CENSIS
Spokes:Virtual
Communities
Systems
Engineering,
Management,
Integration

The Sensor Systems Stack
From raw data to informed business decisions
Product evolutiondemands
connectedsensing
The value of sensor and
imaging systems is in
transforming raw datainto
meaningful information
Applications/
Software
Thisenables
businessesto:
• assess the value ofdata
• be targeted indata
gathering
• gaininsights
• act on theresults
Devices/
Hardware
Visualisation &
Presentation
Analysis &
Post Processing
Data Repository
Communications
& Networking
Transductance &
Pre-processing
Sensor Element
Presentinginformation to
informdecisions
Converting the measured data
to meaningful information
Storing, managing and
organising data and its content
Transporting the data to a
storagelocation
Converting changes to signals
& prioritising valuable data
Detecting and measuring a change
e.g. vibration, impacts, heart, light,
energy, colour, temperatureetc.
Information
RawData
POWER CONTROL MANAGE

Value Proposition
Incremental and step changes in industrial
competitiveness driven by the proliferation
of innovative SIS solutions targeting real
industry and challenges throughout the
supply chain
We aim to:
Inform and optimise
R&D choices
Enable new products
and markets
Anchor high value
elements of Scottish
supplychain
Address societal and
industrialchallenges
Demonstrate HEI
research impact
Reduce costs, risks,
time to market

Markets we support
From the built environment, manufacturing, gaming, agriculture and defence
to aerospace, water management, consumer, ocean science, food and drink,
life sciences and pharma, offshore, healthcare, renewables and energy generation

Importance of IoT for CENSIS
Hydrocarbon Detection
&Exploration
Gas monitoring CO2 –
Carbon Capture and
Storage
Asset monitoring and
condition monitoring
Multiphase flow, and
particledetection
Subsea position
detection and
communications
Super High Pressure
and High Temperature
Energy
Asset monitoring and
condition monitoring.
Smartgrid
CO2 Emissions
Ageing infrastructure /
PartialDischarge
MolecularSpectroscopy
Consumer health and
fitness
Implantable /
ingestable diagnostics
Medical Imaging and
diagnostics
Telehealth – remote
medicaldiagnostics
Environmental
Remote mapping of
large areas e.g. costal
aquaflora
Low cost – ubiquitous
air quality
measurement
Intelligent Transport –
dynamic optimisation
of transport systems
Smart Cities –open
systems / value add
services / decision
making
Infrastructure condition
monitoring
roads/railways/bridges
Defence
Target recognition in
low visibility
environments
Stand-off threat
detection
Low power / low
weight systems
Infantry super sensing
Food quality non-
invasive measurement
Traceability and
provenance(brand
protection)
Open systemsfor
environmental
management
Smart Farming –
targeted crop and
animal fertilisation.
Animal welfare and
remote monitoring
Manufacturing
Process real time
measurements – e.g.
pills / composites.
Industry 4.0 - smart
manufacturing.
Widget monitoring and
in lifeservice
Aero – Wireless
systems / high
temp./high pressure
1 2
Food &
Agriculture
3 4 5
Medical&
Health
6 7
Offshore &
Subsea

Connected Device Dev. Centre
Open to SME’s &
HEI’s to develop proof of concept
Industrial investment required
Connected Device Development
Centre (CDDC)
 Access to full range of
hardware, comms and
software building blocks to
prove concepts
 Full stack development for
prototype creation and
benchmarking purposes
 Full time engineering support
from dedicated CDDC
engineers
 Access to product and service
training material from various
vendors supporting the centre
HEI
CENSIS
INDUSTRY
CDDC

Twitter @CENSIS121 www.censis.org.uk

Smart Office
Lighting
Analytics
Storage
Visualisation
Light
HVAC
Temp
Humidity
Motion
Displays
CO2
Drinks

WiFi AP Ti CC3200
RS232
Converter
Overhead
Projector
Light
Sensor
COTS
components
COTS
software
services
Existing
IT
Existing
Infrastructure
Architecture

IBM IoT Foundation
MQTT
Publish/Subscribe
Smart OfficeApp
Node.jsRuntime
MQTT
Publish/Subscribe
Architecture
Monitoring &
Analytics
Meeting room booking system

Experience
• A true rapid prototyping
experience
• Significantly reduced
time to demonstration
• End to end IoT
application that we know
can scale
https://ibm.biz/BdXNj5
• Improves operating and
energy efficiency in the
office

Wearable Agri-Tech - from Lab to Market
IoT Scotland September 2015 Alan Faichney

www.silentherdsman
Contents
• A very little about me
• A little about cows
• A little about the product
• More about getting the company going

www.silentherdsman
About Alan Faichney
• 37 years in software & technology
• Founder & CTO of Concept Systems 1983 -
2007
• Start-up & turnaround management
• DEM Solutions, Rapid Quality Software,
Edinburgh Instruments,
Rock Solid Images, Adrok, Ion Geophysical
• NXD, then interim CEO of Silent Herdsman,
now CTO
• Currently also Chairman of Arrayjet &
Pufferfish, co-owner of The Pantry

www.silentherdsman
About dairy Cows
• 1 billion cows
• 380 billion l/year
• Dairy is A very
high tech industry
It uses robotics, genetics, genomics… and
software to get cows pregnant!

www.silentherdsman
cows…
• … only produce milk when breeding, & for less than a year
after calving
• … are only fertile (in œstrus) once a month
• failing to get a cow pregnant will lose 1 month’s production
• a UK cow produces ~8000 l of milk per lactation (per year) @
25p / L
• 1 year’s production = £2,000, 1 month’s lost production = £167
/ cow
• Noticing œstrus is easy… for very small herds
• Herds sizes > 1000 can be managed by 2 or 3 people…
• … But you need a system to manage pregnancy for < £100 /
cow…

www.silentherdsman
Business value proposition

www.silentherdsman
Activity monitoring
• 3-axis head mounted
accelerometer
built-in processor, ZigBee
comms
• 1 Hz enough to identify
“Bulling”
• 10 Hz allows discrimination
of many more activities, like
eating, limping
• Long term SRUC research
to characterise activity
signals

www.silentherdsman
System design

www.silentherdsman
PC Housing
• PC with Touch sensitive
screen
• IP67 Dirt resistant &
hoseable
• or on regular PC (in
farmhouse)
• & on any browser…

www.silentherdsman
Multiplatform User interface

www.silentherdsman
Mission critical Cloud architecture

www.silentherdsman
From Science to Commerce
• Company spun out of Strathclyde University in
2007
• Founded on £5m of SRUC / ITI research
• Significant expertise in
• wireless communications, signal
processing, electronics, cows!
• However, the new company had no expertise in
• Sales. Distributors. Pricing. International.
Marketing. Manufacturing. Design for
manufacture. Quality systems. Customer

www.silentherdsman
2007 - 2010 The Early Years

www.silentherdsman
2007 - 2010 The Early Years
Sales✓. Distributors✓. Pricing. International. Marketing. Manufacturing✓.
Design for manufacture. Quality systems. Customer support. Product
development✓. Product Roadmaps. PR. HR. IP✓. HSE. Competition. Investors.

www.silentherdsman
First sales. First customers. First problems.
Design for manufacture. Quality systems. Customer support. Product
development✓. Product Roadmaps. PR. HR. IP✓. HSE. Competition.
Investors.
“If it wasn’t for staff, suppliers & customers, running a
company would be easy”
- Anonymous CEO.
“Never buy version 1.0”
- Anonymous pundit.

www.silentherdsman
Design for manufacture✗. Quality systems✗. Customer Support✗. Product
development✓. Product Roadmaps. PR. HR. IP✓. HSE. Competition.
Investors.
“If it wasn’t for staff, suppliers & customers, running a
company would be easy”
- Anonymous CEO.
“Never buy version 1.0”
- Anonymous pundit.
“Why doesn’t this work?”
- Anonymous customer.

www.silentherdsman
• Version 1 had worked very well on trial farms, when
every collar had been lovingly hand built. But
making thousands was a different matter.
• The design of the electronics was sound. The
design of the quality system was not, and neither
was the robustness of the mechanicals.
• 50% of V1 collars either never worked, or broke in
the field. All had to be replaced
Now, that figure is 0.05%

www.silentherdsman
2010 - 2013 The Grind
• We learned the hard way on quality
• …but it hit our margins
• We secured a major distributor in Germany
• …but we met price competition from inferior
systems
• We had a team
• …jammed into a one room incubator in Duke
Street
• We had a dream
• …but we needed funding to build the Cloud

www.silentherdsman
Valuation
• Hardware manufacturer
• 1x to 2x revenues
• Perpetual licence software
• 5x in financial or security
• SAAS consumer
• SAAS Enterprise
0
2.5
5
7.5
10
12.5
Hardware Software SAAS

www.silentherdsman
October 2013
• For three years, still struggling with sales and
quality, we built our vision…
• “Data providing actionable events to improve farm profitability, animal
health, milk yield, fertility & reduce labour costs, using Big Data, IoT and
the Cloud to drive digital marketing & differentiated services”
• … and pitched it countless times. Eventually,
we raised £3m
• Scottish Equity Partners, Albion Ventures,
Scottish Investment Bank
• As well as money, investors bring much else…
• Professional management. Advisors. NXDS.

www.silentherdsman
New challenges - i - HR
• The company trebled in
headcount
• Three new senior
executives
• Three new functions
• Three small teams
become large teams
• Structure becomes
an issue
• The founders have to
x2x5
x2

www.silentherdsman
New challenges - Ii - Competition
• Whilst we built our cloud system, our
competitors were busy, too
• upgraded their systems. Added new features.
• Dropped prices. Poached our German
distributor. Consolidated the USA
• By the time our Cloud system was ready in mid
2014, we were “behind”
• Competitors had redefined the minimum
offering to include animal Health

www.silentherdsman
Conclusion - where we are now
• 50,000 collars, on 300 farms, ranging from 50 to
1,700 head, in UK, EU, USA
• Successful 2nd round funding (total £4m)
• Built first rate engineering team, & re-established
technical lead
• Built Product pipeline / roadmap
• TWO patents granted, another in process
• World-class branding
• Really nice premises
• Recruited World-class CEO & Chairman
• Successful transition from hardware company to
SAAS company

www.silentherdsman
RAw data
Discrete Görtzel
algorithm

www.silentherdsman
Potted history
• 2006 ITI Scotland, Strathclyde Uni & SRUC invest £5m in
developing technology
• 2007 Company incorporated, Spun out from Strathclyde
• 2009 Exclusive licence to ITI technology. Outsource
manufacturing.
• 2010 UK Distribution agreement with National Milk Records,
1st sales
• 2011 Eu Distribution agreement with Semex Germany
• 2012 Raising funding…. a virtual team working for nothing!
• 2013 £3m funding from SEP, SIB & Albion Ventures.
Premises & professional Board
• 2014 Rebranding, Hiring, cloud development & launch, 1st US
farm (1,700 cows),
• 2015 Health ALERT SaaS product launch, new CEO, push
into USA

www.silentherdsman
Lead Investor - Scottish Equity Partners
• probably now the largest UK indigenous Growth
Investor.
• 150 investments over 20 years. 35 current companies.
• 6 partners & 35 staff in Glasgow, Edinburgh & London.
• Multiple “Unicorn” outcomes ($1bn) from start-
up. CSR Plc, Biovex, Skyscanner…
• Core focus is growth companies £5m to £20m equity
with min £5m of revenues.
• selective <£2m Venture Deals, if capital efficient & high
upside.
• raised over $1b of capital from investors
• “We love to do deals in Scotland!” Skyscanner, Orbital
Software, Voxar, Indigo Vision, Wolfson, Craneware,
Atlantech Technologies etc…

Innovate, Expand, Deliver
Manny Rivelo
EVP, Strategic Solutions
IoT is easy. Security, privacy and
scale of IoT are the real challenges
Michael Brown – F5 Networks
Systems Engineering Manager, UK Channel and Territory

© F5 Networks, Inc
 Hello
What’s the Point?
• We are not starting from ground zero
• The core principles of Data Centre security are still applicable
• BYOD is an example of this
• IoT devices can be managed and secured within your BYOD framework

© F5 Networks, Inc
 Hello
Considerations in an IoT World
• The IoT Device
• The Cloud
• The Mobile Application
• The Network Interfaces
• The Software
• Use of Encryption
• Use of Authentication
• Physical Security
• Exposed Physical Interfaces (e.g. USB Ports)

© F5 Networks, Inc
 Hello
IoT Vulnerability Categories1
1. Web Interface
2. Authentication/Authorisation
3. Network Services
4. Data Transport
5. Data Privacy
6. Cloud Interface
7. Mobile Interface
8. Device Configuration
9. Software/Firmware
10. Physical Device
1Source: OWASP Internet of Things Top Ten Project

© F5 Networks, Inc
 Hello
Why are Smart Devices so Vulnerable?
• Always on
• Fairly high bandwidth
• Password weakness
• UPnP enabled devices
• Standards are lagging
• Upgrade intervals are long
• Security can be hard
• Security impedes user experience
• Encryption introduces latency
• There is no money in security
• End users

© F5 Networks, Inc
 HelloProtocol Transport Architecture
Transport
Security
Protocol Security
CoAP UDP* Request/Response DTLS
No built in security
features
MQTT TCP Publish/Subscribe TLS/SSL
Optional
authentication, payload
encryption
MQTT-SN* UDP Publish/Subscribe DTLS
Optional
authentication, payload
encryption
XMPP TCP
Request/Response
Publish/Subscribe
TLS/SSL
Mandatory
authentication,
authorisation, payload
encryption
REST HTTP Request/Response HTTPS Optional authentication
AMQP TCP Publish/Subscribe TLS/SSL
Optional authentication
(SASL)
Web Socket TCP
Client/Server
Publish/Subscribe
TLS/SSL Optional authentication

© F5 Networks, Inc
 Hello
4400 Exabytes1
• Average IoT organisation’s total volume of data grew by 30% over the past
year
• 54% of IoT organisations say they have insufficient data analysis capabilities
• 50% of IoT organisations failed to improve time-to-decision over the past year
1One exabyte equals one billion gigabytes

© F5 Networks, Inc
 Hello
Exploitation of your data
• Embed data management in the device
• Data is managed as soon as it is captured
• More controlled stream into Cloud and/or Data Centre
• Leverage Stream Analytics technology
• Becoming an important capability of IoT PaaS
• Most major CSPs provide this capability
• Also open source technologies

© F5 Networks, Inc
 Hello
Stream Analytics – a simple flow
Ingest
 Sensors
 Social
 Machine Data
 Location
 Audio
 Video
 Text
Prepare
 Transform
 Filter
 Correlate
 Aggregate
 Enrich
Detect &
Predict
 Classification
 Patterns
 Anomalies
 Scoring
 Events
Decide
 Business
Rules
 Conditional
Logic
Act
 Notify
 Publish
 Execute
 Visualise
Store
Warehouse, Data Reservoir, Operational Store, Files

© F5 Networks, Inc
 Hello
• There is no guide for securing the IoT
• IoT security will leverage old and new technologies
• Blended approach: mobile, cloud, traditional data centre combined with industrial control,
automation, and physical security
• The IoT is redrawing the lines of IT responsibilities
• Deconstruct traditional IT security approaches
• Protecting information alone is too limiting
• Information is “fuel”

© 2015 Pure Storage, Inc. | 300Pure Storage UNCLASSIFIED
Title Slide
The rise of Data
Datacentre Transformation
Alex D’Anna EMEA PreSales

The New Expectations of IT – “competing with a bookseller”
Accelerate the
Business
Constantly Improve
Efficiency
Evolve IT into
a Service
Faster
Applications
Harness
Data
Speed
Time-to-Market
Reduce
Cost Annually
Employee
Productivity
Self-Service
Provisioning
Predictable
SLAs
…with public cloud as the new yardstick for measurement
Always Secure
& Available
Data Center
Efficiency
© 2014 Pure Storage, Inc. | 301

Seeing Flash in every Application
Private Cloud
IaaS
Accelerating
Business Apps
Improving
User Productivity
Unlocking
Data Analytics
Modernizing
Legacy

30
3
| © 2015 Pure Storage Inc.
FLASH INNOVATION CHANGES THE DATACENTRE
LIMIT GROWTH WITH
DATA REDUCTION
RAISING THE BAR ON
RESILIENCY
WORKLOAD
CONSOLIDATION
ELIMINATE
MULTIPLE COPIES

Accelerate the Virtualized Apps that Drive Your Business
Transform Offline Analytics
into Real-Time Decisions
Deliver Services that
Weren’t Possible with Disk
Architect More Efficient
Production & Dev/Test Environments
Virtualize DBs
No tuning, ever!
Reduce server
infrastructure
Reduce instance
proliferation
Empower dev/test with
snapshot based clones of
production data
• Remove IO as the bottleneck
• 2-10x transactional improvement
• Design applications to expect <1ms IO
• What can your app teams do now?
• Move from batch to real-time analytics
• Enable broader, deeper questions
• Empower your business with data
• What value is trapped in your data?

As Cloud Use Cases Expand, Higher-Performance Flash Storage is
Increasingly Required
Enterprise Private Cloud Public Cloud IaaS Dev / Test Environments
Performance
Requirements
Disk
Flash
Test Deployments
2nd Tier Apps
1000s of Apps
Mixed Workloads
Horizontally
Scaled Apps
Web-Centric Apps
Content &
Object Stores
Dev / Test
Block Storage
Services & Apps
Hybrid Cloud
Differentiated
Services
Departmental Pilot
Basic Development
Functional Testing
Enterprise-Wide
Deployments
1,000s of Developers
Testing at Scale
 Tomorrow’s deployments require the performance of flash
Business Critical
Applications

(Yet another) Big Data definition…
A lot of it
gives
Volume
Created quickly
brings
Velocity
No structure
means
Variability
Needs data processing
to find
Business Value

How big is big data ?
Byte of data: one grain of rice
Zettabyte: fills the Pacific ocean
Exabyte: covers the UK (3 times)
Petabyte: covers Manhattan
Terabyte: 2 container ships
Gigabyte: 3 container lorries
Megabyte: 8 bags of rice
Kilobyte: cup of rice
H/T to David Wellman @ Myriad Genetics

History lesson: big doesn’t mean good
For the 1936 US presidential election, Liberty
Digest magazine carried out the most
expensive poll in history, writing to 10million
voters asking who they would vote for; 2.4
million voters responded
The prediction was a narrow Republican
victory, but the result was a Democrat
landslide 46 states to 2 because of a flawed
sample set

History lesson: big doesn’t mean good
Liberty Digest magazine closed down after the
results were announced as political expertise was
how it made a reputation
The poll had excluded most of the population on low
incomes, where Roosevelt was more popular during
the Great Depression of the 1930s
The newly formed Gallup company correctly
predicted the result with a poll of only 50,000 voters.
They are a world famous election polling company
nearly 100 years later

A big data project still needs to observe
rules on population, samples, bias,
variance etc.
The dataset must be representative to
get the complete picture
It’s ok to start small and grow the
dataset over time

The Google index of the Internet is 60
trillion pages, 100 Petabytes of data,
and is rewritten daily
Recent statistics from Google show the
amount of content on the Internet
doubled from 2008-2010, and
continues to double every 2 years

The World Bank projects that 50% of the world
population will have a smartphone by 2016, and
80% by 2020 [4 billion today]
The total number of SMS messages sent globally
in 2014 was 7.5 trillion, WhatsApp sent 7.2 trillion
from one app
In 2000, 80 billion photos were processed from
camera film. In 2014, 800 billion photos from
smartphones were shared on social networks
The Zettabyte generation

Facebook, Google, ebay, Amazon, Yahoo
are all operating at Exabyte scale today,
and have created a new class of
applications to deal with this
Products such as Hadoop, Cassandra,
MongoDB, CouchDB, other NoSQL have
evolved to deal with larger datasets by
creating parallel tasks to split the dataset
between servers

The cost of creating data has dropped to
almost nothing for consumers and
businesses
With cloud storage, the cost of storing
this data has also dropped to “free” at
the start
The cost of getting real insight and value
from the increasing amounts of data has
not dropped very much at all

higher yield
lower margin
get the message
miss the point
market leader
underwater
find answers
more questions
Data-driven value

A big data project can lead to 3
types of result as its output
Interesting, not valuable
Interesting, maybe valuable with
more analysis or new filters
Interesting and valuable

Interesting, yes
Valuable, no
Locations of Wikipedia edits

Locations of all Volcanoes
Interesting, yes
Valuable, no

Interesting, yes
Valuable, maybe
All NYC taxi journeys 2013

Interesting, yes
Valuable, yes
Twitter sentiment analysis by keyword

Seric Logo Slide
Securing the Internet of Things (IoT)
Stuart Macdonald - MANAGING DIRECTOR
SEPTEMBER 30TH 2015 - DYNAMIC EARTH, EDINBURGH
#SERICCANHELP
#IOTSCOTLAND

#SericCanHelp
SECURITY ANTI-FRAUD
INFRASTRUCTURE DATA MANAGEMENT

Team Accolades
Seric teams and individuals have won a number of awards from
vendors and external organisations
TECHNICAL
• IBM (Global Technical Excellence)
• Microsoft (HPC Club Winners)
• BCS (Consultant of the Year Silver Medal)
• IBM (BP of the Year)
• NetApp (Outstanding Achievement for UK&I)
MANAGEMENT
• IoD Director of the Year (West of Scotland)
• IoD Young Director of the Year (UK – Highly Commended Runner Up)
• Prince’s Trust (Growth Mentor of the Year)
• E&Y Entrepreneur of the Year (Scottish Finalist)
ETHICAL/CSR
• Youth Business International (Global Ambassador of the Year)
• Prince’s Trust Scotland (Volunteer of the Year)
• IBM (Global Award for Citizenship - Volunteering)
• Inspiring Cities Awards (Commended for Best CSR, Winner for Youth Development)

Ethical Stance
• FIVE % of our Profits
• FIVE days of our Time
• #DigitalParticipation
• #SericCanHelp
• #HowSericHelp
• #SmartSTEMs

Seric Overview
Seric’s main focus is to deliver Security and Anti-Fraud
Solutions underpinned by robust resilient Infrastructure,
sound Governance and Data Management
Seric deliver Product and Project Services and for much of
their portfolio provide fully managed Service &
Support Offerings
Seric are working across the UK & Europe to assist
organisations in Public Sector, Oil & Gas, Manufacturing,
Retail and the Financial Services Sector

Areas of Expertise
• Data Loss Prevention
• Anti-Fraud Technology
• Data Management
• Encryption-as-a-Service
• Integrated Systems
• Secure Storage
• Fraud Case Management
• Insider Threat Detection
• Intrusion Prevention/Detection Systems
• Governance Risk & Compliance
• Web Application Security
• Mobile Application Security
• Enterprise Single Sign On
• Information Governance

Cyber Essentials
• 34 Questions/Controls
• Work with a qualified consultant to get ready and apply
• Certifying body will check application and award
certification
Cyber Essentials Plus
• As above but also includes yearly external audit
Cyber Essentials - Basics

IoT – some little thunkettes
• Opportunity
• Risk
• Background/Landscape
• Practical Steps

Opportunity
Use new fangled IoT thing to…
• Increase Sales
• Cut Costs
• Improve Efficiency
• Raise Profile / Get Famous
• Differentiate ourselves
• Save the World / Do Everything

A simple man will now attempt to
have a video play in full screen.
Try to be patient.

A man will now attempt to have a video play in
full screen.
Try to be patient.

Risks
Use new fangled IoT thing to
• Lose YOUR data
• Learn about Unintended Consequences
• Lose your CUSTOMERS’ data
• Get Amazing Press Coverage (about your mistake)
• Lose a fortune
• Get Fired
• Panic about IoT / Blame Ashley Madison

Those who do not learn from history
are condemned to repeat it
Personal Computers Mobile Devices

Those who have not yet learned from history
are condemned to repeat it
IoT ICS (Industrial

Evolving Risk Landscape – TCP/IP Enabled
Devices Migrating to TCP/IP networks
– Move from Wired to Wireless
– Many rely typically upon “wrapped” protocols
– Analog control and reporting protocols embedded in digital
protocols
– Encryption and command integrity limitations
– Poor selection of TCP/IP protocols
 Problems with patching embedded
operating systems
– Controllers typically running outdated OS’s
– Controllers unable to support security CPU loading
– Security patches and updates not applied
– Difficulty patching the controllers
– Unacceptable downtime

Evolving Risk Landscape – Bridged Networks
 Softest targets appear to be the control
centers
– Greatest use of “PC” systems
– Frequent external connectivity
– Entry-point to critical plant systems
– Vulnerable to insecure remote access ports (dial-up)
 Bridging control centers and the plant
operational framework
– Network connectivity for ease of operational control
– Vulnerable to malware - proxy remote attacks

Evolving Risk Landscape
– Networked Device Proliferation
 Replacement SKU parts
include new “free features”
– Additional features may be
“on” by default
– OR, may be turned on by
engineers
 Switch from analog to digital controls
 Incorporation of network standards
– TCP/IP communications
– Wireless communications
From analog to
digital
(+ networked)
Wireless integration

– Wireless RF/ WiFi Attacks
A 14.6 dBi Yagi antenna that can make
a WiFi connection from miles away
 Increased use of wireless technologies
 Large security research focus
– Common topic/stream at hacking conferences
 Packet Radio Software
– New tools and software to attack &
eavesdrop on any RF transmission
– Community-based sharing of findings
 Tools and guides on long-range
interception of wireless technologies

1. Systems designed 20 years ago when isolation was assumed
2. IoT often not built for Enterprise
=>Changes in corporate infrastructure and device capability bolt-ons
have enabled an entire array of new attack vectors
Control/Office Infrastructure Control Bridge Plant Infrastructure
Wireless (WiFi)
Attacks
Wireless RF AttacksDirect Internet Attacks
Vulnerable
Networked
Services
Malware Infected
Hosts
VPN Attacks
Portable Media
Attacks
Guessed / Stolen
Credentials
Embedded
Command Attacks
Device Contamination
Telephony / Modem
Attacks
External
Indirect Malware
Infections
So here is an cynical and overarching view...
IoT v1.0 – Rebaked for IP Connectivity
IoT v2.0 – Ground up with little/no Enterprise
awareness
IoT v3.0 – ??
So what does all that mean?

A Fresh Approach …
...requires specilaized knowledge and skill in IoT and in general adopts the
following practices:
 Leverage security techniques from the IT domain where appropriate and effective
 Segregate networks to provide better logical isolation of devices unable to support host-
based security solutions
 Increase the amount of network-based monitoring in strategic locations such that network
sensors will be much better positioned to detect malicious or anomalous behavior
 Monitor protocols as well as traffic (i.e MODBUS, ...)
 Reduce the number of POPs to only a tightly controlled few (e.g. Network, WiFi, and
telephony / modem)
 Increase logging and correlate into corporate security information and event monitoring
systems (attacks into the process control domain are typically preceeded or accompianied by
attacks into the corporate networks)
 Implement a governance structure that clearly assigns responsibilities
 Impose strict control over configuration, new system introduction and vendor access

Mind the Gap
Seric work with methodologies that are based on internationally accepted security
frameworks designed to meet industry requirements, regulatory requirements and risk-
based criteria.
Over the course of these engagements, we have learned no single industry framework
or security standard addresses the full scope of the problem.
The ISO/IEC 27000 family and NIST SP 800-53 are:
– IT-centric and cover multiple domains for people, process and technology for Information
Systems
– Do not support specific industry requirements and constraints dealing with limited
computation power, storage, environmental variances, and networking capability
Industry standards such as IEC 62351, IEC 62443 and NERC-CIP:
– Provide specific technical recommendations and requirements for industry controls and
protection/safety systems based on very specific operational constraints
– Do not support the people and process requirements of a information security management
system (ISMS) as defined by ISO/IEC 27000 and NIST.

Top 20 Critical Security Controls - v5
1: Inventory of Authorized and Unauthorized Devices
2: Inventory of Authorized and Unauthorized Software
3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations,
and Servers
4: Continuous Vulnerability Assessment and Remediation
5: Malware Defenses
6: Application Software Security
7: Wireless Access Control
8: Data Recovery Capability
9: Security Skills Assessment and Appropriate Training to Fill Gaps
10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
11: Limitation and Control of Network Ports, Protocols, and Services
12: Controlled Use of Administrative Privileges
13: Boundary Defense
14: Maintenance, Monitoring, and Analysis of Audit Logs
15: Controlled Access Based on the Need to Know
16: Account Monitoring and Control
17: Data Protection
18: Incident Response and Management
19: Secure Network Engineering
20: Penetration Tests and Red Team Exercises

IoT Security - Practical Steps
• Look at your Defined Opportunities
• Get Started on the Security front
• First Principles … & SANS!
• In-house and/or External Support
• Quantify your risk
• Understand your risk posture
• Remember it is a journey
• Oh and Seric Can Help!

Presentation Title
Presentation Sub-Title or Date
#SericCanHelp
Thank-you
@SericSystems www.seric.co.uk

Internet of Things IoT Scotland 2015

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Internet of Things IoT Scotland 2015

Similar to Internet of Things IoT Scotland 2015 (20)

More from Ray Bugg

More from Ray Bugg (20)

Recently uploaded

Recently uploaded (20)

Internet of Things IoT Scotland 2015