O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

How to Build Your Future in the Internet of Things Economy. Jennifer Riggins

FOWA London 2015

The trillion-dollar IoT economy will impact our lives so much more than even the Internet itself. From IoT protocols to hypermedia APIs to devices to new networks of communication, you need to learn how to overcome very arduous security, privacy, and just-too-soon barriers in order to build your own future in the IoT space. Jennifer's talk is a result of talking to dozens of Internet of Things influencers and experts - come along to learn about her findings!

  • Seja o primeiro a comentar

How to Build Your Future in the Internet of Things Economy. Jennifer Riggins

  1. 1. THE INTERNET OF THINGS IS COMING@jkriggins #fowa
  2. 2. @jkriggins #fowa WILL YOU BE READY?
  3. 3. By 2020 25 billion connected devices $263 billion in revenue
  4. 4. 10x impact the Internet itself @jkriggins #fowa $19 trillion by 2025!
  5. 5. Mike Amundsen, API Academy @MAmund “The IoT space is definitely ready to enter. This is a fantastic space. The Internet of Things is going to be faster, bigger than the Internet.”
  6. 6. Healthcare Security Money Road Safety Enterprise@jkriggins #fowa
  7. 7. Listening Locked out Black outs Interoperability @jkriggins #fowa
  8. 8. False Data Crime @jkriggins #fowa
  9. 9. Product ideas Customer knowledge Market research Industrial design Physical design Hardware design Embedded architecture Manufacturing operations Marketing Sales Formula for a great product: Know your customer Know how to build stuff Know how to please your customers Hugo Fiennes, Electric Imp @HFiennes
  10. 10. Formula for a great Connected Product: Antenna design RF engineering RF approvals Network-centric operating system design Ongoing security and support Protocol design Network security Server software Scalability Cloud operations Device management Hugo Fiennes, Electric Imp @HFiennes
  11. 11. IoT Protocols • MQTT • CoAP • XMPP • Zigbee • Z-Wave
  12. 12. IoT Standards • Wireless Power Consortium • Industrial Internet Consortium - ATT, GE, Cisco, Intel, and IBM • Open Internet Consortium - Intel, Samsung, a few others • Open Interconnect Consortium
  13. 13. But wait, there’s more… • HIPAA • PCI • Sarbanes-Oxley • Cyber security standards? • NFC • BLE • WiFi • 3G • 4G • RF
  14. 14. Mike Amundsen, API Academy @MAmund “We’re trying to build too much intelligence into one device. That’s why we have so many protocols.”
  15. 15. Who’s in charge? @jkriggins #fowa
  16. 16. Richard Parker, Altitude Angel @altitudeangel “Very much reminiscent of dot-com boon — everyone is rushing to compete the standards. We aren’t trying to compete, we want to work with everybody. Integrate with us and in addition to your drones being safer, everyone else’s drones are safer.”
  17. 17. 1. Security 2. Privacy 3. Connectivity 4. Interoperability 5. Battery life 6. DOES IT EVEN WORK?!!??!!! Hierarchy of IoT Needs
  18. 18. Brian Knopf, BRK Security @DoYouQA “I wanna know with 100 percent certainty when I say a device goes on, it goes on. When you think of the hierarchy of needs, security is great but it doesn’t mean anything if I can’t get it to function properly.”
  19. 19. APIs FTW!!! 40% value of IoT is Interoperability
  20. 20. 1. College Dorm 2. Mid-sized family 3. Über techie 3 Testing Areas
  21. 21. Guillaume Gimbert, Stardust Mobile @guibarca “When an application crashes, it’s dead for the users. If you buy an application, sometimes it’s two euros, four euros, or it’s free, so if it doesn’t work, it’s ok, you’ve wasted your time, but when you buy an object that’s a hundred euros or more and if you can’t connect, it’s an issue…you have to be careful about connect-ability before putting your object on the market.”
  22. 22. RECALLS
  23. 23. Kevin Kal Kallaugher, The Economist @kaltoons
  24. 24. 1. Secure by default. 2. Secure by design. 3. Secure by deployment. Security is a part of the human experience of IoT.
  25. 25. Aditya Gupta, Attify @Adi1391 ““Whenever you build a particular product, you should start thinking of the security from the very start built into the framework. Create a threat model from the start.”
  26. 26. ‘Threat modeling my wife’ Brian Knopf, BRK Security @DoYouQA Neurostimulator Leads Electricity, Voltage Mission Programmer Software Battery Charging Unit Lifespan Battery Leakage
  27. 27. Risk #1: Damage to neurostimulator caused by strong electromagnetic (EMI) interference. Mitigation #1: EMI shielding and an MRI-safe mode. Likelihood: Highly unlikely. Risk #3: Attacker turns stimulation on high voltage. Mitigation #3: Remote only works when directly against the skin. External signals don’t change this. Likelihood: Highly unlikely. Risk #2: Via wireless signal, someone could change stimulation profile, causing the user to be in pain, which in turn needs more medication and potentially overdose. Mitigation #2: Remote only works when directly against the skin. External signals don’t change this. Likelihood: Highly unlikely.
  28. 28. Risk #4: Overheating of skin during charging causes burns. Mitigation: Neurostimulator monitors skin temperature and its own device temperature. Stops if unit or skin overheats Likelihood: Highly unlikely. Risk #5: Riskiest, based on damaging leads with high radio frequency causing scarring, electrocution, shock or death. Mitigation: New devices have much thicker leads dispersing RF across whole length of lead. Likelihood: Highly unlikely.
  29. 29. Why only threat model? 1. $30,000. 2. Could he buy one? 3. NEVER PEN TEST YOUR WIFE
  30. 30. What network/s is it accessing? What data are they getting? Just keep questioning @jkriggins #fowa
  31. 31. Andy Thurai, IBM @AndyThurai “You need to be careful in your thought process, always question when you say ‘This system needs to connect to this system. Why? What’s the purpose?”
  32. 32. OAuth Promise: Platform + Developer + End User With great power comes…
  33. 33. IoT pulls QA to the Left.
  34. 34. Aditya Gupta, Attify @Adi1391 “It’s a better role for the developer to have the security mechanism in place before the testers actually test it.”
  35. 35. Dogfooding the Internet of Things* *20-year-old boys shouldn’t test for menopausal women devices. @jkriggins #fowa
  36. 36. Diwakar Menon, Last Mile Consultants @diwakarmenon “Look beyond just a pure usability perspective and start peeling off the layers of the onion. They will cause tears to your eyes, but there’s a need to learn usability testing.”
  37. 37. Stacey Mulcahy, Microsoft @bitchwhocodes “Understanding how these devices work, setting them up in the fragility and unpredictability of an environment—the environments they are deployed in aren’t necessarily in their own home.”
  38. 38. Of the people For the people By the people @jkriggins #fowa
  39. 39. Kin Lane, API Evangelist @kinlane To investigate IoT, “is something anyone can do, I don’t think you have to be a network specialist or developer. Research the tools out there—Proxy, Sniffer—find interface devices out on the network.”
  40. 40. Citizen activist: noun. A domain expert or developer that doesn’t have an investment in a platform. Citizen activist: noun. Anyone passionate about a sector and ready to ask questions. @jkriggins #fowa
  41. 41. Paul Bruce, SmartBear Software @paulsbruce “In order to really benefit from open standards, you need to contribute to them—provide feedback. It’s our responsibility to do what we can… Think about how the devices are going to be used and misused.”
  42. 42. Kin Lane, API Evangelist @kinlane When you are testing, “publish your strategy and plan and share it with others so they know that it’s executed and so they can emulate it.”
  43. 43. Who will be the winners? @jkriggins #fowa
  44. 44. @jkriggins #fowa
  45. 45. Richard Parker, Altitude Angel @altitudeangel “When I’m looking to hire, I’m not looking for traditional software developers, I’m looking for people who are imaginative and play, build stuff at home,” like radio-controlled cars and aircraft. “Folks who are inspired by technology. I don’t want a career developer at Altitude Angel. I want them for their engineering skills but in this domain, in the IoT world, we’re blending the real world with the software world.”
  46. 46. Stacey Mulcahy, Microsoft @bitchwhocodes “Pick a project that kind of leans on your software skills and finish your project, as simple as it is, and try to have all the pieces of some kind of inputs or outputs, capturing that data.” Makers FTW!!!
  47. 47. Stacey Mulcahy, Microsoft @bitchwhocodes Learn in two phases: 1. Getting really comfortable with your thing—how to work with it and write stuff for it. 2. Figure out how to store data, put it in the cloud—the opportunity is analysis and ability to predict behavior on the data.
  48. 48. Stacey Mulcahy, Microsoft @bitchwhocodes “The beauty right now for software is that there’s so many options and I think you’re better off to leverage what you feel like you know.” • Arduino • Raspberry Pi • Spark Photon • Java • C++ • Linux • Python
  49. 49. Diwakar Menon, Last Mile Consultants @diwakarmenon “Get familiar with that environment, the devices, the protocols, the gateways, the platforms. They need to understand: • how devices communicate • how aggregation happens • what kind of protocols are used • how is that data stored
  50. 50. Michael Kruk, Crowsnest @crowsnestio “Totally network your ass off. I think you need to have an idea or hypothesis. Don’t build anything, interview everything. ‘I think I can build a program that solves Problem X for Person Y.’ Ask them, ‘What is your biggest problem in this industry?’ and hope they say X. Then after you have about a 100 people confirming your hypothesis, then you can go and write some code.” Create your own IoT biz
  51. 51. Guillaume Gimbert, Stardust Mobile @guibarca “To learn how to work with different people with different backgrounds because, in the end, developing a software is quite easy. When we are talking about IoT, you also have to take account of design, of manufacturing. It’s software plus objects so it’s extremely difficult manufacturing lab classes - makers lab — to mix software and objects.”
  52. 52. Brian Knopf, BRK Security @DoYouQA “You have to love to learn. You can never really be complacent in QA. You’re always going to be constantly learning the technology and how to do things.”
  53. 53. Michael Bolton, Rapid Software Testing @MichaelBolton “I think there will always be a role for investigators, journalists, critics…Software will increasingly be checked through tools, through automation. What can never be automated is the investigation of social fit. Does this product fit into society? Is it good enough? Does it fulfill our intentions? Are there undiscovered intentions?”
  54. 54. Jennifer Riggins, eBranding.Ninja @jkriggins linkedin.com/in/jkriggins “Be the first to fiddle, to write about it, to talk about it. Just be the first and the rest will all fall into place.”