{"id":15182,"date":"2016-07-15T09:01:07","date_gmt":"2016-07-15T06:01:07","guid":{"rendered":"http:\/\/www.altoros.com\/blog\/?p=15182"},"modified":"2019-05-07T18:16:58","modified_gmt":"2019-05-07T15:16:58","slug":"cybersecurity-for-the-iot-and-ge-predix","status":"publish","type":"post","link":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/","title":{"rendered":"Cybersecurity for the IoT: Issues, Challenges, and Solutions"},"content":{"rendered":"<p>Security was the key topic during a recent <a href=\"https:\/\/www.meetup.com\/GE-Predix-Boston-Industrial-Internet\/events\/228894123\/\" target=\"_blank\" rel=\"noopener noreferrer\">Predix meetup<\/a> sponsored by Altoros in Boston. Speaker <a href=\"https:\/\/www.linkedin.com\/in\/mikeandersonptr\" target=\"_blank\" rel=\"noopener noreferrer\">Mike Anderson<\/a>, Chief Scientist of the PTR Group, outlined several dimensions of security along IoT deployments, specific challenges inherent to different types of devices, and how to reduce a deployment&#8217;s \u201cattack surface.\u201d<\/p>\n<p>&nbsp;<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#Saving_millions_of_dollars_for_power_plants\" >Saving millions of dollars for power plants<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#More_devices_means_more_threats\" >More devices means more threats<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#Top_3_security_issues\" >Top 3 security issues<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#The_challenges_associated_with_devices\" >The challenges associated with devices<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#Want_details_Watch_the_video\" >Want details? Watch the video!<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#Further_reading\" >Further reading<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#About_the_experts\" >About the experts<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Saving_millions_of_dollars_for_power_plants\"><\/span>Saving millions of dollars for power plants<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Mike was preceded by <a href=\"https:\/\/www.linkedin.com\/in\/mina-botros-569a4726\" target=\"_blank\" rel=\"noopener noreferrer\">Mina Botros<\/a>, a Senior Software Engineer with GE Digital, who gave an overview of the challenges and drivers of the Industrial Internet. After that, <a href=\"https:\/\/www.linkedin.com\/in\/himajavadaga\" target=\"_blank\" rel=\"noopener noreferrer\">Himaja Vadaga<\/a>, a graduate student at Northeastern University, described an industrial project she&#8217;s working on using analytics in GE Predix.<\/p>\n<div id=\"attachment_15185\" style=\"width: 210px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mina-Botros.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-15185\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mina-Botros.jpg\" alt=\"Mina Botros\" width=\"200\" height=\"200\" class=\"size-full wp-image-15185\" \/><\/a><p id=\"caption-attachment-15185\" class=\"wp-caption-text\"><small>Mina Botros, GE<\/small><\/p><\/div>\n<p><a href=\"https:\/\/www.linkedin.com\/in\/mina-botros-569a4726\" target=\"_blank\" rel=\"noopener noreferrer\">Mina Botros<\/a> provided a general outline of GE Predix and how developers and organizations can start working with it. He answered several questions concerning its use during IoT deployments, including one about scalability (to which he noted that Predix is based on Cloud Foundry and thus gets its scalability from the platform). As always, <a href=\"http:\/\/www.predix.io\" target=\"_blank\" rel=\"noopener noreferrer\">predix.io<\/a> was mentioned as great place to start for people and companies who wish to get involved with Predix.<\/p>\n<div id=\"attachment_15186\" style=\"width: 210px\" class=\"wp-caption alignright\"><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Himaja-Vagada-e1468539527807.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-15186\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Himaja-Vagada-e1468539527807.jpg\" alt=\"Himaja Vagada\" width=\"200\" height=\"200\" class=\"size-full wp-image-15186\" \/><\/a><p id=\"caption-attachment-15186\" class=\"wp-caption-text\"><small>Himaja Vagada<\/small><\/p><\/div>\n<p><a href=\"https:\/\/www.linkedin.com\/in\/himajavadaga\" target=\"_blank\" rel=\"noopener noreferrer\">Himaja Vadaga<\/a> described a recent project she undertook in which she collected data from equipment and conditions within power plants. She is working to demonstrate potential cost savings in the millions of dollars for a major facility, while also providing insight on building new-generation plants.<\/p>\n<p>Globally, power plants produce more than two terawatts (two million megawatts) around the clock, a number that should grow dramatically as the developing world continues to grow economically.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"More_devices_means_more_threats\"><\/span>More devices means more threats<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div id=\"attachment_15188\" style=\"width: 260px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson.jpg\"><img decoding=\"async\" aria-describedby=\"caption-attachment-15188\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson.jpg\" alt=\"Mike Anderson\" width=\"250\" class=\"size-full wp-image-15188\" \/><\/a><p id=\"caption-attachment-15188\" class=\"wp-caption-text\"><small>Mike Anderson, PTR Group<\/small><\/p><\/div>\n<p><a href=\"https:\/\/www.linkedin.com\/in\/mikeandersonptr\" target=\"_blank\" rel=\"noopener noreferrer\">Mike Anderson<\/a> proceeded to terrify the audience as he outlined the many challenges of data security within IoT deployments.<\/p>\n<p>\u201cIf your cloud is connected to your sensor, then your sensor is connected to your cloud,\u201d he said, noting that deploying myriad sensors produces an equal number of potential security breach points. He outlined a \u201cfog\u201d model in which sensors first communicate to a border gateway, thus literally shielding cloud-computing infrastructure from raw sensor input.<\/p>\n<p>\u201cWe can think of the IoT as being comprised of devices on the edge, middle box, and cloud portions of the ecosystem,\u201d he said. \u201cEdge devices are where the sensors and actuators are found. They are often battery-operated devices with low-power networks.<\/p>\n<p>\u201cThe middle boxes are better known as border routers\/gateways,\u201d he said. \u201cThey use standard Internet protocol (whether IPv4 or IPv6), and may provide data pre-processing. The cloud portion of the infrastructure provides connectivity to external controllers, such as smartphones, tablets, etc.\u201d<\/p>\n<blockquote><p>\u201cThe definition of security varies depending on the audience. For some, it means having locks, alarms and guards as in physical security. For others, it is all about protection from outside hackers as in cybersecurity.\u201d \u2014Mike Anderson, PTR Group<\/p><\/blockquote>\n<p>A host of actors are waiting out there to attack anything with a presence in cyberspace, as we all know. Mike grouped them into three broad categories, ranging from amateur hackers (whom he called \u201cscript kiddies\u201d), to a range of professional hackers from blackhats to whitehats (hired to try to find potential security flaws) to the world of in-between grayhats, to state-sponsored actors (whom he described as far the most dangerous of all).<\/p>\n<p><center><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/EC_how_it_works.png\" alt=\"EC_how_it_works\" width=\"480\" height=\"336\" class=\"aligncenter size-full wp-image-15221\" \/><\/p>\n<p><small>Source: <a href=\"https:\/\/www.eurotech.com\/en\/products\/iot\/iot-integration-platform\/everyware-cloud\" target=\"_blank\" rel=\"noopener noreferrer\">eurotech.com<\/a><\/small><\/p>\n<p><\/center><\/p>\n<p>\u201cThese state-sponsored bad actors are often blackhats who are paid by governments to find and obtain classified information, conduct industrial espionage, or launch coordinated cyber-attacks,\u201d he said.<\/p>\n<blockquote><p>\u201cYour own employees are often the number one threat to your security.\u201d<br \/>\n\u2014Mike Anderson, PTR Group<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Top_3_security_issues\"><\/span>Top 3 security issues<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Mike provided the nice acronym \u201cCIA\u201d to describe what he called \u201cThe Big Three\u201d issues of security: confidentiality, integrity, and authentication. He noted that authorization and non-repudiation need to be considered as well.<\/p>\n<p><strong>Confidentiality.<\/strong> \u201cOne of the easiest characteristics of security to understand,\u201d according to Mike. \u201cThe goal of confidentiality is simply that no unauthorized individuals can read the data you want protected.&#8221;<\/p>\n<p>A breakdown of data categories includes data-in-flight, data-at-rest, data-in-use, data in the form of message traffic transiting your connections, data-like encryption keys and certificates stored on your system, and temporary use of decrypted keys or certificates in RAM.<\/p>\n<p>He described both symmetric and asymmetric encryption. Symmetric encryption \u201chas a pre-shared key that must be known on both sides,\u201d he said, e.g., AES, DES, Twofish, Rijndael, and Triple-DES. Asymmetric encryption has public and private keys \u201cand is often referred to as public-key cryptography,\u201d he said, e.g., Diffie-Hellman, RSA, and elliptic curve encryption.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Public_key_shared_secret.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Public_key_shared_secret.png\" alt=\"Public_key_shared_secret\" width=\"400\" class=\"aligncenter size-full wp-image-15223\" \/><\/a><\/p>\n<p><small>Source: <a href=\"https:\/\/en.wikipedia.org\/wiki\/Alice_and_Bob\" target=\"_blank\" rel=\"noopener noreferrer\">Wikipedia<\/a><\/small><\/p>\n<p><\/center><\/p>\n<p><strong>Integrity.<\/strong> \u201cThis encompasses a couple of different concepts,\u201d he said, \u201csystem integrity and message integrity. System integrity can be addressed initially by ensuring a secure boot cycle. (With) message integrity, we need to concern ourselves that the message was delivered intact and was not modified.\u201d<\/p>\n<p><strong>Authentication.<\/strong> \u201cThis addresses being able to associate the origin of a message, user, or file to a valid source,\u201d Mike said. Single-factor authentication uses a single characteristic to grant access. Examples are passwords, biometrics, PINs, and security tokens. More secure, two-factor authentication combines two factor, such as a fingerprint and drawn pattern or iris scan, along with a security token such as a smart card.<\/p>\n<p>Certificates also come into play, he noted, and are closely tied to the asymmetric encryption approach. \u201cCertificates are a way of binding a particular public key to a specific distinguished name or its alternative, such as an e-mail address or DNS entry,\u201d he said.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/certification-authority.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/certification-authority.png\" alt=\"certification authority\" width=\"600\" height=\"384\" class=\"aligncenter size-full wp-image-15225\" \/><\/a><\/p>\n<p><small>Source: <a href=\"http:\/\/www.free-it.org\/archiv\/talks_2005\/paper-11156\/paper-11156.html\" target=\"_blank\" rel=\"noopener noreferrer\">free-it.org<\/a><\/small><\/p>\n<p><\/center><\/p>\n<p>Moving on, he first noted that \u201cauthorization is more difficult to pin down (and) is related to the system&#8217;s access control policies. It&#8217;s assumed that a user or system is authorized if they have valid credentials for the platform, a secret key, or knowledge of some private characteristic of the system such as a hidden SSID in a wireless network.\u201d<\/p>\n<p>Then he spoke a bit about non-repudiation, \u201csomething that most people don&#8217;t think about. Non-repudiation means someone not being able to deny that they sent the message, and is often associated with having the private secret needed to encrypt\/decrypt a cryptographically sealed message,\u201d he said.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"The_challenges_associated_with_devices\"><\/span>The challenges associated with devices<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>When applying all of these core principles to IoT deployments involving Cloud Foundry and Predix, Mike said that all of those edge devices \u201crepresent a special set of problems,\u201d as follows:<\/p>\n<ul>\n<li>They might not always be powered on.<\/li>\n<li>They often won&#8217;t have a main memory unit (MMU) or be able to run an OS.<\/li>\n<li>They can be easily accessible by unauthorized personnel.<\/li>\n<li>They have low RAM and low CPU performance.<\/li>\n<li>Their only connectivity may be wireless.<\/li>\n<\/ul>\n<p>All of these factors complicate encryption, and \u201cit is difficult to provision every sensor without physically touching every one,\u201d he noted.<\/p>\n<p>Therefore, \u201cdo not allow your edge devices to be visible on the Internet, and try to make the devices as dumb and as throwaway as possible, in general,\u201d he said. \u201cThey are often simply replaced rather than repaired.\u201d<\/p>\n<p>To paraphrase the late Carl Sagan, there will be billions of devices in our universe very soon, and now&#8217;s the time to think about how to protect them and the data they transmit from all of the bad actors in the world.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Want_details_Watch_the_video\"><\/span>Want details? Watch the video!<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<table width=\"100%\">\n<tbody>\n<tr>\n<td class=\"video-details-td\">\n<div style=\"float: right; width: 45%; padding-left: 15px; font-size: 14px;\">\n<p><strong>Table of Contents<\/strong><\/p>\n<ol>\n<li style=\"margin-bottom: 6px;\"><b>Mina Botros<\/b>: The challenges and drivers of the Industrial Internet (<a href=\"#wistia_8t8qq1erk2?time=150\">02&#8217;30&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">Security services available under GE Predix (<a href=\"#wistia_8t8qq1erk2?time=900\">15&#8217;00&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\"><b>Himaja Vagada<\/b>: A data analytics use case for the energy sector (<a href=\"#wistia_8t8qq1erk2?time=1440\">24&#8217;00&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\"><b>Mike Anderson<\/b>: What does it mean to be secure? (<a href=\"#wistia_8t8qq1erk2?time=2400\">43&#8217;36&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">What are we trying to protect? (<a href=\"#wistia_8t8qq1erk2?time=3030\">44&#8217;35&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">Where do cybersecurity attacks originate? (<a href=\"#wistia_8t8qq1erk2?time=3330\">55&#8217;30&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">How to stop people from reading your data (<a href=\"#wistia_8t8qq1erk2?time=3710\">61&#8217;50&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">Types of integrity under cybersecurity (<a href=\"#wistia_8t8qq1erk2?time=3995\">66&#8217;35&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">Types of authentication under cybersecurity (<a href=\"#wistia_8t8qq1erk2?time=4250\">70&#8217;50&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 6px;\">How to assess risks in cybersecurity (<a href=\"#wistia_8t8qq1erk2?time=4650\">77&#8217;30&#8221;<\/a>)<\/li>\n<\/ol>\n<\/div>\n<p><script charset=\"ISO-8859-1\" src=\"\/\/fast.wistia.com\/assets\/external\/E-v1.js\" async><\/script><\/p>\n<div class=\"wistia_embed wistia_async_8t8qq1erk2\" style=\"height:320px;width:440px\">&nbsp;<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<br \/>\n<small>These are the slides from the meetup.<\/small><\/p>\n<p><center><iframe loading=\"lazy\" src=\"\/\/www.slideshare.net\/slideshow\/embed_code\/key\/62zeBevpLS6VN7\" width=\"595\" height=\"485\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen><\/iframe><\/center><\/p>\n<p><center><iframe loading=\"lazy\" src=\"\/\/www.slideshare.net\/slideshow\/embed_code\/key\/uWiXDqzgjJ7oqF\" width=\"595\" height=\"485\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen><\/iframe><\/center><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Further_reading\"><\/span>Further reading<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/ge-predix-and-the-dds-standard-transform-healthcare-control-robots\/\">GE Predix and the DDS Standard Transform Healthcare, Control Robots<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/going-loco-ge-predix-siemens-analytics\/\">Going Loco with GE Predix and Siemens Analytics<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/cloud-foundry-and-iot-concerns-the-need-for-standardization-and-transaction-authentication\/\">Cloud Foundry and IoT Concerns: The Need for Standardization and Transaction Authentication<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"About_the_experts\"><\/span>About the experts<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div>\n<div style=\"float: right;\"><a href=\"https:\/\/www.linkedin.com\/in\/mikeandersonptr\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-bio.png\" alt=\"Mike Anderson bio\" width=\"150\" height=\"150\" class=\"aligncenter size-full wp-image-15210\" \/><\/a><\/div>\n<div style=\"width: 600px;\"><small><a href=\"https:\/\/www.linkedin.com\/in\/mikeandersonptr\">Mike Anderson<\/a> is currently CTO and Chief Scientist for The PTR Group, Inc. with over 35 years in the embedded and real-time computing industry. He works with a number of RTOS offerings on platforms ranging from 8-bit uPs to GPU-based supercomputers. His focus over the past decade is primarily embedded Linux and Android on CPU architectures such as ARM, x86, MIPS, and Power. As an instructor and consultant, he is a regular speaker at the Embedded Systems Conference, the Embedded Linux Conference, Android Builder&#8217;s Summit, as well as other Linux\/Android-oriented conferences around the world.<\/small><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<div>\n<div style=\"float: right;\"><a href=\"https:\/\/www.linkedin.com\/in\/mina-botros-569a4726\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mina-Botros-bio.png\" alt=\"Mina Botros bio\" width=\"150\" height=\"150\" class=\"aligncenter size-full wp-image-15211\" \/><\/a><\/div>\n<div style=\"width: 600px;\"><small><a href=\"https:\/\/www.linkedin.com\/in\/mina-botros-569a4726\">Mina Botros<\/a> is currently a Senior Software Engineer at GE Digital. He is always looking for opportunities to expand his repertoire in the computer science, Big Data, and Data Science fields and to further optimize his day-to-day job performance and productivity. He has prior work experience with Grass Valley, German Univiserty in Cairo, and Cegedim Trends. He is skilled in C#, C++, and Java. He has a Master&#8217;s Degree in Computer Science from Boston University.<\/small><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<div>\n<div style=\"float: right;\"><a href=\"https:\/\/www.linkedin.com\/in\/himajavadaga\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Himaja-Vadaga-bio.png\" alt=\"Himaja Vadaga bio\" width=\"150\" height=\"150\" class=\"aligncenter size-full wp-image-15212\" \/><\/a><\/div>\n<div style=\"width: 600px;\"><small><a href=\"https:\/\/www.linkedin.com\/in\/himajavadaga\">Himaja Vadaga<\/a> is a data enthusiast with strong knowledge in databases. She is currently pursuing Masters of Science in Information Systems from College of Engineering, Northeastern University. She has an insatiable intellectual curiosity, and the ability to mine hidden insights located within large sets of structured, semi-structured, and unstructured data. Himaja is able to leverage a heavy dose of mathematics and applied statistics with visualization and a healthy sense of exploration. Problem solving, organizing, and delegating are her fort\u00e9.<\/small><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<hr\/>\n<p><center><small>The post was written by Roger Strukhoff; edited by Carlo Gutierrez, Sophia Turol, and <a href=\"https:\/\/www.altoros.com\/blog\/author\/alex\/\">Alex Khizhniak<\/a>.<\/small><\/center><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security was the key topic during a recent Predix meetup sponsored by Altoros in Boston. Speaker Mike Anderson, Chief Scientist of the PTR Group, outlined several dimensions of security along IoT deployments, specific challenges inherent to different types of devices, and how to reduce a deployment&#8217;s \u201cattack surface.\u201d<\/p>\n<p>&nbsp;<\/p>\n<p>Saving millions of [&#8230;]<\/p>\n","protected":false},"author":9,"featured_media":15242,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[7],"tags":[873,117,647],"class_list":["post-15182","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-opinion","tag-cloud-native","tag-iot","tag-predix"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cybersecurity for the IoT: Issues, Challenges, and Solutions | Altoros<\/title>\n<meta name=\"description\" content=\"Mike Anderson takes attendees on a terrifying ride through IoT security threats and &quot;bad actors,&quot; giving an overview of a use case project on the GE Predix platform.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity for the IoT: Issues, Challenges, and Solutions | Altoros\" \/>\n<meta property=\"og:description\" content=\"Mike Anderson of PTR Group takes attendees on a terrifying ride through IoT security threats and &quot;bad actors.&quot; A review of GE Predix services and a use case project were also on the program.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/\" \/>\n<meta property=\"og:site_name\" content=\"Altoros\" \/>\n<meta property=\"article:published_time\" content=\"2016-07-15T06:01:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-05-07T15:16:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/gif\" \/>\n<meta name=\"author\" content=\"Roger Strukhoff\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Roger Strukhoff\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/\",\"url\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/\",\"name\":\"Cybersecurity for the IoT: Issues, Challenges, and Solutions | Altoros\",\"isPartOf\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif\",\"datePublished\":\"2016-07-15T06:01:07+00:00\",\"dateModified\":\"2019-05-07T15:16:58+00:00\",\"author\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/56ea20d6f280f7a442e89e5884b06fd8\"},\"description\":\"Mike Anderson of PTR Group takes attendees on a terrifying ride through IoT security threats and \\\"bad actors.\\\" A review of GE Predix services and a use case project were also on the program.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#primaryimage\",\"url\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif\",\"contentUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif\",\"width\":640,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.altoros.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity for the IoT: Issues, Challenges, and Solutions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#website\",\"url\":\"https:\/\/www.altoros.com\/blog\/\",\"name\":\"Altoros\",\"description\":\"Insight\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.altoros.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/56ea20d6f280f7a442e89e5884b06fd8\",\"name\":\"Roger Strukhoff\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/03\/roger_strukhoff_user_icon-150x150.jpg\",\"contentUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/03\/roger_strukhoff_user_icon-150x150.jpg\",\"caption\":\"Roger Strukhoff\"},\"description\":\"Roger Strukhoff is Director of Research at Altoros. He also serves as Executive Director of the Tau Institute for Global ICT Research, Conference Chair of Cloud Expo and Things Expo, Co-Chair of the Big Data World Forum, and Open-Source Chair for the global DCD Converged conference series. He received his BA from Knox College, and conducted MBA studies at California State University\/East Bay. Previously in his career, he was VP of New Products at International Data Group and Director of Global Publications at TIBCO Software.\",\"url\":\"https:\/\/www.altoros.com\/blog\/author\/rstrukhoff\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity for the IoT: Issues, Challenges, and Solutions | Altoros","description":"Mike Anderson takes attendees on a terrifying ride through IoT security threats and \"bad actors,\" giving an overview of a use case project on the GE Predix platform.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/","og_locale":"en_US","og_type":"article","og_title":"Cybersecurity for the IoT: Issues, Challenges, and Solutions | Altoros","og_description":"Mike Anderson of PTR Group takes attendees on a terrifying ride through IoT security threats and \"bad actors.\" A review of GE Predix services and a use case project were also on the program.","og_url":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/","og_site_name":"Altoros","article_published_time":"2016-07-15T06:01:07+00:00","article_modified_time":"2019-05-07T15:16:58+00:00","og_image":[{"width":640,"height":360,"url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif","type":"image\/gif"}],"author":"Roger Strukhoff","twitter_misc":{"Written by":"Roger Strukhoff","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/","url":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/","name":"Cybersecurity for the IoT: Issues, Challenges, and Solutions | Altoros","isPartOf":{"@id":"https:\/\/www.altoros.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#primaryimage"},"image":{"@id":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#primaryimage"},"thumbnailUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif","datePublished":"2016-07-15T06:01:07+00:00","dateModified":"2019-05-07T15:16:58+00:00","author":{"@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/56ea20d6f280f7a442e89e5884b06fd8"},"description":"Mike Anderson of PTR Group takes attendees on a terrifying ride through IoT security threats and \"bad actors.\" A review of GE Predix services and a use case project were also on the program.","breadcrumb":{"@id":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#primaryimage","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/07\/Mike-Anderson-Predix-IoT-Featured.gif","width":640,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/www.altoros.com\/blog\/cybersecurity-for-the-iot-and-ge-predix\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.altoros.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity for the IoT: Issues, Challenges, and Solutions"}]},{"@type":"WebSite","@id":"https:\/\/www.altoros.com\/blog\/#website","url":"https:\/\/www.altoros.com\/blog\/","name":"Altoros","description":"Insight","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.altoros.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/56ea20d6f280f7a442e89e5884b06fd8","name":"Roger Strukhoff","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/03\/roger_strukhoff_user_icon-150x150.jpg","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2016\/03\/roger_strukhoff_user_icon-150x150.jpg","caption":"Roger Strukhoff"},"description":"Roger Strukhoff is Director of Research at Altoros. He also serves as Executive Director of the Tau Institute for Global ICT Research, Conference Chair of Cloud Expo and Things Expo, Co-Chair of the Big Data World Forum, and Open-Source Chair for the global DCD Converged conference series. He received his BA from Knox College, and conducted MBA studies at California State University\/East Bay. Previously in his career, he was VP of New Products at International Data Group and Director of Global Publications at TIBCO Software.","url":"https:\/\/www.altoros.com\/blog\/author\/rstrukhoff\/"}]}},"_links":{"self":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/15182","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/comments?post=15182"}],"version-history":[{"count":42,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/15182\/revisions"}],"predecessor-version":[{"id":42891,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/15182\/revisions\/42891"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media\/15242"}],"wp:attachment":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media?parent=15182"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/categories?post=15182"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/tags?post=15182"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}