In Mai 2018, Tobias and me were in Cologne at the Building IoT conference. The topics of the talks covered a broad spectrum of the Internet of Things field. There were three tracks covering different topics ranging from the jungle of IoT protocols, secure Linux hypervisors specially developed for IoT modules to machine learning and blockchain.
In “How to secure over the air updates” the speaker showed how to securely deploy updates over the standard communication channel to the target device. Many consumer IoT devices have a short support for updates if they get any updates at all. This leads and in the future will lead to bad news like botnets, bricked devices and exploited IP cameras streaming publicly. Therefore, a patch and vulnerability management is required – especially in industrial Internet of Things devices. Some updates have to be performed over the air due to the physical inaccessibility of some IoT devices in production environments. There are two possibilities to update such systems: First, a rescue OS (Operating System) boots and overwrites the existing production OS. The second option is a redundant OS, which copies the updates to the inactive OS and reboots to that.
In “Guide through the IoT protocol jungle” the speaker talked about a range of communication protocols suitable for small devices to share data with each other or with servers. The following protocols were discussed during the talk: AMQP, CoAP, HTTP, MQTT, MQTT-SN and XMPP.
The basic functionality of each protocol was discussed with its strengths, pitfalls and use cases. For example, AMQP 1.0, as a binary protocol, offers great flexibility and supports peer-to-peer communication. On the downside, it has quite a big overhead, is relatively complex and has no interoperability between implementations. Therefore, it can be applied to complex and decoupled backend.
CoAP has a different field of application. It’s useful for devices and networks with small resources, has an integrated discovery functionality and supports DTLS. It could be called HTTP for machines. In contrast to AMQP, CoAP is very lightweight and due to the fact that it is similar to HTTP, the learning curve is flat. CoAP has also some drawbacks, namely that it is still new as a protocol, released in 2014 and not as major as MQTT or AMQP and the fact that it uses UDP makes it less reliable with communication over the internet where the UDP packets may be dropped. As a result, it is well suited for wireless sensor networks, resource-poor devices in local networks and is established in the home automation field. The main statement of this talk was that there is no protocol that fits to all applications. Each use case needs careful considerations.
It was pointed out in “Ensure the performance of IoT architectures” that performance for IoT projects is a critical factor which is often forgotten while developing. When the developers notice that a device has performance or scalability problems, this issue can’t be resolved easily if the project is near its end. Therefore, the project manager has to address these factors in the design phase already.
The Talk “Embedded Software in Jail” showed us how to secure a microprocessor against software vulnerabilities by setting up a statically partitioned hypervisor. Jailhouse was used as a hypervisor using Linux KVM to partition the microprocessor. The microprocessor must have hardware support for virtualization for Jailhouse to work. The hypervisor won’t emulate not existing hardware, meaning only existing hardware can be used by the software running in the cells partitioned by Jailhouse. For example if the microprocessor has two UARTs, only two cells can have one UART each or one cell can have both. Jailhouse is built for security purposes, not for emulating or virtualizing hardware nor dynamic assigning of RAM or CPU resources. There is no over-commitment of resources.
In conclusion, both days of the event were well organized. The rooms were not too crowded and the talks were according to schedule. Big thanks to the speakers for their great talks, the organizers for the smooth order of events and all the helpers for the culinary accommodation.
Tobias & Rene