The media is full of scary stories about cyber threats at the moment, denial of service attacks and so on (here is just one press story ) so it seems like a good time to share our approach to cyber security for our industrial secure IOT solutions.
Its a subject we have always taken seriously because our products are used in such a range of locations, by high profile clients, from the Palace of Westminster, through critical infrastructure [Water Utilities, Thames Barrier], critical services [NHS hospitals], to building management & control systems in major buildings [Tate Modern], and by a host of OEM’s making everything from UPS, generators, CHP plant, to HVAC equiment, to Instrumentaiton, to mobile plant, lubrication systems, and so on.
We are unusual in the industrial IOT sector as we design, manufacture and supply our own end-to-end solutions.
Black Boxes: Our own range of battery & mains powered low voltage remote telemetry units that monitor and collect data for upward transmission. Typified by the NanoULTRA used by Original Equipment Manufacturers to IoT enable their products – shown in the picture – these also include the RDL//1000 and RDL//Vibe.
Having no “operating system” and minimal software these units are not capable of use in the DDoS attacks seen recently. They have no listening port so have a minimal attack surface. The Black boxes initiate connection with our back office server systems at predetermined intervals [a push system, with no possibility for server side pull].
Inbound traffic to our servers is only permitted from known “black boxes” identified by their unique IMEI number. All traffic is encrypted. During this limited connection time any new configuration information e.g. alarm thresholds or sampling & reporting frequencies are downloaded, as well as the upload of data from clients equipment being monitored and healthcheck information like battery status and GSM signal information from the RTU.
Between the Black Boxes and the CDL SmartHub there is a chain of functions and security systems that are constantly under review, test and improvement to ensure we are delivering secure IoT systems. Existing & prospective users of CDL products can access a detailed statement on these elements of our systems at a given point in time, and of course can discuss these matters directly with us.
Secure IoT Solutions:
The SmartHub is accessed on line from any device [smartphone, tablet, pc] via any browser with no software to load by users. This is the front end portal to the system, giving access only to authorised users. This is where users get the big picture on their assets, whether from a geolocation & status dashboard or a 3D interactive smart building image, or any other way that works for them. And from here they can drill down to specific sensor data, identify trends, set alarm conditions, change monitoring frequncies, predict performance and solve their customers problems, sometimes before their customer even knows they have a problem!
To discuss our approach to secure IoT solutions in detail do please email our IT Director, Dan Mackdermott, philmeades@outlook.com
Caption Data Limited is a UK company leading the way in applying remote monitoring and “Internet of Things” technology for the Built Environment, and OEMs, Consultants, Construction and FM businesses operating in that sector. With thousands of installed units across 15 countries, we provide end-to-end solutions, all the way from the sensors to the cloud & our SmartHub™. They deliver real ROI, are quick to install, light touch, and above all are practical for our clients.
