Security is a top concern for the Internet of Things, as essential as low power consumption, affordability, and wireless connectivity.

Because IoT devices are optimized for low power consumption and affordability, many have less than optimal computing resources. The good news is there are several options for using cryptography to make it more difficult for hackers to highjack your living room webcam, video doorbell or car.

The denial-of-service attack last October showed how cheap IoT devices that had no security–in many cases not even proper password protections–could be hacked to flood Web sites with traffic, shutting them down. In an increasingly connected future, consequences could include having water or electricity shut off, security systems disabled, or even loss of life for attacks on medical devices.

For the IoT, authentication ensures that devices are interacting with authorized gateways and cloud services and they in turn verify they are working with authentic IoT nodes. The sender will use a hashing algorithm and shared secret keys to generate a tag known as a message authentication code (MAC). The receiver performs the same hashing algorithm to decode the MAC and compare it with one stored locally.

The strength of the MAC depends on the strength of the hashing algorithm, the length of the key used and whether the key is shared secretly and stored securely. The current state-of-the-art hashing algorithm for cryptographic purposes is SHA-256 with 256-bit keys.

For sharing keys securely, either a secure channel can be used or a Diffie–Hellman key exchange over an insecure channel. Storing keys securely is another challenge, and it’s advisable to store them separately from application data and the data being authenticated. Properly equipped integrated chips can require a secure boot and secure firmware updates.

Encryption has been used for millennia. Ancient Greek generals passed messages to each other encoded on leather strips. To be read they had to be rolled around a scytale, a rod made to a secret diameter. Only a rod of the proper diameter would render the message correctly.

Today AES is the accepted standard to encrypt and decrypt our messages using digital keys. Symmetric key cryptography uses the same key to encrypt and decrypt the message, making it critical to keep the key secret. Asymmetric cryptography uses a shared, public key and a private key which is kept secret.

While asymmetric key cryptography has the benefit of added security over insecure channels, it’s more than 1,000 times more computationally expensive than symmetric key cryptography. Asymmetric cryptography can be used to establish a secure channel to exchange secret keys which can be used for subsequent symmetric methods. Alternatively, symmetric key cryptography used along with Diffie–Hellman key exchange is often secure enough for many embedded applications.

For IoT devices, hardware acceleration makes sense. Authentication chips or cryptographic co-processors can carry out sophisticated encryption and authentication efficiently in hardware, saving battery life and processor cycles. It takes more effort to secure any connected computing device, but in the long run, it’s the right thing to do.

–Lynnette Reese is a technical marketing manager and content team lead at ?Mouser Electronics.

Carmakers are at a crossroads. They can either follow the footsteps of the mobile industry by allowing two platforms — Apple or Android — or they can turn to open-source platforms like Automotive Grade Linux.

The challenge is that the automotive industry is, roughly, at about the level that the mobile industry was in about 1998, when phones and pagers and personal digital assistants first started making connections to the internet. Brands like Research in Motion (now Blackberry), Palm Pilot, and Nokia were dominant — and, importantly, they also managed their own “stack” of user experience and operating systems.

The mobile industry of the time understood that hardware was their market differentiator and a driver of what the software needed to do. This was a near-perfect inversion of the desktop model, in which the software drove the required hardware specifications.

The automotive industry now stands at the same crossroads as Palm, Nokia, Research in Motion, and others did then: They can lose control of their brands by under-investing in interoperable software ecosystems that augment their hardware, or they can take control now and recognize that vehicles represent an opportunity to expand their brand value.

The Big Mistake of Mobile: Sliding into a Platform Duopoly
In the mobile industry, there was a remarkably quick decline in platform diversity for the leading brands. Yes, the Apple iPhone’s release in 2007 changed the mobile business, but even before that, the mobile industry was forgetting key things — “open standards” — that made the desktop internet grow so fast. Mobile industry players promoted proprietary platforms and ended up sacrificing interoperability. For example, a lack of interoperability of messaging delayed the widespread adoption of SMS messaging in the U.S., with only 25% of Americans using SMS in 2003.

Many other basic communications standards and practices were walled off, with carriers and hardware makers doing everything in their power to close off the “deck” — the screens and applications that the user interacted with. If this sounds familiar, it should, as you look to the In-Vehicle Infotainment systems and philosophies that are common today.

The risk that the automotive industry is running, just like what the mobile industry has done, is that it’s heading for a software duopoly.

The parallels are clear. Rather than working to make their own software ecosystems better and more interoperable, many mobile technology makers took the simple route and decided to just put Android on their devices. This sucked as much as $31 billion out of the hardware-makers revenue, according to numbers revealed in an Oracle-Google lawsuit. Meanwhile, Apple’s closed-off ecosystem deflated the value of software, as “Apps” lopped a zero of the price of “Applications” back in 2008 — take it or leave it.

Today, although even the mighty Microsoft is still (barely) in the phone platform game, your only two realistic choices are to lose control of the hardware completely (iOS) or give up control of the core platform (Android).

Avoiding the Duopoly with Automotive
Automakers are at a crossroads today. They can decide that they want to follow the lead of the mobile industry and allow two platforms — Apple or Android — which will lead to losing control of their software product roadmaps. Or they can turn to open-source platforms and tools like Automotive Grade Linux and projects like Xen to handle the basics of connectivity and presentation control in the vehicles and concentrate on a better overall customer experience: a brand differentiation at the intersection of hardware and software. Sharing a single platform will enable quicker innovation.

Building a full customer experience and application platform for hardware — one that allows for an innovation ecosystem to form and thrive — is hard, but it’s necessary. The lessons learned in mobile must not be lost on the automotive industry — they can take control of their brand experience now or abdicate to others.

It all starts on the in-car silicon-to-cloud connection. The choice to be made here is simple: Car makers can treat connectivity as a core capability of their vehicle and engineer accordingly, or they can attempt to bolt on some version of connectivity through a mobile device.

Similarly, car makers can embrace the idea of their car as a platform for software innovation — by using open-source initiatives as a starting point — or they can let innovation happen elsewhere and hope for the best.

There are hundreds of billions of dollars at stake in the next five to 10 years. Vehicle makers can transform their business to develop fully integrated hardware and software platforms built on open systems and engineered with an ecosystem of software integrations in mind. Don’t miss your ride.

— Martin Focazio is senior director, business consulting at EPAM Systems, a global product development and digital platform engineering services company based in Newton, Pennsylvania.

Owerri, Nigeria: Today, FASMICRO Group, a young and dynamic African brand built on the tripod pillars of integrity, professionalism, and entrepreneurial spirit, delivering quality across its business segments and sectors with unparalleled insights, is unveiling a new subsidiary – Reconcia.

Reconcia is smart software. It uses logical and algorithmic reconfigurable artificial intelligence engines to perform financial reconciliations at scale. It requires no programming skills; just logic engines which are available in Reconcia dashboard. Once reconciliation desired state is established, a company can automate its reconciliation across different platforms. As the data to be reconciled is fed, Reconcia uses the established logical model to effect the reconciliation. It does this by using AI and machine learning to build trend analysis and automate at scale the most repetitive reconciliation activities. This saves cost and puts companies in the dawn of the digital age where more transactions are required to be reconciled nearly in real-time.

Reconcia delivers a smart reconciliation technology that learns on the job – it thinks. The following are the key attributes of Reconcia:

• Use of Cognitive Learning to absorb business knowledge and auto-learning of match rules; Cognitive Learning tools identify patterns and enhance auto matching
• High Match Rates – High performance matching algorithm with Artificial Intelligence
• High Processing Speed – Intelligent transaction matching algorithm which ensures high processing speed and volumes
• Single Platform – Single solution for all the reconciliation needs (Cash/Nostro, OTC Derivatives, Trade confirmations, Forex, ETC)
• Complete Data / Transaction Lifecycle Management – Integrated solution which can transform, cleanse, and reconcile the transactions across their lifecycle

Reconcia runs on the cloud which makes it easy for any client to implement. Reconcia Enterprise is also available and can be localized within a firm’s data center. The solution is scalable and supports any size of firm across industrial sectors. The data can be live electronic stream of data or uploaded data depending on the choice of the firm.

The Founder of Fasmicro Group, Prof Ndubuisi Ekekwe, notes: “Again, we have brought the amazing power of AI in another area to facilitate innovation and productivity in Africa. Companies are spending huge resources on reconciliation because most are still manually executed requiring running departments with many headcounts. With Reconcia, you save time and resources while improving quality. I welcome African businesses to take advantage of this solution”.

To schedule a demo, please email info@reconcia.com

About Reconcia:

Reconcia is AI-driven reconciliation software that uses machine learning-anchored trend analysis to facilitate financial reconciliation at scale. It has built-configurable AI models which do not require any programming for clients to implement. For more visit http://reconcia.com/

About Fasmicro Group:

FASMICRO Group is a young and dynamic group of companies and an emerging brand in Africa. Built on the tripod pillars of integrity, professionalism, and entrepreneurial spirit, FG delivers quality across its business segments and sectors with unparalleled insights. Our key focus is Africa and we operate through three main services – technology/engineering, investments and strategic advisory – to cover a broad range of sectors including technology, education, public sector, financial services, manufacturing, real estate and agriculture. For more visit http://fasmicrogroup.com