By Bill Zujewski
The “Internet of Things” (IoT) is real, delivering value, transforming industries and here to stay… and connected products from product manufacturers are at the heart of it. So what’s driving the interest and momentum? Clearly, the coolness of “Connected Homes” and the fitness benefits of “Wearables” are sparking some of the interest. But what other macro trends and changes in consumer and customer behaviors are accelerating the demand for Connected Products? Here are some key trends that I see that are driving the need for Connected Products:
- Mobile Apps – There’s an app for everything. Need a cab? Grab a taxi with Uber on your smart phone. Want to play some tunes in the kitchen? Bring up your Sonos app. We are becoming accustomed to interacting with things via our phones. So I expect we’ll hear this from consumers from now on: “What do you mean … this product doesn’t come with an app?”
- Early “Connected Products” – We’ve tasted connected products. My TV is connected. My Nest thermostat is connected. My fitness band is connected. My Music player is in the cloud. So I expect we will hear this a lot: “What do mean … this product is not connected? Ughh.”
- “Use” vs. “Ownership” model – Who needs to buy anything? Need a ride? Just use Zip Car today. Music? Just sign up for a streaming music service. Need an alarm system? The camera, sensors and system are free… just pay the monthly subscription. So I expect to hear this more often in the future: “What do mean… I have to purchase this product? I just want it use it for a while.”
My point is this… people are going to expect what they buy to be connected. They‘ve tasted connected products. They’ve tasted products-as-a-service. They love their mobile apps. Companies who can deliver a connected product experience have a chance to differentiate and capture buyers who are hungry for connected products.
And guess what… there will be IoT consumerization of commercial and industrial products. Tractors, windmills, trucks, buildings, projectors, generators, engines… you name it…. they’ll be connected, come with a mobile app, and be available as a service. The expectations from the consumer B2C world will spill over into the Industrial B2B world. It’s already happening. Just ask our customers… GE, Philips, EMC, Diebold, NCR, Medtronic, Tyco, Hitachi, Agilent and Stryker.
By Rob Black, CISSP
I hope you are enjoying the summer as much as I am, and that you have some well-deserved time off ahead of you. But before you take off, I’d like to play out a security scenario with you. Imagine your company manufactures mission critical machines and a couple of days before you depart on your dream vacation you discover that 10,000 machines deployed across hundreds of customer locations have a software flaw, the result of which could be a serious security problem for your customers and a significant risk to your organization. The engineers on your team have developed a patch for the vulnerability. Do you:
- Send out an email advisory of the problem and hope that customers will download the patch while you are on vacation, and there will be no major headaches for customer support during your absence. (If this is the case, you should worry if you will have a job when you return.)
- Cancel your vacation and start copying the patch to thousands of USB memory sticks to be mailed out to every customer location. (If this is the case, that “well-deserved” vacation doesn’t seem to apply)
- Something else.
Given that you are reading a blog on an IoT and you are interested in security, I am betting that you picked c) Something else.
That something else is the IoT. The ability to connect to a machine is critical to being able to ensure that it is secure. An unconnected machine is one that is likely unpatched and therefore vulnerable.
While connecting to your machines is laudable, it is not enough. There are many components to a IoT project including the means to update the software, what we at Axeda call Connected Content.
Not only does your solution need to be aware of the version, the right steps to perform, what to do if an error occurs, but also needs to consider what network bandwidth constraints may exist. Unless your customers have unlimited bandwidth you might want to limit how many are being deployed at a given moment in time.
Now what if the machine is performing a critical operation like for instance “in surgery” literally opening up someone’s chest in an operating room? It might not be a good time to perform a software update. You need the ability to put the device into a mode that prohibits it from doing the update at that time.
Up to this point we have assumed that all machines were the same. What if machines have different configuration, different boards, different chips, different modules, or different software? Can the same patch be applied identically to all your machines? You need software that can differentiate between the various versions and apply the appropriate software.
Now that we have sent out updates to thousands of machines we need the ability to audit, monitor, and report on the results and identify any problematic machines that might need additional intervention. The software has to have the tools to track which machines were updated and which ones had problems that require manual intervention.
It sounds like a tall order for any solution to be able to meet all of these requirements. And it is. The Axeda Connected Content solution was designed for product manufacturers to be able to meet the rigorous requirements outlined above. Our customers that utilize Axeda Connected Content are able to update content on thousands of machines managing vulnerability fixes, other software updates, as well as pushing configuration data. You can learn more about how Axeda Connected Content is solving real world problems with ecoATM from the posted webinar.
With Axeda Connected Content helping to protect your machines you can enjoy your summer!
By Rob Black, Axeda
Here at Axeda we just finished a very successful Connexion 2014 conference where global thought leaders in the Internet of Things (IoT) gathered in Boston for our multi-day event. One of the themes that I heard again and again from practitioners of IoT is that their security story needed improvement in order to assure customers that their IoT solution could be utilized safely. There is a lot of noise from the entertainment world and popular press about killer pacemakers and spam-sending-refrigerators that has crowded out the less sensational reality that -- IoT Security is not fundamentally different from network security, and there are a plethora of strong security practices that can be readily applied to IoT.
Many customers who are deploying IoT are frustrated by the resistance that some IT and security departments exert when an IoT solution can clearly help them solve business challenges for their deployed machines. Lack of connectivity is not the solution to a security problem, and that thinking should be turned on its head. If companies are concerned about security and compliance here are the questions that they should ask. These questions are based on real-world events that our customers have observed and not based on theoretical thinking.
- How can you be certain that machines are being used for their appropriate business purposes and not for gaming or other (worse) personal activities?
- How can you ensure that the appropriate policies have been applied to the machine? Are policies applied in a consistent manner or does it depend on the technician and date of machine provisioning/servicing?
- What is your update strategy should a software vulnerability be found on thousands of your machines? Does your plan involve running around with a USB stick to every machine?
- How do you connect to the machine for remote service support? Do you use web meeting tools? Does that mean that the remote user has an elevated level of access? Are the changes audited?
If your answers to the questions above are unfavorable perhaps you should consider using an IoT solution to help you solve your security and compliance problems. Connectivity and diligent management is the key to successfully managing devices in your enterprise. Axeda has helped many customers to examine and address the challenges listed above. For instance the ability to log every significant action at the device level can help organizations to ensure compliance with regulations and protect against rogue employees utilizing remote desktop applications to perform non-authorized activities on business critical machines.
Once you have decided to pursue an IoT solution, there are a number of steps required to ensure that it is secure. The first and most important step is to get senior management buy-in. While this might not be the most obvious path for technically minded folks, it is the one that can help you to solve a number of problems long term. Senior management needs to be sold on the business value of this project. If there is sufficient business value then they can help you get the appropriate resources to address security or other requirements that might be a part of the project. They can help to move obstacles that may be in the way of a successful project.
Before getting the buy-in, however, management may ask for an assessment of a particular IoT solution. Since an IoT solution is comprised of so many parts, we break it down into seven key segments to more easily perform analysis for security purposes:
- Inside the firewall software and communications
- Outside the firewall communications
- Cloud operations
- Cloud platform
- Cloud development
- Cloud applications
Over the next several blog posts we’ll dig into key security topics utilizing the above framework and provide you with an understanding of what you can and should expect from an IoT vendor, and which challenges are better addressed from within your own organization. If you can’t wait until the next post, check out our security white paper in the interim. Stay tuned!
Rob Black is Director of Platform Product Management at Axeda where he overseas the direction of the Axeda Machine Cloud Platform. In addition to his expertise in Internet of Things (IoT) and Machine-to-Machine (M2M), Rob has extensive experience in security, web services, and cloud solutions. Rob’s product management and product marketing background includes positions at RSA Security, 3Com, and Vertical Communications. Rob received his MBA from the Kellogg School of Management and holds two Bachelor of Science degrees from Washington University in St. Louis in Computer Science and System Science and Engineering. He is the inventor of three security related patents and is also a Certified Information Systems Security Professional (CISSP).
By Bill Zujewski
The “Internet of Things” (IoT) is red hot… it stole the show at CES, the world’s largest Consumer Electronics event. It is grabbing the headlines with stories about Google, Nest and the connected home and “Wearables”, one of the poster children for the internet of things. The IoT buzz is hitting the blogosphere with new views on the future connected world we will live in.
One observation… IoT has leap-frogged Machine-to-Machine (M2M) as the new buzzword. Is there a difference between IoT and M2M? Yes. Axeda defines M2M as the communication between a machine or device and a remote computer. M2M is about connecting a device to the cloud, managing that device, and collecting machine and sensor data. In essence, M2M is about connecting and communicating with a “thing” where a thing can be a machine, device or sensor…. Basically anything that can send data.
IoT goes beyond M2M… beyond computers connecting to things. IoT represents things connecting with systems, people and other things. To be clear, here are our definitions:
- Things – Includes machines, devices, sensors, consumer products, vehicles, etc.
- Systems – Include business applications, ERP/CRM/PLM systems, analytics systems, data warehouses, and control systems
- People – Includes workers and consumers; employees, partners and customers
Axeda provides an IoT Platform for orchestrating data between things, systems and people. Our IoT platform is the technology that enables things to connect to the cloud and then interact with business systems, people and other things connected to the cloud. What might be confusing is that part of our platform includes M2M capabilities for connecting to things and managing devices, but our platform also includes the key capabilities to integrate systems and people and implement IoT solutions. Some of our key IoT Platform features are:
- Extended Objects – To store any data; Includes the ability to go beyond machine/device data and store data related to other business objects like accounts, cases, policies, configurations, warranties, service requests, and rate plans
- Associations – To define a data model that associates business information with devices and associates sensors with physical objects; For example, Axeda can associate an OBD tracking device with a vehicle, driver and insurance policy and store that complementary information natively in the Axeda platform
- Groovy Scripting Engine – To provide a development environment to handle business logic in our platform. The scripting engine also provides an easy way for developer to write scripts that interact with other external systems and applications.
- Web Services – To provide APIs for accessing data and software application services in Axeda
- Scripto – To provide API’s for sending non-device data to Axeda. This could include sensor and device information from other IoT solutions or business information from enterprise systems. This essentially enables the mash-up of web services from multiple systems with Axeda as the central point of integration.
- Message Queue – A secure way to interact with other systems and clouds in an asynchronous way
Net/net: Axeda provides an IoT platform that includes M2M capabilities. In my next few blogs, I will discuss customer examples of IoT solutions. Unlike other platforms hyping what’s possible in the Internet of Things, I’ll share with the readers, real world customer success stories of Axeda integrating things, systems and people to deliver innovative new solutions that change business outcomes.
By Bill Zujewski
Salesforce.com’s Dreamforce event begins Monday and Axeda will be there in full force. We have 2 customers, Ventana Roche and Isilon, presenting their Axeda to Salesforce.com integration stories on Monday. I’ll be on a panel entitled “Current Challenges & Opportunities in the Connected World” on Nov 19th at 2pm. We’ll also be in the Developer Showcase exhibit hall, booth #7, previewing a new application that will be available on the AppExchange.
Why is an IoT platform company at Dreamforce?
Because machine data is very valuable information when it comes to managing customers, their assets and their cases. Extending the Salesforce.com cloud with machine data enables proactive service, streamlines customer support, and enhances case, asset, and account management. For our customers who are manufacturers, connecting machines and integrating the machine data into the Salesforce.com Sales and Service Clouds, it will enable your Salesforce.com users to use an application they are comfortable with to access machine information. This new data provides Salesforce.com users with greater visibility into customer and asset information and delivers a long list of benefits. Then in turn users will be able to:
- Understand how customers are using equipment
- Review machine down-time and idle-time to understand the quality of service
- Troubleshoot issues more effectively with real-time machine information and logs
- Reduce call times with better information to resolve cases
- Get notified when equipment issues occur before a customer contacts you
- Review past machine issues and historical alarms to diagnose recurring problems
Machine Data is also very valuable to sales and marketing organization as it can drive more sales and improve customer satisfaction. Equipment usage information is very valuable to understanding a customer and account situation. For example, high machine utilization can uncover a customer’s need for more capacity and addition equipment. Low utilization can be an early warning sign of equipment problems or potential churn to a competitor’s equipment. Machine data can also provide visibility into consumable levels and enable your operations organization or supply chain partners to replenish the machines proactively.
Net/net: Machine data is making its way into Salesforce.com. Axeda’s customers are taking us there… and we are jumping on the bandwagon and making it easy for them to do so.
By Dan Murphy
Salesforce has its sights set on the Internet of Things, and – like Axeda – the company is focused on helping organizations to turn data and connected products into real business value.
While thousands of companies have transformed business functions from service to sales to R&D, few have achieved greater success than Ventana Medical Systems – whose M2M success story was featured in a GigaOm podcast this week.
At Dreamforce – Sean Casey, director of IT at Ventana, will share how his company uses M2M connectivity and Salesforce integration to improve service levels and customer satisfaction across the organization. Sean will present ‘Improving Patient Care with Connected Medical Devices’ on Monday, Nov. 18, at 10 a.m. at the Palace Hotel - Presidio
But Ventana won’t be the only Axeda customer showcasing their M2M story at Dreamforce. Additionally, Jason DePardo of EMC Isilon will present ‘Extending the Value of Connected Product Data’ on Monday, Nov. 18 at 4 p.m. at the InterContinental San Francisco, InterContinental Ballroom A.
And Axeda’s own Bill Zujewski, CMO & EVP of Product Strategy, will participate on a panel discussion ‘Current Challenges & Opportunities in the Connected World’ on Tuesday, Nov. 19 at 2 p.m. at the InterContinental San Francisco, Telegraph Hill.
You can find the Axeda team in Booth #7 in the Developer Zone in Moscone-West, where we can give you a preview of our new Salesforce AppExchange and demonstrate how integrating machine data into the Salesforce Cloud delivers real, tangible value to businesses.
Hope to see you there!
By Bill Zujewski
This is the fifth and final post in a multi-part series, which specifically explores the challenges of dealing with wireless technology as part of an M2M (Machine-To-Machine) initiative. Today’s post will focus on data storage and application development.
In our first four posts, we’ve covered the key steps for establishing, managing, maintaining, and securing wireless M2M connectivity. But all of this leads up to the one essential question:
How will you use all that data?
And for a dose of truth: lots of data is pretty meaningless if you don't have a plan for it.
The ability to turn wireless machine data into consumable and useful information is critical to making an M2M initiative successful and impacting your organization's bottom line. But there isn't always a clear path, and it can be awfully challenging to see the promise land when you're buried in facts and figures.
In its raw form, machine data is arcane, proprietary, and not very usable for most organizations. Businesses need tools and strategies to make raw data easy to consume, and need to come up with a data model and programmatic interfaces that make it easy for programmers to develop applications and integrate machine data into other systems.
Here are four key steps that businesses should take to make machine data consumption and integration easier:
- Understand the originating data formats. With no real standard for M2M communications, M2M data is highly fragmented and often varies from device to device. There’s a difficult learning curve involved, but understanding the data formats you’ll be using with different devices will help you prepare to translate it into formats you can more easily deal with.
- Normalize the data. Store machine data in a normalized format regardless of the device sending the data. For example, trip records from vehicle devices are very different depending on the device supplier, but for most of them you can extract common information: the start time, end time, and points hit along the way. Regardless of the device used, store the information the same way. Consider using a relational database or data repository that you are familiar with. This will enable you to manage the historical data more effectively and efficiently.
- Expose the data using modern APIs (like REST or SOAP) to turn raw data access into familiar API access. This will improve developer productivity.
- Make it scalable. Rest assured – your M2M initiative will grow, whether by bringing new machines onto the network, or retrofitting older ones for connectivity. Ensuring that your data storage and access architecture is built to handle the influx of data is key.
Perhaps the biggest challenge of making M2M data usable is that it involves a lot of low-level designing and application logic which can be time-consuming and tedious. Leveraging M2M/IoT platforms that are device-agnostic, can handle massive amounts of data, and include elegant APIs out of the box will dramatically reduce the time needed to translate and manage machine data, and accelerate your time to market for new applications and integrations.
Today’s cellular capabilities for connecting machines creates a lot of possibilities – untethered from wired or wireless internet connections, mobile products like cars, personal health monitors, or shipping crates can get connected fast.
But surprisingly, it’s not just things that move that are going cellular. Our recent survey from Axeda Connexion 2012 found that a whopping 86 percent of M2M adopters currently support or plan to support mobile connectivity – representing all flavors of connected enterprises, including those with large, non-moving assets.
Why the massive interest in cellular? Three simple reasons:
- M2M is global. Many areas of the world can’t provide reliable Internet access. Cellular allows organizations to expand their global footprints to remote regions.
- Cellular is easy. As Robin Duke-Woolley, CEO of Beecham Research, points out in our new eBook, fixed line installations are labor-intensive, and require data to navigate on-site networks. Cellular connections can bypass these steps, and provide data straight into the data center.
- Mobile is affordable. Once-prohibitive costs are rapidly falling – and organizations are jumping at the opportunity.
As everything from iPads to ATMs to entire electrical grids become ‘mobile,’ a new concern arises: what does this mobile device management (MDM) entail?
SAP’s Sanjay Poonen believes, on one hand, that the huge demand for managing and securing all the apps and content that comes with the ‘Internet of Things’ will push the industry to the mainstream. On the other hand, the tools and processes that already exist for managing mobile ‘devices’ (i.e. tablets and smartphones) can be extended to manage mobile ‘things’ – which is why SAP is investing more resources to extend the capabilities of Afaria.
SAP’s focus on mobility gives a glimpse into just how big the M2M industry will be in the coming years, how much value enterprise systems turn from machine data, and how the innovators are tapping cellular to get connected – and integrated – fast.
If you are reading this you have almost certainly seen the partnership announcement from Axeda and AT&T. If you haven’t, read it now.
I am particularly excited about this announcement, because it strengthens an already important relationship to the M2M industry. As I have said many times in this forum, M2M is hard. To deliver an M2M application a company must:
- Communications enable a product
- Get a carrier to provide airtime and ensure proper coverage
- Get your product validated on the carrier network
- Provision the product on the carrier network once it deploys
- Manage the product’s billing and carrier network operation
- Develop a cloud service that listens to your product
- Integrate that cloud service into your business and business processes
And, oh by the way, make sure that all of this works together, can operate at scale, and is secure!
To lower this bar, the M2M industry has been developing modular components that make it easier to do one part of this stack or the other. For example, Axeda provides a cloud based M2M application platforms, Jasper carrier network provisioning, companies like Telit provide hardware modules, AT&T airtime – but putting it all together – still big work.
What the relationship with Axeda signals is that AT&T is taking the industry lead in corralling the disparate parts of M2M and creating a unifying experience for its customers that will simplify M2M adoption, improve its support experience, and reduce costs. In this agreement, AT&T and Axeda have made a commitment to each other and the industry to make M2M EASY.
For more on this topic, check out my earlier blog: “M2M Gets a KISS
Most companies think that the connected products they sell are theirs – this is a mistake. All connected products and their associated services and applications are the property of, and for the benefit of, the consumers who have purchased them.
This is one of the reasons that I am adamantly against a Smart Grid initiative that is utility-centric – see my recent “Is the Smart Grid Dumb” blog for reference. I ended my last blog on this topic with the question: How does a vending machine become MY VENDING MACHINE?
Let’s consider some of the elements that enable a product to be mine. In general it boils down to control of the following:
- Who has access to it
- What it does
- When it does it
- What it can do
- And who else it plays with
It is much like a drawbridge on a castle. You can’t pass the alligator filled moat unless the bridge is down. The bridge will only be down if someone on the inside says its ok.
A connected product respects this concept. From a software stack perspective, a connected product looks like the picture below:
In the wild is the physical product, creatively called the “Product Instance” in this drawing. The “Product Instance” communicates through the Internet (wired or wirelessly) to the Cloud. The Cloud holds a virtual incarnation of the product, I call the Product Avatar. (Since everyone saw the movie, I thought the word would work) In this context a Product Avatar is a data representation of a specific product. Now here is the interesting part: the Product Avatar is wrapped via owner credentials. This means that the web services, the data, and everything that makes this product in the wild yours is protected and controlled by the owner’s user credentials. That means that nothing can be done to the product without the owner’s explicit permission.
Next up in the stack are the applications that interact programmatically with the Product Avatar. The manufacturer or 3rd parties may provide the applications. The owner may use the applications or enable the manufacturer or a service provider to operate them on their behalf. But the key point is that no one can do anything without the owner providing the credentials that say it’s ok.
A subtle, but very important point, is that the Product Avatar is separate from the applications that operate on it. There are several reasons for this:
- This separation enables a single application to operate on many Product Avatars
- The application and Product Avatar can be updated separately and independently of each other without breaking
- The credentials for access to the core of the Product Avatar are separate from the applications that operate on them, improving security significantly
The morals of the story?
- Connected product interaction is shielded from activity by the owner’s credentials and preferences
- A manufacturer’s business process must respect owner credentials and permissions
- All connected product interactions should be managed through applications that my have additional/independent settings.
Think about your connected products – are they owned by you or your customers?