IOT DOMAIN ANALYST

B2
DIGITAL ASSIGNMENT-2
L.ANIRUDH
18BEC0559

1. Discuss with a use case how to Secure IoT systems through Framework,
Design and Deployment Considerations.
2. Explore different strategies and factors of value engineering for the
above business use case.

PART-A
IoT has penetrated into every aspect of the daily lives. It’s present at home (smart home),
streets (connected cars), agriculture (smart farming), shops (smart retail) and so on.
However, every good thing is accompanied by a bad thing. And in the IoT world, hackers are
constantly trying to enter into the connected systems.
One example is the hacking of pacemakers manufactured by St Jude Medical, U.S. in 2017. By
hacking into the system, the functions of the pacemaker were altered such as depleting the
battery life and slowing down the pacemaker. This can put the life of the patient at risk.

Threats to the IoT system

There are five key elements for having secure IoT products and solutions.
1. Framework: It will comprise of structured guidelines of requirement gathering.
2. Architecture: Having the right architecture is important as every IT solution is
different. The architecture should support those designs.
3. Secure by design: You need to see here that ythe designs are secure from the design
stage. To do that, you need to take all vulnerabilities into account.
4. Best practices: Through best practices, vulnerabilities are being discovered and
addressed. This results into development of secure and better devices.
5. Threat-modelling

Security requirements compliance

In the system level, one needs to know what type of hardware needs to be designed, what
kind of security software needs to be developed and what kind of accessibility should be
present for the mechanical devices.

In the business level, a company producing IoT products needs to have a policy for security
and responsibility pertaining to the ownership of the security. It should have processes in
place for analysing threats and reducing vulnerability.

Compliance requirements from system and business point of view

➢ Business security processes, policies and responsibilities.

➢ Device hardware and physical security.
➢ Device software, operating system, wired and wireless interfaces.
➢ Authentication and authorisation.
➢ Encryption and key management for hardware.
➢ Web user interface.
➢ Mobile application.
➢ Privacy regarding data protection.
➢ Cloud and network elements.
➢ Secure supply chain and production.
➢ Configuration.
 Good security practices
➢ No default password
➢ Implement a vulnerability disclosure policy
➢ Keep software updated
➢ Securely store credentials and security-sensitive data.
➢ Minimise exposed attack surfaces
➢ Ensure software integrity
➢ Ensure that personal data is protected.
➢ Make the system resilient to outage
➢ Make it easy for consumers to delete personal data
➢ Make installation and maintenance of devices easy
➢ Validate input data

For today’s case study, we will take Smart Water Management System.

Here I consider a farm that harnesses rainwater in addition to regular town water supply for
the case study. Since the level of water in each tank can change dynamically based on the
amount of rainfall, monitoring the level of water for efficient use and distribution in the farm.
Depleted tank levels occur when the utilization rate exceeds the resupply. Alternatives to
town water or scheduled trucked in water could be better managed with rainfall
measurement and prediction. Remote monitoring of these resources using the level
measurement of each tank via a user-friendly mobile device, facilitates decisions for an
optimal and economic rainwater /town water resource balance.
The proposed IoT security model has been applied to the case scenario to implement smart
water monitoring and management with end-to-end security. For proof-of-concept pilot
implementation, two tanks were monitored, a household greywater system (2000 L), and an
on-farm tank in another location (45,000 L). These were fitted with ultrasonic sensors, valve
solenoids, and pressurizing pumps.
The image below shows an illustration of the deployment of the end-to-end security model
using a VPN with one of the water tanks.
The levels of the individual tanks can then be checked remotely, and refilling can be
automated based on parameters, such as time of day, low-level minimum values, or by
remote manual intervention. An ultrasonic tank level sensor with a Sentryrobotic Wi-Fi
transmitter is adopted for this case scenario based on the smart water tank monitor system
and the pi-tank-watcher.

VPN stands for "Virtual Private Network" and describes the opportunity to establish a
protected network connection when using public networks. VPNs encrypt the internet traffic
and disguise the online identity. This makes it more difficult for third parties to track the
activities online and steal data.
The proposed IoT security model ensures that the security measures are first enforced with
OpenVPN optimization, and tuning before deploying the IoT enabled devices for the smart
water monitoring system.
We can see how the OpenVPN connecting the IoT enabled nodes establishing the end-to-end
security protocols are implemented, below figure demonstrates the authenticated OpenVPN
connection established using a simple user-interface. The Open VPN server creates the OVPN
script, a script file with extension .ovpn, which is shared securely with the OpenVPN clients.
This is used by the clients to establish a secure connection to the server. Below figure provides
an illustration of running the OVPN script for generating Rivest–Shamir–Adleman (RSA) keys,
and the below figure shows the creation of a VPN certificate using SSL security protocol
successfully.
Once a secure connection is established, the server issues a Dynamic IP address using Network
Address Translation (NAT) protocols. Once a NAT address has been issued to the client, the
client is free to communicate with all other clients in the VPN network. Currently, there are
two types of clients in the VPN network. One has the IoT devices associated with it in an
integrated Raspberry Pi acting as a discrete element. The other device is the remote monitor,
which is implemented on a mobile phone. Further, we adopt the authentication method for
the nodes with the admin having read and write access, while other users are limited to read
access only.

For the smart water monitoring system case scenario, the water level in each tank is measured
periodically based on the water depth reading of the sensor, and its rate of outflow determines the
valve opening rate.

The pressure of the mains is likely to vary, and the rate of filling versus the rate of outflow
determines the valve is opening duration. The controller makes the decision of how long the valve
should be kept open based upon the rate of refilling. The tank sensing and filling are on one sub-
system, and the decision control is separate.
 These sub-systems are on different networks. The decision control and monitoring are
performed using a mobile app. A secure connection using the proposed security model is established
among the IoT devices, such as the tank sensor, tank valve, and the controller below shows a
prototype of Raspberry Pi and the water sensor connected with a breadboard for the pilot
implementation and testing.

A process flow diagram for the operation of water sensors and valves is given in the fig below.
The “Calculate Percentage” node calculates the percentage of water level based on the data
from the water sensor, and the result is transferred to the “Water Level” dashboard node to
display the output on the mobile app dashboard for the monitor and control of water level
remotely. An illustration of the output is shown in the dashboard is given in the below figure.
To perform an auto refill of water with “Valve l”, a rule is set, such as “if the water level is less
than 15% of tank capacity, turn ON the valve; if the water level is greater than 80%, turn OFF
the valve”. Valve 1 is then connected to a valve switch control “Water In” node that triggers
the action accordingly with the status, “Statute” which is set to communicate “Water is
refilling” if Valve 1 is ON, or “Water is ready to use” if Valve 1 is OFF.
 Water level is remotely monitored and controlled

Further, as shown in below figure, dashboards for Raspberry Pi mobile devices are designed
to monitor resource overheads and utilization, such as memory and CPU load, including the
CPU temperature. We considered the design of such a dashboard for future power
consumption minimization and optimization as it is intended that these devices would
eventually be running from solar power resources.
To illustrate the monitoring of water level trends over a longer time interval, we provide from
publicly available resources, the outputs of data analytics using software tools in figure. Such
graphical trends would provide data insights for making an informed decision for remotely
operating the water tank sensors with a user-friendly mobile App.
In addition, using a cross-reference against weather data, many predictive models could be
employed to make decisions on the usage of water. For instance, when the water level drops,
adjustments to water consumption could be programmed to water the farm appropriately.
Similarly, data from weather forecasts and rain patterns could be correlated with the water
tank data. For instance, the correlation between the water tank level and the weather
condition could be determined. With such data analytics, more informed and intelligent
decisions could be made for both water storage and water usage. Various trends on water
inflow and outflow of rainwater and town water tanks could provide useful data insights to
identify correlations among the control parameters.
 PART-B
We take the example of the system used in Brazil

Unlike imperative processes, the concept declarative defines a set of restrictive rules. As long
as users respect these rules, they are free to choose how to execute the process. In the
opposite direction, imperative processes specify how the users must execute the rules, stating
all possible dependencies between tasks. This difference is fundamental for declarative
processes in environments of uncertainty and constant change as in the field of water
management.

The yellow circle shows where the system was used.

The scenario models a subsystem that consists of four pumps and a tank. The pumps draw
water from a water treatment plant. The system adopts the following rules to control the real
system:
1. All pumps are off at the beginning of the process.
2. It checks the tank level after a given predefined period.
3. Turns all pumps on when the tank reaches the lower level.
4. Turns all pumps off when the tank reaches the higher level.
5. Turns off the pump running for the longest period whenever the volume of water flowing
to the tank is greater than the volume of water flowing out of the tank.
6. Turns off the pump running for the longest period whenever the volume of water flowing
to the tank is lower than the volume of water flowing out of the tank.
During the modelling phase, we noticed a significant impact on the complexity of the
imperative process above figure when any of the simplifications mentioned above are not
assumed. For instance, the addition of a maintenance subprocess, which stops pumps for
preventive maintenance or closes the tank for cleaning, duplicates the number of connections
in the BPMN model.
On the other hand, including the same rules in the declarative process below figure has a
negligible impact on the process complexity. In this case, to add an action to stop a pump and
execute the preventive maintenance or to close and clean the tank would be enough.

The simplicity of the BPMN model is also its weakness when trying to when trying to devise a
stop process for one or more pumps for preventive maintenance, or even a stop for tank
cleaning or maintenance.
On must rewrite the entire process to meet the need for unforeseen events. The above figure
depicts the same process that was described before: the difference is the notation. As it is a
declarative notation, there is no definition of the sequence of activities, only the constraints.
The activities on this notation are the rectangles.
There is just one kind of rule, which is an obligation of immediate execution, called a chain
response. This rule implies that, whenever the source activity is performed, the next activity
to be executed is the activity at the end of the rule. So after the Minimum Level Reached the
next activity is Turn on All Pumps; after Output Flow higher than Input Flow, it will be Turn on
the Next Pump, and so on.

A conventional water supply system includes the following elements:

• Raw water source: water found in the environment.
• Raw water pumps: a set of equipment and installations used to collect water from rivers
and lakes.
• Raw water transmissions: transportation raw water to the water treatment facilities.
• Water treatment station: infrastructure for water purification installed close to the final
delivery points, to reduce pumping costs and to reduce the chance of new contamination
after treatment.
• Water storage tank: a water tank installed on top of a structure, at a height sufficient to
pressurize the water distribution system.
• Water distribution system: a set of interconnected pipes and valves used to deliver water
to the eventual consumers.
This section evaluates the REFlex Water architecture, a solution for intelligent water
management that uses IoT, Complex Event Processing, and declarative processes. The
evaluation demonstrates the practical use of REFlex Water through a real water distribution
system installed in a Brazilian city. Additionally, the section discusses the advantages of
declarative business processes in the context of water distribution systems, whose behavior
is usually difficult to foresee.
Traditional workflow management systems that use imperative process modeling language
(e.g., BPMN) are useful for modeling static and standardized systems. However, they do not
provide an adequate response when dealing with dynamic and chaotic processes (e.g.,
healthcare, disaster prevention, and water systems). The management of water supply
systems requires a team of professionals with different skills and levels of experience. Such
professionals need to adapt to unexpected situations that may occur in this scenario. In this
context, declarative processes may offer the required flexibility, and maintain control over
water management policies .
Figure illustrates a scenario to demonstrate the practical use of the REFlex Water framework.
Notice the presence of water specialists at the Infrastructure level and Water managers at
the Application level. The REFlex Water API acts as a gateway receiving data from sensors and
forwarding it to Orion FIWARE, which in turn sends it to a CEP server that processes and
analyzes the data. Afterwards, the Orion FIWARE and STH-Comet updates the monitoring
interface used by water managers to visualize the current time series data stored by Cygnus.
 An organization may have business initiatives such as:
▪ Reduce inventory costs
▪ Improve supply chain reliability
▪ Reduce unplanned operational downtime
▪ Improve customer retention
▪ Improve yield
▪ Improve “first time fix”
▪ Improve supply chain reliability and quality

Improved Design Quality: A mechanical design engineer ensures that there are no
deformities, defects, and deviations in the product design. The material uses its strength to
withstand various physical forces, design compatibility, etc.
Reduced Turnaround Time: Multi-functional teams like electrical engineers and
mechanical engineers, work simultaneously which ensures a reduced lead time while still
improving cost and quality.
Detailed Analysis for Better Functioning: During the design phase various analysis such
as finite element analysis is carried out to determine the end-user perspectives and needs,
the possible failures that could occur, etc.
Compliance Testing & Certification: Many products need to comply with product
compliance standards such as FCC, CE, RoHS, IC and region-specific certifications before you
can legally ship and sell them worldwide. When it comes to product certification you need a
reliable and safe product design not only for the end user but also for the environment
itself.
Validation of Durability: Mechanical Design experts who have expertise in various design
and development tools and technologies help de-risk the design challenges of OEMs such as
lack of inhouse resources, complexity of designs and eradicate the defect to make it more
durable product design that would otherwise have caused a huge loss of material, money
and time during manufacturing. It also helps in maintaining right balance in delivering right
durability vs expected durability of product to balance cost factor as well.
The aforesaid benefits at both the manufacturers’ and end-users can drive more enterprises
to adapt product design services while developing IoT solutions. It has changed the way
businesses approach manufacturing and design in smart connected products to stay
competitive. One-stop IoT solutions providers can provide complete product engineering
services to OEMs and reduce the hassle of handling multiple vendors for developing
products from concept to manufacturing.

-------------------------------------------------------------------------------------------------------------------------