Singapore’s M1 aims narrowband deployment at the sea

Singapore telco M1 is getting Nokia to install an NB-IoT network atop its 4G one, interestingly with an eye not just to land but to sea. 

NB-IoT stands for Narrowband Internet of Things, and is the GSM world’s answer to narrowband technologies such as LoRa and Sigifox that threaten to take away a chunk of their business when the Internet of things does eventually take off. Why use expensive modems and services when you’re just trying to connect devices which want to tell you whether they’re on or off, full or empty, fixed or broken?  

Techgoondu reports: “While that network caters to heavy users who stream videos or songs on the go, a separate network that M1 is setting up at the same time is aimed at the smart cars, sensors and even wearables.

They said pricing will likely vary with each solution or package, with some companies saving costs from deploying large amounts of connected sensors. However, others that require the bandwidth, say, to deliver surveillance videos over the air, would likely stick with existing 4G networks.

And while many NB-IoT devices are still on the drawing board – standards for the network were only finalised in June – M1 executives were upbeat about jumping on the bandwagon early.

Alex Tan, the telco’s chief innovation officer, said the technology would open up new business opportunities in the years ahead.”

A press release from M1 says it’s working with the ports authority — Singapore is one of the biggest ports in the world — to  “explore the deployment of a network of offshore sensors to augment the situational awareness of our port waters,” according to Andrew Tan, Chief Executive of the Maritime and Port Authority, MPA.

This follows Sigfox’s deployment in the city state last month. It also pips to the post rival Singtel who have been talking since February about running a trial of NB-IoT with Ericsson.  (Update: “Our preparation to trial NB-IoT is well underway. We are working with our vendors and industry partners to conduct lab trials in December, with a view to launch an NB-IoT network by mid-2017.”)

Here’s my earlier piece on LoRa

Connected cows, cars and crockery prod chip mega mergers

My Reuters piece attempting to place the recent chip mergers in a longer timeline. Yes, I hate the term internet of things too. 

Connected cows, cars and crockery prod chip mega mergers | Reuters:

SINGAPORE/TAIPEI | BY JEREMY WAGSTAFF AND MICHAEL GOLD

Chip companies are merging, signing $66 billion worth of deals this year alone in preparation for an explosion of demand from all walks of life as the next technological revolution takes hold: the Internet of Things.

As cars, crockery and even cows are controlled or monitored online, each will require a different kind of chip of ever-diminishing size, combining connectivity with processing, memory and battery power.

These require makers to pool resources and intellectual property to produce smaller, faster, cheaper chips, for a market that International Data Corp said would grow to $1.7 trillion by 2020 from $650 billion last year.

By comparison, chip markets for personal and tablet computers are stagnant or in decline, and even smartphones are near peaking, said Bob O’Donnell, a long-time consultant to the chip industry.

‘We’re very much done in terms of growth of those traditional markets,’ said O’Donnell. ‘That’s why they are looking at this.’

Last month saw the biggest-ever chip merger with Avago Technologies Ltd agreeing to buy Broadcom Corp for $37 billion. That eclipsed the $17 billion Intel Corp agreed last week for Altera Corp, and the $12 billion NXP Semiconductors NV offered in March for Freescale Semiconductor Ltd.

On Friday, Lattice Semiconductor Corp said it was open to a sale.

 

CONNECTED COWS

The Internet of Things relies on chips in devices wirelessly sending data to servers, which in turn process the data and send results to a user’s smartphone, or automatically tweak the devices themselves.

Those devices range from a light bulb to a nuclear power plant, from a smartwatch to a building’s air-conditioning system. This range presents both opportunity and a challenge for semiconductor companies: their potential customer base is huge, but diverse, requiring different approaches.

Qualcomm Inc, for example, is used to selling chips to around a dozen mobile phone manufacturers. The Internet of Things has brought it business from quite different players, from makers of water meters to street lights that sport modems and traffic-monitoring cameras. All have their own needs.

‘You can’t think the new market is just like the old one,’ Qualcomm Vice President of Marketing Tim McDonough said in an interview.

Qualcomm estimates that the Internet of Things will bring in more than 10 percent of its chip revenue this business year.

And then there are those cows. Instead of monitoring herds by sight, farmers in Japan have tagged them with Internet-connected pedometers from Fujitsu Ltd and partner Microsoft Corp, to measure when they might be ready for insemination. Cows in season, it turns out, tend to pace more.

SPECK OF CHIP

This new business is pushing chip companies together in part to consolidate their expertise onto one chip, a trend forged by mobile phones.

The Avago-Broadcom deal, for instance, brings together motion control and optical sensors from Avago with chips from Broadcom that specialize in connectivity via wireless technologies such as Bluetooth and Wi-Fi.

In the past ‘if you wanted to build a board that has all the components, then you needed to buy three different chips,’ said Dipesh Patel of ARM Holdings PLC, which licenses much of the technology inside mobile phones – and, increasingly, in the Internet of Things.

‘Now you only need to buy one chip. But you’re trying to get more of the same system on the same chip.’

As chips get smaller, they could be tiny enough to ingest, according to Vital Herd Inc. The Texas-based startup’s pill-like sensor, once a cow swallows it, can transmit vital signs, warning farmers of illness and other problems.

Jen-Hsun Huang, co-founder and chief executive officer of graphics chips maker Nvidia Corp, predicts chips will shrink to the size of a speck of dust and find their way into almost anything, from shoes to cups.

‘Those little tiny chips, I think they’re going to be sold by the trillions,’ Huang said in an interview. ‘Maybe even sold by the pound.’

PROCESSING

Installing chips into end products is only one side of the equation. The more things connect, the bigger the number and capability of servers needed to process the vast amount of specialized data those chips transmit.

To meet the demand, Intel could employ chips for its servers designed by new purchase Altera that analyze streams of similar data – specializing in one function, as opposed to multiple functions like chips inside personal computers – industry consultant O’Donnell said.

Combining such strengths is going to be vital, said Malik Saadi of ABI Research, because consolidation is not over yet.

More chip companies ‘will have to make that radical decision to merge,’ said Saadi. ‘This is just the starting point.’ 

(Additional reporting by Liana Baker in New York; Editing by Christopher Cushing)”

All at sea: global shipping fleet exposed to hacking threat

[Original link: this one includes links to the source material where available]

(Reuters) – The next hacker playground: the open seas – and the oil tankers and container vessels that ship 90 percent of the goods moved around the planet.

In this internet age, as more devices are hooked up online, so they become more vulnerable to attack. As industries like maritime and energy connect ships, containers and rigs to computer networks, they expose weaknesses that hackers can exploit.

Hackers recently shut down a floating oil rig by tilting it, while another rig was so riddled with computer malware that it took 19 days to make it seaworthy again; Somali pirates help choose their targets by viewing navigational data online, prompting ships to either turn off their navigational devices, or fake the data so it looks like they’re somewhere else; and hackers infiltrated computers connected to the Belgian port of Antwerp, located specific containers, made off with their smuggled drugs and deleted the records.

While data on the extent of the maritime industry’s exposure to cyber crime is hard to come by, a study of the related energy sector by insurance brokers Willis this month found [PDF] that the industry “may be sitting on an uninsured time bomb”.

Globally, it estimated that cyber attacks against oil and gas infrastructure will cost energy companies close to $1.9 billion by 2018. The British government reckons cyber attacks already cost UK oil and gas companies around 400 million pounds ($672 million) a year.

In the maritime industry, the number of known cases is low as attacks often remain invisible to the company, or businesses don’t want to report them for fear of alarming investors, regulators or insurers, security experts say.

There are few reports that hackers have compromised maritime cyber security. But researchers say they have discovered significant holes in the three key technologies sailors use to navigate: GPS, marine Automatic Identification System (AIS), and a system for viewing digital nautical charts called Electronic Chart Display and Information System (ECDIS).

“Increasingly, the maritime domain and energy sector has turned to technology to improve production, cost and reduce delivery schedules,” a NATO-accredited think-tank wrote in a recent report. “These technological changes have opened the door to emerging threats and vulnerabilities as equipment has become accessible to outside entities.”

TIP OF THE ICEBERG

As crews get smaller and ships get bigger, they increasingly rely on automation and remote monitoring, meaning key components, including navigational systems, can be hacked.

A recent study by security company Rapid7 found more than 100,000 devices – from traffic signal equipment to oil and gas monitors – were connected to the internet using serial ports with poor security. “The lines get blurry, and all industries and all technologies need to focus more on security,” said Mark Schloesser, one of the authors of the study.

Mark Gazit, CEO of ThetaRay, an internet security company, said an attacker managed to tilt a floating oil rig to one side off the coast of Africa, forcing it to shut down. It took a week to identify the cause and fix, he said, mainly because there were no cyber security professionals aboard. He declined to say more.

Lars Jensen, founder of CyberKeel, a maritime cyber security firm, said ships often switch off their AIS systems when passing through waters where Somali pirates are known to operate, or fake the data to make it seem they’re somewhere else.

Shipping companies contacted by Reuters generally played down the potential threat from hackers. “Our only concern at this stage is the possible access to this information by pirates, and we have established appropriate countermeasures to handle this threat,” said Ong Choo Kiat, president of U-Ming Marine Transport, Taiwan’s second-largest listed shipping firm by market value. The company owns and operates 53 dry cargo ships and oil tankers.

VIRUS-RIDDLED

A study last year by the Brookings Institution of six U.S. ports found that only one had conducted an assessment of how vulnerable it was to a cyber attack, and none had developed any plan to response to any such attack. Of some $2.6 billion allocated to a federal program to beef up port security, less than 1 percent had been awarded for cyber security projects.

When CyberKeel probed the online defences of the world’s 20 largest container carriers this year it found 16 had serious security gaps. “When you look at the maritime industry there’s extremely limited evidence of systems having been breached” compared to other sectors, said CyberKeel’s Jensen. “That suggests to us that they’ve not yet been found out.”

Michael Van Gemert, a security consultant to the oil and gas industry, said that on visits to rigs and ships he has found computers and control systems riddled with viruses. In one case, he said it took 19 days to rid a drilling rig en route from South Korea to Brazil of malware which had brought the vessel’s systems to a standstill.

“The industry is massively in need of help, they have no idea what the risks are,” he said.

The main ship navigation systems – GPS, AIS and ECDIS – are standards supported by bodies such as the International Maritime Organisation (IMO). Indeed, that body has made AIS and ECDIS mandatory on larger commercial and passenger vessels.

Researchers from the University of Texas demonstrated last July that it was possible to change a ship’s direction by faking a GPS signal to dupe its onboard navigation system.

Marco Balduzzi and colleagues at anti-virus vendor Trend Micro last month showed that an attacker with a $100 VHF radio could exploit weaknesses in AIS – which transmits data such as a vessel’s identity, type, position, heading and speed to shore stations and other ships – and tamper with the data, impersonate a port authority’s communications with a ship or effectively shut down communications between ships and with ports.

In January, a British cyber security research firm, NCC Group, found flaws in one vendor’s ECDIS software that would allow an attacker to access and modify files, including charts. “If exploited in a real scenario,” the company concluded, “these vulnerabilities could cause serious environmental and financial damage, and even loss of life.”

When the USS Guardian ran aground off the Philippines last year, the U.S. Navy in part blamed incorrect digital charts. A NATO-accredited think-tank said the case illustrated “the dangers of exclusive reliance upon electronic systems, particularly if they are found vulnerable to cyber attack.”

“Most of these technologies were developed when bandwidth was very expensive or the internet didn’t exist,” said Vincent Berk, CEO of security company FlowTraq.

NO QUICK FIX

Fixing this will take time, and a change in attitude.

“Security and attack scenarios against these technologies and protocols have been ignored for quite some time in the maritime industry,” said Rapid7’s Schloesser.

Researchers like Fotios Katsilieris have offered ways to measure whether AIS data is being faked, though he declined to be interviewed, saying it remained a sensitive area. One Google researcher who has proposed changes to the AIS protocol wrote on his blog that he had been discouraged by the U.S. Coastguard from talking publicly about its vulnerabilities.

Indeed, AIS is abused within the industry itself.

Windward, an Israeli firm that collects and analyses AIS data, found 100 ships transmitting incorrect locations via AIS in one day – often for security or financial reasons, such as fishing boats operating outside assigned waters, or smuggling.

In a U.N. report issued earlier this year [PDF] on alleged efforts by North Korea to procure nuclear weapons, investigators wrote that one ship carrying concealed cargo turned off its AIS signals to disguise and conceal its trip to Cuba.

It’s not clear how seriously the standards bodies treat the threat. Trend Micro’s Balduzzi said he and his colleagues were working with standards organisations, which he said would meet next year to discuss his research into AIS vulnerabilities.

The core standard is maintained by the International Telecommunications Union (ITU) in association with the IMO. In a statement, the IMO said no such report of vulnerabilities had been brought to its attention. The ITU said no official body had contacted it about the vulnerabilities of AIS. It said it was studying the possibility of reallocating spectrum to reduce saturation of AIS applications.

Yevgen Dyryavyy, author of the NCC report on ECDIS, was sceptical that such bodies would solve the problems soon.

First, he said, they have to understand the IT security of shipboard networks, onboard linked equipment and software, and then push out new guidelines and certification.

Until then, he said, “nothing will be done about it.”

($1 = 0.5949 British Pounds) (Additional reporting by Keith Wallis; Editing by Ian Geoghegan)