ethernet

TempAlert bought by Digi Intl. for $45M cash

Digi International, the maker of RF modules, gateways, cellular routers and other IoT/M2M connectivity products announced last week that it has acquired TempAlert, a startup offering remote temperature monitoring system for $45 million in cash plus future earn-out incentives.

TempAlert Wireless Sensor and Screen

TempAlert is the fourth startup Digi has acquired over the past two years. The acquisition streak started with the company acquiring cloud computing service provider Etherios back in Nov 2015 for $20M followed by two more acquisitions i.e. FreshTemp and Smart Temps in Nov 2016 and January this year respectively.

The high-profile acquisition of TempAlert, the most expensive of the four buyouts signifies Digi’s consolidation of its ‘connected cold-chain’ practice. At the time of acquisition, TempAlert had 20,000 customers using its temperature monitoring solution.

The solution consists of a suite of wireless sensor devices, a cloud-based monitoring dashboard, and an analytics and reporting module. The sensor suite consists of a rugged casing that contains temperature sensors accompanied with cellular/Ethernet gateways that act as the connection hub for all wireless sensors.

TempAlert’s dashboard

“The acquisition of TempAlert doubles our Smart Solutions team to over 100 professionals, allowing us to offer our customers unprecedented domain expertise and support.”
Ron Konezny, president and chief executive officer, Digi International

Interestingly, another company called Belden Inc. (NYSE: BDC), a global leader in high quality, end-to-end signal transmission solutions for mission-critical applications offered, and later rescinded its offer to acquire Digi International.

Read more here:: feeds.feedburner.com/iot

Two More Crypto Holes

By Steven Bellovin

If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I’m not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What’s more interesting are the implications.

As I’ve said before about crypto, don’t panic. Encryption flaws are sexy and get academics very excited, but they’re rarely particularly serious for most people. That’s very true here. In fact, at a guess, the most widespread problem, with WiFi, will have fewer serious consequences than the RSA problem.

The reason that crypto issues are not in general very serious is that someone who wishes to exploit them needs both the flaw and access — and access is rarely easy. For this new WiFi attack, remember that the range of WiFi is about 100 meters; this is not something that the attackers can do over the Internet. (Yes, with a good, directional antenna you can manage about a kilometer. That’s still not much, and since the attack depends on sending a packet to the target machine you need very precise aim on someone’s phone or computer.)

There’s a really important public policy angle to this, though. We’re hearing lots of calls for “exceptional access”, a mechanism for lawful government access to encrypted content. I and my colleagues have long warned that this is dangerous because cryptographic protocols are very subtle. In retrospect, this new flaw is blindingly obvious — very bad things happen if you replay message 3 of a 4 message sequence — but it took 13 years for it to be noticed, in a protocol that is used by literally billions of devices. (Btw — by “blindingly obvious” I’m not insulting the discoverer, Mathy Vanhoef. He did wonderful work finding it when no one else had, by asking himself, “I wonder what happens if….”.) Oh yes — the protocol was mathematically proven correct — but the proof didn’t cover what the attack actually does.

Cryptographic protocols are hard.

So who is affected by this, and what should you do? The problem is on the client side; WiFI access points are not affected. You need to install software updates on every one of your WiFi devices. Apparently, iOS and Windows are not as seriously affected, because they didn’t completely follow the (flawed!) spec. Android phones are vulnerable and are less likely to be updatable. Internet of Things devices are the most at risk, given their poor history of being updated.

Again, though, most consumers are not at risk. Businesses are, and ones with many devices, e.g., credit card readers, connected by WiFi have a lot of scrambling to do.

The other flaw appears to be more academically interesting and — for some of those affected — far more serious. Briefly, in the RSA encryption algorithm, one has to generate a “public key”; this key is (in part) the product of two large, random primes. We normally write this as

n = pq

Normally, n is public; however, p and q must be kept secret.

The problem seems to be in the way p and q were generated. Normally, you generate large, random numbers and test them for primality. It appears that the code library used with a particular chip had something wrong with the process for generating primes, resulting in an n that is easy to factor into its constituent p and q. Interestingly, it’s possible to detect these weak values of n very cheaply and easily, without trying to factor them.

So — who is affected by this bug? First, remember the access issue. An attacker needs access to your encrypted traffic or encrypted device. That’s not easy. Furthermore, if you used 2048-bit keys — and that’s been standard for a fair number of years — the attack isn’t cheap. On a 1000-core Amazon cloud, it would take 17 days and cost more than US$40,000. Translation: it isn’t an attack that can be done casually or against bulk traffic. It’s a targeted attack that can be launched only by a well-resourced adversary, and only against a high-value target.

But there is one serious cause for concern. If you have email encrypted with one of these flawed keys, or if you have an electronic document signed with one, someone can attack it in the future — and that $40K cost and 17-day time will only drop.

* * *

Update Oct 16, 2017: According to later information, both the access point and the clients must be patched. This is more serious, since many access points are abandonware.

Update Oct 17, 2017: A nasty thought happened to occur to me, one that’s worth sharing. (Thinking nasty thoughts is either an occupational hazard or an occupational fringe benefit for security people—your call…hellip;)

I, along with many others, noted that the KRACK flaw in WiFi encryption is a local matter only; the attacker has to be within about 100 meters from the target. That’s not quite correct. The attacking computer has to be close; the attacker can be anywhere.

I’m here at home in a Manhattan apartment, typing on a computer connected by wired Ethernet. The computer is, of course, WiFi-capable; if I turn on WiFi, it sees 28 other WiFi networks, all but two of which use WPA2. (The other two are wide open guest networks…) Suppose someone hacked into my computer. They could activate my computer’s WiFi interface and use KRACK to go after my neighbors’ nets. Better yet, suppose I’m on a low-security wired net at work but am within range of a high-security wireless network.

I’m not certain how serious this is in practice; it depends on the proximity of vulnerable wired computers to interesting WiFi networks. Wired networks are no longer very common in people’s houses and apartments, but of course they’re the norm in enterprises. If you’re a sysadmin for a corporation with that sort of setup, KRACK may be very serious indeed.

Written by Steven Bellovin, Professor of Computer Science at Columbia University

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, Cybersecurity

Read more here:: feeds.circleid.com/cid_sections/blogs?format=xml

Emerson controller aims to simplify capital projects and to ready organisations for operational benefits of IIoT

By Sheetal Kumbhar

Emerson has launched the DeltaV™ PK Controller, making the advanced automation of its DeltaV distributed control system (DCS) available to fast-growth industries traditionally less reliant on large-scale automation.

The next-gen controller provides scalable automation control to all process industries, particularly parts of the life sciences, oil and gas, petrochemical, and discrete manufacturing industries that have relied on complex, non-integrated programmable logic controllers (PLCs) with limited operational capabilities. The fit-for-purpose DeltaV PK Controller is the process industry’s first controller that manufacturers can scale down for skid units or scale up to be natively merged into the DeltaV DCS in a larger plant.

These industries tend to use PLCs for smaller applications, which can create disconnected ‘Islands of Automation’, and limits plant production improvements. The DeltaV PK Controller is the first controller to truly bridge small and large control applications.

Organisations can leverage the DeltaV PK Controller for effective, easy-to-implement standalone automation control akin to a PLC but with the features of a full-scale DCS, including advanced batch production, recipe management, execution, and historisation. Users can then choose to leave the DeltaV PK Controller standalone, or natively merge it into their DeltaV DCS. This capability eliminates operational complexity and dramatically improves the performance, safety, and efficiency of their entire project and operational lifecycle.

DeltaV™ PK Controller

“The DeltaV PK Controller delivers a business-effective solution for organisations of all sizes to improve automation control and integration,” said Jessica Jordan, Emerson product manager.

“The controller is capable of powerful standalone control for advanced automation on skids today while still being able to easily integrate into a full-scale DCS for total plant production control.”

The DeltaV PK Controller is the latest addition to Emerson’s Project Certainty initiative, targeting radical transformation in capital project execution.

The new controller will simplify capital projects by enabling OEM skid-builders to design and produce skids in the same way they do today, while eliminating the costs, time, and risks associated with integrating a PLC into their control system.

Jessica Jordan

The DeltaV PK Controller was designed from the start with connectivity, particularly into the IIoT, in mind. The scalable controller leverages an assortment of communication protocols, including the first Emerson controller with a built-in OPC UA server. It is also the first Emerson controller with six Ethernet ports and can operate using any Emerson DeltaV I/O type, including DeltaV Electronic Marshalling, traditional marshalled I/O, wireless I/O, and integrated safety instrumented systems.

In addition, it has built-in protocols to communicate with Ethernet devices such as drives and motors. Together, these features make connectivity easier at every stage and help plants achieve operational benefits of cloud-based tools and analytics through the IIoT. The DeltaV PK Controller also features built-in redundancy for controllers, communication, and power supplies, allowing organisations to improve uptime without adding to complexity or footprint.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post Emerson controller aims to simplify capital projects and to ready organisations for operational benefits of IIoT appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

Emerson controller aims to simplify capital projects and to ready organisations for operational benefits of IIoT

By News Aggregator

By Sheetal Kumbhar

Emerson has launched the DeltaV™ PK Controller, making the advanced automation of its DeltaV distributed control system (DCS) available to fast-growth industries traditionally less reliant on large-scale automation.

The next-gen controller provides scalable automation control to all process industries, particularly parts of the life sciences, oil and gas, petrochemical, and discrete manufacturing industries that have relied on complex, non-integrated programmable logic controllers (PLCs) with limited operational capabilities. The fit-for-purpose DeltaV PK Controller is the process industry’s first controller that manufacturers can scale down for skid units or scale up to be natively merged into the DeltaV DCS in a larger plant.

These industries tend to use PLCs for smaller applications, which can create disconnected ‘Islands of Automation’, and limits plant production improvements. The DeltaV PK Controller is the first controller to truly bridge small and large control applications.

Organisations can leverage the DeltaV PK Controller for effective, easy-to-implement standalone automation control akin to a PLC but with the features of a full-scale DCS, including advanced batch production, recipe management, execution, and historisation. Users can then choose to leave the DeltaV PK Controller standalone, or natively merge it into their DeltaV DCS. This capability eliminates operational complexity and dramatically improves the performance, safety, and efficiency of their entire project and operational lifecycle.

DeltaV™ PK Controller

“The DeltaV PK Controller delivers a business-effective solution for organisations of all sizes to improve automation control and integration,” said Jessica Jordan, Emerson product manager.

“The controller is capable of powerful standalone control for advanced automation on skids today while still being able to easily integrate into a full-scale DCS for total plant production control.”

The DeltaV PK Controller is the latest addition to Emerson’s Project Certainty initiative, targeting radical transformation in capital project execution.

The new controller will simplify capital projects by enabling OEM skid-builders to design and produce skids in the same way they do today, while eliminating the costs, time, and risks associated with integrating a PLC into their control system.

Jessica Jordan

The DeltaV PK Controller was designed from the start with connectivity, particularly into the IIoT, in mind. The scalable controller leverages an assortment of communication protocols, including the first Emerson controller with a built-in OPC UA server. It is also the first Emerson controller with six Ethernet ports and can operate using any Emerson DeltaV I/O type, including DeltaV Electronic Marshalling, traditional marshalled I/O, wireless I/O, and integrated safety instrumented systems.

In addition, it has built-in protocols to communicate with Ethernet devices such as drives and motors. Together, these features make connectivity easier at every stage and help plants achieve operational benefits of cloud-based tools and analytics through the IIoT. The DeltaV PK Controller also features built-in redundancy for controllers, communication, and power supplies, allowing organisations to improve uptime without adding to complexity or footprint.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post Emerson controller aims to simplify capital projects and to ready organisations for operational benefits of IIoT appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

The post Emerson controller aims to simplify capital projects and to ready organisations for operational benefits of IIoT appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

Industrial IoT startup ProAxion offering rugged sensors and gateway raises $500,000 seed captial

ProAxion, an industrial IoT startup offering predictive maintenance hardware and monitoring service for rotating machines raised half a million dollars in seed capital. The funding was led by Triangle Angel Partners II (TAP II).

ProAxion Sensor and Gateway

Named as Tactix, the ProAxion predictive maintenance solution consists of a mountable rugged sensor that can track vibration and temperature of a rotating machine, the ProAxion gateway having Wi-Fi, cellular, or Ethernet connectivity, and a browser-based cloud monitoring service. The service alerts are accessible via smartphone, tablet, and desktop computers.

The startup’s website claims that its sensor has a rugged IP68 housing meaning that it can withstand dust, dirt, sand, and water under tough operating conditions. This makes it attractive for industrial customers whose machines often operate in excessive temperatures and under severe operating conditions. The sensor can withstand up to 250°F surface temperature.

The ProAxion sensor collects temperature and vibration data from rotating machines, such as motors, gearboxes, and pumps. Its gateway hardware then connects the sensors to ProAxion cloud via cellular, Ethernet, or Wi-Fi connection. The data is sent to the web-based cloud service where operations and IT managers can access a machine’s historical and current vibration and temperature data. Managers can configure the system to send text and email alerts.

Commenting on the funding round, ProAxion’s CEO & Co-Founder Justin Rothwell said “I am excited to have TAP, VentureSouth and existing investors participating in this round. It’s a great vote of confidence not only in what we have already achieved but in the opportunity in front of us”.

ProAxion Monitoring Service

24/7 remote health monitoring of machines and plants is an attractive niche for new startups because the IT (information technology) and OT (operational technology) systems in industrial companies have until now operated n silos. It leaves managers in a fix as it hampers their ability to access plant/machine data remotely. This is where the new startups see an opportunity to offer valuable products and services and hence build a business.

Solutions such as the one offered by ProAxion and ThingTrax offer data capturing devices, gateways, and cloud-based monitoring services to reduce machine downtime, improve operational efficiency, and remote monitoring of heavy assets.

The ‘remote asset monitoring’ niche is getting competitive as bigger and better- funded startups are poised to dominate the niche in coming years. Take for example Samsara, a Calif-based industrial IoT startup that raised a $40M Series C round in June this year. The company’s total equity funding has reached $80M since it was founded in 2015.

Read more here:: feeds.feedburner.com/iot

Industrial IoT startup ProAxion offering rugged sensors and gateway raises $500,000 seed captial

By News Aggregator

ProAxion, an industrial IoT startup offering predictive maintenance hardware and monitoring service for rotating machines raised half a million dollars in seed capital. The funding was led by Triangle Angel Partners II (TAP II).

ProAxion Sensor and Gateway

Named as Tactix, the ProAxion predictive maintenance solution consists of a mountable rugged sensor that can track vibration and temperature of a rotating machine, the ProAxion gateway having Wi-Fi, cellular, or Ethernet connectivity, and a browser-based cloud monitoring service. The service alerts are accessible via smartphone, tablet, and desktop computers.

The startup’s website claims that its sensor has a rugged IP68 housing meaning that it can withstand dust, dirt, sand, and water under tough operating conditions. This makes it attractive for industrial customers whose machines often operate in excessive temperatures and under severe operating conditions. The sensor can withstand up to 250°F surface temperature.

The ProAxion sensor collects temperature and vibration data from rotating machines, such as motors, gearboxes, and pumps. Its gateway hardware then connects the sensors to ProAxion cloud via cellular, Ethernet, or Wi-Fi connection. The data is sent to the web-based cloud service where operations and IT managers can access a machine’s historical and current vibration and temperature data. Managers can configure the system to send text and email alerts.

Commenting on the funding round, ProAxion’s CEO & Co-Founder Justin Rothwell said “I am excited to have TAP, VentureSouth and existing investors participating in this round. It’s a great vote of confidence not only in what we have already achieved but in the opportunity in front of us”.

ProAxion Monitoring Service

24/7 remote health monitoring of machines and plants is an attractive niche for new startups because the IT (information technology) and OT (operational technology) systems in industrial companies have until now operated n silos. It leaves managers in a fix as it hampers their ability to access plant/machine data remotely. This is where the new startups see an opportunity to offer valuable products and services and hence build a business.

Solutions such as the one offered by ProAxion and ThingTrax offer data capturing devices, gateways, and cloud-based monitoring services to reduce machine downtime, improve operational efficiency, and remote monitoring of heavy assets.

The ‘remote asset monitoring’ niche is getting competitive as bigger and better- funded startups are poised to dominate the niche in coming years. Take for example Samsara, a Calif-based industrial IoT startup that raised a $40M Series C round in June this year. The company’s total equity funding has reached $80M since it was founded in 2015.

Read more here:: feeds.feedburner.com/iot

The post Industrial IoT startup ProAxion offering rugged sensors and gateway raises $500,000 seed captial appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

FreeWave unveils ZumIQ App Server Software to power IoT programmability at the edge

By Sheetal Kumbhar

FreeWave Technologies, Inc. a provider in industrial, secure Machine to Machine (M2M) and Internet of Things (IoT) wireless networking solutions, announced the availability of its ZumIQ Server Software. ZumIQ technology combines proven 900 MHz wireless telemetry with the ability to program and host third-party applications, similar to a Linux-based Raspberry Pi embedded in an industrial Ethernet radio. […]

The post FreeWave unveils ZumIQ App Server Software to power IoT programmability at the edge appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

FreeWave unveils ZumIQ App Server Software to power IoT programmability at the edge

By News Aggregator

By Sheetal Kumbhar

FreeWave Technologies, Inc. a provider in industrial, secure Machine to Machine (M2M) and Internet of Things (IoT) wireless networking solutions, announced the availability of its ZumIQ Server Software. ZumIQ technology combines proven 900 MHz wireless telemetry with the ability to program and host third-party applications, similar to a Linux-based Raspberry Pi embedded in an industrial Ethernet radio. […]

The post FreeWave unveils ZumIQ App Server Software to power IoT programmability at the edge appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

The post FreeWave unveils ZumIQ App Server Software to power IoT programmability at the edge appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

Deploy360 in South Africa, Singapore and Australia

By News Aggregator

By Kevin Meynell

It’s a busy time for the Deploy360 team this week, with Jan, Kevin and Megan organising and presenting at the ION Durban on Thursday (7 September 2017). This is part of the wider iWeek 2017 that includes SAFNOG 3, ISPA and AfriNIC training amongst several other meetings.

Our colleague Aftab though, will be presenting on MANRS at the 5th Singapore Network Operators Group (SGNOG 5) on the Tuesday (5 September 2017), and then at the Australian Network Operators Group (AusNOG 2017) on the Thursday (7 September 2017).

There’s plenty of other things interest at these events as well, with Geoff Huston (APNIC Labs) presenting at both on the Internet-of-Things and the quality and manageability challenges of essentially unmanaged devices.

At SGNOG, there will be an extensive overview of IPv6 deployment in Japan from Izumi Okutani (JPNIC), Koji Yasukagawa (Softbank), Takashi Ito (DoCoMo) and Manabu Ito (KDDI), covering areas such as mobile networks and user behaviour, whilst David Conrad (ICANN) will cover DNSSEC. For those interested in IoT, the presentation from Christopher Lek (Honeynet Singapore) on IoT botnets is also worth checking out.

At AusNOG, talks from Jon Brewer are usually worth listening to, and the ‘Future is up in the Sky’ shouldn’t be an exception. There’s also a talk on protocol evolution and its impact on network operators from Mark Nottingham, whilst Internet Exchange Etiquette in the Digital Era from Raphael Ho (Equinix) and “The Past, Present, and Future of NTP Operations” by Paul Gear (Network Time Foundation) resonates with the work being undertaken by ISOC.

Not directly related to Deploy360, but there’s also presentations on 400 & 800G Ethernet, as well as on Ansible and network automation at both events. Other interesting presentations are the challenges of building the Australia National Broadband Network at AusNOG, and on Cloud Traffic Engineering at SGNOG.

If you’re attending any of these events, please come and say hello.

Further Information

Read more here:: www.internetsociety.org/deploy360/blog/feed/

The post Deploy360 in South Africa, Singapore and Australia appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

Deploy360 in South Africa, Singapore and Australia

By Kevin Meynell

It’s a busy time for the Deploy360 team this week, with Jan, Kevin and Megan organising and presenting at the ION Durban on Thursday (7 September 2017). This is part of the wider iWeek 2017 that includes SAFNOG 3, ISPA and AfriNIC training amongst several other meetings.

Our colleague Aftab though, will be presenting on MANRS at the 5th Singapore Network Operators Group (SGNOG 5) on the Tuesday (5 September 2017), and then at the Australian Network Operators Group (AusNOG 2017) on the Thursday (7 September 2017).

There’s plenty of other things interest at these events as well, with Geoff Huston (APNIC Labs) presenting at both on the Internet-of-Things and the quality and manageability challenges of essentially unmanaged devices.

At SGNOG, there will be an extensive overview of IPv6 deployment in Japan from Izumi Okutani (JPNIC), Koji Yasukagawa (Softbank), Takashi Ito (DoCoMo) and Manabu Ito (KDDI), covering areas such as mobile networks and user behaviour, whilst David Conrad (ICANN) will cover DNSSEC. For those interested in IoT, the presentation from Christopher Lek (Honeynet Singapore) on IoT botnets is also worth checking out.

At AusNOG, talks from Jon Brewer are usually worth listening to, and the ‘Future is up in the Sky’ shouldn’t be an exception. There’s also a talk on protocol evolution and its impact on network operators from Mark Nottingham, whilst Internet Exchange Etiquette in the Digital Era from Raphael Ho (Equinix) and “The Past, Present, and Future of NTP Operations” by Paul Gear (Network Time Foundation) resonates with the work being undertaken by ISOC.

Not directly related to Deploy360, but there’s also presentations on 400 & 800G Ethernet, as well as on Ansible and network automation at both events. Other interesting presentations are the challenges of building the Australia National Broadband Network at AusNOG, and on Cloud Traffic Engineering at SGNOG.

If you’re attending any of these events, please come and say hello.

Further Information

Read more here:: www.internetsociety.org/deploy360/blog/feed/