specification

GlobalPlatform standardises secure OS and firmware loading on secure elements

By Zenobia Hegde

GlobalPlatform, the standard for secure digital services and devices, has published its Open Firmware Loader for Tamper Resistant Elements (OFL). The free specification standardises how secure element (SE) firmware – combining the secure operating system (OS), applications and data – can be remotely loaded and managed onto a SE such as SIM, embedded SE or eUICC / eSIM, or integrated SE even after a device has been issued.

This ensures that the device’s longevity is no longer impacted by the lifecycle of the SE, and opens up a range of new use cases like in-field OS and firmware provisioning, device refurbishment, backup / restoration of the SE and the secure transfer of a customer profile to a new device. With the OFL security scheme, handset manufacturers, service providers and firmware implementers can build a new privacy-by- design ecosystem where services can be securely deployed and updated on connected devices.

“The growth of embedded SEs is driving the development of new solutions as, previously, there has not been a standardised way to load the OS to an eUICC after the smartphone has been produced,” says Gil Bernabeu, technical director of GlobalPlatform.

“With the OFL protocol, the selection of an OS can be delayed until the device reaches its destination. So, if a smartphone is manufactured in one country, for example in China, a country-specific OS can be loaded to the eSIM or integrated SE once it reaches France, or the U.S. What’s great is that this also brings greater flexibility further down the line.

Smartphones, connected cars or any other device with an embedded or integrated SE often have more than one owner during their lifecycle. OFL ensures a new OS can replace an existing one and, importantly, a personalised OS and its services can be securely transferred to a new device.”

The OFL protocol enables the industry to:

Distribute generic and blank (no firmware/operating system) embedded hardware featuring a standardized loading mechanism. This enables firmware from various developers to be loaded, with policy enforcement, after the issuance of the device.
Solve the logistical challenge of distributing devices to fragmented markets with low volume.
Distribute new firmware once the device has been issued to address additional use cases.
Mitigate the challenges of loading firmware containing diversified data into embedded hardware during manufacturing.
Use a standardised loader, shared between multiple silicon makers, allowing firmware implementers to produce loadable OSs.
Ensure perfect forward secrecy and confidentiality between firmware makers easing compliancy with the latest data regulations (GDPR).

The publication of the OFL is the first output of GlobalPlatform’s new Fast Track Process. The initiative enables members to bring forward mature technologies for standardisation via an expedited process to more rapidly answer the needs of the market.

“GlobalPlatform technology gives service providers and device manufacturers the means to interact seamlessly when deploying secure digital services, regardless of market or device type. The resulting collaboration makes the mass marketing of secure digital services possible, while bringing time and cost efficiencies to stakeholders within the ecosystem,” concludes Gil.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post GlobalPlatform standardises secure OS and firmware loading on secure elements appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

OSPT Alliance to develop CIPURSE™terminal specifications

By Zenobia Hegde

OSPT Alliance, the global community advancing a non-proprietary standard CIPURSE for secure transit fare collection solutions, has launched a System Integration Sub-Working Group to create a dedicated CIPURSE Specification and guidelines for terminals and readers. The work will enable any terminal, or a reader implementing application logic, to communicate and seamlessly interoperate with any CIPURSE-based card or account using the common language of CIPURSE.

The development of terminal requirements is in direct response to demand from reader and terminal manufacturers who want a secure, non-proprietary, hardware agnostic and globally interoperable messaging standard on which ticketing terminals can be developed. This activity also reflects OSPT Alliance’s efforts to support the full ticketing ecosystem.

OSPT Alliance is inviting reader and terminal manufacturers, and system integrators to join its existing community and ensure their needs are addressed.

Laurent Cremer, executive director of the OSPT Alliance, said: “The ticketing market is evolving to offer new ways to purchase tickets and validate your journey, such as account-based ticketing and a range of different mobile ticketing use cases. A ticketing kernel is no longer necessarily embedded in the terminal or reader, and system partitioning may vary across automatic fare collection systems and evolve over time.”

“OSPT Alliance recognises that as the market continues to innovate, we must ensure that the system is saleable to support new form factors and applications. The System Integration Sub-Working Group will achieve this by specifying a non-proprietary API, which will be managed long-term by an open community, so it can evolve in line with market needs.”

The group will define and publish the minimum requirements for terminals interacting with CIPURSE products in early 2018. The CIPURSE Certification Program will then be updated to incorporate the certification of terminals.

Cremer concludes: “To realise our mission of supporting the full ticketing ecosystem, it is vital that we can independently validate that the communication of a terminal is compliant with the CIPURSE specifications and will perform as intended with CIPURSE certified products.”

To participate in this work initiative, a company must be a Full or Affiliate OSPT Alliance Member. Membership is open to system integrators, as well as reader and terminal manufacturers, active within the contactless market (for example transit, loyalty and access control).

If you would like more information on this or any of the working groups, or are interested in becoming a member please click here.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post OSPT Alliance to develop CIPURSE™terminal specifications appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

Teledyne LeCroy Inc and Spirent Communications partner for PAM4 generation and analysis

By Zenobia Hegde

Teledyne LeCroy, and Spirent Communications, the global providers in Ethernet and Fibre Channel test and measurement solutions, announced the industry’s first Ethernet generation and test solution for developers of Pulse Amplitude Modulation (PAM4) networks.Spirent and Teledyne LeCroy have created the QSFP28 to SFP56 single w/PTAP adapter, an exclusive PAM4 adapter allowing design and test engineers the ability to source, synchronise, capture, and analyse PAM4 signaling for emerging IEEE 802.3cd-based applications.

PAM4 signaling enables higher throughput Ethernet connections to support the growing need for data storage and communications speeds. These higher signaling rates require increased attention to intricacies of establishing and maintaining robust and healthy link connections. Spirent TestCenter generates IEEE compliant 50GbE traffic for exercising these new Ethernet links. Teledyne LeCroy’s SierraNet analyser captures and decodes the traffic which is ported via the QSFP28 to SFP56 single w/PTAP adapter module.

Early adopters of the IEEE 802.3cd for 50GbE Ethernet transactions need generation and analysis tools to ensure their designs are specification compliant. Spirent and Teledyne LeCroy offer best-in-class solutions to ensure Network Equipment Manufacturers (NEMs) new products meet customer expectations of operation and conformance.

The NEMs reliance on the Test and Measurement community is increasing, as homegrown tools are not up to the task. This relationship allows Teledyne LeCroy and Spirent to focus on their core strengths, keep pace with market needs, and offer leading edge tools, which are paramount to successful Ethernet product deployments.

To learn more about PAM4, download our white paper here.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post Teledyne LeCroy Inc and Spirent Communications partner for PAM4 generation and analysis appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

ETSI creates City Digital Profile group on smart cities

By News Aggregator

By Zenobia Hedge

ETSI is pleased to announce the creation of a new Industry Specification Group “City Digital Profile” (ISG CDP) that will help accelerate the delivery of integrated citizen services and provide a technology road map for city leaders who will benefit from standardised solutions from their suppliers.

In providing this technology framework and clear roadmap for technology investment and deployment, market confidence levels in the city infrastructure investments should increase and in addition this will cities the possibility to replicate those solutions across domains, between cities and on a large scale. Smart services are intended to improve the overall quality of living in the city and make them attractive to citizens, investors, business, innovators, visitors and tourists.

The City Digital Profile ISG will enable cities to procure smart solutions with confidence that those solutions will be extendable, configurable and interoperable with similar services from other cities and providers. City administrators will therefore deliver advanced services to their citizens, whilst respecting essential environmental factors, sustainability objectives and reducing the overall cost of deployment.

“I am excited that this group will enable city leaders and suppliers to work together to mass market replication of citizen centric systems that are innovative, agile and creative while also fully standards compliant, secure, resilient and cost effective,” says Paul Copping, convenor of the City Digital Profile ISG, and chief innovation officer at DG Cities Ltd in Greenwich, London.

Initial cross domain city applications will include:

Health and social care (disability entitlement; housing benefit and rent payment; housing condition, assisted living and vulnerability)
Building management and connected homes
Urban lighting
Water and waste management and energy
Transportation and mobility
Environmental issues such as pollution and resource optimisation

Other key issues such as citizen related data retention and privacy protection will also be considered, in co-operation with such groups as oneM2M, the ETSI founded partnership project and the ETSI Technical Committee Cyber.

The kick-off meeting of the ISG will take place on 20-21 November 2017 at ETSI headquarters where the group will elect its chair and vice chair and decide on the future work and priorities.

ETSI will also be a speaker at the Smart City Expo, in Barcelona from 14-16 November in Barcelona, as well as organising a dedicated session alongside the main event to present the ISG CDP concept.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post ETSI creates City Digital Profile group on smart cities appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

The post ETSI creates City Digital Profile group on smart cities appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

Why 5G Is in Trouble (and How to Fix It)

By News Aggregator

By Martin Geddes

I have a somewhat unconventional view of 5G. I just happen to believe it is the right one. It is trapped inside a category error about the nature of packet networking, and this means it is in trouble.

As context, we are seeing the present broadband Internet access model maturing and begin to reach its peak. 5G eagerly anticipates the next wave of applications.

The 5G Difference: “Purpose-for-Fitness” to “Fitness-for-Purpose”

As such, 5G is attempting to both extend and transcend the present “undifferentiated data sludge” model of mobile broadband.

Firstly, it pumps the “undrinkable” mucky bandwidth harder and faster, to give a modified version of what we have today with 4G. We will gloss over the minor miracle that needs to happen with backhaul, or that the mobility protocols today with 4G struggle when you get on the train (and 5G makes it worse).

Secondly, its other goal is to deliver differentiated “drinkable” access for different enterprise cloud and industrial applications. This essentially is a generic version of the very specific VoLTE solution developed for voice telephony in 4G, extended to any cloud application. It can be expressed as being for low-latency applications, or packed in a variety of other guises.

The Slow Evolution Towards General-Purpose Assured APP Access

The conventional wisdom is that packet networks enable networked computing (“join devices”), and networks do “work”. As such, the job of the network is to forward as many packets as fast as possible, and what matters most is “speed”. 5G fits this.

The unconventional wisdom is that packet networks enable interprocess communications (“join computations”), and networks don’t do “work”. As such, the job of the network is to trade resources around to deliver the “just right” quantity of quality to optimise the trade-offs of QoE risk.

The former model is “pipe”, the latter is “futures and options trading”. The former works with TCP/IP, the latter needs new packet architectures (RINA). The former can extend radio network protocols from 2G, 3G and 4G; the latter needs new ones. The former has a low-frequency resource trading model, the latter a high-frequency trading one.

A Paradigm Change in Engineering is Needed for 5G to Succeed

5G is making the network far more dynamic, without having the mathematics, models, methods or mechanisms to do the “high-frequency trading”. The whole industry is missing a core performance engineering skill: they can do (component) radio engineering, but not complete systems engineering. When you join all the bits, you don’t know what you get until you turn it on!

The result will not be pretty.

In particular, 5G is primarily delivering into the tail of the last S curve of generic unassured broadband Internet access; it is not on its present path fit-for-purpose for assured cloud application access (inc VR/AR and IoT), which is the new S curve of growth.

Telephony is virtual reality. VoLTE wasn’t solving the problem of how to extend the life of the past; it was solving a corner case of how do we communicate in future. Understand this, and the future and fate of 5G makes more sense.

The key question is whether 5G is aimed at extending the VoLTE part of 4G (fit-for-purpose voice) or improving the rest (purpose-for-fitness Internet access). It is trying to serve two strategic masters, the past and the future, at once.

Is 5G trying to “buy back up the curve”, implying doom for its makers and buyers?
Watch the video presentation: The Death of Cellular by Francis McInerney

So, what to do about it? I see three key industry actions.

Firstly, we need to narrow the intentional semantics. 5G is trying to do too many things.

The focus of the generic broadband access should not be peak speed, or even “antipeak” latency under ideal conditions. It should be to establish a consistent quality floor under real-world conditions with graceful degradation in overload. That floor should be adjustable so that you can segment the market by quality.

This is a precursor to a 6G, where the two sides of unassured and assured can be unified through a shared framework for managing the quality floor.

Whilst we need a “generic VoLTE”, only about 5 people on the planet know how to do it (and we’re all busy on other things). So for the assured access part, it should not attempt to make the leap from singular VoLTE to a generic offer in one go.

There needs to be a series of smaller and less ambitious steps that allow the coexistence of a modest number of managed services with different latency and throughput needs. However, the real issue is to assure complete supply chains, not just one part (the access) or sub-part (the radio link).

Which brings us to the second issue, the denotational semantics. As an industry, we’ve yet to agree on the standard units for broadband supply and demand (if you can believe it). So the next thing 5G has to fix is the lack of a shared requirements specification language for performance.

The good news is that this is a solved problem.

Key Action Needed: Upgrade Engineering to Align Supply to Demand/span>

Finally, the operational semantics. If 5G is going to be of any use to anyone but equipment salespeople, it has to demonstrate the difference it makes. That implies it needs to have improved mechanisms that allow for high-fidelity measurement of what QoE was being delivered, high-frequency control to deliver it, and new architectures that appropriately join these together.

This QoE control is a paradigm change. Today the radio people constructing a bandwidth supply, and the packet people chopping up whatever is there, using whatever transport protocols they inherited from the IETF.

The future is a demand-led model that is the antithesis of the IETF’s “rough consensus and running code” approach. That means a deep rethink because at present the radio folk are running the show, as they have always done. It’s a supply-led industry.

The problem has to be reframed as a distributed computing one that makes the radio subservient to the computational outcome. That’s going to ruffle a lot of feathers and upset a lot of power structures. The limiting factor in my experience is always human, never technical.

The alternative is that 5G gets stuck between two mutually incompatible goals, and serves neither well. Then eventually the whole ecosystem eventually gets bypassed in the 2020s, say by an IoT specialist player being bought by an Amazon, rather like how the iPhone overtook the handset space a decade ago.

Couldn’t ever happen? Ask him…

Written by Martin Geddes, Founder, Martin Geddes Consulting Ltd

Follow CircleID on Twitter

More under: Mobile Internet, Networks, Telecom, Wireless

Read more here:: feeds.circleid.com/cid_sections/blogs?format=xml

The post Why 5G Is in Trouble (and How to Fix It) appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security

By Zenobia Hedge

G+D Mobile Security and Senet Inc. plan to cooperate to strengthen security of LoRaWAN connectivity across the whole IoT ecosystem. The collaboration between the two companies provides a full integration of G+D Mobile Security’s Key Management System (KMS) with Senet’s global LoRa®-based networks.

This results in a flexible and secure cloud-based provisioning solution which enables the necessary levels of security required for various use cases, ensuring a reliable and robust infrastructure for global IoT deployments. G+D Mobile Security’s KMS solution provides security with efficient scaling from initial implementations through mass rollouts based on hardware protection.

The HSM (Hardware Security Module) appliance ensures long term LoRa key protection in the infrastructure and increases reliability and robustness. With the joint solution, device vendors and solution vendors can now provision one set of security credentials in their end device at the time of manufacture and deploy it confidently anywhere in the world.

LoRaWAN is a Low Power Wide Area Network (LPWAN) specification intended for wireless battery-operated devices in regional, national or global networks. LoRaWAN enables new opportunities and connectivity options for applications that require low power consumption and low bandwidth.

At the same time, the massive growth in connected devices increases the risk of cyber-attacks. G+D Mobile Security protects both LoRaWAN end-devices with end-to-end IoT security solutions – from onboarding, secure key provisioning, identification, and data transmission to device lifecycle management.

The entire network infrastructure is protected by integrating keys securely into the endpoints. Endpoints then connect securely to a LoRaWAN network, and the application data can be only read by the application provider. This mechanism significantly increases the protection against different cyber-attacks intending to tamper with the data or the network.

Dave Kjendal

The joint solution enables IoT system providers to protect LoRaWAN endpoints, while meeting cost requirements for the different use cases. LoRaWAN service providers, application enablers and equipment manufacturers can reduce their liability and security risk exposure by applying key management and security technologies.

“This cooperation between G+D Mobile Security and Senet helps IoT solution providers and enterprises to easily integrate security and avoid flaws during the whole lifecycle of LoRaWAN equipment, starting from when they are produced,” stated Bernd Müller , head of Product Management at G+D Mobile Security.

“Security is a critical element of any communication technology and with the hyperconnected world of the Internet of Things, everything about data security and data privacy becomes that much more important,” said Dave Kjendal, CTO for Senet. “Our Partnership with G+D Mobile Security helps ensure device makers, solution providers and end users are following best practices that simply and cost-effectively address the complex security challenges of deploying IoT at massive scale.”

G+D Mobile Security will be demonstrating this integration with Senet at the LoRa Alliance All Members Meeting Open House and Marketplace in Suzhou, China, October 18-19 and at their booth #414 at the Competitive Carriers Association Annual Convention in Fort Worth, Texas, October 25-27.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security

By News Aggregator

By Zenobia Hedge

G+D Mobile Security and Senet Inc. plan to cooperate to strengthen security of LoRaWAN connectivity across the whole IoT ecosystem. The collaboration between the two companies provides a full integration of G+D Mobile Security’s Key Management System (KMS) with Senet’s global LoRa®-based networks.

This results in a flexible and secure cloud-based provisioning solution which enables the necessary levels of security required for various use cases, ensuring a reliable and robust infrastructure for global IoT deployments. G+D Mobile Security’s KMS solution provides security with efficient scaling from initial implementations through mass rollouts based on hardware protection.

The HSM (Hardware Security Module) appliance ensures long term LoRa key protection in the infrastructure and increases reliability and robustness. With the joint solution, device vendors and solution vendors can now provision one set of security credentials in their end device at the time of manufacture and deploy it confidently anywhere in the world.

LoRaWAN is a Low Power Wide Area Network (LPWAN) specification intended for wireless battery-operated devices in regional, national or global networks. LoRaWAN enables new opportunities and connectivity options for applications that require low power consumption and low bandwidth.

At the same time, the massive growth in connected devices increases the risk of cyber-attacks. G+D Mobile Security protects both LoRaWAN end-devices with end-to-end IoT security solutions – from onboarding, secure key provisioning, identification, and data transmission to device lifecycle management.

The entire network infrastructure is protected by integrating keys securely into the endpoints. Endpoints then connect securely to a LoRaWAN network, and the application data can be only read by the application provider. This mechanism significantly increases the protection against different cyber-attacks intending to tamper with the data or the network.

Dave Kjendal

The joint solution enables IoT system providers to protect LoRaWAN endpoints, while meeting cost requirements for the different use cases. LoRaWAN service providers, application enablers and equipment manufacturers can reduce their liability and security risk exposure by applying key management and security technologies.

“This cooperation between G+D Mobile Security and Senet helps IoT solution providers and enterprises to easily integrate security and avoid flaws during the whole lifecycle of LoRaWAN equipment, starting from when they are produced,” stated Bernd Müller , head of Product Management at G+D Mobile Security.

“Security is a critical element of any communication technology and with the hyperconnected world of the Internet of Things, everything about data security and data privacy becomes that much more important,” said Dave Kjendal, CTO for Senet. “Our Partnership with G+D Mobile Security helps ensure device makers, solution providers and end users are following best practices that simply and cost-effectively address the complex security challenges of deploying IoT at massive scale.”

G+D Mobile Security will be demonstrating this integration with Senet at the LoRa Alliance All Members Meeting Open House and Marketplace in Suzhou, China, October 18-19 and at their booth #414 at the Competitive Carriers Association Annual Convention in Fort Worth, Texas, October 25-27.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

The post G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security appeared on IPv6.net.

Read more here:: IPv6 News Aggregator

Enterprise-grade Smart router & sensor hub Linxs launched

Linxs is an enterprise-grade mobile router and customizable sensor hub. The router combines ‘things-based’ connectivity solutions with IoT analytics dashboard. It comes integrated with LTE, dual-radio dual-band Wi-Fi, Ethernet and Bluetooth connectivity. The router-cum-hub is built on open-source software based on Linux OS and OpenWRT.

Mobile Router and Sensor Hub

Major use cases of the product are remote workforce connectivity, remote device management, smart home office, sales and advertising through sponsored Wifi to customers, vehicle & driver connectivity, and M2M connecitivty by embedding into vending machines, ATMs, and other equipment.

Linxs comes with built-in sensors such as Gyro/vibration, temprature, humidity, sound (DB), proximity, and light sensors. Additional sensors can be attached via USB, BLE and Wi-Fi connectivity.

The mart router can be used both as a primary connection or as failover to 4G connectivity. “The Linxs Service Platform includes software that runs both in the cloud and on the Linxs device”, reads one of the router’s technical specification documets. An added advantage for enterprises is that they can install extra software, apps, and sensors on Linxs. A detiled feature list and technical documentation for the device can be accessed here.

IoT Gateway Guide can be accessed to assess which gateway technology is best suited to serve your IoT deployment.

Read more here:: feeds.feedburner.com/iot

A LoRaWAN-Based/RDK-B Solution for the Cable Industry to Expand IoT Networks

By IoT – Internet of Things

pureIntegration is working with Semtech Coporation to develop a commercial integration of a LoRaWAN™ – based solution on the RDK-B software platform. The LoRaWAN specification, from the LoRa Alliance™, is a leading global, open standard Low Power Wide Area Network (LPWAN) solution for Internet of Things and Smart City initiatives. It is intended to enable battery […]

The post A LoRaWAN-Based/RDK-B Solution for the Cable Industry to Expand IoT Networks appeared first on IoT – Internet of Things.

Read more here:: iot.do/feed

A LoRaWAN-Based/RDK-B Solution for the Cable Industry to Expand IoT Networks

By News Aggregator

By IoT – Internet of Things

pureIntegration is working with Semtech Coporation to develop a commercial integration of a LoRaWAN™ – based solution on the RDK-B software platform. The LoRaWAN specification, from the LoRa Alliance™, is a leading global, open standard Low Power Wide Area Network (LPWAN) solution for Internet of Things and Smart City initiatives. It is intended to enable battery […]

The post A LoRaWAN-Based/RDK-B Solution for the Cable Industry to Expand IoT Networks appeared first on IoT – Internet of Things.

Read more here:: iot.do/feed

The post A LoRaWAN-Based/RDK-B Solution for the Cable Industry to Expand IoT Networks appeared on IPv6.net.

Read more here:: IPv6 News Aggregator