CPSC514 Internet of Things and Web Security Lecture

CPSC514 INTERNET OF THINGS AND WEB SECURITY WHO AM I? Chris Bolduc B.S. – Computer Science, Chapman University M.S. – Networked Systems, UCI I also work in IS&T STUDENT INTRO Your name What’s your major? Why are you taking this class? What you hope to do/learn in this class? Interests/hobbies (Optional) Random fact (Optional) 3 WHY ARE WE HERE? This course provides a comprehensive overview of the Internet of Things (IoT), exploring its fundamental concepts, technologies, applications, and emerging trends. Students will gain a solid understanding of IoT architecture, communication protocols, data management, and security considerations. The course will also delve into real-world IoT applications across various industries and discuss AGENDA Attendance Introductions Syllabus Survey Lecture WHY ARE WE HERE? What are your expectations? What do you want to learn? COURSE EXPECTATIONS 7 ABOUT THAT PROJECT… 8 ABOUT THAT PROJECT… 9 MAKERSPACE CONTACTS 10 TEXTBOOKS 11 W H AT I S I O T ? 12 WHAT IS IOT? Internet of Things (IoT) is a set of technologies and capabilities that are enabling new use cases and delivering services across a wide variety of markets and applications. Connecting the unconnected Making devices smart and autonomous Remote control and management 13 WHAT IS IOT? Personal Devices Smart manufacturing Smart cities Scientific applications (e.g. weather sensors) 14 IOT VS. EMBEDDED SYSTEMS IoT is connected to the internet, embedded not necessarily IoT often sends data to a cloud server IoT requires more security IoT can consume more power because of connectivity requirements 15 RELATED TERMS Robotics: Sensors and actuators working together to perform a task Examples: Drones, cars, printers Machine learning: Predicting future data based on previous data Supervised: Requires user interaction (e.g. training spam filters) Unsupervised: Does not require user interaction Artificial Intelligence (AI): The ability of a computer or other machine to perform those activities that are normally thought to require intelligence. 16 In the news: DeepSeek AI https://apnews.com/article/deepseek-a DeepSeek founded in 2023 i-china-f4908eaca221d601e31e7e336 8778030 CEO Liang Wenfeng co- founded one of China’s top hedge funds In 2022, the fund had acquired 10,000 nVidia A100 chips DS trained on H800, which is not subject to export restrictions like A100 In the news: DeepSeek AI DeepSeek processes data 11x faster than OpenAI Requires much less computing power nVidia stock lost $589 billion in value on January 27, 2025 Other advantages Open-source (OpenAI is not…) Test-Time Scaling (shows its train of thought) Mixture of Experts (MoE) breaks nodes into specialized roles https://apnews.com/article/deepseek-ai-china-f4908eaca221d601e31e7e3368 In the news: DeepSeek AI nVidia A100 (Hopper - 2020) is succeeded by the H100 (Ampre - 2023) H200 is the latest GPU, H800 is modified H100 for China The NVIDIA A100's successor is the NVIDIA H100. The H100 offers significant performance improvements over the A100, featuring a built-in Transformer Engine for efficient handling of large language models and dynamic programming instructions (DPX) for faster code execution. It is up to nine times faster for AI training and 30 times faster for inference compared to the A100. Additionally, NVIDIA has announced the H200, which is set for release in the second quarter of 2024 and is In the news: DeepSeek AI Nvidia's PTX (Parallel Thread Execution) is an intermediate instruction set architecture designed by Nvidia for its GPUs. PTX sits between higher-level GPU programming languages (like CUDA C/C++ or other language frontends) and the low- level machine code (streaming assembly, or SASS). PTX is a close-to-metal ISA that exposes the GPU as a data-parallel computing device and, therefore, allows fine-grained optimizations, such as register allocation and thread/warp-level adjustments, something that CUDA C/C++ and other languages cannot enable. Once PTX is into SASS, it is optimized for a specific generation of Nvidia GPUs. https://www.tomshardware.com/tech-industry/artificial-intelligence/deepseeks-ai-breakthrough- bypasses-industry-standard-cuda-uses-assembly-like-ptx-programming-instead In the news: DeepSeek AI New: Accusation that DeepSeek infringed on the copyright of OpenAI Distillation: Training an AI using the output of another AI (OpenAI in this case) OpenAI also has been accused of copyright infringement In the news: DeepSeek AI https:// www.tomshardware.com/tech- industry/artificial-intelligence/ deepseek-might-not-be-as- disruptive-as-claimed-firm- reportedly-has-50-000-nvidia- gpus-and-spent-usd1-6-billion- on-buildouts 22 IT AND OT 1. Primary Focus IT (Information Technology): Centers on managing, processing, storing, and securing data. IT is mainly concerned with applications, data, and networks that support business operations. OT (Operational Technology): Focuses on the management and control of physical devices and industrial equipment. OT systems control machinery and processes in industries like manufacturing, power generation, and utilities. 23 IT AND OT 2. Environment IT: Primarily operates within business or office environments (servers, data centers, cloud infrastructure). OT: Functions in industrial environments where machinery, production lines, and physical equipment are critical (factories, plants, energy grids). 24 IT AND OT 3. Core Systems and Technologies IT: Involves software applications, databases, servers, laptops, and network hardware (routers, switches). Systems include ERP (Enterprise Resource Planning), CRM (Customer Relationship Management), and databases. OT: Uses SCADA (Supervisory Control and Data Acquisition), PLCs (Programmable Logic Controllers), and ICS (Industrial Control Systems) to manage and control physical processes and equipment. 25 IT AND OT 4. Security Focus IT: Prioritizes data protection, privacy, and network security with a focus on mitigating cyber threats like malware, phishing, and data breaches. OT: Focuses on ensuring safety, reliability, and uptime of physical systems. Security is geared toward protecting physical assets and maintaining continuous operation. 26 IT AND OT 5. Operational Concerns IT: Emphasizes data integrity, confidentiality, and availability of information. OT: Prioritizes system availability, personnel safety, and physical process efficiency over data integrity. 27 IT AND OT 6. Convergence As industries increasingly adopt IoT (Internet of Things), IT and OT are converging, enabling remote monitoring, predictive maintenance, and enhanced data analytics in industrial settings. However, this convergence brings new cybersecurity challenges as traditional OT systems were not initially designed for connectivity. 28 IOT ATTRIBUTES Scalability Why is IPv6 important? Or is it? IPv4 /8 = 16,777,216 IP addresses Communications Reliability, Security, Punctuality Analytics 29 IOT ATTRIBUTES M2M (machine-to-machine) communication AI Cloud Big data analytics 30 CONNECTIVITY Cellular networks (LTE, 5G, etc.) Wi-Fi Bluetooth Ethernet 31 WIRED OR WIRELESS? Wired Wireless High speed Lower speed More security Potential security problems High cost Lower cost Longer time to deploy Quicker to deploy Can reach some places wired can’t 32 WIRED OR WIRELESS TP Link camera: Wyze Cam Has Ethernet port and Does not have Ethernet wireless Uses app and QR code to Uses DHCP out of the box configure the Wi-Fi network Plug it in and find it in your router’s DHCP table Connect to the web interface to configure Wi-Fi 33 OMNIDIRECTIONAL ANTENNAS 34 WIRELESS TYPES Omnidirectional Antenna Directional Antenna 35 RANGE AND CAPACITY Lower frequency = higher range, lower speed Higher frequency = higher speed, less range Line of sight 36 TOPOLOGIES 37 MULTIPATH PROPAGATION Multipath propagation occurs when a radio signal reaches a receiving antenna via multiple paths. This happens when the signal bounces off objects like buildings, mountains, or even the atmosphere, creating multiple copies of the original signal that arrive at the receiver at different times. 38 MULTIPATH PROPAGATION Fading: The multiple signals can interfere with each other, either constructively (boosting the signal) or destructively (weakening it). This leads to fluctuations in signal strength, known as fading. Dispersion: The different path lengths cause the signal to spread out in time, making it harder to decode. Inter-symbol Interference (ISI): In digital communication, the spread-out signal can overlap with neighboring symbols, making it difficult to distinguish between them. 39 MULTIPATH PROPAGATION To mitigate the effects of multipath propagation, various techniques are used, such as: Diversity techniques: Using multiple antennas to receive the signal from different paths. Equalization: Processing the received signal to compensate for the distortion caused by multipath. Spread spectrum techniques: Spreading the signal over a wider frequency band to reduce the impact of fading. 40 SPECTRUM Licensed You can get a license from the government to use a particular radio spectrum. These are very limited and commonly used by wireless carriers, radio stations, or emergency responders Unlicensed These are available for anyone to use. More devices using them means lower bandwidth. Frequencies can vary by country (e.g. GSM uses 850/1900 in the US, 900/1800 in India) 41 MULTIPLEXING Combining multiple data streams on a single link This can be done with wired or wireless connections Demultiplexer (demux) on the other side 42 TYPES OF MULTIPLEXING Frequency division multiplexing (FDM) Time division multiplexing (TDM) Statistical multiplexing Space division multiplexing (SDM) 43 QUALITY OF SERVICE Two main types of traffic: those sensitive to latency, and those sensitive to speed Examples: live video, recorded video, video/audio calls, gaming How to classify these? (type of service) 44 NETWORK MANAGEMENT Centralized management of configuration Fault detection Performance tuning Continuous monitoring Security validation 45 CONNECTIVITY STANDARDS Getting devices to talk to each other requires standards. Standards create acronyms that you have to memorize. Wi-Fi (802.11) ZigBee (IEEE 802.15.4) Cellular (2G – 5G) 46 ZIGBEE https://en.wikipedia.org/wiki/IEEE_802.15.4 Low power Low speed (up to 250kbps) 10-meter range Optimized for mesh Use case: supports thousands of nodes in a mesh 47 CHALLENGES WITH IOT Standards not developed for limited range, coverage Devices may be in places that don’t have Wi-Fi or Cellular connectivity Power requirements – the farther away the transmission, the more power is required. Very cost sensitive Temperature ranges and humidity requirements Device size 48 CHALLENGES WITH IOT Data: How much data, how often is it sent, cloud or on-prem Serviceability: to save costs, sometimes this is sacrificed Onboard processing Security 49 CLOUD SERVICES Chapman is primarily a Microsoft shop Use Microsoft Azure services if possible Others: Amazon AWS, Google Cloud services 50

CPSC514 Internet of Things and Web Security Lecture

Document Details

Tags

Related

Summary

Full Transcript