Internet of Things Handbook April 2017 by WTWH Media LLC

April 2017

How Mr. Robot hacked the IoT Page 6

Modulating 5G Page 12

Internet of Things HANDBOOK

IoT Cover Final .indd 1

4/17/17 9:43 AM

170301_FUEL_EEW_US.indd digikey -- IoT handbook 4.17 2.indd 1 1

3/1/17 11:44 4/13/17 1:09 PM AM

Connect to a KEB controller, or any other PLC. Weâ&#x20AC;&#x2122;re flexible. KEBâ&#x20AC;&#x2122;s C6 Router has been designed for use where wireless communication and advanced networking tools are necessary for operation. We also made it hardware independent so it can work with your existing system - no restrictions.

Learn more on our YouTube channel youtube.com/KEBAmericaInc or on our blog kebblog.com/industrial-router

5100 Valley Industrial Blvd. S Shakopee, MN | 952.224.1400 | sales@kebamerica.com

KEB -- IoT handbook 4.17 .indd 1

4/13/17 1:10 PM

INTERNET OF THINGS

H A N D B O O K

Will connected homes catch on? Reality doesn’t match the marketing.

Many

of the applications envisioned as part of the internet of things revolve around connecting everyday home appliances to the cloud. As more of this kind of connected gadgetry has come onto the market, we are getting a better idea of what an IoTLEE TESCHLER connected home looks like. Indications are the reality EXECUTIVE EDITOR doesn’t match up with the marketing. According to surveys and focus groups conducted by the research firm PriceWaterhouseCoopers (PWC), much of the motivation for installing connected devices is to get a home security system. The idea of smart thermostats and other home automation gear only resonates with consumers as a means of saving money on utility bills. The convenience aspect of such devices sounds appealing, but few consumers are willing to pay anything extra for more convenience, according to PWC’s data. That may be one reason why only about 26% of all internet users in the U.S. currently own a smart Echoes in use. That would mean about home device. Moreover, recent market projections anticipate the 6.5% of all U.S. households have one. use of smart home devices slowly creeping up rather than growing Research shows that the most popular exponentially, as optimists once believed. use for voice controllers today is to It is easy to understand the reasons behind the slow growth: change TV channels. Time will tell Working with smart home devices is a hassle. At our offices here, whether other uses will catch on. we have done teardowns of smart home devices such as smart LED It is interesting to note, however, bulbs. Our experience with them is that the commissioning process that surveys of households already is not one most consumers would put up with. using voice controllers find that people For example, consider what’s required to get the thirddon’t really worry about the privacy generation Nest Thermostat going. Because of well-chronicled concerns. Cynics might say most security problems, Nest added two-factor authentication to its smart conversations in their homes are boring phone app. Now, Nest thermostat users must open the app, go to anyway, so no one cares if an Amazon an account security setting, activate ‘two-step verification,’ then sign Echo overhears them. in, enter a password, get a text with the verification code, tap in the But we suspect there might be code, and finally get into the app. To make matters slightly more a reason for the popularity of voice complicated, everyone in a household can have their own separate controllers that surveys don’t catch: Nest account and, of course, must be separately authenticated. All Home owners accustomed to having this just to set the temperature for your home. their kids and their spouse ignore what Perhaps the complicated nature of smart home apps explains they say might see a voice control unit the attraction some people have toward voice control – telling an as a godsend. With a voice controller, Amazon Echo to turn the heat up sounds a lot simpler than punching finally there is something in the house in arduous key sequences on a smart phone. Consumer Intelligence that listens to them. Research Partners estimates that there are now 8.2 million Amazon

DESIGN WORLD — EE Network

Commentary — EE IoT 04.17 V1.indd 2

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 2:50 PM

Without us... He wouldnâ&#x20AC;&#x2122;t be

going...

and going...

MPD -- IoT handbook 4.17 .indd 3

4/13/17 1:11 PM

inside 39

Cover photo courtesy of iStock.

THE INTERNET OF THINGS HANDBOOK

02 Will connected homes catch on? Reality doesn't match the marketing.

28 Bet ter development systems for IoT apps

06 How Mr. Robot hacked the IoT

The popular TV drama Mr. Robot once portrayed a penetration of a building automation system. Security experts say the same exploit could have happened in real life.

Modulating 5G

The IoT will make heavy use of fifth-generation mobile networks that use a yet-to-be-determined modulation scheme. Here are the major contenders.

Who is after big data?

The rush to gather data--the “new currency”--from every device connecting to the internet makes it a tempting target to those who seek to monetize it before you do. What can and should you do to protect this new currency?

Thanks to interconnected devices, traditional human machine interfaces may no longer be needed. DESIGN WORLD — EE Network

Contents & Staff — IoT Handbook 4-17 V1.indd 4

4 • 2017

Tools, operating systems, platforms, and services help open new doors for developers building security into their connected, modern-day IoT infrastructure.

35 Thwarting hackers on the IoT

A few best practices can drastically improve the security of IoT devices and help maximize the benefits they provide.

39 Bat teries boost wireless connectivity to the IIoT

Self-powered electronic devices that define the Industrial Internet of Things (IIoT) have special needs that can be addressed through the judicious selection of battery chemistry.

44 The case for multiprotocol, multiband connectivity in the IoT

23 The new face of machinery

32 Building security into IoT/IIoT end devices

What's new for implementing the IIoT

Developers continue to create tools that will help designers install IoT functions into their designs.

It can be tough for engineers to plan IoT systems around services based in the cloud. New generations of development systems simplify the task.

Wireless protocols that are widely used in the IoT have a lot of common attributes. Multiprotocol SoCs able to run them all can simplify many kinds of wireless designs.

eeworldonline.com | designworldonline.com

4/14/17 2:32 PM

EDITORIAL Editorial Director Paul J. Heney pheney@wtwhmedia.com @dw_Editor Managing Editor Leslie Langnau llangnau@wtwhmedia.com @dw_3Dprinting

DESIGN & PRODUCTION SERVICES VP Creative Services Mark Rook mrook@wtwhmedia.com @wtwh_graphics Art Director Matthew Claney mclaney@wtwhmedia.com

@wtwh_designer Executive Editor Leland Teschler lteschler@wtwhmedia.com @dw_LeeTeschler Senior Editor Miles Budimir mbudimir@wtwhmedia.com @dw_Motion Senior Editor Mary Gannon mgannon@wtwhmedia.com @dw_MaryGannon Senior Editor Lisa Eitel leitel@wtwhmedia.com @dw_LisaEitel Associate Editor Mike Santora msantora@wtwhmedia.com @dw_MikeSantora

Graphic Designer Allison Washko awashko@wtwhmedia.com

Traffic Manager Mary Heideloff mheideloff@wtwhmedia.com Production Associate Tracy Powers tpowers@wtwhmedia.com Director, Audience Development Bruce Sprague bsprague@wtwhmedia.com

Digital Media Manager Patrick Curran pcurran@wtwhmedia.com @wtwhseopatrick

Marketing Coordinator Lexi Korsok lkorsok@wtwhmedia.com @wtwh_Lexi

Senior Web Developer Patrick Amigo pamigo@wtwhmedia.com @amigo_patrick

Digital Marketing Specialist Josh Breuler jbreuler@wtwhmedia.com @wtwh_Joshb

Web Production Associate Skylar Aubuchon saubuchon@wtwhmedia.com @skylar_aubuchon

Marketing Associate Aly Ryan aryan@wtwhmedia.com @wtwh_Aly

Web Production & Reporting Associate Jennifer Calhoon jcalhoon@wtwhmedia.com @wtwh_Jennifer

Digital Marketing Director Virginia Goulding vgoulding@wtwhmedia.com @wtwh_virginia Manager Webinars Stacy Combest scombest@wtwhmedia.com @wtwh_Stacy

VIDEO SERVICES Videographer Manager John Hansel jhansel@wtwhmedia.com @wtwh_Jhansel Videographer Bradley Voyten bvoyten@wtwhmedia.com @bv10wtwh Videographer Derek Little dlittle@wtwhmedia.com

DIGITAL MEDIA/MARKETING Web Development Manager B. David Miyares dmiyares@wtwhmedia.com @wtwh_WebDave

Marketing Manager, Social Media & Events Jen Kolasky jkolasky@wtwhmedia.com @wtwh_Jen

FINANCE Controller Brian Korsberg bkorsberg@wtwhmedia.com Accounts Receivable Specialist Jamila Milton jmilton@wtwhmedia.com

WTWH Media, LLC 6555 Carnegie Ave., Suite 300 Cleveland, OH 44103 Ph: 888.543.2447 FAX: 888.543.2447

2014 Winner

DESIGN WORLD does not endorse any products, programs or services of advertisers or editorial contributors. Copyright© 2017 by WTWH Media, LLC. No part of this publication may be reproduced in any form or by any means, electronic or mechanical, or by recording, or by any information storage or retrieval system, without written permission from the publisher. Subscription Rates: Free and controlled circulation to qualified subscribers. Non-qualified persons may subscribe at the following rates: U.S. and possessions: 1 year: $125; 2 years: $200; 3 years: $275; Canadian and foreign, 1 year: $195; only US funds are accepted. Single copies $15 each. Subscriptions are prepaid, and check or money orders only.

2011 - 2016

Subscriber Services: To order a subscription or change your address, please email: designworld@halldata.com, or visit our web site at www.designworldonline.com POSTMASTER: Send address changes to: Design World, 6555 Carnegie Ave., Suite 300, Cleveland, OH 44103

eeworldonline.com | designworldonline.com

Contents & Staff — IoT Handbook 4-17 V1.indd 5

4 • 2017

DESIGN WORLD — EE Network

4/14/17 1:37 PM

INTERNET OF THINGS

H A N D B O O K

How Mr. Robot hacked the IoT The popular TV drama Mr. Robot once portrayed a penetration of a building automation system. Security experts say the same exploit could have happened in real life.

LEE TESCHLER EXECUTIVE EDITOR

2015, TV viewers who tuned into episode five (having the catchy title “eps1.4_3xpl0its.wmv”) of a series called Mr. Robot watched the main character try to destroy magnetic tape data backups held at a facility that was portrayed as both well-fortified and remote. The plan was to slowly raise the temperature of the storage room to point where the tapes would be compromised. The means of raising the temperature was to connect an ordinary Raspberry Pi computer board into the climate control system. The Pi would simply override climate commands from the building automation controller. In Mr. Robot, this scheme actually worked as planned. To the average viewer, the whole building-penetration scenario probably seemed pretty simple – perhaps too simple. Of course, script writers have a reputation for playing fast and loose with facts in the interest of a compelling story. Technology-literate viewers might wonder whether the events of episode five could really unfold in real life the way writer David Iserson envisioned. We wondered the same thing. So we contacted two cybersecurity experts with experience in building automation systems. Michael Chipley is the president of The PMC Group LLC, a firm which helps companies make their building control systems cybersecure. Billy Rios is the founder of WhiteScope, a security consulting firm with experience in IoT and embedded device security assessments. Among other things, they run penetration tests and size up facilities for security issues. We asked both Chipley and Rios about the events depicted in episode five.

The thermostat being hacked on Mr. Robot. In season two, the FBI discovers the hacked thermostat. Eagle-eyed Mr. Robot fans noticed that the Raspberry Pi pulled from the wall was a model not-yet available when the hacking episode aired, and that it was attached to the back of the thermostat. When originally installing it, Elliot had simply shoved it through the hole for the thermostat without attaching it to anything. Images courtesy of USA Network.

DESIGN WORLD — EE Network

Mr Robot — EE IoT 04.17 V2.indd 6

4 • 2017

eeworldonline.com | designworldonline.com

4/14/17 2:33 PM

™

I N T E R C O N N E C T C O m P O N E N T S & h a R d wa R E

Battery Clips, Contacts & Holders

Fuse Clips & Holders

Terminals and Test Points

Spacers & Standoffs

Plugs & Jacks

Multi-Purpose Hardware

It’s what’s on the InsIde that counts ® E L E C T R O N I C S

www.keyelco.com

EE-IT-THiNK keystone -- IoT Corp_4-17.indd handbook 4.17 1 .indd 7

•

(718) 956-8900

•

C O R P.

(800) 221-5510

3/9/17 10:46 4/13/17 1:11 PM AM

INTERNET OF THINGS

What a t hermost at looks l ike o n a BACnet

H A N D B O O K

INSIDE THE WALL One of the scenes depicts how the Pi was introduced into the climate control network. It involves the main character, Elliot Alderson, removing a thermostat to reveal a large hole in the wall behind it. Elliot splices the Pi into the network lines coming into the thermostat, pushes the Pi through the hole in the wall, and re-mounts the thermostat. Perhaps the most basic question about this scenario is whether or not you’ll typically find a hole behind a wall thermostat big enough to push a Pi through. After all, removing the thermostat in your home will typically reveal only a small hole big enough for a couple wires. No chance there for a Mr. Robot-style Pi hack. But the situation can be different in commercial buildings, according to the security experts. “The holes behind these devices can be quite large,” says Billy Rios. “I don't think inserting a Raspberry Pi behind one them would be difficult. It's certainly not something I would worry about if I were doing something similar.” Nevertheless, interviews given by Mr. Robot staff indicate that getting the Pi into the wall had its challenges, though it was only done for TV. Speaking to Rolling Stone magazine, Mr. Robot chief technical adviser Kor Adana said on ordinary Pi was too big to fit through the thermostat hole and had to be modified. He explained that a network cable had to be soldered directly to the board after the removal of a “wireless network port.” (Of course, the version of the Pi available in 2015 when the show aired didn’t contain wireless capabilities. We surmise Adana was referring to the RJ45 jack for an Ethernet connection.)

BACnet objects have a set of properties used to exchange information with other objects. This example of a thermostat shows a few properties which might be available, although in practice there would be many more.

The bigger question is whether a Pi added to a climate control network could legitimately cause the kind of destructive overheating depicted in Mr. Robot. The answer to the question lies in the make-up of industrial building automation protocols typically used for buildings. Major HVAC vendors such as Honeywell and Johnson Controls have their own proprietary network protocols, and there are also standard protocols for building automation systems. Expert familiar with these protocols say they all lack security features that would recognize and isolate bogus devices. To cite a specific example, consider BACnet, for Building Automation and Control network. It is an ASHRAE, ANSI, ISO 16484-5 standard. Some 842 HVAC vendors now use it. So it is probably a good candidate for controlling E Corp.’s Steel Mountain tape back-up facility.

Typical BAC net system

DESIGN WORLD — EE Network

Mr Robot — EE IoT 04.17 V2.indd 8

4 • 2017

eeworldonline.com | designworldonline.com

4/14/17 2:33 PM

MR. ROBOT

“BacNET can be implemented via serial or TCP/IP. We see both quite often. BacNET doesn't usually provide for authentication or integrity validation, so once you get access to the BacNET, it's game over for the building. And there are a variety of ways to get access to a building's BacNET. The scenario shown in Mr. Robot is totally plausible, both in serial BacNET and via TCP,” says Rios. The BACnet protocol defines a number of services used to communicate between building devices and also 59 object types that the services act on. But only in 2016 did the BACnet committee in charge of the protocol’s definition release an addendum adding IT security concepts. As of this writing it is still out for advisory public review. So a Pi attached to BACnet network lines would look like any other low-level node on the network. “Most control systems use a reference architecture where level five is your typical internet outside connection, level four is engineering operator consoles and traditional IT assets that communicate down to level three devices,” says Michael Chipley. “The level-three devices then communicate down to level-two devices. The Raspberry Pi is a level-two device. But there’s no authentication of the command line communication between any of these devices. BACnet is peer-to-peer protocol so it can have thousands of devices trusting each other on its network. As long as the command that’s issued is valid, the device will obey it. The same problem exists on proprietary networks.” OUT ON THE NET Once Elliot had done his dirty work with the Raspberry Pi, he was able to access the Steel Mountain BACnet from an ordinary laptop with an internet connection. Once again, experts say this scenario uses existing technology that’s widely available. The website used in the show to see the Steel Mountain building automation network also exists in real life. It’s called Shodan (www.shodan.io) and is a search engine that lets users find not just HVAC systems but also routers, servers, and other equipment connected to the internet. Though designed for use by web security personnel, Shodan became notorious a few years ago when news sites noticed it could be used to access unprotected traffic lights and video baby monitors. The way Shodan finds these unprotected devices is by crawling the internet looking for IP addresses with open ports. The reason Shodan can find computer-controlled HVAC systems is that they’ve been plugged into a company web server that reaches the internet. (Conversely, Shodan won’t see HVAC systems operating on their own closed networks.) When Shodan notices a port left open without password protection, or with only the default password

eeworldonline.com | designworldonline.com

Mr Robot — EE IoT 04.17 V2.indd 9

This cursory search for BACnet systems on Shodan revealed installations at Enteracloud Solutions, Watertown Public Schools, and AT&T Internet Services, among others.

settings, it takes a snapshot of the connection and moves on. As a quick review, ports are pieces of software generally used by transport-layer protocols for identifying specific processes or types of network services. Specific port numbers are often used to identify specific services. Ports became necessary after computers became capable of executing multiple programs simultaneously and connected via packet-switched networks. Back when connections were strictly point-to-point and computers ran just one program at a time, there was no need for the concept of a port. A port is always associated with an IP address of a host and the protocol used by the communication. A port is identified for each address and protocol by a 16-bit number, commonly called the port number. For example, an address might look like "protocol: TCP, IP address: 10.22.33.44, port number: 554", which may be written 10.22.33.44:554 when the protocol is known from context. In the previous example, the port number 554 is used by devices that employ real time streaming protocol. BACnet messages use the user datagram protocol port number 47808.

4 • 2017

DESIGN WORLD — EE Network

4/14/17 9:53 AM

H A N D B O O K

INTERNET OF THINGS

A Raspberry Pi 3 (a later model than that used in Mr. Robot) next to a thermostat for a commercial building. The Pi measures about 33⁄8×23⁄16 in.

“Every day thousands more control systems show up on Shodan,” says Michael Chipley. “People don’t realize that when they have a misconfigured thermostat or HVAC controller, it is exposed. And technically, when you see an HVAC system on Shodan you haven’t hacked anything because the owner has posted the information for the whole world to see.”

RESOURCES

White Scope Whitescope.io PMC Group Pmcgroup.biz

DESIGN WORLD — EE Network

Mr Robot — EE IoT 04.17 V2.indd 10

INSIDE THE NETWORK Elliot Alderson and his cohorts used one other piece of software in their penetration of the Steel Mountain HVAC system. Called Kali Linux, it, too, is a real-world program. It is basically an operating system designed by two security experts for doing network penetration tests. It contains a toolkit for such tasks as cracking Wi-Fi passwords, creating fake networks, and analyzing network traffic. There are versions of it available for the Raspberry Pi. It is small enough to run from the Pi’s SD card. In the case of the Mr. Robot hack, we might surmise that Kali was the means by which Elliot and his colleagues watched network traffic and determined which devices were the thermostats controlling the tape storage rooms. With that information, the Pi would have mimicked the thermostats and generated commands to the HVAC controller to boost the temperature in those rooms.

4 • 2017

Given that the Mr. Robot episode was filmed a few years ago, you might wonder if a similar scheme would still work today. Odds are that it would, say the security experts. “Network security for these devices hasn't improved very much since 2014,” says Billy Rios. “The underlying BacNET protocol simply doesn't have security built into it. That's something that cannot easily be overcome by a single vendor or even a collection of vendors.” “The vulnerabilities will be out there forever,” says Chipley. “You just have to assume systems are going to be exploited. So when they are compromised, you need to design them so they just fail gracefully. You have to adopt that approach because there is no way you are going to stop a determined aggressor from taking over. When we run simulated attacks, it is not a matter of if we are getting in the system, it is a matter of how fast. For real hackers, it is typically less than 30 minutes before they own everything.”

eeworldonline.com | designworldonline.com

4/14/17 2:35 PM

PLC WITH BUILT-IN VPN & FIREWALL

IT R U C

-IN T L I BU

IIoT READY

PFC Series Performance Class Controllers • VPN technology with IPsec and OpenVPN security protocols • IIoT-ready application security with SSL/TLS encryption • Firewall with whitelisting for increased network security www.wago.us/PLC-VPN

wago -- IoT handbook 4.17 .indd 11

4/13/17 1:12 PM

INTERNET OF THINGS

Modulating 5G The IoT will make heavy use of fifth-generation mobile networks that use a yet-to-be-determined modulation scheme. Here are the major contenders.

H A N D B O O K

LEE TESCHLER | EXECUTIVE EDITOR

Fifth-generation

mobile networks, abbreviated 5G, will form the telecommunications standards for the internet of things. Planners say 5G will have a higher capacity than the current 4G equipment partly to support the deviceto-device, ultra reliable, and massive machine communications expected to help define the IoT of the future. Among the goals of 5G: lower latency than 4G equipment and lower battery consumption, data rates of tens of megabits per second for tens of thousands of users, several hundreds of thousands of simultaneous connections available for wireless sensors, along with better spectral signaling efficiency. The better spectral efficiency will partly be a function of the modulation schemes used in 5G. However, those modulation schemes have yet to be standardized. There are several contenders, and derivatives of the same quadrature-style schemes in use by mobile networks today haven’t been ruled out for 5G. So it is interesting to review the major modulation techniques now up for consideration as part of 5G. Techniques discussed for 5G tend to use multiple carriers as a means of obtaining spectral efficiency. At present 4G LTE uses QAM (quadrature amplitude modulation) with OFDM (orthogonal frequency division multiplexing) as modulation and OFDMA (OFDM multiple access) as access scheme. 5G will provide a high bit rate so it will need to make efficient use of the spectrum.

DESIGN WORLD — EE Network

5G — EE IoT 04.17 V2.indd 12

4 • 2017

Several of the ideas proposed for 5G are hybrids of QAM and OFDM principles. First a few basics. Quadrature techniques represent a transmitted symbol as a complex number and modulate a cosine and sine carrier signal with the real and imaginary parts. This lets the symbol be sent with two carriers. The two carriers are generally referred to as quadrature carriers. A coherent detector can independently demodulate these carriers. This principle of using two independently modulated carriers is the foundation of quadrature modulation. QAM conveys information by modulating the amplitudes of the two carrier waves, using either amplitudeshift keying (ASK) for digital data or straight amplitude modulation for analog. The two carrier waves of the same frequency, usually sinusoids, are out of phase with each other by 90°. The modulated waves are summed, and the final waveform is a combination of both phase-shift keying (PSK) and amplitude-shift keying (ASK). QAM is said to be spectrally efficient, and the reason becomes clear by comparing a QAM signal with that of an ordinary AMed carrier. A straight amplitude-modulated signal has two sidebands. The carrier plus the sidebands occupy twice the bandwidth of the modulating signal. In contrast, QAM places two independent double-sideband suppressed-carrier signals in the same spectrum as one ordinary double-sideband suppressed-carrier signal. QAM can give arbitrarily high spectral efficiencies by setting a suitable constellation size. As a quick review,

eeworldonline.com | designworldonline.com

4/14/17 9:16 AM

MODULATING 5G

S i m p l e QAM tra n sm i t ter

a constellation diagram represents the signal as a scatter diagram in the Q and I axes and represents the possible symbols as points on the plane. The more symbols defined in the modulation scheme, the more points on the constellation diagram. The number of points at which the signal can rest, i.e. the number of symbols, is indicated in the modulation format description: 16QAM uses a 16-point constellation, and so forth. Constellation points are normally arranged in a square grid with equal vertical and horizontal spacing. Use of higher-order modulation formats, i.e. more points on the constellation, makes it possible to transmit more bits per symbol. However, use of higher-order symbols positions constellation points closer together, making the link more susceptible to noise. Specifically, it takes less noise to move the signal to a different decision point on the constellation diagram. A point to note about QAM is that it is considered a single-carrier system. The two digital bit streams come from one source that is split into two independent signals. QAM signals are often sent via multicarrier modulation schemes that transmit one QAM signal over one of several subcarriers. The point of doing this is to simplify the task of compensating for distortions arising in the communication channel. Each of the subcarriers has a small bandwidth. The communication channel has a relatively flat frequency response over each of these small bands. So it is relatively easy to compensate for distortions over each of the small subcarrier bands. In OFDM, many closely spaced orthogonal sub-carriers carry data on several parallel data streams or channels. Each sub-carrier is modulated with a conventional modulation scheme such as QAM at a low symbol rate, maintaining total data rates similar to conventional single-carrier modulation schemes in the same bandwidth.

eeworldonline.com | designworldonline.com

5G — EE IoT 04.17 V2.indd 13

Simple QA M receive r

Quadrature amplitude modulation conveys two analog message signals, or two digital bit streams, by changing (modulating) the amplitudes of two carrier waves, using the amplitude-shift keying (ASK) digital modulation scheme or amplitude modulation (AM) analog modulation scheme. The two carrier waves of the same frequency are out of phase with each other by 90° and are thus called quadrature carriers. The modulated waves are summed, and the final waveform is a combination of both phase-shift keying (PSK) and amplitude-shift keying (ASK), or, in the analog case, of phase modulation (PM) and amplitude modulation.

The primary advantage of OFDM over using a single carrier is its ability to cope with severe interference as caused by RF sources at nearly the same frequency or frequency-selective fading from multipath. OFDM may be viewed as using many slowly modulated narrowband signals rather than one rapidly modulated wideband signal. The low symbol rate makes the use of a guard interval between symbols affordable, making it possible to eliminate intersymbol interference (ISI) and use echoes and time-spreading to improve signal-to-noise. The orthogonality of OFDM comes from the selection of the sub-carrier frequencies so they are orthogonal to each other. This basically means the spectrum space between sub-carriers obeys a mathematical relationship where it is inversely proportional to the symbol duration. Sub-carriers spaced this way don’t experience any cross-talk and thus eliminate the need for inter-carrier guard bands, simplifying the design of both the transmitter and the receiver.

Simple O FD M t ransmit ter & receiver m a ke - u p

4 • 2017

DESIGN WORLD — EE Network

4/14/17 2:48 PM

INTERNET OF THINGS

G eneric f ilter bank mult icarrier (F MB C) t ra ns m it te r

H A N D B O O K

There are a few inherent difficulties with OFDM. One is that an OFDM signal can have a high instantaneous peak compared to its average level. There can also be a large signal amplitude swing when the signal traverses from a low to a high instantaneous power. The power amp used must be linear over a wide bandwidth to prevent a high out-of-band harmonic distortion. This phenomenon can potentially interfere with adjacent channels. Other difficulties arise with the time and frequency synchronization between the OFDM transmitter and receiver. Numerous techniques have been proposed for estimating and correcting both timing and carrier frequency offsets at the OFDM receiver. For example, one idea is to embed pilot tones into OFDM symbols, then use timing and frequency acquisition algorithms to sync on them.

HYBRID SCHEMES FOR 5G

Several of the modulation schemes under review for 5G are hybrids employing elements found in QAM and OFDM. One is called F-QAM or FSK-QAM. F-QAM is a combination of QAM and frequency shift keying (FSK). It has been proposed in conjunction with OFDMA, the multiuser version of OFDM where individual users are assigned subsets of subcarriers.

Gen eri c f i l ter b a n k mult icarrier receiver ( G FD M)

DESIGN WORLD — EE Network

5G — EE IoT 04.17 V2.indd 14

4 • 2017

F-QAM combines MF-FSK (multiple frequency FSK) and MQ-QAM (multiple QAM modulation levels). F-QAM has many similarities with OFDM-IM (OFDM with index modulation). In both cases the information is not only conveyed through the modulated symbols but also via the indices of the active subcarriers. At the receiver side, the detection process is similar to that of the OFDM-IM. The receiver employs what’s called a log-likelihood-ratio (LLR) detector to determine the active subcarrier in each sub-block and, afterwards, estimates the received symbols using a maximum likelihood (ML) detector. One drawback of current OFDMA schemes is that they require accurate synchronization of the user signals at the base station. Such synchronization is not straightforward and demands a lot of resources. So a lot of the work on 5G aims at a way around this base station syncing. One idea from AlcatelLucent Bell Labs is a modified OFDM waveform dubbed universal filtered multicarrier (UFMC). UFMC passes each bundle of adjacent subcarriers that belong to a user through a filter to minimize multi-user interference. Bandwidth efficiency is kept at the same level as OFDM, but UFMC uses no cyclic prefix (CP). The interval the CP normally occupies instead absorbs the transient of the underlying filters, making the filtering more effective. Generalized frequency division multiplexing (GFDM) is another candidate waveform. GFDM may be thought of as a modified OFDM, where each subcarrier is shaped by a high-quality filter. To allow the addition of the CP, the subcarrier filtering operation in GFDM is based on a circular convolution. Another 5G contender is based on filter bank multicarrier with offset

eeworldonline.com | designworldonline.com

4/14/17 9:17 AM

MODULATING 5G

G eneric F -QA M t ransmit ter

In an F-QAM transmitter, the N subcarriers of the OFDM block are divided into sub-blocks of MF subcarriers. A bit splitter splits the bits into groups. The first log2 MF bits of each group are used to select that subcarrier out of the MF available that will carry the symbol of the MQary signal constellation to which the next log2 MQ bits of the group are mapped. Each sub block transmits log2 MF + log2 MQ bits. The rest of the transmitter components are the same as in the classic OFDM.

QAM (FBMC-OQAM). FBMCs employ two sets of bandpass filters called analysis and synthesis filters, one at the transmitter and the other at the receiver, to filter the collection of subcarriers being transmitted simultaneously in parallel frequencies. FBMC filter bandwidth, and therefore selectivity, is a parameter that can be varied during design. FBMC also offers better bandwidth efficiency when compared to OFDM. FBMC eliminates the need for CP processing while efficiently attenuating interferences within and close to the frequency band. FBMC systems are also comparatively more resistant to narrowband noise.

OTHER IDEAS

RESOURCES

Though multi-carrier systems seem to be getting most of the attention for 5G, experts say single-carrier modulation could still be part of the spec. There are also what might be termed odd-ball techniques still in the mix. One is called faster than Nyquist (FTN) modulation. It is a non-orthogonal subcarrier system that actually makes use of intersymbol interference to pack more data into a communication channel. Another non-orthogonal idea is called time-frequency packing. The carriers are close together, and a super-sophisticated detector in the receiver decodes the closely packed signals. TFS is implemented either with QAM or OQAM. Finally, a couple of ideas from independent companies have been floated as 5G specs. One is called wave modulation (WAM) which comes from MagnaCom, an Israeli startup acquired by Broadcom. Here a set of algorithms implement a form of spectral compression. Details about WAM are sparse, but the spectral compression is said to enable a higher signaling rate thereby affording the use of lower-order symbol alphabet, which reduces complexity. It is also said to give an overall 10% system gain advantage, up to 4x increase in range, a 50% spectrum savings, improved noise tolerance, and increase in data speed. Another company called Cohere Technologies patented a modulation technology called Orthogonal Time Frequency and Space (OTFS). Again, details about OTFS are sparse, but press releases put out by Cohere speak highly of it.

eeworldonline.com | designworldonline.com

5G — EE IoT 04.17 V2.indd 15

QAM, Onlinelibrary.wiley.com/ doi/10.1002/0471219282.eot284/abstract;jsessionid=8B34B69579559C1A80066D15266C41A1.f03t04?userIsAuthenticated=false&deniedAccessCustomisedMessage= F-QAM, Metis-ii.5g-ppp.eu/wp-content/uploads/ publications/2016/2016-09-PIMRC-FQAM-FBMC-Design-and-Its-Application-to-Machine-Type-Communication.pdf OFDM, Radio-electronics.com/info/rf-technology-design/ofdm/ofdm-basics-tutorial.php

4 • 2017

DESIGN WORLD — EE Network

4/14/17 2:49 PM

INTERNET OF THINGS

Who is after big data?

H A N D B O O K

The rush to gather data--the “new currency”--from every device connecting to the internet makes it a tempting target for those who seek to monetize it before you do. What can and should you do to protect this new currency?

OC O

A few

U RT

E SY

OF iS TOC

DESIGN WORLD — EE Network

Feature 1 — EE IoT 04.17 V4.indd 16

successful anecdotes aside, the promise of the Internet of Things (IoT) contributing to greater productivity and efficiency (wherever it’s applied) is still a work in progress. But that does not stop IoT developers from pushing forward with this technology, even though a thorough understanding of IoT drawbacks is a must. One major drawback revolves around the security measures users don’t take to protect IoT data from cyber criminals. SonicWall, a developer and implementer of cybersecurity systems, recently released its 2017 Annual Threat Report on the threats seen in 2016 and what IoT developers can expect to see in 2017. Here are key threats they claim developers need to anticipate when designing end use products. The number of cyber threats targeted at companies did not slack off in 2016. These threats targeted companies of all sizes. According to SonicWall, “It would be inaccurate to say the threat landscape either diminished or expanded in 2016 – rather, it appears to have evolved and shifted.” The good news is that security professionals used new technologies to fend off many of these attacks. The bad news is that cyber criminals continue to find innovative ways to hack data. Malware has been a favorite vector of attack, but that is changing. Noted SonicWall, the number of unique malware samples collected in 2015 was 64 million. It fell a bit in 2016 to 60 million, a 6.25% decrease. And total attack attempts dropped from 8.19 billion in 2015 to 7.87 billion in 2016. Malware is on the decline, and replacing it is ransomware. Part of this development is due to ransomwareas-a-service (RaaS), which makes it easy to deploy ransomware kits. Other factors increasing ransomware are that the perverse code is easy to spread and there’s minimal risk of getting caught. SonicWall reports ransomware attack attempts were around 4 million in 2015 but hit 638 million in 2016! About 15% of those attacks were in mechanical and industrial engineering companies.

4 • 2017

eeworldonline.com | designworldonline.com

4/14/17 2:36 PM

WHO IS AFTER BIG DATA

The costs to the companies were significant-$209 million in ransom was paid out by the end of the first quarter of 2016. Payment often had to be made in Bitcoins because such transactions are harder to trace by law enforcement. Payment of the ransom will not guarantee that the data will be returned. Noted SonicWall, only 42% of companies attacked were able to recover their data fully, and those data mostly came from a backup. 1. Ransom payment is only part of the cost victims encounter. More money is required to cover the costs of a cyber response team, restoration efforts, and then changes to the cybersecurity technology 2. to deal with the next attack. In addition, companies face increased insurance premiums. Another popular line of attack is in the form of hidden detection using SSL/TLS encryption. About 62% of web sessions were affected in 2016. 3. SSL/TLS encryption is supposed to make it harder for cyber criminals to intercept payment information from consumers. Unfortunately, it provides an uninspected backdoor into a network, which cyber criminals exploit with malware. Many 4. companies still do not have the right network protection infrastructure installed for deep packet inspection (DPI) that would help detect malware hidden in SSL/TLS encrypted web sessions. Next generation firewalls perform DPI, but doing so can compromise the efficiency of the network, so many companies simply do not use this form of inspection. Thus, most network traffic is not being inspected, leaving a company open to security hacks. Backing up data is certainly a way to recover from ransomware, but it is advised that the backup systems themselves either be offline for extended periods or require authentication. Otherwise, there’s a risk of reintroducing the ransomware into the system through the backup. Of course, a very ripe market for hackers and cyber criminals is the Internet of Things, especially as IoT spreads to more devices and systems. All categories of IoT devices are vulnerable: smart wearables, any smart home device, smart entertainment, smart vehicles and so on. Distributed Denial of Service (DDoS) attacks is the common form of disruption. And SonicWall found the U.S. was targeted the most. “Internet of Things (IoT) devices were successfully compromised on a massive scale and used to mount DDoS

SonicWall offers several recommended practices to help secure devices connecting to the IoT.

eeworldonline.com | designworldonline.com

Feature 1 — EE IoT 04.17 V4.indd 17

Stay on top of all updates and patches for browsers, operating systems and IoT firmware. Increase browser security levels, disable remote desktop protocol (RDP) and select “Show File Extensions.” Also, restrict Microsoft Office files containing macros. Install a solution that helps you detect a system that’s been compromised outside the network and that lets you flag for correction. Use multiple layers of defense and properly integrated products. Start with a security policy that trusts nothing (network, resources, and so on) and nobody (vendors, franchisees, internal personnel), and add exceptions where needed.

4 • 2017

DESIGN WORLD — EE Network

4/13/17 2:56 PM

H A N D B O O K

INTERNET OF THINGS

attacks that disrupted high‐profile companies including Airbnb, Netflix, Reddit, Twitter and Spotify,” said SonicWall. “In September and October 2016, attackers leveraged hundreds of thousands of IoT devices with weak telnet passwords to launch DDoS attacks using the Mirai botnet management framework.” The main reason IoT devices are easy to attack (and you already know this) is because “it’s more important to get to market fast/first,” then to deliver a strong, safe design. A few design changes can help, however. Install programming that forces users to change default passwords, for example. If possible, install features that look for specific IoT malware like Mirai. For users, a best practice is to segregate IoT devices into separate zones in case one is compromised. That way, only part of a network is compromised.

The security dangers with the IoT should not be underestimated. Cyber criminals will continue to use ransomware and malware with IoT connected devices. Notes SonicWall, attackers will use malware to take control of IoT devices, possibly even demanding ransom. An attacker could, “suspend company production lines, affect city power grids, and even tap into personal health devices in exchange for ransom.” More IoT devices will be subject to DDoS attacks thanks in part to the success of the Mirai virus. If sufficient protection is not included in drones and smart cars, hacker will take control of them. Incidents of such attacks will rise.

you could incorporate the switch functionality of a circuit breaker with the high protection level of a fuse?

New Fused Disconnect Switch UL98 Rated for CC fuses up to 30A & 600V The new Fused Disconnect Switch (FDS) series incorporates the switch functionality of a circuit breaker with the high protection level of a fuse. The FDS allows end-users to shut off and isolate branch circuits in electrical control systems in order to safely perform maintenance on the downstream circuit components. To view the product data sheet and learn more about the FDS, please visit: www.marathonsp.com/New Products/Fused Disconnect Switch Regal and Marathon are trademarks of Regal Beloit Corporation or one of its affiliated companies. ©2016 Regal Beloit Corporation, All Rights Reserved. MCAD16061E • SB0045E

Feature 1 — EE IoT 04.17 V4.indd 18

4/13/17 2:58 PM

WHAT’S NEW

What’s new for implementing the IIoT Developers continue to create tools that will help designers install IoT functions in their designs. LESLIE LANGNAU | MANAGING EDITOR

Despite

increasing demand for IoT enabled components and devices, “the IoT market is still extremely fragmented,” says Tom McKinney, Business Development Manager for HMS Industrial Networks Inc. In general, IoT based products tend to be suited to specific industries rather than flexible enough to be used across a range of them. Even so, every developer is pursuing the IoT market because customers expect all devices to be network compatible, regardless of vendor. Here’s a look at some of the more recent IoT product developments. EASIER IOT SYSTEM DESIGN Several companies offer development systems to aid the design engineer in installing IoT features into a product. One example is the Node-RED development environment that runs on the groov Box industrial appliance from Opto 22. Node-RED will decrease IIoT application development time and complexity, making it easier to prototype, develop, and deploy applications for connecting physical assets to cloud applications and IT systems. Node-RED is a visual wiring tool to connect edge-computing systems such as industrial automation controllers to cloud services such as Amazon Web Services (AWS) IoT, IBM Watson IoT, and Microsoft Azure.

The Node-RED development environment runs on the groov Box industrial appliance from Opto 22. Node-RED decreases IIoT application development time and complexity, making it easier to prototype, develop, and deploy applications for connecting physical assets to cloud applications and IT systems.

eeworldonline.com | designworldonline.com

Feature 2 — EE IoT 04.17 V4.indd 19

It is an open-source, cross-platform technology available on GitHub.com and npmjs.org, and is currently available for a variety of platforms. Opto 22’s groov Box fuses together an industrially rugged hardware platform, data visualization for mobile and web clients, industrial automation protocol support including Modbus/TCP and OPC UA, and advanced data flow processing. It is a zero-programming, web-based way to build, deploy, and view effective, scalable operator interfaces and system dashboards to monitor and control systems and equipment using mobile devices and other computer-based systems. Node-RED, running on the groov appliance, enables developers to rapidly prototype and develop IIoT applications to connect data streams from industrial assets to IT assets, bridging the gap between physical equipment and digital computing systems. Schneider Electric also offers a development platform. Its next generation EcoStruxure architecture and platform delivers IoT-enabled solutions at scale for building, grid, industry and data center customers. The architecture and platform is open, scalable and interoperable, connecting the three core layers of Schneider Electric’s technology stack, from connected products, to edge control, to applications, analytics and services.

4 • 2017

DESIGN WORLD — EE Network

4/14/17 2:37 PM

INTERNET OF THINGS

H A N D B O O K

EcoStruxure helps users develop scalable and converged IT/OT systems at every level of an organization or enterprise. It leverages connectivity and data to create controls and actionable insights. The architecture fosters open innovation and interoperability and is developed in partnership with leading standards organizations and best-in-class technology leaders. EcoStruxure provides a portfolio of interoperable and cloudconnected or on-premise features organized around its three layers. The first layer builds on developing connected products with embedded intelligence, such as sensors, medium and low voltage breakers, drives and actuators. The Edge Control layer helps users manage their operations on-premise as well as from the cloud. This management includes connected control platforms with remote access, advanced automation and operator override capabilities. Local control and firewall protection is included for mission-critical applications. EcoStruxure also enables vendor-agnostic apps, analytics and services on open IP protocols to work with any hardware, system, or control. It is designed to meet the core customer challenge of implementing IoT solutions seamlessly, cost-effectively and at scale. Schneider Electric also offers cybersecurity protection services that help industrial customers manage and secure their connected plants. Cyber Update services automatically distribute the company’s operating system patches and endpoint protections, reducing the risk of applying improper patches and updates.

ANALYTICS Rockwell Automation offers FactoryTalk Analytics for Machines, a Microsoft Azure cloud-enabled application that accesses performance analytics from deployed systems. It helps drive productivity and output while reducing maintenance costs. OEMs can embed a FactoryTalk Cloud gateway device onto the machines they provide. Once commissioned, the machine starts collecting data. The data from selected controllers are sent to the FactoryTalk cloud application securely with minimal configuration by either the equipment builder or the end user. The equipment builder then has access to realtime analytics and actionable information through prebuilt dashboards. This is a cloud-based application provided as software-as-a-service (SaaS). “IoT data is noisy and complex to analyze, which has limited its impact on business applications to date. We created Eureqa to overcome this challenge,” said Michael Schmidt, Nutonian’s founder and CTO. Autodesk’s Fusion Connect, an IoT cloud platform, embeds Nutonian’s artificial intelligence odeling engine, Eureqa, to interpret IoT data. Eureqa discovers the simplest possible predictive models from raw data, enabling users to solve datadriven business problems.

It also eliminates potentially unsecure sources of data from affecting plant and business operations. The services, which meet IEC62443 and other leading industry standards, automatically deliver third-party-tested operating system security patches and anti-virus endpoint protection updates through a secure, authenticated and encrypted Windows Software Update Server to a customers’ on-site server.

DESIGN WORLD — EE Network

Feature 2 — EE IoT 04.17 V4.indd 20

4 • 2017

Nutonian, a machine intelligence company, announced an OEM relationship with Autodesk, a global leader in design software and services. Autodesk’s Fusion Connect, an IoT cloud platform, will embed Nutonian’s artificial intelligence (A.I.) modeling engine, Eureqa, to interpret IoT data. Eureqa automatically discovers the simplest possible predictive models from raw data, enabling users to solve data-

eeworldonline.com | designworldonline.com

4/13/17 3:14 PM

No place to replace a battery.

PROVEN

YEAR OPERATING

LIFE

Highly remote locations call for Tadiran batteries. Battery replacement is costly and often dangerous work. Reduce the risk with Tadiran bobbin-type lithium thionyl chloride (LiSOCl2) batteries. With an annual self-discharge rate of just 0.7% per year, Tadiran LiSOCl2 batteries enable low power consuming wireless devices to operate for up to 40 years on a single battery, up to 4 times longer than the competition. Our batteries also feature the highest capacity, highest energy density, and widest temperature range of any lithium cell, plus a glass-tometal hermetic seal for added ruggedness and reliability in extreme environments.

ANNUAL SELF-DISCHARGE TADIRAN

COMPETITORS

0.7%

Up to 3%

Take no chances. Take Tadiran batteries that last a lifetime.

Tadiran Batteries 2001 Marcus Ave. Suite 125E Lake Success, NY 11042 1-800-537-1368 516-621-4980 www.tadiranbat.com

* Tadiran LiSOCL2 batteries feature the lowest annual self-discharge rate of any competitive battery, less than 1% per year, enabling these batteries to operate over 40 years depending on device operating usage. However, this is not an expressed or implied warranty, as each application differs in terms of annual energy consumption and/or operating environment.

Tadiran Batteries_ 4-17.indd 21

4/13/17 1:13 PM

H A N D B O O K

INTERNET OF THINGS

FactoryTalk Analytics for Machines, from Rockwell Automation, is a Microsoft Azure cloud-enabled application that accesses performance analytics from deployed systems. It helps drive productivity and output while reducing maintenance costs.

in the

Heat Curing, Two Part Epoxy EP112LS Outstanding optical clarity & non-yellowing properties Refractive index: 1.55

High temperature resistance

Serviceable from -60°F to +450°F

Reliable electrical insulation Volume resistivity: >1014 ohm-cm

154 Hobart St., Hackensack NJ, 07601 USA ∙ +1.201.343.8983 ∙ main@masterbond.com

driven business problems. With Eureqa enhancing Fusion Connect, companies can automatically churn through connected machine IoT data to predict product failure, receive recommended improvements for product designs and identify potential new designs. Said Bryan Kester, director of IoT at Autodesk, “We evaluated the A.I. and machine learning ecosystem and found Nutonian has many significant advantages that enable us to deliver a one-of-a-kind IoT analytics service.” Eureqa can be used to determine the baseline for how a piece of machinery behaves under normal conditions. If a machine’s sensors indicate abnormal or suboptimal behavior, Fusion Connect’s predictive analytics, powered by Eureqa, will generate end-user alerts and dashboards explaining what’s happening and why. This will enable customers to automatically anticipate machinery maintenance, identify product flaws and develop smart, proactive business processes. Continued Schmidt, “The integrated power of Eureqa and Fusion Connect enables businesses to use IoT data to automatically predict and explain in real time why events happen, like equipment failure or maintenance. With scalable analysis and predictive foresight, businesses can optimize their operations and gain competitive advantage.” RESOURCES

Autodesk Autodesk.com

Rockwell Automation Inc. Rockwell.com

Opto 22 Opto22.com

Schneider Electric Schneider-electric.com

www.masterbond.com 22

Feature 2 — EE IoT 04.17 V4.indd 22

DESIGN WORLD — EE Network

4 • 2017

4/13/17 3:15 PM

THE NEW FACE

The new face of machinery PETER THORNE | DIRECTOR, CAMBASHI

Thanks to interconnected devices, traditional human machine interfaces may no longer be needed.

There

are new ways of interacting with connected products. Why build instrumentation and controls into machines if every user will have a tablet or phone? Just run an app to see the displays and buttons, and operate the machine. Manufacturers will change their approach to development, operations and service. SMARTPHONES AS CONTROLLERS I remember feeling mildly alarmed during a 2012 research interview with a medical equipment designer. At that time, her main project was to estimate the potential cost savings of using the electronics and display of smart phones as part of the control system. The idea was for every user to dock their phone into the equipment. The design study was looking at user identification, login, and privacy. My instant reaction was hygiene - this is medical equipment, are those phones clean? And what about the operating theatre would there be enough staff with phones to operate all the machines? Then the security gorilla reared its head how could anyone be confident the phones were free of malware? Then also in 2012, I first became aware of Ecomove's Qbeak electric vehicle design. At that time, it used a similar concept. The driver docks their phone into the car, and the phone becomes the instrument cluster, sat-nav, and the infotainment system. I don't remember feeling alarmed by the Qbeak. It's a few years ago, but I imagine this means the phone did not control the brakes or steering!

IMAGE COURTES

IST Y OF

NEW IOT INTERACTION WITH PRODUCTS The growth of technologies around the Internet of Things has made these kind of ideas just one part of a whole host of new ways of interacting with all kinds of products.

eeworldonline.com | designworldonline.com

New Face — EE IoT 04.17 V5.indd 23

4 • 2017

DESIGN WORLD — EE Network

4/13/17 3:46 PM

INTERNET OF THINGS

H A N D B O O K

Let’s try and break that statement down. Communication with a connected-product can be both ways - in and out. The communication can be with the product itself, and with its digital twin, and with some variation of the digital twin or its environment - to try out 'what-if' scenarios. Cloud-connected products can be accessed from any Internet access point. The interaction can include any or all of the sensor readings and control settings. Data sources and systems external to the product can be fed into the interaction. For example: • in a production machine, visibility of customer orders helps • for agricultural machines, crop yield histories help farmers to optimize their fertilizer application. • product sensor readings and cloud-based analytics enable predictive maintenance - the technician arrives with the right spare part just before the problem results in unplanned downtime SO WHO NEEDS THOSE DIALS AND SWITCHES? One question, though. If remote control is possible, then what’s the point in having connected product with displays and instruments for local control? Why not remove these expensive components? The connectivity will allow any authorized user with the right app on their phone or tablet to stand beside the machine - or indeed, anywhere on the planet - and use the app to check readings and adjust controls. And the software that provides this capability may offer more than you expect - for example, review of recent control inputs and sensor readings. ADD A TOUCH OF AUGMENTED REALITY Augmented reality (AR) technologies add information to a live video of a product. The video feed could come from: • a camera built-in to the machine • a camera installed so that is has a view of several machines • the camera on an operator's phone or tablet The value comes from breakthroughs. For example, the ability to display an X-ray of the product, which can be used to highlight faulty components. In some use-cases, there's not even any need for the product itself! Why should a distributor tie up capital in a showroom full of machines? Why not markers in place of the machines, and an AR application that provides a viewport for your customers to walk around and study a detailed product image from all angles? Since it's AR, they could see alternative options and configurations, and call up specifications all at the touch of a button (or screen).

DESIGN WORLD — EE Network

New Face — EE IoT 04.17 V5.indd 24

4 • 2017

THE NEED TO CHANGE DEVELOPMENT, OPERATIONS, AND SERVICE With barriers of distance and location eliminated, people, other machines, and external systems can observe a connected product (and its digital twin) and respond in new ways. If you’re involved in product development for machinery, you’ve been thinking about these possibilities for some time. Your priority is probably new product function, and better service options. And, of course, the cost reduction pressure is always there. Obviously, you know what your machines are used for, but this new environment means you need more insight across the whole product lifecycle. What could your machine do to make itself easier to make, test, buy, configure, install, learn-to-use, and operate? Your firm has probably run many initiatives focused on the design-tomanufacturing interface, from early days of developing the manufacturing concept, to creating the process, ramping up to volume, and managing the continuous change to handle manufacturing and field feedback. So the product development process is probably multi-disciplinary, bringing development, manufacturing (and perhaps even service engineers) together to improve decision-making by taking a broad view of the requirements. Of course, when you remove the switches and displays from your machine, you are making some of your manufacturing colleagues' tasks simpler - fewer parts, fewer display, switch and button cut-outs in the exterior panels … so generally simpler production. …and rewrite existing business models. But this view is just the beginning. Taking the visible controls and displays away from a product is a great way of triggering the question "…so who is monitoring and controlling this machine?" This is where your engineering initiative can help develop your organization's business model.

eeworldonline.com | designworldonline.com

4/13/17 3:45 PM

THE NEW FACE

The new control concept makes it easy to see that your company, or a third party, could manage and control the product - for example, from a central service center. Your organization could use possibilities to move from selling products, to selling the use - or even outcomes - of using these products. THE SCOPE GETS BIGGER, AGAIN Removing product switches and displays makes some things simpler, but not enough to turn the tide of growing complexity. Handling the shift to a smart product is tough because of the multiple technologies involved: mechanical, electrical, electronic and software. Trade-off decisions are now even more complex, so much so that a systems-engineering discipline may be needed to avoid a committee vote for every decision! A smart connected product, sold with operation or service agreements, means much stronger connection of the engineering team to the product in operation. Instead of being largely isolated in the old 'development' and 'production' parts of the organization, data streams from the product provide a high fidelity view of the product in operation. This will help calibrate simulations. The new service team will be fiercer than any customer in feedback of any problems. NEW LIFE IN THE FIELD Product function and performance depends on all its components (including the software), as well as the capabilities of the connected back-end systems. So, development engineers (and, of course, the sales and marketing teams) have a new method of providing new capabilities - update the software (and remember to update the as-maintained records). CAUGHT IN THE DATAFLOWS? It is easy to imagine engineering teams getting caught out by the volume, frequency, scope and detail of even these new dataflows, and we haven't even mentioned software configuration and support for resellers wanting to demonstrate the new capabilities, or coordinating a new software baseline with production and test. Fortunately, for most design and manufacturing organizations, this is familiar territory, given that engineering dataflows and processes have been getting more and more complicated for decades, for

4 • 2017

New Face — EE IoT 04.17 V5.indd 25

DESIGN WORLD — EE Network

4/13/17 3:46 PM

INTERNET OF THINGS

H A N D B O O K

a range of reasons including: distributed development teams, global supply chains, and gaining regulatory approvals. Software from the Product Lifecycle Management (PLM) stable provides the tools needed to manage data, and manage workflows. PLM has the structures needed to handle the new dataflows. THE NEW ENGINEERING SOFTWARE BATTLEGROUNDS The transition of smart connected products from the special case (NASA has been building smart connected products for decades) to more widespread adoption is a shift in the tectonic plates of the engineering software landscape. Handling new dataflows is just one example, but there are loads of other opportunities for competing engineering software vendors to gain an edge over their rivals.

Some of the emerging engineering dataflows.

DESIGN WORLD — EE Network

New Face — EE IoT 04.17 V5.indd 26

THINK OF: Agile systems definition: Agile methods are established in software development, and include characteristics that would be described as "just good engineering" by traditionalists and hardware developers. But few tools for agile software development offer the visibility and control needed for exchange of complex requirements databases between customer and a complex supply chain. Configuration management, product line engineering and platform architectures all offer partial answers, but smart connected products will create demand for new agile systems definition tools to support concept and early stage architecture development, capable of driving consistent use of the many early stage simulations product architects will need. ALM or PLM or both? In software development, Application Lifecycle Management (ALM) tools play the role that PLM plays for the physical parts of a product. So how can integrated software/ hardware teams manage their work? There are several ways of answering this question. One is to separate out 'management' of everything into a higher level function that supports access control, versions, workflows, baselines, variants, dependencies … everything excluding the content of the object being managed. Others compete with this concept by creating integrated environments - the Integrated Development Environment (IDE) used in software development is an example - in which authoring and test tools are included, so the result manages the

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 3:47 PM

THE NEW FACE

content as well as the status of the managed objects. Our research interviews have indicated that engineering managers feel that 'software is different,’ yet still expect PLM vendors to take the lead on how to configure tools for integrated hardware/software development. The BoM boundaries. When talking about product definition, the problem has always been "Which Bill?" As designed, as planned, as manufactured, as installed, as maintained - they all have a claim. This situation has been a traditional battle ground between PLM providers and ERP providers. PLM has been secure in control of the engineering parts list. The battle starts as this is translated into the as designed bill of materials. For many companies, this is where ERP takes over, and becomes of the owner of the BoM (bill of materials) used for production scheduling, including all the handling of alternate parts. Similarly, PLM has control of development of the manufacturing process, and the manufacturing process plan for each product, sometimes called the 'Bill-of-Process." But ERP providers can get involved as this gets translated into shop floor documentation and electronic work instructions. Adding embedded software as a component of the product will disrupt this battle. Service and Over-the-Air update: Most service organizations will want to make sure that engineering has no more than read-only access to products in the field. Similarly, service organizations will want control over the applications that handle data (especially alarms) from in-service products. The service organization will want their process of escalation and adherence to service-level-agreements, to take priority over engineering's desire to identify root causes. This is a new and interesting area, because PLM systems already contain all the configuration dependencies. Could PLM be extended so that these dependencies can drive service decisions in the field? Or does service need to own an as-maintained BoM and configurator rules? Test management: Some design methods start with 'how can this capability be tested.' It is also possible to parameterise tests, and link these parameters to product parameters - so the final choice of the product parameter in effect generates the test specification: • Will these concepts help manage and automate test creation and execution for smart products? • To what extent will the tests on software that allow the master version to be released to manufacturing need to be supplemented with further tests once the software is loaded onto the smart product? • Will the simulation environments used during product development define the external operating conditions or the response of the product in a way that allows re-use in testing?

eeworldonline.com | designworldonline.com

New Face — EE IoT 04.17 V5.indd 27

Simulation. Embedded software is critical to smart product performance. Simulation technologies have grown to handle multiphysics and interconnected sub-systems, software is a new technology to handle. The simulation battle ground for engineering software vendors is active on many fronts, including: • simulation data management • the practicality of flexible ways of enabling hardware (and software) "-inthe-loop" as the various prototypes of electronics, sensors, actuators become available • the feedback of actual test and product performance to calibrate and improve simulation models, enabling simulation at an early stage in development • making simulation accessible to a wider range of engineers In addition, as the role of the digital twin of a product becomes larger, there will be more demand for simulation to support product operation decisions. Getting used to a product with no visible means of control is just the start. Security, Internet access, the likely need to replace controllers with new generations of electronics during the lifetime of a machine, these are just some of the new factors for product developers to think about. As with previous technologies, engineering processes and dataflows will adapt. For PLM vendors with ALM capability, this is a time of opportunity - the information their technology holds about a product now has even more value in manufacturing, as well as for operation and maintenance. But ERP vendors will point out that their systems help match processes to costs, and that is often the message budget holders want to hear.

4 • 2017

DESIGN WORLD — EE Network

4/14/17 3:27 PM

INTERNET OF THINGS

Better development systems for IoT apps

H A N D B O O K

It can be tough for engineers to plan IoT systems around services based in the cloud. New generations of development systems simplify the task. WIREN PERERA ON SEMICONDUCTOR

All

indications are that after a longprotracted period of discourse and speculation, 2017 is going to be the year when the Internet of Things (IoT) finally begins to see serious traction. Industry research firm IHS predicted in January that there will be a 15% ramp up in the number of connected devices by the end of the year, resulting in the total number reaching 20 billion. From a fairly early stage, it has been evident to semiconductor manufacturers what IoT implementations were going to need to be effective. The number of IoT nodes is certain to be measured in tens of billions, and in many cases the applications involved will be relatively costsensitive. So the bill-of-materials associated with each node clearly must be a fundamental consideration. The power drawn by each node also must be factored in because a large number of IoT nodes will go into remote locations lacking power lines. Battery-powered operation will therefore be the only viable option. Thus it will be critical to extend battery life for as long as possible (to avoid the time and cost of sending engineers out into the field to replace battery cells). Depending on the application, other factors such as space constraints, harsh application environments, and so forth, could affect the design of the IoT nodes. A variety of communication protocols are destined to be employed within IoT deployments - both wireless and wireline. Some are firmly established,

DESIGN WORLD — EE Network

ON Semi — EE IoT 04.17 V3.indd 28

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 2:51 PM

BETTER DEVELOPMENT SYSTEMS

while some are still emerging. Among the wireline protocols will be power-line communications (PLC), power-overethernet (PoL), KNX and CAN for both industrial and building automation. Most wireless communication protocols will focus on short-range, ultra-low power operation. Examples include Thread, zigbee, and Bluetooth Low Energy (BLE). Other wireless options include Low-Power Wide-Area Network (LPWAN) protocols, which cover long range, low data volumes while dissipating little power (such as SIGFOX). As an alternative to the low-power protocols, there will also be cellular-based protocols for higher performance wide area network (WAN) coverage - such as LTE-M, NarrowBand IoT (NB-IoT) and in a few years’ time, 5G. Sensors/actuators are what will make IoT work. All the data can be captured and subsequently analysed through sensors. Conversely, actuators can be used to drive motors, initiate lighting, etc. Here are a couple of examples where the combination of sensors and actuators (along with the supporting connectivity) will be of real value. In a home/building automation application, a network of passive infrared (PIR) detectors can sense the presence of room occupants and LED drivers can accordingly activate the lighting. An industrial application, such as a large-scale horticultural site, can employ several different sensors to monitor the ambient light, temperature, humidity, soil moisture, and so forth. The system can activate when certain parameters are not within the accepted pre-set thresholds. For instance, if the temperature was too high and had to be regulated, motors could open the greenhouse windows. Alternatively, were light levels not optimal for crop yields, connected LED drivers could make adjustments. The combination of space, cost and power budget restraints all force IoT nodes to follow streamlined design concepts, with no provision for extra functions beyond what they can comfortably support. This strategy will call for use of microprocessor and memory ICs that are budget priced, don’t consume much power or take up excessive board real estate. Therefore, nodes will use cloudbased services (where data can be processed and subsequently analysed) to make up for the

eeworldonline.com | designworldonline.com

ON Semi — EE IoT 04.17 V3.indd 29

limited functions available at individual nodes. The ability to use relevant apps via the cloud will free IoT system designs from node limitations and allow full use of the valuable data that has been captured. To date, electronics hardware vendors and cloud service providers have tackled IoT development in almost total isolation of one another. Both parties have stayed within the boundaries of their own core competencies This practice has, however, limited the proliferation of IoT -- the thought of combining hardware and cloud software development has understandably been offputting. Hardware engineers don’t want to move outside their comfort zone and face the difficulties of writing large amounts of code. Likewise, software developers don’t want to be confined by a development platform that won’t give them enough room to maneuver. IoT implementations have several concerns. At the node level, the primary concern will be making operations as efficient and reliable as possible - so data captured by sensors can be passed back for analysis/manipulation, or actuators can be initiated when needed. The connectivity employed must be optimized for the task at hand. Moving further back through the system, the focus will be on ensuring effective interaction with the cloud. The IoT sector has been in real need of technology that simultaneously addresses the disparate elements involved. Engineers need the connectivity, sensor and actuator functions to create IoT nodes that match application requirements. Software developers need a foundation upon which they can build the cloud-based apps that support the hardware.

The makeup of an ID K

Schematic showing hardware and software elements of ON Semiconductor’s IDK.

4 • 2017

DESIGN WORLD — EE Network

4/14/17 2:38 PM

INTERNET OF THINGS

H A N D B O O K

To date, companies providing development platform software don’t really deal with all the issues discussed here. Hardware offerings are basically single-board solutions that incorporate certain sensor and communication functions. They provide little scope when it comes to matching application requirements. For example, the platform might not support the best connectivity or sensing option, so compromises must be made. What’s called for is more flexibility in the options for supporting typical IoT functions. The dynamics that are defining IoT deployment have given rise to a new type of IoT development platform - one of merit to both hardware engineers and software developers and which factors in their respective aptitudes. The result of this endeavor is the ON Semiconductor IoT Development Kit (IDK). Rather than taking a one-size-fits-all approach, the IDK is modular, meaning there is a far greater choice of options for sensors, actuators and connectivity. It presents engineers with a versatile out-of-the-box development resource which, as well as taking care of the hardware, also incorporates a sophisticated software framework upon which device-to-cloud IoT applications can be built.

Typ i cal ID K system

The IDK is based on the sophisticated NCS36510 system-on-chip (SoC) which has a 32-bit ARM Cortex-M3 processor core and two banks of 320KB flash memory. An extensive range of daughter cards can be attached directly to the baseboard. For connectivity, engineers can pick daughter cards for various wireless and wireline communication protocols such as Thread, zigbee, SIGFOX, CAN, Ethernet, and so forth. For sensors, there are daughter cards that incorporate temperature, motion, moisture, heart rate, ambient light, pressure and bio sensors. In addition, stepper or brushless motor drivers, as well as LED drivers, can be added. Availability of different sensor, actuator and communication functions through a collection of daughter cards lets engineers mix-and-match options to optimize system designs. It addition, hardware engineers, who often lack a good grasp of cloudbased software development, have a simple route to the cloud based services for their IoT systems. Conversely, software developers have ample opportunity to develop their own proprietary services if they choose to. The IDK is backed up by an Eclipse-based integrated development environment (IDE). This comprises a C++ compiler, debugger and code editor, along with an array of application-related libraries. Access to a versatile, configurable platform, such as the IDK, will let engineers hit their design objectives without having to make trade-offs or moving outside their area of expertise. These kinds of development systems will be pivotal in taking a large proportion of IoT systems from the concept phase through to actual deployment.

RESOURCES

ON Semiconductor, Onsemi.com

IDK baseboard accompanied by several daughter cards.

DESIGN WORLD — EE Network

ON Semi — EE IoT 04.17 V3.indd 30

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 2:52 PM

It’s not a web page, it’s an industry information site Stay current with the latest electronic tips, resources, and news, visit eeworldonline.com and stay on Twitter, Google plus, Facebook and Linkedin. It’s updated regularly with relevant technical information and other significant news to the electrical design engineering community.

eeworldonline.com

EE Online house ad 2017.Vers2.LL.indd 31

4/13/17 5:00 PM

INTERNET OF THINGS

H A N D B O O K

Building security into IoT/IIoT end devices WA R R E N K U R I S U | M E N T O R G R A P H I C S

Tools, operating systems, platforms, and services help open new doors for developers building security into their connected, modern-day IoT infrastructure.

Industries

increasingly rely on their connected devices and networks, and they are also becoming aware that they must deter or prevent cyber attacks. It is nearly impossible to field an IoT device that is 100% secure, but software developers and architects can do their part to minimize the chances of a data breach or attack. Many of the precautions required are readily available. In some cases, the thing that needs to be addressed is the mindset around designing for security. Essentially, security can no longer be approached as an after-thought to embedded system design. Security must be considered from the first day a concept begins. The process of building security into a design must be thought of as an investment, rather than a cost nobody cares to cover. Clearly, security is a broad topic that begins with device conception and spans planning, process, activities, and technology. A few key technology topics are useful, if not critical, when building secure IIoT infrastructures. The focus is on IIoT endpoints or edge devices.

Code Authentication requires the use of both a Public Key and a Private Key. The Public Key is made available to everyone on the network via a publicly accessible repository or directory. The Private Key must remain confidential to its respective owner. Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa. This type of authentication realizes a high level of confidentiality.

DESIGN WORLD — EE Network

Mentor Graphics — EE IoT 04.17 V2.indd 32

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 4:03 PM

BUILDING SECURITY

Code authentication is essentially binary operating system (OS) image authentication. Developers can set up their system to check whether data coming in originated from the original equipment manufacturer (OEM). Further, as the developer, you need to investigate whether any of the code has been modified. Code authentication and secureboot authentication are some of the most basic steps developers can take to secure their embedded IoT device. Once the initial boot stage has been confirmed, the process can continue to create a chain of trust. By using the same Public/Private key approach, subsequent executable modules can be downloaded, verified, loaded, and run. This approach becomes particularly interesting in the case of complex devices that might be loading different operating environments and applications, depending on the functional requirements required at any given time. Software developers will be challenged to field complex applications using limited memory resources while also minimizing size, power consumption, and cost. And this situation is where process separation can be used. Process separation that makes use of a system memory management unit (MMU) or memory protection unit (MPU) does not guarantee security. But it does help contain misbehaving applications and keep them from harming other process applications or the kernel itself.

Secure-boot authentication starts by executing a first stage boot loader stored within secure flash memory provided by the Trusted Platform Module (TPM) hardware. This boot loader resides within protected memory so it cannot be replaced by hackers. Also, stored in protected memory is the signature and crypto-key for the second-stage boot loader. The first-stage boot loader calculates the signature of the second-stage boot loader using the hardware crypto support and crypto key. If the calculated signature for the second stage boot loader matches the stored signature, the second stage boot loader is valid and allowed to run.

SPACE PARTITIONING In a full-featured RTOS, such as the Nucleus RTOS from Mentor Graphics, the process model capability offers a light-weight approach for space partitioning that creates protected memory regions. This partitioning, in turn, offers full isolation of kernel and middleware resources. Consequently, scribblers, stack overflows, rogue pointers, etc., in application code cannot corrupt or interfere with system software operation. Utilizing the MMU or MPU, the Nucleus process model partitions memory to create protected memory regions without virtualizing memory – which is extremely important for performance and in constrained spaces where a minimal footprint is essential. Space partitioning provides the framework to load new applications using cloud services, or the ability to partition large algorithms into smaller components that load slightly ahead of execution time. As with using a process model, running a safety-certified operating system by itself does not guarantee security. However, by building on top of a safety-certified foundation, developers have an additional level of confidence that the code will behave as intended, which improves system reliability. Safety-certified environments also help avoid situations that might result from software faults that could cascade across the system and result in security vulnerabilities in unrelated sections of code.

Chain of Trust starts from the root, or the hardware. The process begins at the authentication step to make sure the hardware authenticates the boot ROM, the boot ROM authenticates operating systems, and then, of course, the operating systems authenticate the application layer. The goal of this strategy is to prevent applications from executing before they have been signed and authenticated. When the system is up and running, the procedure is to look at every file that is downloaded, ensuring it’s signed and authenticated.

eeworldonline.com | designworldonline.com

Mentor Graphics — EE IoT 04.17 V2.indd 33

4 • 2017

DESIGN WORLD — EE Network

4/13/17 4:03 PM

INTERNET OF THINGS

H A N D B O O K

Nucleus SafetyCert RTOS allows developers to shorten the path to regulatory certification. It encompasses a complete certified solution that includes artifacts required for the development of mission-critical applications. This safetycertified RTOS has been documented to meet the certification requirements for IoT devices requiring International Electrotechnical Commission (IEC) standard 61508 SIL 3 certification. SECURITY THROUGH ARM TRUSTZONE ARM TrustZone architecture carves out or segregates a hardware subset of the SoC. It does this by defining processors, peripherals, memory addresses, and even areas of L2 cache to run as “secure” or “non-secure” hardware. An SoC that utilizes ARM TrustZone technology can dynamically, with only a few clock cycles delay, transition a system into “secure world” processing, where a subset of the hardware is partitioned, and data and processing is completely invisible to the rest of the system. The normal world (or non-secure world) created and enforced by the ARM TrustZone can be used to define a hardware subset of the SoC. ARM TrustZone ensures that non-secure processing can access only non-secure resources and receive only non-secure interrupts. For example, a normal-world hardware subset might

The ARM TrustZone is well-suited for single-core configurations. Mentor Embedded Multicore Framework plays a key role in such a scenario.

DESIGN WORLD — EE Network

Mentor Graphics — EE IoT 04.17 V2.indd 34

4 • 2017

include the UART and USB interface, but exclude Ethernet access. The Ethernet might instead be dedicated to the secure world where a separate RTOS or application runs for the sole purpose of managing all Ethernet traffic, independent of the normal world software stack. ARM TrustZone architecture contributes to the overall system security by preventing normal-world software from accessing the secure-world resources. It is important to understand that ARM TrustZone does little to improve the safety or security of the software that runs in the secure world except to prevent unwanted secure-world access by normal-world software. It goes without saying that for the secure world to be completely trusted, the system must initially boot in a trusted state (see the earlier discussion about trusted boot). Beyond that, it is the developer who determines which software is “trusted,” typically through rigorous development processes, testing, certification, and supporting a “chain of trust” strategy in the secure world. All in all, IIoT system security is a complex subject. Security for an IIoT edge device involves secure boot, code authentication, chain of trust, and several other well-known measures. These fundamental security capabilities should be part of any connected device development. RESOURCES

Mentor Graphics, ARM-based design, mentor.com/embedded-software/iot/

The ARM TrustZone is also well-suited for multicore architectures. Mentor Embedded Multicore Framework plays a significant role in this scenario as well.

eeworldonline.com | designworldonline.com

5/31/17 8:42 AM

THWARTING HACKERS

Thwarting hackers on the IoT C H R I S T O P H E T R E M L E T, SCOTT JONES M A X I M I N T E G R AT E D

A few best practices can drastically improve the security of IoT devices and help maximize the benefits they provide.

The

news back in March was certainly alarming – WikiLeaks announced it had internal CIA documents revealing that the spy agency had found a way to access Android and Apple smartphones, Samsung smart TVs, and internet-enabled cars. The leak named dozens of device-specific vulnerabilities and attacks. A regular string of headlines brings stories about the hacking of seemingly innocuous items like baby monitors, home security cameras, and even dolls. The scary part is, entry into these types of devices can potentially open avenues into the larger enterprise network. From here, scenarios such as spying, physical break-ins, identity theft, malware injection, and further attacks can become reality. Unfortunately, the smarter and more connected our devices, the more vulnerable they can be to hackers. Scripts and bots are on the hunt, randomly scanning ports for opportunities to attack. Products themselves are often developed with plenty of entry points and little in the way of security. For example, proprietary RF technology may lack authentication or encryption. Sometimes, the issue is on the part of the end user employing default passwords and usernames, not updating apps, or using weak passwords on vulnerable devices such as routers.

eeworldonline.com | designworldonline.com

Maxim — EE IoT 04.17 V2.indd 35

There are more than six billion connected devices in use globally, expected to hit 20 billion by 2020. So the stakes certainly are high—for both hackers and their victims. ForeScout’s IoT Enterprise Risk Report1, developed with research by ethical hacker Samy Kamkar, identified seven internet of things (IoT) devices that can be hacked in just three minutes: • IP-connected security systems • IP-connected infrastructure such as climate control and energy meters • Smart video conferencing systems • Connected printers • Voice-over-IP phones • Smart refrigerators • Smart lightbulbs

4 • 2017

DESIGN WORLD — EE Network

4/13/17 4:17 PM

INTERNET OF THINGS H A N D B O O K

The report says hackers who gain access to these devices can plant backdoors that let them launch automated IoT botnet distributed denial-of-service (DDoS) attacks. For example, with smart enterprise security systems, the threat is that cybercriminals could use jamming or spoofing techniques to gain control over motion sensors, locks, and surveillance equipment. Configuration settings of VoIP phones can be exploited to evade authentication—and unveil opportunities to listen in on and record calls. And the breaching of connected HVAC systems and energy meters could let criminals manipulate them to, for instance, overheat critical infrastructure. For those on the wrong side of the law, pursuing an attack often comes down to a risk-versus-reward game. So it’s up to their opponents—including design engineers—to build-in security early in a design. Often, though, design security is an afterthought because of the perceived cost and time involved in implementing it. Addressing security when it’s too late comes with drawbacks, too, as a “bandaid” approach doesn’t necessarily seal all potential points of entry. A completely unbreakable security system isn’t realistic, but it is feasible to design products that incorporate state-of-the-art cryptographic protection that can only be hacked with a large investment in both money and time. A connected product must be infused with security from the sensor to the cloud. It’s important to verify all connections and interfaces, comply with appropriate standards, and root out possible issues via quality assurance testing. For example, implementing secure boot helps ensure that an electronic device only operates when it executes authenticated (trusted) software. A secure IC with dedicated functionality can help accomplish this level of security, and more.

Maxim — EE IoT 04.17 V2.indd 36

DESIGN WORLD — EE Network

4 • 2017

4/13/17 4:21 PM

THWARTING HACKERS

Asymmetric key authentication relies on public and private keys.

It is critical to deploy technology that provides an authenticated data chain, from a protected sensor node to the web server. Also important is strong protection of the IoT device via a secure microcontroller, for example, one that provides a secure boot and can establish secure communication between the host system and device. Secure authentication is essential, offering the assurance that an IoT device and any endpoints are genuine, trusted, and safe. Also important is ensuring that the information either consumed or produced by the device has cryptographic integrity. There are different methods for implementing authentication. They range from password-based, which is weak, to the stronger cryptographic digital signature method. This latter method comes in two different flavors of algorithms: symmetric and asymmetric. We’ll take a closer look at each approach. Symmetric cryptography-based authentication utilizes a shared secret key between the host and the device to be authenticated. This shared key is securely stored in both locations and never disclosed. The host sends a random number, the challenge, to the device. The device then computes a digital signature as a function of the secret and the challenge, sending it back to the host. Next, the host runs the same computation and compares the result. The device is considered authentic if both computations match. Similarly, the host could request information from the device by sending a command with a random challenge. The device would generate the information -- for example an environmental measurement -- and compute a digital signature with the secret, challenge, and measurement, sending the signature and measurement back to the host. For this example, the host can verify the measurement has not been modified and comes from an authentic device.

eeworldonline.com | designworldonline.com

Maxim — EE IoT 04.17 V2.indd 37

It is critical to use a function with adequate mathematical properties to ensure the result can’t be mimicked, known as a replay attack. SHA-256 and similar secure hash functions meet this need. In fact, because SHA-256 is non-reversible, it is computationally infeasible to determine the input, which includes the secret, corresponding to a message authentication code (MAC). They’re collision-resistant as well, making it impractical to find more than one input message producing a given MAC. These characteristics make SHA-256 highly effective for secure authentication. For a comparable security level, symmetric key authentication offers less algorithm complexity and shorter computation time than another approach called asymmetric cryptography. However, the shared key requirement results in a key distribution challenge. ASYMMETRIC CRYPTOGRAPHY Asymmetric cryptography-based authentication uses a mathematically linked key pair, a private key and public key. Only the device that needs to be authenticated knows the private key. The public key, on the other hand, can be shared with any entity with a requirement to authenticate the device. As with symmetric cryptography, the host sends a challenge to the device. The device then computes a signature based on the challenge and the private key, sending it back to the host. In this method, the host uses the public key to verify the signature. Also, as in the previous example, information consumed or produced by the device can be authenticated within this asymmetric structure. Again, the function used to compute the signature must have certain mathematic properties to prevent replay attempts and key disclosure. An efficient solution for embedded environments is the asymmetric Elliptic Curve Digital Signature Algorithm (ECDSA). It provides strong security for systems where it’s hard or even impossible to secure host keys. As compared to the symmetric

4 • 2017

DESIGN WORLD — EE Network

4/14/17 2:39 PM

H A N D B O O K

INTERNET OF THINGS 38

approach, asymmetric key authentication has a more complex algorithm Authentication based on symmetric cryptography relies on a secret number and longer computation shared between the host and the device. time for a comparable security level. However, For example, Maxim’s MAXREFDES155# IoT key distribution is efficient given there’s no security embedded security reference design provides a risk in openly transmitting a public key. means to implement ECDSA public-key asymmetric Secure microcontrollers and authenticators, cryptography to protect IoT devices and data paths. such as those offered by Maxim’s DeepCover Optionally, the MAXREFDES143# protects devices portfolio, integrate advanced hardware-based and data paths with SHA-256 secret-key cryptography. cryptography with physical security to provide Use of these reference designs can help simplify the strong protection against tampering and reverse process of developing devices that can authenticate engineering. In the portfolio are microcontroller and and manage a sensing node with control and authenticator products that support both symmetric notification from a web server or a network controller. and asymmetric cryptography for digital signature, The task of designing security for an IoT design authentication, and encryption algorithms. needn’t be onerous, nor must it be costly. Developers The devices selectively have hardware just need to ensure the amount of security tips the accelerators for SHA, RSA, ECDSA, and AES, a full risk-versus-reward balance. A system that is too cryptography library with a turnkey API aligned to difficult, expensive, and/or time-consuming to hack standards, and built-in secure boot capabilities to could turn the attention of cybercriminals toward guarantee firmware or file download authenticity. other devices with more lax security. One example is the DeepCover cryptographic Furthermore, technologies like secure controller for embedded devices, the MAXQ1061. microcontrollers and authenticators, along with fully A turnkey pre-programmed secure microcontroller, integrated reference designs, make it faster and the MAXQ1061 offers secure key storage, digital easier to guard designs from the prying intentions signature, and encryption services. of hackers. Design safeguarding can go a long way To shorten design time and accelerate time in protecting reputations, customer experiences, to market, Maxim provides an evaluation kit that networks, and, ultimately, bottom lines. can plug directly onto a Raspberry Pi board. A comprehensive set of software libraries including a full TLS stack makes it a turnkey solution. Reference designs provide another way to RESOURCES design for security early on and efficiently. Today’s high-quality reference designs are highly integrated ForeScout IoT Enterprise Risk Report, and thoroughly vetted. Providing much more than Forescout.com/wp-content/uploads/ just hardware and source software, good reference 2016/10/iot-enterprise-risk-report.pdf designs now commonly include Gerber files, test data, a detailed bill of materials (BOM), drivers, and Maxim Integrated, Maximintegrated.com evaluation and development tools.

DESIGN WORLD — EE Network

Maxim — EE IoT 04.17 V2.indd 38

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 4:25 PM

BATTERIES BOOST WIRELESS CONNECTIVITY

Batteries boost wireless connectivity to the IIoT S O L J A C O B S | TA D I R A N B AT T E R I E S

Self-powered electronic devices that define the Industrial Internet of Things (IIoT) have special needs that can be addressed through the judicious selection of battery chemistry.

Going

‘truly wireless’ typically necessitates the use of primary (non-rechargeable) or rechargeable lithium-ion (Li-ion) batteries. Besides untethering applications from ac lines, use of rechargeable batteries eliminates the need for hard-wiring, which costs roughly $100/ft. or more. And the cost of hardwiring often skyrockets in industrial settings due to environmental, regulatory and permitting requirements. Application requirements dictate the choice of battery. For example, a device that is easily accessible and that operates within a moderate temperature range may be able to suffice with a consumer grade battery. However, the low initial cost of consumer cells can end up making the total lifetime cost expensive. One reason: Total lifetime cost factors in all expenses associated with future battery replacements. Generally, the more remote the application, the greater the need for an industrial grade battery. As the lightest non-gaseous metal, lithium offers the highest specific energy (energy per unit weight) and energy density (energy per unit volume) of any battery type. Lithium cells feature a normal operating current voltage (OCV) ranging from 2.7 to 3.6 V. Lithium chemistries are also non-aqueous, with the absence of water allowing certain cells to deliver an extended temperature range of –55 to 125°C. Wireless devices that draw low average daily current are predominantly powered by bobbin-type lithium thionyl chloride (LiSOCl2) batteries that offer exceptional performance qualities,

eeworldonline.com | designworldonline.com

Tadiran — EE IoT 04.17 V2.indd 39

4 • 2017

DESIGN WORLD — EE Network

4/13/17 4:30 PM

INTERNET OF THINGS

H A N D B O O K

including the highest energy density, highest capacity, the widest temperature range, and extremely low annual self-discharge rate. These performance qualities permit the construction of small power sources having incredibly long operating lives. Certain cells can operate for up to 40 years. Standard bobbin-type LiSOCl2 cells are not designed to deliver high pulses, so they must be combined with a patented hybrid layer capacitor (HLC) to serve high-pulse applications. The standard LiSOCl2 cell delivers low background current to power the device in stand-by mode, while the HLC delivers the periodic high pulses necessary for wireless communications. Consumer electronic devices often rely on supercapacitors to store the energy for high pulses in an electrostatic field rather than as chemical energy. However, supercapacitors are poorly suited for most industrial applications because of inherent limitations that include short-duration power, linear discharge qualities that do not allow for use of all the available energy, low capacity, low energy density, and high self-discharge (up to 60% per year). Supercapacitors linked in series also require cell-balancing circuits that draw additional current.

DESIGN WORLD — EE Network

Tadiran — EE IoT 04.17 V2.indd 40

4 • 2017

Bobbin-type LiSOCl2 batteries were first deployed back in the 1980s to power meter transmitter units (MTUs) for water and gas utilities. In the process of being replaced by newer generation devices, these pioneering RFID devices were tested and found to still have plenty of available capacity even after 28+ years in the field. But such incredible long-life is not a guaranteed certainty. Inferior quality bobbin-type LiSOCl2 batteries can exhibit annual self-discharge rates two or three times higher than leading brands. This is important, as many devices lose more energy through annual battery self-discharge than through actual battery use. A bobbin-type LiSOCl2 battery is manufactured such that the quality of its raw materials can greatly impact the self-discharge rate. For instance, a superior quality bobbin-type LiSOCl2 cell can feature a selfdischarge rate of 0.7% per year, retaining 70% of its original capacity after 40 years. By contrast, a lesser quality bobbin-type LiSOCl2 cell can have a 3% annual self-discharge rate, thus exhausting 30% of its capacity every 10 years, making 40-year battery life virtually impossible. These performance differences may not become apparent for over a decade, so thorough diligence is required when evaluating competing brands.

eeworldonline.com | designworldonline.com

4/13/17 4:31 PM

BATTERIES BOOST WIRELESS CONNECTIVITY

When specifying a battery for long-term deployment remotely or in extreme environments, engineers need to predict the depletion of available battery capacity over time based on a variety of factors. These factors include annual self-discharge rate, low voltage point at load, and temperature. Instead of relying on theoretical data, calculations should be based on actual historic test data and then be further validated by actual results from the field. Such intensive long-term testing should be performed multiple ways to cross check results. Here is a brief overview of just a few of the recommended test procedures: 1. Actual long term testing – Many cells of different ages are tested concurrently in the lab for decades to demonstrate that they can still operate reliably under different loads and test profiles. 2. Accelerated testing – A method known as the Arrhenius test (two-fold increase of reaction rate for every 10°C rise in temperature) reduces the amount of time needed to run tests on extremely long-term applications. Arrhenius tests should take place at 72°C (equivalent to roughly 32 lifetimes compared to operation at 22°C). It is important to interpret these test results properly, as an inferior cell that suffers from passivation can show a false positive result. Therefore, it is important not just to store a cell at 72°C and then perform the test, but to actually test the cell during 72°C storage. The following example highlights the importance of accelerated testing: Sample cells are tested at 72°C for one month while enough current is drawn to fully deplete each battery after one month. The same test is performed for two months at a rate of energy consumption that depletes the battery after two months. Other cells are similarly tested for three, four, five and six months, one year, and for 90 months, which is equivalent to hundreds of years of operation. After one and two-month testing, bobbin-type LiSOCl2 cells designed for decades of operation may exhibit extremely low capacity. The reason is they are not meant to be depleted so quickly -- lithium batteries can be designed either to deliver a high use rate or a low self-discharge rate, but not both. By contrast, cells designed for shorter operating lives will exhibit higher available capacity at such fast discharge rates, but their self-discharge rate will be higher in other tests. Starting with the three-month test at 72°C (the equivalent of eight years of operation at 22°C) the higher self-discharge rate of competing cells starts to become apparent. The better-quality cells will demonstrate higher available capacity, indicating a lower self-discharge rate. The longer this test is performed, the greater the margin of difference between the cells. This is a clear indication that the superior battery is losing less available capacity to self-discharge. Better quality cells can run for 90 months at 72°C (the equivalent of hundreds of years). 3. Calorimeter testing – Calorimeters test the self-discharge of a battery by measuring any rise in temperature of water surrounding the battery;

eeworldonline.com | designworldonline.com

Tadiran — EE IoT 04.17 V2.indd 41

Resensys sensors monitor important structural quantities such as strain, cracks, vibration, tilt, inclination, moisture, and humidity in real time. When installed on a bridge or other infrastructure element, the sensor transmits data wirelessly, powered by a Tadiran bobbin-type LiSOCl2 battery that features a self-discharge rate of 0.7% per year, thus allowing a long guaranteed service life.

4 • 2017

DESIGN WORLD — EE Network

4/13/17 4:31 PM

INTERNET OF THINGS

H A N D B O O K

these calories of energy are caused by battery self-discharge. Before undergoing this test, the battery should be completely stabilized for one year to ensure reliable results. 4. Field results – In addition to laboratory testing that calculates projected annual self-discharge rates, actual results from the field can provide additional validation. For every product application, developers should sample batteries to ensure the amount of capacity left in the battery coincides with predictive models generated by ongoing test data. Another way to measure IPS solar-powered parking meters use industrial grade rechargeable Li-ion batteries to form mesh networks long-term battery performance that deliver true wireless connectivity to the IIoT. is by counting the number of FITs (Failures In Time) in billions of device operating hours. A comparatively low FIT rate ranging between five and 20 further operate mainly in a low-power, standverifies the accuracy of the various test procedures. by mode, periodically drawing high 5. Lithium titration – In special instances where historical data pulses for a short duration to initiate points are not available (i.e. extreme temperature, prolonged data retrieval and transmission. A high current pulses, short life time applications, etc.) cells are standard bobbin-type LiSOCl2 battery tested to verify the precise amount of lithium remaining in the supplies the low-current power while anode under specific test conditions (i.e. partial discharge, the HLC delivers pulses up to 15 A. temperature soaking, etc.). For example, after a battery has Batteries with extended lifetimes need been tested for several months at elevated temperature fewer replacements throughout the life and various discharge currents, it is cut open to dissolve its of the meters. And they greatly reduce remaining lithium. From the titration test results, one can the risk of a premature system-wide calculate the self-discharge rate as a function of the applied battery failure that can prove costly by currents and/or temperature. The higher the self-discharge rate, disrupting normal billing cycles. the less lithium will remain in the cell. Structural integrity sensors 6. Competitive testing - Similar testing should take place measure stress, strain, tilt, inclination, on competing batteries as a basis of comparison. Before vibration, displacement, deformation, performing these tests, verify that all cells have been in use for temperature, and humidity in about one year to both ensure they are properly stabilized and applications that include bridges, to show the influence of any impurities in the electrolyte. tunnels, large commercial buildings, towers, and pipelines. Resensys REAL EXAMPLES manufactures SenSpot structural Long-term testing has provided a growing body of empirical data integrity sensors that draw only indicating that 40-year battery operating life is indeed achievable for microamps of energy while taking IIoT applications. Here are some real-life examples demonstrating measurements once a minute. They the importance of extended battery life: use a standard ½ AA LiSOCl2 battery. Advanced AMR/AMI meter reading devices used by water and They also use a proprietary low power gas utilities now identify leaks, track customer usage and billing, and communications protocol to minimize allow for remote shut-off and reactivation. These wireless devices energy consumption.

DESIGN WORLD — EE Network

Tadiran — EE IoT 04.17 V2.indd 42

4 • 2017

eeworldonline.com | designworldonline.com

4/13/17 4:32 PM

BATTERIES BOOST WIRELESS CONNECTIVITY

Resensys chose a bobbin-type LiSOCl2 battery that features a self-discharge rate of 0.7% per year, thus allowing a long guaranteed service life. The cost of accessing a sensor attached to a bridge abutment far exceeds the cost of the sensor itself, so it was critical that Resensys offer long-term, no-maintenance power that works reliably in all environments. The question sometimes arises about the difference between inexpensive consumer grade rechargeable Li-ion cells and more rugged industrial versions. Consumer grade Li-ion batteries have a life expectancy of less than five years and 500 recharge cycles. They also operate within a moderate temperature range of 0 - 40°C. For applications involving remote, inaccessible locations and extreme temperatures, an industrial grade rechargeable Li-ion battery has been developed that delivers up to 20 years of operating life with 5,000 full recharge cycles. It also works over an expanded temperature range of -40 to 85°C, and can deliver high pulses (5A for a AA-size cell). Industrial grade Li-ion cells are constructed with a hermetic seal, whereas consumer grade rechargeable batteries use crimped seals that may leak. For example, IPS solar-powered parking meters use industrial grade rechargeable Li-ion batteries to deliver true wireless connectivity to

the IIoT. They save millions of dollars in initial installation costs by eliminating the need to hardwire metropolitan sidewalks. These wireless networked solar powered parking meters are state-of-the-art and include multiple payment system options; access to real-time data; integration to vehicle detection sensors; user guidance and enforcement modules. All parking meters are wirelessly networked to a comprehensive web-based management system. Small photovoltaic panels gather solar energy, with industrial grade rechargeable Li-ion batteries used to store energy and to deliver the high pulses required for advanced, two-way wireless communications, thus ensuring 24/7/365 system reliability for up to 20 years. Technological advancements are creating dynamic opportunities for bobbin-type LiSOCl2 batteries and industrial grade Li-ion rechargeable batteries to deliver intelligent, long-term power to all sorts of remote wireless devices, thus enabling the IIoT to become truly wireless.

RESOURCES

Tadiran Tadiranbat.com

XEL6030 Power Inductors for

High Switching Frequencies Superior current handling ... up to 41.0 Amps Extremely low DCR ... and ultra-low AC losses Optimized for high frequencies ... up to 5+ MHz Soft saturation ... withstands high current spikes Compact footprint: 6.36 x 6.56 mm

Tadiran — EE IoT 04.17 V2.indd 43

Request Free Samples @ coilcraft.com 4/13/17 4:33 PM

INTERNET OF THINGS

H A N D B O O K

The case for multiprotocol, multiband connectivity in the IoT T O M PA N N E L L | S I L I C O N L A B S

Wireless protocols that are widely used in the IoT have a lot of common attributes. Multiprotocol SoCs able to run them all can simplify many kinds of wireless designs.

have many innate expectations for controlling the myriad devices and systems in our lives. When I enter a room in my home or office, I expect to be able to control the lights with a switch. When I leave home, I expect to set my security alarm and lock the door. Many of these systems are already installed and part of a wellestablished infrastructure. The promise of the Internet of Things (IoT) is changing our expectations. Now, I expect to be able to monitor and control the temperature of my home remotely through my smartphone. I expect my office building to inherently conserve energy by turning off lights when no one is present. I expect the building to “know” when I am there and make sure my surroundings are comfortable and safe. To enable our increasingly connected world, countless IoT devices and systems have been deployed that we barely notice. Wireless security systems, access cards, occupancy sensors, remote temperature sensors, and many other connected devices are omnipresent in our homes, offices, factories, and urban infrastructure. The complex network of wired and wireless sensors that underpins the IoT has been developed and deployed over decades. To replace these sensor networks would be an expensive proposition.

DESIGN WORLD — EE Network

Silicon Labs — EE IoT 04.17 V2.indd 44

4 • 2017

The promise of the IoT is raising the bar. New wireless-sensor-node deployments are now much easier with the advent of multiprotocol technology. This technology includes hardware and software that enables a single system-on-chip (SoC) device to support multiple wireless protocols such as Bluetooth low energy, zigbee and Thread. And it spans multiple frequencies scaling from sub-gigahertz bands to 2.4 GHz. However, because IoT infrastructure is built on legacy systems, we must also consider the challenge of adding new 802.15.4 wireless technologies to existing infrastructure deployed in the early days of the IoT. The support of legacy systems is not the only challenge. In addition, there is a complexity that arises out of the competing protocol standards often used to solve similar connectivity challenges. A TYPICAL IoT NODE The first thing to understand about the vast web of sensor networks around us is that they are based on microcontroller (MCU) technology coupled with some sort of sensing element. Together they convert the analog surroundings to digital packets. Once quantized, data often must go to the cloud for further processing. The transport method of choice in many cases is wireless. The wireless sensor data

eeworldonline.com | designworldonline.com

4/14/17 8:28 AM

THE CASE

packets are generally small, and the wireless nodes themselves must make efficient use of size, cost and power. To accomplish this connectivity in the past, many suppliers used sub-gigahertz radio frequencies as well as lightweight wireless protocols optimized for battery life. They were forced to create their own protocols out of necessity because existing options were too power hungry or didn’t extend to the desired range. Now, however, there are many robust, power-efficient, standards-based options available to developers including Zigbee, Thread and Bluetooth low energy (BLE). IoT device designers often face a dilemma in designing a single product able to work with all these wireless standards while minimizing BOM cost and complexity. Few device makers have the resources or time to create special designs supporting every possible wireless standard used in the IoT.

Switched multiprotocol schemes let connected devices change the wireless protocol they run by boot-loading a new firmware image when the device is already deployed in the field. For example, this technique may use smartphone connectivity to switch from Bluetooth low energy to zigbee, Thread, or other wireless networks.

Industry's Lowest On-Resistance Ultra-Junction MOSFETs at 650V and 850V Enabling Very High Power Density

Part Number IXFB150N65X2 IXFN150N65X2 IXFN170N65X2 IXFB90N85X IXFN90N85X IXFN110N85X

VDSS (V) 650 650 650 850 850 850

RDS(on) max. TJ=25°C (mΩ) 17 17 13 41 41 33

Features: • • • • •

Ultra low on-resistance RDS(on) and gate charge Qg Fast body diode Superior dv/dt ruggedness Avalanche capability Low package inductance

Qg typ.

EAS

dv/dt

(nC) 355 355 434 340 340 425

(J) 4 4 5 4 4 3

(V/ns) 50 50 50 50 50 50

Package Type PLUS264™ SOT-227 SOT-227 PLUS264™ SOT-227 SOT-227

SOT-227

Applications: • • • • • • •

High-eﬃciency switched-mode and resonant-mode power supplies Electric vehicle battery chargers AC and DC motor drives DC-DC converters Robotics and servo control Power Factor Correction (PFC) circuits Renewable energy inverters EUROPE IXYS GmbH marcom@ixys.de +49 (0) 6206-503-249

USA IXYS Power sales@ixys.com +1 408-457-9042

PLUS264

ASIA IXYS Taiwan/IXYS Korea sales@ixys.com.tw sales@ixyskorea.com

www.ixys.com

eeworldonline.com | designworldonline.com

Silicon Labs — EE IoT 04.17 V2.indd 45

4 • 2017

DESIGN WORLD — EE Network

4/14/17 8:30 AM

INTERNET OF THINGS

H A N D B O O K

independently without adding bloat or inefficiency. When two stacks run on the same SoC with shared hardware, the implementation must take place in a way that maintains the integrity of the network. This is an intricate task. Multiprotocol/multiband systems are proving to be useful in a wide variety of uses. Programmable multiprotocol connectivity is the easiest use to explain and implement. Engineering managers recognize a lot of code reuse and efficiency can be gained when a single device can be deployed across many end products. Engineers can specify a single SoC part number that can run zigbee, Thread, BLE, or proprietary protocols. They can then decide at the time of production whether the product will run Bluetooth or operate as a sub-gigahertz product. This approach enables manufacturers to minimize financial exposure while maintaining maximum flexibility in production. Switched multiprotocol has a strong value proposition for the end consumer. This technology, for example, enables installers on job sites to provision and calibrate products via smartphone apps. This feature is particularly useful when deploying a Thread or zigbee node. Provisioning across a wide range of networks can be difficult. Switched multiprotocol technology simplifies this task

Multiprotocol, multiband SoCs free developers from this design dilemma by supporting sub-gigahertz proprietary frequencies as well as standards-based protocols in the 2.4GHz band – all within one highly integrated device. Ideally, a multiprotocol, multiband SoC features a wireless transceiver with two radio paths: one for sub-gigahertz and one for 2.4 GHz transmissions. This integrated radio architecture gives IoT developers a lot of leeway for fielding diverse applications. Consider the signal chain of a typical multiband transceiver integrated into a wireless SoC. Some elements of the radio transceiver are shared and some are separate. For example, the RF portion must have separate elements to handle the different frequency requirements. But the modem -- which consists of a modulator, demodulator and some of the encryption hardware -- can be shared across both radio frontends. This radio architecture creates a highly optimized, consistent and economical approach to multiprotocol, multiband SoC design. Different protocol stacks can share the modem to implement various communications standards. The modem is also multiplexed between RF portions to receive and transmit packets. This shared architecture is also well suited to software development because it provides a common interface to the radio functions. So it allows developers to create a radio configuration layer that can be shared between different protocol stacks. The software necessary to implement a multiprotocol, multiband system is complex. Wireless protocol stacks must be efficient and must work across a broad set of hardware products. They must also work in multithreaded environments with real-time operating systems (RTOS). In a multiprotocol application, the stacks must work seamlessly together or

Table 1 . Mult iprotcol use cases Type

Complexity

Description

Example Use Case

Programmable

Low

Protocol programmed at manufacturing

Create single design that can be configured for either BLE or zigbee

Switched

Medium

Application can switch between 2 protocols via a bootloader

Simplify zigbee sensor setup with BLE commissioning

High

Application time-slices between 2 protocols

Combine BLE beacons and local smart phone control with a zigbee connected light

High

Application operates on 2 networks using multiple protocols and a single radio (same RF channel)

Home gateway supporting both zigbee and Thread

Dynamic

Concurrent

DESIGN WORLD — EE Network

Silicon Labs — EE IoT 04.17 V2.indd 46

4 • 2017

Four types of multiprotocol use cases that are common in IoT applications.

eeworldonline.com | designworldonline.com

4/14/17 8:34 AM

THE CASE

by enabling an IoT product to start its life using BLE and then be provisioned and switched to some other protocol for mesh networking. The advantage of switched multiprotocol over dynamic multiprotocol is that fewer device resources are required because there is no need to physically store and run multiple protocols among multiple wireless devices. With dynamic multiprotocol, it is possible to support two protocols (or more) with one SoC by time-sharing physical resources. Dynamic multiprotocol generally uses more device resources, such as flash memory, and has a more complex software architecture. It also requires careful radio design to dynamically share radio resources among dissimilar protocols. Although dynamic multiprotocol schemes use more hardware resources, this tends to An illustration of dynamic multiprotocol connectivity with three be a small, incremental tradeoff considering communication stacks running on a single radio. A time-slicing the value this approach brings. In many cases, mechanism shares the radio between protocols. This dynamic approach allows use of Bluetooth low energy with other wireless dynamic multiprotocol techniques reduce protocols. In this simple illustration, a device that normally operates design complexity and overall system cost by on zigbee periodically uses the Bluetooth beacon function. at least 50%. These savings come from using only one SoC device instead of two or more ICs with a distributed rules engine and dissimilar stack architectures. A single conflicts arise and/or energy is wasted. multiprotocol SoC coupled with a robust RTOS, well-designed wireless Wasted CPU cycles can have a devastating stacks, and the local application can easily implement an IoT design effect on battery life. Inefficiency in the requiring multiple modes of connectivity. stacks can also result in a need for more Concurrent multiprotocol is particularly useful in a gateway design memory, which drives up system cost. To deploying Thread and zigbee networks. Here, many software and hardware ensure successful applications, developers resources can be reused as-is because of the similarities among protocols must carefully consider each component and radio configurations. For example, Thread and zigbee share the same such as the device hardware (SoC or PHY and MAC layers, minimizing the need to reconfigure the transceiver. module), radio schedulers, stacks, and In addition, Thread and zigbee share some common elements higher in RTOS. the communication stack, which makes resource sharing more efficient and The need for multiprotocol, multiband straightforward to manage. Consequently, devices can use a smaller memory solutions will continue to proliferate because footprint, which can help reduce cost in the end product. no single wireless protocol is perfect for every IoT application. In a more connected PUTTING IT ALL TOGETHER world, we will continue to see connected Only a handful of SoC suppliers are currently delivering multiprotocol devices and embedded software growing products based on highly integrated SoCs and optimized software. Even ever more complex to serve the diverse fewer offer the development tools necessary to simplify the complexities needs of the IoT. of multiprotocol wireless design. It can be challenging to field a system in which the stacks work seamlessly with each other. What can make things difficult is that sometimes wireless design teams are spread around the world, have different design goals, or may be part of different business units. When multiple stacks come from different companies or community sources, it can be tough to fashion a reliable system out of them that is power- and memory-constrained. Protocols must use hardware efficiently in a constrained system to avoid wasting CPU cycles and memory resources. It is particularly important that the switch between protocol stacks be handled efficiently. Otherwise, eeworldonline.com | designworldonline.com

Silicon Labs — EE IoT 04.17 V2.indd 47

RESOURCES

Silicon Labs Silabs.com

4 • 2017

DESIGN WORLD — EE Network

4/14/17 2:40 PM

ad index LEADERSHIP TEAM

Allied Electronics ............................................................................. IBC Chroma Systems Solutions ............................................................... BC Coilcraft ............................................................................................. 43 Digi-Key ................................................................................ Cover, IFC Fotofab .............................................................................................. 36 IXYS ................................................................................................... 45 KEB America, Inc. ................................................................................ 1 Keystone Electronic Corp. ................................................................... 7 Marathon Special Products ................................................................ 18 Master Bond ...................................................................................... 22 Memory Protection Devices, Inc. ......................................................... 3 Rutronik ............................................................................................. 25 Tadiran Batteries ................................................................................ 21 WAGO Corp. ..................................................................................... 11

SALES

Publisher

EVP

Mike Caruso

Michelle Flando

Tom Lazar

Mike Emich

Marshall Matheson

mcaruso@wtwhmedia.com

mflando@wtwhmedia.com

tlazar@wtwhmedia.com

memich@wtwhmedia.com

mmatheson@wtwhmedia.com

469.855.7344

408.701.7944

508.446.1823

805.895.3609

440.670.4772 @mflando

@wtwh_memich

@mmatheson

gcona@wtwhmedia.com

Mike Francesconi

Jim Powers

213.219.5663

mfrancesconi@wtwhmedia.com

jpowers@wtwhmedia.com

630.488.9029

312.925.7793

Managing Director

@wtwh_Tom

Garrett Cona

Scott McCafferty

@jpowers_media

smccafferty@wtwhmedia.com

Jessica East

310.279.3844

jeast@wtwhmedia.com

David Geltman

@SMMcCafferty

330-319-1253

dgeltman@wtwhmedia.com

Courtney Seel

@wtwh_MsMedia

516.510.6514

cseel@wtwhmedia.com

@wtwh_david

440.523.1685

Michael Ference

@wtwh_CSeel

mference@wtwhmedia.com

Neel Gleason

408.769.1188

ngleason@wtwhmedia.com

@mrference

312.882.9867 @wtwh_ngleason

WTWH Media, LLC 6555 Carnegie Ave., Suite 300 Cleveland, OH 44103 Ph: 888.543.2447 FAX: 888.543.2447

DESIGN WORLD does not pass judgment on subjects of controversy nor enter into dispute with or between any individuals or organizations. DESIGN WORLD is also an independent forum for the expression of opinions relevant to industry issues. Letters to the editor and by-lined articles express the views of the author and not necessarily of the publisher or the publication. Every effort is made to provide accurate information; however, publisher assumes no responsibility for accuracy of submitted advertising and editorial information. Non-commissioned articles and news releases cannot be acknowledged. Unsolicited materials cannot be returned nor will this organization assume responsibility for their care. DESIGN WORLD does not endorse any products, programs or services of advertisers or editorial contributors. Copyright© 2017 by WTWH Media, LLC. No part of this publication may be reproduced in any form or by any means, electronic or mechanical, or by recording, or by any information storage or retrieval system, without written permission from the publisher. Subscription Rates: Free and controlled circulation to qualified subscribers. Non-qualified persons may subscribe at the following rates: U.S. and possessions: 1 year: $125; 2 years: $200; 3 years: $275; Canadian and foreign, 1 year: $195; only US funds are accepted. Single copies $15 each. Subscriptions are prepaid, and check or money orders only. Subscriber Services: To order a subscription or change your address, please email: designworld@halldata.com, or visit our web site at www.designworldonline.com POSTMASTER: Send address changes to: Design World, 6555 Carnegie Ave., Suite 300, Cleveland, OH 44103

DESIGN WORLD — EE Network

Ad Index — IoT 4017 v1.indd 48

4 • 2017

eeworldonline.com | designworldonline.com

4/14/17 10:16 AM

JAN17 AC Branding Ad (DW).qxp_Design World 12/2/16 8:31 AM Page 1

Your Source for Automation & Control

Over 3.5 million automation, electromechanical, cabling, and interconnect products from 300+ manufacturers.

thinkallied.com

•1.800.433.5700

Allied Electric 1-17.indd 1

An Electrocomponents Company.

4/13/17 1:06 PM

Simulate DC Transients 62000P Programmable DC Power Supplies

Program DC transient waveforms to simulate automotive and defense voltage variations

Optional Softpanels

Chroma’s 62012P-80-60 Conventional power supply

Chroma’s 62000P series of programmable DC power supplies allows devices to be verified under a wide range of voltage dropouts, spikes and other voltage variations making the P-series an ideal choice for production and DVT of products used on mobile platforms or which will experience voltage interrupts. Applications include products designed for use on ships, cars, planes and other applications with variable or unstable input power. Due to their constant power operating envelope the P-series power supplies are uniquely suited for test applications requiring a wide range of high voltage/low current and low voltage/high current stimulus thereby reducing the number of supplies needed in typical applications. The 62000P Series also includes built in 16 bit readback capability for accurate input voltage and current readings. This means ATE systems no longer need complex shunt/multiplexers to make accurate pass/fail readings of the UUT’s input parameters. These instruments also include I/O ports providing 8 bit TTLs, DC-ON, fault output signal and remote inhibit as well as an output trigger signal for system timing measurements. 12 different models ranging from 600W to 5000W, up to 120A and up to 600V.

Wider Operating Region

For more information visit: chromausa.com

Instruments AC Power Sources Regenerative Grid Simulators Programmable DC Power Supplies AC & DC Electronic Loads Power Meters Multimeters

Automated Test Systems Hipot Testers and Analyzers Wound Component Testers LCR Meters Milliohm Meters TEC Controllers Thermal Data Loggers

Battery EV/EVSE PV Inverter Power Conversion Medical Device LED Lighting and Driver

Chroma System_1-17.indd 1

4/13/17 1:07 PM