How to Secure the Smart Gateway?
Just think about how modern logistic companies operate. IoT devices track fleet vehicles, keep track of warehouse stock, and also play their part in production lines to create products. When it comes to production lines, IoT sensors and devices measure the machines and production performance. Moreover, these sensors and devices also measure inventory and help the production line know how fast they should go according to the analyzed data. IoT devices even notify drivers when they should get ready for pickup. This is all made possible with IoT Gateway or Smart Gateway devices. There is a lot of occurrences that we can’t see with the bare eye. Devices use different protocols to communicate with multiple devices over several networks, like Bluetooth, WiFi, Z-Wave, and Ethernet, etc.
Things get a little overwhelming, but smart gateways are available to solve various challenges of the old model. Security is one of the biggest challenges and we must find a way to secure those IoT gateway devices. In this article, SKYLAB will find out how to make these devices secure. But before, that, SKYLAB would like to share a brief introduction to Smart or IoT gateway devices,and will also see how these devices work.
What Is A Smart Gateway Device?
An IoT or smart gateway device is used to bridge the gap of communication between the Internet of Things devices, systems, equipment, sensors, and the cloud server. IoT gateways systematically connect the cloud and the field to provide local storage and processing solutions.These devices also offer the ability to control field devices autonomously according to the data input via sensors. The edge systems have an edge gateway that sits at its intersection between the local intranet and the external internet. Therefore, it is an important network connectivity access point, both outside and inside the device ecosystem.
How Does the Smart or IoT Gateway Works?
As the requirements and capabilities of devices increase, it becomes impossible to make them communicate with systems directly. Some controllers and sensors are not compatible with energy-intensive protocols, such as Bluetooth or WiFi.A few devices collect data that is invaluable and overwhelming in the raw form. These devices connect to several private and public networks. A smart gateway executes various significant functions from filtering data to encrypting, managing, processing, and translating protocols.If you assume an Internet of Things ecosystem, the gateway stands between the sensors and devices to establish communication with a cloud server.
Completing the Space between IT and OT
Smart gateways assist in ridging the space between the IT infrastructure and operations within the business. They accomplish this thing through optimization of the system performance via operational data that they collect for processing in real-time at a network edge or in a field. IoT gateways are well-capable of performing various enhancements on both IT and OT silos. Take a look at the following information.
High Scalability: IoT gateways can collect intelligent information from the cloud or datacenter, and then move it into the network edge or field.
Lowering Costs: The IoT gateways come with the benefits of high storage, memory, and processing power. Therefore, the end-point devices are not required to do this at all.
Quickest Production: A more advanced and accelerated production line may decrease the time to market the product significantly.
Reduction in Telecommunication Cost: There is less machine-to-machine (M2M) communication. It results in smaller traffic and network, which reduces the telecommunication cost.
A smart gateway also mitigates risks with its capabilities. These gateways have the strength to isolate sensors and devices that are not functioning before causing greater issues for production lines.
Adding a security Layer
With an increase in sensors and device numbers, the communication numbers also grow that occur over various private and public networks. Communications among the cloud, the gateway, and the ‘things’ must be highly secure to avert unrestricted access or possible data tampering. It will normally occur through the PKI infrastructure.
The ‘things’ that connect are provided an identity that’s a combination of a Digital Certificate (or cryptographic keys). As a result, it allows the communication for encryption. It can be a little handful for managing without the IoT gateway help.
Assume that we have equipment that manages all device certificates. You require a gateway for assisting in the mediation of devices on-boarding (identity provisioning and certificates installation). We will go through more details about this thing below.
Real-Time Field Updates
Assume that your devices have become vulnerable or you get a notification from the sensors that the warehouse temperature is very hot. If you don’t have a smart gateway, you will have to fix the problem manually since your sensors and devices are very small to accomplish these tasks themselves. If you have the gateway, it will receive the data. Then, the configured gateway sends firmware updates across all devices whenever it detects that the warehouse temperature is hot.
Steps to Secure a Smart Gateway
There have three core security principles; authentication, integrity, and confidentiality. You have to make sure that communications between devices and gateway must meet each of these principles while communicating in the external and internal networks.
It is also important to know that a gateway is often more prone to attacks due to a couple of reasons. The first reason is that gateways have greater processing power that they can utilize to operate intensive applications. Additional power means there should be better software. However, better software usually means that the hacker has more chances to exploit it.The second reason is its location. The edge device location of the gateway between the intranet and the internet is the entry point for the threat vector. However, we can secure the Internet of Things gateway by following the below-listed steps.
1. Gateway Device Identity
The initial step requires us to provide an identity to the gateway device. We can do this by utilizing the Digital Certificate X.509. External entities that want to connect to the smart gateway can now perform gateway identity verification that is enabling NTLS or HTTPS protocols. Commands issued to the field sensors or devices would now come from the trusted device.
2. Enable Gateway Device Strong Identity
Since the gateway is vulnerable to physical tampering, we can extract and clone private keys. It will leave the gateway device susceptible to spoofing and even MITM attacks. For its prevention, we can use additional security measures, like embedding a TPM device into the gateway with the help of a PUF. It would help us store Digital Certificates’ private keys securely and make sure that they will always stay with the gateway.
3. Using the Gateway for Provisioning Ecosystem Identity
After enabling strong gateway device identity, you must now think that how to ensure strong sensors and devices identity in a field. Since a few of them are probably not able to establish a connection with the internet, it will become difficult to provision identity via SMS (certificate-management-service).Instead of that, you can utilize your gateway as the trusted mechanism for securing the things connected to your gateway device. The gateway device works like a proxy between the field device and the platform.Now, your devices and gateway are secure. Therefore, the communication occurring in the intranet is protected. You have the security, authentications, and confidentiality that make your Internet of Things ecosystem end-to-end secure with the PKI infrastructure.
Things to Know Before Choosing an Internet of Things Gateway
Now that you understand what a smart gateway is, you must be convinced about using the gateway in your IoT ecosystem. Once you have convinced important individuals in the business about the perks of IoT gateways, there is a new task ahead.
Next, you must make sure that you invest in the right gateway device. Remember that the selection of the gateway can make or break your project. Therefore, you must be careful when selecting the gateway. There are a few critical considerations that you must keep in mind about the gateway device. Let’s take a look at some of the key factors to consider.
1. Network Security
Strong security is essential to the communication channel. In addition to that, IoT payload transmission encryption also holds immense importance.
2. Downtime
There must be a feasible plan for situations when the speed of the network connection becomes low or you will be charged by an amount of the data that moves through the gateway towards the cloud. We advise you to use protocols, like UDP, MQTT, CoAP over TCP.
3. Connectivity Issues
What if your internet connection completely goes down? There is no guarantee that you will always be experiencing smooth internet connectivity. The gateway software must mitigate this thing by going without the connectivity. It must also utilize data queuing and caching if the connection breaks down for long.
4. Remote Updates
Your smart gateway will unavoidably needOTA (over the air) updates. So, it requires an operating system, such as Linux that supports this.
5. Power
The gateway device needs to persist in unexpected power cycles, like power outages or power overloads. At least in such states, the gateway must offer minimum functionality, while still establishing a connection with the cloud to make sure that it restores itself.
Smart Gateways are Different from Routers
By their look, IoT gateways are very identical to routers and modems. But unlike routers, the Internet of Things can incorporate data from a device that links with several network protocols, such as WiFi, Bluetooth, cellular, Ethernet, and more. Internet of Things Industrial gateways also provide additional industrial interfaces as compared to routers to communicate among field applications. Moreover, the design of physical Internet of Things gateways makes them a perfect solution for difficult industrial environments.
With long-life components and rugged housing, gateways can last more challenging environments. Such challenging environments include extreme temperatures, humidity, and vibration. Therefore, gateways are different and much better alternatives to routers with many additional features.
The Science and Art of Smart Gateway Architecture
To create a better understanding of the differences between a router and a smart gateway, we must study the complexities in the architecture of IoT gateways. Therefore, take a quick look at the following significant information in this regard.
Device Layer
The hardware of the smart gateway consists of a controller or microprocessor that depends on the memory and processing speed required. It also depends on the connectivity module (Bluetooth, WiFi, cellular, etc.), circuitry, and sensors.
Operating System
The operating system is the software that runs the programs, including the gateway hardware on the gateway device. You can choose from operating systems, such as RTOS, Linux, and Java, etc. This selection depends on your gateway’s application.
Hardware Abstraction
The abstraction layer enables the software to develop and control without hardware assistance. It adds agility and flexibility to the design of the application and makes the evolution and software updates easier.
Actuator and Sensor Drivers
It is the layer that works as an interface between sensors, modules, and the device. Integration of specific stacks depends on the application requirements.
Device Configuration and Management
IoT gateways must track all sensors and connected devices it is communicating with. The layer manages and tracks the settings, properties, and configurations of connected devices and sensors within the ecosystem.
Communication Protocols
We can select the Internet of Things protocols as per the frequency and amount of the cloud communicated data. Gateways can connect through cellular modules (3G/4G/5G), WiFi, and/or Ethernet. However, the underlying layer of the protocol is usually TCP IP.
Data Management
Smart gateways use to manage data through connected devices and sensors. The layer of data management controls the streaming, data storage, and filtering. Moreover, it also helps in controlling data traffic for minimizing delays to make sure device fidelity.
Customized Software Applications
A smart gateway incorporates customized software for managing specific application requirements. This layer interrelates with other layers to manage data requirements securely, efficiently, and efficiently to the Internet of Things application.
Apart from the above-listed parts and components, the architecture of an IoT gateway includes more elements. Those include cloud connectivity management, gateway data transfer, security, and Firmware OTA (over the air) updates. The Internet of Things is flourishing and it will soon be an integral part of all businesses.
- |
- +1 赞 0
- 收藏
- 评论 0
本文由天星转载自SKYLAB,原文标题为:Ways to Secure the Smart Gateway,本站所有转载文章系出于传递更多信息之目的,且明确注明来源,不希望被转载的媒体或个人可与我们联系,我们将立即进行删除处理。
相关推荐
What is IoT Gateway and How Does it Work?
The article is about this technology to help you know what it does, and how does it work. SKYLAB will also talk about the different important factors to consider while buying intelligent gateways and other relevant information.
【经验】如何通过串口更新天工测控LCS2028 WIFI模块固件
本文将指导如何通过串口升级SKYLAB(天工测控)LCS2028 WIFI模块固件,供各位工程师参考及使用。
【经验】天工测控LCS2028模块蓝牙功能使用指导
天工测控LCS2028是一款WiFi+蓝牙 Combo的模块,蓝牙功能除了给WiFi进行配网外,还能作为普通的BLE功能使用,本文指导如何使用LCS2028的蓝牙功能。
PhoenixContact(菲尼克斯电气)控制技术及软件产品选型指南(英文)
目录- PLCnext Technology PLCnext Control devices PLCnext Engineer PLCnext Store PROFINET cloud solution Inline controller Axiocontrol controller PLC Redundant and safe PLCs Automation system programming software PLC logic relay system controllers/programmable logic modules/programming software
型号- 2700442,2700441,PLC-V8C/PT-24DC/BM2,2700443,ILC 171 ETH 2TX,2701295,2985385,1046666,1046667,ILC 151 ETH,2907446,2907447,RFC 470S,RFC 4072 S,PLC-V8C/PT-24DC/SAM2,2404267,2907445,AXC F CLOUD-PRO,2907443,PLC-V8C/SC-24DC/BM2,PLC-V8C/SC-24DC/SAM2,ILC 151 GPRS,1051328,PLC-V8C/SC-24DC/EM,ILC 191 ETH AN,2905137,BTP 2043W,PLC-V8C/PT-SAM2,AXC F 3050,AXC F XT ETH 1TX,2700977,RFC 460R PN 3TX,2700974,2700973,2700976,2700975,2700784,2988670,1050387,AXC F 2152,PLC-V8C/PT-BM2,1046568,RFC 4072S,1046008,AXC 1050 XC,AXC 1050,RFC 460R,BTP 2070W,ILC 191 ETH ME,PLC-V8C/PT-24DC/EM,2700989,PLC-V8C/PT-24DC,2700988,2402985,2403115,2985725,AXC F IL ADAPT,2700074,ILC 131 ETH,ILC 191 ME/AN,2985275,AXC F 1050,ILC 191 ETH 2TX,1020304,AXC 3050,2730307,AXC F 2152 STARTERKIT,BTP 2102W,ILC 151 GSM,2903095
介绍RZ合作伙伴生态系统解决方案
型号- RZ/N1D,RZ/G2UL,RB-RZLC,RZ/A SERIES,RZ,RZ FAMILY,RZ/N1 SERIES,RZV,RZ/V2L,RZ/V2M,RZ/A3UL,RZ/A,RZ/N,RZ/G2L,RB-RZUL,RZ/G2LC,RZ/G,RZ/N1,RZ/V,RZ/T1,RZ/G2E,RZ/T,R9A06G032,RZ/G2H,RZG2L-EK-200,RZ/G SERIES,RZ/FIVE,R9A07G043F01GBG,RZA3UL-EK-200,RZFIVE-EK-200,RZ/N SERIES,RZ/V SERIES,RZG2UL-EK-200,RZ/T SERIES,RZ/G2X,RZG2E
天工测控(Skylab)GNSS模块/WiFi模块/蓝牙模块/组合模块/UWB模块选型指南
目录- 公司简介和产品选型表 GNSS模块 WiFi模块 蓝牙模块 组合模块 UWB模块 方案相关
型号- SKM2101,WG209,SKG122C,SKM88,SKW92B,SKM89,SKW92A,SKM2102,SKG17DT,SKM2105FR,SKM86,SKM2505,SKM2105FR-25M5,SKM2105,SKM2105FR-25M8,SKG12D,SKG122S,SKG12F,SKW496C,SKM2308DR,SKG12A,SKG092C,SKG12B,SKG122Y,SKB389AA,SKW497,SKM80,SKM81,SKM82,SKG09BL,SKW3000,SKM2102CR-40M3T,SKG093Q,SKG122GR,SKG093N,SKB501,SKG1223,SKG121S,SKU621,SKG121T,SKM61C,SKG12BL,SKM2505NR,SKU620,SKG16BL,SKG12DT,WG822,SKG123NRD,SKM2305NDR-40M3T,SKU609,WG821,SKG12UR,5KW99,SKM2305NDR,SKU610,SKU611,SKM2102SR,SKG09DT,SKM2105QR,SKM2505NR-40MXT,SKM2102CR-40M5T,SKM2102CR,SKG123L,SKG122ER,SKG123N,SKG17D,LCS6260,SKG123Q,SKW101,SKW100,SKW103,SKG123NR,SKM2101MR-25M8,SKM2305NDR-40M5T,SKG121SA,WG243,SKM2308,SKG09,SKM2302,SKM2305,SKG123NT,SKM-6DM,SKW78,LCS2028,SKM2302DR,SKM2102ER,SKB380,SKB381,SKM2102CR-40MXT,SKG8212,SKM65C,WG233,SKW77,WG231,SKM2102CR-40M7T,WG238,WG237,WG236,WG235,WG241,WG240,SKM2102SR-40MXT,SKM2105QR-40FXT,SKM81F,SKM2101MR-25M5,SKG123ND,SKM65,SKM2305NDR-40MXT,WG229,SKM61,SKM2105DR,SKW17AE,SKB376,WG222,SKB379,SKB378,WG226,WG225,SKB369AA,SKM80D,SKG172T,SKM2105NR-40M5,SKM2101MR,SKM2105NR-40M7,SKZ301,SKM2105NR-40M3,SKM80F,SKG16,SKG17,SKM55,WG219,SKM2305NDR-40M8T,SKB360,WG217,SKW93A,SKGO9DT,SKG12,SKB362,SKM51,SKB361,SKM52,SKM53,SKG09D,SKG09F,SK7302,SKG09A,SKB369,WG215,SKG09L,SKM51G,SKM51F,SKM2302DR-40MX,SKM51C,SKM2105NR-40MX,SKB360I,SKM2105NR
天工测控(Skylab)无线模块选型表
目录- GNSS模块 GNSS+天线一体化模块 WiF模块 BLE蓝牙模块 WiFi+蓝牙组合模块
型号- SKM2101,WG209,SKG122C,SKM88,SKW92B,SKM89,SKW92A,SKM2102,SKG17DT,SKM2105FR,SKM86,TR6260,SKM2505,MT7612E,SKM2105,MT7688A,SKG12D,SKG122S,SKG12F,SKW496C,SKM2308DR,SKG12A,SKG092C,SKG122Y,SKW497,SKM80,SKM81,SKM82,SKG09BL,SKW3000,SKG093Q,SKG122GR,SKG093N,SKB501,SKG1223,SKG121S,SKG121T,RTL8812,SKM61C,RTL8811,ESP32-H2,MT7610E,SKG12BL,SKM2505NR,SKG16BL,SKG12DT,WG822,SKG123NRD,WG821,SKG12UR,SKM2305NDR,SKM2102SR,SKG09DT,SKM2105QR,MT7601,RTL8821CS,SKM2102CR,SKG122ER,SKG123L,SKG123N,SKG17D,LCS6260,SKG123Q,SKW101,SKW100,SKW103,SKG123NR,SKG121SA,MT7620A,WG243,SKM2308,SKG09,ESP32-S3,SKM2302,SKM2305,SKG123NT,QCA9887,MT7628,SKM-6DM,SKW78,LCS2028,BK7231,SKM2302DR,RTL8822CS,ESP32-C2,MT7981,ESP32-C5,SKM2102ER,SKB380,SKB381,WG239,BL2028,SKG8212,SKM65C,WG233,SKW77,MT7603E,WG231,WG238,ESP8266,WG237,WG236,WG235,ESP32,WG241,QCA9531,WG240,RTL8852,SKM81F,SKG123ND,SKM65,WG229,SKM2105DR,SKM61,SKW17AE,SKB376,WG222,SKB379,SKB378,ECR6600,WG226,WG225,SKB369AA,SKM80D,SKG172T,MT7697D,SKM2101MR,SKM80F,SKG16,SKG17,SKM55,WG219,SKB360,SKW93A,WG217,SKG12,SKB362,SKM51,SKB361,SKM52,SKM53,SKG09D,ESP8285,SKG09F,SKW99,MT7621A,SKG09A,SKB369,WG215,SKG09L,SKM51G,SKM51F,SKM51C,MT7628N,SKB360I,IPQ6000,SKM2105NR
USR-N720-ETH USR-N720物联网网关
描述- USR-N720是一款高性能边缘计算数采网关,具备边缘数据采集、协议转换、快速上云和数据加密等功能,适用于智慧医疗、智慧产线、智慧泵房、智慧工厂、智慧电力、智慧畜牧等多种工业智能化方案。
型号- USR-N720
天工测控WiFi模块选型表
天工测控面向物联网市场中的智慧物流,智能交通,智慧安防,智慧能源,智能医疗,智慧建筑,智能制造,智能家居,智能零售,智慧农业,智慧楼宇等应用场景研发推出了性能强大,且支持二次开发的2.4GHz单频及2.4/5GHz双频UART串口WiFi模块,USB接口WiFi模块,AP/Router无线路由WiFi模块及远距离图传WiFi模块,高清视频传输WiFi模块
产品型号
|
品类
|
无线模块标准
|
芯片
|
尺寸(mm)
|
封装
|
频率范围(GHZ)
|
数据速率(Mbps)
|
发射功率(dBm)
|
传输距离(米)
|
通讯接口
|
供电电压(V)
|
天线接口
|
WG219
|
WiFi模块
|
IoT b/g/n
|
ESP8266
|
25.5*18*3.2
|
SMD
|
2.4-2.5
|
72.2
|
18
|
100
|
3,5,6,8
|
3.3V
|
1个IPEX/PCB
|
选型表 - 天工测控 立即选型
天工测控WiFi+蓝牙组合模块选型表
天工测控提供如下WiFi+蓝牙组合模块选型,数据速率72Mbps~1201Mbps,SMD封装,多种蓝牙标准可选
产品型号
|
品类
|
芯片
|
模块尺寸(L*W*H)(mm)
|
天线
|
封装
|
模块标准IEEE 802.11
|
频率范围(GHZ)
|
数据速率(Mbps)
|
WiFi接口
|
蓝牙标准
|
蓝牙接口
|
WG215
|
WiFi+蓝牙组合模块
|
ESP32
|
25.5*18*3.0
|
PCB/IPEX
|
SMD
|
b/g/n
|
2.4
|
150
|
UART
|
V2.1+EDR,BLE4.2
|
UART
|
选型表 - 天工测控 立即选型
天工测控SKG系列GNSS模块精度差异与RTK技术详解
RTK也称载波相位差分技术,通过对两测站的载波相位观测值进行实时处理,能实时提供测站的三维坐标,并达到厘米级或者毫米级的高精度。深圳市天工测控的RTK模块如SKG122ER等,支持多种配置,通过指令控制基站坐标锁定、伪距平滑、数据输出等,提高定位精度。
【选型】交通信号灯高精度天工测控GNSS授时模块选型技巧
交通信号灯在一定程度上能够起到缓解交通压力的作用,而作用其中的GNSS授时模块才是主力高效,准确,实时的对城市交通信号灯进行统一授时的大功臣。本文天工测控就以北斗授时模块为切入点,简单介绍一下交通信号灯授时模块的选型要点。
天工测控BLE蓝牙模块选型表
天工测控针对物联网小数据,近距离的数据传输、智能控制等应用场景研发推出的BLE4.0/4.2/5.0低功耗蓝牙模块,功耗低,接收灵敏度高,传输距离远,支持UART/TWI通信协议,性能稳定可靠,支持二次开发,尺寸小巧,易于集成,产品能较好的嵌入到客户产品中,同时满足客户对蓝牙产品再次快速编程需求
产品型号
|
品类
|
标准协议
|
尺寸(mm)
|
工作模式
|
接收灵敏@1Mbps(dBm)
|
发射功率(dBm)
|
Flash(KB、MB)
|
RAM(KB)
|
广播功耗(100ms 间隔)(uA)
|
连续传输功耗(20ms 间隔)(uA)
|
深度睡眠功耗(uA)
|
待机状态功耗(uA)
|
最大广播距离(米)
|
接口
|
天线
|
SKB360
|
BLE蓝牙模块
|
BLE4.0
|
17.4*13.7*1.9
|
主,从,主从一体
|
-93
|
+4
|
256K
|
16K
|
270
|
1180
|
0.3
|
2.5
|
50
|
UART/PWM/GPIO/I²C
|
PCB/External
|
选型表 - 天工测控 立即选型
Industrial Gateway, IoT Gateway, and PLC Gateway: Bridge Connecting the Intelligent Future
In the era of Industry 4.0 and the booming Internet of Things (IoT), industrial gateways, IoT gateways, and PLC gateways, as key technologies, are gradually becoming important forces in promoting the transformation and upgrading of traditional industries. These gateways are not only bridges connecting the physical and digital worlds, but also core hubs for achieving intelligence, automation, and remote monitoring.
随着授时技术的发展与北斗的崛起,天工测控研发的SKG12DT授时精度达到15ns RMS
深圳市天工测控技术有限公司研发的SKG12DT授时精度达到15ns RMS,是一款高性能GNSS功能超级一体化解决方案计时模块,具有高灵敏度、超低功耗和小体积特性。射频信号通过天线输入道模块,像位置、速度和时间这些串行信息通过nmea协议或自定义协议完整的记录下来。
电子商城
服务
使用FloTHERM和Smart CFD软件,提供前期热仿真模拟、结构设计调整建议、中期样品测试和后期生产供应的一站式服务,热仿真技术团队专业指导。
实验室地址: 深圳 提交需求>
支持 3Hz ~ 26.5GHz射频信号中心频率测试;9kHz ~ 3GHz频率范围内Wi-SUN、lora、zigbee、ble和Sub-G 灵敏度测量与测试,天线阻抗测量与匹配电路调试服务。支持到场/视频直播测试,资深专家全程指导。
实验室地址: 深圳/苏州 提交需求>
登录 | 立即注册
提交评论