smart city IoT

Big IoT. Big IT Challenges for Cities.

Until recently, the Internet of Things (IoT) for cities was a lot of hype. As recently as 2015, Gartner listed IoT at the top of the hype curve. Real results were hard to come by, and cities were struggling to understand how IoT fit into their plans.

Gartner Hype Curve

The 2015 Gartner Hype Curve

IoT is Here

But IoT has now shifted from hype to reality. Nowhere is this  more clear than in cities. The rise of autonomous vehicles means cities need to implement V2I technology to ensure safety.

Sensor proliferation is taking off. Chicago is deploying hundreds of sensors with it’s Array of Things initiative. It doesn’t stop there. This year Chattanooga, Atlanta, Seattle and Bristol and Newcastle in the United Kingdom will begin installing identical sensors in their cities. Next year, Boston, Austin, Delhi and Singapore will be building their own arrays. And late last year, DOT announced up to $40 million to a mid-size city with the best blueprint depicting a fully integrated forward-looking urban transportation network.


Chicago’s “Array of Things” Monitors the Pulse… by Mashable

Big IT Challenges

While all of these IoT devices will provide valuable information, they’ll also present major security and data management challenges. Internal IT departments will be stretched to  store, manage and analyze this data. Cities will need to manage thousands of data points and store millions of gigabytes of data. IT demands could skyrocket in a short period of time.

But big data requirements don’t mean big problems. Cities can overcome these challenges in a few ways.

#1: Consider Managed Services

If the CIA trusts the cloud, your city can too. Consider partnering with an IoT vendor that will provide managed services. At Miovision, we employ smart engineers and data scientists but we outsource some of our data storage functions to Amazon Web Services . They can do it better. Your traffic operations department is built around traffic engineering skills, not IT skills. Focus on what you do well and leave the rest to the experts.

So, how do you vet an IoT vendor? Here are few quick ways to get a read on whether you should consider a partnership:

  1. They Are Experts in IoT Solutions for Cities: Vendors with a focus on solutions for cities will understand your unique needs. Cities are different than companies. You require a specialized offering.
  2. They Have a Demonstrated Ability to Evolve With Your Needs: Your solution should evolve with your city. Partner with a vendor that has demonstrated a capacity to innovate on a regular basis. Chances are you’ll start with a particular need, but as you build your IoT platform, you’ll want more.
  3. They Take Security Seriously: Security should be a top priority. Your vendor should have clear documentation on security protocol, secure backups and disaster recovery. Furthermore, a reputable cloud partner should provide a detailed security response process.
  4. They Do More Than Store Data. They Can Provide Actionable Intelligence: You might not need data analysis right away, but as you collect and store data, you’ll want a vendor with a solution that can provide actionable intelligence for your city.

#2 Start with Small Pilot Projects

No need to dive into a full IoT implementation. Start with a small pilot project. It will allow you to slowly develop your IT infrastructure, whether it be externally or internally.

Don’t Avoid the Future

Cities are changing, and the Internet of Things is here to stay. Tackle the future head on. Start talking IT requirements. Start planning small pilot projects. Take the MyCitySmarts survey to help assess and plan the path forward. It will make your transition to a smart city that much easier.

A Wireless Traffic Network Doesn’t Need to Be Scary

Security Resize1

Dave Bullock, Managing Director, ITS Line of Business, Miovision

Cities are at the forefront of the next wave of the Internet of Things.  Combining digital technologies with existing physical infrastructure to gather useful data – this is the promise of the future city; streamlining communication, optimizing efficiency and improving the lives of citizens. At the heart of the smart city are wireless networks, connecting physical infrastructure and technology via the cloud.

Traffic signals are no exception to the IoT revolution. A connected traffic network provides a whole host of benefits for cities, citizens and transportation professionals. Traffic engineers can access data to make more informed operational decisions, maintain the signal network remotely, and ensure traffic and goods are moving. Remote access provides the flexibility to access signal data anytime and anywhere. But extending access to signal data outside the walls of a traffic management center (TMC) can cause city officials to have security concerns, some real, some perceived. Will my data be secure? What about hackers? What if the cloud is down?  But a wireless network doesn’t need to be scary. If the CIA can trust the cloud, so can you.

Want to read our security whitepaper?
Get deeper insights into wireless security.

 

Here are the common security concerns we hear from traffic professionals and city office. If your solution can address these issues, you can rest assured that your wireless traffic network and the underlying data will be secure.

Concern #1: Will I have less control over my data?

A good solution will allow you to maintain full control of your data via the cloud. You’ll be able to manage and monitor who gets access and when. All access should be managed by secure authentication. If you can’t manage and control access securely, then we’d suggest finding another solution.

Concern #2: Will my data be secure?

Your data should be secured through encryption and a Virtual Private Network. For example, Miovision enables read-only access to monitoring tools, and prohibits the ability to push new timing plans from outside the city’s VPN. We recommend utilizing a vendor with a strong cloud partner, like Amazon Web Services. We consider them to be the gold standard, which is why we use them for our Spectrum solution.

Concern #3: Isn’t it more secure to have my data stored on city-owned infrastructure?

Regarding cloud computing, some cities are concerned with the fact that the solution and data live outside their walls, and not on city-owned IT infrastructure. To ease those concerns, cloud-based providers like Miovision and Amazon Web Services (AWS) have sizable security teams focused on monitoring and regularly patching systems. It’s safe to say security monitoring from cloud specialists is superior to a few security personnel on a city’s IT team. These security measures for cloud-based computing have earned the trust of government organizations like the CIA and the US Department of Homeland Security.

Concern #4: What if the network is down? What if a disaster hits?

To avoid downtime, a vendor should provide a rigorous overview of their security response process as well as real-time network status. You can find our network status here. Furthermore a reputable cloud partner should provide a very detailed security response process. This should entail their process for secure backups and disaster recovery.

Concern #5: What about hackers?

A good solution will use the highest level of encryption similar to those used for banking and government. A good standard is OpenVPN connection that uses AES-128, configured with CBC mode. Endpoint authentication is via OpenVPN pre-shared key authentication mode. This level of encryption will keep your traffic network on lockdown.

Hopefully this eases some of your concerns about wireless network security. The cloud is the new normal for businesses, governments and cities. With robust security, your city will be more effective, efficient and secure.

Dave Bullock is a serial entrepreneur who has built successful companies in the mobile, gaming, and telecommunications industries.  He joined Miovision in 2015 and spearheads Miovision’s Intelligent Transportation efforts.

Learn More About Connecting Traffic Signals

If your security concerns are at ease, you can learn more about our solution; Spectrum. It’s the fastest, easiest and least expensive way to connect and understand your traffic signals.

Miovision’s Security Six-pack: The Pillars of a Secure and Open Network for Traffic Management

In part one of this two post blog, Miovision’s Dave Bullock, Managing Director, ITS Line of Business, outlined the security risks in a networked traffic control system. This second post outlines the six security pillars built in to Spectrum that make these issues non-issues. Read more

Security for Smart Traffic: What Risks are Real?

large interchange city colour (2)

In part one of this two part post, Miovision’s Dave Bullock, Managing Director, ITS Line of Business, outlines the perceived and real security risks in a networked traffic control system.

The old way of managing cities and traffic control is going away. The days of engineers making their way down to traffic cabinets to tweak timing schedules are numbered. The new way is to sit back at mission control. Monitor the situation. Then issue commands. Very Star Trek.

But operating this way—leveraging connected devices via the Internet of Things (IoT)—comes with its own Prime Directive: security needs to be considered and made to be much more than an afterthought.  The movement to the cloud of the applications storing and analyzing this traffic data reinforces that security should be top of mind for anyone deploying a connected device as part of a public works infrastructure project.

While cloud-based connected devices are standard today, understanding network security is critical. The first step is to figure out what risks are real.

The Most Common Security Questions We Get Asked

Miovision fields a ton of questions from customers about security. Below you’ll find the three most common questions we get, and how we respond with security as a top-of-mind consideration.

Does remote access to my traffic system pose a risk?  Securely retrieving data remotely from cloud-based servers is commonplace today.  The CIA and Department of Homeland Security utilize the same cloud hosting services as Miovision.  The threat isn’t in remote access or the cloud itself, it’s in the policies and configuration of those services.  Working with a partner like Miovision who has the tools to control the who/what/when/where of data access, is the key to making remote access work for you, instead of against you.

Is wireless transmission of data susceptible to hackers?  When properly secured, wireless is no more risky than fiber, yet provides much faster response and resiliency to a number of common scenarios.  Network-wide outages from natural disasters, such as hurricanes, are as real of a danger as any hacker.  With wireless, systems can be brought back online remotely and often in hours or days through technologies like cell-on-truck.  With hardwired fiber solutions, resolution can take weeks or months to solve cut connections.  

Does cloud computing mean that I have less control over my data? While city data is stored on cloud-based servers, it’s readily available and safe. Miovision partners with Amazon Web Services (AWS) and has systems in place to ensure data is not only secure, but protected by a full disaster recovery backup strategy.  Managing a secure cloud data platform means constant security patches and audits to ensure the system is fully secure.  It’s safe to say security monitoring from cloud specialists is superior to a few resource-strapped personnel on a city’s IT team.

The Real Risks

The questions above are more perceived risks, in our experience. Addressing these risks are best handled by working with best-in-class technology and partnering with security-minded partners who can help manage the complex world of data security.

But there are real risks. By spending years in the traffic control business, we’re familiar with these concerns. The important thing is knowing what they are, and being smart about how to control them.

Device security: Most traffic control equipment wasn’t built with data security in mind.  The vast majority of traffic cabinet devices utilize communication protocols with no built-in security, and without explictly secured connections, putting your entire network at risk.  The security risk is not simply one of a hacker hijacking control of the hardware, but an unprotected device can be ‘locked out’ and rendered inoperable.

Poor data encryption: Devices often receive commands with weak or no encryption from vendors that haven’t invested in key management. It’s a deployment compromise arrived at to keep the system up and running. But the result is that data is left readable and vulnerable to unauthorized users.

Unauthenticated system access: Many city networks use default authentication settings, which leads to unauthorized access to the system. The result is poor systems auditing, and generally poor tracking of users and their activities.

Outdated security patches on servers and software: Firmware updates to devices in the field are done infrequently, if ever, because they can’t be done remotely. The problem with that is new security patch deployments rarely make it to devices in the field once deployed.

The four risks above can be tightly controlled.  Stay tuned for part two where we outline the six security pillars built into Spectrum that make these issues non issues.

Dave Bullock is a serial entrepreneur who has built successful companies in the mobile, gaming, and telecommunications industries.  He joined Miovision in 2015 and spearheads Miovision’s Intelligent Transportation efforts.