Is Blockchain The Way To Save IoT?

The internet of things (IoT) was a hot topic in tech a few years ago, with everyone and their mother pitching IoT platforms, “smart” products and automated, real-time, interconnected “things” everywhere. Though IoT is still humming along, the hype has been somewhat curbed by high deployment failure rates and the shadow cast by IoT-enabled cyberthreats like the Mirai botnet.

Gartner has warned that three-quarters of all IoT projects will take twice as long as planned to implement, and IoT security (or a lack thereof) has been called “a doomsday scenario waiting to unfold.” It turns out that IoT is hard! Tackling this complexity is core to capturing the promised benefits of IoT. In today’s increasingly digitalized world, the ability to make sensors, devices and computational “things” perform tasks and functions for us is becoming a necessity. Human beings just can’t manage the explosion of data and “interconnectedness” on their own — but we also don’t need bad bots running amok.
Establishing helpful IoT systems that run securely, efficiently and independently has proved incredibly difficult. Blockchain shows promise for easing that burden.

IoT Challenges


Cybercrime that exploits IoT devices and networks shows no sign of abatement. Thus security, privacy and identity verification remain foundational concerns in IoT deployments. Vast amounts of IoT data must be collected, transferred and delivered in a secure fashion amongst valid stakeholders, and processing now occurs at various layers within an architecture to trigger decisions at the right point. Misbehaving sources must also be detected and resolved, as device-related threats may include:

• Physical device attacks (unauthorized device control).
• Software attacks (malware such as viruses or worms).
• Network attacks (Denial of Service assaults, wireless vulnerability exploits).
• Encryption attacks (brute-force password cracking, “Man In the Middle” attacks).

The fact that there are so many types of threats and so many unsecured or poorly secured devices (and no standard authority for connectivity requirements) further confuses matters. Add to this the growing cadre of IoT communication protocols and you have an extremely complex problem that is difficult to solve at scale.

IoT Today

In spite of the Byzantine complexity and myriad threats involved, IoT adoption continues to accelerate, with analysts forecasting nearly $15 trillion in aggregate IoT investment by 2025. Why? The 2017/18 Vodafone IoT Barometer survey (download required) of 1,278 enterprise and public sector executives from 13 countries holds a clue: 74% of respondents who have adopted IoT technologies claim digital transformation is impossible without it. Basically, it doesn’t matter if it’s hard -- it has to be done if you want to do business in the modern world.
Using the Industrial Internet Consortium’s reference architecture as an example, a basic business IoT system will have enterprise, platform and “edge” tiers managing the devices themselves in addition to contextual rules, events, business state, multiple protocols, various data formats, supporting analytical models and storage — all through varied and dynamic networks. Traditional IT systems are not sufficient: Enterprise systems will need to be extended and enhanced to handle the volume, velocity and variety of data produced by IoT networks and the ability to trigger timely decisions against trusted data will need to be enabled at each level in the architecture.
This represents an awful lot of potentially vulnerable technology moving an awful lot of potentially vulnerable data and an awful lot of complexity to manage. Never mind adding the notion that we will soon have devices “paying” each other for capabilities without human involvement, thus adding to the complexity of emerging IoT systems.

Enter Blockchain

The blockchain model based on cryptographically secured, immutable distributed ledger technology and consensus could enhance IoT frameworks with more automated resource optimization and innate security by providing:

• A distributed system of record for sharing data across a network of key stakeholders.
• Embedded business terms for automating interactions between nodes in the system.
• Hash-based security, verification of identity and provenance authentication.
• Consensus and agreement models for detecting bad actors and mitigating threats.

With such features, a blockchain-enabled IoT deployment could improve overall system health and integrity by allowing devices to register and validate themselves against the network. Business logic could execute automatically via smart contracts. And with no central system to attack, threats like denial of service attacks could be inherently deterred at different layers in the architecture.
Applying a blockchain model in an IoT network could solve a host of real-world digital business issues, including:

• Analytical model tracking: Allow the system to record metadata and results about logic executed at the edge of the network for the purposes of regulatory compliance, and create an immutable history of why certain “decisions” were made during IoT processing.
• Secure software updates: The ability to publish software updates as a URL on the blockchain, along with a cryptographic hash of the update which can be validated by blockchain-connected IoT devices during the process.
• Payments and micropayments: Automated payments to business network participants based on sensor data (indicating, for example, service completion or product delivery), as well as micropayments between devices themselves in certain networks for functions and capabilities — all without human involvement.

There’s No Such Thing As A Magic Bullet

In spite of all this potential, applying blockchain to IoT is not a cure-all. Current performance and scalability limitations are incompatible with many IoT functions. External data must be incorporated via trusted “oracles.”  A new type of blockchain platform supporting the volume of devices involved in an IoT deployment is needed, with capabilities that extend beyond today’s common models. What will likely emerge is a hybrid or polyglot architecture, with varying frameworks customized to utilize blockchain differently at IoT’s edge, platform and enterprise layers.
But as businesses continue to grapple with core IoT complexity and security problems, it is becoming obvious that blockchain-based solutions have merit and bring real value to the table.
Blockchain is not the answer to everything that ails IoT, but it can play a powerful role in solving some serious issues. It won’t save IoT, but it might just improve it.

Source: https://www.forbes.com/sites/forbestechcouncil/2018/07/18/is-blockchain-the-way-to-save-iot/#671344f25a74

Read More

Testers knowledge towards automation skills

If you look around the testing landscape you will see that manual testing roles are disappearing, but not manual testing itself.

Despite this, this skill set of a manual tester is still needed. According to Brijesh Deb, Agile Testing Evangelist and High Tech Test Manager at Sogeti, this is simply because it is impossible to have zero manual intervention. Every software, be it a mobile app or a component of the NASA rocket, would have to go through some kind of a manual test at some level, at least.

Nevertheless, it appears that not all testers have the skill set to carry out automation tests.
Deb commented: “Test automation is a far bigger animal with a much greater scope where everything from the inception, to the design to the coding, everything is done through automation.

Testing evolution

“The quality parameters have changed with a lot of additional weight now being given to non-functional parameters such as performance and security.
“What this means is that the skill set of the testers has also had to evolve. With this changing outlook of the software testing industry and the evolution in testing, it is imminent that testers add automation to their repertoire as manual testing alone is not going to be enough.
“About a decade or so ago, there was a lot of impetus being given to UI tests and UI was the primary candidate for automation alongside regression tests. Despite this, manual testing can be ubiquitous as the tests and code written for automation are, typically, written manually.”
Furthermore, Anand Bagmar, Founder of Essence Testing, believes automation is NOT the only skill for a tester to contribute and be effective.
”There are many other areas where they can add value – but they need to be able to learn, understand and show a willingness to get close to technology and code – that is non-negotiable from my perspective,” Bagmar added.

Skills & capabilities

In order to build good quality software that will give value to the users of that functionality and in-turn, the creator of the product as well, Bagmar recommends testers must have the following skills and capabilities:

• Have a testing-mindset
• Understand and radiate risk
• Be smart and effective in ways of working
• Optimise where possible
• Evolve in learning and understanding
• Ability/willingness/freedom to experiment and learn from what works well, or not
• Collaborate with all relevant roles for deeper and shared understanding.

Deb continued: “Most of the time teams try to write code for tests which are executable manually and call it test automation. What confuses this, even more, is the testing vs checking debate.
“Be it the approach of testing the software manually or with automated tests, one common skill the testers must possess is “Test Craftsmanship”. Test Craftsmanship is a combination of the right testing mindset, with the knowledge of various testing tools and techniques. For manual testing, a solid grounding in test craftsmanship i.e., right testing mindset and the knowledge of various test design techniques might just be enough as it is more procedural in nature.
“Automation testing, on the other hand, requires knowledge of additional tool and languages for the tool to work. Depending on the context, both approaches serve different purposes and are equally important.”

DevOps & continuous delivery

Since the last decade, the focus is moving really quickly to DevOps. This means continuous integration (CI) and continuous delivery (CD) is absolutely impossible without continuous testing (CT). Yet, the fastest (or only) way to achieve CT is through test automation.
“In the fast-moving delivery and release life-cycles, manual testing does not provide much value. We need to focus on a healthy combination of exploratory testing and test automation (of all applicable types) to be effective as a team to build a good quality product. Any test that is important to be re-executed over a period of time needs to be automated at an appropriate level in test automation,” added Bagmar.
“While there is so much focus on test automation, one of the hindering factors for testers from taking up test automation as a career option is the ‘Fear of Code’”.
Since test automation involves writing code that involves accurate knowledge of one or more programming language(s), this scares a lot of engineers, according to Deb. There is a common misconception in the testing world that testers normally do not have access to the code and are more often than not involved in black box testing. So, there is no need to actually learn to programme.
“What testers do not realise is the fact that the knowledge of code will help them, investigate defects, debug errors and expand their avenues more by helping them find the unknown. Testing IMO is more than just finding defects. It is about finding the unknown and helping make the software better,” continued Deb.

Technology involvement

The most important skill required from the tester is the ability to get hands-on involved in technology. This involvement can be at various levels according to Bagmar:

• Be able to understand/read code and make sense out of the same (logic)
• Be able to understand/read the existing automated tests to know what “intents” have been automated – this reduces waste by having to repeat the same intent-validations manually
• Do effective gap-analysis based on what has already been automated, and what would add additional value if automated. Thus, the knowledge of what does not need to be automated, hence focus on more deeper learning, understanding and exploration using human-mind
• Contribute to enhancing automated test suite (unit/integration, API, UI/end-2-end /performance/security/etc.)
• Contribute to building a more testable and functional architecture.

 Source: http://www.softwaretestingnews.co.uk/testers-knowledge-towards-automation-skills/

Read More

How Artificial Intelligence, Machine Learning Can Help DevOps

Artificial intelligence (AI) and machine learning (ML) can help the humans in DevOps break free from focusing on simple activities. One aspect of DevOps is automating routine and repeatable actions, and AI and ML can perform these activities with enhanced efficiency to improve the performance of teams and business. There are algorithms that can perform many operations and procedures, allowing those in DevOps to execute their part effectively. This article discusses how DevOps engineers can use AI and ML to their benefit.

Artificial Intelligence, Machine Learning Driving DevOps Evolution

Businesses are under a lot of pressure to meet customers’ ever-changing demands, and many embrace DevOps to improve their performance to some extent. However, it can be difficult for many companies to use AI and ML because of the complexity involved. To recognize any benefit with AI and DevOps, a creative mindset may be required.
 The adoption curve of AI/ML may be relatively slow. Only 27 percent of CIOs surveyed by ServiceNow for its report, “The Global Point of View,” have hired employed who have skills in machine learning. But the fact is, DevOps experts may have a lot to gain by adopting even the most basic features of AI and ML. The same survey found that around 85 percent of C-level executives believe AI/ML can offer substantial value in terms of accuracy and rapidity of decision-making, which will lead to improved profitability for the company.
 Tracking and organization in a DevOps environment requires effort because of the complexity involved in the distributed application, which traditionally made things difficult for the team to manage and resolve customer issues. Before the evolution of AI and ML, DevOps team members could spend hundreds of hours and a large amount of resources to identify one point within an exabyte of information. To solve such problems, the future of DevOps is AI-driven, helping to manage the immense capacity of data and computation in day-to-day operations. AI has the potential to become the primary tool for assessing, computing and decision-making procedures in DevOps.

AI’s Influence on DevOps

AI can change how DevOps teams develop, deliver, deploy and organize applications to improve the performance and perform the business operations of DevOps. There are three common ways through which AI may influence DevOps:

Enhanced Data Accessibility

The lack of unregulated accessibility to data is a critical concern for DevOps teams, which AI can address by releasing data from its formal storage—necessary for big data implementations. AI can collect data from multiple sources and prepare it for reliable and robust evaluation.

Greater Implementation Efficacy

AI contributes to self-governed systems, which allows teams to transition from a rules-based human management system. This helps address the complexity of assessing human agents to improve efficacy.

Effective Resources Use

AI gives much required competence to automate routine and repeatable tasks, which minimizes the complexity of managing resources to some extent.

How Can Companies Apply AI and ML to Optimize DevOps?

Organizations can apply AI and ML to greatly optimize their DevOps environment. For one, AI can help in managing complex data pipelines and create models that can feed data into app the app development process. By 2020, it’s expected AI and ML will take the lead in digital transformation, overtaking IoT.
 However, implementing AI and ML for DevOps also presents a number of challenges for organizations of all sizes. To benefit from AI and ML technologies, a customized DevOps stack is required.
 Open source projects such as the Fabric for Deep Learning (FfDL) and Model Asset eXchange (MAX) can lower the barrier of entry for companies, helping to implement machine learning and making the DevOps process more efficient.
 Application of AI and ML can result in true ROI for a company by optimizing DevOps operations, making IT operations more responsive. They can improve efficiency as well as productivity of the team and play an important role in filling the gap between humans and big data.

Conclusion

A company that wants to automate the DevOps have to decide whether to buy or build a custom AI/ML layer. However, the first step is to establish a strong DevOps infrastructure. Once the foundation is created, AI/ML can be applied for increased efficiency. AI/ML can help DevOps teams focus on creativity and innovation by eliminating inefficiencies across the operational life cycle, enabling teams to manage the amount, speed and variability of data. This, in turn, can result in automated enhancement and an increase in DevOps team’s efficiency.

Source: https://devops.com/how-artificial-intelligence-machine-learning-can-help-devops/

Read More

Blockchain for IoT: A Big Idea Meets Hard Design Questions

One of the most ambitious ideas in blockchain is that the technology could enable not just people and businesses to transact with each other seamlessly, but also machines.
If this scenario, first articulated a few years ago, comes to pass, devices ranging from refrigerators to automobiles would not only collect and share data as part of the emerging internet of things (IoT), they would also be endowed with cryptocurrency wallets and unique, blockchain-based identities. 
The business possibilities from this physical internet of value are vast, potentially expanding the transactional economy in once-unimaginable ways. Self-driving cars might pay each other to cut ahead, for instance; a fridge equipped with sensors would know when it's running low on milk and zap the grocer some crypto to deliver a fresh carton. 
But cut through the awe-inspiring visions and hype, and you'll find debates now starting to take shape over nitty-gritty details.
Recent conversations with specialists at the intersection of blockchain and IoT reveal disagreements about the best ways to build various parts of the so-called machine economy, suggesting that at a minimum, the next phase will be full of trial-and-error.
As Carsten Stocker, CEO of Spherity, a startup specializing in blockchain and IoT integration, told CoinDesk:

"These systems require the integration of a variety of not yet mature hardware and software components as well as cryptographic methods and security processes. There are many hard choices to be made for IoT devices, some of which will stay in the field for decades, some of which our lives may depend on."

Stepping back, one problem with IoT is that it's a hopelessly broad category.
On one end of the spectrum are high-value devices such as cars, with their abundance of computing power and battery life. On the other end, we enter the low-power world of hundreds of millions of simple devices.
At each extreme, there is a unique set of difficult design questions that are now being confronted by those seeking to tie internet-connected devices to distributed ledgers.

In cars

But while the business and utility potential around cars in the IoT-blockchain world is tantalizing, the auto industry faces its own set of interesting business and design challenges.
For example, there is an emerging debate about where the "birth certificate" of a car, or its identity, should be located. Should it be the gearbox, where a lot of BMW's and Mercedes' intellectual property is concentrated? Or the engine? How about the hard drive that collates sensor data?
Alexander Koppel, CEO of Riddle & Code, a startup specializing in giving physical objects unique blockchain identities, said discussions have also been around the battery as a transactional component within a car. It charges and stores energy, and can start to hedge power and even sell it.
"The battery companies think they are the winners," Koppel said, adding rather poetically:

"They think they will become the soul of the car."

Meanwhile, Tobias Brenner, senior consultant at the Deloitte Blockchain Institute, thinks multiple wallets in cars is the intuitive solution, with the expectation of communication between the engine and the battery, and possibly also solar panels on the roof. Then there's the in-car entertainment system which could have a wallet, and so on.  
"Multiple wallets within those systems may be a little bit more complicated but in the end would be very transparent, like which engine used what kind of power, for example," Brenner said. "So, you have to balance it between the transparency and complexity of the whole system."
Riddle & Code has been working with electric car battery makers to help secure this key piece of hardware (apparently such a battery has the explosive potential of a hand grenade so has to be secured against anybody hacking into it).
One thing is certain, Koppel said: "The innovation and business potential from making an object a wallet is phenomenal."

On the edge

At the far-off edges of the IoT, where "things" tend to be very low-power and computationally simple, the argument is over how much complexity is helpful when integrating the network with a blockchain.
Some IoT experts, taking a practical view, think the only requirements at the end-points should be to deliver secure identity and no other complexity.  
Amir Haleem, CEO of Helium, which is building a decentralized network of wide-range wireless protocol gateways and a token to connect edge IoT devices, said adding complexity to end devices "is like a gigantic hurdle to people actually building things."
Apart from anything else, there's the cost.
"People get very sensitive about the bill of materials (BoM) when you start talking at a scale of millions or tens of millions," said Haleem. "You start proposing like a 60 cent addition to a BoM and all of a sudden that's a meaningful number."
Haleem said it makes no sense for end devices, like sensors that track and monitor medicine or food supply chains, to actively participate in a blockchain because these have to be power-efficient and cheap in an IoT setting. But delivering strong identity in the form of hardware-secured keys is essential, particularly in the face of recurring widespread vulnerabilities, botnets etc.  
"We move all the complexity up to the gateway, which is the device that creates the network coverage and acts as a node on the blockchain," he said. "We try and keep the devices dumb and stupid effectively – and cheap."
But not everyone sees it this way. Hewlett Packard Enterprise (HPE), for instance, recognizes that the majority of data is generated at the edge of the IoT world and says the goal should be to enrich those end devices in terms of computing power.
Christian Reichenbach, a transformation consultant at HPE, argues that a proliferation of IoT devices capture so much data that some computation and analysis has to take place there to sort through it all.
At last year's HPE Discover event, Reichenbach was part of a team demonstrating how an iRobot vacuum cleaner with a Raspberry Pi could use crypto tokens it earned from cleaning rooms to pay a smart plug for energy when it needed to recharge – what HPE calls "the servitization of products."
"We need computing at the edge to get intelligence out of all this data and then that can be transferred back to data centers or a blockchain," said Reichenbach, concluding:

"Otherwise leaving these devices as dumb as they are today will just take up all our bandwidth with useless data."

 Source: https://www.coindesk.com/blockchain-for-iot-a-big-idea-meets-hard-design-questions/

Read More