Machine to machine communications is a hot topic. There is a whole conference dedicated to the topic: M2M World Congress London. Held recently in London from 25th -26th April, it focused on the different experiences that industry players are having in deploying M2M.
Mobile network operators were omnipresent, with the likes of EE, Telefónica, Orange, Deutsche Telekom, swisscom, Etisalat, Turkcell, Transatel and other players in the M2M value chain like Oracle and Ericsson willingly talking about the ‘secret sauce’ that is needed to make efficient M2M happen. Why are operators involved you may ask? Well, there are major profitable advantages to be had from investing in M2M and operators are building partnerships across the value chain, trying and testing out business cases to bring flexibility to the business and the end user, while continually adapting to the M2M environment.
I also gave a presentation at the conference, but I focused on a different aspect of M2M. Called ‘M2M Connectivity and Security – Emerging Challenges’, my presentation explored the benefits and opportunities this technology offers. Many devices and businesses can benefit from M2M connectivity, however, with opportunity comes a challenge.
Let’s start with the basics. Security is a continual concern, and rightfully so, as Beecham Research has recently explored. Using principles such as identity and authentication, data integrity, confidentiality through encryption, wireless networks and mobile devices can be secured. But M2M throws more security challenges into the mix.
As ever, the key question is what it is that needs protecting? Let’s take a look at a couple of examples. In the automotive industry there are increasing worries around threats to telematic and multimedia services. Could malware attack the multimedia dashboard in a car? How easily are the electronics of a car accessed with a malicious piece of code? And, how would this affect the overall safety of the car?
(If you watch Homeland too, you’ll know that even healthcare applications like pacemakers are potentially at risk of being hacked via M2M communications.)
And what about the energy industry with smart grids which is part of a critical infrastructure that is at risk from cyber criminality and data hacking. Luckily, governments are already working to address some of these issues, such as privacy, and others are working on regulation to include security that protects the citizen and the critical infrastructures from hackers.
What this amounts to, however, is trust. And security in the M2M ecosystem is all about trust between the different stakeholders. The citizen (and end user) has to trust the devices, the solution provider and be able to have faith that any user-generated data are protected. Solutions providers and connectivity providers need to be able to trust in each other and all industry partners for a seamless M2M deployment, and that it will ultimately result in advantages for all players.
So, security should be front of mind for all sections of the M2M industry chain. There are straightforward steps to take, with security tokens and software counter measures with embedded secure elements, wireless modules, security tests and ongoing security evaluation and risk assessments, but it all starts with trust. In a nutshell, security comes at a price. Therefore you need to carefully evaluate your requirements and protect only what needs to be protected so you don’t kill the M2M business case with excessive security. It’s always a balance between effort, costs and risks – and Gemalto is there to help build a trusted ecosystem.
