Can you explain the M2M Area Network -IOT

Question 1: Can you explain the M2M Area Network?

• An M2M area network comprises of machines (or M2M nodes) which have embedded hardware modules for sensing, actuation and communication.
• Various communication protocols can be used for M2M local area networks such as ZigBee, Bluetooh, ModBus, M-Bus, Wirless M-Bus, Power Line Communication (PLC), 6LoWPAN, IEEE 802.15.4, etc.
• The communication network provides connectivity to remote M2M area networks.
• The communication network can use either wired or wireless networks (IP- based).
• While the M2M area networks use either proprietary or non-IP based communication protocols, the communication network uses IP-based networks
• Since non-IP based protocols are used within M2M area networks, the M2M nodes within one network cannot communicate with nodes in an external network.
• To enable the communication between remote M2M area networks, M2M gateways are used.

 

Question 2: Can you explain the M2M Core Network?

• The core network is where all connections are converted into service difference. It can be described as "end of business". The core network provides the path necessary for various subnets to exchange information.These network functions usually provide any connection with any device connected to the network.
• M2M Network Domain provides communication network between the M2M Application Domain and the M2M Device Domain. M2M Network Domain includes two basic parts, such as the M2M core and M2M service capabilities. The M2M core network is the central part of the M2M communication network that provides various services to service providers connected through the access network such as GERAN, WiMAX, Satellite, DSL, UTRAN, WLAN or eUTRAN and other Other mobile networks (for example: 3G, 2G, LTE, 4G). M2M service capabilities are network functions defined to support M2M applications.Question 3: Can you explain the M2M Application Domain?
• As the name suggests, the M2M application domain offers applications to use M2M technology conveniently. Examples include server and end-user applications. 2. M2M network domain M2M network domain acts as a bridge between the M2M application domain and the M2M device domain. It is made of two parts called the M2M core and M2M service capabilities

• The application domain consists of a back-end server (BS) and M2M application clients.
• The back-end server is the main component of the M2M system and acts as an integration point to store all the sensory information transmitted from the M2M device domain.
• It also provides the real-time monitoring data to various client applications for real-time remote monitoring management (RMM), i.e. smart metering, e-health care, and traffic monitoring.
• The BS can also vary for different applications; e.g. in smart grids, the control center acts as the BS, whereas in ehealthcare systems, the BS is the M2M health-monitoring server.
• Considering M2M domain in Fig. below only, we can think of two communication scenarios.
• The first scenario assumes the client/ server model, which considers the communication among M2M devices (deployed in M2M domain) and one or more M2M servers (within application domain)
• This scenario represents the most considered one and is used in various M2M applications, such as smart electrical power grids, home automation, and environmental monitoring.
• On the other hand, the peer-to-peer (p2p) model is whereby M2M devices communicate directly among themselves. These applications form the basis of the second scenario. This kind of inter-M2M device communications can be either through the mobile network or in an ad hoc mode. domain.

Question 4: Can you explain the Purpose and Goal of oneM2M?

• The purpose and goal of oneM2M is to develop technical specifications which address the need for a common M2M service layer that can be readily embedded within various hardware and software, and relied upon to connect myriad devices in the field with M2M application servers worldwide.
• A critical objective of oneM2M is to attract and actively involve organisations from M2M-related business domains such as: telematics and intelligent transportation, healthcare, utilities, industrial automation, smart homes and others. There are currently 228 participating partners and members in the organisation.

Question 5: Can you explain the Filed and Infrastructure Domain?

The User Domain represents a great weakness within the IT infrastructure. This domain includes any end-user accessing information at the organization. With “almost 90% of cyber-attacks caused by human error or behavior” [1], this domain needs strong scrutiny. The following risks have been identified within this domain:Employees that fail to lock their computers when getting up from their desks.

Employees that leave sensitive company information on their desks.Limited IT security knowledge by employees can lead to the introduction of malware and social engineering schemes.Employee negligence from a lack of policy can lead to legal ramifications for the business.

These risks have the potential to destroy a business. Falling for a social engineering scheme can introduce ransomware to the corporate network. This can lead to the encryption of valuable files needed in day-to-day operations. In the absence of complete backups of these files, the only alternative would be to pay the ransom. If the hackers unencrypt the files as they say they will when the ransom is paid, this could lead to downtime amounting to days of lost productivity. Additionally, without rectifying the situation and properly cleaning the affected systems, the ransomware could reactivate and begin the process again.

The introduction of malware by an end-user browsing an infected website can also compromise the business. Malware can include keyloggers and spyware which, if controlled by the wrong entity, could lead to sensitive data loss or the theft and sale of confidential company information to your competitors. These risks can be mitigated by strong security controls and policies as well as comprehensive security and awareness training for all employees. Policies that control employee’s behavior and produce a clear legal separation between employee and the employer, such as an Acceptable Use Policy (AUP), are definitely needed.

Workstation Domain

The Workstation Domain includes any computing devices used by end-users and represents how the users connect to the actual IT infrastructure. The following risks have been identified within this domain:Old operating systems represent a huge vulnerability.

 

They are beyond their end-of-life and are not maintained with security updates and patches.Older and outdated hardware is vulnerable to hackers and data loss through outdated firmware exploits and the lack of the ability to encrypt the hardware.

Known remote access vulnerabilities within older OS’s can allow hackers to take over the workstation and gain access to the corporate network.Old hard drives can lead to failure and the data loss of critical business information.

These risks have the potential to allow hackers into the network and also have the potential for data loss of failed hardware components. These risks can be mitigated by a complete overhaul of old hardware to ensure everything is up-to-date. Newer OS’s will mean security holes are closed and new equipment, maintained through sound backup policies and encryption techniques, will help maintain business continuity if a hard drive were to fail. This will also protect corporate data in the event of a data breach. Also, by establishing a strong baseline system defined by a security policy, each workstation can be ensured to provide strong local encryption, backup of sensitive information, and protection from intrusion and compromise by utilizing the latest patched operating system and antimalware/antivirus protection.