Why You Should Switch to Connext DDS Secure

“Security should be built in, not bolted on.” True. You’ve heard it. I’ve heard it too. In fact, with the IIoT quickly becoming a reality, this phrase is being repeated so many times that I’m worried about it becoming a cliche that creates a sense of urgency without real potency. But why is security often bolted on to begin with? Will understanding the reasons help us avoid it? I hope so. There are many reasons, ranging from economic ones to regulatory, educational, and technical ones, which I cannot get into in this blog post in detail (see the IISF for additional details).

Read More

Protecting Your Data Without Changing a Single Line of Code

RTI Connext DDS 5.3.0 is now live! I’m really excited to be back with a new blog post about one of the key new features of this release: the RTI Security Plugins. The reason I’m so excited about this one it is because this is our first release that is fully wire-compliant with the OMG DDS Security specification.

If you are looking for a high-level overview of OMG’s DDS Security specification, or you are wondering how can you can get started using it in your application, you are in the right place.

Read More

Connext DDS 5.3 is Now Available to Help You Architect Your IIoT Systems!

On behalf of everyone at RTI, I am proud to announce the general availability of Connext DDS 5.3: the first connectivity software for architecting Industrial Internet of Things (IIoT) systems of systems!

In this release of Connext DDS, we are launching several features designed to help our customers build secure and scalable systems reflective of the layered-databus architecture using the Connext Databus. Let’s tour these features and apply them to the layered-databus architecture as well as to actual industries implementing these architectural patterns using our technology.

Read More

Hey, Charlie Miller! Let's Talk About Securing Autonomous Vehicles

A recent Wired article on Charlie Miller (infamously known for remotely hacking and controlling a Jeep) claims that “open conversation and cooperation among companies” are necessary prerequisites to building secure autonomous vehicles. This seems rather far-fetched when so many companies are racing to dominate the future of the once-nearly-dead-but-newly-revived (remember the Big Three bailouts?) automotive industry. As naive as that part of the article sounds, what really blew my mind was the implication that the answer to re-designing security lies solely within the autonomous-vehicle industry.

Read More

Security for IoT: What can Industrial IoT learn from the recent DDoS attack?

The Mirai DDoS (Distributed Denial of Service) attack last Friday revealed a fundamental weakness of current IoT deployments and showed the absolute necessity of new security models. The DDoS attack was against consumer IoT device, but there are many parallels between Consumer IoT and Industrial. This attack involved 10s of millions of IP addresses[i], a massive and unprecedented number of devices. Unfortunately, it seems like it was fairly easy to carry-out, especially since the source code for the Mirai botnet is easily accessible. The primary tool to hack into an array of consumer IoT devices (internet enable cameras, DVRs, etc) was a set of default, manufacturer-set passwords. [ii] How many have run into default passwords on operational industrial devices? Or perhaps it would be better to ask, how many have ever run across a password that has been changed? The latter would probably be easier to count.

Read More

Join RTI and Mentor Graphics to Discuss System Security and the Industrial IoT

On November 2, 2016, Warren Kurisu, Director of Product Management at Mentor Graphics, and I will be discussing how to implement reliability and security in Industrial IoT (IIoT).  We know these qualities are important for IIoT, but the scale of the problem, and the scale of the networks involved, can present a challenge to anyone trying to implement real-world solutions. Although nothing is easy in this new hyper-connected, innovative, data-driven world, when you understand the right approach, the problem isn’t nearly so daunting.

Read More