My colleague, Patrick Moorhead, and I had the opportunity last week to participate in Hewlett Packard Enterprise’s (HPE) Global IoT Innovation Lab’s grand opening event in Houston. Following Houston, it will open two other labs in Geneva and Singapore. The HPE team is serious about deploying IoT solutions from the data center to the edge and it has done an impressive job of addressing many of the challenges and concerns many CIOs have when establishing their IoT strategies. HPE’s IoT rollout is focused on how organizations collect, coalesce and use data gathered from sensors and meters on industrial equipment. Many organizations are looking for IoT to improve equipment efficiency from HVAC, mechanical equipment, machinery, etc. Other areas include smart cities, medical devices, connected cars and many other industries.
Because of HPE’s diverse offerings, it is one of the only IoT vendors that can claim an end-to-end solution. Traditionally, HPE has built much of its success on its partners and its IoT strategy is no different. From my perspective, HPE demonstrated substantial industry leadership in the following three areas:
Inherently, IoT creates its own attack vector. Distributed and stranded end points create an attractive target for bad actors. HPE leverages a stable of partners to bring security and privacy solutions to their IoT platform, but the backbone of their IoT security platform is Aruba’s ClearPass. It provides, among other things, Medium Access Control (MAC)- level authentication, Dynamic Host Configuration Protocol (DHCP) fingerprinting, real time logging and endpoint behavior analysis to identify anomalies that indicate breaches or malicious activity. ClearPass also provides security policy controls to control how endpoints operate and communicate. From an IoT security perspective, ClearPass is the equivalent of the “kitchen sink” approach. It is a comprehensive solution that addresses most security concerns today’s CIOs have when implementing their IoT strategy. In many cases, though, it may be overkill for smaller organizations and companies dipping their toes into IoT. As always, it depends on the application.
Analytics in the cloud and at the edge
IoT endpoints are creating a significant amount of organic data outside the cloud and within the data center. As IoT networks become decentralized, these edge devices need to process more data and make decisions based on collected information. By moving autonomy to the edge in terms of security, analytics, and protocol translation, companies can enable their endpoint devices to make many decisions without the human factor.
HPE is investing wisely in machine learning and artificial intelligence (AI). To be successful with AI, you must train the algorithms to learn. AI learning is difficult to do in a distributed environment. Currently, HPE trains its AI data centrally within the confines of a data center. As the industry evolves, HPE will need to train new algorithms using aggregated AI data within a federated learning approach. A federated approach to AI learning makes the decision process more secure. Through successive iteration and learning at the edge, it will make endpoint devices more energy efficient – with lower latency – and deliver an overall secure and smarter device for processing information. HPE knows this and I am confident it will deliver.
One of the most impressive components of HPE’s IoT lab is the convergence between IT/OT systems. OT solutions are associated with Supervisory Control and Data Acquisition (SCADA), Distributed Control Systems (DCS) and Industrial Control Systems (ICS).
Moreover, OT solutions from companies such as the ABB Group, Emerson Electric Co Automation Solutions, Honeywell International, National Instruments Corp. and Schneider Electric SE do not normally play well with others and use closed, proprietary protocols rather than open standards. This, in turn, normally creates both a quagmire of amalgamated protocols at the endpoint and a nightmare of policies from a standardized security perspective.
HPE is pushing the merger between IT and OT systems, thereby driving the software-defined narrative forward. Software-defined infrastructure disaggregates the operating system from the hardware. Companies can now replace closed Real Time Operating Systems (RTOS) with open-source solutions from the likes of Red Hat Software, SuSe, and CentOS and integrate third-party applications to drive functionality and new capabilities. This reduces the friction between the Operating System and Operational Technologies, allowing third-party service providers to deploy revenue-generating solutions to the edge.
Internet connected sensors, wireless sensors, actuator networks (WSANs) and meters are becoming mainstays for factories and energy management systems. Automation communications and controls have become integral components for industrial environments as well. At the edge, IT/OT convergence allows enhanced data analysis, monitoring, security and control of information collected from endpoints. This enables more control and monetization of information. However, it also presents new risk portfolios and scenarios for both sides. Specifically, how service providers ensure how all of their endpoint devices on the network are approved, authenticated, and allowed to communicate with other endpoints or the centralized network. Secondly, they must ensure the encryption of transmissions or communications to ensure privacy and security from the endpoint to the data center or distributed asset. Finally, the ability to be upgraded remotely is a must.