Fog computing extends the concept of cloud computing to the network edge, making it ideal for internet of things (IoT) and other applications that require real-time interactions.

Fog computing is the concept of a network fabric that stretches from the outer edges of where data is created to where it will eventually be stored, whether that’s in the cloud or in a customer’s data center.

Fog is another layer of a distributed network environment and is closely associated with cloud computing and the internet of things (IoT). Public infrastructure as a service (IaaS) cloud vendors can be thought of as a high-level, global endpoint for data; the edge of the network is where data from IoT devices is created.

Fog computing is the idea of a distributed network that connects these two environments. “Fog provides the missing link for what data needs to be pushed to the cloud, and what can be analyzed locally, at the edge,” explains Mung Chiang, dean of Purdue University’s College of Engineering and one of the nation’s top researchers on fog and edge computing.

According to the OpenFog Consortium, a group of vendors and research organizations advocating for the advancement of standards in this technology, fog computing is “a system-level horizontal architecture that distributes resources and services of computing, storage, control and networking anywhere along the continuum from Cloud to Things.”

Benefits of fog computing

Fundamentally, the development of fog computing frameworks gives organizations more choices for processing data wherever it is most appropriate to do so. For some applications, data may need to be processed as quickly as possible – for example, in a manufacturing use case where connected machines need to be able to respond to an incident as soon as possible.

Fog computing can create low-latency network connections between devices and analytics endpoints. This architecture in turn reduces the amount of bandwidth needed compared to if that data had to be sent all the way back to a data center or cloud for processing. It can also be used in scenarios where there is no bandwidth connection to send data, so it must be processed close to where it is created. As an added benefit, users can place security features in a fog network, from segmented network traffic to virtual firewalls to protect it.

Applications of fog computing

Fog computing is the nascent stages of being rolled out in formal deployments, but there are a variety of use cases that have been identified as potential ideal scenarios for fog computing.

Connected Cars: The advent of semi-autonomous and self-driving cars will only increase the already large amount of data vehicles create. Having cars operate independently requires a capability to locally analyze certain data in real-time, such as surroundings, driving conditions and directions. Other data may need to be sent back to a manufacturer to help improve vehicle maintenance or track vehicle usage. A fog computing environment would enable communications for all of these data sources both at the edge (in the car), and to its end point (the manufacturer).

Smart cities and smart grids Like connected cars, utility systems are increasingly using real-time data to more efficiently run systems. Sometimes this data is in remote areas, so processing close to where its created is essential. Other times the data needs to be aggregated from a large number of sensors. Fog computing architectures could be devised to solve both of these issues.

Real-time analytics A host of use cases call for real-time analytics. From manufacturing systems that need to be able to react to events as they happen, to financial institutions that use real-time data to inform trading decisions or monitor for fraud. Fog computing deployments can help facilitate the transfer of data between where its created and a variety of places where it needs to go.

Fog computing and 5G mobile computing

Some experts believe the expected roll out of 5G mobile connections in 2018 and beyond could create more opportunity for fog computing. “5G technology in some cases requires very dense antenna deployments,” explains Andrew Duggan, senior vice president of technology planning and network architecture at CenturyLink. In some circumstances antennas need to be less than 20 kilometers from one another. In a use case like this, a fog computing architecture could be created among these stations that includes a centralized controller that manages applications running on this 5G network, and handles connections to back-end data centers or clouds.

How does fog computing work?

A fog computing fabric can have a variety of components and functions. It could include fog computing gateways that accept data IoT devices have collected. It could include a variety of wired and wireless granular collection endpoints, including ruggedized routers and switching equipment. Other aspects could include customer premise equipment (CPE) and gateways to access edge nodes. Higher up the stack fog computing architectures would also touch core networks and routers and eventually global cloud services and servers.

The OpenFog Consortium, the group developing reference architectures, has outlined three goals for developing a fog framework. Fog environments should be horizontally scalable, meaning it will support multiple industry vertical use cases; be able to work across the cloud to things continuum; and be a system-level technology, that extends from things, over network edges, through to the cloud and across various network protocols. (See video below for more on fog computing from the OpenFog Consortium.)

Are fog computing and edge computing the same thing?

Helder Antunes, senior director of corporate strategic innovation at Cisco and a member of the OpenFog Consortium, says that edge computing is a component, or a subset of fog computing. Think of fog computing as the way data is processed from where it is created to where it will be stored. Edge computing refers just to data being processed close to where it is created. Fog computing encapsulates not just that edge processing, but also the network connections needed to bring that data from the edge to its end point.

[ Related (NetworkWorld): What is edge computing and how it’s changing the network ]

Based on actual users’ experience with IoT platforms, here are the leading features and functionalities potential users should be looking for.

Article published on NetworkWorld by , Contributor, Jan 16, 2018

As an IoT platform and middleware analyst, I am asked constantly about the benefits of IoT platforms and “what makes a great IoT platform.” In response, I often ask these curious inquirers if they’ve ever used IoT platforms themselves. Walking on the edge is exhilarating, but having hands-on insights, data and expertise on how to survive the journey is even better.

What do users actually experience when they use IoT edge platforms?

IoT edge computing is a technology architecture that brings certain computational and analytics capabilities near the point of data generation. IoT edge platforms provide the management capabilities required to deliver data from IoT devices to applications while ensuring that devices are properly managed over their lifetimes. Enterprises use edge platforms for factory automation, warehousing/logistics, connected retail, connected mining and many other solutions. With IoT platform revenue slated to grow to USD63.4 billion by 2026, IoT edge is one of the most highly relied upon enterprise IoT platform approaches.

Enterprises spend a tremendous amount of time completing edge-related IoT platform activities. According to hands-on tests of IoT platforms in MachNation’s IoT Test Environment (MIT-E), the majority of an enterprise user’s edge-related time is spent creating visualizations to gain insight from IoT data. 35% of a user’s time is spent creating dashboards with filtered alerts. And a combined 16% of a user’s time is spent viewing sensor data for an individual device (8%) or a group of devices (8%). Data from an IoT platform are critically important, so the ability to assemble dashboard sensor data and alerts are key – expect to spend a lot of time doing it.

Since the edge is critical for enterprises deploying IoT solutions, we’ve identified the top five user requirements of IoT edge platforms, based on IoT platform users’ experiences with these platforms.

1. Pick a platform with extensive protocol support for data ingestion

To seamlessly bring data from devices into the edge platform, enterprises should choose leading IoT platforms that support an extensive mix of protocols for data ingestion. The list of protocols for industrial-minded edge platforms generally includes brownfield deployment staples such as OPC-UA, BACNET and MODBUS as well as more current ones such as ZeroMQ, Zigbee, BLE and Thread. Equally as important, the platform must be modular in its support for protocols, allowing customization of existing and development of new means of asset communications.

2. Ensure the platform has robust capability for offline functionality

To ensure that the edge platform works when connectivity is down or limited, enterprises should choose leading IoT edge platforms that provide capabilities in four functional areas. First, edge systems need to offer data normalization to successfully clean noisy sensor data. Second, these systems must offer storage to support intermittent, unreliable or limited connectivity between the edge and the cloud. Third, an edge system needs a flexible event processing engine at the edge making it possible to generate insight from machine data when connectivity is constrained. Fourth, an IoT edge-enabled platform should integrate with systems including ERP, MES, inventory management and supply chain management to help ensure business continuity and access to real-time machine data.

3. Make sure the platform provides cloud-based orchestration to support device lifecycle management

To make sure that the edge platform offers highly secure device management, enterprises should select IoT platforms that offer cloud-based orchestration for provisioning, monitoring and updating of connected assets. Leading IoT platforms provide factory provisioning capabilities for IoT devices. These API-based interactions allow a device to be preloaded with certificates, keys, edge applications and an initial configuration before it is shipped to the customer. In addition, platforms should monitor the device using a stream of machine and operational data that can be selectively synced with cloud instances. Finally, an IoT platform should push updates over-the-air to edge applications, the platform itself, gateway OSs, device drivers and devices connected to a gateway.

4. The platform needs a hardware-agnostic scalable architecture

Since there are tens of thousands of device types in the world, enterprises should select IoT platforms that are capable of running on a wide range of gateways and specialized devices. And these platforms should employ the same software stack at the edge and in the cloud allowing a seamless allocation of resources. Platforms should support IoT hardware powered by chips that use ARM-, x86-, and MIPS-based architectures. Using containerization technologies and native cross-compilation, the platforms offer a hardware-agnostic approach that makes it possible to deploy the same set of functionalities across a varied set of IoT hardware without modifications.

5. Comprehensive analytics and visualization tools make a big difference

As we’ve already discussed enterprises should choose IoT platforms that offer out-of-the-box capabilities to aggregate data, run common statistical analyses and visualize data. These platforms should make it easy to integrate leading analytics toolsets and use them to supplement or replace built-in functionality. Different IoT platform users will require different analyses and visualization capabilities. For example, a plant manager and a machine worker will want to access interactive dashboards that deliver useful information and relevant controls for each of their respective roles. Having flexibility in analytics and visualization capabilities will be essential for enterprises as they develop IoT solutions for their multiple business units and operations teams.

Enterprises worldwide are using IoT to increase security, improve productivity, provide higher levels of service and reduce maintenance costs. As they seek to adopt IoT solutions to improve their critical business processes, they should conduct hands-on usability tests to understand edge platform capabilities. Keep watching as more and more enterprises start walking on the edge.

It may be time for the U.S. government to step in to coordinate security standards across all the players that participate in creating the internet of things, Frost & Sullivan says

Article published on NetworkWorld by , Senior Writer, Jan 15, 2018

Thanks to the Mirai botnet attacks, few people in the world of tech need a reminder that IoT devices remain a serious threat to enterprise networks. Still, more than a year after the botnet made headlines worldwide, IoT security remains mostly an idea, rather than a reality.

Such is the scope of the problem that Frost and Sullivan IoT research director Dilip Sarangan argues for governmental intervention. Sarangan says that, because the responsibility for IoT security is diffused across device manufacturers, network providers, software developers and many others, it’s difficult for the industry to make progress on all-encompassing standards.

“The only entity that has the ability to actually dictate what the minimum threshold is, unfortunately, is the U.S. government,” he said.

The difficulty in creating overarching standards mostly has to do with the fact that any given IoT implementation has a large number of moving parts, each of which may be administered by different organizations, or even by third parties. For example, a set of medical devices provided by company A connecting to a network provided by company B, running an application, originally written by company C and residing in company D’s cloud.

“Everyone talks about it like they’re going to provide end-to-end security, and there’s actually no way to do that,” said Sarangan. “You have no control over a lot of parts of an IoT solution.”

Network visibility

From the networking side, Sarangan said, there are plusses and minuses to most of the options available to any given IoT implementation. Cellular networks, for example, tend to be a lot more secure than Wi-Fi, ZigBee or the other wide-area options, but a company will probably have much more limited visibility into what’s happening on that network.

That, in and of itself, can be a security issue, and it’s imperative for the carriers to provide more robust device management features in the future.

“What type of device it is, what type of information it’s supposed to send, where it’s supposed to send the data, what you are supposed to do with that data – until you know all of that, it’s hard to be completely secure,” said Sarangan.

Improved network visibility is key to preventing worst-case scenarios like malicious actors accessing power grids and Internet infrastructure, but so are common-sense measures like air gaps.

“You have the hacks happening, but the hacks haven’t been significant enough to where you’d worry about it,” he said. “The other side of it is that a lot of critical infrastructure – let’s say a smart grid – is on private networks.”

A sea of IoT devices

A lack of quality control and the presence of a host of very old devices on IoT networks might be the most critical security threats, however. Decades-old hardware, which may not have been designed to be connected to the Internet in the first place, let alone stand up to modern-day security threats, creates a serious issue.

“You have over 10 billion IoT devices out there already … and a lot of these devices were created in 1992,” noted Sarangan.

Moreover, the huge number of companies making IoT-enabled hardware makes for a potentially serious problem where quality control is concerned. Big companies like Amazon and Microsoft and Google make headlines for their smart home gizmos, but the world of IoT is a lot broader than that.

China, in particular, is a major source of lower-end IoT devices – speakers, trackers, refrigerators, bike locks and so on – and it’s not just the Huaweis and Xiaomis of the world providing the hardware.

“[There are] hundreds of mom-and-pop shops out there developing hardware that we don’t necessarily know whether to trust or not – these are devices that are getting on unsecured Wi-Fi networks,” said Sarangan. “That’s already a security threat, and a large portion of Americans don’t actually protect their routers.”

Indeed, hidden backdoors have already been found on some such devices, according to The Register.

Article written by Brian Krebs, published on KrebsOnSecurity the 18th Jan. 2018

Most readers here have likely heard or read various prognostications about the impending doom from the proliferation of poorly-secured “Internet of Things” or IoT devices. Loosely defined as any gadget or gizmo that connects to the Internet but which most consumers probably wouldn’t begin to know how to secure, IoT encompasses everything from security cameras, routers and digital video recorders to printers, wearable devices and “smart” lightbulbs.

Throughout 2016 and 2017, attacks from massive botnets made up entirely of hacked IoT devices had many experts warning of a dire outlook for Internet security. But the future of IoT doesn’t have to be so bleak. Here’s a primer on minimizing the chances that your IoT things become a security liability for you or for the Internet at large.

-Rule #1: Avoid connecting your devices directly to the Internet — either without a firewall or in front it, by poking holes in your firewall so you can access them remotely. Putting your devices in front of your firewall is generally a bad idea because many IoT products were simply not designed with security in mind and making these things accessible over the public Internet could invite attackers into your network. If you have a router, chances are it also comes with a built-in firewall. Keep your IoT devices behind the firewall as best you can.

-Rule #2: If you can, change the thing’s default credentials to a complex password that only you will know and can remember. And if you do happen to forget the password, it’s not the end of the world: Most devices have a recessed reset switch that can be used to restore to the thing to its factory-default settings (and credentials). Here’s some advice on picking better ones.

I say “if you can,” at the beginning of Rule #2 because very often IoT devices — particularly security cameras and DVRs — are so poorly designed from a security perspective that even changing the default password to the thing’s built-in Web interface does nothing to prevent the things from being reachable and vulnerable once connected to the Internet.

Also, many of these devices are found to have hidden, undocumented “backdoor” accounts that attackers can use to remotely control the devices. That’s why Rule #1 is so important.

-Rule #3: Update the firmware. Hardware vendors sometimes make available security updates for the software that powers their consumer devices (known as “firmware). It’s a good idea to visit the vendor’s Web site and check for any firmware updates before putting your IoT things to use, and to check back periodically for any new updates.

-Rule #4: Check the defaults, and make sure features you may not want or need like UPnP (Universal Plug and Play — which can easily poke holes in your firewall without you knowing it) — are disabled.

Want to know if something has poked a hole in your router’s firewall? Censys has a decent scanner that may give you clues about any cracks in your firewall. Browse to whatismyipaddress.com, then cut and paste the resulting address into the text box at Censys.io, select “IPv4 hosts” from the drop-down menu, and hit “search.”

If that sounds too complicated (or if your ISP’s addresses are on Censys’s blacklist) check out Steve Gibson‘s Shield’s Up page, which features a point-and-click tool that can give you information about which network doorways or “ports” may be open or exposed on your network. A quick Internet search on exposed port number(s) can often yield useful results indicating which of your devices may have poked a hole.

If you run antivirus software on your computer, consider upgrading to a “network security” or “Internet security” version of these products, which ship with more full-featured software firewalls that can make it easier to block traffic going into and out of specific ports.

Alternatively, Glasswire is a useful tool that offers a full-featured firewall as well as the ability to tell which of your applications and devices are using the most bandwidth on your network. Glasswire recently came in handy to help me determine which application was using gigabytes worth of bandwidth each day (it turned out to be a version of Amazon Music’s software client that had a glitchy updater).

-Rule #5: Avoid IoT devices that advertise Peer-to-Peer (P2P) capabilities built-in. P2P IoT devices are notoriously difficult to secure, and research has repeatedly shown that they can be reachable even through a firewall remotely over the Internet because they’re configured to continuously find ways to connect to a global, shared network so that people can access them remotely. For examples of this, see previous stories here, including This is Why People Fear the Internet of Things, and Researchers Find Fresh Fodder for IoT Attack Cannons.

-Rule #6: Consider the cost. Bear in mind that when it comes to IoT devices, cheaper usually is not better. There is no direct correlation between price and security, but history has shown the devices that tend to be toward the lower end of the price ranges for their class tend to have the most vulnerabilities and backdoors, with the least amount of vendor upkeep or support.

In the wake of last month’s guilty pleas by several individuals who created Mirai — one of the biggest IoT malware threats ever — the U.S. Justice Department released a series of tips on securing IoT devices.

One final note by the author (Krebs): I realize that the people who probably need to be reading these tips the most likely won’t ever know they need to care enough to act on them. But at least by taking proactive steps, you can reduce the likelihood that your IoT things will contribute to the global IoT security problem.