A preliminary market battle has been brewing over the past year between technologies to connect IoT devices via wireless wide area networks. These cellular-type networks allow very low power battery devices to transmit small amounts of data over several miles, a solution highly suitable to many types of IoT devices such weather sensors and smart meters. Entrants in this market include Sigfox, LoRa, and Neul. (In addition, standards organization IEEE is developing the 802.11ah wireless networking protocol for distances up to a kilometer.)
Sigfox announced on June 15 that Samsung’s Artik IoT platform would integrate Sigfox support. Also, noted in the press release, but given less attention, was that Samsung’s venture capital arm is investing in Sigfox. The size of the investment was not disclosed. (See Sigfox press release here.) In February of 2015, Sigfox announced that it had secured from a variety of venture capital firms an investment round totaling $115M, reportedly the largest single VC investment round ever in France, Sigfox’s home country. (See Sigfox press release here .)
Thus far, Sigfox has been the only long-range low-power wireless solution already deployed in commercial operations, with several hundred thousand devices connected. It has networks in place in France, as well as in Spain, Portugal, the Netherlands, parts of the UK, and a number of cities around the world, most recently, in the San Francisco Bay area of the US.
VDC won’t attempt here to compare the relative technical merits of these long-range low-power wireless systems, but from a market standpoint, it is clear that Sigfox is leading the pack. And it’s tempting to think that an investment by Samsung will propel Sigfox into an insurmountable lead. But we’re not yet ready to draw that conclusion. Some points for consideration:
In the meantime, Samsung’s investment positions Sigfox with a larger lead in the race for long-range low-power wireless networks. But it’s a long way to the finish line.
At this month’s LiveWorx event put on by PTC (formerly known as Parametric Technology Corp.), the news highlight was the company’s acquisition of IoT analytics firm ColdLight. (See press release here.) ColdLight’s Neuron software for cloud or on-premise datacenters applies machine learning technology to M2M and IoT data, automating predictive analytics tasks. The ColdLight acquisition was a logical extension to PTC’s prior acquisition of ThingWorx and Axeda in the IoT space.
At the front end of the product development process, PTC has assembled software offerings for product lifecycle management (Windchill), computer-aided design (Creo), application lifecycle management and systems engineering (Integrity). Combined with service lifecycle management and the IoT pieces, PTC has essentially created a set of end-to-end solutions for IoT product development and deployment. However, VDC believes that PTC could do more to fill out the middle of its end-to-end portfolio.
Design of embedded devices generally consists of three major areas: mechanical engineering, electronic engineering, and software development. PTC has the first and last of those well covered, but it offers little in the way of electronic engineering tools, save for electronic design automation software for circuit boards, acquired with the company OHIO Design Automation back in 2004 (and since integrated into Windchill).
There are many types of electronic hardware system development tools, and it may be challenging for PTC to dip another toe into that market without diving in completely. Nevertheless, VDC believes that one particular type of electronic design tool would dovetail nicely with PTC’s software development offerings without necessarily getting the company in over its head in electronic design: virtual prototyping/simulation. Such tools enable the simulation of electronic hardware systems. Although virtual prototyping is often used by semiconductor makers to simulate the behavior of their own chips prior to fabrication, a growing market for virtual prototyping is as a tool for software developers to get a head start on their development work prior to the existence of physical prototypes of the electronic hardware.
PTC already offers mechanical/CAD simulation for Creo. An electronic hardware simulation tool could enable earlier software development for customers using PTC’s Integrity, acting as a bridge between hardware and software development.
Wherever PTC chooses to aim next, its acquisition days aren't over.
IBM has announced it is establishing a new Internet of Things business unit with more than 2,000 consultants, researchers, and developers, and will invest $3 billion in it over the next four years. Three business areas are being highlighted:
(We won’t rehash all the details of the announcement, which you can read here.)
VDC finds this IBM initiative particularly noteworthy, for several reasons:
To look at it another way: as IoT becomes further integrated into day-to-day business IT and operations, what would have been IBM’s risk if it didn’t invest big money in IoT?
Harman International is best known as an audio electronics maker, owning numerous brand names targeting consumers and professionals, including AKG, Crown, dbx, Harman Kardon, Infinity, JBL, Lexicon, Mark Levinson, and Revel. As old-school “car stereos” have evolved in recent years into multifunction “infotainment systems,” Harman has also become a major player in automotive electronics.
On January 22, Harman announced its acquisition for $170 million of Red Bend Software, which is the leading provider of software and services for Firmware Over The Air (FOTA) updating for mobile devices and automobiles. (See press release here.) Harman simultaneously announced its acquisition of software services firm Symphony Teleca, although Red Bend has more interesting implications for IoT.
Back in 2004, Harman had acquired for $138 million QNX Software Systems, developer of the real-time operating system QNX Neutrino, as well as a number of other embedded software solutions which have since become especially popular in the automotive market. Fast forward to 2010 when Harman sold off QNX for $200 million to Research In Motion (RIM, since re-named Blackberry Limited for its line of mobile phones). At the time, Harman said about its sale of QNX, “This move allows Harman to continue its relationship with QNX and the advanced software solutions it provides to Harman and our customers. At the same time, this deal achieves value for all stakeholders and is an important step in a new strengthened relationship with RIM.”
Perhaps Harman’s sale of QNX was influenced by economic conditions during the Great Recession, but it leads us back to Harman’s acquisition of Red Bend, and it raises a few questions:
We‘ll leave these questions for readers to ponder for themselves
Contact us ASAP to schedule a meeting
VDC will be making the trip across the Atlantic again this year to visit the largest embedded technology tradeshow of the year, Embedded World in Nuremberg, Germany. Last year, the conference boasted 26,700 visitors and 856 exhibiting companies!.
While we are at the conference, we welcome the opportunity to meet with attending vendors to learn more about their embedded solutions and any show-related (or other recent) announcements.
You can arrange a meeting time with VDC by contacting us directly.
For meetings contact:
André Girard, Senior Analyst, IoT & Embedded Technology, firstname.lastname@example.org, 508.653.9000 x153; or
Steve Hoffenberg, Director, IoT & Embedded Technology, email@example.com, 508.653.9000 x143.
Haven't decided if you're attending Embedded World yet?
Please check out the Embedded World website for more information on the conference program as well as information on all of the companies that will be exhibiting.
We look forward to seeing you at the show!
At a press and analyst event in San Francisco on December 9, Intel announced its “IoT Platform” reference model. The model is horizontal in scope, encompassing numerous technologies applicable to everything from edge devices to gateways to the cloud. In addition, it is intended to be a modular approach, such that Intel’s hardware and software components (including those from subsidiaries Wind River and McAfee) can be mixed with those of other vendors. For example, a customer could deploy its preferred gateway devices not limited to those based on Intel’s Moon Island design, while remaining compatible with Intel’s reference model. We won’t attempt to describe the entire Intel IoT Platform in this blog post, but we’ll focus on a couple of security aspects announced. (Readers can find the full Intel press release here.)
Intel executives discuss IoT Platform security: (left to right) Lorie Wigle, VP of IoT Security Solutions; Steve Grobman, Intel Fellow and CTO for Security Platforms and Solutions; and Luis Blando, SVP of Intel Security Group [McAfee].
As part of the latest announcement, McAfee’s ePolicy Orchestrator (ePO) is being extended into IoT gateways. ePO is software for security management, enabling centralized deployment and control of security policies, as well as monitoring of endpoint security status. Previously, ePO was intended for enterprise IT networks, but the announcement means that it can now encompass a much wider range of industrial and commercial IoT networks. In VDC’s opinion, this could help ease integration between IT and OT (operational technology) departments when transitioning standalone OT systems into IoT systems. OT could maintain functional control over the gateways and edge devices, while IT institutes improved access control between the gateways and enterprise network assets.
A second notable security announcement was that Intel Security will now license its Enhanced Privacy Identity (EPID) technology to other silicon vendors. EPID is a form of remote anonymous attestation using asymmetric (public key and private key) cryptography, through which central systems can confirm the integrity and authentication credentials of remote devices, without those devices having to reveal their identities or those of their owners. (One common use for anonymous attestation is digital rights management for content protection.) Anonymous attestation requires security hardware, such as a CPU with a Trusted Platform Module (TPM) or Trusted Execution Environment (TEE), for which Intel of course is a prime supplier.
EPID can create groups of devices, where a single public key can work with multiple private keys, i.e. one assigned to each device within the group. The mathematics behind EPID is complex, but for those interested, we suggest checking out the article, “Enhanced Privacy ID: A Remote Anonymous Attestation Scheme for Hardware Devices,” by Intel’s Ernie Brickell and Jiangtao Li (Intel Technology Journal, Volume 13, Issue 2, 2009, pp. 96-111). The chart below from that article summarizes how EPID differs from other attestation technologies, including Direct Anonymous Attestation (DAA).
Intel has not yet disclosed licensing terms for other chip makers to use EPID, and onerous or expensive terms could limit its acceptance. However, VDC believes that EPID could be applicable to many IoT scenarios where a central system needs to trust remote devices owned or operated by others. This type of function will become increasingly important as interested parties seek to extract shared or publicly provided data from private IoT devices.
Although numerous security technologies from many vendors are taking hold in the IoT, Intel is uniquely positioned in this market by virtue of its presence at both the network/system level (McAfee, Intel Server Systems) and the device level (Intel CPU hardware, Wind River software). Intel says, for example, that its existing McAfee Embedded Control software for application whitelisting is used by about 200 device manufacturers. Intel’s IoT Platform is the latest evidence that the company will remain a force to be reckoned with in IoT security.
The Association of Global Automakers and the Alliance of Automobile Manufacturers jointly announced on November 13, 2014 a set of voluntary “Consumer Privacy Protection Principles.” (See the press release here, and download the principles PDF document here.)
VDC applauds the auto industry for recognizing the importance to consumers of privacy for data collected by electronic and digital technologies, which are growing by leaps and bounds in new vehicles. However, the principles don't go far enough in several respects:
Security – The document states that participating members must “implement reasonable measures to protect Covered Information against loss and unauthorized access or use,” then says that “reasonable measures include standard industry practices.” The word reasonable is too wishy-washy in this context, so those statements in the privacy principles don’t inspire confidence that automakers and their partners will go the extra mile for data security. (Why don't the principles say the members must "implement strong measures" to protect the data?) Without defining any minimum security measures or committing to create or adhere to an ISO standard, it comes across as a nice way of saying, “We’ll make a good effort at security, but don't expect us to guarantee the data won't get breached.” In addition, security issues apply for data within vehicles' internal systems, for data during communications from vehicles to infrastructure, and for the databases where the manufacturers will aggregate and store the data. Security policies should specify minimum requirements for how data will be secured at each of these levels, as well as how authorized third parties with data access will be required to secure the data.
Consent – The document states that automakers need to obtain consent to “a clear, meaningful, and prominent notice disclosing the collection, use, and sharing of Covered Information.” However, the document includes no provision for a vehicle owner to deny such consent or revoke it afterwards. Why would that be important? Because the consent form is likely to be presented to consumers among a stack of numerous papers that they sign in a perfunctory manner when buying a car. In addition, consent ideally would provide vehicle owners with the ability to agree or not to agree to each type of data collected, rather than any blanket statement of consent to collection of all data. We’ll see how this plays out when the first consent forms hit the market.
Data Access – The document says that consumers will have “reasonable means to review and correct Personal Subscriber Information.” Such information may include name, address, telephone number, email address, and even credit card number. It’s fine that automakers will give consumers the right to access the data that they themselves provided in the first place, but what the document misses entirely is the basic principle that consumers should have the right to access data produced by their own vehicles. Although this isn't a data privacy issue, it is a data rights issue that automakers need to address. In VDC’s opinion, vehicle owners should have, for example, the ability to take diagnostic data to an independent mechanic, rather than manufacturers only providing such data to its dealers or third parties that have paid to access it. That concern is partly mitigated by "right to repair" laws, which are already in effect in the European Union and slated to take effect in the U.S. in the 2018 model year, although full data access would go beyond such laws. Vehicle owners also should have the ability to access geolocation and nearly all other data generated by their own vehicles. Certain types of data may need to be kept confidential, but the default should be to provide consumers access to data from their own vehicles unless there’s a legitimate safety reason not to make it available to the people whose vehicles generated it.
For further discussion of data rights issues related to the automotive industry and the Internet of Things, see the recent VDC View article entitled, Beyond "Who Owns the Data?"
For microcontrollers (MCUs) used in embedded devices, intellectual property supplier ARM is the clear market leader. In a recent forecast for VDC Research’s report “The Global Market for Embedded Processors,” ARM-based MCUs accounted for more than half of the unit shipments using non-proprietary architectures in 2013 (see chart).
The Cortex-M series is the main line of ARM MCUs, and is the most prevalent architecture used in embedded devices for the IoT. So when ARM announced on October 1 at the TechCon convention and trade show that the company would provide a free operating system—the mbed OS—for the M-series, it created considerable buzz in the industry, as well as some consternation and a bit of confusion.
ARM has been using the mbed name since 2005 for “maker”-style development platforms based on Cortex-M series MCUs, along with a large community of developers and an extensive software library. But the new announcement greatly expands the original mbed concept. The mbed name now encompasses not only the new operating system, but also: a cloud connectivity platform (mbed Device Server); a set of development tools (mbed Tools); and an ecosystem of partners (mbed Partners). Effectively, mbed has become a line of both products and services. ARM says that collectively, mbed will “accelerate Internet of Things deployment.” In this blog post, we’ll focus on the mbed operating system.
The embedded industry is already rife with many dozens of operating systems, ranging from bare bones to fully-featured. These include commercially-licensed binaries (closed source), commercially-licensed open source, free open source, as well as proprietary in-house OSs.
For resource-constrained embedded devices, the free open source offerings have been popular but limited in the extent of their development. Generally, commercially-licensed OSs are more professionally designed, thoroughly tested, and robust.
Several aspects of the mbed OS are noteworthy. First, ARM says that its free OS will be commercial grade. By offering it for free, the mbed OS will compete with some of the commercial embedded OSs already on the market. However, in his keynote speech at TechCon, ARM’s CTO Mike Muller emphasized that the mbed OS will not be a real time operating system (RTOS). Many IoT devices require the time-critical determinism of an RTOS, most notably in safety critical applications such as avionics, automotive systems, factory automation, and the like. The lack of real time functions will limit the breadth of applicability for mbed OS, and the extent to which it will compete with many of the commercial OSs on the market.
Second, ARM said its main intention of releasing the OS along with the mbed Device Server was to ease embedded software development to handle the many security concerns and communications protocols used in IoT, as those are often sticking points for developers not previously experienced with connected devices. Zach Shelby, Directory of Technical Marketing for the ARM’s IoT initiatives, noted that even devices running competing commercial OSs will be able to take advantage of mbed Device Server connectivity services. As Shelby described it, ARM isn’t trying to compete with OS vendors, the company is trying to ensure that IoT developers have adequate support to bring products to market in a timely manner.
Third, although ARM did not mention this in its press information Shelby told VDC that much of the mbed OS source code would be made available as open source. He also said that a few specific software components (such as some security modules) would be released only as binaries, i.e. closed source, which is why the company hasn’t been touting the OS as “open source.”
And fourth, ARM’s announcement only described the mbed OS as being for the M-series MCUs, but Shelby told us that partners will be able to adapt the open source code for ARM’s other series of processors. Indeed, at least one hardware vendor on the show floor was demonstrating a working version of the mbed OS on a Cortex A-series microprocessor. However, the higher performance A-series line is often used with more fully featured operating systems (e.g. Linux), and VDC doesn’t consider it to be a major target for the mbed OS.
All-in-all, VDC believes that the mbed OS will be significant for how it should speed up development for new entrants in the IoT. It probably won’t cause a major upheaval in the broad market for commercial embedded OSs, but a few of the OS vendors at the low end of the market are likely to be adversely impacted.
We are attending ARM TechCon 2014 in Santa Clata
ARM TechCon 2014 at the Santa Clara Convention Center is designed to facilitate collaborative design by connecting the hardware and software communities in one event. The event delivers a comprehensive forum created to ignite the development and optimization of future ARM-based embedded products. The conference includes about 75 intriguing sessions offering insight and education into new products, advanced development techniques, security issues, and much more. For more information about ARM TechCon 2014 and to register for the event, click here.
Contact us directly to schedule a meeting!
We would like to learn more about your company’s solutions and personal experiences, and we welcome the opportunity to meet attending vendors. VDC will be at the conference on Wednesday, October 1st and Thursday, October 2nd. Please contact us directly if you would like to arrange a meeting.
Contact Steve Hoffenberg, Director, M2M Embedded Software, VDC Research Group at firstname.lastname@example.org or 508.653.9000 x143.
About VDC Research
VDC has been covering the embedded systems market since 1994. To learn more about VDC’s coverage of Embedded Hardware & Platforms, check out our website here, and to see what other research and products are offered by VDC Research’s Embedded Hardware and Software practices, click here.