You are previewing IoT: Building Arduino-Based Projects.
O'Reilly logo
IoT: Building Arduino-Based Projects

Book Description

Explore and learn about Internet of Things to develop interactive Arduino-based Internet projects

About This Book

  • Learn the capabilities and differences between popular protocols and communication patterns and how they can be used, and should not be used, to create secure and interoperable services and things

  • Build Internet-based Arduino devices to make your home feel more secure

  • Learn to protect cyber-physical systems and utilize forensic data analysis to beat vulnerabilities in your IoT ecosystem

  • Learn best practices to secure your data from device to the cloud

  • Who This Book Is For

    If you're a developer or electronics engineer who is curious about Internet of Things, then this is the course for you. A rudimentary understanding of electronics, Raspberry Pi, or similar credit-card sized computers, and some programming experience using managed code such as C# or Java will be helpful. Business analysts and managers will also find this course useful.

    What You Will Learn

  • Know the capabilities and limitations of the HTTP, UPnP, CoAP, MQTT, and XMPP protocols

  • Use important communication patterns, such as the request/respond, publish/subscribe, event subscription, asynchronous messaging, and multicasting patterns

  • Build a portable Wi-Fi signal strength sensor to give haptic feedback about signal strength to the user

  • Measure the water flow speed and volume with liquid flow sensors and record real-time readings

  • Secure your home with motion-activated Arduino security cameras and upload images to the cloud

  • Implement real-time data logging of a solar panel voltage with Arduino cloud connectors

  • Track locations with GPS and upload location data to the cloud

  • Control infrared-enabled devices with IR remote and Arduino

  • Use Systems Security Engineering and Privacy-by-design principles to design a secure IoT ecosystem

  • In Detail

    The IoT: Building Arduino-Based Projects course will take you on a journey to become an expert in the use of IoT by developing a set of projects and finally guide you onto securing your IoT environment.

    The course begins with exploring the popular HTTP, UPnP, CoAP, MQTT, and XMPP protocols. In the first module Learning Internet of Things, you will learn how protocols and patterns can put limitations on network topology and how they affect the direction of communication and the use of firewalls. This module gives you a practical overview of the existing protocols, communication patterns, architectures, and security issues important to Internet of Things.

    The second module, Internet of Things with Arduino Blueprints provides you up to eight projects that will allow devices to communicate with each other, access information over the Internet, store and retrieve data, and interact with users?creating smart, pervasive, and always-connected environments. You can use these projects as blueprints for many other IoT projects and put them to good use.

    It has becomes critical to ensure that cyber security threats are contained to a minimum when implementing new IoT services and solutions. Thus, our third module, Practical Internet of Things Security provides a set of guidelines to architect and deploy a secure IoT in your Enterprise. The aim is to showcase how the IoT is implemented in early adopting industries and describe how lessons can be learned and shared across diverse industries to support a secure IoT.

    Style and approach

    This course introduces you to the Internet of Things architecture, helps you build Arduino projects based on IoT and cloud computing concepts, create smart, pervasive and always-connected environments, and finally guide you onto securing your IoT environment. Each of these has been covered in individual modules so that you develop your skill after the completion of a module and get ready for the next

    Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at If you purchased this book elsewhere, you can visit and register to have the code file.

    Table of Contents

    1. IoT: Building Arduino-Based Projects
      1. Table of Contents
      2. IoT: Building Arduino-Based Projects
      3. IoT: Building Arduino-Based Projects
      4. Credits
      5. Preface
        1. What this learning path covers
        2. What you need for this learning path
        3. Who this learning path is for
        4. Reader feedback
        5. Customer support
          1. Downloading the example code
          2. Errata
          3. Piracy
          4. Questions
      6. 1. Module 1
        1. 1. Preparing our IoT Projects
          1. Creating the sensor project
            1. Preparing Raspberry Pi
            2. Clayster libraries
            3. Hardware
            4. Interacting with our hardware
            5. Interfacing the hardware
            6. Internal representation of sensor values
            7. Persisting data
            8. External representation of sensor values
            9. Exporting sensor data
          2. Creating the actuator project
            1. Hardware
            2. Interfacing the hardware
          3. Creating a controller
            1. Representing sensor values
            2. Parsing sensor data
            3. Calculating control states
          4. Creating a camera
            1. Hardware
            2. Accessing the serial port on Raspberry Pi
            3. Interfacing the hardware
            4. Creating persistent default settings
            5. Adding configurable properties
            6. Persisting the settings
            7. Working with the current settings
            8. Initializing the camera
          5. Summary
        2. 2. The HTTP Protocol
          1. HTTP basics
          2. Adding HTTP support to the sensor
            1. Setting up an HTTP server on the sensor
            2. Setting up an HTTPS server on the sensor
            3. Adding a root menu
            4. Displaying measured information in an HTML page
            5. Generating graphics dynamically
            6. Creating sensor data resources
            7. Interpreting the readout request
            8. Testing our data export
            9. User authentication
            10. Adding events for enhanced network performance
          3. Adding HTTP support to the actuator
            1. Creating the web services resource
            2. Accessing individual outputs
            3. Collective access to outputs
            4. Accessing the alarm output
            5. Using the test form
            6. Accessing WSDL
            7. Using the REST web service interface
          4. Adding HTTP support to the controller
            1. Subscribing to events
            2. Creating the control thread
            3. Controlling the actuator
          5. Summary
        3. 3. The UPnP Protocol
          1. Introducing UPnP
            1. Providing a service architecture
            2. Documenting device and service capabilities
          2. Creating a device description document
            1. Choosing a device type
            2. Being friendly
            3. Providing the device with an identity
            4. Adding icons
            5. Adding references to services
            6. Topping off with a URL to a web presentation page
          3. Creating the service description document
            1. Adding actions
            2. Adding state variables
            3. Adding a unique device name
          4. Providing a web interface
          5. Creating a UPnP interface
            1. Registering UPnP resources
            2. Replacing placeholders
            3. Adding support for SSDP
            4. Notifying the network
            5. Responding to searches
          6. Implementing the Still Image service
            1. Initializing evented state variables
            2. Providing web service properties
            3. Adding service properties
            4. Adding actions
          7. Using our camera
            1. Setting up UPnP
            2. Discovering devices and services
            3. Subscribing to events
            4. Receiving events
            5. Executing actions
          8. Summary
        4. 4. The CoAP Protocol
          1. Making HTTP binary
            1. Finding development tools
          2. Adding CoAP to our sensor
            1. Defining our first CoAP resources
            2. Manually triggering an event notification
            3. Registering data readout resources
            4. Returning XML
            5. Returning JSON
            6. Returning plain text
            7. Discovering CoAP resources
            8. Testing our CoAP resources
          3. Adding CoAP to our actuator
            1. Defining simple control resources
            2. Parsing the URL in CoAP
            3. Controlling the output using CoAP
          4. Using CoAP in our controller
            1. Monitoring observable resources
            2. Receiving notifications
            3. Performing control actions
          5. Summary
        5. 5. The MQTT Protocol
          1. Publishing and subscribing
          2. Adding MQTT support to the sensor
            1. Controlling the thread life cycle
            2. Flagging significant events
            3. Connecting to the MQTT server
            4. Publishing the content
          3. Adding MQTT support to the actuator
            1. Initializing the topic content
            2. Subscribing to topics
            3. Receiving the published content
            4. Decoding and parsing content
          4. Adding MQTT support to the controller
            1. Handling events from the sensor
            2. Decoding and parsing sensor values
            3. Subscribing to sensor events
            4. Controlling the actuator
              1. Controlling the LED output
              2. Controlling the alarm output
          5. Summary
        6. 6. The XMPP Protocol
          1. XMPP basics
            1. Federating for global scalability
            2. Providing a global identity
            3. Authorizing communication
            4. Sensing online presence
            5. Using XML
            6. Communication patterns
            7. Extending XMPP
            8. Connecting to a server
            9. Provisioning for added security
          2. Adding XMPP support to a thing
            1. Connecting to the XMPP network
            2. Monitoring connection state events
            3. Notifying your friends
            4. Handling HTTP requests over XMPP
          3. Providing an additional layer of security
            1. The basics of provisioning
            2. Initializing the Thing Registry interface
            3. Registering a thing
            4. Updating a public thing
            5. Claiming a thing
            6. Removing a thing from the registry
            7. Disowning a thing
            8. Initializing the provisioning server interface
            9. Handling friendship recommendations
            10. Handling requests to unfriend somebody
            11. Searching for a provisioning server
            12. Providing registry information
            13. Maintaining a connection
            14. Negotiating friendships
            15. Handling presence subscription requests
            16. Continuing interrupted negotiations
            17. Adding XMPP support to the sensor
            18. Adding a sensor server interface
            19. Updating event subscriptions
            20. Publishing contracts
          4. Adding XMPP support to the actuator
            1. Adding a controller server interface
          5. Adding XMPP support to the camera
          6. Adding XMPP support to the controller
            1. Setting up a sensor client interface
              1. Subscribing to sensor data
              2. Handling incoming sensor data
            2. Setting up a controller client interface
            3. Setting up a camera client interface
            4. Fetching the camera image over XMPP
            5. Identifying peer capabilities
            6. Reacting to peer presence
            7. Detecting rule changes
          7. Connecting it all together
          8. Summary
        7. 7. Using an IoT Service Platform
          1. Selecting an IoT platform
          2. The Clayster platform
            1. Downloading the Clayster platform
            2. Creating a service project
            3. Adding references
            4. Making a Clayster module
            5. Executing the service
            6. Using a package manifest
            7. Executing from Visual Studio
            8. Configuring the Clayster system
            9. Using the management tool
            10. Browsing data sources
          3. Interfacing our devices using XMPP
            1. Creating a class for our sensor
              1. Finding the best class
              2. Subscribing to sensor data
              3. Interpreting incoming sensor data
            2. Creating a class for our actuator
              1. Customizing control operations
            3. Creating a class for our camera
          4. Creating our control application
            1. Understanding rendering
            2. Defining the application class
            3. Initializing the controller
            4. Adding control rules
            5. Understanding application references
            6. Defining brieflets
            7. Displaying a gauge
            8. Displaying a binary signal
            9. Pushing updates to the client
            10. Completing the application
            11. Configuring the application
            12. Viewing the 10-foot interface application
          5. Summary
        8. 8. Creating Protocol Gateways
          1. Understanding protocol bridging
          2. Using an abstraction model
          3. The basics of the Clayster abstraction model
            1. Understanding editable data sources
            2. Understanding editable objects
            3. Using common data sources
            4. Overriding key properties and methods
              1. Controlling structure
              2. Publishing properties
              3. Publishing commands
            5. Handling communication with devices
              1. Reading devices
              2. Configuring devices
          4. Understanding the CoAP gateway architecture
          5. Summary
        9. 9. Security and Interoperability
          1. Understanding the risks
            1. Reinventing the wheel, but an inverted one
            2. Knowing your neighbor
          2. Modes of attack
            1. Denial of Service
            2. Guessing the credentials
            3. Getting access to stored credentials
            4. Man in the middle
            5. Sniffing network communication
            6. Port scanning and web crawling
            7. Search features and wildcards
            8. Breaking ciphers
          3. Tools for achieving security
            1. Virtual Private Networks
            2. X.509 certificates and encryption
            3. Authentication of identities
            4. Usernames and passwords
            5. Using message brokers and provisioning servers
            6. Centralization versus decentralization
          4. The need for interoperability
            1. Solves complexity
            2. Reduces cost
            3. Allows new kinds of services and reuse of devices
            4. Combining security and interoperability
          5. Summary
      7. 2. Module 2
        1. 1. Internet-Controlled PowerSwitch
          1. Getting started
            1. Hardware and software requirements
            2. Arduino Ethernet Shield
            3. The Arduino Ethernet board
            4. Connecting Arduino Ethernet Shield to the Internet
            5. Testing your Arduino Ethernet Shield
          2. Selecting a PowerSwitch Tail
            1. PN PSSRKT-240
            2. PN80135
            3. Wiring PowerSwitch Tail with Arduino Ethernet Shield
          3. Turning PowerSwitch Tail into a simple web server
            1. What is a web server?
            2. A step-by-step process for building a web-based control panel
              1. Handling client requests by HTTP GET
            3. Sensing the availability of mains electricity
            4. Testing the mains electricity sensor
            5. Building a user-friendly web user interface
          4. Adding a Cascade Style Sheet to the web user interface
          5. Finding the MAC address and obtaining a valid IP address
            1. Finding the MAC address
            2. Obtaining an IP address
              1. Assigning a static IP address
              2. Obtaining an IP address using DHCP
          6. Summary
        2. 2. Wi-Fi Signal Strength Reader and Haptic Feedback
          1. Prerequisites
          2. Arduino WiFi Shield
            1. Firmware upgrading
            2. Stacking the WiFi Shield with Arduino
            3. Hacking an Arduino earlier than REV3
            4. Knowing more about connections
            5. Fixing the Arduino WiFi library
            6. Connecting your Arduino to a Wi-Fi network
          3. Wi-Fi signal strength and RSSI
            1. Reading the Wi-Fi signal strength
          4. Haptic feedback and haptic motors
            1. Getting started with the Adafruit DRV2605 haptic controller
            2. Selecting a correct vibrator
            3. Connecting a haptic controller to Arduino WiFi Shield
            4. Soldering a vibrator to the haptic controller breakout board
            5. Downloading the Adafruit DRV2605 library
            6. Making vibration effects for RSSI
          5. Implementing a simple web server
            1. Reading the signal strength over Wi-Fi
          6. Summary
        3. 3. Internet-Connected Smart Water Meter
          1. Prerequisites
          2. Water flow sensors
            1. Wiring the water flow sensor with Arduino
            2. Reading pulses
            3. Rising edge and falling edge
            4. Reading and counting pulses with Arduino
            5. Calculating the water flow rate
            6. Calculating the water flow volume
          3. Adding an LCD screen to the water meter
          4. Converting your water meter to a web server
            1. A little bit about plumbing
          5. Summary
        4. 4. Arduino Security Camera with Motion Detection
          1. Prerequisites
          2. Getting started with TTL Serial Camera
            1. Wiring the TTL Serial Camera for image capturing
            2. Wiring the TTL Serial Camera for video capturing
              1. Testing NTSC video stream with video screen
          3. Connecting the TTL Serial Camera with Arduino and Ethernet Shield
            1. Image capturing with Arduino
              1. The Software Serial library
              2. How the image capture works
          4. Uploading images to Flickr
            1. Creating a Flickr account
            2. Creating a Temboo account
            3. Creating your first Choreo
              1. Initializing OAuth
              2. Finalizing OAuth
              3. Generating the photo upload sketch
            4. Connecting the camera output with Temboo
            5. Motion detection
          5. Summary
        5. 5. Solar Panel Voltage Logging with NearBus Cloud Connector and Xively
          1. Connecting a solar cell with the Arduino Ethernet board
            1. Building a voltage divider
            2. Building the circuit with Arduino
          2. Setting up a NearBus account
          3. Defining a new device
            1. Examining the device lists
            2. Downloading the NearBus agent
          4. Creating and configuring a Xively account
          5. Configuring the NearBus connected device for Xively
          6. Developing a web page to display the real-time voltage values
            1. Displaying data on a web page
          7. Summary
        6. 6. GPS Location Tracker with Temboo, Twilio, and Google Maps
          1. Hardware and software requirements
            1. Hardware requirements
            2. Software requirements
          2. Getting started with the Arduino GPS shield
          3. Connecting the Arduino GPS shield with the Arduino Ethernet board
            1. Testing the GPS shield
            2. Displaying the current location on Google Maps
          4. Getting started with Twilio
            1. Creating a Twilio account
            2. Finding Twilio LIVE API credentials
            3. Finding Twilio test API credentials
            4. Get your Twilio number
          5. Creating Twilio Choreo with Temboo
            1. Sending an SMS with Twilio API
            2. Send a GPS location data using Temboo
          6. Summary
        7. 7. Tweet-a-Light – Twitter-Enabled Electric Light
          1. Hardware and software requirements
            1. Hardware
            2. Software
          2. Getting started with Python
            1. Installing Python on Windows
            2. Setting environment variables for Python
            3. Installing the setuptools utility on Python
            4. Installing the pip utility on Python
            5. Opening the Python interpreter
            6. Installing the Tweepy library
            7. Installing pySerial
          3. Creating a Twitter app and obtaining API keys
            1. Writing a Python script to read Twitter tweets
          4. Reading the serial data using Arduino
            1. Connecting the PowerSwitch Tail with Arduino
          5. Summary
        8. 8. Controlling Infrared Devices Using IR Remote
          1. Building an Arduino infrared recorder and remote
            1. Hardware
            2. Software
          2. Building the IR receiver module
            1. Capturing IR commands in hexadecimal
            2. Capturing IR commands in the raw format
            3. Building the IR sender module
            4. Controlling through the LAN
          3. Adding an IR socket to non-IR enabled devices
          4. Summary
      8. 3. Module 3
        1. 1. A Brave New World
          1. Defining the IoT
            1. Cybersecurity versus IoT security and cyber-physical systems
          2. Why cross-industry collaboration is vital
          3. IoT uses today
            1. Energy industry and smart grid
            2. Connected vehicles and transportation
            3. Manufacturing
            4. Wearables
            5. Implantables and medical devices
          4. The IoT in the enterprise
            1. The things in the IoT
              1. The IoT device lifecycle
                1. IoT device implementation
                2. IoT service implementation
                3. IoT device and service deployment
              2. The hardware
              3. Operating systems
              4. IoT communications
              5. Messaging protocols
                1. MQTT
                2. CoAP
                3. XMPP
                4. DDS
                5. AMQP
                6. Gateways
              6. Transport protocols
              7. Network protocols
              8. Data link and physical protocols
                1. IEEE 802.15.4
                2. ZWave
                3. Power Line Communications
                4. Cellular communications
              9. IoT data collection, storage, and analytics
            2. IoT integration platforms and solutions
          5. The IoT of the future and the need to secure
            1. The future – cognitive systems and the IoT
          6. Summary
        2. 2. Vulnerabilities, Attacks, and Countermeasures
          1. Primer on threats, vulnerability, and risks (TVR)
            1. The classic pillars of information assurance
            2. Threats
            3. Vulnerability
            4. Risks
          2. Primer on attacks and countermeasures
            1. Common IoT attack types
            2. Attack trees
              1. Building an attack tree
            3. Fault (failure) trees and CPS
              1. Fault tree and attack tree differences
              2. Merging fault and attack tree analysis
            4. Example anatomy of a deadly cyber-physical attack
          3. Today's IoT attacks
            1. Attacks
              1. Wireless reconnaissance and mapping
              2. Security protocol attacks
              3. Physical security attacks
              4. Application security attacks
          4. Lessons learned and systematic approaches
            1. Threat modeling an IoT system
              1. Step 1 – identify the assets
              2. Step 2 – create a system/architecture overview
              3. Step 3 – decompose the IoT system
              4. Step 4 – identify threats
              5. Step 5 – document the threats
              6. Step 6 – rate the threats
          5. Summary
        3. 3. Security Engineering for IoT Development
          1. Building security in to design and development
            1. Security in agile developments
            2. Focusing on the IoT device in operation
          2. Secure design
            1. Safety and security design
              1. Threat modeling
              2. Privacy impact assessment
              3. Safety impact assessment
              4. Compliance
                1. Monitoring for compliance
              5. Security system integration
                1. Accounts and credentials
                2. Patching and updates
                3. Audit and monitoring
            2. Processes and agreements
              1. Secure acquisition process
              2. Secure update process
              3. Establish SLAs
              4. Establish privacy agreements
              5. Consider new liabilities and guard against risk exposure
              6. Establish an IoT physical security plan
            3. Technology selection – security products and services
              1. IoT device hardware
              2. Selecting an MCU
              3. Selecting a real-time operating system (RTOS)
              4. IoT relationship platforms
                1. Xively
                2. ThingWorx
              5. Cryptographic security APIs
              6. Authentication/authorization
              7. Edge
              8. Security monitoring
          3. Summary
        4. 4. The IoT Security Lifecycle
          1. The secure IoT system implementation lifecycle
            1. Implementation and integration
              1. IoT security CONOPS document
              2. Network and security integration
                1. Examining network and security integration for WSNs
                2. Examining network and security integration for connected cars
                3. Planning for updates to existing network and security infrastructures
                4. Planning for provisioning mechanisms
                5. Integrating with security systems
                6. IoT and data buses
              3. System security verification and validation (V&V)
              4. Security training
                1. Security awareness training for users
                2. Security administration training for the IoT
              5. Secure configurations
                1. IoT device configurations
                2. Secure gateway and network configurations
            2. Operations and maintenance
              1. Managing identities, roles, and attributes
                1. Identity relationship management and context
                  1. Attribute-based access control
                  2. Role-based access control
                  3. Consider third-party data requirements
                  4. Manage keys and certificates
              2. Security monitoring
              3. Penetration testing
                1. Red and blue teams
                  1. Evaluating hardware security
                  2. The airwaves
                  3. IoT penetration test tools
              4. Compliance monitoring
              5. Asset and configuration management
              6. Incident management
              7. Forensics
            3. Dispose
              1. Secure device disposal and zeroization
              2. Data purging
              3. Inventory control
              4. Data archiving and records management
          2. Summary
        5. 5. Cryptographic Fundamentals for IoT Security Engineering
          1. Cryptography and its role in securing the IoT
            1. Types and uses of cryptographic primitives in the IoT
            2. Encryption and decryption
              1. Symmetric encryption
                1. Block chaining modes
                2. Counter modes
              2. Asymmetric encryption
            3. Hashes
            4. Digital signatures
              1. Symmetric (MACs)
            5. Random number generation
            6. Ciphersuites
          2. Cryptographic module principles
          3. Cryptographic key management fundamentals
            1. Key generation
            2. Key establishment
            3. Key derivation
            4. Key storage
            5. Key escrow
            6. Key lifetime
            7. Key zeroization
            8. Accounting and management
            9. Summary of key management recommendations
          4. Examining cryptographic controls for IoT protocols
            1. Cryptographic controls built into IoT communication protocols
              1. ZigBee
              2. Bluetooth-LE
              3. Near field communication (NFC)
            2. Cryptographic controls built into IoT messaging protocols
              1. MQTT
              2. CoAP
              3. DDS
              4. REST
          5. Future directions of the IoT and cryptography
          6. Summary
        6. 6. Identity and Access Management Solutions for the IoT
          1. An introduction to identity and access management for the IoT
          2. The identity lifecycle
            1. Establish naming conventions and uniqueness requirements
              1. Naming a device
            2. Secure bootstrap
            3. Credential and attribute provisioning
              1. Local access
            4. Account monitoring and control
            5. Account updates
            6. Account suspension
            7. Account/credential deactivation/deletion
          3. Authentication credentials
            1. Passwords
            2. Symmetric keys
            3. Certificates
              1. X.509
              2. IEEE 1609.2
            4. Biometrics
            5. New work in authorization for the IoT
          4. IoT IAM infrastructure
            1. 802.1x
            2. PKI for the IoT
              1. PKI primer
              2. Trust stores
              3. PKI architecture for privacy
              4. Revocation support
                1. OCSP
                2. OCSP stapling
                3. SSL pinning
          5. Authorization and access control
            1. OAuth 2.0
            2. Authorization and access controls within publish/subscribe protocols
            3. Access controls within communication protocols
          6. Summary
        7. 7. Mitigating IoT Privacy Concerns
          1. Privacy challenges introduced by the IoT
            1. A complex sharing environment
              1. Wearables
              2. Smart homes
            2. Metadata can leak private information also
            3. New privacy approaches for credentials
            4. Privacy impacts on IoT security systems
            5. New methods of surveillance
          2. Guide to performing an IoT PIA
            1. Overview
            2. Authorities
            3. Characterizing collected information
            4. Uses of collected information
            5. Security
            6. Notice
            7. Data retention
            8. Information sharing
            9. Redress
            10. Auditing and accountability
          3. PbD principles
            1. Privacy embedded into design
            2. Positive-sum, not zero-sum
            3. End-to-end security
            4. Visibility and transparency
            5. Respect for user privacy
          4. Privacy engineering recommendations
            1. Privacy throughout the organization
            2. Privacy engineering professionals
            3. Privacy engineering activities
          5. Summary
        8. 8. Setting Up a Compliance Monitoring Program for the IoT
          1. IoT compliance
            1. Implementing IoT systems in a compliant manner
            2. An IoT compliance program
              1. Executive oversight
              2. Policies, procedures, and documentation
              3. Training and education
                1. Skills assessments
                2. Cyber security tools
                3. Data security
                4. Defense-in-depth
                5. Privacy
                6. The IoT, network, and cloud
                7. Threats/attacks
                8. Certifications
              4. Testing
              5. Internal compliance monitoring
                1. Install/update sensors
                2. Automated search for flaws
                3. Collect results
                4. Triage
                5. Bug fixes
                6. Reporting
                7. System design updates
              6. Periodic risk assessments
                1. Black box
                2. White box assessments
                3. Fuzz testing
          2. A complex compliance environment
            1. Challenges associated with IoT compliance
            2. Examining existing compliance standards support for the IoT
              1. Underwriters Laboratory IoT certification
              2. NIST CPS efforts
              3. NERC CIP
              4. HIPAA/HITECH
              5. PCI DSS
              6. NIST Risk Management Framework (RMF)
          3. Summary
        9. 9. Cloud Security for the IoT
          1. Cloud services and the IoT
            1. Asset/inventory management
            2. Service provisioning, billing, and entitlement management
            3. Real-time monitoring
            4. Sensor coordination
            5. Customer intelligence and marketing
            6. Information sharing
            7. Message transport/broadcast
            8. Examining IoT threats from a cloud perspective
          2. Exploring cloud service provider IoT offerings
            1. AWS IoT
            2. Microsoft Azure IoT suite
            3. Cisco Fog Computing
            4. IBM Watson IoT platform
              1. MQTT and REST interfaces
          3. Cloud IoT security controls
            1. Authentication (and authorization)
              1. Amazon AWS IAM
              2. Azure authentication
            2. Software/firmware updates
            3. End-to-end security recommendations
            4. Maintain data integrity
            5. Secure bootstrap and enrollment of IoT devices
            6. Security monitoring
          4. Tailoring an enterprise IoT cloud security architecture
          5. New directions in cloud-enabled IOT computing
            1. IoT-enablers of the cloud
              1. Software defined networking (SDN)
              2. Data services
              3. Container support for secure development environments
              4. Containers for deployment support
              5. Microservices
              6. The move to 5G connectivity
            2. Cloud-enabled directions
              1. On-demand computing and the IoT (dynamic compute resources)
              2. New distributed trust models for the cloud
              3. Cognitive IoT
          6. Summary
        10. 10. IoT Incident Response
          1. Threats both to safety and security
          2. Planning and executing an IoT incident response
            1. Incident response planning
              1. IoT system categorization
              2. IoT incident response procedures
              3. The cloud provider's role
            2. IoT incident response team composition
              1. Communication planning
              2. Exercises and operationalizing an IRP in your organization
            3. Detection and analysis
              1. Analyzing the compromised system
              2. Analyzing the IoT devices involved
              3. Escalate and monitor
            4. Containment, eradication, and recovery
            5. Post-incident activities
          3. Summary
      9. A. Bibliography
      10. Index