Foreword xxvi Introduction xxviii Part I Introduction to IoT 1 Chapter 1 What Is IoT? 3 Genesis of IoT 4 IoT and Digitization 6 IoT Impact 7 Connected Roadways 8 Connected Factory 12 Smart Connected Buildings 15 Smart Creatures 19 Convergence of IT and OT 21 IoT Challenges 23 Summary 24 References 24 Chapter 2 IoT Network Architecture and Design 27 Drivers Behind New Network Architectures 28 Scale 30 Security 31 Constrained Devices and Networks 32 Data 32 Legacy Device Support 32 Comparing IoT Architectures 33 The oneM2M IoT Standardized Architecture 33 The IoT World Forum (IoTWF) Standardized Architecture 35 Additional IoT Reference Models 39 A Simplified IoT Architecture 40 The Core IoT Functional Stack 43 Layer 1: Things: Sensors and Actuators Layer 44 Layer 2: Communications Network Layer 46 Layer 3: Applications and Analytics Layer 59 IoT Data Management and Compute Stack 63 Fog Computing 65 Edge Computing 68 The Hierarchy of Edge, Fog, and Cloud 68 Summary 70 References 71 Part II Engineering IoT Networks 73 Chapter 3 Smart Objects: The "Things" in IoT 75 Sensors, Actuators, and Smart Objects 76 Sensors 76 Actuators 81 Micro-Electro-Mechanical Systems (MEMS) 83 Smart Objects 84 Sensor Networks 87 Wireless Sensor Networks (WSNs) 88 Communication Protocols for Wireless Sensor Networks 92 Summary 93 Chapter 4 Connecting Smart Objects 95 Communications Criteria 96 Range 96 Frequency Bands 98 Power Consumption 101 Topology 102 Constrained Devices 103 Constrained-Node Networks 104 IoT Access Technologies 107 IEEE 802.15.4 108 IEEE 802.15.4g and 802.15.4e 118 IEEE 1901.2a 124 IEEE 802.11ah 130 LoRaWAN 134 NB-IoT and Other LTE Variations 142 Summary 146 Chapter 5 IP as the IoT Network Layer 149 The Business Case for IP 150 The Key Advantages of Internet Protocol 150 Adoption or Adaptation of the Internet Protocol 152 The Need for Optimization 154 Constrained Nodes 155 Constrained Networks 156 IP Versions 157 Optimizing IP for IoT 159 From 6LoWPAN to 6Lo 159 Header Compression 161 Fragmentation 162 Mesh Addressing 163 6TiSCH 165 RPL 167 Authentication and Encryption on Constrained Nodes 173 Profiles and Compliances 174 Internet Protocol for Smart Objects (IPSO) Alliance 174 Wi-SUN Alliance 174 Thread 174 IPv6 Ready Logo 175 Summary 175 Chapter 6 Application Protocols for IoT 177 The Transport Layer 178 IoT Application Transport Methods 180 Application Layer Protocol Not Present 180 SCADA 182 Generic Web-Based Protocols 189 IoT Application Layer Protocols 191 Summary 204 Chapter 7 Data and Analytics for IoT 205 An Introduction to Data Analytics for IoT 206 Structured Versus Unstructured Data 207 Data in Motion Versus Data at Rest 209 IoT Data Analytics Overview 209 IoT Data Analytics Challenges 211 Machine Learning 212 Machine Learning Overview 212 Machine Learning and Getting Intelligence from Big Data 218 Predictive Analytics 220 Big Data Analytics Tools and Technology 220 Massively Parallel Processing Databases 222 NoSQL Databases 223 Hadoop 224 The Hadoop Ecosystem 227 Edge Streaming Analytics 230 Comparing Big Data and Edge Analytics 231 Edge Analytics Core Functions 232 Distributed Analytics Systems 235 Network Analytics 236 Flexible NetFlow Architecture 238 Summary 242 References 243 Chapter 8 Securing IoT 245 A Brief History of OT Security 246 Common Challenges in OT Security 249 Erosion of Network Architecture 249 Pervasive Legacy Systems 250 Insecure Operational Protocols 250 Other Protocols 253 Device Insecurity 254 Dependence on External Vendors 255 Security Knowledge 256 How IT and OT Security Practices and Systems Vary 256 The Purdue Model for Control Hierarchy 257 OT Network Characteristics Impacting Security 259 Security Priorities: Integrity, Availability, and Confidentiality 261 Security Focus 261 Formal Risk Analysis Structures: OCTAVE and FAIR 262 OCTAVE 262 FAIR 265 The Phased Application of Security in an Operational Environment 266 Secured Network Infrastructure and Assets 266 Deploying Dedicated Security Appliances 269 Higher-Order Policy Convergence and Network Monitoring 272 Summary 274 Part III IoT in Industry 275 Chapter 9 Manufacturing 277 An Introduction to Connected Manufacturing 278 An IoT Strategy for Connected Manufacturing 279 Business Improvements Driven Through IoT 281 An Architecture for the Connected Factory 282 Industrial Automation and Control Systems Reference Model 282 The CPwE Reference Model 284 CPwE Resilient Network Design 286 CPwE Wireless 289 Industrial Automation Control Protocols 293 EtherNet/IP and CIP 293 PROFINET 294 The PROFINET Architecture 296 Media Redundancy Protocol (MRP) 297 Modbus/TCP 298 Connected Factory Security 299 A Holistic Approach to Industrial Security 299 Edge Computing in the Connected Factory 304 Connected Machines and Edge Computing 304 Summary 307 References 307 Chapter 10 Oil and Gas 309 An Introduction to the Oil and Gas Industry 310 Defining Oil and Gas 310 The Oil and Gas Value Chain 313 Current Trends in the Oil and Gas Industry 314 Industry Key Challenges as Digitization Drivers 316 IoT and the Oil and Gas Industry 319 Improving Operational Efficiency 321 The Purdue Model for Control Hierarchy in Oil and Gas Networks 321 Oil and Gas Use Cases for IoT 323 IoT Architectures for Oil and Gas 326 Control Room Networks for Oil and Gas 327 Wired Networks for Oil and Gas 328 Wireless Networks for Oil and Gas 328 Wireless Use Cases in the Oil and Gas Industry 332 The Risk Control Framework for Cybersecurity in IoT 335 Securing the Oil and Gas PCN: Background 337 Securing the Oil and Gas PCN: Use Cases and Requirements 338 Data Analytics for Predictive Asset Monitoring 341 Summary 342 References 343 Chapter 11 Utilities 345 An Introduction to the Power Utility Industry 347 The IT/OT Divide in Utilities 348 The GridBlocks Reference Model 350 GridBlocks: An 11-Tiered Reference Architecture 352 The Primary Substation GridBlock and Substation Automation 356 SCADA 357 IEC 61850: The Modernization of Substation Communication Standards 358 Network Resiliency Protocols in the Substation 362 System Control GridBlock: The Substation WAN 364 Defining Teleprotection 364 Designing a WAN for Teleprotection 367 The Field Area Network (FAN) GridBlock 369 Advanced Metering Infrastructure 371 Other Use Cases 373 Securing the Smart Grid 377 NERC CIP 378 Smart Grid Security Considerations 380 The Future of the Smart Grid 381 Summary 382 References 383 Chapter 12 Smart and Connected Cities 385 An IoT Strategy for Smarter Cities 386 Vertical IoT Needs for Smarter Cities 386 Global vs. Siloed Strategies 389 Smart City IoT Architecture 390 Street Layer 391 City Layer 394 Data Center Layer 395 Services Layer 397 On-Premises vs. Cloud 398 Smart City Security Architecture 398 Smart City Use-Case Examples 401 Connected Street Lighting 401 Connected Environment 409 Summary 411 References 412 Chapter 13 Transportation 413 Transportation and Transports 413 Transportation Challenges 415 Roadways 415 Mass Transit 416 Rail 417 Challenges for Transportation Operators and Users 418 IoT Use Cases for Transportation 420 Connected Cars 421 Connected Fleets 422 Infrastructure and Mass Transit 422 An IoT Architecture for Transportation 427 IoT Technologies for Roadways 427 Connected Roadways Network Architecture 434 Extending the Roadways IoT Architecture to Bus Mass Transit 440 Extending Bus IoT Architecture to Railways 442 Summary 447 References 448 Chapter 14 Mining 449 Mining Today and Its Challenges 451 Scale 451 Safety 455 Environment 455 Security 456 Volatile Markets 456 Challenges for IoT in Modern Mining 456 The OT Roles in Mining 456 Connectivity 457 An IoT Strategy for Mining 459 Improved Safety and Location Services 459 Location Services 461 Improved Efficiencies 464 Improved Collaboration 465 IoT Security for Mining 466 An Architecture for IoT in Mining 467 IEEE 802.11 as the IoT Access Layer 468 802.11 Outdoor Wireless Mesh 468 4G/LTE 474 Wireless in Underground Mining 475 Industrial Wireless 476 Isolated vs. Connected Mine Networks 476 Core Network Connectivity 478 Network Design Consideration for Mining Applications 479 Data Processing 480 Summary 481 Chapter 15 Public Safety 483 Overview of Public Safety 484 Public Safety Objects and Exchanges 484 Public and Private Partnership for Public Safety IoT 486 Public Safety Adoption of Technology and the IoT 488 An IoT Blueprint for Public Safety 489 Mission Continuum 489 Mission Fabric 490 Inter-agency Collaboration 491 Emergency Response IoT Architecture 493 Mobile Command Center 494 Mobile Vehicles: Land, Air, and Sea 501 IoT Public Safety Information Processing 506 School Bus Safety 508 Bus Location and Student Onboarding/Offboarding 508 Driver Behavior Reporting 510 Diagnostic Reporting 511 Video Surveillance 511 Student Wi-Fi 513 Push-to-Talk Communication 513 School Bus Safety Network Architecture 513 Summary 514 Reference 515 9781587144561, TOC, 5/16/2017
David Hanes, CCIE No. 3491, is a Technical Leader specializing in IoT and working in Cisco Technical Services as part of the Cloud Support Technical Assistance Center (TAC). With experience in the incubation of new technologies, he is currently leading the TAC support effort for Cisco's IoT cloud solutions. He also has technical expertise in the areas of collaboration and cognitive computing. David has multiple patents issued and pending in the areas of IoT and collaboration. He is an active participant in the SIP Forum and in the IETF as an RFC contributor and author. David has written and contributed to various industry publications and white papers and is a coauthor of the Cisco Press book Fax, Modem, and Text for IP Telephony. He has spoken at industry and technical conferences worldwide and has been honored as a Hall of Fame speaker by Cisco Live. Since joining Cisco in 1997, David has worked as a TAC engineer for the WAN, WAN Switching, and Multiservice Voice teams; as a team lead for the Multiservice Voice team; as an escalation engineer covering a variety of VoIP technologies; and as a field trial support engineer. Prior to working at Cisco, David was a systems engineer for Sprint, where he gained his first computer networking experience working on the Frame Relay and X.25 protocols. He holds a degree in electrical engineering from North Carolina State University. Gonzalo Salgueiro, CCIE No. 4541, is a Principal Engineer in Technical Services, working on several emerging technologies and the services opportunities they offer. Gonzalo has spent more than 20 years at Cisco, establishing himself as a subject matter expert, innovator, and industry thought leader in various technologies, including Collaboration, ML/AI, Cloud, and IoT. Gonzalo is an established member of numerous industry organizations and is a regular presenter and distinguished speaker at a variety of technical industry conferences and Cisco events around the world. He currently holds various industry leadership roles, including serving as a member of the Board of Directors of the SIP Forum, co-chair of the INSIPID and SIPBRANDY IETF working groups, member of the IoT Directorate in the IETF, and co-chair of the WebRTC Task Group, IPv6 Task Group, and FoIP Task Group in the SIP Forum. He is an active contributor to various industry organizations and standardization activities. Gonzalo co-authored the Cisco Press book Fax, Modem, and Text for IP Telephony. He has also co-authored 24 IETF RFCs, 4 IEEE papers, 4 ITU contributions, and numerous industry and academic research papers on a variety of different technical topics. He is also coinventor of 65+ patents (issued and pending) and has contributed to various interop and open source development efforts. Gonzalo received a master's degree in physics from the University of Miami. Patrick Grossetete is a Distinguished Engineer, Technical Marketing, working on field communication architecture and design (IEEE 802.15.4g/e RF, IEEE 1901.2a PLC, LoRaWAN, IPv6, 6LoWPAN, RPL, ...) in the Cisco Internet of Things Connected Group. He joined Cisco through its acquisition of Arch Rock, where he was Director of Product Management and Customer Solutions, focusing on IPv6-based wireless sensor network technology for smart grid, energy, and environmental optimization applications. Previously, Patrick led a product management team at Cisco, responsible for a suite of Cisco IOS software technologies, including IPv6 and IP Mobility. Patrick regularly speaks at conferences and industry events, including the IPv6 Forum, which he joined in 1999 as a Cisco representative. Patrick also acts as reviewer on European Commission-sponsored projects, including GEANT and ENVIROFI. Patrick is coauthor of the books Global IPv6 Strategies and Deploying IPv6 Networks, published by Cisco Press, as well as several white papers, such as Unified Field Area Network Architecture for Distribution Automation (2014) and IPv6 Architecture for Field Area Networks (2012). In June 2003, he received the IPv6 Forum Internet Pioneer Award at the San Diego Summit, and he is an IPv6 Forum Fellow. Before his days at Cisco and Arch Rock, he worked at Digital Equipment Corporation as a consulting engineer and was involved with network design and deployment. He received a degree in computer science from the Control Data Institute, Paris, France. Rob Barton, CCIE No. 6660 (R&S and Security), CCDE No. 2013:6, is a Principal Systems Engineer working in Cisco's Digital Transformation and Innovation organization. Rob is a registered professional engineer (P.Eng) and has worked in the IT industry for more than 20 years, the last 17 of which have been at Cisco. Rob graduated from the University of British Columbia with a degree in engineering physics, where he specialized in computer and radio communications. Rob's areas of interest include wireless communications, IPv6, IoT, and industrial control systems. Rob coauthored the Cisco Press book End-to-End QoS, 2nd edition. He resides in Vancouver, Canada, with his wife and two children. Jerome Henry, CCIE No. 24750, is a Principal Engineer in the Enterprise Infrastructure and Solutions Group at Cisco systems. Jerome has more than 15 years' experience teaching technical Cisco courses in more than 15 countries and 4 languages, to audiences ranging from bachelor's degree students to networking professionals and Cisco internal system engineers. Focusing on his wireless and networking experience, Jerome joined Cisco in 2012. Before that time, he was consulted and taught heterogeneous networks and wireless integration with the European Airespace team, which was later acquired by Cisco to become their main wireless solution. He then spent several years with a Cisco Learning partner, developing networking courses and working on training materials for emerging technologies. Jerome is a certified wireless networking expert (CWNE No. 45) and has developed multiple Cisco courses and authored several wireless books and video courses. Jerome is also a member of the IEEE, where he was elevated to Senior Member in 2013, and also participates with Wi-Fi Alliance working groups, with a strong focus on IoT and low power. With more than 10,000 hours in the classroom, Jerome was awarded the IT Training Award Best Instructor silver medal. He is based in Research Triangle Park, North Carolina.