All posts by Thomas Campbell

Internet of Things, IoT, IoT Security, Opinion

How IoT Security could change infrastructure forever

CybersecurityOn September 22nd and 23rd, the first-ever dedicated IoT Security conference and exhibition will take place in Boston.

While at first glance this may appear to concern a specific and rather specialized area, the relationship of the Internet of Things to the broad issue of human security may well prove much more far-reaching and fundamental.

After all, the development of the Internet itself was driven by a Cold War desire to create resilient computer networks that could withstand a nuclear attack. This threat inspired a whole new architecture for sharing and protecting information – one that was intentionally decentralized.

History suggests that precaution can be a key driver of technological innovation. In changing things to protect them, we often open up unforeseen new opportunities.

Which is why, if we return to 2015, there is something fascinating in seeing the same decentralized architectures applied to real-world infrastructures in the name of collective safety.

“When you apply this kind of Internet-type architecture to core infrastructure — whether it’s water or energy or transportation –  these systems start looking a lot more like the Internet,” says John Miri, Chief Administrative Officer at the Lower Colorado River Authority (LRCA) and a speaker at this month’s Boston event. “You start to see water systems, flood data systems and, hopefully, electric grids that are less centralized, more resilient and more difficult to disrupt.”

The LCRA is an 80-year-old institution with roots in the Great Depression, entrusted with providing reliable water, flood protection and electricity to Central Texas and beyond. The areas LCRA serves covers a number of the fastest growing cities in the United States, meaning LCRA faces some pretty substantial demands on its infrastructure.

“Providing the water and power to support growing communities and a growing business and industrial base is no small task,” Miri says. Indeed, LCRA has  broken ground on a quarter of a billion dollar new reservoir, the region’s first new water supply in decades.

Many of these additional demands make  safety and security more important than ever.

“LCRA is now the second largest electric transmission utility in Texas. Our high tension transmission lines go across a large portion of the state. Protecting the electric grid is a pretty hot topic,” Miri says.

These hypothetical threats encompass what Miri calls “bad actors,”  but also less hypothetical threats to the infrastructure.

“When you have a flood, we may have to intentionally shut down electric substations. Everyone knows electricity and water don’t mix – but even having the situational awareness to know that water is approaching a substation is very important to us in keeping the lights on. Using these kinds of smart networks to get a better picture of the threats and dangers to the power grid helps us protect it rather than just saying ‘build more,’” Miri says.

Similarly, a vast number of sensors throughout its Hydromet network enable LCRA to better monitor water levels – and to effectively manage floods.

“By adopting a new, more open, shared technology approach, we could expand the infrastructure we have for flood data collection at a 90% lower cost than if we had done it a traditional way. The technology  actually opens up our infrastructure to a very wide region that never considered it before. We can offer a level of flood monitoring across a wider region and  extend it rural and agricultural communities and other areas that might not have the resources to gain access to this technology.”

Looking ahead, Miri says, there are new opportunities to apply this decentralized, Internet-style architecture to other projects.

“I think when you look forward 10, 15 or 20 years, the whole infrastructure may work differently. It opens up new possibilities and business models that we didn’t have before. For instance, Texas is on the coast. As with any coastal area, we spend time thinking about desalination. Some of the work we’ve been doing on the Internet of Things  is making people think, maybe we don’t need a couple of giant desalination plants – which has been the approach in Australia and Israel – but a number of smaller plants that are networked together, and share the water more efficiently. In the longer term, IoT may actually change the infrastructure itself, which would be very exciting.”

It could be interesting to one day look back at this month’s inaugural IoT Security event and see how many of the topics discussed went on to fundamentally evolve and affect their wider respective domains.

BT, Features, Internet of Things, Internet of Things Telecoms, IoT, telecoms

BT and the IoT

BT Sevenoaks workstyle buildingIt is often said that the Internet of Things is all about data. Indeed, at its absolute heart, the whole ecosystem could even be reduced to four distinct layers, ones that are essentially applicable to any vertical.

First of all, you have the sensing layer: somehow (using sensors, Wi-Fi, beacons: whatever you can!) you have to collect the data in the first place, often in harsh environments. From there you need to transport the data on a connectivity layer. This could be mobile or fixed, Wi-Fi or something altogether more cutting edge.

Thirdly, you need to aggregate this data, to bring it together and allow it to be exchanged. Finally, there’s the crucial matter of analytics, where the raw data is transformed into something useful.

Operators such as BT sense the opportunities in this process – particularly in the first three stages. Some telcos may have arrived a little late to the IoT table, but there’s no question that – with their copious background developing vast, secure infrastructures – they enjoy some fundamental advantages.

“I see IoT as a great opportunity,” says Hubertus von Roenne, VP Global Industry Practices, BT Global Services. “The more the world is connected, the more you have to rely on a robust infrastructure, whether it’s connectivity or data centres, and the more you have to rely on secure and reliable environment. That’s our home turf. We are already active on all four layers, not only through our global network infrastructure, but also via our secure cloud computing capabilities and a ‘Cloud of Clouds’ technology vision that enables real time data crunching and strategic collaboration across very many platforms.”

An example of how BT is positioning itself can be seen in Milton Keynes, a flagship ‘smart city’ in the UK, with large public and private sector investment. BT is one of over a dozen companies from various industries testing out different use cases for a smarter, more connected city.

“In Milton Keynes we are the technology partner that’s collecting the data. We’ve created a data hub where we allow the information to be passed on, but also make it compatible and usable. The governance body of this Milton Keynes project decided very early to make it open source, open data, and allow small companies or individuals to play around with the data and turn it into applications. Our role is not necessarily to go onto the application layer – we leave that to others – our role is to allow the collection and transmission of data, and we help turn data into usable information.”

One use case BT is involved in is smart parking – figuring out how to help traffic management, reduce carbon footprint, and help the council to reduce costs and better plan for parking availability. “Lots of ideas which can evolve as you collect the data, and that’s BT’s role.”

Another good example of how BT can adapt its offerings to different verticals is its work in telecare and telehealth, where the telco currently partners with the NHS, providing the equipment, monitoring system, and certain administrative and operational units, leaving the medical part to the medical professionals.

While BT’s established UK infrastructure makes it well positioned to assume these kinds of roles in developing smarter cities and healthcare, in other, more commercial areas there are no place-specific constraints.

“Typically our core customer base for global services are the large multinational players,” says von Roenne, “and these operate around the world. We are bringing our network and cloud integration capabilities right down to the manufacturing lines or the coal face of our multinational customers. Just a few weeks ago, we announced a partnership with Rajant Corporation, who specialise in wireless mesh deployments, to enable organisations to connect and gather data from thousands of devices such as sensors, autonomous vehicles, industrial machinery, high-definition cameras and others.”

Indeed, there are countless areas where data can be profitably collated and exploited, and next month von Roenne will be attending Internet of Things World Europe in Berlin, where he will be looking to discover new businesses and business opportunities. “I think there is already a lot of low hanging fruit out there if we just do some clever thinking about using what’s out there,” he says, adding that, often, the area in which the data could really be useful is not necessarily the same as the one it’s being collected in.

The capacity to take a bird’s eye view, bringing together different sectors of the economy for everyone’s mutual benefit, is another advantage BT will point to as it positions itself for the Internet of Things.

apps, AWS, Content & Applications, digital publishing, Financial Times, Opinion, Public Cloud

The FT discusses app and cloud strategy

christy rossBCN caught up with Christy Ross, Head of Application and Publishing Services, Technology at the Financial Times, to get some insight into the company’s approach to digital publishing, mobile apps and the cloud.

BCN: From a digital perspective, what is the FT currently focussed on?

Christy Ross: Print has been written off for years now, no pun intended, but we’re still doing very well. However our main interest these days — rather than investing in print product – is in looking at how we can identify and supply other means of content delivery and then to actually make some money from that. Over the past few years we’ve done things to help us to maintain a direct relationship with our subscribers, such as building our own web app rather than place anything on the Apple Store or Play Store.

We have also done a lot around building APIs, so that we can provide distinct feeds of information to businesses, enabling them to come to us and say, ‘we are particualrly interested in these areas of news, or analysis, and will pay you for that’. Of course we’ve also seen mobile take off massively, so probably over 50% of our new subscription revenue comes from mobile, rather than fromm the browser or tablets.

Why is the FT able to be so confident when asking for revenue from its readers?

We’ve been quite lucky. We were one of if not the first UK newspaper to introduce a paywall. A lot has been made of the fact that paywalls ‘don’t work,’ and we’ve seen a number of other daily national papers put them up and pull them back down again, but we are very wedded to ours.

That’s because we are a niche product. If you like, we’re ‘the business world’s second newspaper.’ So in the UK someone will have, say, their Times or the Telegraph (or in the US they’ll have the Washington Post or the New York Times), but then their second newspaper will be the Financial Times. You can’t get our content anywhere else, particularly not the analysis we provide. While we are interested in breaking news and do follow it, our key differetnaitor is analysis and that comment of what is going on in the world and what it means long term. People aree able to use these insights in their business decisions – and people are prepared to pay for that.

Is there anything unique about your current mobile application in itself?

At the end of the day we are a  content provider. It’s about getting the content out as quickly as we can, and providing the tools to our editorial users so they can concentrate on writing and not worry so much about layout – we’re doing a lot more about templating, metadata, and making our content much richer, so that, when a reader comes on, the acutal related stories mean something to them, and it’s easier for them to navigate through our considerable archive on the same poeople and companies, and be able to form a much more rounded opinion.

What about internal technical innvoation?

We’ve built our own private cloud, and we’re also heavily investigating and starting to use AWS, so doing a lot out there to support the public cloud. One of our strategy points is that any new applcaition or new functionality that we look to bring online, we have to start by looking on the public cloud to see if we can host and proivide it on that, and there has to be a very good technical reason for not doing it. We’re pushing it much more that way.

We have also borrrowed a concept from Netflix, their Chaos Monkey appraoch, where every now and then we deliberately break parts of our estate to see how resilient applications are, and to see how we can react to some of our applications not being available and what that means to our user base. Just a a couple of weekends ago we completely turned off one of our UK data centres, where we’d put most of our publishing and membership applciations in advance, to see what it did, and also to see whether we could bring up the applications in our other data centres – to see how long it took us and what it meant for things like our recovery time objectives.

 

Christy Ross will be appearing at Apps World Europe (18- 19 November, Excel, London)

AC Milian, Borussia Dortmund, Brazil, Catapult, Features, Internet of Things, Interviews, IoT, Newcastle, Norwich, Premier League, Tottenham, West Brom, West Ham

Make your Sunday League team as ‘smart’ as Borussia Dortmund with IoT

IoT can help make your football team smarter

IoT can help make your football team smarter

How, exactly, is IoT changing competitive sports? And how might you, reader, go about making your own modest Sunday League team as ‘smart’ as the likes of AC Milian, Borussia Dortmund and Brazil?

We asked Catapult, a world leader in the field and responsible for connecting all three (as well as Premier League clubs including Tottenham, West Brom, Newcastle, West Ham and Norwich) exactly how the average sporting Joe could go about it. Here’s what the big teams are increasingly doing, in five easy steps.

Link-up play

The technology itself consists of a small wearable device that sits (a little cyborg-y) at the top of the spine under the uniform, measuring every aspect of an athlete’s movement using GPS antenna and motion sensors. The measurements include acceleration, deceleration, change of direction and strength – as well as more basic things like speed, distance and heart rate.

Someone’s going to have to take a bit of time off work though! You’ll be looking at a one- or two-day installation on-site with the team, where a sports scientist would set you up with the software.

Nominate a number cruncher

All the raw data you’ll collect is then put through algorithms that provide position-specific and sport-specific data output to a laptop. Many of Catapult’s Premier League and NFL clients hire someone specifically to analyse the massed data.  Any of your team-mates work in IT or accountancy?

Tackle number crunching

Now you’ve selected your data analyst, you’ll want to start them out on the more simple metrics. Everyone understands distance, for instance (probably the easiest way to understand how hard an athlete has worked). From there you can look at speed. Combine the two and you’ll have a fuller picture of how much of a shift Dean and Dave have really put in (hangovers notwithstanding).

Beyond this, you can start looking at how quickly you and your team mates accelerate (not very, probably), and  the effect of deceleration on your intensity afterward. Deceleration is usually the most harmful to tissue injuries.

Higher still up the spectrum of metrics, you can encounter a patented algorithm called inertial movement analysis, used to capture ‘micro-movements’ and the like.

Pay up!

Don’t worry, you won’t have to actually buy all the gear (which could well mean your entire team re-mortgaging its homes): most of Catapult’s clients rent the devices…

However, you’ll still be looking at about £100 per unit/player per month, a fairly hefty additional outlay.

Surge up your Sunday League!

However, if you are all sufficiently well-heeled (not to mention obsessively competitive) to make that kind of investment, the benefits could be significant.

Florida State Football’s Jimbo Fisher recently credited the technology with reducing injuries 88 per cent. It’s one of number of similarly impressive success stories: reducing injuries is Catapult’s biggest selling point, meaning player shortages and hastily arranged stand-ins could be a thing of the past.

Of course if the costs sound a bit too steep, don’t worry: although the timescale is up in the air, Catapult is ultimately planning to head down the consumer route.

The day could yet come, in the not too distant future, when every team is smart!

How will the Wearables market will continue to change and evolve? Jim Harper (Director of Sales and Business Development, Bittium) will be leading a discussion on this very topic at this year’s Internet of Things World Europe (Maritim Pro Arte, Berlin 6th – 7th October 2015)

Features, Internet of Things, Interviews, IoT

Jennifer Kent of Parks Associates on IoT and healthcare

BCN spoke to Jennifer Kent, Director of Research Quality and Product Development at Parks Associates, on the anticipated impact IoT will have on healthcare.

BCN: Can you give us a sense of how big an impact the Internet of Things could have on health in the coming years?

Jennifer KentJennifer Kent: Because the healthcare space has been slow to digitize records and processes, the IoT stands to disrupt healthcare to an even greater extent than will be experienced in other industries. Health systems are just now getting to a point where medical record digitization and electronic communication are resulting in organizational efficiencies.

The wave of new data that will result from the mass connection of medical and consumer health devices to the Internet, as part of the IoT, will give care providers real insight for the first time into patients’ behaviour outside of the office. Parks Associates estimates that the average consumer spends less than 1% of their time interacting with health care providers in care facilities. The rest of consumers’ lives are lived at home and on-the-go, engaging with their families, cooking and eating food, consuming entertainment, exercising, and managing their work lives – all of which impact their health status. The IoT can help care providers bridge the gap with their patients, and can potentially provide insight into the sources of motivation and types of care plans that are most effective for specific individuals.

 

Do you see IoT healthcare as an essentially self-enclosed ecosystem, or one that will touch consumer IoT?

IoT healthcare will absolutely touch consumer IoT, at least in healthcare markets where consumers have some responsibility for healthcare costs, or in markets that tie provider payments to patients’ actual health outcomes. In either scenario, the consumer is motivated to take a greater interest in their own self-care, driving up connected health device and application use. While user-generated data from consumer IoT devices will be less clinically accurate or reliable, this great flood of data still has the potential to result in better outcomes, and health industry players will have an interest in integrating that data with data produced via IoT healthcare sources.

 

Medical data is very well protected – and quite rightly – but how big a challenge is this to the development of effective medical IoT, which after all depends on the ability to effectively share information?

All healthcare markets must have clear regulations that govern health data protection, so that all players can ensure that their IoT programs are in compliance with those regulations. Care providers’ liability concerns, along with the investments in infrastructure that are necessary to protect such data, have created the opportunity for vendors to create solutions that take on the burden of regulatory compliance for their clients. Furthermore, application and device developers on the consumer IoT side that border very closely the medical IoT vertical can seek regulatory approval –even if not required – as a means of attaining premium brand status from consumers and differentiation from the may untested consumer-facing applications on market.

Finally, consumers can be motivated to permit their medical data be shared, for the right incentive. Parks Associates data show that no less than 40% of medical device users in the U.S. would share the data from their devices in order to identify and resolve device problems. About a third of medical devices users in the US would share data from their devices for a discount on health insurance premiums. Effective incentives will vary, depending on each market’s healthcare system, but care providers, device manufacturers, app developers, and others who come into contact with medical device data should investigate whether potential obstacles related to data protection could be circumvented by incentivizing device end-users to permit data sharing.

 

You’re going to be at Internet of Things World Europe (5 – 7 October 2015 Maritim proArte, Berlin). What are you looking forward to discussing there and learning about?

While connected devices have been around for decades, the concept of the Internet of Things – in which connected devices communicate in a meaningful way across silos – is at a very early and formative stage. Industry executives can learn much from their peers and from visionary thinkers at this stage, before winners and losers have been decided, business plans hardened, and innovation slowed. The conversations among attendees at events like Internet of Things World Europe can shape the future and practical implementation of the IoT. I look forward to learning how industry leaders are applying lessons learned from early initiatives across markets and solution types.

Features, Internet of Things, Interviews, IoT, smart cities

Enabling smart cities with IoT

The Internet of Things will help make cities smarter

The Internet of Things will help make cities smarter

The population of London swells by an additional 10,000 a month, a tendency replicated in cities across the world. To an extent such growth reflects the planet’s burgeoning wider population, and there is even an interesting argument that cities are an efficient way of providing large numbers with their necessary resources. What we know as the ‘smart city’ may well prove to be the necessary means to manage this latest shift at scale.

Justin Anderson is sympathetic to this assessment. As the chairman of Flexeye, vice chair of techUK’s Internet of Things Council, and a leader of government-funded tech consortium Hypercat and London regeneration project Old Oak Common, he is uniquely positioned to comment on the technological development of our urban spaces.

“We are in an early stage of this next period of the evolution of the way that cities are designed and managed,” he says. “The funny thing about ‘smart’ of course, is that if you look back 5000 years, and someone suggested running water would be a good idea, that would be pretty smart at the time. ‘Smart’ is something that’s always just over the horizon, and we’re just going through another phase of what’s just over the horizon.”

There’s some irony in the fact that Anderson finds himself so profoundly involved in laying the foundations for smarter cities, since architects have been in his family for 400 years, and he intended to go in that direction himself before falling into the study of mathematics – which then led to a career in technology.

“There are lots of similarities between the two,” he says. “Stitching lots of complex things together and being able to visualise how the whole thing might be before it exists. And of course the smart city is a world comprised of both the physical and virtual aspects of infrastructure, both of which need to be tied together to be able to manage cities in a more efficient way.”

Like many of the great urban developments, the smart city is mostly going to be something invisible, something we quickly take for granted.

“We’re not necessarily all going to be directly feeling the might of processing power all around us. I think we’ll see a lot of investment on the industrial level coming into the city that’s going to be invisible to the citizen, but ultimately they will benefit because it’s a bit more friction taken out of their world. It’ll be a gradual evolution of things just working better – and that will have a knock on effect of not having to queue for so long, and life just being a little bit easier.”

There are, however, other ways connectivity could change urban life in the coming years: by reversing the process of urban alienation, and allowing online communities to come together and effect real world change.

“If you can engage citizens in part of that process as a way that they live, and make sure that they feel fully accountable for what the city might be, then there’s also a lot of additional satisfaction that could come from being a part of that city, rather than just a pawn in a larger environment where you really have no say and just have to do what you’ve got to do. Look at something like air quality – to be able to start to get that united force and be able to then put more pressure upon the city authorities to do something about it. Local planning policy is absolutely core in all of this.”

Anderson sees technology as an operative part of the trend towards devolution, with cities and their citizens gaining more and more control of their destiny. “If you build that sort of nuclear community around issues rather than just around streets or neighbourhoods, you get new levels of engagement.” For such changes to be effected, however, there is plenty that still needs doing on the technical level – a message Anderson will bringing to Internet of Things World Europe event in Berlin this October.

“I think the most important thing right now is that technology companies come together to agree on a common urban platform that is interoperable, allowing for different components to be used appropriately, and that we don’t find ourselves locked into large systems that mean cities can’t evolve in a flexible and fluid way in the future. We have to have that flexibility designed into this next stage of evolution that comes frMakom interoperability. My drive is to make sure everyone is a believer in interoperability.”

Features, Internet of Things, Interviews, IoT

Lighting and the Internet of Things

Philips is experimenting with using connected lights to for everything from keeping us abreast of important messages to making video games more interactive and impactful on our senses

Philips is experimenting with using connected lights to for everything from keeping us abreast of important messages to making video games more interactive and impactful on our senses

When was the last time you thought about your lights? Whether you are outside or in, you will probably see 4, 5 or more sources of artificial light within view. There is an estimated 50 billion individual light points in the world today – seven or so per person; of all technology, the light bulb is arguably the most ubiquitous.

It is perhaps because of this ubiquity that light has all but disappeared from our conscious minds. We utilise it with minimal thought, though sometimes its complexities are impossible to ignore. If we were preparing a romantic dinner, for instance, we would tailor the lighting accordingly. We do this because lighting doesn’t merely reflect mood, but dictates it, something connectivity is increasingly enabling us to take advantage of.

“We’ve evolved for the last however many millions of years to expect light from the sun,” says George Yianni, head of technology at Philips Lighting Home Systems. “If there’s a bright, cool white light at midday from the sun, our brain is hardwired to be awake and alert. If there is a very warm dim light such as you get around sunset, our brain is hardwired to start winding down and relaxing.”

Yianni is a technological evangelist. In a very literal way he has seen the light, and he wants to harness this physiological sensitivity to light (among other responses) to help us to relax, to deal with jet lag, to concentrate better and much more. Due to the degree to which we take lighting for granted, however, it’s an area that poses obvious challenges to innovators:  “As a consumer, the only time you think about a light bulb inside your house is when one breaks and you have to try to find one that fits in the same socket and gives the same light output. But actually it is amazing how light can transform how a space looks, how you feel in a space.”

One of the first projects Yianni was involved in was the use of tunable white light in some German schools, giving teachers the ability to modify the lighting by changing the colour temperature, to calm students down, help them wake up, or enhance concentration (Yanni says their test scores improved significantly as a result). It was after working on a succession of such projects – including outdoor street lighting, office lighting, football stadiums, and more – that he accepted the challenge of introducing these kinds of effects and improvements into the home in the form of Philips Hue connected lighting for the home. “I wanted to make this kind of lighting accessible, understandable and impactful for normal people. I wanted people to think about lighting more than just when it’s broken.”

Some of the results and available use cases will be familiar to anyone with an eye open to contemporary commercial IoT. Lighting that knows when you’ve come home, for example, and can ensure that you don’t step into a dark, inhospitable house after a trip or long day at work. By the same token, remotely controllable or programmable lighting that can give people added peace of mind when they’re away – by making it look like they’re not.

Familiar as this latter use case might be, it also points towards another intriguing capacity of lighting. Usually, we turn lighting on and off according to whether we need it: but a house burglar may translate this as whether we are at home or out. Far from being oblivious to lighting, lighting speaks volumes to would-be burglars.

The potential of lighting to communicate in other, less nefarious contexts is something Phillips is encouraging its customers to exploit.

“We’re enabling people to use Philips Hue lights inside their homes and by extension the homes themselves to communicate simple notifications,” says Yianni. “So, in the morning, if the Philips Hue light in your porch is blue you know it’s going to rain that day, if it’s yellow you know it’s not so you can plan whether to bring a umbrella or not. Other customers are using Philips Hue lights to notify them about important email messages. There’s a wide range of way where people are actually using connected lighting in their homes to keep them informed in a less distracting way than an alarm or a buzzer.”

Another popular use case for smarter lighting concerns home entertainment. Whether we’re watching movies or TV, playing video games, or listening to music, Philips Hue is unique in that it can greatly enhance the experience through more than 300 third-party apps. Philips Hue launched the first video game, movies and TV shows with ‘scripted’ lighting programmed by the content creators to sync with their lights delivering a more immersive experience in the home. Yianni provides some examples: “As your health is dropping down in the video game Chariot, the Philips Hue lights turn red in your lounge. As a protagonist enters a dark cave in a movie, the Philips Hue lights will dim down.”

“For the last hundred years, people have been used to expecting nothing more on and off from a light bulb,” says Yianni. “We are changing that.”

In September Yianni will be appearing at Internet of Things World Europe in Berlin, where he’ll be using lighting to really illuminate the potential for IoT to revolutionise some of the most fundamental and taken-for-granted details of our day-to-day lives, as well as the central importance of communicating this to consumers. 

Enterprise IT, Features, Healthcare, Internet of Things, Interviews, IoT, medical services

IoT security and the world of US medicine

IoT in healthcare faces its fair share of challenges

IoT in healthcare faces its fair share of challenges

Internet of Things security is anything but a homogenous concept. It is, rather, extremely dependent on the type of products being developed and – in many cases – the sort of regulatory restrictions they are subject to.

Of all the sectors where IoT is proliferating, however, it is arguably medical that is the most fraught. In medical IT, developers have to operate in a minefield of intense regulation, life and death safety issues, and an unusually high (and of course very much unwelcome) degree of scrutiny from hackers.

The hacking of medical data is a popular criminal enterprise, particularly in the US, where just last week UCLA Health hospitals say hackers may have accessed personal information and medical records of as many as 4.5 million patients.

However, while no-one would be overjoyed at the thought of something as intimate as their medical records falling into the hands of digital crooks, it is arguably the patient who has the least to worry about here. The main targets of medical data theft are US insurance companies and the institutions that administer Medicare. In the US, patients usually collect medication and leave it to pharmacists to bill the insurance companies.

A single refill for five months’ medication can easily add up to a few thousand dollars, so the rewards for effective fraud – with hackers posing as pharmacists – are large. Insurance companies, of course, foot the bill, while for those impersonated the results can cost time, stress, and in worst case scenarios a potentially dangerous delay in securing their medication.

It’s just one example of why security around medical data – medical IoT’s bread and butter – has to be so tight.

Someone extremely familiar with the territory is Sridhar Iyengar, one of the founders of AgaMatrix. At AgaMatrix, Iyengar  helped develop the first iPhone –connected medical device, a glucose monitor called iBGStar, then a revolutionary innovation for diabetes sufferers.

Nowadays Iyengar’s focus is on Misfit, a wearables company focussing on fitness rather than illness, but he is still deeply involved with issues surrounding IoT, health, and security. In September, he will attend Internet of Things Security conference in Boston as a keynote speaker, where he will draw on his expertise in diabetes to illustrate the wider challenges confronted by developers in the realm of medical IoT.

“The Holy Grail in this world of diabetes is what they call an artificial pancreas,” he says, “meaning that, if you can sense how much glucose is in your blood, you can pump in the right amount of insulin to automatically regulate it. Nobody has made a commercial version of that. Partly because the folks who make a glucose sensor are different to the folks that make the pumps and it has been  difficult for the two to cooperate due to trade secrets and the complexities of sharing the liability of devices from different manufacturers that must work in unison. The patients are left to suffer.”

In one famous incident, this frustrating discontinuity was first overcome by a “citizen scientist,” a father who hacked his diabetic child’s separate devices and was able to link the two together. While this was never marketed, it signalled that the race for a commercially viable artificial pancreas was very much on. However, while no-one would resent such intrepid ingenuity on the part of the “citizen scientist,” Iyengar points out that it is also demonstrates the devices in question were very much hackable.

“If somebody hacks into an insulin pump you could kill someone,” he says. “They overdose, they go into a coma, they die. None of these insulin pump manufacturers are going to open source anything: they can’t, because of the deadly consequences of someone hacking it.”

Ultimately, it will prove an interesting challenge to future regulators to establish precisely where to draw the line on issue such as this. Still, the capacity for others to easily take control of (for instance) a connected pacemaker is bound to generate a degree of concern.

Many of these issues are complicated by existing regulations. The US Health Insurance Portability and Accountability Act (HIPAA) requirements state that medical data can only be shared after it has been completely anonymised, which presents something of a paradox to medical IoT, and frequently requires complex architectures and dual databases, with pointers enabling healthcare professionals to blend the two together and actually make sense of them.

Issues like this mean developers can’t rely on industry standard architectures.

“You can’t rely on this network immune system that exists in the consumer software space where many different parties are vigilant in monitoring breaches and bugs because multiple vendors’ code is used by a product,” says Sridhar, picking an apt metaphor. “If you want to develop security related features you kind of have to do it yourself.”  In turn this means that, if there are breaches, you have to address them yourself. “It raises this interesting dilemma,” he says. “On the one hand the way that software’s written in the medical field, it’s supposed to be more safe. But in some situations it may backfire and the entire industry suffers.”