Report
Teaser, summary, work performed and final results
Periodic Reporting for period 1 - Barbara-IoT (Barbara is an Operating System Software Platform which enables IoT device manufacturers to boost their level of security, reduce time-to-market, and reduce costs.)
Teaser
IoT is an immature industry with a tremendous growth potential according to major market research by the biggest consultant agencies. However, some of the surveys carried out by these agencies reveal that up to 70% of the IoT projects fail due to complexities during the...
Summary
IoT is an immature industry with a tremendous growth potential according to major market research by the biggest consultant agencies. However, some of the surveys carried out by these agencies reveal that up to 70% of the IoT projects fail due to complexities during the execution, budget overruns and integration challenges. On top of that, Security is considered the biggest concern for companies when considering IoT deployments.
In this context, Barbara IoT has ideated an open professional platform that allows the whole lifecycle management of the IoT devices in a remote and secure manner, and fully sustained and supported by a professional team. It comprises two main components: Barbara OS, an opensource secure operating system for IoT devices; and Barbara Panel, a remote management dashboard to monitor and control the loT devices across their lifecycle.
In order to fulfil this project idea, Barbara IoT has carried out a Feasibility Study in the scope of the SMEi-Phase1. For 6 months and as part of this feasibility study, the company has performed a series of actions focus on analyzing the viability of the project from different points of view: Technical feasibility through technology studies, commercial viability through market studies and freedom-to-operate through regulatory and knowledge protection studies. Among these actions it’s worth mentioning some such as:
â— Technical tests with selected partners
â— Elaboration of a new Marketing plan
â— Identification of the most suitable segments for initial commercialization
â— Identification and search of relevant stakeholders
â— Full state of the art and competitor analysis
â— Analysis of the main entry barriers
â— SWOT analysis and risk assessment
â— Commercial strategy definition
â— IPR and knowledge protection analysis
These actions and studies have allowed Barbara IoT to validate the Product-Market fit and helped the company to define the commercial/marketing strategy and the final scope of the product in terms of functionalities. As a result, Barbara IoT has decided to pursue the initial project idea and carry it out to its full completion.
As reported by Morgan Stanley, the two top challenges are Cybersecurity and lack of standardisation. Ad-hoc implementations with today’s patch-work approach leads to high costs and exposes businesses and users to major risks in terms of security and privacy. There are also major post-deployment costs as IT managers apply fixes, especially with security vulnerabilities requiring expensive consultants and software to address the issues. The impact is most significant in the industrial sectors because the majority of devices being installed are industrial and sector specific, being the highest growth area for IoT adoption, and where the cost of operation and security risks are most critical for business’ survival. Given the industrial application of I-IoT, in fact the risks can magnify to effect society or the economy more broadly. So, the need to have effective systems with the highest levels of security is clear.
Work performed
Feasibility Study
OVERVIEW OF THE WORK DONE AND RESULTS
Here we summarize the actions performed by the team during the Phase-1 execution, which includes specific actions, such as:
Technical studies to define the Technology Roadmap
Product Final Features Definition
Partners and Stakeholders Search
International Market Analysis
Commercial Strategy definition
IPR and Regulatory analysis
The feasibility study has allowed us to confirm our market-product fit and has helped us to define the commercial/marketing strategy and the final scope of the product in terms of functionalities.
In particular, it’s important to highlight the following conclusions:
â— From a technical perspective:
○ Although the focus and the most valuable aspect of Barbara Software Platform is Security, it’s highly important to boost, promote and put in value all the functionalities that allow the Remote Management of the devices’ lifecycle. Maintenance and Management of IoT devices is, together with Security, one of the biggest “pains†Barbara IoT has detected in companies.
â—‹ Easy integration with Communications Platforms, Security Operations Centers (SOC) and similar tools from Technology partners represents an excellent opportunity to gain presence in a great deal of end customers
â—‹ The possibility of having an operating system that is secure by design and maintained by a teams of experts in security and firmware integration is extremely attractive to several companies that need to deal with hardware.
â— From a market perspective:
â—‹ The Product-Market fit has been clearly confirmed: there is a need for a truly secure Operating System for IoT devices, and for tools to manage their whole lifecycle. Barbara Software Platforms addresses that need.
â—‹ The most convenient commercial model is indirect sell, through System Integrators and Resellers. Barbara IoT will put special effort in the Partnership Program, to build an ecosystem of Sales Partners complemented with Technology Partners that help us get to the end customer and grow sustainably.
â—‹ Attending and hosting events, together with a clear and well-thought Brand Awareness strategy is the most intelligent way to build a solid reputation and consideration among the industry.
â— From a regulatory and knowledge protection perspective:
â—‹ It is important to develop unique software algorithms for key features that allow to apply for patents. Patents give on the one hand a major IPR protection to the product and, on the other hand, reinforces the credibility in the security industry.
â—‹ The Product Development team must have into account the main industry initiatives regarding security.
Finally, as an overall conclusion, Barbara will pursue the project idea studied and will seek additional funding through EU EIC funding instruments and other private capital means (Venture Capital funding) to be able to accomplish the development of the project and the international expansion needed to succeed.
Thanks to the SMEi-Phase-1 project we are now in a strong position to develop the internationalisation business plan, which we are currently preparing on the basis of the information provided in this report. Our immediate plan is to complete the business plan in order to present the Phase-2 project in April of 2019.
Final results
IoT market is so fragmented at all levels where there is no solution like Barbara that combine the above-mentioned key characteristics, bringing together OS management and highest security standards specifically designed for light I-IoT devices together with the interoperable and open-source design.
Current technology lacks the following main aspects, which Barbara integrates:
• Non-optimised encryption algorithms/systems: Current standards in cryptography are designed to be run by traditional computing systems. Their performance in IoT systems, typically limited computing power, is neither adequate nor acceptable. Barbara is actively following NIST initiatives in the field of lightweight cryptography and their potential application in IoT in the future, incorporating these in Barbara.
• Low data transmission: The trend is moving IoT deployments to be based on LPWAN (Low-Power Wide Access Networks) protocols. These protocols are designed to optimise the necessary power to transmit, by using a low throughput rate, and therefore maximize the battery-life and Barbara supports them.
• Security still focused in the network: Security in IT has classically been oriented towards the networks, by establishing firewalls or IDS (intrusion detection systems). This approach is valid but not sufficient in the I-IoT world. New “physical†security and safety mechanisms triggered by changes, for instance, in location, temperature or any other parameter being monitored must be implemented. Barbara is built on those principles.
• Lack of standardisation: Recent initiatives such as the OWASP IoT project, GSMA’s security recommendations for IoT or the security checklist from the Online Trust Alliance try to cover existing gaps in regulation and standards for Security in IoT. However, none of them has succeeded yet in becoming a de-facto standard or having the impact that other security regulations such as the ISO 27000-1 or FIPS-140 have. Barbara is fully aligned with the emerging security standards and monitoring its evolution.
From a commercial perspective, current approaches can be mainly classified in 2 big blocks:
1. The “do-it-yourself†(DIY) approach
Many companies are directly dealing with the complexity of an IoT deployment from scratch, including hardware selection, OS configuration and maintenance, Cloud solutions integration, etc. This approach is costly (they need dedicated resources), insecure, without professional support and a burden towards scalability.
2. The Vertically Integrated Solutions approach
Other companies are using a closed solution from big industrial corporations providing hardware, software and services. These solutions imply using a very closed ecosystem of tools, are very expensive and tie companies to those specific solution, as migrating to different ones is not easy.
Barbara’s approach lies in the middle of the 2 options. It offers an open platform, that can be remotely managed and updated, curated and professionally supported by a security experts team, and with no hardware or cloud bindings.
Website & more info
More info: https://barbaraiot.com/.