HackerOne Offers Free Service for Open Source Projects

Service aims to provide efficient security programs but projects must meet certain rules to qualify for it.
Source: Vulnerabilitys & Threats

Lessons Learned from a Smart Building Project

Experience is the best teacher, which is what we discovered as the lead for an Intel smart building project. Even though the lessons we learned may seem simple or obvious, they can be difficult to carry out or easily glossed over due to the hectic pace of a construction project. This was a Greenfield building; however, most of the following learnings also apply to Brownfield projects.

 

Background

We outfitted a 10-story, 630,000 sq. ft. office building in Bangalore, India with approximately 9,000 sensors used to track and optimize temperature, lighting, energy consumption, and occupancy in the building. The implementation was based on Internet of Things (IoT) solutions designed to collect, analyze, and secure data from building systems, and increase the capabilities of the building management system (BMS).

Our office building is forecasted to use 40 percent less energy due to the implementation of smart features, according to our project lead Srini Khandavilli, IoT/Smart Building Program Director, Intel India.

 

A picture of a building.

 

Business goals

Organizations just starting a smart building project have many considerations, so it’s critical to establish clear goals. Even better is to identify the key challenges upfront. These were the main goals of our project.

  • Reduce resource usage. Improve the control of energy and water-related systems by adding features that are typically lacking in a static BMS.
  • Improve operational efficiency. Move to a mobile cubicle model to accommodate more employees in the building.
  • Increase occupant comfort. Eliminate oscillating temperatures in the building so employees aren’t too hot or too cold during the day.

Metrics

At the beginning of the project, it’s important to clearly articulate what “success looks like” through measurable key performance indicators (KPIs). The metrics can help avoid mission creep by indicating when the project has met its business goals.

 

Use cases

When starting the project, we soon realized there‘s no single definition for a “smart” building, so we had to figure out which use cases to implement ourselves. We studied different ones and decided which best achieved our business goals:

  • Resource usage decreased when we added building analytics to control our energy sources: diesel generation, solar, fuel cells, and the grid. The solution also decreased our utility rates by enabling automated demand response.
  • Operational efficiency improved by installing occupant sensors in cubicles and tying them to a mobile cubicle booking application that helps employees find vacant cubicles, thereby increasing their utilization rates.
  • Employee comfort increased thanks to a machine learning algorithm that maintains a constant temperature in all building zones by taking more environmental factors into account.

 

Data points and API’s

We knew the reference architecture we were building would evolve and be the basis for multiple other implementations. We factored in data collection from a wide range of smart building touchpoints in order to maximize our ability to implement various building management applications, such as:

  • Energy monitoring and analytics
  • Smart grid demand response and demand-side management HVAC and lighting control
  • Remote asset monitoring
  • Operations and portfolio oversight

We also started insisting vendors expose their data over REST API’s. This enabled us to invoke and access these building subsystems from the cloud. The ideal state would be when all vendors embrace Open API’s, thereby enabling the extensibility of the underlying building subsystems.

 

IT partnership

It’s important to create a partnership with the IT department early in the project to ensure the smart building solutions are properly designed and interoperate with the company’s IT infrastructure.

 

Our results

The building analytics we added to reduce energy and water usage is forecasted to save $645,000 per year with a return on investment (ROI) payback period of less than four years. The mobile cubicle booking application increased the building’s employee capacity by approximately 30 percent. The machine learning algorithm that improves the building’s temperature control could improve worker satisfaction through increased thermal comfort by as much as 83 percent.1

 

Smart building opportunities

Today, the typical Intel office building uses a static BMS that may have limited capabilities to intelligently control energy and water-related systems. Making modifications can be very expensive due to the closed and proprietary nature of current BMS systems, which also is an impediment to incorporating the latest technologies and reaping the benefits of smart buildings.

At Intel, we’re moving to a BMS as a “Service” model that gives IT and facilities teams the flexibility to pick the vendors they deem best for specific functions. This approach also makes it easier to collect similar data from all buildings in the portfolio, enabling more intelligent decisions to be made at the portfolio level.

To learn more about the implementation of our smart building project, download the case study.

The post Lessons Learned from a Smart Building Project appeared first on IoT@Intel.

Source: Network News

Why A Computer Beating Poker Pros Is Great News for Cybersecurity

Use of Machine Learning (ML) is a hot topic in cybersecurity, one which will undoubtedly shape the industry for years to come. To see evidence of this we’d have to look no further than the booths at this most recent RSA Security Conference, where ML was promised as a solution for corporate cybersecurity problems. But why exactly will ML play such a prominent role, and how could it prove useful? Oddly enough the answer comes from the recent victory of ML in a game of poker.

A competition took place in Pittsburgh last month that matched top poker players against a Machine Learning system called Libratus. This tournament shared some similarities to previous victories in checkers, chess, go and Jeopardy!, all of which hinted at the promise of ML. In this particular competition, four players each individually faced the computer in a 1-1 match. Rather than the traditional setup (in which a poker face can be as important as the cards you have), this competition was more analogous to playing online- no player had access to facial expressions or visual/audio cues, and computers served as mediums.

For much of the match it was unclear who would win- at the halfway mark contestant Dong Kim was slightly beating Libratus, with other players not far behind. An arduous 120,000 hands were played to provide statistical confidence in the outcome. While it is generally assumed by poker pros that both skill and luck are required to win, in the latter half of the match it became clear that other factors prove critical as well. While Libratus never tired, human participants undoubtedly felt the effects of eleven hours of consecutive play. Even more significant than this was Libratus’ ability to pick up on each player’s strategy and subsequently use it against them, leading to its eventual victory. No matter how many times a player may alter their technique, a computer will still be able to compile enough information to produce useful “tells”. Furthermore, unlike humans, these algorithms are unaffected by regret for past hands and remember each preceding scenario perfectly.

This sounds pretty hopeless for humans, but ML’s advanced use of data actually proves to be its downfall. It needs all that data to prove effective. In the poker competition Libratus was able to leverage a large amount of data and win largely because it had unlimited access to data and the rules of the game remained consistent. But what about for cybersecurity? In threat intelligence it is nearly impossible to come across mass quantities of labeled data corpora, which makes data scoring, automation and collaboration so critical. I myself am part of a team at Anomali where we use ML to contextualize and make sense of threat data provided by our Anomali partners. The ultimate application of this technology is to enable users of our ThreatStream platform to automate the process of filtering through millions of indicators for relevant threat information.

The role of ML in cybersecurity is more nuanced though, providing some advantages over humans but ultimately not able to replace them. Touching back to our poker example, humans are limited in that they can only play or remember so many hands in a lifetime. In the near future computers will easily incorporate more data from poker hands or cybersecurity incidents than a human could ever see across generations. Machine Learning algorithms are also more effective at pattern recognition, and never tire. From this evidence it’s fairly safe to conclude that computers have the greater experience. Humans, however, prove far better in unexpected situations where there is no previous information to draw from. Therefore the future of cybersecurity and poker have been dealt the same hand, where computers will be used for general situations and human intuition will be needed for unexpected situations and common sense. This human-ML hybrid is the future of game-playing, medical diagnosis, and already cybersecurity.

ML’s unprecedented victory might help to take the cybersecurity one step ahead of adversaries. In previous iterations of man vs. machine challenges, such as with Chess and Go, both computer and player had access to the same information. Cybersecurity is more analogous to poker though- the cards are hidden, and threat actors will rarely play their full hand. Therefore it’s left to the other players to guess at breaches or malicious intent. In these situations victory depends less on individual intelligence and more on strategic maneuvering. Typical questions threat analysts need to answer are:

  • What new actors may emerge to target organizations?
  • Might multiple threat actor groups really be the same one?
  • What intentions might an actor group have?
  • Are nation-state cyberattacks just one part of a larger political strategy?
     

Unfortunately for us threat actors will fold before they show their cards. Attribution in cybersecurity proves very challenging. Within the poker competition the computer had access to data from 120,000 different hands, which means a lot of contextual data. Conversely with cyber-attacks, one confident connection between a threat actor and campaign won’t provide in-depth information on that attacker’s patterns. Maybe you’ll identify a few pieces of malware or a handful of targets.

However we’ve now seen an algorithm do what was thought impossible, win without all the data. This is encouraging in a field where so many of the good guys believe a fully secure future is impossible. As actors and malicious tooling increase in sophistication, the security industry should look to Machine Learning not as robots taking away human jobs, but rather a means to empower cybersecurity professionals in the next generation of cyber intelligence defense.


Source: Honeypot Tech

Laying the Foundation Today for Tomorrow’s 5G Smart and Connected Home

There is a lot of buzz this week about 5G and how it will improve the way we live, work and play. One of the first areas where we will see the significant impact of 5G is in fixed wireless access to the home. 5G smart and connected homes of the future will offer multi-gigabit broadband, broader in-home coverage and trusted connections that ultimately make it possible to deliver new personalized home experiences. At CES earlier this year, we discussed how a truly smart and connected home begins with a solid foundation. Transformation in the cloud, networks and devices is key when it comes to realizing the potential of 5G, and it is essential that we lay the foundation today as we pave the way toward a 5G smart and connected home. This includes dependable connectivity and secure management of all the devices, data and things that connect online inside a home.

 

Get Connected, Stay Secure

To transform the home from being merely connected to being truly smart, connectivity must become like any utility where it’s reliable, ubiquitous and always on. Home networks must also be secure enough to protect every device connected to it. So how do we get there? For home networking, Intel offers an optimal Wi-Fi solution that enables a smooth online experience even as consumers quickly increase the number of connected devices in their homes. The Intel Home Wi-Fi Chipset WAV500 Series is a unique offering in the industry, allowing up to 128 clients to share the same bandwidth simultaneously and still maintain aggregated Gigabit speeds.  Intel also recently announced McAfee Secure Home Platform that automatically protects internet-connected devices on a user’s home network from a variety of threats. With these leading technologies, our partners can deliver powerful home networking solutions with robust connectivity and enhanced security that consumers demand.

 

Powering Every Digital Experience in the Home

Quantum-T9 product imageHumax is collaborating with Intel to deliver home networking solutions that offer faster and more secure connections as more connected devices are brought into the home. Humax decided to use  Intel technology and McAfee Secure Home Platform for their QuantumT9 router so that they can deliver high-speed connections and make it easy for consumers to securely connect more devices in their homes. With the Intel Home Wi-Fi Chipset WAV500 Series, the Quantum T9 router will have dedicated and consistent processing performance that can handle the simultaneous demands from an increasing number of connected devices in the home, offering fast performance to download movies, play games and stream 4K content. The Quantum T9 router – available through select retailers starting in April 2017 – also utilizes MU-MIMO technology to efficiently allocate the Wi-Fi bandwidth among the various devices, as well as intelligent Quality of Service that classifies and automatically prioritizes different types of network traffic, enabling a more seamless experience in connected home today and in the future.

Looking ahead, the 5G smart and connected home of the future will enrich daily life, ease the tasks of running a home, and provide assurance to create peace of mind. Today’s progress in connectivity and security is paving the way toward this future.

For more on Intel smart and connected home developments, subscribe to our RSS feed for email notifications of blog updates, or visit intel.com/connectedhomeLinkedInFacebook and Twitter.

The post Laying the Foundation Today for Tomorrow’s 5G Smart and Connected Home appeared first on IoT@Intel.

Source: Network News