Networking the Cloud for IoT – Pt 3 Cloud Network Systems Engineering

Cloud Services Brokerage: Adding Trust and Oversight to Complex Cloud Deals

By G C Network | September 15, 2014

According to the Gartner IT Glossary, “Cloud services brokerage (CSB) is an IT role and business model in which a company or other entity adds value to one or more…

Learn Hadoop and Big Data in 7 Minute Flat!

By G C Network | September 13, 2014

How do I install Hadoop, and on what platforms? What are the differences between versions of Hadoop? How do I Extract, Transform and Load in Hadoop? The answers to these…

Tech Equity & GovCloud Network Team For Cloud Education

By G C Network | August 25, 2014

GovCloud Network is proud to announce that we have teamed with Tech Equity Ltd to deliver cloud education and training on a global basis. With this partnership, GovCloud Network will…

National Cybersecurity = Cloud Computing Security

By G C Network | August 13, 2014

A recent article Inc.com article claimed that the percentage of U.S. small businesses using cloud computing is expected to more than double during the next six years, from 37 percent…

Vets 360 Sponsoring Service Members To Attend Gartner Catalyst Conference

By G C Network | August 5, 2014

Veterans 360 will be attending the Gartner Catalyst Conference. They are also sponsoring the attendance of active duty service members that are currently in the US military and serving in…

ERPGovCloud: Your Path to DCAA Compliance

By G C Network | July 28, 2014

So you won your first Government Contract… Congratulations!  Among the new issues you will need to consider, your accounting systems, both practices and technology, will need to pass muster with…

GovCloud Media Network Feature: Army IT Playlist

By G C Network | July 17, 2014

The GovCloud Media Network features agency specific video playlist for registered members. Please enjoy this feature on the Army IT. Please visit the new GovCloud Network Media Library for more…

Security & Defense People Launches – Use “GovCloud” for 50% Discount

By G C Network | June 28, 2014

This is quite an unusual post for me but I would like to congratulate GovCloud Network partner SDP Networks on their launch of the Security & Defense People website! Security…

The Cloud Credential Council releases Executive FedRAMP certification course with leading government cloud expert Kevin L. Jackson.

By G C Network | June 23, 2014

Palo Alto, USA – June 23rd, 2014 – Addressing the global cloud skills gap is the number one priority to help accelerate the successful adoption of Cloud, according to the Cloud…

Learning Tree’s Expert Cloud Instructor Kevin Jackson Announces Multiple Speaking Engagements

By G C Network | June 22, 2014

(Reposted from LearningTree’s “Perspectives on Cloud Computing” at https://cloud-computing.learningtree.com/2014/06/12/expert-learning-tree-cloud-instructor-kevin-jackson-announces-multiple-speaking-engagements ) Kevin Jackson, a certified Learning Tree cloud computing instructor and Learning Tree Cloud Computing Curriculum Initiative Manager, is set to…

Dwight Bues & Kevin Jackson

(This is Part 3 of a three part series that addresses the need for a systems engineering approach to IoT and cloud network design.  Networking the Cloud for IoT – Pt. 1: IoT and the Government , Networking the Cloud for IoT – Pt. 2 Stressing the Cloud )


The Case For Cloud Network Systems Engineering

IoT networking requirements are vastly different from those supported by today’s cloud network. The processing and transport levels are multiple orders of magnitude higher than ever seen before. More importantly though, societal economic and the safety ramifications of making mistakes during this transition are off the scale. This is why system engineering of the cloud computing network is now an immediate global imperative.

System engineering has many different aspects, but it all starts with the question, “What do I really want to know?” This is the beginning of the CONOPSdocument referenced earlier. This document captures User Needs which are formal statements of what the user wants from the system. This CONOPS leads to Derived Requirements which, through an iterative process, are analyzed against a Target Architecture. Once a project is underway, methods of Integration are planned in order to provide Validation(did we build the right system?) and Verification (did we build the system right?) of the requirements. Further considerations for SE include: how to conduct Peer Reviews of a design (either Systems, Hardware, or Software), studying Defects, and establishing processes to ensure the Qualityof the final product and Compliance with Standards.


While multiple sources indicate that the business world is investing heavily in the IoT, there are no indication that these investments are addressing the question of what does society really want to know in the IoT world. To ensure success, design formality is necessary, lest “IoT” become the latest retired buzzword. Dr. Juran, in Juran on Leadership for Quality, makes the point that quality improvement programs failed because leadership assigned vague goals and responsibilities, while failing to commit resources to staff projects and reward achievements. This caused TQM, 6 Sigma, and the like to be relegated to the “dustbin” of quality programs. Is it wise to relive this error in our transition to IoT?

Ten Steps of Design Rigor

Jay Thomas in the Embedded Magazine article “Software Standards 101: Tracing Code to Requirements,” opined that the embedded industry standard for making systems safe or secure include:

  • Performing a safety or security assessment;
  • Determining a target system failure rate;
  • Using the target system failure rate to determine the appropriate level of development rigor;
  • Using a formal requirements capture process;
  • Creating software that adheres to an appropriate coding standard;
  • Tracing all code back to their source requirements;
  • Developing all software and system test cases based on requirements;
  • Tracing test cases to requirements;
  • Using coverage analysis to test completeness against both requirements and code; and
  • For certification, collect and collate the process artifacts required to demonstrate that an appropriate level of rigor has been maintained.”


    Using this model, security issues must be addressed through a multi-layered approach.  From a system engineering point of view, users must be forced to implement complex passwords and Public Key Infrastructure (PKI) certifications must be a minimum requirement for operating across the IoT network. The article, “How to protect Wearable Devices Against Cyberattacks,” in IEEE Roundup online magazine, postulated that, where there are devices with limited functionality, they can be linked to the user’s smartphone, which can act as a conduit for the device’s information, thus securing it from the outside world.  Most importantly of all, though, is ensuring that the proper amount of Systems Engineering design rigor has been exercised in the development process. This makes defects easier to find and much less costly than a multimillion-dollar security breach.

    Although it would be simply impossible to implement this type of rigor globally across the cloud and its underlying network, embedded systems tenets could be applied to individual IoT projects. Since embedded systems also have a history of low development overhead, minimal memory or storage per unit, and cost-driven development cycles, a more rigorous IoT design process may save society from seeing a collapse of the cloud. In the past, this type of design rigor has paid off in successful, maintainable designs. Let’s therefore use what we’ve learned from the past to avoid a future that none of us want to see.
     

     

    Dwight Bues, of Engility Corp., is a Georgia Tech Computer Engineer with 30+ years’ experience in computer hardware, software, and systems and interface design. He has worked in Power Generation, Communications, RF, Command/Control, and Test Systems. Dwight is a Certified Scrum Master and teaches courses in Architecture, Requirements, and IVV&T. He is also a certified Boating Safety instructor with the Commonwealth of Virginia and the United States Power Squadrons. He is currently working several STEM projects, sponsoring teams for competitions in the Aerospace Industries Association’s (AIA) Team America Rocketry Challenge (TARC) and the Robotics Education and Competition Foundation’s, Vex Skyrise Robotics Challenge.

    Kevin L. Jackson is a globally recognized cloud computing expert, a cloud computing and cybersecurity Thought Leader for Dell and IBM and Founder/Author of the award winning “Cloud Musings” blog. Mr. Jackson has also been recognized as a “Top 100 Cybersecurity Influencer and Brand” by Onalytica (2015), a Huffington Post “Top 100 Cloud Computing Experts on Twitter” (2013), a “Top 50 Cloud Computing Blogger for IT Integrators” by CRN (2015) and a “Top 5 Must Read Cloud Blog” by BMC Software (2015). His first book, “GovCloud: Cloud Computing for the Business of Government” was published by Government Training Inc. and released in March 2011. His next publication, “Practical Cloud Security: A Cross Industry View”, will be released by Taylor & Francis in the spring of 2016

    ( This content is being syndicated through multiple channels. The opinions expressed are solely those of the author and do not represent the views of GovCloud Network, GovCloud Network Partners or any other corporation or organization.)

    Cloud Musings

    ( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)

    Follow me at https://Twitter.com/Kevin_Jackson
    Posted in

    G C Network