The usual attack on Sigfox network is related to the “security”. Behind this large concept, for real, the only point is related to the use of clear payload over the air. As a consequence some are extending this to the possible replay after 2048 frames so regarding a standard use of Sigfox is will be about 6 month later…
That said, for real, all of this is just ignorance from these pseudo “security” experts and developer laziness. Don’t beat me for saying that, I’m part of the lazy developer, the only difference is I’m not complaining and I’m aware the solution is in my own hands.
So saying the Sigfox is not proposing payload encryption is wrong and this option is also fixing any 6 months later message replay. It’s like saying WiFi is not secured because you can create an open-network.
So now, let’s see why encryption is not the default option, why a network encryption standard is not the best option and then see how to stop to be a lazy developer and make encryption working.
For the second year I had the chance to introduce the IoT and LPWAN networks to a group of 150 students in computer engineering school. This year we add a longer time to detail a bit the Sigfox and LoRaWan solution and I’ve added a part on the IoT security.
I’ve tried to propose a different point of view on security aspect, not based on fear but practical things to do and a larger contextual aspect. I’ll try to make video on this specific topic on my Youtube (where you can find in french most of the content of these slides).
So … here are the slides, for my students who joined or not the conferences, and for those who would like to join this course.
As a coming soon produit, widely available as an open design, Sigfox has introduce during the Sigfox Connect conference the Bubbles: They are basically a Sigfox Beacon.
Working on the technological basis of the Monarch technology the bubble allows a device to identify the zone where it is. This is basically a kind of solution existing on bluetooth, LoRa but Sigfox was not positioned on it. This is now fixed with the Sigfox Bubble technology.
Compared to bluetooth the Sigfox solution is offering a large range of operations: thanks to the long range communication capability, you can imagine to cover a zone like a complete building or a parking as a single cell ; this is for future as the current technical offering is covering 10 meters max. Like on bluetooth you can manage the beacon power to reduce the cell (bubble) size to 1 or 2 meters and get your device position on this range. On top of this with no technology addition, you get access to the Atlas service locating your device on public area with the usual 1km precision.
The main difference with other technologies comes with the service proposal. Bubble is not just a technology ! Following the Sigfox business model, Bubble is a manage service: you have your bubble devices managed by Sigfox, you are able to share positions with business partner across the bubble global network and you get benefits of the public Bubble network operating on different point of interest.
This is a Frequent question I received from many hackers or companies: How can I get a Sigfox subscription for my IoT device?
We need to start saying a Sigfox subscription is a right to have its device data to be proceeded for a year. In the LPWA technology there is no SIM cards or any physical things attached to the subscription. You buy a device from a semiconductor company, when this device is compatible with Sigfox you have an ID attached to this device. This ID is uniq and used to identify the device on the Sigfox network. So once you have a subscription, you attach this subscription to this device ID then you will be able to access your device data from the Sigfox backend.
That’s clarified we can address the question of this post: what are the way to access a subscription?
I want to start a new category of posts about IoT, not focus on the technology itself but on the use-cases. That said, for sure my words will be on the technological aspects of this use-case. The objective is to let you understand what are the solution but also what are the challenges behind that use-case. To start I’ve selected the Tracking use-case, reviewing all the GPS, WiFi and operator technics.
Regarding my experience in IoT from the past 5 years, one of the biggest market for LPWAn is actually assets tracking. In number I assume alarm backup is a little bit behind but thanks to one uniq actor. Tracking is far away first regarding the number of actors already having implemented a solution in production. This is also where we find the largest number of objects on the market for a single use-case.
That’s why I decided to start with this use case. I also know it really well for being the founder of one of these solution : Foxtrackr and I’ve already implemented all the technics described below.
Recurrent question where I usually see the wrong option taken by industrials: do I need to implement my own private network for m LPWA network ? In many case the wrong choice has been made due to a lack of understanding of network total cost of ownership. For sure I heard element about MY DATA privacy, but honestly, all the companies are putting added value data into the Cloud, so don’t tell me you unknown machine temperature is a sensitive data ?!? That said, let’s back to the true question : when does it make sense to create your own private network ?
Sigfox just released publicly its Radio Signal Analyzer tool. This is a tool for the device & module maker to prepare the P1 certification : basically it checks the radio signal shape, power… and tell you if you are following the requirements.
The tool have to be used with the SIGFOX SDR dongle provided with the SNEK tool.
The software solution can be downloaded here : https://support.sigfox.com/downloads/sigfoxradiosignalanalyzer.iso