Wednesday, August 28, 2019

Guard your IoT Application against hackers using IoT Simulation

The Internet of Things opens up many vectors for security vulnerabilities
as detailed in RFC 8576.

Vulnerabilities in all stages of a IoT device's life cycle include malware baked in
during manufacturing, or patched while operating by exploiting zero-day
vulnerabilities, specially after the manufacturer's support of the old device is
discontinued (end-of-life). This malware usually causes the IoT device to
deviate from its intended function for some nefarious purpose.

Part of any IoT Testing and Proof of Concept (PoC) includes addressing security
concerns by adding security monitoring solutions to prevent intrusions,
malware, etc in order to prevent the high failure rates of IoT projects.

While preventing malware through authentication, authorization and privacy is
a first defense, the IoT monitoring solution should detect behavior that is not
"normal". A usual test scenario then consists in reproducing cases of IoT devices
that deviate from their expected behavior. Unless you have a lab full of hacked
devices, this is not easy to do.

An IoT Simulator such as MIMIC IoT Simulator is  designed to easily recreate
scenarios meant to test your IoT monitoring solution for common hacking
scenarios, such as misbehaving IoT devices (eg. hacked devices sending unusual
Internet traffic, or accessing unauthorized resources), incorrectly configured
firewall or load-balancing rules, reported common vulnerabilities and exposures
(CVE) such as in this article .

The "normal" behavior of an IoT device can be characterized by the network
traffic it emits and the resources it accesses. Monitoring solutions can learn
this behavior and alert if it deviates from this pattern. MIMIC can control any
simulated device to behave differently at any point in time, and can easily create
different behaviors on demand. Thus, the monitoring solution can be exercised
to prove that it handles certain scenarios, such as higher traffic rates, network
traffic to different destinations and access to restricted resources. Since the
simulator creates reproducible scenarios, it can be part of regression tests
supporting an agile development cycle.

For example, this Youtube video demonstrates complete, dynamic, real-time
control of message generation rates in MIMIC.

Monday, June 17, 2019

MIMIC SNMP SImulator and Prometheus FOSS

We installed the Prometheus free open-source software NMS, and enabled
SNMP monitoring following this post.

Once we pointed Prometheus at a out-of-the-box 25-node simulated network with

MIMIC SNMP Simulator

we can monitor network interfaces. The graphing can be
compared to a commercial offering as shown below:

Friday, June 14, 2019

IoT Control System at the edge: MIMIC MQTT Simulator and AWS IoT Greengrass


AWS IoT Greengrass is Amazon's IoT edge processing platform. We used their
documentation and other sources [1] with MIMIC MQTT Simulator to setup a
simple control system at the edge to test bi-directional MQTT message flow
(from sensors to control logic, and from control logic to actuator).

For those who'd rather skip to the video, here is the 2-minute Youtube video.

This example illustrates the purpose of IoT at the edge: the processing that does
not need the cloud should happen locally. In this test, everything is occurring at
the edge, we just  added device shadow synchronization to the AWS IoT cloud
for illustration.


You need to setup an account at Amazon AWS IoT. Once logged into the AWS IoT
console, and a Greengrass Group has been created according to their
Getting Started manual. We setup a group called GG_group2 with a core 

Then we simulated our usual bi-directional simple control system at the edge,
with these devices

including a sensor sensor_1 reporting telemetry to Greengrass core,

running in MIMIC as seen above on the left, with certificates as configured in
AWS on the right.

When the actuator (eg. cooling system) in the control system is off, the sensor
temperature heats, and when it is on, then it cools. We implemented the control
system logic in a Node-RED flow, rather than in a Lambda function.

It turns the actuator on if the temperature exceeds a high threshold, and turns it
off if the temperature is cool enough. The connectivity to the core broker is setup
as a subscriber to the shadow updates as shown below on the right:

and the Node-RED subscriber is configured to connect to the broker at the edge:

with TLS certificates exported by AWS:

The parts of the system need permission to publish as defined in the Greengrass

Once everything is setup, the control system reaches a normal steady state at the
edge, as visualized by the Node-RED graphing rules, as shown in this 2-minute
Youtube video.


We saw that by using MIMIC MQTT Simulator we can create a real-time
scalable, predictable, customized IoT Edge Control System scenario that
compresses the state transitions into a period short enough for showing in
less than 3 minutes.

Future work can improve on this to make it more scalable, test exceptions
(eg. what if the sensor does not cool down when fan is on?), test different
implementations (eg. Lambda function vs. Node-RED), etc.


[1] The Hitchhikers Guide to AWS IoT

Monday, June 3, 2019

MIMIC MQTT Simulator driving a IoT demo at Cisco Live

If you are planning to attend Cisco Live next week, take a look at a
dynamic IoT platform demo. You will see a cruise ship with dynamic,
real-time cabin temperature and door lock sensors simulated by
MIMIC MQTT Simulator.

Here you see a drill-down to a particular sensor:

Update 6/12/2019: Here is a tweet to a video at the show.

Friday, May 24, 2019

MIMIC MQTT Simulator: dynamic, scalable device shadows on AWS IoT

This 2-minute Youtube video shows multiple, independent device shadows
updating from MIMIC MQTT Simulator to Amazon AWS IoT with dynamic,
real-time,  predictable, scalable values.

MIMIC allows to quickly create on-demand prototypes and proof-of-concepts for
your particular IoT Application based on AWS IoT device shadows.

Monday, May 13, 2019

MIMIC Simulator integrated with Telegraf OSS monitoring application

What better way to quickly develop / test / prototype Telegraf deployments
than with simulated data? MIMIC Simulator delivers the dynamic,
customizable, scalable data for the variety of Telegraf input plugins.

To exercise SNMP interoperability, for this experiment we graph real-time
interface statistics from a simulated Cisco ASR 9000  router.

The graph in Grafana shows ifInOctets SNMP data collected from the MIMIC
simulated Cisco ASR 9000. The data is collected by the Telegraf application
using the SNMP plugin, and output to InfluxDB. Grafana is showing the data
using the InfluxDB as data source.

The Telegraf, InfluxDB and Grafana setup was done using this link:

Monday, April 1, 2019

MIMIC implements MQTT 6

Skipping the latest MQTT 5, MIMIC MQTT Simulator now supports the
yet-to-be-defined MQTT 6 standard.

Happy April Fool's Day!

In all seriousness, MIMIC is the first MQTT 5 simulator to implement the
latest MQTT 5.

Try it out at