Upcoming Events You Don’t Want to Miss! Reply


Come meet us at our next industry event! Why? It’s a great opportunity to explore the latest innovations within the Industrial Internet of Things (IIoT) and to engage with RTI experts. If you’re in the Healthcare, Energy, Transportation, Industrial, Communications or Defense industry, we have compiled a list of events for you. Believe me, you don’t want to miss them!

IoT Tech Expo North America – October 20-21 • Santa Clara, CA


Our CEO, Stan Schneider, will be the keynote speaker on How the Industrial Internet of Things (IIoT) is Transforming Industry followed by a panel discussion on Building New Business Opportunities with the Industrial Internet of Things. For two days, leaders from key industries across the US will come together to introduce and explore the latest innovations within the Industrial Internet. Covering Manufacturing, Transportation, Health, Logistics, Government, Energy and Automotive, this conference is not to be missed. For more information, check out the IoT Tech Expo website or register here.

Industrial Internet Forum Barcelona – October 24 • Barcelona, Spain


Join us at the Porta Fira Hotel in Barcelona, Spain for a complementary public forum. That’s right, complementary! RTI’s very own Brett Murphy, Director of Business Development, will be part of a panel discussion on Accelerating the Industrial Internet through Testbeds. Hear from testbed contributors about their progress and the recently released Industrial Internet Security Framework (IISF) – an in-depth, cross-industry security framework for the Industrial Internet. Visit here for more information and to register.

AUVSI Unmanned Systems Defense Show – October 25-27 • Arlington, VA

This three-day event will be filled with information sharing and engagement with government program managers, decision makers and technology experts. Each day is designed to cover a specific domain — Maritime, Air and Ground- to provide focus. Don’t forget to stop by our booth and meet our experts! Register here!

IoT Solutions World Congress – October 25-27 • Barcelona, Spain

iots16-claim_tweet_v01Join our CEO for the Industrial Internet of Things (IIoT) Architecture for Connected Medical Devices session. Stan will examine the potential and challenge of connecting medical devices in the IIoT. The IOTSWC16 is an international forum which gives you the opportunity to meet developers from different markets around the globe. If you have an interest in Manufacturing, Healthcare, Energy and Utilities, Transportation and Logistics, Innovation and Technology, don’t hesitate and register now! For more information, visit the IoT Solutions World Congress website.

If you’re interested in other upcoming events, check out our calendar for the latest developments in tradeshows, webinars, seminars, and more.


ISO 26262 Certification for Software Components Reply


Guest author: Joe Wlad, Vice President, Business Development, Verocel, Inc. 


The automotive industry has adopted ISO 26262 as its functional safety standard for electronic systems. The current version of ISO 26262 was published in 2011, with a second edition scheduled for release in 2018. The increased use of software in automotive systems such as driver assist, brake control and engine and systems management has placed a greater scrutiny on ensuring the software is safe. Modern vehicles now contain millions of lines of software and software quality is more important than ever. While automotive designers and suppliers have 5 years’ experience using ISO 26262, the bar for software compliance is now higher due to increased complexity, integration and automation. Moreover, one can expect regulatory oversight to increase in the future due to changing policies. In September 2016, the U.S. DOT issued a new federal policy for safe testing and deployment of automated vehicles. This new policy seeks to strike a fair balance between innovation and regulatory oversight but will require additional effort from vehicle makers and suppliers who wish to use forms of automation in their future designs.


Historically, all automotive companies and suppliers practiced a form of “self-certification” regarding their systems, hardware and software. To date, there is no pre-market approval process and no government regulator in the loop. Manufacturers do their own due diligence and any government oversight of safety design, development and production comes into play only after vehicles go into production. Even though a pre-market approval process for road vehicles would be impractical even for autonomous features, designers will have to place additional emphasis on software design and verification practices in the near future. Fortunately, ISO 26262 addresses the key requirements for software development and design and software suppliers like RTI are prepared to assist designers in ensuring compliance with ISO 26262 software requirements.

ISO 26262 covers functional safety at the system, hardware and software levels. To be considered fully compliant with ISO 26262, all areas must be addressed at once meaning that the software has to be integrated onto a given hardware platform and within a given system before it is approved. This poses a dilemma for suppliers who wish to use COTS software such as an operating system or communication layer because it places an additional certification burden on the supplier to represent software they may not have designed themselves. Companies like RTI and Verocel have addressed this problem by providing both certification evidence and a framework to use that evidence in any system design and achieve ISO 26262 compliance at ASIL-D. The details of this approach are documented in a whitepaper called ISO 26262 Compliance Using Approved Software Components for Road Vehicles which can be downloaded at both the RTI and Verocel websites.


The whitepaper provides a complete background on ISO 26262 processes and what parts of the standard would apply to COTS software components. It also provides a summary of key characteristics of COTS software that can be used in road vehicle designs as well as documentation and evidence to assist the integrator in achieving ISO 26262 compliance. RTI Connext DDS Cert supports the DDS (Data Distribution Service) family of standards and is a certifiable middleware available with a complete, commercially supported certification package to support ISO 26262 certification, including ASIL-D. Connext DDS Cert provides an architecture and hardware-independent layer of software that can be used on virtually any system design. It also comes with the certification evidence that supports ISO 26262, sections 2, 6 and 8 as well as additional guidance and information that helps designers integrate Connext DDS and retain certification credit in their system.

Automotive designers and suppliers need to prepare for a future where increased regulatory compliance for software will be a norm. The days of complete self-certification autonomy are coming to an end and suppliers will need to rely on an entire software ecosystem of suppliers who can meet the current and future ISO 26262 requirements head-on. RTI and Verocel have broad experience in delivering certified software to customers in many industries and we are prepared to assist you.

The Industrial Internet Security Framework: What It Is and Why You Should Care 2


Industrial Internet of Things (IIoT) systems connect and integrate industrial control systems with enterprise systems, business processes, and analytics. According to the World Economic Forum (WEF), the Industrial Internet will be hugely transformative; it will change the basis of competition, redraw industry boundaries, and create disruptive companies[1]. Hugely improved operational efficiency, emergence of an outcome economy, and new connected ecosystems — that blur traditional industry boundaries — are among key business opportunities. There are, of course, significant hurdles to overcome, chief among them are security and interoperability based on the same report.

Security risks in IIoT systems can not be underestimated. To get a glimpse of what could potentially happen, take a look at the following video; demonstrating an experiment known as Aurora Generator Test, conducted by Idaho National Lab back in 2007:

The experiment demonstrates how a computer program could be used to rapidly open and close a diesel generator’s circuit breakers out of phase from the rest of the grid, causing it to explode. The Aurora vulnerability itself is not a software vulnerability, but existence of a huge amount of old infrastructure and legacy communication protocols creates concern about the security of these systems and the ability of attackers to exploit this vulnerability.

Of course, a lot has happened since 2007 when the Aurora research experiment was conducted. Real attacks on critical infrastructure have already happened.  Attacks on Ukraine’s power grid[2] and a German Steel Mill[3] or existence of malware like StuxNet indicate that the industrial internet should take necessary steps to protect the large number of already deployed legacy systems, in addition to coming up with new processes and technologies with thoughtfully integrated security support.

The Industrial Internet Consortium (IIC), the leading Industrial Internet consortia, comprises more than 250 companies and sets the architectural framework and direction for the Industrial Internet. The IIC recognized the necessity of protecting legacy systems and developing integrated security support since its inception in 2014. The Security Working Group at the IIC was tasked with initiating a process to create broad industry consensus on how to protect IIoT systems. This guidance would also be applied in IIC Testbeds, prototypes of IIoT systems developed by teams made up of IIC member companies. After two years of hard work, the IIC released the first version of this guidance document, titled the “Industrial Internet Security Framework (IISF).”

IISF is made up of different parts, each treating different viewpoints and aspects of security for the Industrial Internet.

Part I: Introduction

In Part I, key system characteristics for IIoT systems, and their assurance requirements that make these systems trustworthy, are examined. Furthermore, aspects of IIoT systems that are distinguished from Information Technology (IT) systems, Operational Technology (OT) Systems, and consumer IoT systems are discussed and their consequences for security designs explored.

Part II: The Business Viewpoint

In Part II, different aspects of identifying, communicating, and managing risk is discussed, along with requirements and approaches for assessing security of organizations, architectures, and technologies.

Part III: Functional and Implementation Viewpoints

This section describes functional building blocks for implementing security in IIoT systems as well as related technologies and best practices for protecting endpoints, communications and connectivity, configuration, management, and monitoring.

In the upcoming IIC Industrial Internet Security Forum, hosted at RTI headquarters, authors and editors of the IISF will cover more details about the framework. See the full agenda here. In my presentation, I will go over more details on functional and implementation aspects of protecting communications and connectivity. RTI’s VP of Products & Markets, David Barnett, will go over a specific use case on protecting Medical IoT systems: showing why and how Data Distribution Service Security could be used to protect Integrated Clinical Environments (ICE)[4].

[1] http://www3.weforum.org/docs/WEFUSA_IndustrialInternet_Report2015.pdf
[2] https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/
[3] https://www.wired.com/2015/01/german-steel-mill-hack-destruction/
[4] Read more about protecting Integrated Clinical Environments in this paper.