The future of crypto asset regulation in SA Intelligent security drives eCommerce growth Out-of-the-box spoofing mitigation with Galileo's OS-NMA ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
MAY 2020
Automation and Control | Electronics | Measurement and instrumentation | Technology and IoT
The future of crypto
asset regulation in SA
Intelligent security
drives eCommerce
growth
Out-of-the-box
spoofing mitigation
with Galileo’s
OS-NMA service
The Great Geomagnetic
Storm of May 1921
Aurecon develops
building health tool to
mitigate Covid-19 risks
5G 0ver-the-air
performance
measurement
ISSN 1991-5047
The Now Media Group is the new owner of the EngineerIT and Energize titles.
The Marsh family, owners of the Now Media Group, and the Yelland family,
the previous owners of the titles, go back a generation when their
parents ran their businesses out of London House in Loveday Street
in the centre of Johannesburg some 50 years ago.
That is where the coincidence ends. Yelland was in the electrical
business and John H Marsh, a journalist and best-selling author
of Skeleton Coast, was a magazine publisher.
Now Media was founded in 1953 by John and
continues to be run as a family business by Dave,
chairman (2nd generation), and Anton, CEO
(3rd generation).
The company has taken an innovative approach to
publishing, whether it be establishing quick-read high frequency
trade newspapers or running its own printing works to ensure it
can be first with the news.
Before the internet was popularised it launched its first online B2B
service in 1989, Travelinfo, which changed the way the travel industry
in South Africa operates. It continues to flourish today with over 4 000 travel
agents using it repeatedly throughout the day for their operations.
It now has a strong internet presence with three daily news sites in the
freight and travel sectors.
Nico Maritz, who heads up a division that focuses on B2B monthlies and
upmarket magazines for large residential estates, will manage Energize
and EngineerIT.
Most critically we believe in being effective for our clients.
Through niche publications with highly engaged audiences
we can provide solid, effective promotional solutions to the
industries and audiences we serve.
The Now Media Group is a level 2 B-BBEE company
based in Illovo, Johannesburg and employs around
100 staff across: 5 business magazines, 11 security estate
publications, 3 daily news and 3 twice-weekly trade
websites, a travel reference and training system, as well
as its printing works.
FROM THE EDITOR’S DESK
he April edition of EngineerIT was available in districts during the National State of Disaster.
T a soft copy posted on our website. Thanks to
all of you who downloaded it. We trust you
enjoyed reading it as much as we enjoyed putting it
Furthermore, all radio frequency spectrum licensees
must zero rate all COVID-19 sites as identified from
time to time by the Department of Health and
together. We are still locked down, so we are in the published in the Government Gazette.
same boat with this edition, no print version, only One wonders what will happen after lockdown; will
available on the web. the mobile industry easily give up these additional
Our twice weekly newsletter readership is growing frequency assignments?
with every edition. If you are not receiving it on a ICASA also authorised Mthinte Communications,
Tuesday and Thursday please visit our website on Levin Global and Morai Solutions the use of TV White
www.engineerit.co.za to subscribe. It is free! We will Spaces (TVWS) in the 470 – 694 MHz band. The
not flood your inbox but send you a list of the latest applicants had to obtain approval from the CSIR, in
five articles loaded onto the website. Click on the conjunction with ICASA, with respect to Geo-Location
ones that catch your interest. Secondary Database (GLSD) connectivity for
When the lockdown was announced, there was a compliance with the use of TVWS in South Africa.
scramble to set up systems that would allow us to Applicants must obtain type approval certification from
work from home. Many managed to achieve it in a ICASA for their electronic communications equipment,
short time and we soon started receiving invitations and if harmful interference occurs to existing
to attend virtual product briefings and even mini broadcasters, the applicant must immediately terminate
conferences. But platforms were overwhelmed and its services and notify the Authority accordingly.
started showing cracks, resulting in unintended The use of TV White Spaces is a great solution to
consequences such as being hacked. It did not take connect the rural unconnected. The key advantage of
platform providers long to implement lessons TV White Space deployment is that the signal
learned. Well done! coverage can reach up to a 10km radius from the
Working remotely was not generally an accepted base station without the requirement of line of sight.
practice in South Africa, but during the past two This makes it ideal for connecting people living in the
months many businesses have gained experience rural undulating hills of KwaZulu-Natal and the Eastern
and may continue to carry on the practice after Cape, as well as areas in other provinces where there
lockdown. It has always been said that there is is poor existing backhaul infrastructure. In the WAPA
nothing to replace face to face meetings, and from pilot project launched last year, each TV White Space
experience now there is some truth in that statement. base station will connect at a bandwidth of 20 Mbps to
Many companies will consider the various options but 30 Wi-Fi access points. These will be scattered within
it is most likely that hybrid models will emerge, walking distance of each citizen of the rural
homing in on the best of both worlds. community. Participants in the project will be
When the lockdown was announced, ICASA deploying1,600 such base stations reaching 50,000
sprang into action and made much needed radio hot spots servicing a potential 13 million rural citizens.
frequency spectrum available to the mobile industry. It is gratifying to learn that ICASA sees the benefit of
The temporary allocations came with strict conditions. TVWS as a rural solution.
All successful licensees for temporary IMT radio
frequency spectrum assignments had to ensure that Enjoy reading this edition of EngineerIT. We welcome
they supported and created virtual teaching and your input and comments. Drop me an email.
classrooms, as determined by the Department of
Basic Education and the Department of Hans van de Groenendaal
Communications and Digital Technologies in various Email: hansv@nowmedia
EngineerIT | May 2020 | 1
CONTENTS
MAY 2020
Automation and Control | Electronics | Measurement and instrumentation | Technology and IoT
EDITOR
Hans van de Groenendaal -
MIng Honoris Causa (Stellenbosch)
Tel: 012 991 4662
Cell: 082 781 4631
Email: hansv@nowmedia.co.za
ADVERTISING
Teraco Cape Town 2 (CT2) is a new 30MW hyperscale data centre facility and Merinda Lottering
following the company’s recent 60MW expansion announcement of its Cell: 071 765 5702
Johannesburg data centre campus in Isando, makes the proposed Cape Town Email: merindal@nowmedia.co.za
facility the second-largest on the continent. Teraco provides carrier and cloud
neutral colocation data centres, and with over 18 000 cross-connects, is DESIGNER
Adéle Gouws
Africa’s most interconnected data centre hub. As the first provider of highly
resilient, vendor neutral data environments in sub Saharan Africa, Teraco
PUBLISHED BY
brings global content closer to the digital edge.
African Destination
Publishing (Pty) Ltd
Tel: +27 (0)11 327 4062
Fax: +27 (0)11 327 4094
A VOICE FOR
E-mail: engineerit@nowmedia.co.za
Physical address:
Now Media Centre
32 Fricker Rd, Illovo, Johannesburg
South Africa
Postal address:
PO Box 55251, Northlands, 2116
PUBLISHER
Nico Maritz
Email: nicom@nowmedia.co.za
PRINTED BY
JUKA
WEBSITE
www.engineerit.co.za
EngineerIT | May 2020 | 2
29
6
16 8 35
FROM THE EDITOR 1 Copyright
Copyright of all material appearing in EngineerIT
is vested in African Destination Publishing (Pty)
AUTOMATION Ltd. In submitting any article for publication, the
authors confirm that they own the copyright to
Aurecon develops building health tool to mitigate Covid-19 risks 4 the said article, which is ceded to African
More, faster data can make for safer tailings dams 6 Destination Publishing (Pty) Ltd for publication.
The editor reserves the right to edit or shorten
Robotics is the new norm in production 8 articles submitted for publication. Editing and/or
From beer to hand sanitiser 10 shortening is done with due dilligence, where
necessary in conjuction with the author(s).
No part of this publication may be
ICT reproduced, or stored in a retrieval system, or
transmitted in any form, or by any means,
SDN redefines networking environment 11 except as described below, without the written
Pay-as-you-use makes cyber security cost effective 12 permission of African Destination Publishing
(Pty) Ltd. Copying of articles is not permitted
Out-of-the-box spoofing mitigation with Galileo’s OS-NMA service 14 except for personal and internal use, to the
extent permitted by South African law.
Major expansion for Teraco 16
Permission is not required to make abstracts, on
Intelligent security drives eCommerce growth 18 condition that a full reference to the source is
shown. Requests for permission for other kinds
of copying should be addressed to African
ICT TECHNICAL Destination Publishing (Pty) Ltd.
5G Over-the-Air Performance 19
Disclaimer
Articles published in EngineerIT do not
necessarily reflect the views of African
TECHNOLOGY Destination Publishing (Pty) Ltd or the editor.
NightOwl, a finger apnoea sensor 23 In addition, views expressed by the editor do
not necessarily reflect the views of African
AI to turn the tide on cybercrime 24
Destination Publishing (Pty) Ltd or any other
person or organisation associated with
EngineerIT.
SPACE SCIENCES It is a condition of publishing material in
The Great Geomagnetic Storm of May 1921 26 EngineerIT that African Destination Publishing
(Pty) Ltd shall not be liable for any
consequential or other damages arising from
VIEWS AND COMMENT the publication in good faith of any article,
advertisement, picture, comment, view or
A sneak-peek at the future of crypto asset regulation in South Africa 29 opinion. This applies to publishing, failing to
publish, late publishing or incorrectly publishing
any article, advertisement, insert, picture,
AMATEUR RADIO caption, etc.
Science is meeting Amateur Radio 30 It is acknowledged that errors in transcript,
human and technical errors can and do occur,
but that reasonable effort will be made to
INDUSTRY AND TECHNOLOGY NEWS REVIEW 32 minimise their occurence, and to acknowledge
and correct such errors when they are brought
to the attention of African Destination
Publishing (Pty) Ltd.
NEW PRODUCTS 35
EngineerIT | May 2020 | 3
AUTOMATION
Aurecon develops building health
tool to mitigate Covid-19 risks
By Martin Smith (CEng, BEng Mechanical), Technical Director - Buildings, Aurecon (rebranding as Zutari).
With over 75 Green Star certified projects, and delivering the
first WELL-rated building in Africa, the Aurecon team
understands the dynamics of buildings and their impact on
occupant health. To assist property developers and facility
managers to respond to Covid-19 risks and prepare
buildings for resumed operations, Aurecon has used its
extensive multi-disciplinary experience to develop a
customised building health assessment tool.
he tool assists property owners to demonstrate to their shareholders,
T management, employees and clients that a systematic, balanced approach
has been taken to find an optimal solution to minimise the health risk.
The Covid-19 global pandemic has triggered unprecedented disruption, Martin Smith Technical Director –
impacting organisations across the world. Aurecon is highly experienced in building Buildings, Aurecon.
design and operations with technical experts who understand how the virus can be
distributed through multiple infection routes within a building and amongst people.
Technical elements such as air conditioning and wet services, along with usage and create safe and productive spaces
patterns, all contribute to the transmission risks within buildings. that will assist with resuming business
By analysing the work environment and operational practices, while and increasing productivity.
understanding the business needs, companies have the power to mitigate risks Aurecon’s Building Health
Assessment Tool is a comprehensive
diagnostic of the key operational and
physical factors that helps property
owners put in place plans to mitigate
workplace risks, and assists them with
resuming business and increasing
health and productivity. A gap analysis is
used to prepare a short-, medium- and
long-term plan that meets the client’s
business needs.
The aim is to try and find practical
solutions that close the gap between
these business needs and the risk of
infection. These include operational
processes and controls and building
physical and technological
improvements, along with emergency
procedures and awareness. The
challenge here is not to have a knee-jerk
response with short-term actions, but to
The flagship Exxaro head office in Centurion is the first building in South Africa to systematically reduce risk in a manner
achieve Silver Level WELL certification for Core and Shell by the International WELL that is affordable and makes sense in
Building Institute (IWBI). the short and long term.
EngineerIT | May 2020 | 4
Green Star SA ratings
The trend for ‘green’ energy-efficient buildings resulted in the development of a set of
The flagship Exxaro head office in
building-rating tools by the Green Building Council of South Africa (GBCSA). While these are
Centurion, developed by building owner
not based on legislation or promulgated in any way, the aim is to establish a common
Growthpoint Properties, is the first
measurement for ‘green’ buildings. This also serves to showcase innovation and leadership
building in South Africa to achieve Silver
in property development and construction.
Level WELL certification for Core and
Shell by the International WELL Building
The Green Star SA rating aims to:
Institute (IWBI).
1. Establish a common language and measurement standard for ‘green’ buildings
Exxaro’s head office consists of a
2. Promote integrated design
five-storey, 2,5 basement structure
3. Raise awareness of ‘green’ buildings and their benefits
adjacent to Centurion Lake. The building
4. Reduce the environmental impact of development
achieved a 5 Star Green Star design
5. Recognise environmental leadership
rating and is targeting an As-Built and an
Interiors rating. Aurecon was appointed
The Green Star SA rating covers the following categories:
to design the HVAC services, provide
• Management
environmentally sustainable design
• Indoor Environment Quality (IEQ)
(ESD) or ‘green’ building design
• Energy
services, and review the foundation
• Transport
designs for the project. The HVAC
• Water
design consists of roof air-cooled chillers
• Materials
and in-ceiling mounted fan coil units.
• Land use and ecology
Another example is One Discovery
• Emissions
Place, developed by Growthpoint
• Innovation
Properties in a joint venture with Zenprop
Property Holdings. It is the largest
These categories are subdivided into credits that address the initiatives that the design and
commercial office building in South
construction team have undertaken to improve the environmental performance of a
Africa, achieving a 6-Star Green Star As-
building. Points are awarded to the building according to a calculated score based on the
Built rating. It extends the boundaries of
appropriate environmental weighting of the environmental initiatives incorporated.
an energy-efficient, environment- and
Design and As Built certifications are awarded for new construction or major
occupant-friendly building, with Aurecon
refurbishment projects. Design certifications are submitted for and awarded upon
providing mechanical and ESD services
completion of the design phase of the project. This enables property developers to market
for the project.
a proposed building as a Green Star SA certified building. Upon completion, a project can
Green initiatives include optimally
be submitted for As Built certification, which verifies the procurement and implementation
designed energy-efficient lighting, grey
of the ‘green’ building strategies. GBCSA has also developed a Green Star SA tool for
and rainwater harvesting systems,
existing buildings in operation, which takes a 12-month snapshot of the performance of an
water-efficient sanitary fittings, and
occupied building, and a Green Star SA tool for interior fit-outs. There is also a Green Star
carbon monoxide monitoring in the
SA tool for sustainable precincts in terms of neighbourhood-scale developments. n
basement. Aurecon also carried out an
in-depth analysis on the striking,
swirling façade that draws light into the rooftop running track, an indigenous landscaped roof garden and visually attractive
building, and which is also critical for staircases that encourage staff to use stairs instead of elevators. The building features
thermal heat control. an abundance of natural light, with most of the building wrapped around a series of
Some of the strongest design sunlit atria that plug into a central concourse; the largest atrium is big enough to house
principles at One Discovery Place are a Boeing 737.
the ideas of occupant well-being and Aurecon offers integrated multi-disciplinary solutions which includes mechanical,
movement, with features such as a electrical, water, civil and structural advisory and ESD services. n
About WELL
The International WELL Building Institute (IWB) is leading the global movement to transform buildings and communities in ways that help people thrive.
IWBI delivers the cutting-edge WELL Building Standard, the leading global rating system and the first to be focused exclusively on the ways that
buildings, and everything in them, can improve people’s comfort, drive better choices, and generally enhance, not compromise, our health and wellness..
IWBI mobilises the global wellness community through management of the WELL AP credential, convenes a global network of organisations through
IWBI membership, pursues applicable research, develops educational resources, and advocates for policies that promote health and wellness everywhere.
Launched in October 2014 after six years of research and development, the WELL Building Standard is the premier standard for buildings, interior
spaces and communities seeking to implement, validate and measure features that support and advance human health and wellness.
The WELL Building Standard underwent a comprehensive expert peer review process, which included three phases - scientific, practitioner and
medical review. WELL Certification and the WELL AP credentialing programme are third-party administered through IWBI’s collaboration with Green
Business Certification Inc. (GBCI).
The WELL v2 pilot is a recently launched version of its popular WELL Building Standard, and the WELL Community Standard pilot is a district scale
rating system that sets a new global benchmark for healthy communities. n
EngineerIT | May 2020 | 5
AUTOMATION
More, faster data can make for
safer tailings dams
By Lyzandra Boshoff, principal engineering geologist at SRK Consulting
Sensors, telemetry, wireless The need for knowing more about installation and aftercare – and manual
tailings dam conditions – and in real data collection is subject to human error.
capability and cloud time – has become a major focus within This means expending considerable
technology to upload and the mining sector, demanding a steep effort for relatively little data, which may
store big data, allows for change in the way we collect, process often not exactly reflect the current
data to be immediately and interpret data. As part of these situation by the time the information
efforts, SRK has been rolling out reaches the engineer for analysis. Even
accessed and analysed initiatives using automated vibrating wire the automated sensors using vibrating
piezometers (VWPs) on tailings facilities. wire technology tended to rely on
Seepage and the associated pore manual data collection from the logging
enewed global concern about pressure regime within a tailings facility devices connected to the sensors.
R the risks of tailings dam (dams
where mining waste is stored)
failure is accelerating a revolution in the
as a vital aspect of the integrity and
stability of the structure, is of particular
significance. This has conventionally
This is now changing as many
telemetry hardware developers have
improved the wireless capability and cloud
use of automated sensors to generate been tracked by manual standpipe technology to upload and store data,
big, real-time data to better monitor and piezometers whose performance, while allowing data to be immediately accessed
manage these facilities. accurate, depends on the quality of by engineers and management.
EngineerIT | May 2020 | 6
AUTOMATION
This has changed the landscape available to be harnessed and interpreted.
of data flow and interpretation, as well The sheer quantity of data generated means that engineers must innovate,
as the potential size of the datasets finding new and more efficient ways to validate, evaluate and interpret the large
that can be generated. SRK has been incoming datasets. However, harnessing the full power of big datasets demands the
at the forefront of rolling out appropriate database structures and validation processes to be in place – which is
automated VWP networks, using where we are investing considerable effort.
logging systems that can send data To support this need, we have recently put in place a data services department at
wirelessly to cloud-based databases SRK, pulling together some of our brightest minds and data analysts. This is helping
and can then be visualised and champion our initiatives to harness these growing datasets into sound engineering
analysed in real time. information – so they can contribute to making informed engineering decisions.
Among the technological Graphs 2a and 2b show the changing pore pressure (green/blue) within the
innovations the company is tailings body in response to overburden loads being placed during the
developing is a customised database construction of a buttress (yellow trend line indicating successive lifts over the
and visualisation platform specifically measured period). A sudden spike in pore pressures can lead to the pore
for VWP data. This includes built-in, pressure within the soils becoming greater than other forces acting between
automated validation and interpretive particles, keeping the soil skeleton intact (e.g. gravity, frictional forces) and strong.
tools to automate some of the If and when pore pressures are permitted to become large enough and are not given
routine engineering interpretive an opportunity to dissipate, they can effectively push the neighbouring soil particles
work. It builds upon available apart. In extreme cases, almost all strength is lost within the soil skeleton, and this is
software technologies to create a usually referred to as “liquefaction” in the field of critical state soil mechanics. n
solution that is customised to the
field of tailings dam management, SRK is an independent, global network of consulting practices in over
while also presenting opportunities 45 countries on six continents. For further information, visit www.srk.co.za
for applying the principles in a range
of disciplines.
The datasets generated by VWP
networks can be significantly large,
depending on the frequency at which
data is collected. Conditions on site
would determine the detail required
for tracking where potentially adverse
circumstances may develop.
These VWP networks are also
useful when needing to confirm
whether the mitigation measures in
place are having the desired effect.
Applying these technologies, SRK
has been able to review the impact of
construction processes and other site Graph 2a
activities and incidents on pore
pressure responses; they can then
analyse the impact of depositional
patterns on the seepage flow regime
within a facility.
For the first time, we can see and
correlate in real time what we have
always predicted using models and
assumptions. Harnessing the power
of big data, we can now test our
assumptions and substantially raise
the confidence of our observations.
With the exponential growth in the
application of technology in this field,
more data is being generated and is Graph 2b
EngineerIT | May 2020 | 7
Back in the seventies, YASKAWA proposed the innovative
concept of an unmanned factory termed “Mechatronics”. Since
then, the concept has evolved into i3-mechatronics, featuring
further advancements and implementations of automation
through the management of digital data. Whether it’s partial or
full automation, there are flexible solutions that allow for smart
integration, real-time visualisation of systems and industrial
evolution through technological innovation. Not only do these
solutions increase overall productivity and systems processes,
but there’s also the ability to improve standards and quality of
both the manufacturing plant and products. The i3 or I-cube
mechatronics concept embraces integration, intelligence and
innovation. It is factory automation incorporating all equipment
in the factory controlled from big data in the cockpit, just like a
pilot in an aircraft controlling all operations to get passengers
safely on the ground at their destination.
Considering the current restrictions on the number of
employees allowed back at work and the need for social
distancing, the industries that embraced i3-mechatronics are
better prepared to deal with the pandemic’s side effects. From
the stability and reliability of streamlined production (despite
fewer employees at their disposal) to rigorous health and
safety standards, a robotised workforce is capable of business
Robotics is the new as usual even in unusual times.
Crackett believes a robot-powered workforce is the way of
the future, both locally and internationally. While he has not
norm in production
seen a significant uptake in robotic technology in South Africa,
there are positive signs it will grow in the years to come as
businesses provision for these types of advancements.
At the same time, there is a fear that robots will take the
place of humans in the workplace, hence the reluctance to
embrace technology. Crackett believes it is actually affording
s the world moves towards a different tomorrow, future-
A
more opportunities to both organisations and employees.
orientated solutions will not merely be an option for “We’ve implemented several projects at labour-intensive
industries but an absolute necessity. Robotics and organisations to streamline operations,” says Crackett. “Instead
automation technology are already playing a pivotal role in the of seeing a reduction in staff, we’ve actually witnessed the
health sector – from the use of automated laboratory tests to employees reassigned to other areas or new positions. By
autonomous disinfectors utilised in hospitals – but they’re about freeing up resources, there’s the possibility to upskill and
to extend further into other industries faster than anyone could redeploy, while still improving the overall process and positively
have predicted. influencing the organisation. Robots will still need quality
“The automotive industry has always been closely tied to assurance, operators and support staff, as an example.”
robotics, and this is unlikely to change,” says Andrew Crackett of Crackett said people who are critical of his point of view
YASKAWA Southern Africa. should look at the motor industry where automation has
“The fast-moving consumer goods (FMCG) and food markets, improved the quality and exponential increased plant output
however, should see an increase and acceptance in the usage of which, without automation, would not have been possible.
robots and automation technologies. This is largely due to the “With improved proactivity and increased output, more staff
‘contact’ element, as health and safety officers will be even more were employed. Upskill people to do more interesting work
concerned about cleanliness, sanitisation and hygiene in and leave the repetitive jobs to robotics. If South Africa wants
manufacturing processes, handling and distribution of goods, and to compete with the rest of the world, we must automate to
factories. Considering COVID-19 can survive on certain surfaces, step up production, reduce cost and upskill our people to
measures will need to be put in place to future-proof businesses ensure a quality product is delivered at a competitive price.”
from any potential outbreaks. And this is where robotics could While the havoc caused by COVID-19 cannot be
come in to reduce contact and cross-contamination.” understated, it has also pushed industries to think towards the
While many industries have instituted stringent hygiene future and plan better. A robotised workforce might not seem
standards and practices for operations, they are also acutely like something out of a sci-fi film anymore, but a necessary
aware of the human element. All it takes is one lapse and the risk requisite for any business to survive in the face of disaster. n
of infection is catastrophic. There have already been several high-
profile instances where essential services, such as hospitals and For more information email Andrew Crackett at
factories, have had to temporarily shut their doors because their andrew@yaskawa.za.com. Share your views with our
staff have been infected by the virus. readers. Email hansv@nowmedia.co.za.
EngineerIT | May 2020 | 8AUTOMATION
From beer to hand sanitiser
Mass-customized
production is enabled based
on several driving demands
at the same time.
But it goes beyond
unlimited flexibility.
Implementing pitchless
technology increases your
throughput and uptime while
eliminating chains, belts and
other traditional mechanics that
limit speed. The mix of
continuous and intermittent
motion, as well as easy
synchronisation with any other
external axis, like robots,
improves operational efficiency
and contributes to higher
productivity. With this, the
common bottleneck of in-feed
complexity belongs to the past.
Adapting manufacturing for COVID-19 Floor space can be reduced because machines are now
The world stands still as COVID-19 continues to turn it upside designed to be scalable and modular. It’s now easier to re-
down but hidden in the background we find manufacturers, deploy existing machines for new products and integrate
machine builders and their suppliers. These are the people multiple machine functions.
responsible for producing food, life-saving medicines, masks Analytics and smart track-and-trace of individual
and wipes. products throughout the entire process help ensure quality,
Rockwell Automation believes it is unquestionable that in improve production process and reduced energy
times like these we must move together to ensure the continued consumption while always being aware of your customised
production of the products that are so urgently needed. Not only production—even remotely.
that, but we must do it as quickly as possible to serve the
greater good and avoid interrupting mass production. Innovation never stops
Societally, we have now experienced a lack of ventilator ICT combined with analytics, simulation and other leading-
masks, cleaning and disinfecting products, medical devices and edge technologies, such as wireless power transfer and
many other products. But the question remains, how do we wireless communication, bring manufacturing to the next
quickly change from beer or spirits to hand sanitizer? How do level. Analytics provide full transparency into how machines
we adapt newly developed medical device designs for our are running, maximizing uptime. Simulation can be used to
current machine lines? How do we answer the difficult question create Digital Twins and access virtual training and support,
of which medication production to prioritize? Which machine which helps decrease time to market. This is especially
line to change? Obviously, there is high demand to manufacture important in our current uncertain times, requiring
products to combat the current pandemic, but at the same time manufacturers to pivot quickly.
other life-saving medication demands do not stop. Therefore, Unimaginable speeds can be achieved for light products
how do we adapt to the increase in demand for certain because communication and power at the mover make it
products, while overcoming challenges such as the lack of possible to affix products that would have flown off the
physical infrastructure to allow production growth? conveyors of older machines.
These are just a few examples demonstrating that
Independent Cart Technologies serve several creativity and innovation never stop.
production demands, all in one So, don’t decide which demand is most important. Let’s
Independent Cart Technologies (ICT) allow changeovers for lay the foundation for the future while meeting the needs of
different products and formats with the push of a button, the world in the present. Let us help you combine and serve
providing the ability to manufacture a variety of products on a every need.
single line.
- Individual medical packages? No problem. To learn more about how we are making
- Single and large packs? You’ve got it. Smart Manufacturing more productive, visit
- Switch from diapers to masks? Right away. www.rockwellautomation.com.
EngineerIT | May 2020 | 10ICT
SDN redefines
networking environment
By Joshua Ward, Associate Client Partner at Decision Inc.
any consider software-defined networking (SDN) to be one of the most disruptive
M areas to have arrived in the ICT landscape in recent years. It fundamentally
changes network management to enable a more dynamic, software-driven and
efficient way of improving performance.
Within the South African market, there has been a continued drive towards the cloud Joshua Ward, Associate Client Partner
with numerous companies adopting a hybrid strategy. In turn, this has led to an increase in at Decision Inc
demand for reliable bandwidth from network providers. For their part, these providers have
increased investments in their infrastructure to scale according to customer needs. From device, accompanied by a broadband
an ISP perspective, the focus has been on investing in burstable bandwidth network medium, would allow for a low cost, quick
capabilities across their core infrastructure. deployment and safe means to connect to
And given how 5G is around the corner, the infrastructure overhaul will play a significant the network.
role in the SDN market not only in this country, but across the continent. 5G will allow Because of the infrastructure challenges
sectors that have traditionally struggled with access to high-speed and reliable connectivity in Africa, the biggest potential for SDN in
at remote operations such as mining and agriculture, to start benefitting from SDN. the coming year is to link it with 5G. SDN
To prepare for this SDN-led future, there has been significant consolidation of devices could run over a 5G network so
technologies. For example, SD-WAN devices are shipping with firewall and cyber security businesses could quickly deploy these to
capabilities built in. Inevitably, this will see companies look to reduce their Capex spend on their branches or sites in a short amount
a myriad of edge devices towards a single, managed service point per device with of time. This means they would no longer
multiple features. be restricted by long time frames to get
physical infrastructure in place.
Overhaul bandwidth Going the SDN route does not mean
Initially, these SDN shifts will be more beneficial to those with cyclical bandwidth the company must adopt an all or nothing
requirements, for example the education sector that experiences ‘quiet’ months where approach. In fact, those who immediately
schools and universities are closed for holidays. Burstable bandwidth will accommodate for roll out a full SD-WAN often expose
high demand. Keeping this in mind, the ‘pay for what you use’ principle will apply to allow themselves to downtime due to
these institutions to better manage their budget during the year. unforeseen issues. This can include
But how does SDN impact the network on a more functional level? unreliable broadband connectivity.
Most network requirements are built around three metrics – quality, low cost and Therefore, the SD-WAN road map should
bandwidth. Traditionally, businesses were forced into choosing two of the three, i.e. a be done on a per site basis, built around
quality (reliable) network featuring high bandwidth capabilities would come at a high cost. business requirements.
The advent of low-cost broadband, especially within the African market, enables Clients must understand how SDN fits
businesses to adopt a hybrid approach of using SD-WAN on certain sites on the network, into their cloud strategy. Additionally, they
while keeping the more robust MPLS network on critical sites. This allows clients to benefit must also see how far along their service
from increased bandwidth and higher network availability at a more manageable cost. provider is in terms of its own SDN rollout
Those organisations not adopting SDN will continue to battle with trying to choose two of to be capable of delivering effective
the three metrics. solutions. All told, the network environment
has changed irrevocably. Now is the time
Overcoming challenges to embrace this innovation. n
Implementing SDN is not without its own challenges, especially in Africa.
Typically, finding quality base connectivity is a problem. Clients also need to match this
with their site or business requirements. The allure of implementing SD-WAN to increase
bandwidth and reduce costs using broadband, often means clients are exposed to the
unstable nature of broadband. Therefore, large head office sites should typically look at a
hybrid approach of dedicated internet access or MPLS, as well as a secondary medium to
avoid contention waves during peak periods.
SD-WAN can deliver the goods when site requirements are appropriately matched with
the correct under-lay services. An example of this is a satellite site with a few employees
who need to connect back to the network. In this instance, a self-provisioning SD-WAN
EngineerIT | May 2020 | 11ICT
Pay-as-you-use makes cyber
security cost effective
By Charl Ueckermann, CEO at AVeS Cyber Security
ompanies are seeking drastic proactively manage it, as well as pre-
C measures to become more cost-
efficient in a severely constrained
economy without compromising their
empt and mitigate the risks. Offered as
a fully managed service, the Next-
Generation SOC eliminates the need for
security. There are many solutions avaible on-site SOC infrastructure and in-house
and often it becomes a very difficult choice. cyber security analysts, both of which
An interesting solution launched recently is can be prohibitively expensive for small
the Next-Generation SOC (security and medium-sized companies to recruit
operations centre) which, at a signifcantly and manage. Our Next-Generation SOC
lower cost, is allowing companies to tap into model is based on three standards of
the very best skills, tools and services, best practice; COBIT 2019, the NIST
which were previously only available to Cybersecurity Framework and the SANS
companies with substantial capital budgets. Cyber Incident Management
With our Next-Generation SOC, we are Framework. So it is not simply about
doing ‘business as unusual’; there are no remote security monitoring and alerts,
upfront setup costs and companies only but also active incident response. Our
pay for what they use. Charl Ueckermann, CEO at AVeS team of highly-qualified and
The latest version of the Next- Cyber Security experienced security specialists working
Generation SOC is a fully managed platform alongside leading technologies
for monitoring, managing, and proactively depth tracking and analysis of the genuine underpinning the Next-Generation SOC
maintaining cyber security environments, and constantly increasing number of are a powerful combination.
giving companies access to higher levels of cyber-related threats to which companies Furthermore, capital expenses that
productivity efficiency than before. The are exposed every day. Many companies were previously required to gain access to
Next-Generation SOC integrates predictive, do not have the skills and resources in- SOC infrastructure are now eliminated.
machine learning-enabled cyber security house to analyse network traffic, malware, SOC tools, such as log collectors, are
tools that are aligned with international best firewall health and global threat feeds. Not installed on a client's network in the areas
practice and upskilling of IT staff and only are these skills expensive to retain, where log ingestion is needed. Secure site-
continuous upgrading of systems without but they are also in short supply. to-site VPN will also be configured for
additional costs. One has to eat, sleep and breathe remote dashboards and alerts into the
It also gives companies access to cyber security to understand it, Next-Generation SOC.
actionable intelligence with comprehensive
visibility of security-type logs, without
sharing confidential customer information.
Several cutting-edge technologies to
monitor companies' cyber environments,
integrating with almost any application and
system, are included. The system will
proactively monitor critical firewall event
logs, firewalls' uptime, endpoints' security,
critical server system logs, email security
and global threat feeds on behalf of
subscribing clients. These logs are
ingested into the Next-Generation
SOC tool sets, and a highly specialised
team of security experts oversee and
respond to the security alerts generated
by the system.
The Next-Generation SOC delivers in- Pay-as-you-use cyber security allows all businesses access to world-class expertise
EngineerIT | May 2020 | 12COBIT 2019 goals
Why did we use COBIT According to the ISACA, COBIT 2019 was updated to include:
2019 as a framwork? • Focus areas and design factors that give more clarity on creating a
governance system for business needs
• Better alignment with global standards, frameworks and best practices to
bolster the framework’s relevance
• An open-source model that allows for feedback from the global governance
community to encourage faster updates and enhancements
• Regular updates released on a rolling basis
• More guidance and tools to support businesses when developing a “best-fit
governance system, making COBIT 2019 more prescriptive”
• A better tool to measure performance of IT and alignment with the CMMI
• More support for decision making including new online collaborative features.
COBIT 2019 also introduces “focus area” concepts that describe specific
governance topics and issues, which can be addressed by management or
governance objectives. Some examples of these focus areas include small and
medium enterprises, cybersecurity, digital transformation and cloud computing.
Focus areas will be added and changed as needed based on trends, research and
feedback – there’s no limit for the number of focus areas that can be included in
COBIT 2019.
COBIT 2019 updates the framework for modern enterprises by
addressing new trends, technologies and security needs. The The two industry standard incident response frameworks we used in AVeS
framework still plays nicely with other IT management NIST and SANS are the dominant institutes whose incident response steps have
frameworks such as ITIL, CMMI and TOGAF, which makes it a become industry standard.
great option as an umbrella framework to unify processes
across an entire organisation. NIST: NIST stands for National Institute of Standards and Technology. They’re a
New concepts and terminology have been introduced in the government agency proudly proclaiming themselves as “one of the nation’s oldest
COBIT core model, which includes 40 governance and physical science laboratories”. They work in all-things-technology, including
management objectives for establishing a governance programme. cybersecurity, where they’ve become one of the two industry standard go-tos for
The performance management system now allows more flexibility incident response with their incident response steps.
when using maturity and capability measurements. Overall, the
framework is designed to give businesses more flexibility when The NIST incident response process contains four steps:
customising an IT governance strategy. 1. Preparation
Like other IT management frameworks, COBIT helps align 2. Detection and analysis
business goals with IT goals by establishing links between the two 3. Containment, eradication and recovery
and creating a process that can help bridge a gap between IT — 4. Post-incident activity
or IT silos — and outside departments.
One major difference between COBIT and other SANS: SANS is the acronym for SysAdmin, Audit, Network, and Security. It is a
frameworks is that it focuses specifically on security, risk private organisation that, per its own description, is “a cooperative research and
management and information governance. This is emphasised education organisation”. Though more youthful than NIST, its sole focus is security,
in COBIT 2019, with better definitions of what COBIT is and and it has become an industry standard framework for incident response.
what it isn’t. For example, ISACA says COBIT 2019 isn’t a
framework for organising business processes, managing The SANS incident response process consists of six steps:
technology, making IT-related decisions, or determining IT 1. Preparation
strategies or architecture. Rather, it’s designed strictly as a 2. Identification
framework for governance and management of enterprise IT 3. Containment
across the organisation. That’s better clarified for businesses in 4. Eradication
the updated version, so there’s less confusion about how COBIT 5. Recovery
should be used and implemented. 6. Lessons learned n
Pricing for services is based on the amount of data (logs) (GB) consumed per day.
Companies get around the clock monitoring, threat analyses, monthly risk profile reports,
cyber incident response and a dedicated dashboard. Although software-as-a-service and the
outsourcing of cyber security are not new, the concept of consumption-based managed
security services is emerging throughout Africa.
Fixed licenses and service level agreements can be a burden because companies pay
for the same amount of services, software and capacity that they do not need every month.
Upfront annual costs and fixed agreements can also place the outsourcing of cyber services
out of reach for smaller businesses, especially for those with long business cycles, project-
driven organisations or cash-strapped businesses. It is time for a change. With a
consumption-based structure, companies of all shapes and sizes have an opportunity. n
About AVeS Cyber Security
AVeS Cyber Security is a specialist in industry-specific IT governance and architectural
COBIT 2019 - Components of a services, combining expert knowledge and services with leading technology products to
Governance System provide comprehensive information security and advanced IT infrastructure solutions. n
EngineerIT | May 2020 | 13ICT
Out-of-the-box spoofing mitigation
with Galileo’s OS-NMA service
By Franco de Lorenzo, Product Strategist for Standard Precision GNSS, u blox Espoo
ver the past two decades,
O satellite based positioning has
become an indispensable, every
day technology that we constantly rely
u blox M9 and F9 GNSS
receivers are set up to
leverage Galileo’s long
awaited authenticated
GNSS signals.
on – often even without being aware of
it. With the relentless expansion of
applications and use cases, driven
largely by falling cost of ownership and
improvements in positioning accuracy,
there will soon be one GNSS receiver in
operation for every person on the planet.
But now, with the accuracy challenge all
but solved, security is becoming a key
factor slowing the development of new,
lucrative business models and emerging
critical applications.
That’s why there is so much
excitement around a new service from
Galileo, the EU’s global navigation receivers by feeding them fraudulent signals. The European GNSS constellation will
satellite system. First conceived in be the first to offer authenticated navigation messages to civilian users free of charge.
2013, Galileo’s open service The approach the European GNSS Agency (GSA) adopted to authenticate the
navigation message authentication signals is already well established for digital communication on the internet. It consists
(OS NMA) system lets GNSS of appending an encrypted authentication signature to GNSS navigation messages,
receivers ensure that the satellite which can be used to verify the messages based on a hybrid symmetric / asymmetric
signals they receive are, indeed, from key approach (described in more detail here).
Galileo satellites, and that they have The service will only be available to advanced GNSS receivers that are able to
not been modified. The approach securely store a copy of the public key used to decrypt the authentication message
makes it more difficult for hackers and and to ensure that it can be trusted. To ensure that current users of Galileo’s
other bad actors to spoof GNSS navigation services do not see their service interrupted, the new navigation messages,
broadcast on Galileo’s E1B frequency
band, will be fully backward compatible.
This means that older receivers will still
be able to use them to determine their
position, simply without the value add of
message authentication.
A critical step towards fully
secure positioning
The move by the GSA comes in response
to growing demand across industries for
secure positioning technology. “At the GSA,
we work in close collaboration with the
industry to design and leverage Galileo’s
unique capabilities and rapidly develop new
applications to respond to user needs,” said
Fiammetta Diani, Head of Market
Development at the European GNSS
Agency (GSA).
EngineerIT | May 2020 | 14How does NMA work?
OS NMA, step one in the agency’s Message authentication has been referred to as the “second face” of cryptology, and it
plans, will not entirely solve the GNSS uses many of the same tools and techniques as the more well-known first face of
security challenge. It will, however, cryptology: cryptography, or data secrecy. In message authentication the sender uses a
considerably raise the level of secret key to generate an authentication signature from the original message. Both
sophistication that such attacks require, message and signature are then transmitted to the receiver, which uses a key
benefiting a variety of applications that (potentially different to that used by the transmitter) to verify that the message and
are frequent targets of spoofing attacks. authentication signature correspond.
These include smart tachographs used
in trucks, taxis and ride-sharing When the received message is authenticated the receiver can conclude that:
vehicles, and tracking devices used in 1. The transmitted and received message are the same
commercial cargo and fishing vessels. 2. Only someone with access to the transmitter’s secret key could have generated the
Reliably flagging spoofing attempts will authentication message
make it more difficult for companies to
skirt legislation by tampering with the There are two different ways to generate authentication signatures:
GNSS receivers. 1. Using symmetric key techniques in which both transmitter and receiver share a
GNSS data authentication will also play secret key
an important role in so called mission 2. Using asymmetric key techniques in which the secret key is split into two parts, a
critical use cases - think advanced driver “private” key, known only to the transmitter, and a public key which can be
assistance systems, autonomous driving, distributed publicly. The private key is used to generate the authentication message,
or any number of risk prone commercial while the public key is used in the verification step.
activities. And, by mitigating one of
GNSS’s main vulnerabilities, it will no There are some issues associated with each of the two techniques. In the symmetric key
doubt add value in less critical ones as case, the most difficult issue is how to distribute the “private” key to all users, without also
well, in retail and logistics, smart cities, giving the spoofer access to this key. Similarly, for the asymmetric case, the receiver needs
and connected industries. some mechanism to ensure that the “public” key does indeed come from the trusted
transmitter (the GNSS system operator in the case of NMA). This problem is usually solved
Leveraging OS NMA from day one using a Public Key Infrastructure (PKI) consisting of a trusted authority that manages the
As a leading supplier of GNSS receivers certification that public keys do indeed belong to the organisation that claims them.
for telematics solutions, we at u blox have So it would appear that the asymmetric approach is superior, as the infrastructure is
long been at the front line in bringing the simplified and the “secret” key can remain secret. However, asymmetric encryption has
benefits of OS NMA to the market. two major drawbacks: firstly, it is much more computationally intensive than symmetric
Through our active involvement in the EU key encryption; secondly, much longer keys are required for the same level of security.
led group of experts on the smart Interestingly, both symmetric and asymmetric NMA approaches have been proposed for
tachograph, for example, we are helping GPS (on the new L1C signal) and Galileo (on the E1 Open Service signal), as discussed below.
drive the implementation of OS NMA.
That’s why it should hardly come as a The GPS Approach – Asymmetric NMA
surprise that our latest GNSS platforms are The Chips-Message Robust Authentication (Chimera) is a hybrid NMA and spreading code
designed to leverage Galileo’s authentication technique proposed for use with the GPS L1C signal. The NMA portion of
authenticated navigation signals from the this scheme is based on the asymmetric elliptic curve digital signature algorithm (ECDSA)
day they go live. P-224, which is a well-established standard. The public key is 448-bits long for an
“We are glad to see that a key player in equivalent security of about 112 bits (i.e. it is equivalent to a 112-bit symmetric key system).
GNSS manufacturing, such as u blox, is The Chimera proposal uses two Subframe 3 pages of the C/NAV message to transmit
already looking forward to exploit Galileo each digital signature, with a repetition rate of at most once every three minutes. In this
new features and in particular the Open way a receiver can verify that the navigation message is authentic every three minutes.
Service Navigation Message The ECDSA scheme is a well-established Federal Information Processing Standard
Authentication to contribute to safer road (FIPS) and is implemented in most open source and commercially available cryptographic
transportation on European roads, and libraries, which simplifies the integration of the scheme into existing GNSS receivers.
beyond,” says GSA’s Fiammetta Diani. Chimera requires receivers to have occasional access, via non-GPS channels, to
OS NMA is one of the corner stones of infrastructure to provide authenticated GPS system public keys. This Public Key
our approach to increase the security and Infrastructure (PKI) is essential to any asymmetric crypto-system, including the Transport
reliability of our GNSS receivers. It adds to Layer Security (TLS) system used in securing websites. In this system, each entity that
improvements made by concurrently wishes to provide an authenticated public key obtains a signed certificate from a trusted
monitoring signals from several GNSS Certification Authority (CA). A user can then verify that the public key provided
constellations on multiple frequency corresponds to that in the signed certificate. Reusing this certification process should be
bands, as well as integrating other data, straightforward in the GNSS context.
such as input from inertial sensors. That
being said, for Galileo and for u blox, OS The Galileo Approach – Hybrid Symmetric/Asymmetric NMA
NMA is just one more stepping stone The proposal for Galileo Open Service Navigation Message Authentication (OSNMA)
towards fully secured GNSS based differs from Chimera in that it is based on a hybrid symmetric/ asymmetric key approach
positioning technology. n known as the Timed Efficient Streamed Loss-Tolerant Authentication (TESLA) scheme. n
EngineerIT | May 2020 | 15You can also read
