 kick it off. Yeah. Okay, you're live. Feel free to kick it off. Yeah, so I think we can start now. So good morning. Good afternoon. Good evening, everyone. My name is Rupind Bhatti and I'm a tier person for Hyperlegia Telecom Special Interest Group and we see use cases of blockchain in telecom industry in this special interest group. We started this group in 2019 and and we wrote two white papers, one on intercarrier settlement and one is on decentralized identities. So, I think last year we started this guest speaker series and today we have Sayodh with us from Bdata and the topic of today even this cutting edge world lightest blockchain IoT solution. Welcome Sayodh and can you guys see my screen? Yeah. That's great. So, yes. Okay, great. So, my name is Sayodh Sushantbari. I'm the founder of Bdata Solution. We are a startup company out of Toronto. We have been working on creating a BIOT protocol which is a very lightweight technology. It can be deployed on any device. So, it's a device architecture agnostic as well as operating system agnostic. Today's presentation I will share like what are the challenges of the cybersecurity domain and as well as I will cover the demo of our technology and some other pieces and the use cases that we have done. As a team. So, we are basically funded by Ontario Centre of Excellence as well as some strategic investors. We are a team of around 12 people in our team. My background is engineering and the crypto mining previous startup. I'm the member of Cybersecurity Standard Committee here in Toronto as well. My co-founder Oven, his background is Computer Science and Electrical Engineering. He's previously worked with Siemens. I have the technical advisor, Thomas. His background is the Festo. He was a Festo dialect steal for South America and Canadian region. Today, in this call, I have Pratek Patel. He's our blockchain developer. So, he will give the demo of the technology. So, these are the earlier recognition that we received. So, we won the first place at Rogers 5G cybersecurity competition. So, Rogers is a Canada-based telecom company. We also won the 5G demonstration use case for Anchor. Anchor is one of the Canadian entity who basically have the 5G private infrastructure. We will deploy our technology. I will get into that use case as well at the end. We also won the security mode operation competition that was organized by a Singapore government entity in Singapore and basically judged by the Halliburton and Shell. So, just to get into the presentation, so today I will cover the recap of the recent cyber incidents that's happening and I will cover a demo as well that how the people are hacking their specifically air gap system where some of the systems are connected to the internet and the rest is not connected to the internet and still they get hacked. So, I will cover some of the video that's basically open source available. I will cover what are the risks in the cybersecurity domain and what should be the ideal solution look like and then I will get into the BIOT like what is the BIOT and how we can deploy it as well as cover the architecture, simplistic architecture as well as the device enrollment and the endpoint management demo as well. So, currently at least 99% companies are using the VPN technology to secure their IoT infrastructures. That's mean that basically they use centralized approach, virtual private network which is basically doing the centralized certificate authentication for all the devices that get connected to the servers and we see that as a vulnerability because once your centralized certification authentic get compromised then your entire network get compromised and it's basically easy for hackers to scale up that to the multiple devices and another vulnerability or the shortcoming of the VPN is basically it doesn't come with the intrusion detection that's mean it doesn't read the device log it's a software-driven solution that gets deployed onto the devices and since there is no intrusion detection so basically companies that don't get any notification or alert if somebody is trying to hack their system. Another vulnerability that that's in the VPN technology is basically it's a password-driven technology so it's very difficult for the companies to manage that what type of the passwords their employees are keeping on their devices and the last piece is basically the compliance so it's very difficult to make sure that all the devices on the network basically in compliance with the cybersecurity standards and best practices. So there have been many attacks recent one is basically a US based colonial pipeline where hackers got the access to their the infrastructure and they basically asked the ransom money to counter or basically to give the system back to the company and unfortunately the company paid that ransom which basically encouraged the hackers there were other attacks as well one of the attack was on Florida city water treatment system where hacker basically intruded into the one of their devices and tried to divert try to basically increase the chemical injection onto the wastewater treatment plan to the poison level. Other cyber attacks is basically one of the cyber attacks was on the nuclear weapons contractor in US as well as one of the ransomware attack on the adventech IoT infrastructure. So these attacks are growing and growing in a very fast speed so it's a lot of you know news you will hear in the coming days or very recently that you might have heard about the attacks. So this is basically the demo which is available on the YouTube as well. So it's basically talk about how you can hack air gap system. So how the air gap system works basically you have the two two type of the devices one are devices that's connected to the internet some of the devices that are not connected to the internet and they basically think that they have locked the USB port they have locked the internet so probably that device is secure and it cannot be hacked but the problem with the IoT is these devices are deployed remotely with the very very low you know the super visions and if those devices have the US report then they are vulnerable unless you have a very comprehensive intrusion detection or embedded security on those devices. So in this demo what I'm showing is basically the person who has a USB that USB basically has basically has some script in it and that script does the HID spoofing. So it basically since the device is not connected to the internet but once he entered that USB that USB is not read as a USB that USB is basically read as a keyboard and then basically it has the you know the script that script rewards the tcp shell settings and then it allow him to connect to the attacker servers. So the purpose to demonstrate this is basically to tell the customer or to tell the audience is basically hacking has not been that difficult in these recent days. So if your devices are out there then you really need multiple level of security on your devices just to lock your USB devices or keep the devices out of the internet would not help. So in terms of what is at risk it's a lot at risk obviously because these devices are going to connect with the entire network so a lot of your assets are basically at risk it's going to be your IoT devices connected to the operating system critical infrastructure and our entire critical infrastructure can become you know can be at risk. A lot of time in cyber attacks basically they convert the data into the binaries and those binaries cannot be revert until you become the part of their peers. So that's that's how basically that's how basically they ask companies to pay the ransom money so that they can convert the binary back to back to the data. A lot of companies they lose their patentable or valuable data as well and enterprise level downtime is one of the one of the risks as well that happened to a lot of companies because their entire network were down for several days and not only one portion of the network the global network and then companies has to pay a lot of money for the ransom. So these these are the major risks that I think companies care a lot about and the next topic that I have is what to consider in a cyber security solution to avoid these kind of the risks. So cyber security is obviously is a very big target a very big topic and the thing that I have listed here at least three things that the companies need to connect or have in their technology. So basically one is the real-time intrusion detection that's mean that the solution should be able to read the device logs and something that's that's make sure that device authentication and the device activities are basically log and can be monitored. And the next item is basically the file integrity management that's mean all the files on those devices are being monitored and managed to ensure that if there is any attack or something happening on those devices it's visible and it can be countered. The third part is the cryptographic certificate authentication that's mean that a lot of companies they use single certificate authentication for handshake purposes and after the handshake they think that it's secure. But their packets are still visible and their packets can be used for the intrusion. So what we propose that it should be that every time every time the transaction happened it should happen with the separate key of the public private key cryptographic authentication. So what BIOT bring and what is this about and how this work. So BIOT is a basically it's a distributed network of endorsing peers as well as peers. So basically it's developed on the hyper ledger fabric. So instead of having a lot of endorsing peer we have a lot of chains running on those devices every chain is doing the authentication of its own that make the system very lightweight in terms of the size as well as the consumption of energy. So a lot of companies they have the public endorsing peers which basically increase over the time will increase the depth of application as well as you know as well as the energy consumption. So in terms of our technology we have multi chain architecture which is basically every segment or every feature of the technology is a separate channel or chain code. So in terms of the distributed network this entire network can be deployed on any company. It's a private network of that particular company having their own endorsing peer as well as having their own devices authenticating through that entire network. It comes with the intrusion detection so it reads the device lock it reads it allow basically to manage all the ports of the devices and do the authentication and enrollment of those devices. So how it works is basically you need to have this complete system deployed on your network which will allow you to register your organization. Once the organization is registered then basically you need to enroll the device. So the device enrollment will be based on the device unique identity or the board ID. So once the device is enrolled then all the sensors connected to that device will be able to stream the data. So once they stream the data so entire data will be encrypted and every data point that's been encrypted is creating a hash for it and that hash is stored into the ledger to provide the immutability and then the data is basically used for the analytics. So there is one server that's doing the encryption and then we have one server which is basically recording the data and providing the analytics for it. So this is the value proposition. I would like Pratek to share his screen and give us a quick demo of the technology and then I will go into the little bit more details. Sure. Can you please get access to share my screen? Yeah. Can you try now? Sure. Can you guys see my screen? Yes. Yes Pratek. Okay. So I will log in here on the platform on the inventory section and register a new device based on the current asset ID that we have. So the device is now registered and I will deploy it on the device by just copying this simple command which is a call command. So this script will deploy the application here. You can see here that we are working on a Opto 20 to PLC which has sensors attached to it. You can see that the temperature data is coming from here and the voltage data which is being read from here. We also have a node rate application attached to it where we can see that the sensors here and I have attached a simple function to it which attaches values like the tag number, data type and the data values. For our application we have two options to connect to it. One is a web socket client and second is an HTTP request. Yes. So the applications are now deployed on the device and I can run it by typing a simple command which is Biot data and you can see that the device is sending the data in completely encrypted format and you should be able to see it here that it's coming from the device, all the data. Also data management section we can see that the hashes of all that data is being generated from the hyperledger blockchain. Coming back to our remote management application I can run it by typing a simple command which is Biot remote. So this remote management basically enable companies to manage their assets remotely since this will be used for the IoT devices so they can see that performance of their devices, battery life and other details as well as they will be able to manage the different ports of the device so they can enable or disable the different ports of the devices. So we can see the data coming here from the device which will give an analytics of the RAM and CPU that's used by the device. So there's a question in the chat. Carl is asking are you collecting the data from the PLC or from the edge of the IoT device or module? From the PLC. So the PLC is directly connected with the sensors and it's providing the data from there. I think it's the data is coming. Can you check on the port remote management? Yes so here on the device we can see that the port 9078 is currently open and I'll perform a simple application which will close that port. So once I perform this application Okay so there are a few more questions. I think there's a follow-up of the previous questions from Carl asking how can that be really secured? So making sure that how it can be secured every time the data is coming from the device is basically having a separate you know the keys for the authentication. So it's every time the key is not it's not the same key that's being used for the other transaction. So every time it's keep changing that provide the additional layer of the security on the top. So we can see the data the analytics data coming from the platform here and I perform the operation here I can perform it again and you can see that the operation is being performed here and you can see that. And a question from Roshan how the hyper ledger will be deployed? You know so hyper ledger is being used to create the multiple chains. So that's the purpose that we have been using the hyper ledger. So as Pratik demonstrated here basically you can do the change of the port status. You can enable or disable the multiple ports. The device logs will be coming to to the analytic platform as well that how much CPU usage or the RAM usage is. And from the data management you will get every data point that's coming is basically having a separate hash for it. Is there any question on on this so I can move to the presentation? Yeah there's one more question and a comment. A comment from Carl saying you need AI at the edge to determine which data should be refined. So in this presentation I'm not covering our digital twin part which is related to the AI and the other piece. So because the very detailed sections so I will cover that for probably for another presentation or something. Pratik can you give me the access? There's one more question from Maha and the question is what sort of TLS version being implemented here? So I will let Pratik to answer. I think it's a 3.2 or something. Sorry. TLS version which TLS version we have incorporated. It's a 1.3. Yeah all right so in terms of the value proposition of the technology is basically it's include the MQJT VPN, IDS, intrusion detection system and the device management system. Companies get all of these applications separately and that caused them heavily as well and required a lot more resources to manage entire cybersecurity infrastructure and they still come short on the security side. So we provide the BIOT protocol which can be designed for the protocol company needs and it provides the real-time data streaming as well as the device lock monitoring intrusion detection and the device endpoint management as well. So in terms of what is the difference between the existing technology and our technology the companies I think over 90 percent companies they are using MQJT technology for the data streaming. On the left hand side I'm showing the how it looks like in MQJT when they stream the data and how it looks like when somebody use the BIOT technology. So on the left hand side you can see the data is quite visible it's not encrypted our on the right hand side you can see the data is completely encrypted and securely delivered to the analytic platform. So what is the BIOT security hub? Again it's a complete analytic platform which I did not show in this presentation it provides you the complete security analytics intrusion detection, log data analytics, file integrity management that's mean you will see if there is any you know anything change on the file you will see the file your own file log as well as the location of the file which was modified vulnerability detection will allow you to basically see if there is somebody from you know from not on your network is being trying to access your network. So all of this incident reporting, regulatory compliances, regulatory compliances means that we have incorporated cybersecurity standards key factors and we basically provide you the analytics based on those key factors. We read your device log and tell you that whether your infrastructure or that particular device is meeting those cybersecurity standards. So far we have incorporated NIST, HEPA and a few other major cybersecurity regulations. So the for the demo the device that we use it's a OPTO 22 groove epic the device that we use had the two GB RAM and around like six GB user space but for the BIOT the technology has been deployed on very very small devices so the technology use only 50 MB RAM and 100 MB HD space it has been deployed on multiple different type of the processor and operating systems. So this is a very simplified architecture of the device for our digital twin so what happened BIOT get deployed on to the device so it's reached the device log provide you the device enrollment hash ledger data encryption and the device log decryption and then all the data goes to the data lake or the compute where the data is stored so those are also part of the BIOT network and then the BIOT security hub which provide you the separate analytics for the security piece. We have provided our AI and machine learning model for for detection of you know operating some kind of you know the predictive maintenance or operation analytics that we have incorporated in those use cases and we provide the APIs that can be consumed on third-party cloud like oracle or SAP or different type of the ERP products or you can use our digital twin analytic platform. So where the BIOT is being used it's a lightweight low latency low power consumption low processing requirement technology it's being used for the cyber hub for the real-time data streaming as well as emission accounting we have done a use case for the SIM card defense and we are working for some use cases for the credit cards as well as the POC devices POC devices. So this is a use case that we have been working in the defense industry with some Canadian military manufacturers to deploy our technology on some critical equipments these are the use cases that we have been working in the industry where we deployed our technology and provide over digital twin analytic platforms to basically monitor real-time data streaming coming to their coming from their assets. For the semiconductors those are the you know the industry will get the first blame of any cyber attacks so we have been working with Advent tech Supermicro up to 22 arrow so these are these are the devices that we can provide with our technology if we're deployed on it. So we have signed the partnership with Advent tech to go sell the solution globally and in North America we have been working with Supermicro also the competitor in the IoT devices so we have been providing their devices their hardware that includes the data centers servers IoT devices pre-deployed with our technology. So this is a use case that we did on the 5G so NCOR as I mentioned NCOR is basically one of the Toronto based you know I think not Toronto based it's also in Montreal and I guess Vancouver as well so they provide the 5G infrastructure for you to real-time fast internet as well as low latency data streaming so we connected some of our devices for our mining facility in Sudbury and we basically remotely monitor as well as operate some of the some of the equipment to prove the idea of secure remote operation and remote monitoring of critical infrastructures. Sorry to interrupt there's a few questions in the chat. The first one's from Maha and it's asking does the amount of traffic to be shared affects the key generation and crypto algorithm efficiency running inside the BIOT? No so it's a basically containerized based solution that we have developed so it's basically do the load management of its own so it doesn't have an impact on if the data is coming a huge amount or less frequency so it basically is create the more and more containers and do the streaming as it goes. And also Nima Afras he said he couldn't raise the hand I don't know if you want to speak out. Yeah hi thanks Owen and thanks Ed for the great presentation it's not very often we get like a full stack we see like a full stack deployment of the blockchain something that's functioning at the moment and so and because of this and because that you have been kind of kind of providing the service for the customers I was just wondering if because the way the way you describe the the IOT use cases especially and also 5G I could easily see this really the scalability the scale of these operations to get really easily out of hand right so we are talking about sensors that are collecting data and first of all the number of these sensors could easily increase and then the amount of data they exchange and send back to the servers and so on could easily increase and with some of our own works that we've been doing I've always seen that it sometimes these factors could exponentially degrade the performance of the system and I mean I didn't I didn't really see much about like the architecture of the let's say the fabric solution you're using or which fabric solution you're using I mean I don't expect you to probably change this depending on the customer you have but what is the kind of resources first of all that you provision for this and definitely this is going to be dependent on the kind of the number of nodes and number of organizations and number of peers you have I understand that but just just just for us to have a clue about what's been the scalability requirements from your customer's side especially the ones related to the IoT and how did you actually handle that and have you actually kind of come up with a mechanism to provision resources for it thanks so as I mentioned this is basically hyper ledger fabric based that's the core of the technology that you're using and in terms of you know the explaining the entire course of it I can share probably the white paper that has more detail on it that has the detail architecture of the technology as well as you know how we are managing the load how we're using the Kubernetes and the different technologies incorporated and to manage the entire load of you know the data that's coming to the to the platform so there are two things right so we are not duplicating the data so it's not basically duplicating the data to create the huge amount of you know duplication so we are creating the hash of every data which is basically providing the immutability and it's something similar to IPFS or so the data is data kept in a distributed manner or centralized I mean I understand that you hash it and you put the hash on the on the blockchain but the data itself data is not duplicated so it's centralized it's stored on the server where it is basically being used for the analytics purposes so it gets decrypted and then it's used for the analytic purposes but the but the duplication is that to the certain level so we have a algorithm that basically derived the need of the endorsing peer based on the devices that you have been connected with so there's a certain number of devices if you you know increase more than those devices then it will auto create endorsing peer onto the network to do the more authentication from the other you know the endorsing peers so it's basically it's auto scaling up a model that we have so it's not like one static model that we have and then if it's goes more than that then it basically is start you know and disturbing the performance of the network so this entire network is highly scalable and it's highly basically you know manageable through the through the open source technologies thanks thanks for the yeah so I will share or uh if you can drop you know your emails if anybody in the chat is interested in our white paper please drop your email in the chats and we will for sure share our white papers thank you nothing so in terms of the core differences these are the core differences firewalls, rhythm security onto the VPN technologies, password and security power in our technology is a cryptographic chain of the authentication and remotely manageable firewall settings. I have only a few minutes left so this is kind of like a business model that's basically a license-based business model and it's very compatible with VPN pricing so that's that's pretty much I have in today's presentation so I would like everybody if you are interested please share your email addresses and we will send over detail you know the white paper that will describe our technology how we are managing it so it has the multiple chains and every chain is doing the different authentication and processes so that will be completely described in our site just one more questions any use case where PIOT can be used for FOTA? No I don't have that any so far yeah yeah anyone more questions okay so we have one more question and can it run on small embedded devices mcu's? Sorry I cannot understand that question okay yes yes I can hear you yeah yeah we have one more question can it run on small embedded devices mcu's? So it's basically depend on what is that device how small is that device our requirement is 50 mb and 100 mb is a hardy storage availability and 50 mb availability for the peers deployment so if that device has you know that much storage available we can deploy it we have deployed on small raspberry pies and a lot of those small devices okay yes yeah it can run on the microcontrollers yeah cool I think if we don't have more questions so thank you thank you Sayodh thank you so much for the introduction and and let us know that how if as a telecom say if we can do some help or if you want to do something with us like as a white paper or something yeah please and and if you can share your white paper that's really good and we are as you know we are looking for more and more use case deployment as well so if if there is any partner we have done the use case for the telus to deploy our technology on telus sim cards but if there is any other telecom company or partner replicate the similar use case for their you know their infrastructure it can have the different you know performance based on your infrastructure so it's worth having a use case at least to see how we can ensure the security of yours and cards okay if you don't have more questions I think we can end thanks to everyone who joined the call and if you'd like to continue the conversation around this topic or other topics related to blockchain and telecom feel free to join the telecom mailing list I dropped the link in the chat so Vipin do we want to use the rest of the time for discussion of regular items or in the agenda we have this call on to this okay great well if there's no other questions so we can end and then pick up a regular agenda next time yeah thanks thanks guys thanks everyone thank you thank you thank you everyone thank you