Skip navigation
Robo-contractor.jpg Ociacia / iStock / Getty Images Plus

Security and Safety at the Edge with Unikernels

The industry and government regulators have focused quite a lot on physical real-world safety but have mostly ignored cyber safety.

By Ian Eyberg, CEO NanoVMs

Growing up in a household with a general contractor for a father meant two things, the house was always being remodeled and under construction and we were always working. It was always impressed on us that we should do things the ‘right way’ or not at all and of course measure twice and cut once. In the world of construction, security and safety is usually taken fairly seriously. We see that concern appear in ensuring our I-beams are rock solid. We ensure contracts are completed with surety bonds and that if not there is real financial pain inflicted.

However as more and more technology is brought onto the job site and into the office cybersecurity seems to always take second place.

Construction companies deal with a lot of proprietary data including bid data, the price of materials, how much profit/loss a particular project is going to garner and of course all the employee data as well.

Protecting that data is important yes, but the software that interacts with that is only half the creep of so-called construction tech. As more and more construction workers retire millennials are starting to replace them and guess what millennials bring? Technology.

So now we are starting to see a flood of smart everything to the job site. We have smart vests, smart glasses and smart helmets. A lot of this software based “smartness” is being deployed as what we call ‘edge compute’.

There is a whole range of technology that is not necessarily safety focused but replaces more tedious foreman duties. We’ve got software that can tell you who is currently on the jobsite and where they are located. We’ve got software for worker attendance.

Then we have technology looking at things like theft. Tagging equipment, tracking its location, utilization, and identifying the operator goes a long way toward theft prevention.

Of course, with construction there are so many competing priorities — budgets, change orders, shifting schedules — that established IT departments and processes aren’t typical.

Now, some of these smart tools are admittedly dumb. However, there are a range of tools that are actually fairly useful. There are now sensors being sold that detect slips, trips, and falls. Falls account for nearly 40% of all jobsite related injuries. Not everything is reported on the job site but if you start measuring the number of people slipping on a spill over the course of a day or the number of times someone is jumping from place to place instead of using a ladder there is lots of room for prevention before things become costly.

OSHA states “Nearly 6.5 million people work at approximately 252,000 construction sites across the nation on any given day. The fatal injury rate for the construction industry is higher than the national average in this category for all industries.”

Construction executives don’t need to be reminded that according to OSHA over 20% of all worker fatalities happen in the construction industry.

Are smart tools really going to solve all these safety problems though? Maybe we’ve bought some insurance in the case of slip/trip/fall software but aren’t we just trading horses when it comes to this security/safety thing? Do you feel confident that all the software you’ve brought onto the job site is ‘secure’?

The point I’m trying to make here is that the industry and their friends the government regulators have focused quite a lot on physical real-world safety but have mostly ignored cyber safety. The problem is that it is starting to turn into a real cost center. Data breaches in particular have risen every single year in terms of cost, count and size and that’s only one type of security problem.

Edge compute security is different from security models that you might find in the datacenters of Silicon Valley companies. Why? Simply because it’s on location, at many locations and managing all of that can be a real pain especially if you don’t have a strong IT department to deal with it. Keep in mind last year Google and Facebook both had to deal with massive data breaches, and they employ tens of thousands of software engineers in fully managed datacenters they have privately built and own.

It’s not all doom and gloom though (I’m not the news). Solutions exist to deal with edge compute security. Unikernels are a new way of deploying edge compute software on-site with far greater security than traditional operating systems such as Linux and Windows offer. They come with a four-point security model:

1)    They don’t have usernames/passwords.

2)    They are a single process system.

3)    They have a massively reduced attack surface.

4)    They don’t incorporate a shell.

They take into account that edge compute is software that is deployed differently with different types of needs and doesn’t have an army of software engineers at its beck and call. It needs to be somewhat autonomous. It employs principles found in things like the Mars Rover to traffic lights yet built for modern software solutions that are deployed in the field on the jobsite.

So, as you adopt some of this cool new technology like asset tracking and slip/trip/fall sensing ask your vendors if they can deploy their software as unikernels otherwise you might just be shifting safety and security from the physical to the digital.

A self-taught expert in Computer Science, specifically operating systems and mainstream security, Eyberg is dedicated to initiating a revolution and mass-upgrading of global software infrastructure, which for the most part is based on 40-year-old tired technology. Prior to cracking the code of unikernels and developing a commercial viable solution, Eyberg was an early engineer over at Appthority, an enterprise mobile security company. He also worked for doing poker analytics and studied Computer Science briefly at the University of Missouri-Rolla before pursuing a call to travel the world. For more information about San Francisco based NanoVMs, visit


Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.