Industry 4.0 is here; this also substantiates the start to a new era of industrialization where machines are moving toward being autonomous. For asset-intensive enterprises, it is imperative to keep watch on various processes such as material production, overall equipment efficiency and asset management. The rise in adoption in using sensors, edge devices and artificial intelligence is a product of growing costs for managing assets. Experts have predicted that businesses would invest near half a trillion dollars for asset management by the end of the next decade.
Here is where machine learning comes handy. Though its path is marred with numerous challenges, it still commands a success rate better than any of its contemporary solutions. It might sound weird, but the fact remains that researchers are spending billions on the research and development of a working machine learning technology capable of aiding asset management for industries. Some of the top scientists have spent more than three years simply developing a machine learning algorithm, and to date, the success rate of machine learning technologies clocks below 10%.
Dead investment or exemplary foresight?
In all the commotion, the main question that arises is, “Why is the industry still pursuing such a venture?” The answer to that question lies in machine learning capabilities. Companies are facing challenges to ensure that their machines are running at a heightened efficiency level. For this, they will require the ability to monitor their assets remotely. IIoT offerings have made it possible to reach a certain success rate, but machine learning holds the key.
Data is the future
Big data has taken off at a never-before-expected rate, and this might be the catalyst for the success of machine learning. Assets in an industry are tough to manage, but automation and the use of data through IIoT has provided a new pathway towards better asset management. And not to mention, the additional challenge of the human error element through increased human intervention. But machine learning promises to do away with all of this, as it has been hyped to use machine-generated data for the benefit of those very machines ensuring optimum asset management at all times.
Having a feedback cycle with human intervention is not only time-consuming, but it also increases the chance of errors through miscommunication. Instead, if a machine itself can analyze data and provide alerts at the right moment, the issue of asset management is sorted forever. The machine learns, analyzes and adapts itself to ensure maximum output is realized every single time. Using algorithms, machine learning allows enterprises to unlock hidden insights from their asset data. For instance, a forecast regarding an asset failure can help in scheduling preventive maintenance of yet to fail asset. Such machine learning algorithm-driven predictive analytics software can enable enterprises to make fully vetted and well-timed decisions towards improved asset management.
Though many machine learning algorithms have been around, an ability to apply complex calculations to big data automatically, faster and faster, over and over is the latest development. These machine learning technologies can enhance growth for an enterprise to yield substantial profits through optimum utilization of resources at hand, all made possible by machine learning. A few of the machine learning algorithms that are being applied widely include linear regression, decision tree, logistic regression, random forest, naive Bayes classifier algorithm, neural networks and gradient boosting.
The following are a few of the advantages of machine learning in asset management:
- Highest uptime/runtime and improved machine performance
- Constant machine health monitoring
- Advanced analytics of all assets drilled down to various levels such as machine, plant, facility, and so on
- Reduced consumption of raw materials and resources such as air, water, heat and electricity
- Facilities and operator performance monitoring
- Live alerts, reports and detailed data logs for each instance
In conclusion, industry experts have deemed machine learning as an unrealistic absurdity and all the other negative adjectives you could think of, but the promise of improving our future and simplifying lives through improved asset management is what keeps the spark going.
Read how a utility service provider and meter manufacturer leverages Azure Machine Learning to remotely monitor its IoT-based smart water meters. Notably, the company reduced water consumption by more than 30% by effectively managing meter failures and water leakages.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
The demand for and technology of IoT devices are rapidly passing the consumer market and landing squarely in medical electronics, IT/enterprise, industrial and military markets. And those IoT markets are experiencing dramatic growth.
However, those markets are highly demanding when it comes to high reliability. IoT devices in these instances must be reliable to the point where there can be no flaws or failures, and definitely no latent failures — meaning the IoT device shouldn’t fail once it’s being used in the field.
How do you maintain IoT device high reliability especially at the printed circuit board (PCB) level?
Remember, as I said in an earlier blog, most IoT PCBs are not conventional printed circuits. Rather, in most cases, they are small combinations of rigid and flexible circuits or flexible circuits alone. It can be argued that some IoT products may be larger and, in those cases, more of a conventional rigid PCB is used. But in a majority of cases, IoT products are small and call for the rigid-flex or flex circuitry as the basic PCB.
Vias take on special significance for IoT rigid-flex and flex circuit reliability. Vias are tiny drilled openings that create electronic or power connections between a circuit’s multiple layers. Via placement is of paramount importance in maintaining high reliability. Location of via placement is critical because flex circuitry has bending curvature and radius, which can weaken these vias after long periods of time.
The general rule of thumb for IoT circuits is for these drill holes to be as small as possible due to limited space. Sticking to five to six mil finished drill hole size is a good compromise. Going below four mils, like drilling at three mils, calls for laser drilling, which is more time-consuming and costly. Going higher, for example at six to seven mil via hole drilling, means too much valuable real estate is consumed, and that’s not a good move for a small IoT PCB design.
Keeping smallness in mind, those IoT rigid-flex and flex circuits have limited space. Components placed on those small circuits are miniscule as well.
For instance, capacitors are part of an IoT circuit’s electronics. The trend has been to capsulize capacitors into increasingly smaller packaging like the 01005 package, which is a challenge in terms of placement and inspection. This means the IoT rigid-flex and flex circuit assembly house must have sufficient experience with its various processes so it can effectively produce highly reliable products. In particular, savvy assembly houses must have extensive knowhow about solder joints for IoT circuits since devices and surface mount pads are so miniscule.
A misstep during the pick-and-place and reflow process can create latent failures as mentioned earlier. So, solder printing, placement of components and reflow temperature have to be accurately dialed-in and maintained.
Printing, in particular, takes on special meaning. If overprinting is inadvertently performed, shorts may result between the leads or balls of a micro BGA, QFN or flip chip packaged device. A short or solder bridge is a solder extension from one lead or ball to the next and forms a short circuit.
However, if enough paste isn’t dispensed on the extremely small surface mount pads, there will be a shortage of solder paste, thereby creating an open (a broken interconnect of a component’s package) in the worst case scenario or big voids in the best case scenario.
Also, one has to be wary about using through-hole components in an IoT design. One reason is they lack the important functionality. Also, they have a high probability of adversely affecting reliability. Through-hole technology is older and was routinely used for earlier conventional PCBs before surface mount technology came into prominence. Still, there can be some cases where through-hole components are used for IoT products.
Through-hole components are larger compared to similar ones in surface mount packaging such as micro BGAs, CSPs and QFNs. Thus, through-hole components placed on small rigid-flex and flex circuits during the pick-and-place assembly operation will pose difficulties. In effect, they create the probability of reliability issues, again due to the bending and curve radius that are associated with flex circuits.
In summary, distancing an IoT design from using through-hole components is a good idea. Also, printing consistency is highly critical, as well as proper solder joint consistency. These key steps are the foundation of high reliability, which is absolutely required in specific IoT medical, industrial and military/aerospace applications.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
The internet of things market continues to expand rapidly with the installed base of IoT devices now forecasted to grow to a staggering 31 billion by 2020. Traditional testing approaches are simply not going to be able to test this new massively interconnected world of different devices, created by different companies, using different technologies, all communicating to deliver digital user experiences. A fundamentally new approach to testing is needed.
Today, most software teams only test what they build, i.e., they only test the software components that their developers have written. All other software components are “out of scope” of testing, even software components that are critical to the product and the user experience (such as the network the product uses to communicate). In the IoT world, this approach simply isn’t good enough. All products in the IoT world involve multiple products from different vendors interacting to deliver a digital user experience and a specific value proposition, and vendors need to start taking responsibility for — and testing! — the whole value proposition, not only the small piece of the pie that they developed. This requires the established rules of software testing to be ripped up and replaced in a hyperconnected world.
IoT is all about collaboration — and that includes how to approach testing. In a hyperconnected world, you need to be able to test other people’s technology to assure the experience — and this requires a huge mind shift. Take the connected fridge for example. The consumer’s only concern is that the fridge is constantly stocked with milk, nothing else matters to them. This requires the entire ecosystem that is part of fulfilling this need to work flawlessly together: From the RFID chip on the milk bottle to the supermarket to the payment platform to the fridge manufacturer. To achieve this end goal, it requires you to share test assets and environments between all involved parties in meeting the user expectation.
The ubiquity of virtualization and now containerization make this possible. For example, the fridge manufacturer can create a test environment in a container and pass that to the milk producer who has his own milk-testing container. He can then plug the containers together and test the system as a whole. Each container requires a clean interface as to how it interacts with the other test containers.
The sheer scale of IoT has killed manual testing, and the need to collaborate has killed code-level testing. You can’t expect to have access to other people’s code. For example, the milk manufacturer is not going to share its source code, but it will share a container. Put simply, IoT is the final nail in the coffin for code-level testing.
The new rules of engagement
So what does testing look like in this brave new world? In a hyperconnected world of digital user experiences, you must adopt a user centric approach to testing.
I believe there are five keys to success:
- Test through the eyes of the user and APIs
- Test all aspects of the user experience
- Monitoring is now testing
- Extend automation and analytics beyond test execution
- Report test status in terms of the user experience
With IoT, the days of testing what you build are over. You need to focus on the value proposition and test everything that is part of the user experience — test everything that you touch. For IoT to realize its dreams it must adopt a user-centric approach to testing.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
I sometimes Google a word or a phrase, just to see what the search engine algorithms is de facto defining it to be these days. USA Today even published an article once about the value in Googling yourself, but that’s a topic for a different post.
In any case, I decided recently to Google “internet of things” because for me, and potentially for a lot of people, the general definition was getting cloudy.
So here’s the results of the search on July 17, 2017:
I noticed a few things right off the bat:
- Certain organizations are paying A LOT of money to come up first in that search;
- Google’s default definition is appropriately broad and generic, if somewhat unhelpful; and
- It must be a challenge for those who have never really done any research on the topic to actually get to something useful in a search like this — only one of the articles on the first page of search results was from 2017.
I am not disparaging Microsoft and MIT here. It’s just that for a topic like IoT, getting to valuable, actionable information on the topic may require a bit more context and clarity. Certainly, these search results did not provide that. So I wondered: If I only had 30 seconds to tell someone about the value of IoT, what would I say? What “elevator pitch” would I give to get that person to care about this latest technical evolution?
I think I would ask this question: If you could know in advance that something you own, are responsible for or care about — an appliance, a car, an inventory of machines, a body part — was going to have problems, wouldn’t you want to know so that you could fix it? Well, to quote the oft-used but inaccurate Morpheus meme, “What if I told you that you COULD know?” That is the power of IoT — to allow things to “send and receive data,” but more critically, to know something new and valuable that could change a life for the better.
It may be a stretch to say that knowing that my car battery needs to be replaced is the same as knowing when my drinking water has been contaminated. The technological advancements behind one does support the other though, and the use cases for the tech are only limited by our imagination. As Eric Schmidt of Google said in 2015, “Everyone gets smarter because of technology, and the empowerment of people is the secret to technological progress.” Many who read this site are already implementing complex advanced services like machine learning and artificial intelligence. But Cisco recently reported that almost 75% of IoT projects are failing, and I think that’s in part because those not “in the know” don’t get it.
It is time for us to hone our elevator pitch — think of IoT as a startup and get really good at telling everyone we meet why what we’re doing matters. Tell them about the 200,000 babies that were saved, or the innovations in chemical-free water treatment. The data is out there, but not very easy to find for the average web searcher, so it is up to us to help — or the technology will take longer to “empower” the people and achieve lasting value.
It’s summer. Time for cookouts, kicking back and enjoying that all-American sport, baseball. I love baseball, in part due to its seemingly eternal rhythm. You root for your team. You listen to the same recognizable announcer’s voice calling the shots and grab tickets for your favorite seats. The players are all familiar — their stats, their strengths — enough so that when they come up to bat, you think you know what to expect. But then they face a new pitcher, adjust their stance, hit in a different part of the lineup — and wham! It’s a whole new ballgame.
Baseball has become more exciting since general managers, like Theo Epstein, began using sabermetrics to create miraculous team turnarounds, such as the World Series victories he led for both the Boston Red Sox and the Chicago Cubs. Baseball management tactics and dugout decision-making has changed on the heels of these Moneyball-style wins. Baseball fans everywhere can’t help but take notice that the information derived through analytics can make a major impact on the success of any baseball team — or any business, for that matter.
What can businesses learn from a similar use of analytics? With the advent of the internet of things and all the data being produced by field devices, businesses are rethinking their strategies as IoT gains ground. Operational technology (OT) managers see how shared data acquired by their controlled devices helps improve their own business decision-making. They also recognize how a common architecture that spans across their now disparate OT and IT infrastructures could improve efficiency, while reducing costs. Like sports sabermetrics, OT managers see IoT eventually leading them to a walk-off grand slam win.
It helps to be open-minded, even in the outfield
Traditional operational technology has a lot in common with IoT. It derives data from sensors, meters and other devices to monitor and manage the health of resources and machines. You’ll find it often in manufacturing plants, healthcare, transportation settings and other industrial control processes — the systems one finds outside of the data center.
Simply put, OT is the use of computers to monitor or alter the physical state of a system, such as the control system for a power station or the control network for a rail system. The term has become established to demonstrate the technological and functional differences between traditional IT systems and industrial control systems environments, the so-called “IT in the non-carpeted areas.”
IT and OT implementations evolved independently over time to solve different problems. In IT environments, the need to have different applications and systems interoperate with one another forced the requirement for open standards. Not so with OT. Working within the parameters of their pinpointedly focused proprietary systems, OT has continued to operate relatively sheltered from this pressure.
Operational control systems were specifically designed to be standalone entities. Often, they were not originally intended to be connected or even accessed remotely. But as OT managers begin to recognize the benefits data sharing provides, much like baseball’s GMs, they have become more open standards-minded. They see how unifying OT and IT systems through new IoT projects can eliminate inefficiencies and accelerate innovation.
Isolation inhibits innovation
An interesting article by Rany Jazayerli explored how taking a more curious approach to collecting and using data led to better performance by major league baseball teams. He pointed out that the team managers who preferred to do things the way they had always done them isolated themselves from a changing world. The effects were personally catastrophic, resulting in losses both on and off the field.
Operational technology managers don’t want to make the same mistake. They see that there’s a lot to be gained by adopting standards-based OT solutions and converging disparate OT and IT environments. With open IoT architectures, enterprises can reduce infrastructure cost and complexity, as well as improve performance. A common view of the intelligence gathered through the operations equipment can help businesses make more informed decisions. It can give them the visibility needed to help improve how they manage and deliver services. The data becomes more valuable when it becomes more accessible by applications that can make full use of it.
OT managers recognize that uniting OT and IT implementations can:
- Improve business decision-making by applying control data to business intelligence applications
- Enable them to reap the benefits of newer technologies, such as mobile communications or cloud-based services, for their OT systems
- Optimize industrial control processes and business flows, including introducing more automation
- Lower operating expenses by not having to build, manage and support parallel systems
- Accelerate business results by streamlining development projects
- Improve OT processing scalability
IoT will accelerate the pace of change in OT
That isn’t to say that OT managers will drop their legacy systems and hop on the IoT bandwagon immediately. Until now, industrial networking professionals have been quite conservative. The stakes are high — industrial networks can’t be allowed to fail due to their critical nature. Concerns around security and availability are still forefront in their minds. Their resistance to change can also be in part explained by the proprietary technologies that have locked them in. This tends to make change prohibitively expensive.
But IoT is acting as a catalyst for change. IoT initiatives present a perfect opportunity to unite these isolated, parallel technology disciplines. Many operations are starting to deploy standards-based operational control systems, replacing isolated meters, sensors and actuators with smart, IP-enabled devices as part of their upgrade processes. Businesses are beginning to unify their disparate OT and IT solutions as a result of IoT efforts. As they introduce the use of common protocols and building blocks, they work towards eliminating redundancies and improving business efficiency.
As pointed out by Mike Fahrion in his blog, “Merging OT and IT on the Internet of Things,” “…while the OT world was still busy getting different kinds of machines to communicate at all, the IT world was making incredible progress. Ethernet networking standards were developed and adopted. Cost points fell to amazingly low levels … OT can’t ignore IT anymore. The opportunities are too great. When attaching a remote sensor to a battery-powered node on a wireless mesh network can make the sensor data available to an analytics application on another continent, it’s time to stand up and take notice. That remote sensor has just become a node on the internet of things, and the value of both the sensor and the data it collects has suddenly increased exponentially.”
Like baseball GMs, OT teams are hoping IoT will improve their chances at a hitting a home run at every at-bat.
There is no doubt that we have moved into the growth stage of the internet of things, as devices, things and connected services have very much become a part of the consumer/commercial conversation. Today — driven by the success of Google Home, Alexa, Nest and other systems — IoT-related devices are now something you can purchase at Best Buy, Bed, Bath & Beyond or the U.K.’s John Lewis.
Today’s devices, services and underlying machine learning and artificial intelligence are very much pushing the envelope on what is possible with connected cars, the smart home and wearable technology. However, one of the main threats to the success of the IoT phenomenon is the potential lack of security and privacy protection — and the lack of knowledge around these issues. Do end users, device manufacturers and cloud service providers understand that the data they handle could be at risk of theft, misuse or manipulation? The answer apparently is no.
A security study published earlier this spring documented several cases of poor security, especially relating to pacemakers. The report highlighted a situation where vulnerabilities could be exploited in order to send malicious commands to the pacemaker directly, or intercept and alter data being sent from it. Here was a direct and clear example of multiple stakeholders in a healthcare IoT ecosystem not understanding the risks at hand. Indeed, one could go as far as saying the situation was a life-or-death case in point for the need for improved IoT safeguards and privacy control.
Healthcare IoT has outpaced cybersecurity planning
How did it come about that healthcare IoT was developed with many glaring security weaknesses, which is even more glaring in light of the fact there are 15 million installed healthcare IoT devices in the U.S. alone? As with many IoT devices, security is often seen as an inhibitor to application and services development, with security and privacy practices evolving as “bolt on” features, long after the device ecosystem was designed. This is both costly and dangerous.
In an effective healthcare IoT development ecosystem, devices themselves, along with the services, cloud infrastructure and applications they interact with, need to have clear infosec, identity and privacy controls embedded from the beginning. To achieve this, full data lifecycle analysis needs to be completed, along with the correct level of risk mitigation and protection. Where there are transaction points or areas that require protection, here is where developers need to find ways to upgrade privacy controls or security measures; it’s essential to maintain the confidentiality, availability and integrity of any data, function or service for which the healthcare device is responsible.
If we analyze the specific pacemaker case above, what exactly did the study find? First word of these vulnerabilities came via cybersecurity notices from the U.S. Food & Drug Administration in January 2017: “Cybersecurity Vulnerabilities Identified in St. Jude Medical’s Implantable Cardiac Devices and Merlin@home Transmitter: FDA Safety Communication.” This report detailed that vulnerabilities were not with the pacemaker device itself, but with the in-home transmitter used to monitor the devices and share data with doctors and caregivers. These transmitters collect data from the pacemaker and upload it to a private cloud where clinicians can monitor heart activity. The vulnerability? That the transmitter can also send signals and commands to the pacemaker, potentially enabling a bad actor to disable the device. Further study shows that the pacemaker/transmitter systems are vulnerable to programming hacks as well. The USDA report offers a clear example of where the entire device ecosystem needs to be analyzed to identify data entry and exit points, device and user identity and access management requirements, as well as how the device itself is managed. For example, how are vulnerabilities patched or firmware updated?
An ounce of prevention: Steps in defending healthcare IoT
Given the vulnerabilities exposed in the pacemaker report, what would be a logical path toward securing critical medical devices and systems?
- Admit the dangers. As a first step, device makers and healthcare providers together need to commit themselves to taking action, as another report proves how organizational preparedness for dealing with these threats is lacking. ISACA’s “State of Cyber Security 2017” report cited the fact that healthcare ransomware attacks are on the rise, with 62% of respondents indicating they’d experienced ransomware in 2016, but only 53% had any kind of formal process in place for dealing with it. Indeed, many of the device and cloud vulnerabilities that came to light during last year’s Dyn DDOS attack are likely to remain unresolved years into the future.
- Improve awareness and training. Both at the executive level and in cybersecurity departments, there’s a constant need for training. The bad guys and black hats thrive on innovation, so investments in focus, time and money must happen to keep up. The ISACA report found that the huge majority of cybersecurity professionals are allotting $2,500 or less per year for ongoing training, with one in four receiving less than $1,000. Considering the risks involved in healthcare IoT security, these are scarily inadequate budgets.
- Act cooperatively. By joining with other providers in setting the best practices and benchmarks for secure IoT adoption, device makers and healthcare providers can be on the same page in addressing security concerns. Sharing updates and responses to security threats, whether via forums or distributed alerts to cybersecurity experts working within these organizations, can help preempt problems before they become disasters. It’s an effective model being followed by cybersecurity entities in other industries, most notably financial services, and the FDA has made clear recommendations about how to implement it for healthcare IoT. The National Health Information Sharing and Analysis Center (NH-ISAC) is a prototypical example of just such a trusted community.
- Move beyond existing infrastructures. Even healthcare providers and organizations with cybersecurity systems in place that have been “good enough” to date are courting catastrophe. Older IT and security infrastructures lack transparency, are fragmented and siloed, inflexible and incapable of scaling. The very nature of IoT, however, demands agility and scalability from cybersecurity measures, and legacy systems limit a provider’s ability to respond to these new requirements.
- Adopt unified, scalable, future-proofed identity verification systems. Centrally managed identity platforms with state-of-the-art encryption and other safeguards already exist, and can scale to manage millions of patients, doctors, providers and healthcare professionals and the IoT devices they use, as well as other services and equipment. Such systems can register people and devices, link them together, authorize and de-authorize their access to data, guard against attacks, and apply policies on security and privacy practices and personalization. This way, high-level authentication, data security and cybersecurity are bolstered through an integrated ecosystem that’s also able to support the new technologies continually evolving in tandem with IoT.
In an age when hackers are frighteningly intent on disrupting or manipulating everything from the electoral process to power grids, healthcare IoT is too ripe a target for them to ignore. Which is why proactive planning, rather than passivity or reactivity, is the key to fending them off and protecting patients and providers alike.
I’ve written about some of the changes coming to the workplace, workforce and overall economy because of the continued proliferation of IoT devices. One area I’ve found especially interesting as of late is how IoT is helping something near and dear to my heart: food. Well, food production technically. My father-in-law is a farmer in rural Indiana and, through conversations with him, I’ve learned about all the pressures being placed on today’s farmers. They include:
- Availability of water: One of our customers, a large seed company, is investing heavily in agriculture that needs less and less water to grow because farmers must rely on increasingly unpredictable weather and battle urban demand for underground aquifers.
- Land: As Mark Twain quipped, “Buy land, they’re not making it anymore.” As urban sprawl continues, the price of land continues to rise. Sadly, many farmers are being pressured to sell their land as subdivisions and businesses move in around them. If they don’t sell now, who will want to buy their property when it’s land-locked between a neighborhood and a shopping center?
- Government/environmental regulations: The federal government (and often other foreign governments), are putting more and more restrictions on how food can be produced. This can impact things like pesticides, genetically modified organisms, land management, workforces or animal welfare. Even customers are demanding their own standards from farms these days.
- Managing pests: Controlling insects and disease is something that has plagued (pun intended) humans since the first days of farming. It takes time and money to ensure that whatever measures are used to drive away or exterminate pests are safe for the crops and those who consume them.
- Maintaining a profit: Like every business, farmers struggle with maintaining a profit in a market where prices are almost always stable or falling and expenses continue to rise.
- Increasing yields: Improving the yield (amount of output per acre) is important because it not only offsets increasing costs, but also helps accommodate an increasing population on less and less land.
While the average farmer may not be held in high regard by a layperson, the truth of the matter is these are individuals who often run multimillion dollar businesses and can handle all the complexities and challenges that come with it.
Increasingly, both the agriculture industry and individual farmers must rely on technology to overcome business challenges. IoT is a key part of these plans — connected devices are being implemented by millions of farmers across America.
Looking at the list of challenges listed above, IoT and smart farming can help farmers in all these areas:
- Availability of water: Deployed field sensors can create data points that monitor things like rainfall in specific areas or water requirements for crops to help drive irrigation strategies and reduce water consumption.
- Land availability: While IoT isn’t able to control land prices, it can help make farms better neighbors. IoT technologies can look for things like disease outbreak in livestock, allowing sickened animals to be separated from the herd and treated.
- Government/environmental regulations: Increased regulation means farmers must now provide data points from farm to fork and every step in between. By doing so, farmers ensure that various government import requirements are followed by local producers, making products available to a wider market overall.
- Managing pests: Sensors can monitor and scan the environment for infestations to pinpoint pest hotspots, allowing for more targeted applications of insecticides and other pest controls. This not only controls costs, but also minimizes potential negative environmental impacts.
- Maintaining a profit: Most people have read about the Silicon Valley’s self-driving vehicle obsession by now. Companies like Google, Uber and Tesla are all working on this technology, but people may not realize that self-driving technology and IoT sensors are already being applied to tractors and other farm implements. The ability to reduce the need for labor is creating direct cost savings for farmers, allowing them to spend resources on other aspects of their business instead.
- Increasing yields: As mentioned above, having access to real-time data that aids crop and animal monitoring allows a farmer to quickly identify and resolve problems, improving their overall yield. Data points that can be drilled down to a very specific location help immensely. Even tractors are helping by monitoring real-time yields as they plow, fertilize and harvest.
As we demand more and more from our farmers, harnessing IoT technology for smart farming appears to be the only conceivable way they’ll be able to succeed. With a world population projected by the United Nations to be 9.8 billion in 2050 and 11.2 billion in 2100, IoT in agriculture is an absolute necessity.
For any currency to be usable for IoT, there are some non-negotiable requirements:
- Support for transactions, especially small ones
- Stable store of value
- Predictable low latency
- Support for very high volumes of traffic
At first sight, bitcoin seems like an ideal choice for IoT. But if you look closer, bitcoin and other virtual currencies are deeply problematic.
There’s lots of information on how bitcoin works out there, but for our purposes it can be summarized as follows:
- Bitcoin is a ledger of transactions.
- So A decides that B now owns one of his bitcoins.
- The change of ownership is put into a queue.
- Lots of people working in lots of places take that queue and search for bitcoins.
- When somebody finds a bitcoin, the change of ownership is baked in using a complicated hash that prevents people from changing older versions of the queue, and the hash it results in is used in the next batch of transactions.
Because many different people are processing the same queue at the same time, and the process never stops, it’s more or less impossible to make a retroactive change. The ledger is in multiple places and is updated constantly with changes which build on prior modifications.
These concepts are broadly similar to how high availability works in transaction processing systems, but there are some very important differences anyone looking to implement bitcoin for IoT needs to consider.
The first issue is latency. For a transaction to finish in bitcoin, we need to know that bitcoin (the ledger) has finished processing.
In IoT, credit card fraud and telecommunications operations, latency is measured in either milliseconds or microseconds. A typical transaction, such as checking someone’s mobile phone credit when connecting a call, will take from 350 microseconds to 3.5 milliseconds in the real world, depending on the circumstances.
Now consider that a transaction is not just a one-way “fire and forget” operation. It is an event whose outcome matters and is not known in advance. If we’re just recording usage, the end result may not matter. If we’re spending some resource, (for example, money), the outcome does matter as we may be told we can’t complete a call due to low minutes, complete a purchase due to low account balance and so on. This is where latency suddenly becomes very important. Until we get a yes or no response, the client’s application can’t do its job.
In an IoT context, where we’re making decisions at computer speed (milliseconds) not human speed (seconds), poor latency can render a good idea unworkable. As I write this, it takes 31 minutes for a bitcoin transaction to be confirmed, which makes it utterly useless for automated transactions. Bear in mind that if we’re trying to implement some kind of iterative micropayment approach, IoT devices could be spending money every couple of minutes, which means we either deny services until the payment goes through, or we could have a massive queue of transactions in the system and be carrying the risk they will start to fail. There’s also an issue with predictability. The transaction confirmation time can, in practice, be anything due to the way bitcoin works.
The second major issue is support for the anticipated traffic levels we will see in IoT. A single IoT application could easily generate well over 10,000 transactions per second (TPS). In comparison, Visa is capable of handling over 56,000 TPS globally. Bitcoin is limited to 7 TPS. Not 7,000 TPS, 7 TPS. Think about that. Not only is it implausible for real-time transaction processing for an IoT app, it also calls into question if bitcoin’s architecture is even relevant when we’re planning on hundreds of thousands of TPS.
This brings us to our next issue: small transactions. In April 2013, the developers of bitcoin introduced a limitation on what they referred to as “dust” transactions. Transactions less than $0.007 were no longer accepted. This in turn raises two problems. The first is that some IoT applications might plausibly need transactions that are 7/10 of a cent or less. The second is a broader governance issue. If the people who run the currency can decide to change the minimum transaction size with no notice, what’s to stop them for doing it again?
Finally, we come to stability. Bitcoin has weekly price swings of up to 60%. While it’s been an excellent platform for speculation, who could plausibly price a product or service in it when its value is continuously changing? Bear in mind that a lot of IoT plays will be operating on razor-thin margins that could be wiped out by a currency swing.
While it’s clear that IoT will require some form of micropayments architecture, the current state of bitcoin renders it more or less useless as an IoT payment mechanism. What’s equally disturbing is that as a consequence of bitcoin’s lack of central control — despite issues concerning latency and scalability being obvious to anyone who cared to look — no substantive progress has been made in resolving them. We could, at this point, start looking at other digital currencies, but that opens up a further rat’s nest of questions about convertibility and survivability. The internet of things presents enough of a challenge as it is without bringing bitcoin on board.
Here at our firm, we are at the leading edge of developing many, many IoT products and potential products. With IoT, it is important to recognize the enduring principals that lead to long-term, successful products. Just as importantly, you need to know when IoT doesn’t make sense, and here are our insights regarding how to evaluate that:
The value proposition is not there
Consider the example of an IoT product around a coffee mug that senses how much coffee is left in the mug and the temperature. The mug can also be location-aware via GPS. This data can then be wirelessly communicated to a cloud system connected to other web- and server-based data sources. For this exercise, let’s think of the mug as connected through a low data rate cellular link. At the server, the location and mug status (volume, temperature) can be combined with other GPS data to now link the mug to the nearest available service provider to deliver coffee. This would trigger a concierge to get a message on his smartphone app telling him to come to the mug and refill with fresh hot coffee. It is the “Uber Coffee Mug.”
Ridiculous premise, right? Of course. One can create the Uber Coffee Mug; it is technically achievable. However, it is unlikely this creates sufficient value to warrant development of an IoT coffee mug. There are many cases where investments are being made and product is being developed for very dubious user value.
The cost/benefit trade-off Is unattractive
There is no way around it. An IoT-enabled device (and service) will cost more than a “dumb” device. While costs for the hardware elements are dropping, they still represent an increase in bill-of-materials cost. In addition, the cost and time required to create an IoT system is significant and is often underestimated. To be successful, an IoT offering requires hardware technology and integration as well as significant software development and data analytic expertise.
If a company is going to make this investment and incorporate the increased product expense, is there enough value to the user to warrant the price increase? Is there sufficient margin in the product for the company to balance against the significant cost and time required to create it? Is the risk/reward high enough to justify the exposure? These are tough questions requiring a thorough understanding of the opportunity and the value proposition to all constituents. In the mug example, the benefit is increased sales of coffee. The question is: Can you move enough incremental coffee to warrant the development and support of such an IoT delivery model? It takes a lot of coffee.
The company is not ready to capitalize on a new business model
Using the Uber Coffee Mug example, one can imagine the local deli delivering coffee as being a company which theoretically could find a value proposition in delivering coffee by the mug. The way to capitalize on the value might be to have users subscribe to the service. For a simple, monthly fee of $20, the deli will deliver you coffee any time during business hours, five days per week. But is the deli ready to accept a new business model? Are they ready to hire concierge delivery people? Will the company adopt a model where coffee is not sold by the cup but by monthly subscription? The same sorts of questions apply to any sort of IoT solution — the company has to be willing to adopt an alternative revenue recognition model.
Not sufficient funding to go the distance
Many companies are not cognizant of the full cost related to realizing lofty IoT goals. Certainly, a small startup of a few people may be able to put in sweat equity for some amount of time, but may not be able to do it for a year, 18 months or two years. The team may also not have all the skills necessary to realize the complete technology and may not have the resources to bring in development partners to help fill the gaps.
Unrealistic vision of the development cost and time
Boards like the Arduino are ubiquitous. They are great for hacking together a quick prototype that “sort of” functions like a real product. Getting a mockup together can be done quickly using such development kits. But a mockup or rough prototype based on such technology is far from a real product. The demo feels like a major milestone, but getting a demo running is 20% of the project. The other 80% is designing it to be small, reliable and cheap enough to be a real product. Too many startups have moved down the path thinking that when the demo was finished in a couple of months, the product would be ready to launch in just a couple more months.
There is much to consider in heading down an IoT-enablement path. Certainly, there are many new product categories and value-added products which can be created using this capability. Careful consideration of the factors involved in successful IoT product development is warranted. The cost of a mistake can be very high, but so too are the rewards.
Clouds are tricky things. It’s hard to tell where the foundations of a cloud reside. You could point at the physical infrastructure. Some of the best side-channel attacks target hardware. There is the operating system that runs everything. And there is the middleware, billing, hypervisors, drivers and web front ends. The potential attack surface of a cloud service provider (CSP) or consumption market platform is gigantic.
The internet of things is even worse.
Building in the trailer park
In part one of this series, I wrote about how a “cloud” project I worked on a few years ago went sideways. Of course, CSPs build their platforms on a master plan. Like a planned community, it is architected down to the minutest detail, and a phased rollout of services are thought out and integrated with their identity management suites. They protect the management plane through layers of proxied services, and deploy open source or open security architecture security technologies.
Unfortunately, IoT devices have none of this. Of course, since the clouds they are connected to are consumption-based they meet some of the basic requirements. But protecting the management plane is impossible because it exists on the same network that people are passing their data through.
Simply put, there is no separation of the data and management planes. Which is a problem.
That’s because cameras, home routers, wireless access points, DVRs and a myriad of locks, thermostats and lighting mechanisms are all accessible through the same connection you browse YouTube through. I call that “building in the trailer park.”
I understand that there is a need for inexpensive automation and services at home. Just like some people need inexpensive housing with convenient access to the city, with the ability to move the building if necessary.
There is nothing necessarily wrong with that. The problem is that tornadoes seem to be especially adept at finding trailer parks.
What can stop a tornado?
I’m writing the last of this blog as we prepare for a tropical storm to hit the South Coast. There are details and preparations and plans that need to be made to defend even a well-made home in a neighborhood of well-made and cared-for properties. Then there is the care and feeding of the occupants that needs to be planned for. The analogy between trying to protect a home network designed around a vulnerable architecture and defending a dwelling that is measured in single and double widths seems appropriate.
Finding an alternative way to mitigate IoT security issues continues to elude most manufacturers. The home firewall market, for example, is its own worst enemy. The code they use is old, unpatched and often contains more holes than the cheese found in Western Europe. There is no concept of separating IoT devices from the computers on the network, for example, which ought to be a fundamental procedure. Modern CSPs separate tenants, and even many functions and applications. But the comingling of the public cloud with the IoT cloud is a huge gamble. When combined, they make up something that has the potential destructive capabilities of a really bad storm cell over the Great Plains.
It is not dividing by zero as much as it is multiplying by zero.
The looming tornado threat found its first form with the Mirai botnet. Mirai is a collection of “hacked” home routers, DVRs, IP-based CCTV cameras and many other small devices that run operating systems that share a lot of fallibilities. Hackers are able to remotely load them with tools that enable them to hack other similar devices. Because these tools have unrepairable vulnerabilities built into them, even if a user reboots a device to clear it, it will likely be reinfected very quickly.
This network of infected devices can then be used to attack webservers, load balancers, DNS servers and all the other parts of the internet people tend to take for granted because they are “just supposed to work.” Like a tornado, these network storms have managed to take down large portions of the internet over the past year. Verisign, an owner of many of the top-level DNS servers, noted that its largest attack was clocked at 680 gigabits per second.
That is nearly the entire bandwidth of long-haul connections for the West Coast.
Preventing this would only require a handful of manufacturers to decide to emphasize defense rather than participating in the race-to-the-bottom, or the exclusive focus on speed and cost. If the public understood that their home routers can be used by criminals to snoop in on them, jump into their unprotected child monitors and grab at bank account information they leave in text files on their computers, IoT manufacturers would be forced to clean up their business.
What other natural phenomena should you worry about?
Did you know that the internet has a weather report?
The internet can experience floods, tornados and even scorching droughts. Each of these can affect adjacent areas. Drought, for example can be caused by gigantic firewalls and government limitations placed on the internet in various regions. As a result, it causes those portions of the internet to become unused or start to die.
Tornados are caused by botnets that can fill areas of the internet that are the equivalent of the American Midwest, like broadband networks. Like the dust bowls of the 1930s, broadband networks discourage the upstream serving of data. Just like over-farming creates infertile land, broadband networks are created merely for consumption and not serving, which means those IoT devices with basic server functionality built in are able to create a problem that can escalate rapidly and without much chance to shut it down.
Perfect storms are rare, resulting from a confluence of the worst possible causes. Tying a home to a cement pad, for example, helps it survive severe weather. Likewise, networks need to be built on a secure foundation. Of course, that means a little more will need to be paid for those devices, and more planning for security will need to take place if a person, for example, plans to automate their home or provide services for their family. In addition to building on a secure foundation, such things as practice, training, drilling and standard operating procedure testing are the only things that can truly prevent a disaster from happening, but that may be a generation away from possible. To start, however, IoT device manufacturers need to commit to better security so that the internet weather can be predictable and sunny, with blue skies every single day.