As the communications industry races toward new technologies like 5G, massive IoT and cloud everywhere, it’s vital that operators make the move from network management to intelligent network automation. Without intelligent automation, networks that already are overwhelmed with the demands of today’s connected world stand absolutely no chance of scaling to the demands of tomorrow’s network.
But how operators make the transition to an automated network management system (NMS) is vitally important, as well. Consider the wide variations required for automating network management systems in just a few scenarios:
- To achieve faster time to market for next-generation services like IoT, an operator wants a network management system that directly enables services based on application requirements and intent, with minimal user intervention.
- To eliminate downtime associated with manual and human discovery of network degradation, an operator needs its NMS to automatically recover from network degradation, as well as variations in network behavior created when adhering to service-level agreements (SLAs).
- To improve operations efficiency and time to market for new services, an operator needs its NMS to automatically interpret network configuration parameters and orchestrate end-to-end networks based on service and application requirements.
Regardless of the application, for automation of NMSes to be effective, the transition has to be made without causing major disruptions to existing operations. As such, operators should consider an overlay-based system that allows for a phased deployment, beginning with current processes and adding automation as required or necessary.
Following this trajectory enables operators to immediately onboard new services as required by customers, consistently meet network performance and SLAs in line with customer commitments and optimize network resources.
How to make the transition
A number of factors should be considered by operators to ensure that existing networks continue to operate effectively during the transition to intelligent network automation. In fact, adding intelligence should always be done in such a way that it complements existing network services and configurations.
For instance, operators should consider how automation will impact all five levels of network management: fault management, configuration, accounting, performance and security (FCAPS). An intelligent NMS overlay system should orchestrate fully with existing FCAPS network management frameworks.
The NMS overlay also should integrate machine learning-based algorithms for internal workflows. The internal workflows can continue to improve their recovery capabilities based on internal network and external events that can help predict potential network degradation, while at the same time providing information to the operator as to steps being taken to recover network performance. Doing so ensures that stakeholders are always aware of what’s happening in the network, automating processes when possible and, ultimately, guaranteeing performance based on SLAs.
Additionally, a true multidomain system will automate the connection of interfaces in all directions to existing element management systems, management and orchestration systems and operational support systems (OSSes). Southbound interfaces provide communication and management between the software-defined network controller, nodes, physical and virtual switches and routers. Northbound interfaces are used to convey alarms, performance, inventory, provisioning, configuration and security-related information for network elements (NEs), which are passed or forwarded to the OSS. Most importantly, all interfaces north of the NMS are oriented toward specific services — including next generation services — thereby facilitating the complete networking needs of the service to a single management system.
Additionally, eastbound and westbound traffic should be automated to ensure that virtualized components are considered throughout the operation, as well for any required recovery. Integration of the application performance, network performance and virtualized infrastructure performance provides a comprehensive view of the health of the network and service, and additionally the ability to correct any deficiency to continue to provide high-value application-specific network needs.
The impact on operations and services
Intelligent network automation can have tremendous impact on operations. For instance, intelligent network automation supports a services-oriented approach to operations which, in turn, allows the organization to better focus on customer needs.
Additionally, intelligent automation enables the NMS to manage network components and expose issues on the network without human intervention. As such, customers and operators have immediate access to service performance and parameters. When partnered with canonical data models, all operations systems, including customer relationship management, can readily have information immediately available to deal with any customer service workflows. The intelligent network management system also inherently supports that addition of automation at the service layer by implementing advanced robotics, for example, robotic process automation systems.
Intelligent network automation also gives operators the option of providing a portal for customers to control their service parameters. This is especially helpful for customers that have varying network needs, such as providing services at sporting events.
But next-generation NMSes also give operators a plethora of new applications and services to support. In addition to supporting traditional network services, intelligent network automation and orchestration enables SD-WAN and similar agile network services. As a result, enterprises glean a number of performance and cost benefits with SD-WAN technology, including high-quality data transfer, increased provisioning and uptime, and embedded security features.
For next-generation applications, operators also gain the ability to build out edge clouds, while virtualizing network functions. The combination of a multicloud environment built on virtualized infrastructure gives operators more flexibility and responsiveness to changing network demand, at greater scale and with a lower price point.
Finally, intelligent network automation enables operators to create unique network offerings for vertical businesses’ specific digital transformation. In order to support industrial IoT, connected car applications and smart cities, operators must have the ability to create application-specific network parameters and performance for different use cases.
Without question, today’s operators have tremendous opportunities for developing new services and applications on next-generation networks. Operators that distinguish themselves in the market will be those that develop and implement a plan now to incorporate intelligent network automation as part of their next-gen technology plans.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
The path to autonomous vehicles is through connected, shared and electric vehicles, because a car has to be connected to share data about what it sees on the road, charge itself and build a business model to offset the additional cost to becoming autonomous.
What is car data?
Car data comes in many forms:
- Car cognition data that is used to build the deep learning models that the car uses to drive autonomously.
- AI in cars creates the in-car experience with augmented reality, virtual reality and voice.
- Data about the data comes in the form of three digital twins: One is about the car parts and how they are performing; this will help predict recalls or track the supply chain of the car parts to understand usage behaviors and can inform product development. The second digital twin is about the car environment, and the third digital twin is about customer behavior pattern.
- Outside-in data, such as vehicle-to-vehicle (V2V) and vehicle-to-everything (V2X), brings data from other cars, road infrastructure, traffic lights and parking garages into the car. This helps the car create its service plans or decide where to park based on parking availability. V2V will help keep roads safe.
- Another set of outside-the-car data is smart mobility data. This is the data cities collect about multimodel vehicles and their usage for shared mobility vehicles. This can help create mobility services for specific neighborhoods.
What is the business of autonomous vehicle data?
There are lucrative business models based on data disintermediation in the flow of car data in the value chain. For example, the car knows where a rider is at any given time, and it knows what the person did in the car using in-car experience. This data can be shared across the insurance value chain in the case of an accident.
There are hundreds of businesses waiting to be built that will disrupt many industries waiting for their data to be harnessed in a safe, inclusive and scalable way. The real opportunity for innovators lies in the business models that will be developed by creating disintermediation using data.
How can you learn about the business of autonomous vehicle data?
The topic of the business of autonomous vehicle data includes:
- Learning about what is autonomous vehicle data and how it can be used in a business setting.
- AI in the car
- Digital twins in the car
- V2V or V2X data
- Car cognition data
- The business models of autonomous vehicle data and industry best practices
- Data disintermediation
- Data democratization using blockchain
- Service models and more
- Technology of data
- Privacy by design
- Analytics on the edge
Learn more about the business of autonomous vehicle data here.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.
Elon Musk is no fan of artificial intelligence — a couple years ago, he tweeted an ominous warning it could cause World War III. The late Stephen Hawking was in the same camp. In one BBC interview, he predicted AI could spell the end of the human race because it would ultimately take off on its own, redesigning itself at an ever-increasing rate that we slow-evolvers couldn’t compete with.
And that beat has gone on: A Fast Company article about robots learning languages we can’t understand. Forbes warning of AI risks like autonomous weapons, social manipulation, invasion of privacy, social grading and discrimination. In each piece, we’re encouraged to fear AI’s misuse — the stuff of dystopian nightmares. But should we?
As a technologist who helps enterprises find value by adopting IoT tools, connectivity and technology — including AI — I’m often asked: Are these nightmares grounded in reality? My answer: A little, yes. But mostly no. There’s little to fear and much to gain.
Here’s what I mean.
First, we should be clear about what we mean when talking about AI. At a high level, artificial intelligence can be divided between general AI and narrow AI. General AI is an attempt to create the kind of adaptable intelligence that we see in the movies — think HAL in 2001: A Space Odyssey. This kind of AI doesn’t really exist yet; in fact, there’s vigorous debate in the scientific community as to whether it will ever become reality. And this kind of AI is what most dystopian scenarios are built on. I’m personally not concerned about it.
Narrow AI is what we work with today: intelligent systems that have been taught — or have learned — how to carry out specific tasks without being explicitly programmed to do so. This includes narrowly defined tasks, like driving autonomous vehicles, responding to simple customer service queries or flagging fraudulent credit card transactions. When narrow AI coordinates with other narrow AI, it can do things like book hotels or flag inappropriate content online.
This kind of AI is crucial to IoT — in fact, the two are inextricably linked. If you think of an IoT network as a body, then data is its blood and AI is the organ that brings in the data, processes it — boiling billions of data points down to identify patterns — and then recirculates it to start the cycle again. In IoT-enabled industries, these data do things like power predictive maintenance or track assets. You can’t have one part of the cycle without the others.
I do think data security is a legitimate concern for narrow AI, and that appropriate privacy and security protocols are critically important. But data is what AI processes, not AI itself. And while no one can guarantee there will never be data breaches within an AI system, there are excellent guidelines for password protection and how data is encrypted, transmitted and stored.
So no, the AI we use today isn’t the bogeyman these articles would have you believe. As an industry professional, I think alarmism about new technologies simply makes for good clickbait. Emerging technologies do sometimes have unintended, adverse effects, but using AI to improve industrial performance, asset tracking and safety is just the next step in a well-understood, decades-long movement towards automation.
And looking ahead to the step after that, 5G will profoundly affect narrow AI by increasing the capacity of the internet as it expands to accommodate the 20.4 billion connected devices that Gartner predicts in the world by 2020 — with a latency of a mere 1 millisecond! This new wireless network expects to see a 90% reduction in network energy usage, extending the battery life for low-power IoT devices as much as 10 years.
In the end, AI is a tool. It’s a tool that’s helping improve industrial value and enhance consumer experiences. And, like most tech people I know, I really love having the best tools for the job. Don’t you?
According to a recent report from the Internet Society and Consumers International, 28% of people who do not own a smart device won’t buy one due to security concerns. And eight in 10 consumers surveyed think privacy and security should be assured by either regulators, manufacturers or retailers.
In parallel, manufacturers complain that it’s expensive and time-consuming to ensure products sufficiently address all possible security concerns. And that it doesn’t necessarily pay off in terms of increased sales and market share either. Consumers who are comfortable with taking the risk will buy anyway, and consumers who aren’t — like those above — will still remain unconvinced.
This isn’t a healthy state for any market to be in. And it makes me wonder if all smart devices should be made to carry a security-star rating. Just like those used to show energy efficiency, for example Energy Star in the U.S., or crash safety in the automotive industry, such as Euro NCAP in Europe.
Why were early smart devices so insecure?
The problem is that the security of smart devices has, until now, been an afterthought. And neither the end user nor the device maker was willing to pay for it. And the industry, somewhat naively, completely underestimated how big a deal security would become. (Why would anyone want to hack my smart baby monitor?)
Although things are improving, we’re a long way from having a level of security that’s trusted by end users as much as, say, HTTPS and SSL certificates are for websites. And this situation is unlikely to change, in my opinion, without the creation of some kind of independent regulator. The issue is just too big to be left to manufacturers and retailers to resolve on their own.
A good place to start would be to address the security issues revealed by the most well-publicized hacks to date. And this needs to happen fast, before demand for smart devices starts to evaporate. And by fast, I mean something in place during next year; it can’t be five years from now.
What would this security look like?
Something very similar is underway in the chip industry. Arm, for example, is developing a Platform Security Architecture (PSA) that recognizes that an Arm-based smart device is only as strong as its weakest link. A single vulnerability could compromise the entire device.
To combat this, Arm PSA aims to layer in security from the silicon level upwards. It targets four broad sources of insecurity: communications, physical (silicon), product lifecycle and software — the most common vulnerability of all.
Public Knowledge, a U.S. consumer rights organization, has also produced a white paper urging the U.S. government to mandate some kind of cybersecurity shield mark to denote that a connected device is secure. The paper details what such a program would look like and how it should be implemented, assessed and adopted.
Why it must be a star rating
What I love about star ratings is how simple and effective they are. Nobody would buy a car with a 1 out of 5 safety rating, which is why car manufacturers don’t build cars that unsafe. With stars, you get a pull from the end user and a push from the manufacturer to ensure a minimum standard is reached.
You also give the consumer the opportunity to pay more for products with higher ratings and the extra piece of mind this gives. And IoT device manufacturers will then struggle to sell devices that are unfit for purpose — those which have little or no security — no matter how low the retail cost.
That said, products that have been hacked to date were not necessarily the cheapest or inherently insecure. The problem is when you develop a smart device or system you need to think about thousands of things, and you only need to overlook one to leave a vulnerability that a hacker can later exploit.
There’s nothing smart about an insecure smart device
Security must be built into a smart device from the design phase, through component procurement, and all the way to the end of life for that product. Just because a smart device is old doesn’t mean it should become insecure.
And in the real world, a device manufacturer should also be able to update or patch any security loopholes that may appear in the field. That means support for over-the-air firmware updates and software patches, too.
Consumers’ lack of trust in smart devices won’t be reversed until their security is given a total overhaul. And the future growth of the smart device industry will be severely hampered. A security-star rating is desperately required. And soon.
The technology world has witnessed the penetration of IoT in recent years, and it has been a game changer in many industries. Backed by capabilities like mobility, IoT has set new benchmarks in business performance, innovation and user acceptance. Forward-thinking companies are integrating IoT-backed apps that can refine overall business performance.
A survey estimated that presently 26.66 billion IoT devices are active in 2019. People spend a lot of time on mobile apps; integrating IoT technology into these apps makes them powerful.
Besides, sensor-enabled bridges, buildings, pavements, appliances, smart vehicles and wearables are already in the market. As a business leader, you surely want to know how investing in IoT can benefit your organization.
Why are companies using IoT-enabled technologies?
IoT consists of a network of devices, connected through the internet. It is capable of sharing data between the nodes. This indicates that all the utilities and devices would remain connected to each other. Users can enjoy constant communication in the digitized environment. Business firms can gain incredible benefits from this advanced technology.
Maintaining the security of data is a concern for every organization. IoT has already bolstered data security, and many companies are presently collaborating with IoT app developers to integrate the sophisticated technology.
IoT applications you might integrate into your business
Here are some IoT applications that you might consider integrating into your business:
The success of a business firm largely relies on an efficient supply chain. You can get the supply chain optimized using IoT. Experts are working on technologies that will enable companies to install sensors in goods that are being shipped. This will help you know the condition of the products and intercept any dented product before it reaches the customers or the shelf.
IoT can also help enhance brand loyalty. Presently, the free-range movement trend reveals that a large number of customers is interested to know where the products they are using come from. When they are able to track these items through the supply chain, it enhances the transparency in business. This brings companies better branding opportunities to benefit from.
IoT in insurance
Insurance companies can immensely benefit from IoT. Customers making safe choices are rewarded by insurance providers in most instances. For instance, the insurance provider may cut rates in case a customer is unlikely to file a claim. Integrating IoT apps and technology will streamline this process to a substantial extent.
This concept is applicable to the auto insurance sector as well as homeowners’ insurance. You can also use IoT programming to connect multiple devices over a network. Homeowners can now install security systems, locks and other safety features through automation.
Insurance providers can see all the relevant data through their IoT device management system. This will lower premiums to a substantial extent. Reputed insurance companies are already collaborating with IoT developers to build such applications.
One of the most important advantages of using IoT in business is its ability to enhance security features. Today, threats from cybercriminals remain a concern for businesses. App developers are coming up with IoT-backed mechanisms that combat these cybersecurity issues. This process can keep your business secure, particularly if you are dealing with finances.
Presently, companies need IoT-backed apps that are safe and ensure the privacy of their users. Business firms from various segments of the industry are exploring the security benefits of IoT.
These applications can add an extra security layer and keep data private and secure from cyberattacks.
How IoT affects mobile app development
The mobile app development industry has witnessed a new scale of innovation with IoT. These systems are now capable of handling any mobile gadget or device where the end users remain at any given location. Other affects include:
Connected communication efforts
IoT is powerful and helps in embedding apps and devices into a single system. For example, people can now check security cameras, track cabs or switch on lights using IoT functionality on mobile devices.
Life has become easier for users as well as app developers. Users are able to manage multiple systems using IoT from a single device. At the same time, developers can put in a lower amount of effort during the app development process. Developers can now create multiple apps in the timeframe previously used to develop a single app.
Shift in focus
Previously, the objective of mobile app developers was to build a system that was user-friendly. However, with the inception of IoT, the focus now lies in crafting feature-rich apps. These IoT features help businesses stay ahead of the competition and fulfill customer expectations.
You need to prioritize the needs of users and the trends of current market while developing apps. The usability of IoT-backed apps and the features they provide simplify life for customers. It is for this reason business firms are focusing on building customized apps for specific purposes.
Since the commencement of IoT in the market, it has welcomed several possibilities and opportunities. The focus presently lies in providing users with a centralized platform where they can manage multiple devices. As a result, one can enjoy more cost-effective systems and, at the same time, businesses can manage end-user needs seamlessly.
Beacon technology is a major technology in this. These IoT-embedded devices are fixed to certain locations. Many companies dealing with mobile app development are integrating beacon technology that involves the emission of a signal from the beacon. Information is conveyed by the signal in the form of a notification alert on mobile devices. Here, centralized applications can manage other devices from a particular location from a single device.
Why is IoT growing?
IoT has made its mark evident in almost all fields related to technology. With technologies evolving, it is likely that the emerging trends of IoT will have a substantial effect on personal lives as well as every industry.
For marketers and businesses, IoT can make operations easier and more efficient. Considering the potential that IoT offers business firms, it is wise to invest in these systems.
IoT programming trends are still evolving, and a lot is yet to come. According to experts, applications based on IoT will bring several sophisticated products in the coming years. While smart homes have been translated into reality, other opportunities still remain a business resource. Data from IoT devices can be used to explore the habits of customers and analyze the same.
It is advisable to partner with an IoT developer capable of creating products and systems that will streamline your business. In the process, you can offer better value to your customer base and gain an edge over your competitors and prove your brand loyalty. This makes investing in IoT applications a wise decision.
Considering IoT is in its infancy — and due to past years of wasted in predictions that have not been fulfilled, as well as disappointing statistics of successful projects and the fact that most companies don’t have clear strategies — it’s normal to think that R&D is necessary to boost and accelerate the increasingly skeptical IoT market.
R&D should be an essential part of bringing innovation to any company via IoT projects. And though we can all agree how important R&D is, it requires a great deal of experience, senior experts and specific tool sets — resources that not every company has handy.
However, there is a risk when deriving strategic decisions that executive directors consider to be technological toward R&D departments. Many times, oblivious to the reality of the markets, those responsible for R&D develop products and technologies for problems that do not exist just to obtain recognition or continue living without pressure from top management. Many subsidies are granted by unqualified administrations that don’t understand the utility, the business model, the business case and the commercialization of innovations R&D wants to develop.
Now, if we ask sellers of IoT technology, products and services, they may not be happy with the idea of having to talk with R&D areas instead of with other areas of the company more likely to buy. Most times, R&D departments decide to do it themselves. Vendors know that with great probability they will not close deals due to lack of budget or low visibility by the rest of the departments in the company.
The importance of R&D for IoT
Innovation in IoT is a major competitive differentiator:
- IoT-focused companies need to invest in R&D to keep up with the rapidly changing and expanding market. It is important that an organization’s R&D iteration turnaround times are quick, otherwise the company is not going to be able to keep pace with market growth. However, it’s not enough to simply speed up R&D — innovative IoT firms, both startups and established companies, must also make sure their R&D processes are extremely reliable.
- You can’t solve R&D speed issues just by increasing budget.
- Executives must maintain strong, steady communication with R&D regarding the department’s priorities over a particular timeframe and how progress will be measured.
- Guidelines are invaluable. The more structured and streamlined R&D procedures are, the better IoT companies will be able to move from conception to delivery.
- Design innovative IoT products, but accelerate time to market.
- Encourage internal collaboration. R&D team should share real-time data across internal departments to spur intelligent product design.
- Also encourage external collaboration. Connect with customers and partners to ensure success.
- Drive overall business value with IoT through differentiation.
IoT project R&D: To outsource or not to outsource?
Just like any other technology, IoT products require thorough research and development, and it better be done by professionals. Despite the noise generated by analysts and companies around IoT, the reality is that there have not been many IoT projects, and therefore it is not easy to find good professionals with proven experience in IoT to hire.
When I think of outsourcing IoT projects, eastern European and Indian companies immediately come to mind, no doubt because the R&D talent seems to be cheaper there. Spain could also be a country to outsource IoT, but at the moment I do not see it.
The benefits of outsourcing R&D for IoT projects include:
- Expertise and an eye for innovation;
- Bringing an IoT project to market faster;
- Optimizing costs; and
- Controlling and managing risks.
I am not sure about the quality of R&D companies or the experience of their staff, but there is no doubt that there are benefits to outsourcing R&D for IoT. Select an R&D company only after careful evaluation.
Spain is not different in R&D for IoT
I have not believed in R&D in Spain for years. There are exceptions without a doubt, but it seems evident that the prosperity and welfare of Spain is not due to its R&D.
With the entry into the EU, I thought Spain had great markets open to it. I was also optimistic that it would have great opportunities in the Latin American markets thanks to the fact that its R&D capacity could have been consolidated effectively in the country’s companies and universities because it would be profitable and worldwide recognized.
But it has not been that way. The technology developed in Spain, and more specifically that relating to IoT, has little chance of being commercialized in France, Germany and the UK. Add the development gap of South American countries and the fact that local markets are averse to technological risk and it is difficult to for IoT R&D to flourish in Spain.
That does not mean that we do not have public R&D budgets for these areas. The same thing that happened during the last 30 years has happened again: The incentives and aids are few, and for the most part used to finance large companies with little return to society. There is no rigorous control of the aid granted and, above all, there is no plan to encourage local and global marketing of products developed with the talent of Spain’s scientists and researchers.
I have stopped believing and trusting in governments to achieve change in R&D, but there are exceptions that are worthwhile to follow and work with them. For this reason, I continue help them demonstrate that Spain can be different.
After years of unfulfilled expectations, companies are skeptical of the potential growth of the IoT market or the benefits of their business. R&D department can be a cure to boost IoT initiatives, but also a poison to kill IoT initiatives.
IoT may have started in R&D, but its benefits don’t have to end there. To drive overall business value, it’s important to share IoT data — both internally and externally. Facilitating open collaboration, discovering new ways to innovate products and accelerating time to market, you can differentiate R&D and your business.
As fast turnaround times and reliability become a focal part of companies’ R&D processes, these companies will be well-positioned to thrive within the IoT market.
Thanks for your likes and comments.
Reading the large amount of news on connected technologies, I often wonder what the writer actually means by IoT. I do not want to open the Pandora vase holding the discussion on the definition of IoT; there is already a huge corpus for this and any reader animated by a scientific approach — even a slight one — should look into it and find the definition that suits him best. It is actually interesting that while I was writing this piece, on the IoT Agenda site there is yet another definition. As in the standards world, where too many standards mean no standard, here too many definitions are heading toward no definition. I have the feeling, though, that there is a strong interest in leaving a certain amount of fuzziness on the topic. As it’s possible to play on the vagueness of the concept, everything that has a sensor can be labeled “IoT.” I’ve heard of standard HVAC systems that suddenly became IoT; even better, a switch and a lightbulb are now IoT as they are connected.
“Smart” is likely the most used word in this era, trespassing the boundaries of technology and entering the real life. We live in smart cities, where we can find a smart parking using smartphones connected to smartwatches. Everything now that has a nanogram of silicon is smart. In the past, I’ve often made the remark that smart is a synonym to intelligent. Intelligent comes from the Latin “inter legere,” which means to read between the lines, to go beyond the surface. This definition implies a certain amount of nondeterminism as there is an interpretation of reality, and not a mere action-reaction, we enter the world of subjectivity. It’s very easy to see it when two very intelligent people debate on a topic, having opposite opinions. Therefore, literally at least, a smart device is a nondeterministic device. Now that there is huge excitement on AI, maybe we’ll be entering the realm of really smart objects.
But my focus here is a bit different. What I’m interested in debating is what the components of an IoT system are, and when a system can be labeled IoT. In the internet, the discussion is very easy. Internet is a global network of computers that use the IP protocol — and more in general, the TCP/IP protocol suite. If we add small objects to this definition, using a lightweight approach, we could just be extending network connectivity to objects that don’t use the IP protocol. My Bluetooth mouse would then belong to the IoT universe. Back in 2008, I defined IoT as “a worldwide network of interconnected objects uniquely addressable, based on standard communication protocols” — simply extending the definition of internet. I’m not sure, 11 years later, if this would be the best definition of the phenomenon.
IoT in most cases is perceived in a different way. IoT is when atoms and bits meet. It implies that there is a real word and a digital representation of it, often called the digital twin. The transmission, or network, mean is irrelevant in this vision, and if IPSO had its way, there the IP protocol will be everywhere. This enlightens two facts: First, that the I in IoT just means connectivity; second, given then that there is a necessity to provide an interaction between the digital and the real world, the presence of sensors and actuators is a necessity. So far, I am discovering the hot water, as this is basically the definition from ITU-T dating back to 2005. But do all sensors belong to the IoT domain? In other words, I read recently about something labeled “IoT sensor” which implies the fact that there are sensors that are not IoT. Does it make sense? Not really in my opinion. Every sensor that is instrumental to create a digital twin is belonging to the IoT domain, no matter how simple or complex. My understanding is that an IoT sensor is used as a synonym to smart sensor. This implies that there is a clear class distinction between dummy sensors and smart ones; supposedly, the second class is operating some sort of processing before sending the data. I guess a temperature sensor that transmits only when the temperature changes, so it has a byte of memory to store the information of the previous temperature and a circuitry to see if the data corresponds to the new measurement, may not be smart as it does not process the information. But how much processing is needed to classify a sensor as smart — forgetting for a minute that smart means nondeterministic? If a sensor is able to send the temperature in Celsius or Fahrenheit, and to switch between the two upon reception of an input, would that be enough?
Closing this digression, and saying that it seems logical that any sensor can be part of an IoT system, we get to the point if an IoT system itself must be smart, or the processing capability is something that is common but not necessary. If it’s not necessary, then connecting sensors and actuators would be enough to make an IoT system. A light switch and a bulb would then be indeed an IoT system — maybe not a traditional one, but we just need to connect the bulb and the switch with a wireless bridge so that the switch uniquely identifies the bulb and sends a command using a communication protocol. Or a wireless temperature sensor with a screen. In my opinion, this sounds indeed too little to be considered an IoT system; we need some processing in order to separate purely electromechanical appliances from the IoT world.
Summarizing, I came to the conclusion that that an IoT system is a system that:
- Instantiates a digital representation of a physical entity — a digital twin;
- Uses of sensors of any kind and is able to modify the environment using actuators; and
- Is able to perform — at least some — information processing.
Enterprises are facing a host of security risks, from active shooter and lone wolf attacks that threaten innocent employees to natural disasters that decimate buildings and supply chains. Expanding into new markets can also be a risky proposition, especially in areas where political and social upheavals are happening. Fortunately, in spite of all the hazards, IoT technology is emerging as a powerful way to mitigate risk and protect personnel.
Remember the key fobs of days gone by that were designed to limit access to buildings and required a constantly changing code? Today, smart cameras can recognize people who are authorized to enter a building and keep out those who aren’t. Security cameras that run 24/7 can also automatically flag suspicious activity, meaning a security guard no longer has to constantly monitor multiple video streams in hopes of catching a culprit. Guarding against outside threats is only the beginning, though.
Inside your building, IoT smoke and carbon monoxide detectors can send notifications to personnel in the building in addition to conventional alarms. That way, they know where the threat is occurring and can avoid it on the way out.
IoT devices are revolutionizing safety. But before you rush out and buy an armful of them, follow these steps to get the most value for your money and ensure your people are as protected as possible from the threats that matter most:
1. Complete a threat assessment
Even the biggest enterprises lack unlimited budgets. To make the most of every dollar, start by preparing for the events that are most likely to occur on your campus. Use these assessments periodically, but be sure to comply with regulations locally and in your industry. Then, prioritize the threats that would have the biggest impact. For example, if you’re located on or near an active fault line, an earthquake might be one of your most pressing concerns. Start here, and then prepare for other less immediate threats as the resources become available to you.
2. Map threats to potential solutions
Prioritize systems by ranking their value. First, determine how effectively each one solves the problem at hand. Then, look at the time and money required to implement them. Start with the platform that provides the most value in the least amount of time because it will let you minimize exposure while you pursue other more time-consuming risk mitigation strategies.
3. Look for platforms that are tailored to the enterprise environment
Just because IoT devices and apps offer peace of mind for certain places and circumstances, it doesn’t mean they’re legitimate for an enterprise. For instance, devices in a home might not necessarily operate smoothly or effectively for a campus. Notifying lots of employees in a large building takes enterprise-grade devices, so think about and research which platforms are best for your needs.
4. Ensure IoT systems meld with your existing security
Implementing IoT platforms can be complicated, so plan ahead to find a system that’s compatible with the security measures you already rely on. Great IoT products that you can’t integrate with other security features aren’t useful in the long run, so limit your search to products offering a high degree of interoperability.
IoT devices have come a long way, and they’re bringing extra layers of safety and security to enterprise campuses around the world. Legacy systems can’t compete with the constant connectivity offered by IoT, which can revolutionize areas like access control or perimeter surveillance. For almost any threat, rely on IoT to create a safer and more secure workplace for you and your employees.
The IoT revolution is in full swing. Smart watches, smart speakers, connected refrigerators and AI thermostats and doorbells are just the tip of the iceberg in terms of IoT, though. Legacy infrastructure in industries, such as transportation, manufacturing, utilities and logistics, is also being upgraded with internet connectivity. As the entire world around us gets swallowed up by the IoT ecosystem, there’s a critical need for cybersecurity standards to ensure the devices we rely on are secure and our privacy is protected.
Explosion of IoT
Gartner estimated that we will have 21 billion IoT devices by 2020. Some estimates suggest it could be more than double that at 50 billion IoT devices. Regardless of which estimate is more accurate — or if you just split the difference and assume the number is around 35 billion — it’s a staggering number of devices. That’s about five connected IoT devices for every single one of the 7 billion-plus people on planet Earth.
IoT devices will continue to skyrocket exponentially in terms of both volume and diversity — especially as 5G networks become mainstream. Wireless network speeds 50 to 100 times faster than 4G LTE networks will result in 5G networks becoming a primary network that competes with or replaces Wi-Fi networks for many businesses and consumers.
Every one of those devices expands the overall attack surface and provides an opportunity for hackers to exploit vulnerabilities, compromise network resources, or steal or expose sensitive information. Unfortunately, the vast majority of devices that are created will focus on performance and/or cost at the expense of security — or simply ignore the issue of cybersecurity altogether.
Challenges of IoT security
By definition, each IoT device is connected to a network in some way. It runs some sort of operating system — no matter how rudimentary — and most contain some sort of sensor and an ability to collect and transmit data. The fact that these devices are capable of executing code means they are also capable of being hacked and compromised.
It is crucial to encourage those designing and developing IoT devices to shift security left. Cybersecurity should be woven into the supply chain and development process rather than tacked on as a post-deployment afterthought.
The need for IoT cybersecurity standards
The proliferation of IoT devices — particularly low-cost IoT devices — lowers the bar for deploying IoT anywhere and everywhere, but organizations need to consider security implications as well. The overwhelming volume of devices make it virtually impossible for a company or consumer to be able to effectively assess the security controls on their own to make an informed purchasing decision.
Businesses and consumers need to be able to easily identify IoT devices that meet minimum acceptable security standards. A standard for certifying the cybersecurity of IoT devices accomplishes both goals — providing an incentive for developers and manufacturers to strive for and providing customers with a simple way to determine which devices are secure.
Establishing IoT cybersecurity standards
Thankfully, there are IoT cybersecurity standards being developed, such as the CTIA Cybersecurity Certification Program for Cellular Connected Internet of Things Devices. CTIA represents the U.S. wireless communications industry and its members include a cross-section of wireless providers, equipment manufacturers, app developers and content creators.
The CTIA IoT cybersecurity standard strives to raise the bar on the minimum acceptable security design for IoT devices. CTIA is implementing the standard using a tiered approach, with a set of minimum criteria defined to achieve each level. At a minimum, IoT devices must have password management, access controls, an ability to install software updates and a patch management process to achieve Level 1 certification. For Level 2 certification, devices must also include things like multifactor authentication, remote deactivation and the ability to uniquely identify itself. Level 3 — the highest level defined for the IoT cybersecurity standard — adds encryption of data at rest and evidence of tampering, among other things.
Giving the IoT cybersecurity standard some teeth
Creating an IoT cybersecurity standard is a great start, but standards only have value if they are adopted and enforced. With broad enough consensus, a standard becomes self-perpetuating. As businesses and consumers accept and expect devices to pass a given standard, companies must adhere to the standard or their products will not be purchased.
It takes time to achieve momentum like that, though. In the meantime, there must be some means of enforcing the standard on a smaller scale or placing some consequences on organizations that ignore the standard. The wireless industry is an excellent starting point because many IoT devices are designed to connect to wireless carrier networks. As 5G networks roll out and become mainstream, it will essentially be a requirement.
In order for a device to attach to a carrier network, it must pass PTCRB certification — a framework established in 1997 by leading wireless operators to ensure compliance with global industry standards for wireless cellular devices. The CTIA Cybersecurity Certification Program for Cellular Connected Internet of Things Devices is offered as an additional voluntary certification. A few carriers require CTIA certification for devices connecting to their networks, which will hopefully drive broader adoption and enforcement eventually throughout the industry.
The future of IoT cybersecurity
Developing and enforcing an IoT cybersecurity standard will not magically make everything secure overnight. There are millions of devices already on the market and already connected to networks around the world that did not have to meet any IoT cybersecurity standards and there are no plans to just disable them all or kick them all off of the internet.
Better security will come through continued efforts. Influencing developers and device manufacturers to move security left in the process and implement secure design and cybersecurity best practices by default is a step in the right direction. Ultimately, though, security is a moving target and ensuring better security for IoT devices will be an ongoing mission that will require focus and cooperation.
In a 2017 article, I offered seven tips to ensure a successful IoT product development partnership. Nearly two years have transpired, and while the old tips are still relevant, here are four more insights on the topic gained from our years of experience designing IoT products.
Security concerns are crucial
IoT products are often deployed at the network edge. Because these are often purpose-driven devices, some product companies pay little heed to security-related concerns. In the hands of end customers, these devices can become points of entry for hackers and other unauthorized users. There are many strategies to address these security concerns — or to at least set up reasonable barriers to entry. For companies that are working with a product development service provider, it is crucial that they include security in their statement of work. Also ensure that the service provider is fully conversant in the issues and has the expertise to implement remedial actions in order to mitigate security-related risks. If uncertain of the security strategies to apply, companies should engage with their development partner in the first phase of the project to help define an effective, tactical implementation plan.
Wireless standards are in a state of rapid flux
Not everyone is aware of all the wireless communications technologies and strategies available both now and on the horizon. Likewise, there are important tradeoffs to be made in selection of the right strategy for the IoT product. The most common ones in recent years have been Wi-Fi, Bluetooth and cellular modems. However, there are now many spinoffs muddying the waters. Among the more recent or evolving technologies are Zigbee, Bluetooth Low Energy, LoRa, Cat-M and Wi-Fi 6. An IoT product firm needs to find a supplier apprised of current and emerging technologies that has deep knowledge of the tradeoffs between risk, data and connectivity costs, power consumption and bandwidth. Selecting the wrong platform can result in excessive costs, quick charge depletion or inappropriate bandwidth, as well as obsolescence issues.
Identify a clear end-customer value proposition
There are so many opportunities to convert passive devices to become smart and connected IoT products. Before engaging a product development partner, make sure there is a solid business case. The IoT product company needs to ensure when the product is created that is serves a need or satisfies a desire for the end customer at a price he is willing to pay. This is the essence of value. Sometimes IoT product companies fall so in love with the product concept that they have an unrealistic sense of its market value. As with any new product, there has to be a known or unmet need for the consumer.
Be realistic about schedules
Too often, an IoT development client does not realize how long it will take to create a finished product. There are lots of developer kits out there along with single-board computers. On occasion, a “quick and dirty” proof of concept can be created. It may work — or possibly even look convincing. However, there can be a big difference between an engineer-created demo that is built in quantities of one or two, and a full product that has been designed to be reliable, tested and ready for scalable production. Also, it is typical that IoT devices have to go through one or more regulatory approval processes. Depending on the hardware and communications strategy, that could invoke processes such as CE, UL and those with the FCC.
If cellular is involved, carrier certification will be needed. Using a pre-certified cellular modem cuts down but does not eliminate the process. If the IoT product is highly size-constrained and requires design around a cellular chipset, the carrier certification process can take months. In working with a product development partner, creating a production-ready product or even a minimum viable product that can be deployed without concern for field failures or warranty issues takes time.
It is fundamental to ensure that the expectations of an IoT development client and their product development services partner are clear and explicit. When there are disconnects between the two parties, problems invariably arise at the end of a project when the partner believes it has satisfied expressed customer needs when the client’s understanding is that the deliverables do not align with their expectations. Putting these best practices to work will go a long way to establishing clarity around client satisfaction and the creation of an IoT product that provides clear and worthwhile value to the end-purchasing customer.