By Michael Fauscette
By 2020, the number of internet connected devices worldwide will likely near 30 billion, which represents 300 percent growth from 2016. The value and use of these devices includes both business to consumer (B2C) and business to business (B2B), with roughly 60 percent of the devices in B2C. These connected devices are diverse, ranging from microscopic to enormous, and communicate using a variety of protocols and standards. These devices make up the space we refer to as the Internet of Things (IoT).
The value of a connected device is the sharing of the sensor data, which is historically difficult to extract and distribute. Many of the sensor types are not new. However, the ability to connect them through the internet increases the value of the data because it is delivered to platforms that leverage the information to take action or support decision making. For example many years ago, sensors were embedded into industrial machinery components for monitoring and collecting maintenance data. The problem was that the data was stuck at the sensor, or a local control and monitoring panel. Now, with the ability to collect the data and distribute it easily—relatively anyway—the data supports operations, decision making, and monitoring remotely from a variety of internet-connected devices. While the explosion in the number of connected devices opens up many possibilities, these new systems come with some unique issues as well.
Because of the number of industries and environments where devices are connected, there is no single working group responsible or accountable for defining communications, device management, security, data, infrastructure, identity, and semantics. The current standards and protocols, which would help in all these cases, rely on the existing standards and protocols not originally designed for IoT. Several working groups and standards bodies try to address the growing needs. However, because of the breadth of the standards issues, no single body can own all of them, but instead must rely on cross group collaboration to ensure the standards don’t create more problems than they solve. The new standards—the ones that will meet the needs of IoT—must also extend to industry verticals as more solutions flood the market.
Security, Privacy, and AI
Security of the IoT is particularly challenging since it has multiple threat points, ranging from the actual device to infrastructure and communications channels. With an estimated ten billion devices to secure as well as a range of communication protocols distributed on the edge of internet, security is complex and important. Recent examples of security problems indicate that devices can be hacked and be used for nefarious purposes, such as the denial of service attacks.
As the number of devices continues to skyrocket it’s also impractical to continue to centralize the data collection and management. This means that the computing and data storage may need to be on the edge instead of a central environment. Also, sensors are small and generally inexpensive devices that are difficult to impossible to physically secure. Many of the computer resources used in the infrastructure are not sophisticated enough to support complex security algorithms. Current security approaches and tools, including authentication, are too complex for the current needs and generation of connected devices. Several initiatives may offer some improved security, ranging from re-engineering the devices with built-in protection to securing at the infrastructure or data layer.
Ownership and use of the sensor data is a growing concern that goes beyond security. Many business models and services related to IoT emerge. For example HVAC businesses could begin selling uptime and guaranteed temperatures to a building owner, instead of equipment, by using the monitoring capabilities of connected devices. In that case the building owner doesn’t own the equipment so the data belongs to the HVAC company and the building owner might not even have access to it.
Sensor data collected in factories from intelligent machines produce data that could not only be monitored but also trended to build predictive or even prescriptive capabilities, allowing machines to be repaired before they break down. If the factory owns the sensors and the machines then ownership of the data is clear. It becomes less clear though, as outside service firms become involved in providing equipment and services on premises. In these more complex situations it’s critical to define the answers to data issues before signing contracts.
Privacy is another consideration, particularly in the B2C market with smart home devices. Having a device like Amazon’s Alexa or Google Home can be a very good and useful purchase. To do its job though, it must listen all the time. By its nature the device communicates across your network, out to the internet and to company servers. Having home network security clearly becomes more important as you add smart devices. Amazon does a good job defining its privacy guidelines so trading off a little privacy for convenience is an acceptable risk for many of us. Add in third party risks though, and that opens up other issues. Could the device/data be hacked in transit, and is it encrypted to protect from that scenario? There is also some risk that a criminal or other agency could hack into the device and use it for purposes other than its original intent.
Artificial intelligence (AI) is also rapidly growing in use, and some of the solutions to issues might involve making the IoT “intelligent.” The mashup of AI—machine learning, natural language processing, deep learning, etc.—and IoT expand as more combined uses are defined. The connected home example above uses AI in addition to IoT. Some of the potential security protections might involve AI enabled security or intelligent security. Intelligent things have the potential to help with a number of these issues. The IoT and AI markets are in rapid growth mode and are evolving quickly. Along with those capabilities though, to a long list of issues must be dealt with.
As the opportunities for IoT continue to emerge, considerations like security and privacy challenge adoption for B2C uses. However, as intelligence mounts these issues begin to dissipate. SW
Michael Fauscette is the chief research officer at G2 Crowd, an online platform and community where people connect and share experiences about business software, and gain user experience-based insight to support business software purchase decisions. Fauscette is responsible for strategic research, community management, and the analysis, packaging, and use of data from B2B software users.
May2017, Software Magazine