Hatem Oueslati, Co-Founder and CEO, IoTerop
Analysts are predicting that the number of IoT devices deployed will grow to reach 50 billion devices by 2020. More IoT devices will be shipped each year than PCs, tablets, cell phones, set-top-boxes and gaming platforms combined.
This will indeed be a historic opportunity for many industries. But imagine a world, where those 50 billion devices, despite being “connected” are unable to easily understand each other. Imagine a world, where changing a parameter or updating a firmware of those devices is a challenge. Imagine a world where those 50 billion devices managing our electricity, water network, buildings and transportation are vulnerable to cyber-attacks!
Analysts nearly uniformly agree that the main obstacles to mass deployment and adoption of IoT will be security, device management, and interoperability.
Figure 1: Principal obstacles to IoT adoption and deployment (source VDC Research 2014)
1st Challenge: Security
Security is a monumental challenge for IoT developers. Defective security of a connected device could have critical consequences. Here are some serious case examples reported from the US Department of Homeland Security:
- In 2014, a University of Michigan team accessed a traffic light network using readily available hardware. Once inside the system, the team quickly gained the ability to change traffic signals, alter logic commands, and disable the signal devices.
- In 2009, the FBI uncovered widespread fraud in a Puerto Rican utility that used smart meter hacks to underreport energy use. The FBI assessed that utility employees offered to alter customers’ energy meters for a fee. Meter tampering, thought to have involved 10 percent of system smart meters, cost the utility over $400 million.
- In 2009, security research firm IOActive demonstrated the ability to install malware onto a commonly used smart meter. Simulations run by the firm further demonstrated how easily they could then spread the malware through AMI (Advanced Metering Infrastructure) servers across millions of other smart meters, allowing them to remotely cut power to associated buildings. Although this particular attack preyed upon a hardware design flaw, the ease and impact of the attack demonstrates the possibility of a large-scale attack.
Clearly the status quo of IoT security will not allow for mass adoption. IoT solutions need far more robust, comprehensive and integrated taking into account the highly dynamic nature of the IoT eco-system (hardware, software, networks, etc.). Not to mention the security challenges posed by device-to-device communication.
To enable IoT solutions to be secure, the entire communication channel from the sensors to the service provider has to be secure. In many cases in current solutions, sensor data is sent unencrypted and can be intercepted, falsified or too easily misused, leading to potential security breaches as illustrated above. Therefore, it is critical that IoT developers add security features during the design phase of their IoT solution development.
IoT developers thus need to choose a security mechanism adapted to the characteristics of the targeted connected object devices and network environment taking into account: limited memory, computing power, energy availability and bandwidth availability. In addition, an IoT developer would certainly prefer to rely on a security mechanism that is standardized and widely used in the Industry, thus proven robust, interoperable and sustainable.
2nd Challenge: Interoperability
Interoperability is another major obstacle to the adoption of connected objects. Today, most IoT solutions available are proprietary and incompatible with one another. Costs incurred due to the fragmentation are too high for the suppliers, developers and users of IoT services. Stephen Miles, Research Affiliate at the MIT Center for Biomedical Innovation points out the challenges of interoperability problems met in US hospitals using disparate electronic devices. The only way to currently counterbalance the negative effects of device fragmentation in order to exploit data they collect is to use expensive third party software and invest important resources to collect, analyze and disseminate this data.
As most IoT developers want to make their IoT solution operate across multiple sensors, they need to adapt their service or application according to each deployed sensor type or manufacturer. This fragmentation causes significant integration costs and maintenance hurdles for them. Indeed, the use of a non-standardized protocol and/or proprietary solution creates a situation of incompatibility between existing objects and solutions and any future components that might be added.
3rd Challenge: Device Management
Finally, device management is also another important aspect to the deployment of an IoT solution. Maintenance and deployment costs, as well as the necessity to add incremental improvements will all be dependent upon comprehensive device management capabilities. Below is a concrete example from Frost & Sullivan’s report from 2015:
In January 2014, the US government ordered Tesla and General Motors to recall some of their respective cars due to a potential fire risk coming from a defective electrical component. Tesla, using remote connectivity services based on OMA standards, updated 29,000 vehicles by remotely installing a software patch. Unfortunately, GM had not integrated any remote services resulting in a recall of 380,000 cars to their distributorships requiring each car to be manually updated. Technology choice in this instance, made a significant difference in terms of maintenance costs and user experience.
Indeed, Connected Objects may need to evolve in a challenging environment. For example, parking sensors can be buried under 40cm of concrete. Therefore, it is important to put in place standardized, comprehensive administration services to manage different devices aspects, such as: maintaining connectivity, data recovery, security, changing parameters such as the frequency of collecting data or software upgrades. Most deployed objects today don’t incorporate such features or it is very limited and/or proprietary. However, this trend is likely to reverse itself in the future as adoption spreads and the costs and drawbacks become clearer to administrators and solution providers alike.
There is unlimited potential for real functional and business benefits of IoT to many industry sectors. It is commonly recognized that the millions of connected devices that make up the Internet of Things need to be switched on, configured, provisioned for services, maintained, updated with software, possibly switched off and on again, recovered from error conditions, monitored, queried for data, repaired, their applications managed and finally the devices taken off their network connections at the end of their lifetime. And ideally, all this happens remotely, securely and with interoperability across devices and networks. Developers seeking to mitigate the challenges of security, interoperability and device management should consider implementing a standards based solution using recognized industry specifications such as OMA’s Lightweight M2M.
For more information, download the complete white paper, The Top 3 Challenges IoT Developers Face.