Qualcomm’s Liat Ben Zur spoke of the “Internet of Thing,” in the singular case rather than the plural, at the recent MIT Technology Review Digital Summit. She made the point using Google’s Nest thermostat that is connected to the cloud, and the cloud to an app to control it. Add another IoT device, add another cloud, and another app and so on. She brought into question IoT device interoperability and the rationale for sending all IoT data through the cloud when the purpose of much of the data is communicating between local devices on a proximal network. Proximal means local, like a LAN. If IoT devices from different brands are to work together in the proximal network independent of the cloud, the industry will need to agree to standards.
Qualcomm has a dog in the standards fight, though - an open source software framework called Alljoyn intended to accelerate the growth of the IoT, leading to greater consumption of the company’s processor and radio chips in IoT devices.
Companies like ThingWorx (acquired by PTC) and IControl provide machine-to-machine (M2M) clouds that interconnect disparate devices built to various standards into systems. One example of the ThingWorx platform is a farm irrigation IoT application that combines soil moisture sensor readings with weather forecasts to optimize crop irrigation. Similarly, IControl has built home safety, security, and monitoring applications. These companies are delivering IoT today using the cloud to provide interoperability, processing, and control logic. Generalizing the immediate demand for IoT interconnectivity, Pubnub CEO Todd Greene presented his company’s real-time network platform that companies like ThingWorx and IControl or independent integrators could use to interconnect IoT devices in a system.
Unlike the platform companies, Qualcomm’s goal isn’t to deliver IoT applications immediately to end users. The company is working to engage consumer and industrial electronics companies in the development of its open source Alljoyn project, making it a standard. According to Ben Zur, Alljoyn solves what she describes as “not so sexy IoT problems” that enable IoT devices to operate as a single system within the proximal networks across device brands, independent of the cloud. Alljoyn provides automatic device discovery, identification of services running on the devices, and information exchange between IoT devices.
An example of how IoT devices should interoperate within the proximal network was smart-smoke and air-quality detector company Birdi, Ben Zur said. When sensing a fire in a bedroom, the Birdi detector would have televisions and wireless speakers sound the alarm and provide an evacuation route, make smart light bulbs blink and change in color, and unlock all exit doors. The only communication outside of the proximal network should be the call to emergency responders.
The concept of devices from different manufacturers self-organizing into a system is a very sexy idea, despite Ben Zur’s statement to the contrary. Considering the long lives of consumer appliances of five and ten years and sometimes longer, the software update management challenges of maintaining interoperability between older and newer appliances on the proximal network alone will be difficult to overcome. According to Clark’s third law - “any sufficiently advanced technology is indistinguishable from magic” - this could be magic.
Krisztián Flautner, VP of IoT R&D at closely related company ARM Holdings, followed Ben Zur later in the day to reiterate the importance of standards and discuss the common requirements of IoT applications (see slide below), before turning to the darker side of IoT.
Flautner presented many questions that don’t yet have answers, beginning with how personal information is shared. People opt in to social networks and fitness apps tied to the cloud, trusting that their personal information and privacy can be managed with existing and evolving regulations that rely on transparency in its use and disclosure of breaches. But Flautner doesn’t believe that existing regulations based on transparency and security systems that rely on protecting perimeters and passwords can be trusted to scale to the 50 billion IoT devices Cisco has predicted to be in use by 2020.
The pace of innovation in hacking systems also needs to be included in the standards discussion. What might be secure when IoT devices are built could later be exploited through advances in hacking technology. Flautner offered two examples of how innovation improves the technologies used by bad actors. In 2008, a dedicated team of specialists was able to hack and gain control of a pacemaker at a distance of a few centimeters, but in 2013 MIT grad students showed the ability to gain control of a pacemaker at a distance of 50 feet. Second, the length of what is considered a secure password now exceeds 55 characters due to algorithmic and computational innovation by these bad actors.
Privacy and security policies and technology for the IoT still needs to be developed. Flautner believes that this will occur iteratively as IoT applications are built and the experience is used to guide the consortia to advance standards for privacy and security.
What can be expected of the future of IoT? Companies like ThingWorx and IControl will build cloud-based platforms and applications to integrate, secure, and control disparate IoT devices and serve as a reference model for standards. In the nearer term, ARM, Qualcomm and their competitors will research and develop standards and software to interconnect the proximal networks, and in the longer term define privacy and security standards that match the scale of the IoT in 2020 that Qualcomm forecasts to grow to 25 billion and Cisco forecast to grow to 50 billion.
It’s not a case of internet déjà vu interconnecting the islands of PCs with the internet because the internet computing, privacy, and security models of the IoT don’t currently project to meet the challenges of 50 billion IoT devices.