ANAND MANI SANKAR thoughts.toString( )

Internet of Things: The Good, the Bad and the Ugly

IoT- the good, the bad and the ugly

Internet of Things (IoT) is a phrase gaining foothold in the international lexicon of technology. It refers to the growing number of everyday objects that are able to connect to the internet and communicate with each other.

The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure.

Kevin Ashton coined the term “Internet of Things” to describe a system where the Internet is connected to the physical world via ubiquitous sensors. The ‘thing’ could be anything from a shoe, watch to medical instruments and household devices. But a ‘thing’ needs to have certain qualities to be part of the ‘Internet of Things’.

How can a ‘thing’ become part of the ‘Internet of Things’?

Unique identity

Of course, every ‘thing’ needs to be globally uniquely identifiable among the plethora of things in the Internet of Things. Integration with the Internet implies that the ‘things’ can use IP address as a unique identifier. However, due to the limited address space of IPv4 (which allows for 4.3 billion unique addresses), objects in the IoT will have to use IPv6 to accommodate the extremely large address space requirement. In case of ‘Intranet’ of things, a ‘locally’ unique identifier would suffice.

Ability to wirelessly communicate

The things in IoT are not of much use unless they can interact with each other and the user. So it is absolutely essential to be able to communicate, preferably wirelessly, with the things. The communication could be one-way or two-way depending on the nature and purpose of the ‘thing’. And the communication protocol has to be lightweight and efficient.

Ability to sense

Things in IoT need to have some kind of sensory capabilities to detect events or changes and provide a corresponding output. In addition to sensory capabilities, they could also provide actuation capabilities (e.g., light bulbs or locks controlled over the Internet).

Ability to be controlled remotely

Another quality expected of ‘things’ in IoT is the ability to control them remotely over the internet. Ideally, physical proximity to the device should not be a pre-requisite.

With the advancements in pervasive or ubiquitous computing and thanks to Moore’s law, even tiny ‘things’ with embedded logic, unique identifiers and the ability to wirelessly transfer data over the internet, can be part of the Internet-of-Things.

Is IoT just a hyperbole?

If you go by Gartner’s 2014 Hype Cycle for Emerging Technolgies, there is a clear indication that IoT is at the peak of the hype cycle - what they call the ‘Peak of Inflated Expectations’. Gartner also suggests that it will take 5 to 20 years for IoT to reach the ‘plateau of productivity’.

Hype Cycle for Emerging Technologies, 2014

Although the hype is a little premature and expectations are inflated, I believe IoT is not something that can be dismissed so easily.

The Internet of Things isn’t coming, it is already here.

Every big IT organization wants to ride the IoT wave. IoT is being made (sometimes forcefully thrusted) to be part of the road map - IBM, SAP, Microsoft, Intel, Cisco.

Its not just the corporates; Governments want in on the action as well. They are making IoT part of their strategy and are allocating significant budget in this direction. ‘Smart cities’, ‘Smart Industries’ are the buzz-words in IT policies of many governments.

  • Industrie 4.0 is a strategic project of the German government to computerise the manufacturing industry with the help of IoT.

  • British PM David Cameron announced a collaboration between UK and Germany on IoT

  • China is investing heavily in IoT and has made it part of its 5 year plan.

  • South Korea has come up with an IoT development master plan.

  • Indian Prime Minister Narendra Modi recently announced a $1.2 billion investment to fashion urban centers with sensors that will monitor traffic flows, water and energy usage, and security, and send that information to city officials. The Department of Electronics and Information Technology (DeitY) on 17th Oct 2014 laid out a draft policy on ‘Internet of things’ in India, describing the government’s plan of developing 100 smart cities, for which Rs.7,060 crore has been allocated in the current Central budget. This could lead to a massive and quick expansion of IoT in India.

Surprisingly, the US seems to be lagging behind in this regard.

The Good

Imagine everything was linked…

IoT has the potential to touch every domain, and nearly every aspect of human life. These numbers indicate the massive scale of impact IoT is expected to have:

  • 50 billion devices connected to the Internet worldwide by 2020

  • 3.5 connected devices per person by 2015 and almost 7 by 2020

  • 8 billion mobile broadband access points by 2019

  • 4.5 million IoT jobs by 2020

  • $14.4 trillion of value over the next decade

  • $97 billion additional revenue in Medical device industry by 2024

  • 70 percent a year growth through 2018 in total sales of clothing and accessories incorporating computer technology, rising from $3 billion today to $42.5 billion

  • $3.3 trillion market for ‘Smart City’ applications and services by 2025

At the core of IoT is the evolving relationship between humans and machines (or things, in general) - a relationship that is being redefined through technology, narrowing the divide between the two.

As Ali Babaoglan puts it, emerging technologies are working towards the following:

  • Augmenting humans with technology: augmented reality, bio-acoustic sensing, wearables, gesture control, 3D bio-printing…

  • Machines replacing humans: Driverless cars, robots, virtual assistants…

  • Humans and machines working together: NLP, HCI, virtual assistants…

  • Machines better understanding humans and the environment: Geo-location, biometrics, 3D scanners, mobile health monitoring…

  • Humans better understanding the machines: IoT, M2M, Mesh networks…

  • Humans and machines becoming smarter: Neurobusiness, predictive and prescriptive analytics, complex event processing…

IoT is driving a lot of these emerging technologies - building interconnectivity, bringing in automation in nearly all fields, generating tremendous amount of data that can be transformed into useful information and further insights, driving fast data processing requirements, etc. IoT is also revolutionising embedded computing - pushing for low-cost and ubiquitous computing platforms and devices.

Data -> Information -> Insight -> Wisdom

IoT is leading to sensor fusion of telemetry data - combining the sensory data from disparate sources such that the resulting information is in some sense better than would be possible when these sources were used individually.

Development Opportunities

IoT opens up a lot of interesting development opportunities in the form of platforms & applications, and new development areas.

IoT has not just piqued the interest of IT organizations, but also of the development community. Arduino boards, Raspberry Pi, Intel Edison and other low-cost starter kits are giving developers a quick head-start into the world of IoT. Getting ones hands dirty with IoT pet projects is fairly easy. The traditional ‘software’ developers are happy to see more tangible results, as compared to just altering the invisible 1s and 0s on the screen.

Development platforms for IoT are also mushrooming, making it easy for developers to get started.

  • Arduino comes with its own development platform and programming language based on Wiring.

  • Raspberry Pi is capable of running Linux distros and thereby opens up a lot of development opportunities. There are also independent IoT frameworks for Pi like WebIOPi

  • Eclipse recently launched the Open IoT stack for Java

  • Eclipse also provides some frameworks for building IoT/M2M gateways:
    • Kura - Java and OSGi based container
    • Mihini - Lua based embedded runtime
    • Paho - Open source implementation of messaging protocols
    • Koneki - Lua-based IDE
  • Concierge - small footprint implementation of OSGi core spec

  • Lua Development Tools - IDE for Lua development. Lua is a lightweight embeddable scripting language

  • There are a few more open source projects proposed to join the Eclipse M2M community:
    • Ponte - a proposal to expose REST APIs for accessing ‘things’
    • SCADA - open source implementation of SCADA to control and monitor large scale industrial systems

Update: 17th Nov 2014

Eclipse SmartHome project is a framework that allows building smart home solutions that have a strong focus on heterogeneous environments, i.e. solutions that deal with the integration of different protocols or standards. Its purpose is to provide a uniform access to devices and information, and to facilitate different kinds of interactions with them.

Thanks Kai Kreuzer for this update!


Overall, there are a lot of good things about IoT, both from a consumer and developer perspective. Many of the things that were science fiction until recently could be reality very soon!

The Bad (Read: The Challenges)

Lack of standards

As with all new technologies, the battle over standards is always a struggle.

The challenge mainly lies with developing an effective cross-industry technology reference architecture that will allow for true interoperability and ease of deployment. The fragmented M2M and Smart Systems vendor landscape that is not yet well aligned with the larger IT infrastructure and network services players also contributes to the issue.

Several different IoT standards are currently competing with each other, and more may be joining the contest soon.

Google and Nest are making significant strides in establishing the Nest Platform as the foundation for all consumer-based IoT devices and their software. All major players like Cisco, Qualcomm, IBM, Broadcom, Samsung, Microsoft have similar strategies for creating standards.

Eclipse IoT Working Group is playing its part in standardising a set of open source technologies for IoT. This group is a collaboration of industry and academic partners building a set of open source technology that will be the foundation for the Internet of Things(IoT). The technologies constitute the protocols, tools, services and frameworks for building IoT/M2M applications. (Details listed above in this post)

But, the opinion is still divided on standards and protocols.

The IoT protocol war

Qualcomm developed a communication protocol for IoT, named AllJoyn, which is currently a collaborative open source project of the AllSeen Alliance. Open interconnect consortium is an alliance founded by Intel, Samsung and Broadcom defining its own connectivity and interoperability standards for IoT. Recently, Broadcom left the group over a disagreement on how to handle intellectual property.

Google, early this year, announced a new networking protocol called Thread that aims to create a standard for communication between household devices. Thread is a networking protocol and not an IOT platform, and hence is not meant to compete with OIC or AllSeen. Instead they could work atop the Thread protocol.

There are competing special purpose low-level protocols like Z-Wave, Zigbee, Bluetooth Low Energy (BTLE) protocol and many more. Although Thread has the advantage of being IPv6 based (IEEE 802.1.4), and developers tend to prefer IP based protocol stacks over specialised ones, there is still no standardisation of the communication protocol in the IoT world.

This fragmentation of standards could severely hamper interoperability, which is one of the pillars of IoT.

Also, to a large extent, the future of the Internet of Things will not be possible without the support of IPv6; and consequently the global adoption of IPv6 in the coming years will be critical for the successful development of the IoT in the future.


Update: 12th Nov 2014

IEEE has a working group that is coming up with an architecture framework for IoT, focusing on standardization in addition to the blueprint/reference model. IETF is doing its part in standardization of the communication protocol, with 6LoWPAN, an IP based communication protocol, that is used as the base for the Thread protocol. CoAP is another interesting approach to IoT communication, as it is designed to be a RESTful protocol.

Thanks Eric Anderson and srmoore4638 for this update!


Environmental impact

The possible explosion of e-waste is another growing concern. The rapid mushrooming of small electronic devices could significantly contribute to the already growing e-waste.

A concern regarding IoT technologies pertains to the environmental impacts of the manufacture, use, and eventual disposal of all these semiconductor-rich devices. Modern electronics are replete with a wide variety of heavy metals and rare-earth metals, as well as highly toxic synthetic chemicals. This makes them extremely difficult to properly recycle. Electronic components are often simply incinerated or dumped in regular landfills, thereby polluting soil, groundwater, surface water, and air.

To minimize environmental impact, efficiency and robustness of ‘things’ become extremely important. Since ‘things’ are generally running 24x7x365, and are equipped with wireless capabilities, the power requirements need to be managed really efficiently. We don’t (yet) have a palm size fusion reactor (or arc reactor) like Tony Stark does. So the embedded software and algorithms should be power-optimized. Dynamic power management, turning devices on and off depending on usage and need, is another approach to this challenge.

Robustness of the devices also helps in improving their longevity, thereby reducing the wastage frequency. There needs to be a correct balance between low-cost and robustness of the hardware.

The Internet of (Expensive) Things

Smartness comes at a cost! In its current state, the ‘things’ in IoT are expensive.

This is not evident during the development phase, when you are prototyping or building with a small set of devices. But when you look at it from the consumer perspective, and multiply the cost by the number of ‘things’ required for a complete solution, the overall cost can be prohibitive!

Take smart home devices for example. Belkin WeMo wireless light switch costs about $42. A smart thermostat like Nest costs about $250, as against $25 for a not-so-smart one. Philips Hue, a wireless light bulb costs about $60. Imagine what it would cost to have smart switches and light bulbs everywhere in your house!

Terence Eden did a bit of calculation to see what it would cost to have sensors on his windows - to remotely check if they are open or closed.

After a traipse through my family home, I discover that I have 20 separate external doors and windows. I don’t live in a mansion - but all my windows are split into two different sections. So, if I want my windows to become part of “The Internet of Things” I’m going to be shelling out £600. That’s quite a lot of money. And that’s only for a passive system.

If you want a smarter one with which you could close the window remotely, you’ll need to shell out even more!

Of course, hardware cost is definitely going to come down. But its going to be a race between the speed of evolution of IoT and the rate of drop in hardware cost.

The Ugly (Read: The Concerns)

Security

Security experts have warned of the potential risk of large numbers of unsecured devices connecting to the Internet since the IoT concept was first proposed in the late 1990s.

One of the major concerns raised is that the Internet of Things is being developed rapidly without appropriate consideration of the profound security challenges involved, and the regulatory changes that might be necessary.

Products are often sold with old and unpatched embedded operating systems and software. Furthermore, purchasers often fail to change the default passwords on devices - or if they do change them, fail to select sufficiently strong passwords.

An open market for aggregated sensor data could serve the interests of commerce and security no less than it helps criminals and spies identify vulnerable targets.

IoT opens up a whole new level of security threats. With IoT, cyber attacks are likely to become an increasingly physical (rather than simply virtual) threat. When the ‘things’ in IoT are mission critical devices like medical devices security, it could be deadly!

A study from Hewlett-Packard found that 70% of the most commonly used IoT devices contain vulnerabilities - or in other words, they can be hacked!

IoT - a hacker’s delight!

“With most [smart devices], if you can connect to it, you can own it.”

— James Lyne, Head of Security Research at Sophos

  • Computer scientists at the University of Michigan hacked into “smart” traffic lights with nothing more than a laptop and basic radio broadcast equipment.

  • Hackers at the Black Hat security conference compromised a Nest thermostat in front of a live audience.

  • BBC recently assembled a team of seven computer security experts and let them loose in a home full of “smart” devices. In short order, they cracked the security on every last one of them. “The one that people really get concerned about is the microphone on a smart TV,” said one expert. “We were able to bug a living room through it.”

IoT - weapons of mass disruption?

  • WiFi pacemaker hack: In the late 2000s, scientists demonstrated a WiFi pacemaker hack with which one could take control of the device. The threat was so deadly (no pun intended), that former US Vice President Dick Cheney’s doctors disabled his pacemaker’s wireless capabilities to thwart possible assassination attempts. (This was even before the TV series ‘Homeland’ used it as a plot-line.)

  • Iran nuclear experts race to stop spread of Stuxnet computer worm: Stuxnet, a 500-kilobyte computer worm that the software of at least 14 industrial sites in Iran, including a uranium-enrichment plant.

It compromised the programmable logic controllers. The worm’s authors could thus spy on the industrial systems and even cause the fast-spinning centrifuges to tear themselves apart, unbeknownst to the human operators at the plant.

  • Insulin pump hack delivers fatal dosage over the air: At the Hacker Halted conference in Miami, the attack on wireless insulin pumps was demonstrated. The attack hijacks nearby insulin pumps, enabling the attacker to surreptitiously deliver fatal doses to diabetic patients.

  • Car electronics taken over remotely: The electronics within a car can be hacked, taking control of the headlights, locks, steering and even the brakes.

  • Smart meter hacks: The best case: smart meters can be hacked to cut power bills. The worst case: A criminal who can hack your smart metering utility system can identify when usage drops and assume that means nobody is home.

  • Printer firmware hacking: Canon Pixma printers firmware was modified from the Internet to run custom code - not just any custom code - the classic 90s computer game Doom! That’s not very scary. But imagine this - the firmware can be hacked to send a copy of every document printed on that printer to the hacker!

  • IoT botnet - thingbot: An IoT botnet (or thingbot) is a group of hacked computers, smart appliances and Internet-connected devices that have been co-opted for illicit purposes.

Privacy

The impact of IoT on consumer privacy is another major concern. Smart homes also mean more hackable devices at home. Every internet connected device increases the possibility of breach of privacy, autonomy and control.

Chances are Big Data and the Internet of Things will make it harder for us to control our own lives, as we grow increasingly transparent to powerful corporations and government institutions that are becoming more opaque to us.

Will IoT make our homes the perfect Panopticon?

Hackers who could only virtually spy on your computer until recently could now potentially spy on you in your own house! This article explains why you should be scared of your ‘smart’ TV. With facial recognition, voice recognition built into TVs, the possibility of snooping using the TV is pretty high.

Joseph Steinberg gives you more reasons to be scared of smart devices at home.


Update: 17th Nov 2014

Kai Kreuzer, founder of openHAB.org and project lead of Eclipse SmartHome, talks about ‘Intranet’ of things, where he addresses the increasing privacy concerns with smart home devices.


Is Fire Sale a real possibility?

Fire Sale is the main theme of the Die Hard film - Live Free or Die Hard. It is an all-out cyber-warfare attack that performs a three-stage systematic attack on a nation’s computer infrastructure - shutting down transportation systems, disabling financial systems and turning off public utility systems.

With IoT, this fictitious threat could very well become a real threat! Actually, a small scale secret experimental attack was performed by the US Department of Energy in Idaho, where a power plants control system was hacked, changing the operating cycle of a generator and sending it out of control.

So…Yes, fire sale is very much a possibility!

IoT Security measures:

Lack of updates will be IoT’s Achilles heel: An ineffective or nonexistent plan for deploying security updates will be the single largest impediment to security for the Internet of Things.

Some of the security aspects that need to be considered for IoT are:

  • Embedded Operating System and Software security

  • Embedded firewall

  • Data security: at rest and during transit

  • Data encryption

  • Secure development practices

OWASP Top 10 security concerns for IoT need to be considered early during the development phase.

New security model and standards must be developed for the Internet of Things.

The Paranoia

Killer Robots - Rise of the Machines?

Borrowing another Hollywood reference, could ‘SkyNet’ become a reality? Bryan Bishop of The Verge seems to think so. Even Elon Musk is scared. You should be too!

Google is already taking precautionary measures against an eventuality like this. Here’s the proof.

IoT: A baby step towards Technological Singularity?

Technological Singularity is a term used to describe the theoretical moment in time when artificial intelligence matches and then exceeds human intelligence. The term was popularized by scifi writer Vernor Vinge, but full credit goes to the mathematician John von Neumann, who spoke of [in the words of Stanislaw Ulam] “ever accelerating progress of technology and changes in the mode of human life, which gives the appearance of approaching some essential singularity in the history of the race beyond which human affairs, as we know them, could not continue.”

The great Stephen Hawking believes AI could be a ‘real danger’.

So, is technological singularity a real possibility? Can the evolution of machines overtake the evolution of humans, its creator? John A De Goes doesn’t think so, and I would tend to agree, although hesitantly!

The Future

Forbes has an interesting infographic on how the Internet of Things could rule your workday in 2020.

Internet of Things is exciting! It is going to change the world!

While much of the future of IoT is still unknown, and there is a fair share of concerns around this topic, we are already starting to see an early wave of emerging products which look very promising.

Technology is becoming all pervasive and evolving at a such a rapid pace that even technocracy could become a reality! Its too early to say if the Internet of Things would create a technological Utopia or Dystopia. But its not too late to take the right steps in the right direction.

If ‘the good’ becomes better, and ‘the bad’ and ‘the ugly’ are addressed early, the ‘Internet of Things’ could mark another tectonic shift in the history of technology!

comments powered by Disqus