Don’t Do IoT Yourself, Say Experts
Roopinder Tara posted on December 09, 2016 |
Be careful, but don’t wait to start implementing IoT. Here are notes from IoT Tech Expo North Americ...

Hey, this IoT thing sounds really cool. Let's make our products connected. Sound like something Dilbert’s pointy-haired boss would say?

What Dilbert's boss does not understand is all the pieces that have to drop in place in order for IoT to happen. And, sadly, most of them fall outside the core competencies of us Dilberts.

Don’t Wait for It

Figure 1. For IoT and for gelato, choose wisely but choose now, says Stan Schneider.
Figure 1. For IoT and for gelato, choose wisely but choose now, says Stan Schneider.

Stan Schneider of the Industrial Internet Consortium (IIC) tells his young daughter, who is faced with too many choices of gelato, to choose wisely—but to choose now. Schneider was keynoting at the IoT Tech Expo North America 2016 in Santa Clara—the heart of Silicon Valley. He made a parallel comparison to IoT platform technologies, of which there are so many, and each one better than the other, making for a bewildering choice for engineers tasked with making their products connected. You don’t have time. Your competition is already on it.

What to Do in House and What to Outsource?

Figure 2 -. The IoT panel agrees agreed on one thing: DIY IoT is a bad idea. Hire us instead.
Figure 2. The IoT panel agrees agreed on one thing: DIY IoT is a bad idea. Hire us instead.

But since the IoT is so new, and the knowledge required to implement IoT is not necessarily possessed by every design engineer, it fell to the next panel of IoT experts to tell us how much we should do ourselves, and how much we should farm out.

A consensus was easily reached. DIY is a bad idea. You have to pick an expert to take on IoT, if you are not one already. Present company excluded, of course, was what they were thinking. There are too many fast-moving pieces, each requiring a certain expertise.

Sir, Your Dog Is on the Phone

Take a dog collar, for example. Adding IoT to the collar involves having sensors for whatever you want to sense. Is Rex barking and disturbing the neighbors? If so, wouldn’t it be nice to enable the dog to ring a bell and be let in via a connected dog door? A connected dog treat dispenser could also enforce good behavior. Wouldn't that be a best seller? This IoT thing could be awesome!

But connecting to the Internet requires knowledge of communications technology. Do you use a data connection to connect to the Web, Bluetooth and a mesh network? What protocols will be used? How will the data be processed, and whose cloud will be used? How will Rex be distinguished from a hundred other dogs? Or, if this really takes off, how will he be distinguished from a million other dogs? And how could the connected device be hacked? Could someone tap into the collar and dognap the family pet?

Feeling Insecure? You Should Be.

Bring on a security expert. Grant Asplundh is one such person. His company, CENTRI, exists for IoT security. He's already thought of a lot of things that you will not have—until it’s too late.

For example, let's suppose you followed the crowd and used a popular IoT standard. It only takes a quick Google search to find the most popular one. Did you know that most IoT standards are built around open-source code? asked Asplundh. Yes, the newly hired developer you contracted can apply it, but its code packets will also be familiar to a hacker as they are broadcast through “clear space.” CERTI, in contrast, transmits only encrypted strings. Any hacker who intercepts encrypted code gets a “bag of digital sand.” Good luck with that, hackers.

If you are not sold on how important security is after hearing about dog collars, Asplundh offers some far more serious examples.

Can I Have Your (IP) Address?

Figure 3. Johnson and & Johnson issued a warning earlier this month that this insulin pump, which transmits using unencrypted RF communication, could be hacked. Picture from(Image courtesy of Animas websiteCorporation.)
Figure 3. Johnson & Johnson issued a warning earlier this month that this insulin pump, which transmits using unencrypted RF communication, could be hacked. (Image courtesy of Animas Corporation.)

“How many of you have a Johnson & Johnson insulin pump?” asked Asplundh. “Can I have that IP address?” There were no takers.


Figure 4. In the fictional TV series Homeland, the vice president of the U.S. is killed by hackers accessing his pacemaker. From Haros on Vimeo.

In another example, albeit from the Emmy Award-winning TV show Homeland, the vice-president of the U.S. is assassinated by a pacemaker hack. Real life offers more similar examples.

As one such example, Asplundh points out Stuxnet, the worm purported to be released by the U.S. and Israel (though neither has officially admitted it). The virus spun Iran's centrifuges out of control, dashing the country’s enriched uranium and its hopes of a nuclear weapons program to the ground.

“So if you are not a security expert, I think you better get one,” said panel moderator Bruce Sinclair. And this applies to more than security.

“Half of being smart is knowing what you are dumb about,” Tom O’Neill, CEO of The Nerdery , quoting Solomon Short , a character in David Gerrold’s sci-fi series “War Against the Chtorr.

Sinclair agrees. He refers to all the stuff that makes IoT happen as “plumbing,” inferring that it’s best left to plumbers, so that you, the design engineers, can focus on how it’s supposed to work, it’s features, controlling the plumbers.... What will be hidden—the specialized stuff, the plumbing—is necessary, but there are many plumbers. There are “300 of them just in this conference,” Sinclair pointed out.

Garages Full of Inventors

One of the problems with IoT is that entry into it is almost too cheap and easy, said one panelist. An engineer can easily enough cobble together a working version of an IoT dog collar. It may not be pretty, but it would work. All the parts are cheap and easily attainable. A little open-source code, an Arduino processor, and before you know it, Rex’s barks are lighting up your iPhone. 

Sure, you can measure your dog. But a hundred dogs? A million dogs? Can this device go into the marketplace to be sold to dog owners? Can it scale?

Standards: Not Enough or Too Many?

The panel was not so quick to agree on a standard for IoT. Each industry will need a separate standard, said one panelist. A medical device will have much tougher standards than, say, a harmless consumer device. Grant Asplundh likens this to the thicket of competing protocols that grew around the early days of cell phones, when Nokia, Blackberry, Motorola and many other devices were rising to the heights of their success. These days, that forest has been clear cut. Left standing are Apple, Google’s Android—and off in the distance, still hanging on, Microsoft.

Recommended For You