Previously in our series on the Internet of Things (IoT), we provided an overview of terms and concepts and reviewed various devices and components. In this final article of the series, we’ll conclude with a look at some of the challenges relating to the rapid growth and proliferation of IoT.
IoT Interoperability Challenges
Because IoT deployments often call upon multiple types of devices from different vendors, interoperability continues to be a challenge. The dream of establishing a universal standard for IoT will likely never be achieved even within the smart home alone. Nevertheless, standards efforts such as the AllSeen Alliance and other groups have eased device mismatches. Wireless protocols and APIs such as MQTT and REST have helped standardize communications and low-level messaging, and, on the high end, the dominance of Linux and related technologies have also helped standardization.
Much of the interoperability improvements have come from increasing product maturity. If you are starting fresh with the latest smart hubs, locks, lights, and HVAC systems, many of the interoperability bugs have been removed.
Typically, smart home customers choose between three options: a proprietary product line from a single vendor; a broader, but still proprietary ecosystem; or an à la carte approach built around an open source automation software framework. Fully proprietary systems, in which the smart hub and all the endpoint devices come from a single company, often provide the easiest interoperability but limit flexibility in terms of customization and device selection. If the company fails to keep the devices up to date or is bought by another firm or goes out of business, your investment may be wasted.
Most smart home consumers instead opt for a broader ecosystem such as Google Home with the Google Assistant voice agent, Amazon Echo with Alexa, or Apple Home with Siri. Due to the popularity of these platforms, the market clout of the companies, and the popularity of their top-of-the-line voice systems, third-party device vendors usually try hard to stay compatible to maintain certification.
Although ecosystems are usually more hackable than fully proprietary systems, you are still locked into a mostly proprietary hub sold by a single company. You may also be sacrificing privacy and security as your personal information is funnelled up into the cloud, in many cases to be sold.
Open source platforms such as OpenHAB or Home Assistant provide the most flexibility and opportunities for customization. Because they typically lack a cloud component, encouraging you to create your own private cloud that you can share with others, you can better ensure privacy and security—assuming you select the right hardware products and set them up properly.
Because these platforms are based almost entirely on open standards, rather than partially in the case of proprietary product lines and ecosystems, they also ensure you won’t suffer from vendor lock-in. Like ecosystem frameworks such as Google Home and Amazon Echo, open source smart home software supports a wide variety of compatible smart devices and when possible showcase open source solutions.
The drawback is that DIY open source networks are often more difficult to set up and administer. However, if you get stuck, you can probably find a techie who is familiar with the open source software to help out.
Beyond the smart home in the larger IoT world of building automation, industrial sensor networks, smart supply chain, and smart cities, interoperability challenges are more complex. We will perhaps return to this larger topic at a later date.
As noted, some cloud-based smart home platforms expose and sell user data. Even if many consumers are happy with this arrangement, they would probably prefer to get a cut of the profits. Such privacy invasions can also result in security risks if the data ends up in the wrong hands.
More direct privacy issues are found with smart home devices equipped with cameras for surveillance or microphones for voice assistance. Even if you trust your platform provider not to harvest this data, devices that are not properly secured could be used by hackers for spying and blackmail.
In public spaces, privacy is being eroded by IoT-enabled video surveillance combined with face recognition algorithms. These problems are particularly acute in countries with limited civil liberties.
Malware attacks and hostile takeovers of devices via denial-of-service are growing concerns with IoT due to the sheer number of devices. A ZDNet report on IoT security last year cited Cisco data projecting there will be 75 billion Internet connected IoT devices online by 2025. Meanwhile, the potential for attacks on critical, IoT-enabled infrastructure such as power, communications, and water infrastructure is particularly frightening.
A huge industry has grown up to provide a wide range of IoT security solutions, but many offerings require expensive subscription services that many device manufacturers and corporate customers are unwilling to pay for, let alone home automation customers. There is a mind-boggling array of security solutions for IoT operating on many different levels, from the Linux kernel to bootware security to cyberhardening of firmware and higher level embedded software. Communications are increasingly protected via encryption.
For smart home consumers, the easiest path to improving security is to ensure you have a new router and smart home hub with automated, over-the-air (OTA) security updates to inform the device of the latest threats and possibly mitigate them. Ideally, your major endpoint devices should have similar security protections, especially critical devices such as home security systems.
The UK government recently issued a set of proposals petitioning smart home device vendors to promise regular security updates. Vendors must also clearly state how long they will offer updates and make it easy for customers to report vulnerabilities. They also require the user enter unique, suitably complex passwords. Easily remembered passwords are still the biggest vulnerability in IoT and tech in general.
Beyond these simple steps for keeping malware at bay, there are low-cost or free security packages for the smart home such as Minim’s open source Minim Labs Unum, which runs on Raspberry Pi OS (formerly Raspbian) and OpenWrt Linux devices. Unum provides security features including device fingerprinting, security scans, AI-powered recommendations, router management, and analytics.
More comprehensive solutions for Linux smart home and industrial IoT devices include Timesys’ Vigiles, which provides security monitoring and management with CVE tracking, available as free software or as a subscription service. One higher-end solution for industrial IoT is VDOO’s ERA (Embedded Runtime Agent), which focuses on detecting and blocking security threats including zero-day vulnerabilities, man-in-the-middle attacks, and bricking and reverse-engineering schemes.
The small, but growing trend toward deploying containers on embedded devices should improve security, although these are not likely to spread quickly to the smart home. With container solutions, multiple applications with various security levels and even operating systems can coexist in secure, sandboxed containers, which are automatically updated from the cloud with security patches. One related solution is Canonical’s Ubuntu Core, a stripped down, container-like version of Ubuntu that provides automated updates and transaction rollbacks for restoring the software in case of an attack.
Finally, IoT poses an often-overlooked problem associated with all technology: power consumption. Although the deployment of smart meters and sensors should result in IoT saving more power than it consumes due to resulting improvements in efficiency, the sheer number of IoT nodes and gateways that are envisioned is daunting. IoT devices typically consume a lot less power than a PC or smartphone, but the numbers add up.
Power is also consumed and greenhouse gas emissions released in manufacturing, packaging, and shipping the devices. The cloud computers and computer networks that are often backing up the IoT devices add to the burden. Meanwhile, IoT suffers from the same lack of recyclability and pollution hazards as other tech devices.
The Internet of Things will push forward despite all these challenges, none of which are likely to be fully resolved. The lure of convenience in the home and competitive edge in industry along with growing demands toward energy and operations efficiency make IoT a trend that is here to stay.