Article 1

Riding and Surviving the IoT Rodeo: Helping Users Stay in Control

David Rogers

There is little doubt that more devices are becoming smart. Major electronics retailers are marketing the smart home to consumers, with items on sale from connected door locks, through to baby monitoring systems and plant growth monitoring solutions. Product vendors and retailers are actively encouraging users to open up their homes to the internet.

 


Article 2

Discovering Potential Communities of Practice with Social Intention in an IoT-based Smart Home Environment

Dongman Lee

With the proliferation of IoT, multiple smart homes equipped with IoTs can interconnect with each other and form a community which we will call a smart home community. With the aid of a smart home community, we can discover potential social proximity among users and generate communities of practice that increase the quality of life for community members. In this article, we introduce the current state-of-the-art and identify some remaining research issues.

 


Article 3

Social Internet of Things:
Turning Smart Objects into Social Objects to Boost the IoT

Luigi Atzori, Antonio Iera and Giacomo Morabito

There is scientific evidence that a large number of individuals tied in a social network can provide far more accurate answers to complex problems than a single individual (or a small group of – even knowledgeable – individuals) [1]. This principle has been widely exploited in different internet-related domains, and has been investigated in recent years for the implementation of IoT systems [2], which are expected to integrate a large number of technologies and connect tens of billions of objects in the short term.

 


Article 4

The Intersection of Analytics and the Internet of Things

Aapo Markkanen and Dan Shey

The business case behind most Internet of Things (IoT) deployments relies on collecting data and gaining actionable insight from them through the right types of analytic tools. Mere connectivity already allows valuable enhancements such as remote service, but ultimately the value in IoT can be found in the ability to expose detailed and comprehensive (yes, even "big") data from assets and processes that have traditionally been more or less opaque to accurate analysis.

 

 

This Month's Contributors

David Rogers is a mobile phone security expert who runs Copper Horse Solutions Ltd, a software and security company based in Windsor, UK.
Read More >>

Dongman Lee is a professor in the Department of Computing Science at Korea Advanced Institute of Science and Technology (KAIST) and the Dean of the Graduate School of Culture Technology.
Read More >>

Luigi Atzori is a researcher at the University of Cagliari (Italy).
Read More >>

Antonio Iera is Professor of Telecommunications and Director of the Laboratory for Advanced Research into Telecommunication Systems (www.arts.unirc.it) at the University of Reggio Calabria, Italy.
Read More >>

Giacomo Morabito received the "laurea" degree and the PhD in Electrical, Computer and Telecommunications Engineering from the University of Catania in 1996 and 2000, respectively.
Read More >>

Principal analyst Aapo Markkanen leads ABI Research's Internet of Everything Research Service, contributing to various research activities related to Internet of Things, M2M, and big data.
Read More >>

Practice director Dan Shey manages ABI Research's M2M/IoT and enterprise mobility research services covering the telecom and IT ecosystems with a focus on devices, applications, convergence, and strategic analysis of the industry's value chain.
Read More >>

 

Contributions Welcomed
Click Here for Author's Guidelines >>

 

Would you like more information? Have any questions? Please contact:

Raffaele Giaffreda, Editor-in-Chief
raffaele.giaffreda@create-net.org

Stuart Sharrock, Managing Editor
stuartsharrock@ieee.org

 

About the IoT eNewsletter

The IEEE Internet of Things (IoT) eNewsletter is a bi-monthly online publication that features practical and timely technical information and forward-looking commentary on IoT developments and deployments around the world. Designed to bring clarity to global IoT-related activities and developments and foster greater understanding and collaboration between diverse stakeholders, the IEEE IoT eNewsletter provides a broad view by bringing together diverse experts, thought leaders, and decision-makers to exchange information and discuss IoT-related issues.

The Intersection of Analytics and the Internet of Things

Aapo Markkanen and Dan Shey
November 11, 2014

 

The business case behind most Internet of Things (IoT) deployments relies on collecting data and gaining actionable insight from them through the right types of analytic tools. Mere connectivity already allows valuable enhancements such as remote service, but ultimately the value in IoT can be found in the ability to expose detailed and comprehensive (yes, even "big") data from assets and processes that have traditionally been more or less opaque to accurate analysis.

By taking advantage of this crossover – which we refer to as IoT analytics – the connected organizations can build their operations on hard evidence and statistical probabilities instead of soft opinions and gut feeling. Or that is the goal at least. It should also be borne in mind that a data-driven organization can be driving in a very wrong direction if the insights that it has gained are incomplete or outright misguided. It is a cliché to remind that correlation does not necessarily imply causation, but in such a perfect storm of buzzwords it is still a point worth making.

Now that we are done with that disclaimer, let us take a look at what this intersection is actually made of, starting from the value chain that enables the whole concept. ABI Research segments the analytics market into five different components, which are listed and described in the following.

Data Integration: Aggregation and integration of the collected data streams in a manner that makes them suitable for analysis. This tends to be more critical in IoT-driven fields than in those that are digital by design, as end-users normally must deal with more diverse and disparate data sources before meaningful analysis is viable.

Data Storage: Implementation and management of the data store holding the data sets that have been integrated for the analytics process. In IoT, the key issue to address in this context is how to store time-series sensor data, which can increase dramatically in volume compared to e.g., transactional data readings.

Core Analytics: Processing of the data by an analytics engine and the subsequent delivery of insights – covering all of the so-called three phases of data analytics: descriptive, predictive, and prescriptive. In the case of IoT, the evolution from the descriptive phase to the predictive one is currently three years or so behind what is being seen in the "digital-first" industries.

Data Presentation: Further presentation of the delivered analytical insights to the end-user in the form of reports, visualizations, or dashboard mash-ups. In IoT analytics, the geography of data is a particularly important presentation element, given that the location of physical Things matters more to analysis than, say, the location of an ecommerce transaction.

Encompassing all of the four technology components is the fifth segment of the value chain: Professional Services. This segment refers to the services provided by various types of external consultants, either on a one-off or ongoing basis, to facilitate the process.

And what does this value chain actually enable in practice? Based on the conversations that we have had with organizations that have been early movers in this space, the main use cases – roughly speaking – can be generalized under five distinct categories.

Predictive Maintenance: Predictive maintenance refers to a method in which equipment or infrastructure is maintained when an analysis of its operational (e.g., sound, speed, vibration) metrics indicate that a breakdown is likely to occur. The condition-based method can be complemented by circumstantial data (e.g., ambient temperature, employee absences, product recalls) to make the analysis more accurate. Considering that maintenance is a characteristically labor-intensive activity, optimizing it in this manner can bring substantial cost savings.

Product and Service Development: As an analytics use case, product/service development aims at assessing the connected product's quality and behavior, and then flagging up areas of improvement based on the assessment. For instance, a tractor manufacturer could study the real-life usage of its latest model to not only conduct predictive maintenance, but base the following iterations' modifications on the analysis of how the customers tend to operate the machines.

Usage Behavior Tracking: Usage behavior tracking (or usage incentivization) refers to cases in which usage or consumption of a product or service are tracked and analyzed by taking advantage of IoT connectivity and subsequent analysis of the collected data. Analysis of, say, electricity consumption within a smart grid could be used to reveal high-usage customers, and then mitigate their consumption through targeted efficiency programs. Also car insurance providers and other companies applying usage-based pricing to their offerings are usually counted under this category.

Operational Analysis: In operational analysis, the organization employing IoT analytics applies the data assets to monitor and optimize its internal operations. Notably, many of the applications in the transport and logistics segment can be best characterized as a form of operational analysis. For instance, a logistics group can analyze its delivery fleet to optimize routes and provide more accurate estimates on delivery times. Similarly, a retailer running connected vending machines can spot the bottlenecks and quiet zones within its network, and thereby optimize the machine sites.

Contextual Awareness: In this use case, a connected object collects data from the surrounding dynamic environment and adjusts its operation accordingly. The gained contextual awareness can be then used to similarly "smarten up" other objects within the same network. Concepts related to assisted or autonomous driving and various forms of advanced robotics are a prime example of IoT plays that rely on contextual awareness. Similarly, a connected thermostat can adjust its timer settings in response to the home owner leaving from work earlier than usual, or in preparation for a forecasted arrival of colder-than-expected weather.

In essence, what all these use cases have in common is that they are, in different ways, making the physical world more digital and thus more transparent for decision making. More transparent premises for decision making, in turn, allow more informed decisions. This is particularly transformative because changes in, and interactions with, the physical world are by definition much more far-reaching and irrevocable than the ones that take place exclusively in the digital domain. At the end of the day, that fact is also what makes the said intersection so intriguing. It represents a promise of less wasteful and more sustainable decisions, in very many parts of business and society.

 


 

Aapo MarkkanenPrincipal analyst Aapo Markkanen leads ABI Research's Internet of Everything Research Service, contributing to various research activities related to Internet of Things, M2M, and big data. In his research, he explores areas such as predictive analytics, product lifecycle, quantified self, contextual awareness, cloud platforms, and IoT developers. Before joining ABI Research, Aapo worked as an analyst at IHS, where he was responsible for providing market intelligence and strategic analysis on the European telecoms sector and its leading players. He holds BSc and MSc degrees in management studies from the University of Tampere, Finland.

 

Dan SheyPractice director Dan Shey manages ABI Research's M2M/IoT and enterprise mobility research services covering the telecom and IT ecosystems with a focus on devices, applications, convergence, and strategic analysis of the industry's value chain. Prior to joining ABI Research, Dan worked as an independent technology business consultant. Earlier still, he worked in product management, product development and marketing at Qwest Wireless. Dan holds a BS in Physics from Loras College and an MS in Metallurgy from Iowa State University. In 2000, he received his MBA from the University of Michigan where he is also a Fellow of the school's Tauber Manufacturing Institute.

 

 

Social Internet of Things:
Turning Smart Objects into Social Objects to Boost the IoT

Luigi Atzori, Antonio Iera and Giacomo Morabito
November 11, 2014

 

There is scientific evidence that a large number of individuals tied in a social network can provide far more accurate answers to complex problems than a single individual (or a small group of – even knowledgeable – individuals) [1]. This principle has been widely exploited in different internet-related domains, and has been investigated in recent years for the implementation of IoT systems [2], which are expected to integrate a large number of technologies and connect tens of billions of objects in the short term.

According to [3], the Social Internet of Things (SIoT) is defined as an IoT where things are capable of establishing social relationships with other objects, autonomously with respect to humans. In this way, a social network of objects is created. The adoption of the SIoT paradigm presents several advantages:

- the resulting structure of the things' social network can be shaped as required to guarantee network navigability, so as to effectively perform the discovery of objects and services and to guarantee scalability as in human social networks;

- a level of trustworthiness can be established for leveraging the degree of interaction among things that are friends;

- models designed to study social networks can be reused to address IoT related issues (intrinsically related to extensive networks of interconnected objects).

Objects' social relationships

There is no doubt that many applications and services should in the future be associated with groups of objects, whose individuality will be 'sacrificed' to the overall interest of providing services to users; this is the case, for example, of applications involving the use of swarm intelligence and swarm robotics. It is equally true that several applications will either involve 'au pair' interactions among objects, wherein each object will be the bearer of its specific service to the community, or asymmetric interactions (as, for example, in services based on Bluetooth, Zigbee, 6LoWPAN networks of sensors/actuators or RFID identification systems). In a further category of services, objects condition their friendship's relationship to the achievement of mutual benefits (this is the case, for example, of cooperative services designed to reduce the energy consumption of wireless devices). Those described are sample scenarios where interactions among objects assume the shape of social interactions that mimic the four "elementary relational models" observed in human behaviour [4].

To implement the depicted scenarios, objects should start establishing social relationships on the basis of the object profile, activities (such as movements), and interests (applications deployed on the object and services it implements). These relationships can also be categorized according to the events that trigger their establishment, as depicted in Figure 1: a 'co-location' relationship may be established among objects (either homogeneous or heterogeneous) used always in the same place; a 'co-work' relationship may be established whenever objects collaborate to provide a common IoT application (as in case of objects that come in touch and cooperate for applications such as emergency response, telemedicine, etc.); a 'parental' relationship may be related to objects belonging to the same production batch (same model, same construction period, and same manufacturer); a 'social' relationship may be created when objects come into contact, sporadically or continuously, because their owners come in touch with each other during their lives; a 'co-ownership' relationship may be established among heterogeneous objects which belong to the same user.

Figure 1

Figure 1: The five types of social relationships among objects

Other types of relationship may be envisaged, but what counts most is the potential of such a disruptive paradigm for building, based on this new 'species of social objects', applications for the service of humans, unattainable by 'non-social' IoT solutions. An element of greater effectiveness in applications is that social objects are able to offer services to their owners by autonomously cooperating with objects which they have previously established relationships with, regardless of whether there are social ties between the owners of such objects or not.

Applications in the era of social objects

Social objects are expected to take a central role in the deployment of applications that rely on opportunistic and loosely coupled interactions among objects and whose value is in their capability of dynamically discovering key information and services from unknown communities of objects. Social behaviour is however of no interest (or even to be avoided at all) for those scenarios where security is the primary concern and where the application value is in the secure access of data from/to objects through authenticated and well-established connections.

Let us consider an example of an application scenario in the social object era.

Alice has just arrived in Beijing for the first time without having planned the journey in advance so that finding the right way to get to her hotel is not easy. Alice starts her SocialMobility application to find the best options currently available. On arrival at the airport, her smartphone had already established a new social relationship with the touristic totem, through which it could reach the bus station information terminals and the taxi control units. The SocialMobility forwards queries following co-location and social relationships to collect information about available transport services, relevant prices, and expected time schedules from various objects directly or indirectly connected to Alice's device. Queries and response are handled hop-by-hop in the social object network and finally processed at Alice's smartphone. She takes a look at the results which are already ordered on the basis of her preferences and selects her preferred solution, i.e, the bus service. SocialMobility then issues a request to buy a ticket and the bus terminal (or another friend object) redirects the application to the mobile ticketing service so that Alice receives the ticket on her smartphone.

To make such applications a reality, each object should be equipped with social functionalities to discover other social objects in the surroundings and establish social relationships; and to search for services and information of interest by crawling the object social network. For the latter task it is important to highlight that effective semantic engines are needed to be able to express queries in a number of domains. Both tasks should however be performed with appropriate tools for managing the trustworthiness of the other social objects which may behave maliciously.

Trustworthiness in the SIoT

In the SocialMobility scenario, the social behaviour of a touristic totem could be altered by malware so that it behaves maliciously. The intent could be, for instance, to make the totem forward the queries only to those 'friends' that want to get benefit from increasing the number of customers. It is evident that the openness of the social behaviour introduces many weaknesses from the security point of view that have to be addressed appropriately before deploying relevant applications.

However, the evaluation of the object's trustworthiness can take advantage of the social network itself. For this purpose, models derived from either social network or P2P technologies can be proposed [5]. In a subjective model, closer to a social networking viewpoint, each node computes the trustworthiness of its friends on the basis of its own experience and on the opinion of the friends in common with the potential service provider. In an objective model, derived from P2P scenarios, the information about each node is distributed and stored making use of a DHT (Distributed Hash Table) structure so that any node can make use of the same information. With the former model each node has a different view of the trustworthiness level for each other member of the network, whereas with the latter model the same view is achieved by any node in the network.

SIoT implementation

An implementation of the SIoT platform, which includes the main features described, is available at http://www.social-iot.org. It is based on the ThingSpeak project with the addition of social features. Figure 2a illustrates the registration form of an object (referred to as channel), in which it is possible to select the kinds of relationship this object is authorized to establish. Figure 2b shows how a certain number of friendships have been created for an object without the intervention of its owner.

The SIoT server makes available APIs for the development of applications on top of the SIoT. These are mostly related to the functionalities of Updating a Channel, Retrieving Channel Feeds, Retrieving Friends List, and Retrieving Group Members Lists. Not only is the server available for the development of application, but the server code is also freely available as open source and can be used for further SIoT developments.

Figure 2a
(a)
Figure 2b
(b)

Figure 2: Screenshots of SIoT server user interfaces:
(a) creation of a new object (channel) account; (b) summary of the object account

 

References

[1] J. Surowiecki, The Wisdom of Crowds, Doubleday, 2004

[2] L Atzori, A Iera, G Morabito, "From "smart objects" to "social objects": The next evolutionary step of the internet of things", Communications Magazine, IEEE 52 (1), 97-105, 2014

[3] L Atzori, A Iera, G Morabito, M Nitti, "The social internet of things (siot)–when social networks meet the internet of things: Concept, architecture and network characterization", Computer Networks 56 (16), 3594-3608, 2012

[4] A. P. Fiske, "The four elementary forms of sociality: framework for a unified theory of social relations", Psychological Review, vol. 99, 1992

[5] M Nitti, R Girau, L Atzori, "Trustworthiness Management in the Social Internet of Things", IEEE Transactions on Knowledge and Data Engineering 26 (5), 2014

 


 

Luigi AtzoriLuigi Atzori is a researcher at the University of Cagliari (Italy). His interests are in multimedia communications, with special emphasis on quality of experience management, and Internet of Things, with focus on architecture definition, application deployment strategies and trustworthiness evaluation. Recently, he has been involved in projects related to multimedia quality of experience and architecture definition for adaptive networked embedded systems. He has published more than 140 journal articles and peer-reviewed conference papers. He is a senior member of IEEE.
Contact him at: l.atzori@diee.unica.it

 

Antonio IeraAntonio Iera is Professor of Telecommunications and Director of the Laboratory for Advanced Research into Telecommunication Systems (www.arts.unirc.it) at the University of Reggio Calabria, Italy. He also holds the position of scientific coordinator of the local Research Unit of the Italian National Inter-University Consortium for Telecommunications (CNIT). His research interests include next-generation mobile and wireless networks, RFID systems, and Internet of Things. He is a senior member of IEEE.
Contact him at: antonio.iera@unirc.it

 

Giacomo MorabitoGiacomo Morabito received the "laurea" degree and the PhD in Electrical, Computer and Telecommunications Engineering from the University of Catania in 1996 and 2000, respectively. From November 1999 to April 2001, he was with the Georgia Institute of Technology as a Research Engineer. Since April 2001 he is with the DIEEI of the University of Catania where he is currently Associate Professor. His research interests focus on analysis and solutions for wireless networks and Internet of Things.
Contact him at: giacomo.morabito@dieei.unict.it

 

 

Discovering Potential Communities of Practice with Social Intention in an IoT-based Smart Home Environment

Dongman Lee
November 11, 2014

 

With the proliferation of IoT, multiple smart homes equipped with IoTs can interconnect with each other and form a community which we will call a smart home community. With the aid of a smart home community, we can discover potential social proximity among users and generate communities of practice that increase the quality of life for community members. In this article, we introduce the current state-of-the-art and identify some remaining research issues.

The proliferation of IT devices allows users to achieve far more complicated tasks than ever before by following the deep knowledge work approach introduced by P. F. Drucker in 2003. Users can come together to learn and share information and form a "Community of Practice" for improving their productivity. In particular, there is an emerging need for communities of practice to improve the quality of life by communal sharing of tasks such as child care and cleaning the environment of apartments as a large portion of urban dwellers live in high-rise downtown housing. Helping users to form a variety of communities of practice for enhancing the quality of life is one of the important challenges in smart home research.

Traditional smart home solutions help users to find various service opportunities based on occupant intelligence by providing flexible and adaptive task environments and control capability. Furthermore, the proliferation of IoT makes it possible to interconnect multiple smart homes over the internet. In such environments, it is possible to provide services for multiple families by forming a community of practice according to their intentions, which we call Smart Home Community. For example, Smart Community Architecture connects multiple smart homes by interconnecting home gateways for providing various community services such as neighborhood watch, pervasive healthcare, etc. (Li et al., IEEE Communications Magazine, November 2011). According to this trend, a new challenge is how to discover and form appropriate communities of practice for users and provide services for them using, especially, IoTs available nearby.

In traditional living environments, people can get such community support by forming an intentional community which is a group of people who have chosen to live together with a common purpose, working cooperatively to create a lifestyle that reflects their shared core values. For example, cohousing, which is an example of an intentional community, delivers economic benefit to the users by sharing living environments. Although the advantages of intentional communities are clear, in practice it can be difficult to populate intentional communities. For example, community members should live close to each other to make collaboration easy and that makes it hard to form a different community for temporal user needs. However, with the aid of smart home communities emerging from the population of IoTs, we no longer need to be concerned about physical proximity constraints. We could form a variety of smart home communities whenever any particular smart home community is required. For example, we could reduce the baby care overhead by activating social collaborations among neighbors who have common baby care problems. Smart home community-based services could allow collective child care among neighbors. They could then resolve unexpected problems such as helping neighbors to collect their children when they have an emergency task at work or giving appropriate advice on the fever of neighbor's children.

The biggest difference between the traditional smart home and the smart home community environment is that the target of a service is a community whose members stay in physically separated environments. Thus, we need to discover suitable community members who share common interests in baby care at separate smart homes and provide knowledge sharing, emergency, and baby care labor-sharing services for babies of the discovered community members using IoTs. For discovering the baby care smart home community, we need to infer users' intentions on baby care from real-time IoT data (i.e., a wearable sensor data for a baby, an indoor camera, and cooking info from a microwave), babies' life logs from multiple smart homes, and personal web data (e.g., Facebook, Twitter, etc.); discover potential communities for users based on their intentions and the situation of their babies; and ask members of each potential community to take care of their children. For example, Sam has emergency tasks from his boss and cannot collect his son from school so he asks appropriate neighbor Emma to help. It is impractical to assume every community member knows how to contact Emma and direct her to the child. Therefore, the smart home community should be supported by video conferencing services for connecting all community members to let Emma find the child and navigate to Sam's home. For child care (i.e., feeding) Emma should be allowed to access some of the appliances in Sam's home and use those appliances without prior experience of them. Since it is impractical to assume that every smart room has the same set of services with the same interface, the smart home community should support Emma by identifying communication problems and solving them with an appropriate adaptation.

In addition, we need to consider users' willingness to collaborate with each other, privacy, and trust issues for realizing smart home communities. Since a smart home community is activated by user's acceptance, no community can be activated when there is no willingness of users to collaborate. For example, if the smart home community is built upon a give-and-take relationship, the giver may not be interested in the activation of the community. Thus, we need to consider appropriate incentive mechanism(s) to encourage users' participation in the smart home community. The privacy issue is also a critical obstacle to the formation of a smart home community. Since collecting user experiences is important to infer user intentions and form an appropriate community, it is necessary to anonymize the user experiences before collecting them without losing important information. Also, since the community service encourages users to interact with each other, the trustworthiness of each member in the community should be guaranteed to ensure the safety of interactions.

 


 

Dongman LeeDongman Lee is a professor in the Department of Computing Science at Korea Advanced Institute of Science and Technology (KAIST) and the Dean of the Graduate School of Culture Technology. Previously, he worked on ubiquitous computing middleware for service continuity across multiple smart home and urban environments. In 2011, he started research on IoT-based cyber-physical service composition and adaptation and elaborated the idea for IoT-based smart home communities.

 

 

Riding and Surviving the IoT Rodeo: Helping Users Stay in Control

David Rogers
November 11, 2014

 

There is little doubt that more devices are becoming smart. Major electronics retailers are marketing the smart home to consumers, with items on sale from connected door locks, through to baby monitoring systems and plant growth monitoring solutions. Product vendors and retailers are actively encouraging users to open up their homes to the internet.

Users buying home IoT equipment now are pitting themselves as helpless victims in a rodeo with a beast which could give them one hell of a ride. At some point they’re probably going to get thrown off and it might hurt a bit more than just their credit card being hit by fraudsters. The scary thing is – the real cowboys in this world are often the product vendors, who are quite willing to create and sell insecure products whilst just taking data from people.

Figure 1

Is that plant moving? IoT is even being extended to houseplants

At the Blackhat and DEF CON hacking conferences in Las Vegas in 2014 there was a huge amount of interest from the security research and hacking community in many different types of connected devices. Shodan, a tool for searching for devices open to the internet is regularly used to expose different business sectors for leaving sensitive things such as webcams and even medical equipment open to remote access. Hackers are now also moving into the automotive IoT space too, exploring what could be attacked in the connected car. The car industry has a lot to learn; only Tesla seem to be proactive in reaching out to the security research community and engaging them. One car manufacturer even threatened legal action against university researchers who uncovered security holes. The positive engagement approach is likely to be more successful for driver security.

Figure 2

Tesla at DEF CON 22 - they are the only car company proactively reaching out to security researchers. IoT vendors could learn from their lead

Some of the most popular home connected devices for parents are internet-enabled baby monitors. These can either be purpose-built or simply use a webcam. The problem with such solutions is that users either leave webcams open on the internet with default admin passwords and/or the webcam is not designed securely such that it can be brute-forced remotely. People buying the cheapest devices are often purchasing fake versions of real webcams, with even less security than the original. This has resulted in media stories of breaches, including people hearing voices talking to their babies through their webcams. It brings a stark realisation to parents about the risks of such technologies.

Product vendors, retailers and members of standards bodies often deliberately make decisions that put profits ahead of security. In hindsight, these organisations may state that they made risk-based decisions, but the reality is that there is likely to have been no risk or threat analysis at all. They’re not likely to have the in-house skills either – security engineering is difficult and costly and unfortunately security is not a mandatory component of all engineering degrees (it should be). Even in some standards and industry recommendations bodies, security is often an after-thought or not formally considered at all. In the end, it is the purchaser that gets hit the hardest, whether they are an end user or a business owner.

In the IoT space, there is often no concept of permission whatsoever, it’s all or nothing. With little to no user interface, some devices are completely ‘headless’ so it is also difficult for users to scrutinise in any way what might be happening or know when data is leaving the device.

The huge numbers of connected devices that are entering our homes means that it is no longer sufficient to rely on a home router provided by our ISPs. The security within routers is rudimentary and offers only limited, generic protection against a small set of threats. The administration interfaces are difficult to use, leaving most users with a standard, basic configuration. On top of this, software updates are either non-existent or difficult to install, leaving many devices vulnerable for years. Users need help, but it doesn’t seem like there’s any on the horizon.

Some solutions to help users stay in control

There are many things that can be done to help users, including the broader aspects of software updates and security usability. Here are some things that could help address key security design problems with IoT devices that affect users.

Micro-policy on IoT devices Even with very low-powered, low-memory devices, it is possible to create client-side policies that a user can control. Bounding of values – for example temperature limits can easily be set and prevent deliberate attacks aimed at sending equipment out of limits. Even access governance can be described in very little memory space. Designing APIs such that a user can return an explicit denial of access would help developers to degrade the user experience gracefully.

Just turn it off! Partly through design engineering mentality and partly through treating users with contempt, companies are not designing products that just allow the user to physically turn off features. There is a strong argument for a hardware switch to turn off network and location functions. The advantages are:

a) visible indication of the physical state of the IoT device, even with no user interface;
b) Local, hardware controlled security which cannot be overridden remotely.

This puts the balance of control firmly in favour of the user and that is how it should be, the user has purchased a physical thing and it belongs to them. Companies should not have free reign over a user’s surroundings or data.

Establishing the right to introspection If we are to see widespread adoption of IoT devices and user trust in such devices, users should be able to know exactly what data leaves a device and their own home.

Users are now frequently signing up to privacy agreements and end user licence agreements that are not in their best interests. Companies rely on two things:

1) That the agreements are too long to read and understand;
2) That there is no other choice – if the user declines the agreement, they can’t use the equipment.

This is not an acceptable situation.

Smart TVs are an example where users sign up to allow any-time access to the TV’s webcam and microphone, as well as for all their viewing habits to be taken and sold. The only protection the user has is some basic level of trust that a big brand would be damaged considerably if this data were abused, so the company is incentivised not to abuse it. This is misplaced trust.

Companies are finally waking up to the need to secure data in transit properly using SSL and TLS or IPSec encrypted pipes, however this is also an area of temptation – if the user cannot see what is in the pipe they can’t see what data is leaving their home. Establishing the ‘Right to Introspection’ as a fundamental principle of home IoT is, in the author’s view, a way to put the user firmly back in control. This principle in itself would serve as a deterrent to the temptation to grab ever more and to be intrusive. Data should be accessible for the data owner before it enters the pipe – in theory this is hard to do securely, but it doesn’t mean that it’s impossible.

Surviving the Rodeo

It is possible for users to take control and come out of the IoT rodeo ride intact, but they’re going to need a bit of help. Users not only need to defend themselves from remote hacking, they need to be able to put themselves in a position of control over commercial entities who are playing fast and loose with data that they don’t and shouldn’t own. It’s time for engineers to step up their game.

 


 

David RogersDavid Rogers (@drogersuk) is a mobile phone security expert who runs Copper Horse Solutions Ltd, a software and security company based in Windsor, UK. He also chairs the Device Security Steering Group at the GSM Association and teaches the Mobile Systems Security course at the University of Oxford. He has worked in the mobile industry for over 15 years in security and engineering roles. Prior to this he worked in the semiconductor industry.

David holds an MSc in Software Engineering from the University of Oxford and a HND in Mechatronics from the University of Teesside. He can be contacted at david.rogers@copperhorse.co.uk and blogs from http://blog.mobilephonesecurity.org