The thing that’s bringing IoT solutions into the mainstream – off the private SCADA (system control) networks and onto the internet – is the revolution that has, and still is, occurring around cost. It’s probably a little bit more nuanced than that – there are certainly a few other factors – but ultimately it’s that everything has become cheaper, and therefore more scenarios have become financially tenable.
The cost of hardware is plummeting; we spent the last decade with Moore’s Law (Intel’s founder Gordon Moore) delivering faster and faster machines onto our desks and into our pants pockets. While 640kb wasn’t really enough for anyone, we’re well and truly into the law of diminishing returns in terms of adding more power to our personal computing devices.
The really exciting impact at the moment is at the small end; rather than twice as many transistors for the same price, we’re now enjoying the same number of transistors for half the price. Cheaper and cheaper silicon is delivering us very sophisticated equipment with radio stacks and complex microprocessors, for literally a few dollars. That opens up some huge possibilities. If you want to blow your mind go and take a look at Alibaba.com.
The same downward march for hardware has helped to drive the abundance of connectivity; wi-fi, Bluetooth or cellular and a whole host of short-range spectrum efficient protocols.
What’s not getting cheaper?
All chocolate and roses then? Not quite. When you think about it, for example with a massive scale remote sensing project, what’s getting cheaper? The hardware is getting cheaper. The connectivity is getting cheaper. With cloud computing the software, storage and processing driving the solution are getting cheaper. The thing that’s not getting cheaper is the cost of people’s time. I travelled through Auckland Airport last week and past an engineer with a USB keyboard plugged into a SmartGate. At 7pm on a Sunday evening, that’s not an economic model that scales. The place where we need a cost revolution is in enabling the cost effective deployment and management of these solutions.
If we think about where the revolution is going to be in software platforms, and in particular, in the synthesis of software and hardware, it's in delivering the software and hardware platforms that lower the total lifetime cost of a deployment. Sending someone to install, maintain or remove a $15 device will make a huge difference at scale. We need hardware devices that can ship to site straight from the factory; that will auto-provision, given just a network connection. They also don’t need minding, feeding, watering or visiting and, looking over the horizon, they need to be the ones that will bio-degrade once we’re done with them.
This is one of the biggest things we’re thinking about with our clients – how do we create solutions that are efficient to deploy and efficient to manage, that are ‘fail-safe’. If you “brick” one device it’s a $200-service call – do that at scale and you’re broke.
At the end of the day, it doesn’t mean a thing if you’ve got these really cool $15 devices if it costs you $150 worth of time plus travel to go and get the thing deployed. And then if something goes wrong and it costs you another $150 to go and replace it. So one of the most important things to be thinking about when you’re building an IoT solution is making sure that deployment and manageability is front of mind.
If I wanted to scare people silly and send them back to the palaeolithic age to eat raw hydroponic vegetables and linseed oil thickshakes, then IoT security is a great place to start.
With these devices, we’re no longer talking about isolated networks. We're proposing to plug them into the internet. They’re not something that we’ve got under our personal control, like passwords tucked away in our heads. They sit there, in the wild, often protected by nothing but an industrial Tupperware container just waiting for the curious, or nefarious, to pop the lid and take a look.
A big problem
The IoT is not virtual. Your home thermostat: not virtual. Refrigerator keeping those veges safe and cool: not virtual. We don’t drive virtual cars nor fly in virtual jet planes. If someone hacks your emails or your Facebook account then the worst case is probably an explosive best-selling book. If someone compromises the security on the thermostat that controls the gas into your house, there is the potential for a slightly larger problem.
The challenge with IOT security is that firstly, the consequence of even compromising a single device could be catastrophic. Secondly, by definition, these are unattended devices. We end up relying very heavily on physical security, which is not entirely realistic. Any time I see a kiosk or a vending machine or some other device that I know is an IoT-type device, I'm just itching to work it out – what is it running on the inside? How is it storing its data? I often counsel CEOs and CIOs about the business risk of a laptop left in a taxi cab; the IoT will put a connected device in every taxi cab in the country.
How do we solve this security issue for IoT? To make it happen we’ve got to secure the whole platform. From silicon to cloud. Those security mechanisms that have the global intelligence community in a spin, that protect devices and data from physical compromise and keep even the OEM out, they’re what we’ll be using to secure the IoT.
The operating system remains a key link in that secure IoT chain. Linux-based devices such as the Raspberry Pi make a great IoT platform but they have limited support for Trusted Platform Modules and the key protection and hardware integrity attestation capabilities that they provide. Windows still rules the roost in this space delivering the most mature ‘secure boot’ capability among the mainstream operating systems. By delivering the core Windows kernel in an IoT-focused operating system, Microsoft has provided the mechanism to deliver a secure IoT platform.
In terms of harnessing the IoT ‘revolution’ we’re working on some interesting projects today. We’ve been working with Australasian companies building smart connected health care devices. We’ve got exciting new interactive signage under development with a major North American retailer. We’re delivering on the future of SCADA using the IoT for remote sensing and control. It’s an exciting place to be, and the possibilities are infinite, although cost and security factors do need to be kept front of mind.