News
Architecture and Hardware

Building a Better IoT

Posted
Some of the things connected by the Internet of Things.
The Internet of Things promises to rewire and reinvent the way people live, work, and play.

In the coming years, the Internet of Things (IoT) promises to rewire and reinvent the way people live, work, and play. The vast network of physical objects and machines will usher in enormous disruption and change society. Yet somewhere between innovation and hype lies the real-world need to build a highly dependable, resilient, secure framework.

"[Building a better IoT] is the difference between order and chaos," says Sanjay Sarma, professor of mechanical engineering and Vice President for Open Learning at the Massachusetts Institute of Technology. Yet, managing myriad devices, machines, systems, sensors and more—amid a growing tangle of standards, protocols and approaches—is no simple feat.

To be sure, a few key questions arise: will devices and sensors consistently deliver accurate data? Will data integrity decay over time due to a lack of calibration or a bad battery? Can the data collected from machines be fully trusted, especially in a world where hackers break into systems and falsify data? Obviously, the impact on systems—including public infrastructure, transportation grids, and medicine—could be profound.

Making Connections Count

The path to progress may prove a bit windy. Business and IT consulting firm Gartner estimates that 20.8 billion "things" will be connected by 2020. However, this presents a problem. "There are too many standards and protocols, and too few controls and best practices for deploying IoT–and many conflict with one another," Sarma explains. As a result, the IoT, like the Internet before it, is maturing in a chaotic and sometimes problematic way. "There is an overall lack of security, maintainability, operability, and fault tolerance," he points out. 

Already, hacked baby monitors, webcams, vehicles, and security systems are the new normal. In 2016, a breach of the San Francisco Municipal Transportation Authority locked more than 2,000 computers and forced the agency to temporarily shut down its payment system, resulting in a loss of more than $1 million in revenues.

Yet, security isn't the only issue. There are growing concerns about data integrity from sensors, and even about the reliability of peer-to-peer networks that depend on other devices to transmit data.

As smart buildings, smart factories, and connected transportation systems emerge, the results could range from annoying to catastrophic. "Without systems in place to validate and check data, it's possible to wind up reacting to problems that don't exist or ignoring problems that do exist," points out Debbie Krupitzer, Practice Lead for Digital Manufacturing and Industrial Internet of Things, North America at consulting firm Capgemini.

Addressing the challenge requires a focus on areas as wide-ranging as device and machine components, network topology, industry protocols, and standards, says Vijay Madisetti, professor of electrical and computer engineering at the Georgia Institute of Technology. "It's an area that requires new thinking about computing, digital technology, and systems."

Beyond Computing

What's required to build a more dependable, resilient, and secure IoT framework? One major problem, at present, is that any person can control an IoT device through its associated app. Instead, fingerprint scanners, two-factor authentication and other tools must be used to authenticate users, Madisetti says. "There must be a way to distinguish the command and who is sending the request," he explains. In addition, "It's critical that IoT commands and data are encrypted so that they cannot be 'scoped and replayed,'" he says.

Blockchain, which uses a digital ledger to record transactions and ensure their integrity, may also provide some value. A growing number of researchers and groups are exploring the technology, which was developed for cybercurrency Bitcoin. It could be used to verify usage levels for systems, track transactions across devices and systems, and create virtual "tollbooths." Blockchain might be used for events such as tracking shipments of valuable goods, including gems and luxury clothing, and verifying odometers in vehicles.

Another technology solution that could improve both data integrity and security is a cognitive firewall, Sarma says. Just as a conventional firewall filters out bad or undesirable packets, this approach would examine sensors, devices, and controllers to detect when an anomaly or glitch occurs. It uses a set of rules, simulations, artificial intelligence, and analytics to spot behavior or data packets that are not desirable or legitimate.

There's also the idea of placing avatars in the cloud. These would consist of virtual objects represented in the cloud, which serve as a translator for physical connections and data streams. "Hardware talking to hardware leads to a brittle architecture," Sarma explains. "Hardware connected to avatars–with these digital twins talking to each other as much as possible–leads to a level of abstraction and flexibility. This also reduces the problem created by the proliferation of protocols such as ZigBee, 6LoWPAN, Z-Wave, Bluetooth and Wi-Fi," he explains. In fact, within an avatar-based framework, protocols become largely invisible. "The objective is simply to connect to the avatar. This eliminates the need for a patchwork of bridges, which complicate the architecture, make it unmaintainable, and leave it vulnerable to hacking."

The Internet of Algorithms

Madisetti says machine learning and analytics tools must detect behavior across devices and identify a problem, such as when a sensor or battery is performing differently from others or abnormally. "Not all information is equal. The key is to combine data with more diverse sources of information—and make things more robust—because you may not get accurate data from all types of sensors all the time," he explains.

One answer may be a move to value-based routing, which would deliver broader and deeper insights through specialized algorithms. "Unlike traditional communication networks that prioritize flow statically, using a QoS [quality of service] model based on the type of payload–such as voice, video, or email–IoT networks may need to look at prioritizing information based on its value," Madisetti says. For instance, if a washing machine sensor indicates there's a water leak, it immediately sends out an alert. "Machine learning and AI would quantify this value dynamically prior to transmission."

Says Madisetti: "We have to create a more dependable and secure framework. We cannot afford to repeat the problems of the Internet."

Join the Discussion (0)

Become a Member or Sign In to Post a Comment

The Latest from CACM

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More