Five Challenges that the IoT is Facing
The Internet of Things offers us the chance to redefine the way our society operates, but with something so complex and intricate, there is bound to be challenges.
Published 10/09/18
By now, it should be obvious that the Internet of Things (IoT) is a technology with tremendous potential and power to affect change in almost every industry. The growth of the IoT, which is being fuelled by a more developed understanding of the technology amongst businesses, is only in the early stages of execution. As with all new technologies, teething issues are inevitable as the IoT expands and discovers new use cases.
However, what makes the IoT so unique is its unparalleled scale, which introduces incredible complexity and fragmentation. From healthcare to agriculture, the IoT will upend the way our societies operate, connecting everything around us to the Internet. Efficiency and cost and time savings are just the tip of an enormous iceberg when it comes to the benefits which the IoT introduces.
Day after day, more and more consumers and businesses adopt a new IoT solution, initiating a ripple effect in which one use case is derived from another. But, as we dip our toes into the data provided by the IoT, we realise that as the new oil, data is an incredibly valuable asset which is teetering on a sensitive balance between vulnerable and secure. Putting the integrity of our data aside, other challenges such as the aforementioned fragmentation and regulation are hampering the growth of the IoT. With the IoT, our imagination is literally the only limit, but we must not allow these teething issues to evade our attention. Because, otherwise, we will be left with a dysfunctional system of networks which do not serve to meet any of our needs.
However, what makes the IoT so unique is its unparalleled scale, which introduces incredible complexity and fragmentation. From healthcare to agriculture, the IoT will upend the way our societies operate, connecting everything around us to the Internet. Efficiency and cost and time savings are just the tip of an enormous iceberg when it comes to the benefits which the IoT introduces.
Day after day, more and more consumers and businesses adopt a new IoT solution, initiating a ripple effect in which one use case is derived from another. But, as we dip our toes into the data provided by the IoT, we realise that as the new oil, data is an incredibly valuable asset which is teetering on a sensitive balance between vulnerable and secure. Putting the integrity of our data aside, other challenges such as the aforementioned fragmentation and regulation are hampering the growth of the IoT. With the IoT, our imagination is literally the only limit, but we must not allow these teething issues to evade our attention. Because, otherwise, we will be left with a dysfunctional system of networks which do not serve to meet any of our needs.
Without Robust Security, the IoT is Dead on Arrival
The IoT will harness billions and billions of bytes of data. In fact, there has never been a technology that puts data so strongly at the centre of its use case. After all, this data is the fundamental reason why the IoT exists in the first place. But, with so much data being collected, security is of paramount concern. If an IoT company isn't willing to implement a rigorous security mechanism on their product or network, that's very alarming.
Ever heard of a DDoS (Distributed Denial of Service) attack? As a summary, a DDoS attack is an attempt to render an online service unavailable by inundating it with traffic from multiple sources. Those sources, in recent times, have increasingly become IoT devices such as your networked security camera, smart speaker or even a smart thermostat. These IoT devices tend to be simple in their operation, and so is their security.
To carry out such an attack, a hacker must locate a vulnerability in a device and exploit it. This device then becomes part of a "botnet" or a network of infected devices. These devices are then directed to flood a service with visitors, essentially overwhelming the service with traffic and causing it to crash for everyone. Companies such as Google, Amazon and Phillips have made efforts to solve such vulnerabilities in their IoT products, but it is still widely recognised that IoT devices are some of the least secure out there.
Drifting away from the security concerns that plague IoT devices and towards vulnerabilities which exist in IoT networks themselves. There have been countless demonstrations of WiFi enabled IoT devices being utilised as a backdoor to hack other devices on the same WiFi network.
For IoT devices that do not use WiFi, Bluetooth or NFC, other connectivity solutions include Sigfox, NB-IoT and LoRa. Unfortunately, it is very difficult to secure low bandwidth devices connected to a network such as Sigfox. For example, Sigfox does not encrypt traffic while in transit by default (it can be deployed by the customer or by paying for a subscription service), which basically leaves the information available for anyone with the technical know-how to steal. Now, this isn't the case with every IoT network, NB-IoT traffic is encrypted between the device and core network using "bank-grade encryption". Many IoT solutions are not open source, making it more difficult for vulnerabilities to be identified and brought to the attention of manufacturers and networks before the flaw is exploited.
Strong encryption should be at the forefront of the IoT going forward, at present, our data just isn't secure enough. Frankly, there's a ticking time bomb waiting to explode upon arrival of the next major IoT vulnerability or hack. Perhaps, manufacturers need to slow down and think more carefully about security, because an innovation is only an innovation if it is intrinsically secure.
Ever heard of a DDoS (Distributed Denial of Service) attack? As a summary, a DDoS attack is an attempt to render an online service unavailable by inundating it with traffic from multiple sources. Those sources, in recent times, have increasingly become IoT devices such as your networked security camera, smart speaker or even a smart thermostat. These IoT devices tend to be simple in their operation, and so is their security.
To carry out such an attack, a hacker must locate a vulnerability in a device and exploit it. This device then becomes part of a "botnet" or a network of infected devices. These devices are then directed to flood a service with visitors, essentially overwhelming the service with traffic and causing it to crash for everyone. Companies such as Google, Amazon and Phillips have made efforts to solve such vulnerabilities in their IoT products, but it is still widely recognised that IoT devices are some of the least secure out there.
Drifting away from the security concerns that plague IoT devices and towards vulnerabilities which exist in IoT networks themselves. There have been countless demonstrations of WiFi enabled IoT devices being utilised as a backdoor to hack other devices on the same WiFi network.
For IoT devices that do not use WiFi, Bluetooth or NFC, other connectivity solutions include Sigfox, NB-IoT and LoRa. Unfortunately, it is very difficult to secure low bandwidth devices connected to a network such as Sigfox. For example, Sigfox does not encrypt traffic while in transit by default (it can be deployed by the customer or by paying for a subscription service), which basically leaves the information available for anyone with the technical know-how to steal. Now, this isn't the case with every IoT network, NB-IoT traffic is encrypted between the device and core network using "bank-grade encryption". Many IoT solutions are not open source, making it more difficult for vulnerabilities to be identified and brought to the attention of manufacturers and networks before the flaw is exploited.
Strong encryption should be at the forefront of the IoT going forward, at present, our data just isn't secure enough. Frankly, there's a ticking time bomb waiting to explode upon arrival of the next major IoT vulnerability or hack. Perhaps, manufacturers need to slow down and think more carefully about security, because an innovation is only an innovation if it is intrinsically secure.
Delivering OTA Updates is Tricky
If you are the manufacturer of an IoT device such as a pet tracker, delivering an Over-The-Air (OTA) update to thousands of devices may seem like an insurmountable task. And to date, pushing any form of a feature or security update has proven a difficult task. Going forward, this issue will need to be addressed, especially considering the fact that many IoT devices will be in operation for a time period spanning years or even decades. There are two sources of this issue. First and foremost, IoT devices are simple. The available hardware is usually underpowered compared to something like our smartphone. As well as this, IoT devices connect to simple networks such as Sigfox or NB-IoT, which offer limited bandwidth. Finally, fragmentation is the other issue, with so many different variants of a product in different regions, pushing an update that will work in every scenario is very time-consuming.
Basically, it would be an impossible task to push an OTA update to a Sigfox or LoRa sensor because of the incredibly low downlink rate. In this scenario, the device must utilise another means of connectivity which delivers a higher bitrate. In fact, many Sigfox devices feature WiFi, Bluetooth, NB-IoT or NFC as a means to download OTA updates. When a sensor such as a smoke detector receives a message from a Sigfox base station to temporarily activate WiFi, Bluetooth or NB-IoT to allow the update to be carried out, it saves time and energy.
Without the ability to easily deploy OTA updates, IoT devices will fall victim to security vulnerabilities and their longevity will be degraded as features cannot be enhanced.
Basically, it would be an impossible task to push an OTA update to a Sigfox or LoRa sensor because of the incredibly low downlink rate. In this scenario, the device must utilise another means of connectivity which delivers a higher bitrate. In fact, many Sigfox devices feature WiFi, Bluetooth, NB-IoT or NFC as a means to download OTA updates. When a sensor such as a smoke detector receives a message from a Sigfox base station to temporarily activate WiFi, Bluetooth or NB-IoT to allow the update to be carried out, it saves time and energy.
Without the ability to easily deploy OTA updates, IoT devices will fall victim to security vulnerabilities and their longevity will be degraded as features cannot be enhanced.
Connectivity is Fragmented
Connectivity is the most basic building block of an IoT solution. However, there are so many different connectivity standards in use today, adding unnecessary complexity and fragmentation. For example, Sigfox, NB-IoT and LoRa are three methods of connecting IoT sensors to the Internet. However, there is also WiFi, Bluetooth, NFC and so much more. With so many different options, it makes the experience less intuitive for businesses and consumers.
Take for example NB-IoT, a cellular-based IoT network which utilises licensed radio spectrum for information transmission. Vodafone, the largest telecoms company in the world by revenue, is pursuing this technology for the IoT. However, it does have its own fair share of drawbacks. There is no clear, universal pricing structure with NB-IoT, similar to the way mobile providers capitalise on your data usage in a foreign country by imposing eye-watering charges. For international logistics, this is a huge drawback.
But, the fragmentation issue extends beyond region-specific pricing. On a more technical level, the spectrum used for IoT networks such as Sigfox and more specifically, NB-IoT, varies vastly based on the region. This adds cost and complexity to the process of manufacturing IoT sensors. In terms of NB-IoT, there are over eighteen different bands which a manufacturer must support if the sensor is to have the ability to roam worldwide. This has a notable impact on the price, an NB-IoT module costs around $8 today, while a Sigfox module (which only need to support four different bands) costs less than $2.
In a more abstract way, fragmentation makes it more difficult for devices to work with one another. Think about the implications of this for healthcare devices, using different technologies may be a huge issue in comparing the obtained data.
A less fragmented IoT experience includes multiple different standards working in tandem with one another to meet specific use cases and improve versatility. We need manufacturers and developers to be open to blurring the lines that exist between today's IoT networks and devices in order to deliver a more streamlined experience.
Take for example NB-IoT, a cellular-based IoT network which utilises licensed radio spectrum for information transmission. Vodafone, the largest telecoms company in the world by revenue, is pursuing this technology for the IoT. However, it does have its own fair share of drawbacks. There is no clear, universal pricing structure with NB-IoT, similar to the way mobile providers capitalise on your data usage in a foreign country by imposing eye-watering charges. For international logistics, this is a huge drawback.
But, the fragmentation issue extends beyond region-specific pricing. On a more technical level, the spectrum used for IoT networks such as Sigfox and more specifically, NB-IoT, varies vastly based on the region. This adds cost and complexity to the process of manufacturing IoT sensors. In terms of NB-IoT, there are over eighteen different bands which a manufacturer must support if the sensor is to have the ability to roam worldwide. This has a notable impact on the price, an NB-IoT module costs around $8 today, while a Sigfox module (which only need to support four different bands) costs less than $2.
In a more abstract way, fragmentation makes it more difficult for devices to work with one another. Think about the implications of this for healthcare devices, using different technologies may be a huge issue in comparing the obtained data.
A less fragmented IoT experience includes multiple different standards working in tandem with one another to meet specific use cases and improve versatility. We need manufacturers and developers to be open to blurring the lines that exist between today's IoT networks and devices in order to deliver a more streamlined experience.
Misinformation is a Toxic Epedemic
To put things bluntly, the IoT has fallen victim to the trend of large companies pumping money into marketing campaigns that prioritise creating hype about the technology, shying away from managing expectations and truthfulness. In fact, some of the figures touted by players such as Vodafone Group are manipulated to such an extent that the results, in reality, are virtually unachievable when compared to the supposed results portrayed in marketing slides.
Many companies have manipulated the figures relating to the performance of their IoT solution to ensure the highest possible results. This has initiated a misinformation epidemic, which is extremely toxic for the IoT industry as a whole. There is a critical need for improved transparency amongst device manufacturers and IoT providers. If this trend of misinformation continues, it will only serve to deter consumers and businesses from adopting the technology. More importantly, it will stifle innovation in the IoT field as the consensus that large companies will always win thanks to their huge marketing budgets will prevail.
In order for you to understand some of this, let's investigate some of the figures floated by Vodafone Group about its NB-IoT network. In terms of battery life, it is very difficult to predict the lifespan of an NB-IoT device in the real world. This is because the rate at which power is consumed increases as the signal quality worsens. In this way, Vodafone Group likes to measure expected NB-IoT battery performance in ideal conditions (when signal quality is perfect). But that is incredibly deceiving because the likelihood that an NB-IoT device will receive perfect signal quality all the time is incredibly rare.
In terms of the coverage provided by an NB-IoT base station, Vodafone Group explains that NB-IoT signals travel further than those provided by a Sigfox base station. Again, this is far from the truth. NB-IoT relies on retransmissions to achieve a coverage footprint similar to a Sigfox network, so the idea that NB-IoT coverage (which uses higher frequency spectrum than Sigfox) propagates further from a base station is ridiculous. Also, Vodafone Group claims that NB-IoT is less susceptible to signal jamming than other IoT networks. Guess what, that's nonsense too. Sigfox devices are resistant to jamming due to a feature called time and frequency diversity, where a sensor will produce three messages, all identical, on three different frequencies and at three different times (time and frequency diversity).
Many companies have manipulated the figures relating to the performance of their IoT solution to ensure the highest possible results. This has initiated a misinformation epidemic, which is extremely toxic for the IoT industry as a whole. There is a critical need for improved transparency amongst device manufacturers and IoT providers. If this trend of misinformation continues, it will only serve to deter consumers and businesses from adopting the technology. More importantly, it will stifle innovation in the IoT field as the consensus that large companies will always win thanks to their huge marketing budgets will prevail.
In order for you to understand some of this, let's investigate some of the figures floated by Vodafone Group about its NB-IoT network. In terms of battery life, it is very difficult to predict the lifespan of an NB-IoT device in the real world. This is because the rate at which power is consumed increases as the signal quality worsens. In this way, Vodafone Group likes to measure expected NB-IoT battery performance in ideal conditions (when signal quality is perfect). But that is incredibly deceiving because the likelihood that an NB-IoT device will receive perfect signal quality all the time is incredibly rare.
In terms of the coverage provided by an NB-IoT base station, Vodafone Group explains that NB-IoT signals travel further than those provided by a Sigfox base station. Again, this is far from the truth. NB-IoT relies on retransmissions to achieve a coverage footprint similar to a Sigfox network, so the idea that NB-IoT coverage (which uses higher frequency spectrum than Sigfox) propagates further from a base station is ridiculous. Also, Vodafone Group claims that NB-IoT is less susceptible to signal jamming than other IoT networks. Guess what, that's nonsense too. Sigfox devices are resistant to jamming due to a feature called time and frequency diversity, where a sensor will produce three messages, all identical, on three different frequencies and at three different times (time and frequency diversity).
Regulation is Stuck in the Stone Age
As has been highlighted on a multitude of different occasions, regulation has failed to keep up with the pace of technological change in our society. We find ourselves in an era that has been defined by the invention of the Internet, however, regulatory bodies are still playing catchup, jeopardising competition, innovation and security. In industries such as telecoms, regulators play a crucial role in ensuring a healthy market for consumers and competitors.
As the IoT industry is young, it isn't regulated whatsoever. On the issue of privacy, this leaves us exposed to a dystopian-style future where our data finds its way into the hands of mega-corporations which employ controversial business strategies. We are not living in a bubble, trust me, just look at the fallout from the Facebook/Cambridge Analytica scandal that sent shockwaves through the International community of Internet users. It will become the responsibility of regulators to ensure that our data is collected, stored and utilised in a way that doesn't endanger the anonymity of individual users. The longer it takes for regulators to step in, the longer we leave ourselves exposed to the exploitation of our data.
Leaving privacy and security, regulating IoT companies also becomes important in other aspects. On the part of IoT providers such as Vodafone and VT IoT (Sigfox), which make use of radio spectrum to connect simple devices to the Internet, regulation is key to sustaining competition and innovation. For example, with NB-IoT, Vodafone must pay the telecoms regulator (ComReg in Ireland) a pretty penny to access spectrum. This is known as licensed spectrum, and it is illegal for any person to broadcast a signal in the same band. If ComReg detects that someone is interrupting this licensed spectrum, some serious consequences will result. This is important because it ensures that a high quality of service can be delivered consistently and that providers can meet their service level agreement (SLA).
Of course, there are downsides that will creep in if we are to regulate the IoT and these need to be acknowledged very carefully. To conclude this topic of regulation, I think it is important that we remember that the criticality of privacy and security can't be overstated when it comes to the IoT, a technology which will gather an unparalleled level of data about you and I and everything around us.
As the IoT industry is young, it isn't regulated whatsoever. On the issue of privacy, this leaves us exposed to a dystopian-style future where our data finds its way into the hands of mega-corporations which employ controversial business strategies. We are not living in a bubble, trust me, just look at the fallout from the Facebook/Cambridge Analytica scandal that sent shockwaves through the International community of Internet users. It will become the responsibility of regulators to ensure that our data is collected, stored and utilised in a way that doesn't endanger the anonymity of individual users. The longer it takes for regulators to step in, the longer we leave ourselves exposed to the exploitation of our data.
Leaving privacy and security, regulating IoT companies also becomes important in other aspects. On the part of IoT providers such as Vodafone and VT IoT (Sigfox), which make use of radio spectrum to connect simple devices to the Internet, regulation is key to sustaining competition and innovation. For example, with NB-IoT, Vodafone must pay the telecoms regulator (ComReg in Ireland) a pretty penny to access spectrum. This is known as licensed spectrum, and it is illegal for any person to broadcast a signal in the same band. If ComReg detects that someone is interrupting this licensed spectrum, some serious consequences will result. This is important because it ensures that a high quality of service can be delivered consistently and that providers can meet their service level agreement (SLA).
Of course, there are downsides that will creep in if we are to regulate the IoT and these need to be acknowledged very carefully. To conclude this topic of regulation, I think it is important that we remember that the criticality of privacy and security can't be overstated when it comes to the IoT, a technology which will gather an unparalleled level of data about you and I and everything around us.
Conclusion: Challenges that are Surmountable
All of the highlighted issues relating to the IoT need to be tackled, bringing us closer to a technology that is more complete, rich and powerful. Without any doubt, the IoT stands out as a technology with far-reaching potential, perhaps being even more transformational than the invention of the smartphone.
The IoT will produce a paradigm shift in our society, provoking the fourth industrial revolution, generating new opportunities to cure and care for the sick and give us more control and understanding than ever about our crops, our natural resources and our planet.
The IoT will produce a paradigm shift in our society, provoking the fourth industrial revolution, generating new opportunities to cure and care for the sick and give us more control and understanding than ever about our crops, our natural resources and our planet.