Software application developers working with the kinds of embedded computing devices that we now class as citizens within the so-called Internet of Things (IoT) can be forgiven for getting somewhat confused.
The Internet of Things a.k.a
The trouble is, the Internet of Things is also known as:
• the Internet of Things That Matter (IoTTM)
• the Industrial Internet of Things (IIoT)
• the Internet of Business (IoB)
The CWDN newsdesk has even seen a Revolutionize the IoT (RIoT) programme... and yes, we left the Z in deliberately.
Recent research from James Brehm & Associates has suggested that while 73 percent of enterprises are either experimenting with or implementing IoT solutions; connectivity, security and interoperability are making global scalability a challenge.
It almost begs the question: why are smart devices so stupid and failing to interconnect as they really should be by now given the degree to which we discuss the IoT.
To try to get some deeper insight, CWDN spoke to Rob Miller, head of energy at MWR InfoSecurity -- a firm known for its penetration testing, web application testing, vulnerability assessments, continuous security verifications, wireless security testing, firewall testing and so on.
"There are two races happening at the moment that are leading to security failures in IoT. The first is over which wireless protocol will become the de-facto standard in IoT. Developers and manufacturers of wireless protocols and hardware need to be clear not only what security features their solutions have, but also how to use them safely and where their limits are," said Miller.
He continues, "Any standards released for IoT will have to walk a tight line of staying broad enough so that they can be included by all IoT vendors, but strict enough that they still offer a level of effective measurements. Standards that try to cover all IoT from home automation alarms through to mass smart city monitoring solutions run the risk of producing rules so abstract that a developer could misinterpret them, or worse produce devices that tick every box without ever adding real security."
A call to action
How do we get out of this IoT mess (so that we don't end up building the Internet of Mess) then?
The smart money is on CATEGORISING EVERY ELEMENT of the IoT and understanding the component parts within it, for developers, architects, sysadmins and non-technical planners alike... it's almost like we need to break the IoT down into a list.
We will get there, but this discussion -- now -- is necessary.