Everything You Need To Know About IoT Summarised In This Beautiful Infographic

The Business Insider tells us that by 2020 24 billion IoT devices will be installed worldwide. In addition one of the major market drivers for the IoT technology trend is the expansion of the internet. However, there are a number of concerns with this new technology with one of the major ones being information privacy and security. I want to share an interesting infographic by the Business Insider [23] that summarises up my blog topics perfectly. Enjoy!!!

p


References
 [23] B. I. Intelligence, “Here’s how the Internet of Things will explode by 2020,” Business Insider. [Online]. Available: http://www.businessinsider.com/iot-ecosystem-internet-of-things-forecasts-and-business-opportunities-2016-2. [Accessed: 25-Apr-2017].

What The IoT Trend and Industry Really Looks Like

fish-market-seafood-fish-called-rothmans-48820.jpg

One cannot help but ask if this technology trend was not perhaps just hyped by commercial interests with no real scientific or academic backing. According to Gill & Bhattacherjee technology fashion trends are typically driven by commercial and academic publications [9]. With commercial publications typically driven by profits and academic publications driven by authors. Similarly Sun explains through the theory of herd behaviour that there are two methods to identify whether a technology fashion is a trend or not [10]. These are mainly to analyse how individuals within the fashion make decisions and determine if publications and research is largely focused on adoption of the technology. Lastly Baskerville & Myers also suggest that according to the fashion launching process technology trends are initiated and set by gurus, mass media, consultants and business schools [11].

All of the above theories on technology fashion trends tend to characterise the readings and publications I came across while writing this blog. Most publications by companies and consulting houses were largely focused on IoT’s potential for pronounced profits as opposed to publications by academics which focused mainly on IoT benefits and challenges. In addition all publications I came across were largely focused on the adoption of IoT which according to Sun is a clear indication of a technology fashion trend [10].

To provide more evidence that the IoT technology trend should be taken seriously I did a quick search for the term “IOT” limited to any publications between 2012 and 2016 on a recognised academic database, Scopus, for an idea as to who was talking about IoT. A total of 17455 publications were returned with most papers being published in 2016. In addition, 63% of the publications were academic conference papers, followed by 27.8% being academic journals and 1.5% of publications on IoT in newspapers, etc. The graph below revealed that:

Scopus-Analyze-Year

Figure 1: Scopus IoT Publication Document Year Trends Graph.

Scopus-Analyze-Doctype

Figure 2: Scopus IoT Publications Document Type Trends Graph.    

According to the Boston Consulting Group (BCG) currently 40% of IoT customers prefer to use traditional and well-established software companies for their IoT solutions [12]. Furthermore, BCG estimates that the main sources of revenue growth in the IoT market will come from investments in IoT services and applications. Examples of the main IoT growth areas as projected by BCG are in the IoT applications and analytics area where businesses focused on providing services will use these to enhance the services they provide customers. In addition, there are a number of IoT use cases such as the ability to use sensors to estimate maintenance periods for machinery, automated inventory management, remote patient monitoring, smart meters, track and trace, connected smartcards, fleet management and demand response mentioned in my previous blog on the benefits of IoT. Below is a graph depicting current IoT use cases as stated by BCG:

ten-use-cases

Figure 3: BCG IoT Use Cases.

In 2011 Cisco’s IoT group predicted that by the year 2020 there will be over 50 billion connected devices [13]. Similarly in 2014 McKinsey projected that IoT could grow into a 6.2 trillion USD industry by the year 2025 [14]. Current illustrations of the IoT [4] value chain indicate that leading IoT providers are mainly IoT manufacturers that fall within the Platform and Smart Object categories of the IoT value chain. These IoT manufactures look to gain market share through a revision of their business models as IoT providers. Their aim is to develop of IoT hardware and offer complimentary IoT software and applications. These IoT market influencers include General Electric (GE) which has plans to be a global leader in Industrial Internet of Things (IIoT) and be a leading IOT provider, Siemens with its MindSphere platform, Microsoft with its Azure IoT Suite, SAP with its HANA Cloud Platform, IBM with its Watson IoT Platform, Cisco and Bosch. See IoT Figure 4 below for an illustration of the IoT Value Chain:

AAEAAQAAAAAAAAsVAAAAJGY0OWRlZjgwLTgxY2QtNDk4MC05YzYwLWIwODdmMzU1YjcxYQ

Figure 4: IoT Value Chain.


References

[4] M. Agrawal, “Internet Of Things – Business Models,” 08-Mar-2017. [Online]. Available: https://www.linkedin.com/pulse/internet-things-business-models-mohit-agrawal. [Accessed: 18-Mar-2017].
[9] G. Gill and A. Bhattacherjee, “Fashion waves versus informing: response to Baskerville and Myers,” MIS Quarterly, vol. 33, no. 4, pp. 667–671, 2009.
[10] H. Sun, “A longitudinal study of herd behavior in the adoption and continued use of technology.,” Mis Quarterly, vol. 37, no. 4, pp. 1013–1041, 2013.
[11] R. L. Baskerville and M. D. Myers, “Fashion waves in information systems research and practice,” Mis Quarterly, pp. 647–662, 2009.
[12] L. Columbus, “Internet Of Things Market To Reach $267B By 2020,” Forbes. [Online]. Available: http://www.forbes.com/sites/louiscolumbus/2017/01/29/internet-of-things-market-to-reach-267b-by-2020/. [Accessed: 25-Apr-2017].
[13] D. Evans, “The Internet of Things How the Next Evolution of the Internet Is Changing Everything.” Cisco Internet Business Solutions Group (IBSG), Apr-2011.
[14] M. Patel and J. Veira, “Making connections: An industry perspective on the Internet of Things | McKinsey & Company,” Dec-2014. [Online]. Available: http://www.mckinsey.com/industries/high-tech/our-insights/making-connections-an-industry-perspective-on-the-internet-of-things. [Accessed: 03-Apr-2017].

Six IoT Privacy and Security Issues You Had No Idea About, and Their Implications For Practice

pexels-photo-7938

In my previous blog I explained the benefits of IoT, I provided some examples and gave some reasons why we cannot ignore this IT trend. This blog will discuss the information privacy and security IoT challenges. However in order to properly deal with the topic, the concepts of information privacy and security have to be defined.

Abomhara defines security as “an organised framework consisting of concepts, beliefs, policies, procedures, principles, techniques and measures required to protect individual system assets as well as the system as a whole against deliberate or unintentional threat[6].

Gudymenko provides a more common definition of information security, which is the measures taken to protect the confidentiality, integrity and availability (CIA) of information [11]. In addition, SANS [12] gives the following explanations about the CIA terms used in the definition of information security:

  • Confidentiality – is needed to ensure that information is disclosed to only those who are authorised to see it.
  • Integrity – is needed to ensure that information has not been changed by accident or deliberately and refers to the accuracy and completeness of information.
  • Availability – is needed to ensure that a system is accessible to those who need to use it in accordance with its purpose.

In the case of information privacy, Tavani explains that there are a number of definitions for information privacy, and sometimes not all provide a comprehensive explanation of the concept. Tavani proposes that information privacy can be defined as “in a situation with regards to others, in that situation an individual is protected from intrusion, interference and information access by others.[13].

On the other hand, Weber states that the right to privacy can be considered as a basic non-negotiable right that every individual owns and controls [14].

According to Chigumba [15], in the South African context, the country’s constitution defines privacy as “an individual’s right not to have their person or home searched, their possession seized or their communications infringed.[16].

Based on the above definitions, one can reason that information privacy is achieved when an individual has control over their personal information. This, by the way, is not the same as secrecy or information confidentiality as commonly believed [17].

While IoT benefits have been highlighted, information privacy and security challenges for this emerging and most probably soon to be pervasive technology are a concern for business, governments, experts and society in general as highlighted in my previous blogs, and they need to be understood. These can be summarised as Privacy for Humans, Accuracy and Completeness of data within the processes used, and Dependability of the technology used [6].

Below is a listing and brief explanation of the key information privacy and security challenges facing IoT [6] [14]:

Information Privacy

  1. Eavesdropping, passive monitoring, traffic analysis and data mining. These attacks can result in personal information breaches. Abuse of the information obtained through these breaches can impact the physical and psychological well-being of the individuals who are affected. Consider situations where crimes such as fraud, robberies or even murders can be committed if criminals had access to confidential health information, correspondence from banks and insurance companies, stolen identity records or information about one’s location.
  2. Uniformity of privacy laws concerns. The way in which various countries treat privacy concepts and regulations vary, and to make matters worse IoTs is a technology that is deployed mainly through the internet with no geographical boundaries.
  3. Privacy laws are often non-existent and sometimes out-dated in terms of their application to technology. This creates a situation where there is reliance on companies who build or use IoTs to self-regulate, which generally does not happen.
  4. Interception or intrusion of data, information and messages being transmitted across IoT devices, be it physical or logical.
  5. Denial of Service attacks (DOS). This kind of attack tries to makes devices unusable. IoT devices generally have low memory and computational capabilities, and are susceptible to DOS attacks suck as jamming of devices and consumption of bandwidth and disk space.
  6. Physical damage and attacks on devices. IoT devices are generally left outdoors and unattended so they are sometimes vulnerable to weathering of deliberate damages, theft, etc.

Below is a listing of some serious and possibly terrifying examples of IoT privacy and security breaches [18]:

  • The US National Nuclear Security Administration experienced 19 successful cyber-attacks between 2010 and 2014. The main method of attack was through a computer virus called Stuxnet that was designed to infect industrial programmable logic controllers (PLCs). PLCs allow the automation of electromechanical processes such as factory assembly lines, amusement park rides and centrifuges that used in separating nuclear material.
  • A company called TrackingPoint makes a smart rifle that uses IoT technology that allows individuals to digitally mark a target in order to take a perfect shot from about a kilometer away. The “smart rifle” also connects to smart phones or tablets to view the rifle’s scope. However, security researchers have discovered software flaws in the smart rifle that allows anyone with access to the internet to remotely adjust the rifle’s controls.
  • In some cases, IoT breaches that recently occurred in the United Kingdom where hackers attacked IoT-connected devices in homes. Smart appliances, entertainment systems, including heating systems are being shut down.

Hopefully the breaches mentioned above will kick-start industry, academia, governments, regulatory bodies, non-profit organisations and other influencers into realising that IoT challenges need to be addressed as a matter of urgency.

Studies show that one of the key factors impacting IoT adoption is a lack of confidence around how personal information will be protected. Below is a listing of the implications for adoption of IoT by organisation, practitioners or any other individuals [6] [14]:

  1. Countries need to harmonise and agree on privacy laws or define baseline policies, standards and guidelines for proper handling of personal information.
  2. Adoption of globally accepted technology design practices that consider information privacy and security implications from the onset. For example, Privacy Impact Assessments (PIAs), Privacy by Design principles and the International Organization for Standardization (ISO) 27001 for information security management system (ISMS) specification.
  3. IoT involves people, things and data, this means that interoperability amongst disparate and distributed systems is essential. Abomhara suggests that there is a need to develop an open architecture standard that will address this issue. Furthermore this architecture standard should be made up of well-defined abstract data model, interfaces & protocols that will be able to support a wide range of uses.
  4. Technology development standards for creating tamper proof devices. This includes exploration of effective physical and logical access protection mechanisms such as encryption protocols, etc.
  5. Development of standards, procedures and technologies correctly identify IoT objects and devices. This includes standards to manage authorisation, authentication and access control.
  6. Enforcement of compliance to information privacy and security laws and standards.

References
[6]          M. Abomhara and G. M. Køien, “Security and privacy in the Internet of Things: Current status and open issues,” in Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on, 2014, pp. 1–8.
[11]        I. Gudymenko, K. Borcea-Pfitzmann, and K. Tietze, “Privacy implications of the internet of things,” in International Joint Conference on Ambient Intelligence, 2011, pp. 280–286.
[12]        “Glossary of Security Terms,” SANS - Information Security Resources, Mar-2017. [Online]. Available: https://www.sans.org/security-resources/glossary-of-terms/. [Accessed: 05-Apr-2017].
[13]        H. Tavani, “Philosophical theories of privacy,” Metaphilosophy, vol. 38, no. 1, pp. 1–22, Jan. 2007.
[14]        R. H. Weber, “Internet of Things – New security and privacy challenges,” Computer Law & Security Review, vol. 26, no. 1, pp. 23–30, Jan. 2010.
[15]        Chigumba, “The employee’s right to privacy versus the employer’s right to monitor electronic transmissions from the workplace,” University of Kwazulu Natal, 2013.
[16]        Constitution Of The Republic Of South Africa. 1961, p. 19.
[17]        J. Grubman, “Privacy vs. Secrecy,” More Than Money Journal, p. 12, 2001.
[18]        B. Montgomery, “The 10 Most Terrifying IoT Security Breaches you aren’t aware of (so far),” 13-Sep-2015. [Online]. Available: https://www.linkedin.com/pulse/10-most-terrifying-iot-security-breaches-so-far-you-arent-montgomery. [Accessed: 24-Apr-2017].

Three Reasons Why The Internet of Things (IoT) Should Be Considered

Traffic lights at the crossroads

In my previous blog I touched on the concept of IoT by explaining what exactly IoT is and provided some background on how this IT trend came about. Some brief information about why academics and practitioners were fearful about the information privacy and security implications of this new technology was provided. This week’s blog will touch on the benefits of IoT.

Academics and practitioners have established that IoT will have a significant impact on how companies operate and do business in the near future. In addition, as governments deliver transport, safety, healthcare, sanitation and other essential services, the lives of many citizens could be improved though the provision of faster, cheaper and more accurate data that IoT provides [5] [6]. Some of the key benefits can be summarised as follows [5]:

  1. Improved communication –immediate access to accurate information about people and systems such as location and temperature of shipping containers, monitoring of vital signs to assist health practitioners during assessments, as well as accurate stock counts for business.
  2. Automation and better control– providers of essential services such as energy and sanitation will have real-time access to monitor and remotely control equipment and environmental conditions and react accordingly if needs be.
  3. Cost savings – readily available and accurate data will provide reliable information about the performance of equipment and not just estimates, allowing companies to save money.

A good example of the application and benefits thereof of IoT technology use for “smart cities”. This involves the pairing of sensor technology with physical infrastructure and services in order to simplify the lives of residents [8].

European cities of Barcelona and Amsterdam are some of the early adopters of IoT technology for smart cities. The concept has also spread into other countries such as Denmark, Dubai, Singapore, Germany and France. In addition, cities in the United States of America (U.S.A) are also following this trend and getting smarter with San Francisco, Chicago, New York, Miami and San Antonio following suit.

In San Antonio, streetlights are adjusted in stormy weather to improve visibility and reduce accidents. In Chicago, the city controls its rodent population by combining IoTs with predictive analytics to determine which waste dumpsters are most likely to be full and attract rats. In San Francisco, an app that collects sensor data for garages allows smartphone users to find available parking spots throughout the city.


References
 [5] M. Kumar, M. Vetripriya, A. Brigetta, A. Akila, and D. Keerthana, “Analysis on Internet of Things and Its Application,” International Journal of Scientific Research in Science, 2016.
 [6] M. Abomhara and G. M. Køien, “Security and privacy in the Internet of Things: Current status and open issues,” in Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on, 2014, pp. 1–8.
 [8] T. Maddox, “The world’s smartest cities: What IoT and smart governments will mean for you,” TechRepublic, Nov-2015. [Online]. Available: http://www.techrepublic.com/article/smart-cities/. [Accessed: 18-Mar-2017].

Experts say that IoT has gone too far, but how far?

 

pexels-photo-147483
Serious risk to life and property

In the last quarter of 2016 information security experts warned the United States (U.S.) Congress that the growing number of insecure Internet of Things (IoT) devices posed a significant risk to life and property therefore government had to do something about it [1]. Bruce Schneier, a Harvard lecturer on public policy and a recognised authority on information security and privacy was amongst a panel of experts presenting the case at a hearing held by the House Energy and Commerce Committee [1].

The warning was sparked by the occurrence of a number of distributed denial of service (DDOS) attacks during October and November 2016 on U.S. and European based internet service providers (ISPs) such as Deutsch Telekom, Irish telecommunications company Eir, the United Kingdom (U.K.) Post Office and U.S. internet infrastructure provider Dyn [1]. Reports state that the attacks were carried out through an exploitation of poorly secured IoT devices[1] [2].

What exactly is IoT?

Bill Joy [3], one of the early developers of the Berkley Unix operating system and co-founder of Sun Microsystems predicted in 1999 at the World Economic Forum in Davos, that in future the internet would be depicted in six classes, namely:

  1. The near web – internet you see when you lean over a screen like your laptop screen;
  2. The here web – internet that you take everywhere and is accessed via a device like your cell phone;
  3. The far web – internet you experience when you sit back from a big screen like your television;
  4. The weird web – internet that can be accessed through voice and you can listen to;
  5. Business to Business (B2B) – internet where business systems talk to each other; and
  6. Device to Device (D2D) – internet of connected sensors that regulate systems in urban settings.

IoT is defined as an ecosystem where things in the physical world are interconnected and/or are connected to the internet to exchange data through sensors within or attached to these things [4] [5] [6]. These sensors can use various types of local area connectivity such as Radio-Frequency Identification (RFID), Near-Field Communication (NFC), Wireless Fidelity (Wi-Fi), Bluetooth and Zigbee. In addition, sensors also have wide area connectivity such as the Global System for Mobile Communication (GSM), General Packet Radio Service (GPRS), Third Generation Mobile Phone Network (3G) and Long-Term Evolution Mobile Phone Network(LTE) [5].

Based on the above definition one could say that some, if not all, of Bill Joy’s predictions happened in the years that followed. However, the predictions relevant to this article are those that share some aspects of IoT, namely, the internet of B2B and D2D.

Where and when did it all begin?

The foundations of IoT came out of Massachusetts Institute of Technology’s (MIT) Auto-ID laboratory in the early 2000’s by a researcher called Kevin Ashton [5]. Kevin Ashton came up with the IoT concept as he looked for opportunities to help Proctor and Gamble improve its supply chain business by connecting RFID information to the internet. In 1999 Kevin Ashton [7] stated the following:

“If we had computers that knew everything there was to know about things-using data they gathered without any help from us-we would be able to track and count everything, and greatly reduce waste, loss and cost. We would know when things needed replacing, repairing or recalling, and whether they were fresh or past their best. We need to empower computers with their own means of gathering information, so they can see, hear and smell the world for themselves, in all its random glory. RFID and sensor technology enable computers to observe, identify and understand the world—without the limitations of human-entered data”.


References
[1] M. Orcutt, “Security experts warn Congress that the Internet of Things could kill people,” MIT Technology Review, 05-Dec-2016. [Online]. Available: https://www.technologyreview.com/s/603015/security-experts-warn-congress-that-the-internet-of-things-could-kill-people/. [Accessed: 20-Mar-2017].
[2] J. Leyden, “Sh... IoT just got real: Mirai botnet attacks targeting multiple ISPs,” 02-Dec-2016. [Online]. Available: https://www.theregister.co.uk/2016/12/02/broadband_mirai_takedown_analysis/. [Accessed: 21-Mar-2017].
[3] J. Pontin, “ETC: Bill Joy’s Six Webs,” MIT Technology Review, 29-Sep-2005. [Online]. Available: https://www.technologyreview.com/s/404694/etc-bill-joys-six-webs/. [Accessed: 20-Mar-2017].
[4] M. Agrawal, “INTERNET OF THINGS – BUSINESS MODELS,” 08-Mar-2017. [Online]. Available: https://www.linkedin.com/pulse/internet-things-business-models-mohit-agrawal. [Accessed: 18-Mar-2017].
[5] M. Kumar, M. Vetripriya, A. Brigetta, A. Akila, and D. Keerthana, “Analysis on Internet of Things and Its Application,” International Journal of Scientific Research in Science, 2016.
[6] M. Abomhara and G. M. Køien, “Security and privacy in the Internet of Things: Current status and open issues,” in Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on, 2014, pp. 1–8.
[7] K. Ashton, “That ‘internet of things’ thing,” RFiD Journal, vol. 22, no. 7, pp. 97–114, 2009.