The concept of devices from different manufacturers self-organizing into a system is a very sexy idea, despite Ben Zur's statement to the contrary. Considering the long lives of consumer appliances of five and ten years and sometimes longer, the software update management challenges of maintaining interoperability between older and newer appliances on the proximal network alone will be difficult to overcome. According to Clark's third law — "any sufficiently advanced technology is indistinguishable from magic" — this could be magic.
Krisztián Flautner, VP of IoT R&D at closely related company ARM Holdings, followed Ben Zur later in the day to reiterate the importance of standards and discuss the common requirements of IoT applications (see slide below), before turning to the darker side of IoT.
Flautner presented many questions that don't yet have answers, beginning with how personal information is shared. People opt in to social networks and fitness apps tied to the cloud, trusting that their personal information and privacy can be managed with existing and evolving regulations that rely on transparency in its use and disclosure of breaches. But Flautner doesn't believe that existing regulations based on transparency and security systems that rely on protecting perimeters and passwords can be trusted to scale to the 50 billion IoT devices Cisco has predicted to be in use by 2020.
The pace of innovation in hacking systems also needs to be included in the standards discussion. What might be secure when IoT devices are built could later be exploited through advances in hacking technology. Flautner offered two examples of how innovation improves the technologies used by bad actors. In 2008, a dedicated team of specialists was able to hack and gain control of a pacemaker at a distance of a few centimeters, but in 2013 MIT grad students showed the ability to gain control of a pacemaker at a distance of 50 feet. Second, the length of what is considered a secure password now exceeds 55 characters due to algorithmic and computational innovation by these bad actors.
Privacy and security policies and technology for the IoT still needs to be developed. Flautner believes that this will occur iteratively as IoT applications are built and the experience is used to guide the consortia to advance standards for privacy and security.
What can be expected of the future of IoT? Companies like ThingWorx and IControl will build cloud-based platforms and applications to integrate, secure, and control disparate IoT devices and serve as a reference model for standards. In the nearer term, ARM, Qualcomm and their competitors will research and develop standards and software to interconnect the proximal networks, and in the longer term define privacy and security standards that match the scale of the IoT in 2020 that Qualcomm forecasts to grow to 25 billion and Cisco forecast to grow to 50 billion.
Sign up for CIO Asia eNewsletters.