The Internet of Things without the Internet is just things, and we’ve had things since the first caveman used a pointy stick to draw on a wall. What then does the Internet bring to things to justify a capital T?
While the Internet of Things is a label applied to many products, for the sake of this article, I will narrow the term down to mean just those Things which make direct use of the Internet: Things with an Internet Protocol address, communicating to other Things with Internet Protocol addresses.
For these Things, which live on the Internet, there are two coarse modes of operation. They may participate directly as first-class Internet hosts, offering services to or consuming services from a range of other Internet hosts. In this mode of operation the Stupid Things may be found, Things which are on the Internet without being ready for the experience.
The other mode of operation is for Things which will only communicate with a predetermined hub. These Things are on the Internet but aren’t interested in what else is on the Internet. They just want to phone home.
Both modes are analogous to Internet-enabled applications. Some applications are built to communicate broadly, such as web servers and email systems. Other applications are built to form a private overlay network on top of the Internet, such as networked games and Skype.
The Internet of Things is the transition of Internet-enabled applications from software to hardware.
For these Things, the Internet has taken on a remarkable role. It’s a ubiquitous global data communications network, connecting to over three billion humans. It’s a simple and cost-effective network, with full Internet technology stacks available on chips the size of a fingernail, and global GSM low-rate data access available for a few dollars a month. This Internet, the Internet for Things, will grow faster than the Internet for People by an order of magnitude.
Internet Numbers for Things
For an addressing registry, these Things are, of course, going to have an impact. Yet vendors of Things are not Internet companies and aren’t direct consumers of Internet number registry services.
They are, however, using the Internet in a way that will consume vast quantities of Internet addresses as each device acts on its own and requires its own address. While software applications can cohabit a general purpose computer and share a single address, hardware applications each require their own address.
This growth in demand may be sustained by IPv4 network address translation, or it may further push adoption of IPv6, particularly in mobile networks. As predicting the future is risky, the safest bet today is to design Things in the application layer as true hardware-based Internet applications, and to ensure that these applications can be deployed successfully on both IPv4 and IPv6 networks.
Internet Service for Things
Internet Service Providers who expect to provide service for Things will need to understand their new customers’ habits. Things don’t necessarily have peak times or a diurnal cycle. Things don’t always want lots of data, or for data to move very quickly. Many Things will want just a tiny bit of data, but want it constantly. Most Things will only do one job, and expect to do it at a low price.
For Things that are owned by the nebulous modern ISP subscriber, including media Things, home automation Things, and other WiFi piggybacking Things, this should mostly represent business as usual for service providers.
For Things that have an independent existence from an existing ISP subscriber, especially on mobile networks, new access plans will be required. These Things may only want a few megabytes of traffic a month, but they certainly don’t want to be paying usual subscriber access fees for that traffic.
Internet Security for Things
Things that take advantage of the Internet as a widely available communications infrastructure will be exposed to the full range of hostility the Internet offers. For vendors who are adding Internet to their existing Things, this hostility may come as a shock.
Security on the Internet needs to address at least the challenges of secure communications and updates. If Things are not Stupid, they will not have baked in unchangeable settings, but while this solves some problems, it exposes others; who is ordering the update, and is the update safe to apply?
Things should also be cautious in assuming they’re in a safe environment. An IPv4 NAT environment cannot be assumed, nor can it be assumed that a NAT environment filters all harmful traffic out.
Securing Things for use on the Internet is an area with active development, research, and standardization. There are guidelines and principles to work to, and Internet of Things component vendors are now usually offering some sort of security feature as part of their solutions, but this is likely to remain an exciting topic as more and more parts of our lives become connected to the darker corners of the Internet.
Internet for Everyone
In the end, the Internet for Things is the same as the Internet for People, and hardware Internet applications share many of the concerns of software Internet applications. Like the Internet for People, the possibilities opened up by converting things to Internet Things are vast, and this next Internet revolution is only just getting started. We are no longer concerned only with connecting the next billion people, we’re also concerned with connecting the next ten billion things.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.
The key question for IoT in this context is: “are Things valuable individually, or does value arise from combination”? If the former, then it’s just a remote control model, which is fine. If the latter, then the picture is much more complex as interoperability and authority delegation become important. In turn, the significance of interoperability favours dumb sensors and actuators controlled by a software layer, which runs ‘somewhere’. Probably not on the h/w sensors/actuators as it’s useful to keep their unit costs down.
Take something simple like a heating control system for a house. That’s not a thermostat on a wall, it’s several (many?) thermometers, a schedule (which may need to be shared by a security system), possibly some occupancy detectors and heating controllers. As an application, you don’t want to build a new app for each different combination of thermometers. And you don’t want to leave room for the future interaction between the home controller and wearables/cars/other locations.
The security problem is mult-layered, too: certainly devices need to be put into reliable network configurations, but delegation of attenuated control of locks to neighbours would be a challenge to embed in the locks themselves.
Standalone Things get increasingly complex hardware accretions. IoT Things become simpler hardware and software controlling them.