DRIVING SECURE INTERNET OF THINGS INNOVATION

A SILENT EXPLOSION

A QUIET REVOLUTION IS GAINING PACE FAST. IT’S TIME TO PREPARE FOR A SILENT EXPLOSION OF DATA, FROM ‘THINGS’ EVERYWHERE THAT WILL CHANGE OUR PLANET FOREVER. THE IMPACT SHOULD NOT BE UNDERESTIMATED.

90% of today’s data didn’t exist two years ago. But the explosion has barely begun. Tens of billions of sensors continually monitoring our lives, homes, offices, cities and environment will generate raw data orders of magnitude greater than anything we have experienced. This raw data will become the building blocks of an increasingly rich virtual representation of our real world. A world more commonly known as the Internet of Things or IoT. After the explosion, a new world order will emerge. Security of this virtual world will be critical. To ensure its benefits to mankind, security must be built in from the ground up and not be an afterthought.

INDUSTRY 4.0Industry 1.0 was the invention of mechanical helpIndustry 2.0 was mass productionIndustry 3.0 brought electronics and control systemsIndustry 4.0 is peer-to-peer communication between products, systems and machines

DON’T WAIT!

The IoT is not the future. It’s here. Now. At the end of 2013, 75% of enterprises from across major industries are already exploring the IoT landscape and 40% of the boardroom is regularly discussing IoT. By 2017, 96% of enterprises expect to be using IoT in some respect.* Whilst falling hardware costs mean we can probably capture and harness the coming explosion of data from things, extracting real value from it will require new talent and skills. A lack of these skills is considered the top obstacle to exploiting the IoT. Few people know today what successful business models will look like or how to manage the commercial sharing of the data. But exploration now will pay benefits soon. Organisations that are slow to integrate IoT will fall behind the competition.

Don’t wait. Don’t fear the unknown.

Don’t get left behind.

* Economist Intelligence. The Internet of Things Business Index.

$T

RIL

LIO

NS

Because of differing views about which directions technology might develop, nobody knew which business models would work during the first phase of the Internet. If it was obvious, everyone would be Google. It’s the same today. Business models could take a decade to solidify. By then, new leaders will have established scale and built defensible models and it will be too late to catch up. One point that is generally agreed is that there are $trillions up for grabs. And the IoT is not just for manufacturing new things: service providers are also already offering new IoT products. For example, insurance companies are pricing premiums based on drivers’ behaviour. Now is the time to start experimenting with new models to: get closer to your customers; unlock new revenues from existing products and services; inspire new working practices or processes; blur the divide between internal operations and external solutions; rethink commercial agreements and consider subscription or usage models.

OPEN INNOVATION

Organisations looking to flourish and advance their IoT capabilities successfully cannot rely entirely on their own research or develop solutions in a silo. They should adopt a different mindset. They should collaborate and share both risks and rewards. They should systematically combine products, services and paths to market across a broad IoT ecosystem*. They should license their processes and inventions, and buy licences from others. They should create joint ventures or spin offs. They should integrate external and internal innovation to exploit their competitive advantages. The market is growing rapidly and is large enough to support an abundance of specialist organisations, many of which don’t even exist today.

*A community of large and small IoT organisations (data publishers and owners, technology firms, application developers, and content subscribers) working together to create interoperable and interconnected networks of products, services, operations and processes to create valuable solutions.

50 BILLION INTERNET CONNECTED DEVICES BY 2020. BUT THE DEVICE IS NOT THE ‘THING’, USUALLY.It’s the temperature of the living room that matters, not the temperature sensor that measures it. It’s the speed at which I am running that matters, not the movement sensors in my shoes. The context of the data is critical. A device ‘represents’ a thing, anything, and especially anyone*. Standard ontologies (structural frameworks for organizing information) of things will develop to provide context to turn data into information and allow that information to be shared and reused across applications, enterprises and community boundaries.

* Yes, you’re a thing in the IoT!

WHAT’S THE THING?

ONE THING, MANY DEVICES.

50 BILLION DEVICES, 8 BILLION PEOPLE BY 2020. Some things will have many devices that represent them, especially people. There will be many devices that represent you. You need to have control over them. Some of these devices will be dumb sensors, with minimal power, processing or storage capabilities. Some will be smart. They will all be connected to other devices in the IoT.

whyhub?

A HUB IS A CONNECTED, SMART SERVICE (RUNNING ON A DEVICE) WITH PROPERTIES THAT ALLOW PRODUCERS AND CONSUMERS OF DATA TO COME TOGETHER AND INTERACT. A hub can sit at the outer edge of a network or in a public or private cloud. Hubs will vary in the services they provide, some will provide simple store and forward capabilities, others will be more intelligent and provide extra services such as the management of other devices (implementing power, storage and processing capabilities). Some hubs will talk to other hubs. A hub may be a satellite of another hub. Hubs will allow developers to access APIs to develop additional applications or services. A Smart Phone is a composite device that acts as a sensor and a hub. Hubs will specialise to address different types of things; lots of different things will mean lots of hubs. Trust in hubs will be essential. If you can’t trust the hub, you can’t trust the data. Hubs must be gateways of trust. There’s a lot of trust to be built.

THINK GLOBALACT HYPERLOCALThe world is not homogeneous. The IoT will not be homogeneous. Many hubs, services and data aggregators will be oriented around communities with focus directed towards the concern of residents of locations. Many services delivered in the emerging global IoT will be ‘hyperlocal’. For example, services delivered on a university campus in the UK will address very different needs than services delivered to a hospital in India. No matter what service is delivered, the network from data source to service consumption must be safe and secure.

PEOPLE AS SENSORS “The Queue is Long”

People, and the devices that represent them, form a vital mobile sensor network which is accelerating at warp speed. The IoT will tap into our senses to capture information about things. Today, our brains act as a ‘bio-hub’ and our fingers transmit data ‘manually’. Tomorrow, new technologies will augment our senses and we may not need our fingers to transmit. Sharing information I collect with my eyes about the length of the queue at my coffee shop adds fresh data to the coffee shop thing. But, if I say the queue is long and you say it’s short, who will the world believe? Our virtual reputation will mean more in the future.

Virtual worlds rely on trusted foundations.

BONDINGHOW DO I KNOW THE LIGHT IS REALLY ON IN THE KITCHEN? OR THAT THE TEMPERATURE OF THE FRIDGE IS REALLY 3˚?

IF THE SENSOR WAS MOVED TO ANOTHER ROOM OR A DIFFERENT FRIDGE THE READING WOULD BE MISLEADING.

THE PROCESSES OF BONDING DEVICES TO THINGS IS A KEY STEP TO ENSURE TRUST IN THE SYSTEM.

Who has the authority to provision new devices and bond them to things? Who has the authority to decommission a device? Who is accountable for ensuring service levels are met across the network? Who do I trust to set up new services? Who do I trust to see the information? How do I know it is really them? How have they been authenticated onto the system? Who has permission to input new information into the system? Who sets the rules? Who audits the system? What security processes are in place across the network? These and other questions about authentication, authorisation and accountability will be key for reliable and trusted services to be delivered. Smart hubs will need to be at the centre of solutions to address them in a systematic way.

WHO’S IN CHARGE?

ME MY RULESMY DEVICES MY RULESMY DATA MY RULESMY EXPERIENCE MY RULES

PROVENANCEProvenance of data, from the French provenir ‘to come from’, refers to a combination of processes including:

• Authenticating the original source (originator) and ownership of data • Calibration of sensors • Ensuring licensing requirements and other obligations are fulfilled• Tracking data through all transformations and modifications

Effective provenance processes will allow defects and issues to be identified and analysed. Secure provenance refers to providing integrity and confidentiality guarantees to provenance information.

POWER TO THE DEVICE FOR DEVICES TO PROCESS, TRANSMIT AND STORE DATA THEY NEED POWER. A SYSTEM SHOULD KNOW THAT A BATTERY IS ABOUT TO RUN OUT BEFORE THE DEVICE GOES DARK. A reliable solution will require services to know the power needs of their devices, monitor and manage availability, and automatically schedule and perform maintenance. Primary hubs may need to rely on secondary hubs to provide some of these key support services.

HUBNETIoT systems that operate within information silos and monolithic stacks will have limited utility, be expensive to maintain and be limited to very niche markets. The rapid growth of the IoT will be built on networks of devices that communicate and exchange data with other devices. These connected devices, supported by ‘hub services’, must exhibit both syntactic and semantic ‘interoperability’, both vertically from data to user and horizontally from hub-to-hub. Syntactic interoperability refers to agreed standards around data formats, communication protocols and access policies. Semantic interoperability refers to the ability for multiple systems to interpret the information exchanged meaningfully and accurately in order to produce useful results. This will require unambiguous common information exchange reference models, ontologies and taxonomies, and open APIs.

HYPERCAT* IS A HYPERMEDIA CATALOGUE FORMAT DESIGNED FOR EXPOSING INFORMATION ABOUT IOT ASSETS OVER THE WEB. HyperCat is simple to work with and allows developers to publish linked-data descriptions of resources. It allows a server to provide a set of resources to a client, each with a set of semantic annotations. Implementers are free to choose or invent any set of annotations to suit their needs. A set of best practices and tools are currently under development. Where implementers choose similar or overlapping semantics, the possibilities for interoperability are increased.

* Hypercat was developed to solve a real need for interoperability amongst eight consortia projects funded by TSB (representing nearly 50 organisations) including: eyehub, DISTANCE, IoTBay, i-MOVE, International Airport, OpenIOT, Smart Streets & STRIDE.

See www.eyehubiot.com/hypercat for more details.

A NEW INFORMATION SUBSTRATEOur new virtual worlds must be constructed with great rigour, flexibility and extensibility. One elegant and integrated way to do this is by using a new information substrate known as ‘Smart Data’. Smart Data borrows extensible configuration characteristics from the world of online gaming and their underlying engines and tools. Smart Data extends these capabilities by addressing critical issues head on, such as: trusted collaboration, entitlement and policy management, authentication, auditability, analytics, data provenance, data security, and real time data exchange with the physical world of things.

SMART, SECURE HUBS USE SMART DATA. SMART DATA

Eyehub has a special focus on security of the IoT and the connected people, organisations and cities. Its flagship demonstration application (developed by Mangeplaces), MyGuardian, aims to protect students and university staff.

EyeHub is an open innovation IoT ecosystem and testbed, based at the University of Surrey’s campus and extending into the adjacent town of Guildford. It represents a contained small city complex with a ready made ecosystem of 1,000s of heterogeneous sensors, data managers, application developers, hardware researchers as well as businesses and citizens to serve. Eyehub is comprised of large and small organisations from the public and private sectors, building systems around a set of hubs, engineered by Flexeye. It uses Smart Data to model things and libraries. Other founding members of the consortia include: University of Surrey, IBM, Eseye, Axillium, NPL, Designswarm, Manageplaces and the ODI. Eyehub is exploring and sharing information around the themes laid out in this booklet, developing use cases and demonstration applications.

Find out more about us by visiting www.eyehubiot.com

whyeyehub?

JOIN USJOIN US.. in a quiet revolution to connect things, people, organisations, cities and nations - securely. EyeHub is an exciting collaboration between the public and private sectors, innovating in an area that has huge global potential. We are hosting a series of hackathons, developer forums, lunches and seminars to develop an ‘open innovation IoT ecosystem’. We are bringing together thought leaders to discuss critical topics under the theme ‘Driving Secure Internet of Things Innovation’ and experiment with models, ideas and technologies.

Please drop me an email at:lord.erroll@flexeye.com if you would like to join us.

Merlin ErrollLord Erroll, Chairman of the Flexeye Advisory Board

PS. To explore how Eyehub could help your organisation, please visit www.eyehubiot.com.