Soon, any device, near or far, could be connected and remotely managed. For the future, researchers are exploring ways to embed tiny sensors in buildings and bridges. Ingestible sensors will enable wellness monitoring in humans. This is the world of the internet of things (IoT).
Early IoT systems addressed stand-alone opportunities, relying on custom or single-vendor solutions. This only goes part of the way to realising the IoT’s mass market potential. The next step depends on different forms of interoperability. That can involve interchanging components from different suppliers in an IoT system.
At the device level, for example, a homeowner might want to mix smart light bulbs from different suppliers in their smart home system. Another way to look at interoperability involves the sharing of data across applications. In the consumer environment, users might want to combine data from a fitness tracker, a sleep-apnea device, an air-quality monitor, and other smart home devices.
Similarly, factory managers want a consolidated view of connected machinery data. This is useful for predictive maintenance purposes and to manage supply-chain linkages. Cross-silo interoperability lowers the risk of locking into proprietary platforms, data formats and data custodians.
Mixing-and-matching of technology components and data transfer across silos are examples of IoT interoperability. This is the challenge that the oneM2M standardisation body set out to solve on an international level and at global scale.
Horizontal Standard for Interoperable IoT
In 2012, a group of regional standardisation bodies launched the oneM2M Partnership Project (oneM2M). Its mission was to establish a standard for end-to-end and interoperable IoT systems. Standardisation partners sought to avoid regional variations and to promote global economies of scale, just like the mobile industry.
Interoperability has multiple forms. Vendor interoperability is the most obvious case. An everyday example is the way we can use mobile phones from different vendors on one network. Cross-silo interoperability applies to the sharing of IoT system resources. Here, one application accesses data from an unrelated sensor, or two applications might share data across silo boundaries.
The middleware capability, between applications and the connected devices and sensors is critical to enabling interoperability. This is what oneM2M standardises through a three-layer, horizontal architecture. It enables data to flow in a meaningful and machine-readable way by providing developers with a range of common service functions. Examples include identity management, registration, location tracking and security, among others. They are known as ‘common services’ because they are required and reusable in almost every IoT system, whether it involves a wearable watch or a vehicle tracking device.
Use of common service functions and open-standard tools permits linkages between IoT systems to enable federated interoperability. One of the many benefits of the horizontal approach is that developers can use the same set of tools to build and cross-connect applications for public safety, smart cities, intelligent transport, and other purposes.
Three Approaches to IoT Security
There are at least three approaches to handling security in IoT systems. One is to transfer the problem by relying on a third-party service provider. This might be a telecommunication network operator or a cloud infrastructure provider, for example. There are cost and efficiency implications relative to an in-house approach. A third-party provider approach introduces some risk of locking into a single vendor or a proprietary system. That can make it potentially costly and difficult to move to a different provider later.
A second approach is to apply a set of procedural guidelines that institutionalise security as an organisational habit. Procedural measures still leave a space for complementary technology solutions. This is the third approach.
As a technical body, oneM2M defines a generalised technical architecture for IoT systems complemented by a set of security tools and technologies. These implement procedural tasks associated with security administration, the establishment of security associations, access control (identification, authentication, and authorisation), secure communications and identity management.
oneM2M is an extensible standard, meaning that it can evolve systematically to address new industry needs and to incorporate technology innovation, which is especially relevant for ensuring state-of-the-art security and privacy.
For example, Release 2 added end-to-end encrypted set-up messages and message content, so that intermediate nodes in the path do not need to be trusted. Releases 3 and 4 of the standard added security and privacy features to identify and authorise human users. At the same time, there are features to protect their privacy as required by local regulations, such as GDPR (Europe) and PIPA (Korea).
System of Systems for Cross Domain Interoperability
oneM2M’s horizontal architecture and extensible set of common service functions are the result of an analysis of multiple IoT use cases across several industry domains. They address recurring requirements in IoT systems across multiple industry verticals.
While the standard adds value to stand-alone IoT systems, it is more powerful in complex, interoperable, and multi-party situations. Examples of where this arises are in smart cities, multi-tenant office buildings, multi-modal transport systems, sustainable supply chains and factories of the future.
A global standard makes it easier to mix-and-match vendor offerings and to enable data sharing across organisational boundaries. These principles are one of the reasons why the ITU’s standardisation section approved the transposition of oneM2M’s reference architecture to an international level. That process began in 2015. Now, work is nearing finalisation to include oneM2M’s security solutions from subsequent enhancements to the standard.
Ken Figueredo is founder of More With Mobile and Senior Representative of the IoT industry standardisation body oneM2M.