Does the IoT needs more standards? Yes because we all know that the more standards we have the better it is for the industry (sarcasm tag for those who haven’t gotten the irony).
And so unless the individual standardization bodies realize their need to address overlap between competing standards (which requires communication and coordination overhead for them) it will ultimately lead to a shake-out. Standards that die mean lost effort lost money and companies who may have built on something that didn’t last (hello BETAMAX). But ultimately it is the standards bodies themselves who will lose out completely. They don’t see it yet because most of them are very much used to the old and cosy status-quo of slow-moving industries like telecommunications, aerospace, energy, automotive etc.
IoT is a different beast: Software is eating the world and does not play by these old slow moving rules of old-industry. Software solution and service providers (often with large amount of code maintained public repositories like github with hundreds of contributors) are moving at a different speed. Innovation outpaces standards bodies capabilities to set anything in stone for the rest of the world. Speed matters and the fastest eats it all and later imposes their own standards. We have seen what the W3C pumped out until the early 2000 and how well things were aligned. Agile and fast moving companies like google dominating the market are now able to dictate what standards should look like. There are many more dangers in that such as the recent pushes of DRM to make it into an official W3 standard .
IMO the whole industry of standardization needs to catch up with the times if it wants to remain relevant in a world where innovation is mainly driven by invisible 0 and 1. One standards body that knows that probably best is the CSA and the W3C and they are quite well suited from a internal process/overhead perspective to cater to a fast moving software-defined environment like the IoT. All standards bodies need to realize that since they last checked with R&D departments there was a big shift in the way the SDLC has changed with Agile processes. If standardization is to remain relevant in software-defined products and services they are well suited to restructure how they interface with stakeholders.
But the biggest problem for now is that vendors have a hard time seeing through what looks like a maze in standardization.
When you realize as a vendor that you’ve backed the wrong horse, the game is over. It becomes extremely costly to reinvent your product. So in conclusion standards are great if we can agree what they are (duh!). But looking at the current list of standards below it isn’t exactly clear which standard an upcoming vendor should back. For the vendor backing a standard means putting resources into a WG and have them represent your ideas of what features are needed. Backing a standard costs real time and money especially for smaller players who work on faster lived projects than some aerospace company. And with real money I mean not just the money it costs to become a member.
There is an additional thing which is quite counter productive and where standards may even kill innovation (or depending on where you sit standards become irrelevant because the process of standardization is too heavy an overhead for these domains).
Also we have the myth of “Open Standards” or what some bodies call “open”. I’ve done personally a lot of volunteer work for certain standards groups to help them get attention in the maker and open source communities.
I did this for groups which I felt were open enough to be worth the effort. Also I did not monetize these evangelism efforts. My Beef with them? Most groups have some kind of way to let the general public participate and bring ideas. However it is the paying members who get to vote behind closed doors of what makes it into a standard and what doesn’t.
This means bigger companies who pay the most get the best voting power. Smaller vendors and start-ups are usually ignored. This is pretty unfair considering it’s them who provide the most disruptive innovation whereby the big guys prefer sustainability.
This is quite bad because in IoT there is plenty of room where the big guys can’t survive without disruption. Plenty of use-cases for this exist but my favourite example remains the case of implementing user-privacy friendly systems and truly distributed technologies where the data is not in the hands of some evil big player (hello Google) and in the domain of the general public.
Technologies like the blockchain could help for example to look at distribution or pseudonymity, privacy, and who holds the data from a totally new angle that goes way beyond a client-server based centralized data owner. However big players I know would not touch these technologies with a stick since it totally threatens their existing portfolio. (yes I know some versions of the blockchain have been proposed by governments and banks, and endorsed by big vendors however usually the implementation looks very much what you’d expect from such actors – namely that they can be controlled by their owner and therefore don’t count in this context).
Questions I’d love to throw out there:
- What can standardization do to address the overlap (do they need a master ring (standard) to “rule them all and in the darkness bind them” (LOTR reference ;-))
- What should standards (which call themselves “open”) do to integrate opinions of volunteers and the general public better? IMO there are ways to better include the maker community and open source contributors by giving them voting power so that they too can have a representative and voice.
Below is a list of the current standards proposed for the IoT. Note that many of them will wither and die within a few years and be totally forgotten. People contributing and supporting these walking-dead will realize they have backed the wrong horse. Must it come to this or will we find a way to divide the specific focus areas better among the players.
AIOTI – The Alliance for Internet of Things Innovation (AIOTI) was launched by the European Commission to support the development of a European IoT ecosystem, including standardization policies. https://ec.europa.eu/digital-single-market/en/alliance-internet-things-innovation-aioti
AllSeen Alliance – A 180-member industry group, the AllSeen Alliance promotes widespread adoption of an interoperable peer communications framework based on AllJoyn for devices and applications in IoT. https://allseenalliance.org/Cloud Security Alliance (CSA) — Internet of Things Workgroup extends and builds on the spec from ITU-T Y.2060 and looks at the aspects interfacing between cloud based systems and edge devices covered in ITU and other standards. https://cloudsecurityalliance.org/group/internet-of-things/
ETSI – ETSI’s Connecting Things effort is developing standards for data security, data management, data transport and data processing related to potentially connecting billions of smart objects into a communications network. http://www.etsi.org/technologies-clusters/clusters/connecting-things
IEC 62443/ISA99 – Industrial Automation and Control System Security Committee develops standards, technical reports and procedures for implementing secure industrial automation and control systems. http://isa99.isa.org/
IEEE (including P2413) – The IEEE has a dedicated IoT initiative and clearinghouse of information for the technical community involved in research, implementation, application and usage of IoT technologies. http://iot.ieee.org/
IERC – The European Research Cluster on the Internet of Things coordinates ongoing activities in the area of IoT across Europe. http://www.internet-of-things-research.eu/
Internet Engineering Task Force (IETF) – The Internet’s premier standards setting body has an IoT Directorate that is coordinating related efforts across its working groups, reviewing specifications for consistency, and monitoring IoT-related activities in other standards groups. https://trac.tools.ietf.org/area/int/trac/wiki/IOTDirWikiIIC – The Industrial Internet Consortium (IIC) has teamed up with the OIC to accelerate the delivery of an industrial grade IoT architectural framework. IIC released a reference architecture for IoT in 2015. http://www.industrialinternetconsortium.org/
Internet Governance Forum — IGF sponsors the Dynamic Coalition on IoT, which hosts open meetings to discuss global challenges that need to be addressed regarding IoT deployment. http://www.intgovforum.org/cms/component/content/article?id=1217:dynamic-coalition-on-the-internet-ofthings
Internet of Things Consortium – This industry group provides consumer research and market education aimed at driving adoption of IoT products and services. http://iofthings.org/#home
IoT Security Foundation (IoTSF) — A group purely dedicated to building standards for IoT Security https://iotsecurityfoundation.org/
IP for Smart Objects (IPSO) Alliance – Dedicated to enabling IoT, IPSO seeks to establish IP as the basis for connecting smart objects through education, research and promotion. http://www.ipso-alliance.org/
ISO/IECJTC-1 – ISO issued a preliminary report on IoT in 2014 as well as a Smart Cities report. The group has ongoing subcommittees in both areas. http://www.iso.org/iso/internet_of_things_report-jtc1.pdf
ISOC’s Internet of Food SIG – This special interest group leads discussion on the technical infrastructure standards needed for the food industry in the future. http://internet-of-food.org/
ITU – The ITU hosted an IoT Global Standards Initiative, which concluded its activities in July 2015, followed by the formation of a new Study Group 20 focused on IoT applications. http://www.itu.int/en/ITUT/studygroups/2013-2016/20/Pages/default.aspx
MAPI Foundation — The Manufacturers Alliance for Productivity and Innovation (MAPI) s developing Industrie 4.0 for industrial applications of IoT. https://www.mapi.net/forecasts-data/internet-things-industrie-40-vs-industrial-internet
OASIS – OASIS is developing open protocols to ensure interoperability for IoT. The group chose Message Queuing Telemetry Transport (MQTT) as its messaging protocol of choice for IoT and has optimized MQTTS-N for wireless sensor networks. OASIS has three technical committees in IoT overseeing MQTT and two other standards, Advanced Message Queuing Protocol (AMQP) and OASIS Open Building Information Exchange (oBIX). https://www.oasis-open.org/committees/tc_cat.php?cat=iot
oneM2M – Dedicated to developing machine-to-machine communications architecture and standards, this multi-vendor group is focused on telemedicine, industrial automation, and home automation. Its goal is a common M2M Service Layer that can be embedded in hardware and software. http://www.onem2m.org/
Online Trust Alliance – This group of security vendors has developed a draft trust framework for IoT applications, focused on security, privacy, and sustainability. https://otalliance.org/initiatives/internet-things
The Open Management Group – This technical standards consortium is developing several IoT standards, including Data Distribution Service (DDS) and Interaction Flow Modeling Language (IFML) along with dependability frameworks, threat modeling, and a unified component model for real-time and embedded systems. http://www.omg.org/hot-topics/iot-standards.htm
Open Web Application Security Project — OWASP sponsors an IoT Top Ten Project, which is designed to help manufacturers, developers, and consumers understand related security issues with its list of the most significant attack surface areas for IoT. https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project
Smart Grid Interoperability Panel — SGIP has an effort called EnergyIoT focused on new opportunities for IoT within the energy industry. The group’s OpenFMB is a utility-led project that is incorporating common utility data models and IoT communication protocols to create an Open Field Message Bus. http://www.sgip.org/cybersecurity/
Thread Group – This group of smart home vendors is developing a common networking protocol that will support IP-enabled devices in the home such as appliances, lighting, and security systems. http://threadgroup.org/About.aspxW3C Web of Things (WoT) — a EU FP7 supported project to identify use cases and requirements for open markets of applications and services based upon the role of Web technologies for a combination of the Internet of Things (IoT) with the Web of data. https://www.w3.org/WoT/
Valbonne Consulting provides Research & Consulting for emerging technologies in Internet/Web of Things (WoT/IoT/M2M) and Emerging-Tech. We specialise in decentralisation, security and privacy. We work across a variety of traditional industry verticals (Telecommunications, Automotive, Energy, ...). We support Open Source and technologies built on open standards.
Passionate about Open Source, GNU/Linux and Security since 1996. I write about future technology and how to make R&D faster. Expatriate, Entrepreneur, Adventurer and Foodie, currently living near Nice, France.