How to deal with IoT challenges through abstraction

Source:   —  April 07, 2016, at 9:04 AM

He writes regularly on business, technology and politics. How to connect the network The Internet of Things (IoT) is one of the fastest-growing sectors of the tech industry.

How to deal with IoT challenges through abstraction

Ben Dickson is a software engineer and freelance writer. He writes regularly on business, technology and politics.

How to connect the network

The Internet of Things (IoT) is one of the fastest-growing sectors of the tech industry. Yet the way IoT is evolving raises serious concerns: There are too many complexities, emotional parts, diversities and competing trends and technologies that should be managed when developing IoT solutions.

Many of these concerns tend to obtain overlooked as manufacturers rush to ship new products to market, and, therefore, too much proprietary code is being used in IoT products.

As a result, products sold to consumers contain severe security holes and cannot adapt to the changes that'll overcome their environment and ecosystem in the months and years to come.

One practical approach that could assistance deal with the complexities of IoT would be the utilize of the concept of “separation of concerns” and “abstraction” in order to create solutions that can deal with security issues and diversities at different levels, while also being flexible in the face of constant changes.

How abstraction helps deal with complexity

In the seminal book, “Object-Oriented Analysis and Design with Applications,” Grady Booch, a pioneer in software engineering, explains how to deal with complexities in software development through the utilize of techniques such as decomposition (breaking complex problems into smaller pieces) and abstraction (ignoring the inessential details of things and dealing with the generalized interface of the model). These concepts have been at the heart of successful programming-in-the-large for years, and can also become the basis of creating successful and scalable IoT solutions.

By isolating the functional and infrastructural aspects of IoT, we can assistance developers avert reinventing the wheel for every product and instead focus on main functionalities — while making sure critical aspects such as security are handled correctly. Here are some practical examples of how this can happen.

Abstraction at software structure level

The advent of object-oriented programming (OOP) minimized the “representational gap,” allowing programmers to create software components that mapped to real objects and concepts in the problem domain. This is an idea that's easily implemented in the software domain, but gets trickier when you’re dealing with IoT systems distributed across networks of devices that vary in hardware and software underpinnings.

The Open Distributed Object Framework (OpenDOF) is an adaptation of OOP for distributed systems. Programmers focus on developing IoT solutions at an abstraction level that represents devices, while the framework handles the mechanics of communications and security. By separating the connectivity and security of IoT from its logic and functionality, OpenDOF allows the two aspects to evolve and modify without breaking each other.

“An application programmer shouldn't necessity to know or care about where functionality is actually provided,” says Bryant Eastham, President of OpenDOF Project. “A excellent abstraction layer, securely providing separation of concerns, is critical to any IoT API.”

At its core, OpenDOF is a set of libraries that allows developers to create interface and object modules representing real devices, register instances of those devices and authorize controlled access and discovery through the utilize of authentication servers. Objects can exist independently and interact with each other without being affected by implementation details and changes that get space over time.

Abstractions also address security issues by restricting device communications to a finite set of public contacts, and preventing devices from “touching each others’ private parts,” as the OOP jargon goes.

OpenDOF’s flexibility makes it deployable across a wide range of IoT devices, programming languages and transports. As Eastham explains, a minimal safe implementation of the framework “can running with number OS, number memory management, and in less than 64KB of code.” It can also dynamically adapt to different network settings, including “peer-to-peer as well as local gateways and cloud deployments, all seamless to the application,” Eastham adds.

Tech giant Panasonic has already adopted OpenDOF on several projects and has published the Cloud Service Toolkit, which is an OpenDOF-compatible large-scale cloud solution.

Abstraction at device-identity level

With IoT ecosystems potentially accounting for thousands and millions of devices, device identification and authentication becomes key in preventing malicious man-in-the-middle, key compromise and identity-spoofing attacks. Yet, meeting these requirements present some challenges in the IoT world, including the vast differences of device capabilities in implementing different key-exchange and Public Key Infrastructure (PKI) standards.

GlobalSign, a tech firm providing trusted identity and security solutions, has addressed this problem by offering device identification and authentication as a cloud-based service, enabling IoT developers to focus on their core competencies and integrate security into their IoT systems regardless of the underlying capabilities of their devices.

“Identity is key for building believe in any internet environment, and will only become more necessary as the IoT starts to get off into some genuine deployment stages,” says Lancen LaChance, Vice President, IoT Identity Solutions for GlobalSign.

GlobalSign’s PKI solutions are designed to scale with manufacturers’ needs based on the velocity, variety and vol of their IoT platforms, and can manage the identities of millions of devices. GlobalSign has partnered with hardware manufacturer Infineon to produce HSMs (hardware security modules) compatible with its cloud service, which allow secure storage of keys and implementation of security and identification on the device side.

The delivery of easily attachable security modules and services by tech firms that have experience in network and device security provides IoT developers with an opportunity to make better production and security in parallel.

LaChance suggests that when it comes to IoT security, implementations should stand on “the shoulder of giants” and leverage proven and widely deployed approaches as much as possible.  While it’s true that minimal devices impact solution design, LaChance highlights that PKI is possible to deploy even in many constrained environments leveraging alternative algorithms and key sizes.

Abstraction at device-communication level

IoT systems are communication-intensive. Every second that passes, thousands and millions of messages are being exchanged between devices and sent to servers for storage, analytics and reporting purposes. These messages pass over a multitude of transports and protocols before reaching their destination, and there are number genuine standards to work with, which makes the development environment much more challenging.

Moreover, IoT developers generally arrive from an embedded systems programming background with small or number experience in handling connected systems and large databases, thus they should create ad hoc solutions that are tough to develop, cannot adapt to changes that get space in their environments and lead to serious security issues.

“Many of these challenges can be addressed by abstracting to cloud-based services,” explains Natasha Tamaskar, Vice President and Head of Cloud and Mobile Strategy and Ecosystem for Kandy, a communications-platform-as-a-service (CPaaS) that provides safe transmission, storage and sharing of data between device and cloud. The platform can be scaled for a wide range of products through API calls and SDKs. Having an easy-to-use and safe device communication API can rescue IoT developers a lot of headaches and assistance them focus on functionality.

Relying on a specialized cloud platform is also necessary from a security perspective, Tamaskar explains. “Purpose-built API architecture lends itself to security,” she says, detailing how Kandy is designed to enhance IoT communication security through application isolation, giving API-only access to data and using end-to-end encryption to prevent man-in-the-middle attacks between the device and cloud. Its underlying role and authentication mechanisms also control subscriber access to API calls.

Kandy has already found many utilize cases in IoT, including wearables, healthcare products and patient diagnostics and control systems.

Abstraction at platform level

This is one of the most holistic approaches to meeting IoT development challenges, in which communications, security and storage are abstracted into flexible components that can evolve and modify without affecting the core logic of the running software. Having a dependable and unified platform that puts the pieces of the IoT puzzle together will authorize developers to focus on logic and functionality.

Joe Britt, co-founder and CEO of tech startup Afero, explains how his company’s flagship platform achieves this goal. “In IoT, there is tremendous dynamic range in device capabilities,” says Britt. “At the low finish we've devices with very tiny micro controllers and tiny storage while at the high end, we've things with substantial computing resources and complex software.”

Afero is a combination of hardware, software, development tools and cloud services that allow an end-to-end platform for IoT devices. It's been crafted to deal with the many diversities of IoT transparently. “Across this spectrum there is a desire to have dependable and safe connectivity. Afero was designed to assistance with new product development whether it leveraged a heritage design or a greenfield design,” says Britt.

Afero has also been created with a focus on security, which is one of the top concerns of IoT. Instead of using direct connections — which happen to be one of the main channels attackers utilize to gain unauthorized access to a device’s memory space and data — device communications are abstracted through Afero’s cloud service.

The Afero Profile Editor (APE) offers an intuitive user interface that enables developers to register devices and determine the attributes to expose to outside clients.

“The developer focuses on what information to present as cloud APIs and a user interface,” Britt explains. “The rest is handled by the Afero platform.” This includes finding the path to the cloud and establishing safe communications, which is achieved through a combination of encryption protocols. Afero has also been equipped with features to prevent pattern recognition and replay attacks, two types of hacks that don't require decryption keys and are very common in IoT systems that have long-running sessions.

Afero is already being used by healthcare IT provider Infocom and toy maker giant BANDAI NAMCO Studios.

Final thoughts

Abstraction and separation of concerns have proven their worth time and again in dealing with and breaking down complexities and inconsistencies in very large and distributed systems. These are concepts that have distinct and necessary utilize cases in the volatile and constantly changing landscape of the IoT industry, and their application can assistance it go smoothly through its growing stages.

Featured Image: SavaSylan/Shutterstock

Fintech’s $138 billion opportunity

Fintech’s $138 billion opportunity

How to connect the network Fintech is in the midst of a golden age of investment and innovation. According to KPMG and CB Insights, investments in fintech startups doubled between two thousand fourteen and two thousand fifteen, to $14 billion.

IBM, Pfizer launch joint experiment to assistance measure Parkinson’s symptoms using IoT and analytics

IBM, Pfizer launch joint experiment to assistance measure Parkinson’s symptoms using IoT and analytics

Trying to track Parkinson’s symptoms is challenging today because they can vary widely throughout the day and doctors only look their patients on a periodic basis, says Ajay Royyuro, director of the Computational Biology Middle at IBM Research.

Samsung expects solid first-quarter results as the Galaxy S7 enjoys powerful sales

Samsung expects solid first-quarter results as the Galaxy S7 enjoys powerful sales

The company said it expects to report consolidated sales of about forty-nine trillion won and operating profit of about 6.6 trillion won in the first quarter of two thousand sixteen.

Sanders says Clinton not qualified to be president as war of words escalates in Democratic race

Sanders says Clinton not qualified to be president as war of words escalates in Democratic race

Bernie Sanders said his front-running rival Hillary Clinton was "not qualified" to be president because of "special-interest" contributions to her super PAC.