IOT UNIT - I.pdf
Document Details
Uploaded by Deleted User
Tags
Full Transcript
Internet of Things UNIT-I Internet of Things: Introduction, Characteristics of IoT, Major components of IoT, Building blocks of IoT, The physical design of IoT, Logical design of IoT, Greenfield and Brownfield IoT, Overview of Governance, Privacy and Security Issues....
Internet of Things UNIT-I Internet of Things: Introduction, Characteristics of IoT, Major components of IoT, Building blocks of IoT, The physical design of IoT, Logical design of IoT, Greenfield and Brownfield IoT, Overview of Governance, Privacy and Security Issues. Introduction to Internet of Things (IoT) IoT stands for Internet of Things. It refers to the interconnectedness of physical devices, such as appliances and vehicles, that are embedded with software, sensors, and connectivity which enables these objects to connect and exchange data. This technology allows for the collection and sharing of data from a vast network of devices, creating opportunities for more efficient and automated systems. Internet of Things (IoT) is the networking of physical objects that contain electronics embedded within their architecture in order to communicate and sense interactions amongst each other or with respect to the external environment. In the upcoming years, IoT-based technology will offer advanced levels of services and practically change the way people lead their daily lives. Advancements in medicine, power, gene therapies, agriculture, smart cities, and smart homes are just a few of the categorical examples where IoT is strongly established. IOT is a system of interrelated things, computing devices, mechanical and digital machines, objects, animals, or people that are provided with unique identifiers and the ability to transfer the data over a network requiring human-to-human or human-to- computer interaction. Internet of Things refers to the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, and network connectivity, allowing them to collect and exchange data. The IoT enables these devices to interact with each other and with the environment and enables the creation of smart systems and services. Some examples of IoT devices include: Smart home devices such as thermostats, lighting systems, and security systems. Wearables such as fitness trackers and smart watches. Healthcare devices such as patient monitoring systems and wearable medical devices. Industrial systems such as predictive maintenance systems and supply chain management systems. Transportation systems such as connected cars and autonomous vehicles. The IoT is transforming various industries, from healthcare and manufacturing to transportation and energy. IoT devices generate vast amounts of data, which can be --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-1 analyzed to improve operations, drive innovation, and create new business opportunities. IoT systems are typically composed of several components, including IoT devices, communication networks, gateways, and cloud-based data processing and storage systems. IoT devices use sensors and other technologies to collect data, and then send that data to the cloud for analysis and storage. The cloud also provides a centralized platform for managing and controlling IoT devices and networks. IoT development involves a wide range of technologies, including wireless communication protocols, cloud computing, big data analytics, machine learning, and security technologies. Overall, the IoT is a rapidly growing and evolving field that has the potential to revolutionize a wide range of industries and transform the way we live and work. As IoT devices and systems become increasingly widespread, the opportunities for innovation and growth in this field will continue to expand. According to the definition of IoT, It is the way to interconnect with the help of internet devices that can be embedded to implement the functionality in everyday objects by enabling them to send and receive data. Today data is everything and everywhere. Hence, IoT can also be defined as the analysis of the data that generates a meaningful action, triggered subsequently after the interchange of data. IoT can be used to build applications for agriculture, assets tracking, energy sector, safety and security sector, defense, embedded applications, education, waste management, healthcare product, telemedicine, smart city applications, etc. Real Life Example of Working of IoT In our data to day life, we use many IoT based devices. Some of them are: Nowadays, many people wear smart watches which is none other than an IoT device. It contains an accelerometer that measures the number of steps taken, detects hand movements, etc. Using (GPS), these devices can determine your location and compute the distances traveled. There are many IoT devices which are now making your home smart. You can lock/unlock you doors using an application. There are many devices designed which has sensors that can detect any type of mishappening in your home, eg: Glass break, smoke, heat, motion detectors, etc. Not only this, IoT devices can also help in disaster management. They help in detection of temperature, carbon content in the region. In case of any forest fire, these devices send an alert to the control room, fire department. There are many more IoT devices that we are using in our daily life like smart phones, smart cars, biometric attendance, face detection lock/unlock, etc. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-2 Is the Cloud necessary for IoT? It is possible to build an IoT system without cloud-based platforms. But, it may need more complex infrastructure to handle the data and storage. But there are some benefits of the Cloud for IoT as below: Scalability: Cloud-based platforms can handle large amounts of data. It can support many devices. Remote Access: It allows remote access and control of IoT devices. Data Processing and Storage: Cloud-based platforms can perform complex data processing and storage tasks. Security: Cloud-based platforms can provide security features like encryption and authentication. How does an IoT System Actually Works? An IoT device basically uses data from the surroundings or the inputs from the user and then analyzes that data. So firstly, sensors collect data from the environment. It could be one sensor or a collection of sensors (called devices). They collect the data, which is used later. Examples of sensors can be GPS, LDR, temperature sensors, etc. Next, the collected data by the sensor is sent to the cloud via some connection. These connections can be WiFi, LAN, satellite, Bluetooth, etc. Once the data reached the cloud, the software reads and analyzes the data according to the program written in it. This typically includes the processing of data to give predictions. Examples of data processing can be reading temperature values, reading weather conditions, processing any image, etc. The most important part of this process is sending this information to the user. This can be done by creating a user inference and showing them the processed data. This includes alerting the users when the temperature becomes high, alerting them about the weather conditions, etc. History of IOT 1982 – Vending machine: The first glimpse of IoT emerged as a vending machine at Carnegie Mellon University was connected to the internet to report its inventory and status, paving the way for remote monitoring. 1990 – Toaster: Early IoT innovation saw a toaster connected to the internet, allowing users to control it remotely, foreshadowing the convenience of smart home devices. 1999 – IoT Coined (Kevin Ashton): Kevin Ashton coined the term “Internet of Things” to describe the interconnected network of devices communicating and sharing data, laying the foundation for a new era of connectivity. 2000 – LG Smart Fridge: The LG Smart Fridge marked a breakthrough, enabling users to check and manage refrigerator contents remotely, showcasing the potential of IoT in daily life. 2004 – Smart Watch: The advent of smart watches introduced IoT to the wearable tech realm, offering fitness tracking and notifications on-the-go. 2007 – Smart iPhone: Apple’s iPhone became a game-changer, integrating IoT capabilities with apps that connected users to a myriad of services and devices, transforming smartphones into hubs. 2009 – Car Testing: IoT entered the automotive industry, enhancing vehicles with sensors for real-time diagnostics, performance monitoring, and remote testing. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-3 2011 – Smart TV: The introduction of Smart TVs brought IoT to the living room, enabling internet connectivity for streaming, app usage, and interactive content. 2013 – Google Lens: Google Lens showcased IoT’s potential in image recognition, allowing smart phones to provide information about objects in the physical world. 2014 – Echo: Amazon’s Echo, equipped with the virtual assistant Alexa, demonstrated the power of voice-activated IoT, making smart homes more intuitive and responsive. 2015 – Tesla Autopilot: Tesla’s Autopilot system exemplified IoT in automobiles, introducing semi-autonomous driving capabilities through interconnected sensors and software. Four Key Components of IOT Device or sensor Connectivity Data processing Interface IoT is network of interconnected computing devices which are embedded in everyday objects, enabling them to send and receive data. Over 9 billion ‘Things’ (physical objects) are currently connected to the Internet, as of now. In the near future, this number is expected to rise to a whopping 20 billion. Different types of Sensors Temperature Sensors Image Sensors Gyro Sensors Obstacle Sensors RF Sensor IR Sensor MQ-02/05 Gas Sensor LDR Sensor Ultrasonic Distance Sensor Control Units: It is a unit of small computer on a single integrated circuit containing microprocessor or processing core, memory and programmable input/output devices/peripherals. It is responsible for major processing work of IoT devices and all logical operations are carried out here. Cloud computing: Data collected through IoT devices is massive, and this data has to be stored on a reliable storage server. This is where cloud computing comes into play. The data is processed and learned, giving more room for us to discover where things like electrical faults/errors are within the system. Availability of big data: We know that IoT relies heavily on sensors, especially in real-time. As these electronic devices spread throughout every field, their usage is going to trigger a massive flux of big data. Networking connection: In order to communicate, internet connectivity is a must, where each physical object is represented by an IP address. However, there are only a limited number of addresses available according to the IP naming. Due to the growing number of devices, this naming system will not be feasible anymore. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-4 Therefore, researchers are looking for another alternative naming system to represent each physical object. Ways of Building IOT There are two ways of building IoT: Form a separate internet work including only physical objects. Make the Internet ever more expansive, but this requires hard-core technologies such as rigorous cloud computing and rapid big data storage (expensive). In the near future, IoT will become broader and more complex in terms of scope. It will change the world in terms of “anytime, anyplace, anything in connectivity.” IoT Enablers RFIDs: uses radio waves in order to electronically track the tags attached to each physical object. Sensors: devices that are able to detect changes in an environment (ex: motion detectors). Nanotechnology: as the name suggests, these are tiny devices with dimensions usually less than a hundred nanometers. Smart networks: (ex: mesh topology). Working with IoT Devices Collect and Transmit Data: For this purpose sensors are widely used they are used as per requirements in different application areas. Actuate device based on triggers produced by sensors or processing devices: If certain conditions are satisfied or according to user’s requirements if certain trigger is activated then which action to perform that is shown by Actuator devices. Receive Information: From network devices, users or devices can take certain information also for their analysis and processing purposes. Communication Assistance: Communication assistance is the phenomenon of communication between 2 networks or communication between 2 or more IoT devices of same or different networks. This can be achieved by different communication protocols like: MQTT, Constrained Application Protocol, ZigBee, FTP, HTTP etc. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-5 Characteristics of the Internet of Things The Internet of Things (IoT) is characterized by the following key features that are mentioned below. 1. Connectivity Connectivity is an important requirement of the IoT infrastructure. Things of IoT should be connected to the IoT infrastructure. Anyone, anywhere, anytime can connect, this should be guaranteed at all times. For example, the connection between people through Internet devices like mobile phones, and other gadgets, also a connection between Internet devices such as routers, gateways, sensors, etc. 2. Intelligence and Identity The extraction of knowledge from the generated data is very important. For example, a sensor generates data, but that data will only be useful if it is interpreted properly. Each IoT device has a unique identity. This identification is helpful in tracking the equipment and at times for querying its status. 3. Scalability The number of elements connected to the IoT zone is increasing day by day. Hence, an IoT setup should be capable of handling the massive expansion. The data generated as an outcome is enormous, and it should be handled appropriately. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-6 4. Dynamic and Self-Adapting (Complexity) IoT devices should dynamically adapt themselves to changing contexts and scenarios. Assume a camera meant for surveillance. It should be adaptable to work in different conditions and different light situations (morning, afternoon, and night). 5. Architecture IoT Architecture cannot be homogeneous in nature. It should be hybrid, supporting different manufacturers ‘ products to function in the IoT network. IoT is not owned by anyone engineering branch. IoT is a reality when multiple domains come together. 6. Safety There is a danger of the sensitive personal details of the users getting compromised when all his/her devices are connected to the internet. This can cause a loss to the user. Hence, data security is the major challenge. Besides, the equipment involved is huge. IoT networks may also be at risk. Therefore, equipment safety is also critical. 7. Self Configuring This is one of the most important characteristics of IoT. IoT devices are able to upgrade their software in accordance with requirements with a minimum of user participation. Additionally, they can set up the network, allowing for the addition of new devices to an already-existing network. 8. Interoperability IoT devices use standardized protocols and technologies to ensure they can communicate with each other and other systems. Interoperability is one of the key characteristics of the Internet of Things (IoT). It refers to the ability of different IoT devices and systems to communicate and exchange data with each other, regardless of the underlying technology or manufacturer. Interoperability is critical for the success of IoT, as it enables different devices and systems to work together seamlessly and provides a seamless user experience. Without interoperability, IoT systems would be limited to individual silos of data and devices, making it difficult to share information and create new services and applications. To achieve interoperability, IoT devices, and systems use standardized communication protocols and data formats. These standards allow different devices to understand and process data in a consistent and reliable manner, enabling data to be exchanged between devices and systems regardless of the technology used. Examples of standards used in IoT MQTT (Message Queuing Telemetry Transport): MQTT (Message Queuing Telemetry Transport) is a publish/subscribe communication protocol used for IoT device communication. CoAP (Constrained Application Protocol): CoAP (Constrained Application Protocol) is a lightweight communication protocol for IoT devices with limited resources. Bluetooth Low Energy (BLE): Bluetooth Low Energy is a wireless communication technology used for IoT devices with low power consumption requirements. Wi-Fi: A wireless communication technology used for IoT devices that require high data transfer rates. Zigbee: A low-power, low-cost wireless communication technology used for IoT devices. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-7 In addition to communication protocols, IoT systems may also use data formats such as JSON or XML to ensure that data can be exchanged and processed consistently across different systems. Overall, interoperability is essential for creating a seamless IoT ecosystem, where devices and systems can work together to deliver new and innovative services and applications. 9. Embedded Sensors and Actuators Embedded sensors and actuators are critical components of the Internet of Things (IoT). They allow IoT devices to interact with their environment and collect and transmit data. Sensors are devices that can detect changes in the environment, such as temperature, light, sound, or movement. In IoT systems, sensors are embedded into devices, allowing them to collect data about the environment. Actuators are devices that can interact with the environment, such as turning on lights, opening or closing doors, or controlling the speed of a motor. In IoT systems, actuators are embedded into devices, allowing them to perform actions based on data collected by sensors. Together, sensors and actuators allow IoT devices to collect data about the environment, process that data, and take action based on the results. This makes it possible to automate a wide range of processes and tasks, such as home automation, energy management, and predictive maintenance. In order to ensure that sensors and actuators can communicate with each other and with other devices and systems, they use standardized communication protocols, such as Bluetooth Low Energy (BLE), Zigbee, or Wi-Fi. Overall, embedded sensors and actuators are essential components of IoT systems, enabling them to collect and process data and interact with their environment in new and innovative ways. IoT devices are equipped with sensors and actuators that allow them to collect and transmit data, as well as to interact with the environment. 10. Autonomous operation Autonomous operation refers to the ability of IoT devices and systems to operate independently and make decisions without human intervention. This is a crucial characteristic of the Internet of Things (IoT) and enables a wide range of new applications and services. In IoT systems, devices and systems are equipped with sensors, actuators, and processing power, allowing them to collect and process data about the environment, make decisions based on that data, and take action accordingly. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-8 Desired Quality of any IoT Application Interconnectivity It is the basic first requirement in any IoT infrastructure. Connectivity should be guaranteed from any devices on any network then only devices in a network can communicate with each other. Heterogeneity There can be diversity in IoT enabled devices like different hardware and software configuration or different network topologies or connections, but they should connect and interact with each other despite so much heterogeneity. Dynamic in Nature IoT devices should dynamically adapt themselves to the changing surroundings like different situations and different prefaces. Self-adapting and self configuring technology For example, surveillance camera. It should be flexible to work in different weather conditions and different light situations (morning, afternoon, or night). Intelligence Just data collection is not enough in IoT, extraction of knowledge from the generated data is very important. For example, sensors generate data, but that data will only be useful if it is interpreted properly. So intelligence is one of the key characteristics in IoT. Because data interpretation is the major part in any IoT application because without data processing we can’t make any insights from data. Hence, big data is also one of the most enabling technologies in IoT field. Scalability The number of elements (devices) connected to IoT zones is increasing day by day. Therefore, an IoT setup should be capable of handling the expansion. It can be either expand capability in terms of processing power, storage, etc. as vertical scaling or horizontal scaling by multiplying with easy cloning. Identity Each IoT device has a unique identity (e.g., an IP address). This identity is helpful in communication, tracking and to know status of the things. If there is no identification then it will directly affect security and safety of any system because without discrimination we can’t identify with whom one network is connected or with whom we have to communicate. So there should be clear and appropriate discrimination technology available between IoT networks and devices. Safety Sensitive personal details of a user might be compromised when the devices are connected to the Internet. So data security is a major challenge. This could cause a loss to the user. Equipment in the huge IoT network may also be at risk. Therefore, equipment safety is also critical. Architecture --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-9 It should be hybrid, supporting different manufacturer’s products to function in the IoT network. As a quick note, IoT incorporates trillions of sensors, billions of smart systems, and millions of applications. Application Domains IoT is currently found in four different popular domains: 1) Manufacturing/Industrial business - 40.2% 2) Healthcare - 30.3% 3) Security - 7.7% 4) Retail - 8.3% Modern Applications Smart Grids and energy saving Smart cities Smart homes/Home automation Healthcare Earthquake detection Radiation detection/hazardous gas detection Smartphone detection Water flow monitoring Traffic monitoring Wearables Smart door lock protection system Robots and Drones Healthcare and Hospitals, Telemedicine applications Security Biochip Transponders (For animals in farms) Heart monitoring implants (Example Pacemaker, ECG real time tracking) Agriculture Industry Major Components of IoT There are 5 major components of IoT (Internet of Things) - Devices or Sensors, Gateway, Cloud, Analytics and User Interface: 1. Sensors or Devices Sensors or Devices are basically used to collect and transmit the data and also perform actions based on those data. For example, the sensors can be used for measuring temperature and humidity. There are different types of sensors; here are as follows: Temperature Sensors, Humidity Sensors, Proximity Sensors, Motion Sensors, Light Sensors, Pressure Sensors, Gas Sensors, and GPS Sensors 2. Gateway Gateway is also a device component that basically acts as an intermediate between the sensors and the central cloud. Gateway is one of the essential components of IoT that offers communication, management, and data processing. Here are some of the --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-10 functions of Gateway in IoT: Data Aggregation, Communication, Security, Protocol Translation, Load Balancing, and Latency Reduction. 3. Cloud Cloud in IoT refers to the service that provides the management, storage, and processing of the data that is generated by IoT (Internet of Things) devices. Here are some key aspects of Cloud in IoT: Data Storage, Data Collection, Security, Connectivity, Integration, and Cost Efficiency. 4. Analytics This is the crucial component of IoT that basically harness the potential of IoT. In analytics, meaningful insights are analyzed that are generated by IoT devices and sensors. There are some functions included in Analytics, such as data processing, machine learning, and statistical analysis. Here are some of the applications of analytics in IoT: Anomaly Detection, Environmental Monitoring, Energy Management, Smart Cities, and Agriculture. 5. User Interface User Interface, also known as UI in the Internet of Things (IoT) and provides an interface by which the users can interact with the applications and systems. Here are some of the key points in the user interface of IoT (Internet of Things): Data Visualization, User-Friendly Design, Personalization, Remote Management, Integration, Authentication, and Security. Advantages of IoT Improved efficiency and automation of tasks. Increased convenience and accessibility of information. Better monitoring and control of devices and systems. Greater ability to gather and analyze data. Improved decision-making. Cost savings. Disadvantages of IoT Security concerns and potential for hacking or data breaches. Privacy issues related to the collection and use of personal data. Dependence on technology and potential for system failures. Limited standardization and interoperability among devices. Complexity and increased maintenance requirements. High initial investment costs. Limited battery life on some devices. Concerns about job displacement due to automation. Limited regulation and legal framework for IoT, which can lead to confusion and uncertainty. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-11 Major Components of Internet of Things 1. Smart devices and sensors – Device connectivity Devices and sensors are the components of the device connectivity layer. These smart sensors are continuously collecting data from the environment and transmit the information to the next layer. The latest techniques in semiconductor technology are capable of producing micro smart sensors for various applications. Common sensors are: Temperature sensors and thermostats Pressure sensors Humidity / Moisture level Light intensity detectors Moisture sensors Proximity detection RFID tags How are the devices connected? Most modern smart devices and sensors can be connected to low-power wireless networks like Wi-Fi, ZigBee, Bluetooth, Z-wave, LoRAWAN, etc. Each of these wireless technologies has its pros and cons in terms of power, data transfer rate, and overall efficiency. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-12 Developments in low-power, low-cost wireless transmitting devices are promising in the area of IoT due to their long battery life and efficiency. Many companies have adopted the latest protocols like 6LoWPAN- IPv6 over Low Power Wireless Personal Area Networks to implement energy-efficient data transmission for IoT networks. 6LoWPAN uses reduced transmission time (typically short time pulses) and thus saves energy. 2. Gateway IoT Gateway manages the bidirectional data traffic between different networks and protocols. Another function of the gateway is to translate different network protocols and make sure interoperability of the connected devices and sensors. Gateways can be configured to perform pre-processing of the collected data from thousands of sensors locally before transmitting it to the next stage. In some scenarios, it would be necessary due to the compatibility of the TCP/IP protocol. IoT gateway offers a certain level of security for the network and transmitted data with higher-order encryption techniques. It acts as a middle layer between devices and the cloud to protect the system from malicious attacks and unauthorized access. 3. Cloud The Internet of Things creates massive data from devices, applications, and users, which has to be managed in an efficient way. IoT cloud offers tools to collect, process, manage and store huge amounts of data in real time. Industries and services can easily access these data remotely and make critical decisions when necessary. Basically, the IoT cloud is a sophisticated, high-performance network of servers optimized to perform high-speed data processing of billions of devices, traffic --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-13 management, and deliver accurate analytics. Distributed database management systems are one of the most important components of the IoT cloud. Cloud system integrates billions of devices, sensors, gateways, protocols, and data storage and provides predictive analytics. Companies use these analytics data to improve products and services, preventive measures for certain steps, and build their new business model accurately. 4. Analytics Analytics is the process of converting analog data from billions of smart devices and sensors into useful insights which can be interpreted and used for detailed analysis. Smart analytics solutions are inevitable for IoT systems for the management and improvement of the entire system. One of the major advantages of an efficient IoT system is real-time smart analytics which helps engineers to find out irregularities in the collected data and act fast to prevent an undesired scenario. Service providers can prepare for further steps if the information is collected accurately at the right time. Big enterprises use the massive data collected from IoT devices and utilize the insights for their future business opportunities. Careful analysis will help organizations to predict trends in the market and plan ahead for a successful implementation. Information is very significant in any business model, and predictive analysis ensures success in the concerned area of the business line. 5. User interface --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-14 User interfaces are the visible, tangible part of the IoT system which users can access. It is one of the significant components of Internet of things where user control the system and collect information. Designers will have to make sure of a well-designed user interface for minimum effort for users and encourage more interactions. Modern technology offers much interactive design to ease complex tasks into simple touch panel controls. Multicolor touch panels have replaced hard switches in our household appliances, and the trend is increasing for almost every smart home device. The user interface design has higher significance in today’s competitive market; it often determines the user whether to choose a particular device or appliance. Users will be interested in buying new devices or smart gadgets if it is very user-friendly and compatible with common wireless standards. Building Blocks of IoT Four things form the basic building blocks of the IoT system –sensors, processors, gateways, and applications. Each of these nodes has to have its own characteristics in order to form a useful IoT system. Sensors These form the front end of the IoT devices. These are the so-called “Things” of the system. Their main purpose is to collect data from its surroundings (sensors) or give out data to their surroundings (actuators). These have to be uniquely identifiable devices with a unique IP address so that they can be easily identifiable over a large network. These have to be active in nature which means that they should be able to collect real-time data. These can either work on their own (autonomous in nature) or can be made to work by the user depending on their needs (user-controlled). Examples of sensors are gas sensor, water quality sensor, moisture sensor, etc. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-15 Processors Processors are the brain of the IoT system. Their main function is to process the data captured by the sensors and process them so as to extract valuable data from the enormous amount of raw data collected. In a word, we can say that it gives intelligence to the data. Processors mostly work on a real-time basis and can be easily controlled by applications. These are also responsible for securing the data – that is performing encryption and decryption of data. Embedded hardware devices, microcontrollers, etc are the ones that process the data because they have processors attached to it. Gateways Gateways are responsible for routing the processed data and sending it to proper locations for its (data) proper utilization. In other words, we can say that the gateway helps in to and fro communication of the data. It provides network connectivity to the data. Network connectivity is essential for any IoT system to communicate. LAN, WAN, PAN, etc are examples of network gateways. Applications Applications form another end of an IoT system. Applications are essential for the proper utilization of all the data collected. These cloud-based applications are responsible for rendering effective meaning to the data collected. Applications are controlled by users and are a delivery point of particular services. Examples of applications are home automation apps, security systems, industrial control hubs, etc. The Internet of Things (IoT) is the physical devices that are connected to a network. These physical devices are called node devices. These are embedded with sensors, software, and other technologies to exchange data with other devices and systems over the Internet. With IoT, digital systems can record, monitor, and adjust each interaction between connected things. Hence now we can connect everyday objects like kitchen appliances, cars, thermostats, etc to the internet via embedded devices. This makes communication streamlined between people, processes, and things.to understand IoT properly we need to understand the Logical and Physical Designs of IOT in detail. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-16 Physical Design of IoT Now let us understand the physical design of IoT from the logical and physical design of IoT. The Physical design of IoT deals with the individual devices connected to the IoT network and the protocols used to create a functional IoT environment. Each IoT device can perform tasks of remote sensing, actuating, monitoring, etc due to the IoT network they are connected to. These can also transmit information through different types of wireless or wired connections. They can generate data, which is used to perform analysis and perform operations for improving the system. Now let us understand the IoT node devices and the IoT protocols. Node Devices Node devices are used to build a connection, process data, and provide interfaces, and storage, in an IoT system. They generate data that can be analyzed by the IoT system and program to perform operations and improve the system. Now let’s understand which devices are used for which function in an IoT system. Connectivity: Devices like USB hosts and ETHERNET provides connectivity between the devices and the server. Processor: Processors like CPU and other units process the data. This is used to improve the decision quality of an IoT system. Audio/Video Interfaces: System interfaces like HDMI and RCA devices record audio and videos. Input/Output interface: Devices like UART, SPI, CAN, etc give input and output signals to sensors and actuators. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-17 Storage Interfaces: IoT devices like SD, MMC, and SDIO generate data. Storage interfaces store those data. Controlling of activity: Devices like DDR and GPU control the activity of an IoT system. IoT Protocols IoT protocols establish communication between a node device and a server over the internet by sending commands to an IoT device and receiving data from an IoT device. Both the server and client-side use different types of protocols. By network layers, they are managed. Some of the network layers are the application, transport, network, and link layers. It works as a building block for logical and physical design of IoT. Some of the protocols are Application Layer protocol- Protocols in this layer define how the data is sent over the network. With the lower layer protocols, the application interface sends these data. Examples include HTTP, WebSocket, XMPP, MQTT, DDS, and AMQP protocols. HTTP (Hypertext Transfer Protocol)- This protocol for transmitting media documents in an application layer by communicating between web browsers and servers. WebSocket- it enables two-way communication between a client and a host and is mostly web browsers use it. Transport Layer- it controls the flow of data segments. It also handles error control and provides end-to-end message transfer capability. TCP (Transmission Control Protocol)- It establishes and maintains a network that can exchange data using the internet protocol. Some of the layers are Network Layer- it is used to send datagrams from the source network to the destination network. Some examples are IPv4 and IPv6. Link Layer- it is used to send data over the network’s physical layer and determines how the packets are coded and signaled by the devices. Ethernet- It is a set of protocols used in LANs that defines the physical layer and the medium access control for LANs. WiFi- It is a set of LAN protocols. It specifies the set of media access controls and also the physical layer protocols that are used for implementing wireless LANs. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-18 Logical Design of IoT It is the actual design of the IoT system. It illustrates the assembling and configuration of the components i.e. computers, sensors, and actuators. The logical design of IoT is composed of: IoT functional blocks IoT communications models IoT communication APIs 1. IoT functional blocks The functional blocks of IoT systems provide sensing, identification, actuation, management, and communication capabilities to the IoT ecosystem. The devices of the functional blocks handle the communication between the server and the host. This enables monitoring of control functions, managing the data transfer, securing the IoT system using authentication, and providing an interface for controlling and monitoring various functions. It is the most crucial part of the logical and physical designs of IoT. The Functional blocks of IoT are: Device Devices provide sensing, actuation, monitoring, and control functions to the IoT ecosystem. Communication Manages communication for the IoT system. Services Services perform the functions of device monitoring, device control, data publishing, and device discovery. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-19 Management gives functions to govern the IoT system. Security provides security to the IoT system. It performs authentication, authorization, message and content integrity, and data security functions. Application An interface where the users can control and monitor various aspects of the IoT system. It allows the users to view the system status and analyze the processed data. 2. IoT Communication Models The communication models of IoT are used for communicating between the system and the server. The types of IoT communication models are Request-Response Model In this communication model, the client sends requests to the server and the server responds to their requests. After receiving a request, the server decides how to respond by fetching the data, retrieving resource representation, preparing the response, and then sending the response to the client. The request-response protocol between a client and a server is HTTP. Publisher-Subscriber Model Publisher-Subscriber Model This model is made up of three entities: Publishers, Brokers, and Consumers. Publishers- it is the source of data that sends the data to the topic. Consumers- they subscribe to the topics. Brokers- they accept data from publishers and send it to the consumers. Push-Pull Model This model is made up of data publishers, data consumers, and data queues. Publishers- they publish the message and push it into the queue. Consumers- they present on the other side and they pull the data out of the queue. Queues- it helps in decoupling the messages between the producer and consumer. Exclusive Pair It is a bi-directional model that includes full-duplex communication between client and server. The client sends a request and the server keeps the record of all the connections. In this model, only Web Socket-based communication API is based. 3. IoT communication API There are two types of communication APIs – REST-based communication APIs REST stands for Representational State Transfer. It is a set of architectural protocols by which you can design web services and web APIs. These web services --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-20 and APIs focus on a system’s resources and how resource states are addressed and transferred. It has a request-response communication model. Its architectural constraints are components, connectors, and data elements. All of them are included within a distributed hypermedia system. Web Socket-Based Communication APIs Web Socket API is the bi-directional, full-duplex communication model between clients and servers. It does not require a new connection to set up for each message between clients and servers. After the connection is set the messages can be sent and received continuously without any interruption. It is best for IoT Applications with low latency or high throughput requirements Difference between the physical design of IoT & logical design of IOT What is Greenfield Software Development? Greenfield software development refers to developing a system for a totally new environment and requires development from a clean slate – no legacy code around. It is an approach used when you’re starting fresh and with no restrictions or dependencies. In software development, Greenfield refers to software that is created from scratch in a totally new environment. No constraints are imposed by legacy code, no requirements to integrate with other systems. The development process is straightforward, but the risks are high as well because you’re moving into uncharted territory. In IoT, Greenfield development refers to all these shiny new gadgets and devices that come with internet connectivity. Connected washing machines, smart locks, TVs, thermostats, light bulbs, toasters, coffee machines and whatnot that you see in tech --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-21 publications and consumer electronic expos are clear examples of Greenfield IoT projects. A pure Greenfield project is quite rare these days, you frequently end up interacting or updating some amount of existing code or enabling integrations. Some examples of Greenfield software development include: building a website or app from scratch, setting up a new data center, or even implementing a new rules engine. But it also causes some unwanted effects. First of all, when things are created independent of each other and their predecessors, they tend to pull the industry in separate ways. That is why we see the IoT landscape growing in many different directions at the same time, effectively becoming a fragmented hodgepodge of incompatible and non-interoperable standards and protocols. Meanwhile, the true future of IoT is an ecosystem of connected devices that can autonomously inter-communicate (M2M) without human intervention and create value for the community. And that’s not where these isolated efforts are leading us. Also, many of these companies are blindly rushing into IoT development without regard to the many challenges they will eventually face. Many of the ideas we see are plain stupid and make the internet of things look like the internet of gadgets. Nice-to-haves start to screen out must-haves, and the IoT’s real potential for disruption and change will become obscured by the image of a luxury industry. The Advantages of a Greenfield Project Some of the greatest advantages of Greenfield Software Development include: Gives an opportunity to implement a state-of-the-art technology solution from scratch Provides a clean slate for software development No compulsion to work within the constraints of existing systems or infrastructure No dependencies or ties to existing software, preconceived notions, or existing business processes The Disadvantages of Greenfield Software Development As with anything, there can be cons to taking on a Greenfield project. Greenfield application development disadvantages include: With no clear direction, the degree of risk is comparatively higher Since all aspects of the new system need to be defined, it can be quite time- consuming With so many possible development options, there may be no clear understanding of the approach to take It may be hard to get everyone involved to make critical decisions in a decent time frame --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-22 What is Brownfield Software Development? Brownfield software development refers to the development and deployment of a new software system in the presence of existing or legacy software systems. Brownfield application development usually happens when you want to develop or improve upon an existing application, and compels you to work with previously created code. Therefore, any new software architecture must consider and coexist with systems already in place – so as to enhance existing functionality or capability. Examples of Brownfield development include: adding a new module to an existing enterprise system, integrating a new feature to software that was developed earlier, or upgrading code to enhance the functionality of an app. Brownfield is especially important in industrial IoT (IIoT), such as smart buildings, bridges, roads, railways and all infrastructure that have been around for decades and will continue to be around for decades more. Connecting these to the cloud (and the fog), collecting data and obtaining actionable insights might be even more pertinent than having a light bulb that can be turned on and off with your smartphone. IIoT is what will make our cities smarter, more efficient, and create the basis to support the technology of the future, shared economies, fully autonomous vehicles and things that we can’t imagine right now. But as its software development counterpart, Brownfield IoT development is very challenging, and that’s why manufacturers and developers are reluctant and loathe to engage in it. And thus, we’re missing out on a lot of the opportunities that IoT can provide. The Advantages of a Brownfield Project Some of the largest advantages of Brownfield development include: Offers a place to start with a predetermined direction Gives a chance to add improvements to existing technology solutions Supports working with defined business processes and technology solutions Allows existing code to be reused to add new features The Disadvantages of Brownfield Software Development Brownfield projects do also have their own set of disadvantages. These include: Requires thorough knowledge of existing systems, services, and data on which the new system needs to be built There may be a need to re-engineer a large portion of the existing complex environment so that they make operational sense to the new business requirement Requires detailed and precise understanding of the constraints of the existing business and IT, so the new project does not fail Dealing with legacy code can not only slow down the development process but also add to overall development costs --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-23 Comparison Overview of Greenfield Development vs. Brownfield Development Which is better for you: A Greenfield Project or Brownfield Project? Software lies at the core of every product or service. So, choosing the right development approach is vital to the success of your software. Since Greenfield software development carries a higher degree of risk, agile practices are often deemed the best approach. By developing software in small iterations and getting them in the hands of customers for quick feedback, they help with the efficient handling of risks. On the other hand, Brownfield projects are often built on a more stable infrastructure with confirmed business processes; therefore, they are less prone to risk. However, a substantial proportion of development effort is spent on understanding and integrating with the existing business landscape rather than delivering value. With Brownfield development too, the best way to ensure success is by using an iterative approach to refine existing logical and physical architecture and accelerate development, improve product quality, and minimize defects. IoT Governance, Privacy and Security Issues The first challenge facing the future governance of IoT is the increasing number of different connected devices; this requires a great deal of complex solutions to accommodate the heterogeneous connection of devices along with the size of the connection, where the implementation of protocols and algorithms of all. Governance, security and privacy are probably the most challenging issues in the Internet of Things(IoT) and they have been extensively discussed in many forums. While most of the organisation work on Internet governance, a logical step can extend these concepts to IoT governance. But the difficulty of IoT is that the high number and heterogeneity of technologies and devices, which require even more specific Governance solutions and approaches that are more complex in nature. Size and heterogeneity in fact, are the two main components that affect the governance of IoT. The governance is considered as a double-edged sword, because it can offer stability --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-24 and support for decisions but it can also become excessive and result in an over- controlled environment. Nevertheless, since there are no legal frameworks for IoT governance, even if the differences between the IoT and the Internet have been overestimated at the beginning, an analysis of the major IoT governance issues (legitimacy, transparency, accountability, anti-competitive behaviour) seems to be worthwhile to design and develop. Heterogeneity requires security to overcome the impossibility of implementing efficient protocols and algorithms on all the devices involved across the many IoT application areas. Without guarantees in security, stakeholders of governance ecosystem are unlikely to adopt IoT solutions on a large scale. For this reason, the development of enforcement techniques to support scalability and heterogeneity, to anonymise users’ data and to allow context aware data protection are key factors. In the IoT context, it is difficult to separate the concepts of Governance, Security and Privacy, because addressing privacy and security aspects to achieve trust in IoT would probably need governance mechanisms as well. As mention before, at the higher level of the interaction of IoT with users, ethical aspects cannot be disjointed from the governance, security and privacy aspects as well. In addition to that the proliferation of wireless devices with ubiquitous presence is expected to worsen the issue of privacy due to the current design of the link-layer and lower layer protocols, which usually expose information like implicit names and identifiers that can reveal users identity. To eliminate these issues, these layers should be redesigned in order to minimize the collection of such data, conceal important information from the un-trusted parties and, to reveal proper information to the authorized or trusted parties. The management of heterogeneous devices, applications and protocols can be also addressed using the principles of service-oriented computing, which going to achieve a significant flexibility in different levels of the IoT architecture The key challenges for Governance, Security and Privacy in IoT The IoT has to overcome not only a wider heterogeneity of connected systems, communication technologies and resource constraints, but has also to face challenges related to the potential unbounded number of interacting entities and substantial differences in the interaction patterns. Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC) systems, as well as PKIs, are not yet able to fully address these challenges providing scalable, manageable, effective, and efficient access control mechanisms. IoT challenges two different levels, considering the subdivision into the three main topics of governance. IoT governance is one of the key remaining challenges. Achieving the right governance framework is critical to IoT’s success across all aspects from architecture, through standards to implementation. IoT embraces a breadth of established, emerging and --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-25 evolving technologies across a variety of vertical domains that to achieve open interoperability and an environment for market driven application innovation IoT requires an inclusive governance framework which is as yet inexistent. IoT security and privacy features addressing today’s needs and those that provisions for the requirements of tomorrow need to be sympathetic to the end user while accommodating an anticipated increasing complexity of requirements from the expansion of cross domain applications. The next generation technology required a robust IoT policy and architecture in order to extend the path to a point where there has been sufficient consideration of the IoT vision enablers for IoT to flourish backed by sustainable commercial exploitation. Security & Privacy Issues in the Internet of Things (IoT) The concept of the Internet of Things (IoT) has completely transformed the way we perceive connectivity. With IoT, we have seen devices, apart from personal computers, connecting to the internet. IoT has enabled the possibility for embedding internet connectivity and relevant functions in various types of devices. The world has witnessed rapid growth in the connectivity of televisions, cars, refrigerators, air conditioners, hairbrushes, and many other devices to the internet. At the same time, the concerns regarding security and privacy in IoT have also gained prominent attention as the world recognizes the true potential of IoT. The following discussion aims to offer a detailed overview of the types of security and privacy issues you can find with IoT. Importance of IoT Before diving into the issues of privacy and security in IoT, it is important to understand IoT itself. In the most general sense, IoT refers to the global network of connected devices which share information with each other through the internet. The devices communicate with each other alongside generating and collecting data for ensuring optimized functionality. As a matter of fact, IoT devices collect data regarding individual users and could contain extremely private and sensitive information. In addition, it is also important to note that the IoT market would have a value of more than half a trillion dollars by 2022. The growing IoT landscape implies the addition of more devices, thereby leading to concerns of security and privacy. Importance of Security and Privacy in IoT The Internet of Things or IoT landscape includes more devices with every passing day. By 2025, the world could expect around 64 billion IoT devices in use. The growth in the number of IoT devices is definitely beneficial with a major transformation in the ways for carrying out everyday activities. For example, smart lighting could help in reducing your electric bill and energy consumption. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-26 In addition, the benefits of connected healthcare devices have been helping people in obtaining a better impression of their health. However, the benefits introduce prominent risks with the number of growing devices. The growth in the number of connected devices in the IoT ecosystem can present issues for security in IoT by offering more entry points for cybercriminals and hackers. The concerns of security and the issues of privacy in IoT present considerable implications for different business organizations and public organizations. The interconnectivity of networks in IoT introduces the accessibility from anonymous and untrusted online sources. If anyone asks ‘Why security is important in IoT?’ you can point out IoT adoption. Businesses have to work on enhanced security, especially for consumer-grade IoT- enabled solutions, to encourage customer trust in IoT. Furthermore, the importance of security and privacy in IoT is also clearly evident in the gradually increasing awareness of consumers regarding the privacy of their data. Understanding the concept of Security in IoT Now that you know about the importance of security and privacy for the long-term growth of IoT, it is reasonable to reflect on both of them individually. What are the factors associated with the concerns of security in IoT? The Internet of Things landscape is gradually becoming more diverse with legacy computing systems and modern computing devices. As a result, IoT easily becomes vulnerable to a wide range of security risks in different approaches. First of all, it is important to note that many devices in the IoT landscape are tailored for large-scale deployment. The example of such devices refers to sensors. In addition, deploying IoT devices also involves a set of similar or almost identical appliances with resembling traits. The resemblance is responsible for magnifying the security vulnerabilities. While security issues have been prominently noted in the information and technology sector, IoT implementation has come up with some new challenges. The answer to ‘Why security is important in IoT?’ is evident in the nature of interconnectivity between the IoT devices. If a poorly secured device connects with the IoT landscape, then it could affect the security and resilience of IoT. With a large number of homogenous devices deployed in IoT, the IoT users and developers must ensure that they are not exposing other users to potential harm. One of the most prominent factors to draw your attention towards security in IoT would refer to authentication. The authentication mechanisms used in existing IoT ecosystems are restricted only to offering safeguards against limited threats such as replay attacks or Denial of Service (DoS) attacks. It is also important to consider the role of information security as one of the highly vulnerable domains of IoT authentication. Why? --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-27 The abundance of risky applications which enable a natural multiplicity of data collection could present formidable information security risks. In addition, the importance of security becomes clearly evident with the prevalence of man-in-the-middle attacks. Third-party agents could intercept communication channels for impersonating identities of vulnerable nodes associated with network exchange. Understanding the concept of Privacy in IoT The next notable aspect in discussions on privacy and security in IoT refers to the way consumers view privacy. People are likely to perceive the usefulness of IoT in accordance with its effectiveness in safeguarding their privacy goals. The common assumptions regarding privacy issues in IoT and the potential security issues could become formidable setbacks in IoT adoption. The aspects of user privacy and the rights of privacy are basic requirements for developing the trust and confidence of users in IoT, connected devices, and associated services. At the same time, the developments in IoT are focusing largely on addressing privacy issues in a completely new way. One of the most important concerns in understanding the issues of privacy in IoT would draw attention towards reasons for privacy concerns. The IoT ecosystem has intelligent artifacts present almost everywhere with flexibility for sampling process and information distribution from any location. In addition, the ubiquitous connectivity in IoT through the internet also plays a crucial role in amplifying privacy concerns. Without a unique mechanism for privacy protection, the ubiquitous connectivity of IoT could enable flexible access to personal information from any corner of the world. Security issues in IoT With a clear impression of the significance of security and privacy in IoT, it is important to find out the issues. Businesses could reap credible benefits from the capabilities of the Internet of Things (IoT). However, the threats to security could present notable setbacks for the effective adoption of IoT-enabled solutions. On the other hand, a clear impression of the IoT security issues could help in developing suitable strategies for mitigation. Let us take a look at some of the notable issues for security in IoT. ▪ Inadequate Password Protection Hard-coded and embedded credentials in IoT devices provide an easy target for hackers to compromise the devices directly. Default passwords may enable hackers to enter the machine without any obstacles. One of the examples of such an attack refers to the Mirai malware, which infected IoT devices such as routers, video recorders, and video cameras. The Mirai malware was successful in logging in by using 61 general hard-coded usernames and passwords. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-28 Subsequently, the malware brought almost 400,000 connected devices in its control and resulted in the world’s first 1Tbps DDoS attack. The Distributed Denial of Service of DDoS attack affects some parts of Amazon Web Services and its clients such as Twitter, Netflix, Airbnb, and GitHub. Now in 2021, a Mirai-type malware, known as Mozi, is the most active botnet. ▪ Limited Compliance from IoT Manufacturers Another important factor affecting the security factor in privacy and security in IoT refers to the lack of compliance from IoT manufacturers. Many fitness trackers with Bluetooth generally remain visible after pairing. Your refrigerator could give out your Gmail login credentials. As manufacturers continue the development of devices with limited security, the concerns of security in IoT would definitely witness an upward turn. IoT device manufacturers have started introducing internet connectivity in their devices without paying attention to the ‘security’ aspect in the product designing process. Some of the notable security risks for IoT which are due to manufacturers include, 1. Hardware issues 2. Lack of security in data transfer and storage 3. Hard-coded, weak, or guessable usernames and passwords ▪ Device Update Management The concerns of security and privacy in IoT could also refer to security issues due to device update management. Insecure firmware or software could generally lead to IoT security risks. Even if a manufacturer offers a device with the most recent software update, you will encounter new vulnerabilities. Therefore, updates are highly important for ensuring security on IoT devices, which should be updated immediately after the discovery of new vulnerabilities. The use of IoT devices without necessary updates could escalate the threats to their security. In addition, update management can be risky due to the fact that devices will send backups to the cloud. Without appropriate encryption for the connection and protection for updated files, any malicious agent could access sensitive information. ▪ Lack of Secure Interfaces The answers to ‘Why security is important in IoT?’ become clear with the security issues due to insecure interfaces. All IoT devices are involved in the processing and communication of data. The IoT devices need apps, protocols, and services for communication, and the insecure interfaces are responsible for various IoT vulnerabilities. You can find insecure interfaces in web, API, cloud, mobile, and application interfaces with possibilities for compromising the device and data. The most common concern of security in IoT interface is the lack of device authorization and authentication mechanism and weak or no encryption mechanism. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-29 Privacy Concerns in IoT While the challenges to security are quite prevalent in IoT, the concerns of privacy are also another critical factor. Many people also want to find out ‘What are the privacy concerns in IoT?’ and the answers could help in improving IoT for large-scale adoption. Let us take a look at some of the common privacy concerns in IoT which you can find today. ▪ Abundance of Data The data generated by IoT devices is radically staggering for all the right reasons. According to the Federal Trade Commission, less than 10,000 households could create almost 150 million discrete data points daily. Therefore, you can clearly notice the increased possibilities for breaches of privacy in IoT. You have more entry points for hackers while leaving sensitive information and your IoT devices vulnerable. ▪ Eavesdropping IoT users would also have to find eavesdropping as one of the ominous answers to ‘What are the privacy concerns in IoT?’ for specific reasons. Imagine a hacker using one of your smart home appliances to snoop in your personal life. As a matter of fact, hackers and even manufacturers could use a connected device to basically invading an individual’s home. For example, researchers have been successful in eavesdropping in IoT by intercepting unencrypted data from a smart meter device. The unencrypted data helped in identify the television show an individual was watching at the particular instance of time. ▪ Unwanted Public Exposure The next and probably the most important entry among privacy issues in IoT would refer to unwanted public exposure. IoT device manufacturers often have long documentation for terms of service, and there is barely anyone who reads the document thoroughly. According to the Federal Trade Commission, manufacturers and enterprises could leverage data offered willingly by consumers for making employment decisions. For example, an insurance company could collect information from an individual regarding their driving habits through a connected car. Similarly, health or life insurance providers could also use data from fitness trackers for calculating the insurance rates of different individuals. IoT Governance Explained As IoT usage becomes more widespread, the physical network of IoT devices grows larger and more complicated to manage, with approximately 13.1 billion IoT devices in operation today according to Statista. An IoT governance model is an effective way to address data security and privacy concerns, as well as legal, ethical, and public relations matters. It establishes the policies, procedures, and practices that define how a company will design, build, deploy, and manage an IoT system. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-30 IoT governance models also outline how the system will comply with industry, local, and global data security and privacy laws. These laws define how an IoT device should collect, store, manage, use, and discard data. The type of data an IoT device collects is another contributing factor. IoT devices that collect sensitive PII – i.e. full name, home address, driver’s license, medical record – must manage this data in accordance with data protection laws, such as the GDPR in EU member states. Failure to do so can result in significant fines. Should organizations that collect sensitive data be allowed to sell and monetize it? What happens if a government entity or court order demands that such data be handed over? What security measures should be in place to protect the IoT network from unauthorized access? IoT governance models can help answer these questions. Google, for instance, has a policy against users sending PII to Google when collecting Analytics data. The Three Main Criteria of an IoT Governance Model A good IoT governance model should serve as a roadmap to follow, addressing the most pressing IoT concerns, including data security, data management, privacy, and technological requirements. The more comprehensive an IoT governance model is, and the more areas of concern it covers, the more effectively it will overcome challenges and deliver successful results. Therefore, companies can make more informed decisions, maintain customer confidence, and avoid paying penalties due to non- compliance. No two IoT governance models are alike. But there are three areas that any model should cover. These include Technical Architecture, Data Management, and Information Security. Each area covers different facets of the IoT governance model. And they each involve the input of different decision makers and subject matter experts. After all, creating an IoT governance model should be a collaborative effort, one that involves several brainstorming sessions, consisting of feedback from people from all walks of life, from programmers to designers to product owners to legal consultants. Here is a quick breakdown of the three areas that an IoT governance model should cover: Technical Architecture Technical architecture is the blueprint to follow to design an IoT system and related software. There may already be a technical architecture standard in place before the creation of the IoT governance model. This standard may be used as is or modified to suit the unique requirements of the IoT governance model. It may need modifying based on the volume of IoT devices that are added or interacted with, the technical limitations of the physical IoT device, and the type of data the IoT device will collect. Given the --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-31 nature of the subject, matters surrounding technical architecture are largely established by technical experts such as coders, programmers, and project managers. Data Management Data management is one of the most complex and challenging components of an IoT governance model. That is because there are more than technical considerations to be made. How a company collects, stores, and uses data is a major legal and ethical hurdle to overcome. Data scientists, data analysts, and data engineers play a huge role in outlining the data management components of an IoT governance model. For example, the data analyst may outline what data should be collected and how it should be analyzed, while a data engineer will propose the tools to be used for easy data access and interpretation. Legal consultants and advisors with experience in data security and privacy may also be of assistance, making sure the company’s governance model is compliant with industry, local, and global standards. Information Security Information security refers to how secure an IoT device is. Following the recommended manufacturer guidelines is the best way to secure an IoT device. And those configurations should be reviewed when changes occur, such as when IoT devices are added or removed from the network. Information security also refers to the data collection process, including the type and volume of data collected. If an IoT device collects Personally Identifiable Information (PII), strict security measures should be in place to protect that data. These include requiring users to provide additional proof of identity with MFA, and encrypting sensitive PII during transmission from one IoT device to another device. 1. The Case for Maintaining IoT Data Governance The growing use of IoT devices across various industries has caused a surge in data volume. Most of these devices store sensitive company data, which plays a crucial role in business operations but can have dire consequences if it falls into the wrong hands. Thus, companies need to understand what is IoT governance and its implementation to safeguard sensitive data from unauthorized access and malicious exploitation. 2.Top Challenges in IoT Data Governance for Businesses 2.1. Lack of Organizational Commitment Organizational commitment is essential for effective IoT data governance. There needs to be a clear purpose and goals regarding data governance that are communicated to all stakeholders. Not focusing on organizational commitment can result in a lack of alignment between the organization's goals and the IoT data governance strategy, as well as uncertainty about ownership and accountability for data governance across the organization. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-32 2.2. Data Privacy Concerns Ensuring data privacy is a significant concern when implementing IoT data management to maintain IoT data governance security. With the vast amount of data generated by IoT devices, there is an increased risk of personal and sensitive data being compromised. Therefore, it is crucial to identify potential vulnerabilities, mitigate the risk of data privacy breaches in IoT environments, and anonymize user data for consumer devices. 2.3. Lack of Endpoint Security for IoT Devices IoT devices are often designed with limited processing power and memory, and as such, many connected devices do not have built-in security features. This makes them attractive targets for hackers seeking to access confidential data or disrupt operations. Without proper endpoint security measures, IoT devices can be compromised, leading to data breaches, network downtime, and other security incidents that can compromise the entire system's integrity. 2.4. Issues with IoT Device Authentication When IoT devices are designed without proper authentication mechanisms, it can be challenging to verify their identities. This results in possible unauthorized access, data breaches, and other security incidents. To supplement IoT data management practices, companies must implement secure authentication protocols specifically designed for IoT environments, such as device certificates, digital signatures, and multi-factor authentication, to maintain IoT data governance. 2.5. Increasing Volume of Unstructured Data IoT devices generate vast amounts of data in various formats and structures, including text, images, audio, and video, which can be difficult to process, manage, and analyze. This data is often stored in different locations and formats, making it challenging to ensure quality and consistency. Moreover, this flood of unstructured data can contain sensitive information that must be protected to comply with regulations and standards. For effective IoT data governance, it is necessary to implement data classification, metadata management, and data quality management to make sense of unstructured data. 2.6. Unethical Use of IoT Data IoT devices collect data that can be sensitive and personal, and misuse can lead to various negative consequences. Data from IoT devices can be used to develop insights, but it must be handled carefully to avoid privacy violations, discrimination, or other negative consequences. Ensuring data ethics requires organizations to consider the potential impacts of their data collection and use practices on various stakeholders. This involves addressing issues such as data privacy, data ownership, transparency, and bias in IoT data analytics. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-33 2.7. Inadequate Data Governance Protocols Without proper data governance protocols, IoT data may be inaccurate, incomplete, or difficult to access or analyze, reducing the effectiveness of IoT systems and limiting the potential benefits they can provide. Additionally, inadequate data governance protocols can lead to security and privacy vulnerabilities, potentially exposing sensitive data to unauthorized access or theft. This can result in legal and regulatory penalties, reputational damage, and a loss of customer trust. 3 Addressing IoT Data Governance Challenges 3.1. Security by Design This approach involves integrating security and governance considerations into the design and development of IoT systems from the outset. This helps minimize vulnerabilities, prevent breaches that may compromise the confidentiality, integrity, and availability of IoT data, and help maintain IoT data governance. In addition, by prioritizing security in the design phase, organizations can implement security controls and features tailored to their IoT systems' specific needs, which can help prevent unauthorized access, manipulation, or theft of IoT data. 3.2. Awareness Initiatives IoT data governance challenges can arise due to an improperly trained workforce that may not recognize the purpose and benefits of data governance practices. Awareness initiatives can help organizations develop a culture of security and privacy. These initiatives can educate employees and stakeholders about the risks and best practices associated with IoT data governance, including the importance of data security, privacy, and ethical considerations. By raising awareness of these issues, organizations can promote a culture of responsible data management, encourage stakeholders to adhere to data governance policies and procedures, and reduce the risk of human error or intentional misconduct that could compromise IoT data. 3.3. Standardized Data Governance Policies Collaboration between local, regional, and federal governments and businesses is essential to establishing frameworks for implementing IoT and related technologies within their jurisdictions. Cooperation between governments and enterprises is crucial for implementing a standardized IoT data governance policy. This will protect end-users by mandating basic standards in procurement processes and creating regulations and guidelines that promote responsible data governance. 4. IoT Data Governance: Future Outlook Data is one of the most valuable resources for organizations today, and addressing the problem of IoT data governance will ensure that the IoT of enterprises is used effectively and responsibly. Straits Research reported that the worldwide data governance market had a worth of USD 2.1 billion in 2021 and is projected to reach an estimated USD 11.68 billion by 2030. IoT devices are a key driving factor behind the growth of the data governance market, and as the amount of data generated and the number of devices grows, so will the complexity of data governance. By maintaining strong data governance policies and tracking changes in policies and best practices, businesses can ensure compliance and maintain trust in the long run. --------------------------------------------------------------------------------------------------------------------- Internet of Things (Unit-I) Developed by Prof. Ratna Biswas Page-34