Video: Trust and IoT

A short lighthearted description of the issue of trust in Internet of Things products with some of their attached risks.

References

CISOMAG, 2019. Hackers can steal your identity and bank details from a coffee machine!. [Online]
Available at: https://www.cisomag.com/hackers-can-steal-your-identity-and-bank-details-from-a-coffee-machine/

Daws, R., 2019. Hackers attempt to extort $400k in Bitcoin from Ring doorbell owners. [Online]
Available at: https://iottechnews.com/news/2019/dec/13/hackers-extort-400k-bitcoin-ring-doorbell-owners/

Greenberg, A., 2015. Hackers Remotely Kill a Jeep on the Highway—With Me in It. [Online]
Available at: https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

Khandelwal, S., 2017. Over 8,600 Vulnerabilities Found in Pacemakers. [Online]
Available at: https://thehackernews.com/2017/06/pacemaker-vulnerability.html

Nucleus, 1975. Alleycat. [Sound Recording] (Vertigo).

Article Review: IoTT

Internet of Tangible Things (IoTT): Challenges and Opportunities for Tangible Interaction with IoT

Authors: Leonardo Angelini, Elena Mugellini, Omar Abou Khaled, Nadine Couture

IoT systems provide innovative services but still in most cases the user interface is web or mobile phone based. Tangible user interactions, which leverage natural human skills, offer opportunities for better understanding of a system and better trust. The work surveyed (Angelini, et al., 2018) is an attempt to apply ubiquitous computing (ubicomp) ideas for this day and age’s IoT realities. My previous post discussing key paradigms feeding this motivation can be read as prolog.

The researchers argue that effective human-machine interaction is becoming ever more important as things to people ratio keeps increasing. And they see this particularly applicable to smart environments and personal and social applications, in which people directly interact with things. The objectives are clearly stated: first, an extensive literature review to identify eight tangible properties appropriate for incorporating into IoT objects design and second, a card-set to facilitate tangible properties-based design. The card set was further put to the test in an experts’ workshop.

The work is aimed at establishing a new field “Internet of Tangible Things” (IoTT) which marries research in IoT with Tangible Interaction. The authors report a lack of sufficient research on Human Computer Interaction (HCI) with IoT; and that work stemming from ubicomp has not been tailored to the unique challenges presented by Internet connected things. I find this insight interesting and relevant.

Tangible Properties for IoT Objects

The authors recognize earlier work such as Koreshoff, et al. (2013) adopting Atzori, et al. (2010) the Things-Internet-Semantic framework for designing IoT systems with HCI in mind, although such work merely provided HCI guidelines and not a complete framework. The complexity of IoT systems is a challenge for interactive design. Objects’ connectedness or bouts of disconnection require consideration. So does the fact objects connect with other objects. Tangible interactions are proposed in this context to allow the user to experience objects and their interactions in a natural way. Of special concern are peripheral interactions which are designed to work not at the focus of attention.

The authors perform an initial survey of literature and derive eight tangible properties to measure IoT systems by. My review is too short to cover all eight properties. Suffice it to say this list does seem to form a sound basis for an IoTT objects classification.

Some emphasis is put on personal objects, objects which the user cares about even with some emotional attachment, as facilitating long lasting interactions. Work in this area was done both with children and older adults. A related interesting concept is that of “technology individuation”. While I understand the motivation, I also think this approach to some extent opposes the ubicomp principal of a quiet servant. The object being a thing of itself can cause phenomena equivalent to cellular phone addiction. And on the other hand, things which are designed to evoke positive emotion can at some point evolve to evoke the opposite emotion and cause disengagement.

Another interesting tangible property is modeling IoT objects via physical tokens which can be combined in several ways to control the combined behavior of their IoT counterparts with proposed applications in the smart home arena.

Grounding Tangible Properties in Academic Research

The authors explain their methodology in detail. 18 papers were methodically surveyed for their use of the eight previously identified tangible properties to estimate to what extent each of the properties has been suggested, discussed, and implemented. The findings for each of the properties are then presented in a dedicated section and at some length. Overall, surveyed papers are interesting and thought provoking.

For example, in relation to the peripheral interaction property the authors mention the fact that some of the surveyed toolkits enable the use of LED lights for “non-intrusive information awareness” (Angelini, et al., 2018, p. 16). I think it is worth noting here that a blinking light can be very intrusive, such as in the case of a cellphone’s blinking light indicating an incoming message that simply cannot be ignored by the user. The level of intrusiveness is derived from what the symbol evokes in our mind.

In the discussion two observations further caught my attention. First, the usefulness of the three surveyed toolkits for interactive design in the hands of non-technical people. See for example, Mora, et al. (2016), also available here. And second, the somewhat ironic fact that participatory design and user evaluations were not abundant across the surveyed papers, which the authors attribute to the overall exploratory nature of work.

Card Games

Had the paper ended at this point it would have been a very respectable achievement already, but the authors further continued to devise a card-set for the practical consideration of their eight properties in IoT system design. The authors state that while card games were used in IoT before, their intended use for IoTT objects design is new. Besides the tangible properties cards the card-set also consisted of eight IoT properties cards depicting sought after system properties (such as function, power, and connectivity). It should be noted the theoretical background for the second set of cards is only thinly discussed.

Finally, the card-set was used in a workshop attended by 21 interactive design experts which created six IoT project prototypes. Not all participants enjoyed utilizing the cards as part of the design, perhaps because of their expertise, but overall, they were helpful. The authors report the observed links between implemented tangible properties and achieved IoT properties which the resulting projects exhibited. It is my opinion that whether those projects indeed posses those links is a matter of interpretation, which makes this part of the work interesting but not as strong methodically.

Conclusion

Overall, the paper is very well arranged and presented. It is packed with insights and directions for further research. Despite some of my earlier reservations it is apparent the authors are aware of the nuances surrounding the use of tangible properties to achieve a desired effect, and here again there is further room for exploration. With those things in mind, this paper really does lay the ground for an “Internet of Tangible Things”.

List of References

Angelini, L., Mugellini, E., Abou Khaled, O. & Couture, N., 2018. Internet of Tangible Things (IoTT): Challenges and Opportunities for Tangible Interaction with IoT. Informatics, 5(1), p. 7.

Atzori, I., Iera, A. & Morabito, G., 2010. The Internet of Things: a survey. Computer Networks, Volume 54, pp. 2787-2805.

Koreshoff, T., Leong, T. & Robertson, T., 2013. Approaching a human-centred internet of things. Proceedings of the 25th Australian Computer-Human Interaction Conference: Augmentation, Application, Innovation, Collaboration, November, Volume 25-29, pp. 363-366.

Mora, S., Divitini, M. & Gianni, F., 2016. TILES: An inventor toolkit for interactive objects. Proceedings of the International Working Conference on Advanced Visual Interfaces, June, Volume 7-10, pp. 332-333.

Webinar Review

IoT goals, applications and challenges with emphasis on security and private networks

Webinar	IT Pros Weigh in on IoT’s Role in Transforming Enterprises
Date	June 04, 2020
Organizer	IoT-Now and Syniverse
Moderator	Jeremy Cowan, Editorial Director & Publisher, IoT Now & VanillaPlus
Presenters	David Hassman, VP Strategy, Syniverse Dan Klaeren, Senior Product Management Director, Syniverse
Link	https://www.iot-now.com/it-pros-weigh-in-on-iots-role-in-transforming-enterprises/

The Internet of Things (IoT) has become a great enabler for businesses looking to transform their products and services and increase customer satisfaction. Internal IoT adoption additionally provides companies with opportunities for increased competitiveness through operational efficiency and cost savings.

During 2020 Syniverse conducted a survey by polling 200 IT professionals belonging to large enterprises (with over 1000 employees). Five industry verticals were roughly equally represented: Finance, Transportation, Health, Manufacturing and Retail, operating mostly from the United States, Canada, France, Germany, and the UK. The survey uncovered goals and use-cases in IoT adoption, as well as challenges and concerns.

This report summarizes a webinar organized by IoT Now and Syniverse which reported the survey results. The webinar was well organized and informative. Reflecting on the key messages as presented, I find that further discussion is required to properly interpret some of the results.

Goals and Applications

Top three main goals in IoT deployment were found to be improved efficiency and productivity (54%), improved product and service quality (48%), and improved customer retention and experience (35%). Interestingly, during the webinar, just before presenting this finding, webinar participants were polled for the same question, revealing similar results. Note the mix of external and internal goals for adoption.

Top three use-cases were reported as connected security – cameras, locks, alarms (70%), workplace safety and other smart building systems (64%) and remote payment terminals (53%). These are all internal use-cases. This seems contradictory to above goals. But I believe this is easily explained by the fact those use-cases are common to almost all companies no matter the type. Whereas the next use-cases on the list including asset tracking, predictive maintenance, and fleet management depend on company type.

Challenges

50% of survey participants reported security as a challenge to IoT adoption, followed by concerns about integration with legacy IT networks (44%) and complexity of integration with business processes at 40%. Security ranking high in IoT adoption challenges is not a new finding (see for example Gartner’s report).

But the survey further checked top security concerns and found them to be ransomware and malware (58%), data theft and financial loss (55%), and accidental data and intellectual property leakage (52%). Note the overlap between these. I think malware and ransomware are a very easy and prominent reason to cite by a survey respondent as the stories are well known.

Well known IoT cyber attacks

Private Networks

The webinar then continued to discuss main communication technologies employed as part of IoT deployments and found them to be cellular (68%), short range wireless (63%), followed by fixed, LPWAN and satellite. After the webinar I noted the Syniverse website boasting “the largest private network ever built for linking to the mobile ecosystem.”

The survey further found that private networks are implemented by many companies to address security concerns. 46% of respondents reported already using a private network such as private LTE, and 40% reported plans to do so in the coming year. Main reasons for private network implementation were security and privacy, better data management and control, and easier integration with existing IT systems. Reasons for not using a private network were mainly cost, geographical coverage and lack of expertise.

It seems this part of the survey and presentation coincides with the Syniverse product offering. The webinar has not made that apparent, although it was obvious by the relative weight the topic of private network was given in latter stages of the presentation.

Conclusion

The presentation part ended with a summary reinforcing the narrative of IoT adoption for a wide range of IoT applications being hindered by security concerns which are found to be addressed through private networks implementation. A 10-minute Q&A session concluded what I found to be a professionally prepared and well delivered webinar.

One must of course realize, granted the described goals and challenges, that other IoT providers or related industries incumbents could tailor the last part of the discussion to reinforce solutions other than private networks. SASE is one example. Secure Access Service Edge (SASE) a term coined by Gartner, is a disruptive network and network security architecture for meeting enterprise connectivity and security needs through a suite of cloud services. As such it encompasses IoT edge devices as much as it does any other company asset.

IoT security is a complicated challenge. There is no silver bullet. It is only natural that the business world will offer multiple viewpoints for addressing it. Guidance should further be sought through relevant certification and compliance initiatives offered by government and various other agencies as well as academic research.

Further Reading:

References

Cowan, J., Hassman, D. & Klaeren, D., 2020. Webinar: IT Pros Weigh in on IoT’s Role in Transforming Enterprises. [Online]
Available at: https://www.iot-now.com/it-pros-weigh-in-on-iots-role-in-transforming-enterprises/
[Accessed 4 6 2020].

Crist, R., 2016. New study details a security flaw with Philips Hue smart bulbs. [Online]
Available at: https://www.cnet.com/news/new-study-details-a-security-flaw-with-philips-hue-smart-bulbs/

Franceschi-Bicchierai, L., 2016. Blame the Internet of Things for Destroying the Internet Today. [Online]
Available at: https://www.vice.com/en_us/article/vv7xg9/blame-the-internet-of-things-for-destroying-the-internet-today

Gartner, 2019. IoT Opportunities and Challenges in 2019 and Beyond. [Online]
Available at: https://www.gartner.com/en/webinars/26641/iot-opportunities-and-challenges-in-2019-and-beyond

Hay Newman, L., 2018. A New Pacemaker Hack Puts Malware Directly on the Device. [Online]
Available at: https://www.wired.com/story/pacemaker-hack-malware-black-hat/

IoT Security Foundation, 2020. IoT Security Foundation Publications. [Online]
Available at: https://www.iotsecurityfoundation.org/best-practice-guidelines/

Judd, M., 2020. Secure Your Enterprise IT from IoT Onslaught. [Online]
Available at: https://www.gartner.com/en/webinars/3891492/secure-your-enterprise-it-from-iot-onslaught

Lerner, A., 2019b. Say Hello to SASE (Secure Access Service Edge). [Online]
Available at: https://blogs.gartner.com/andrew-lerner/2019/12/23/say-hello-sase-secure-access-service-edge/

Syniverse, 2020b. The world’s most connected company. [Online]
Available at: https://www.syniverse.com/about

Syniverse, 2020. IoT is transforming the enterprise. Find out how your peers are doing it. [Online]
Available at: https://www.syniverse.com/insights/iot-is-transforming-the-enterprise-find-out-how-your-peers-are-doing-it

U.S. Department of Homeland Security, 2016. Strategic Principles for Securing the Internet of Things (IoT). [Online]
Available at: https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-1115-FINAL_v2-dg11.pdf

Zurkus, K., 2019. ICS Ethernet Switches Littered with Flaws. [Online]
Available at: https://www.infosecurity-magazine.com/news/ics-ethernet-switches-littered-1/

Ubiquitous Computing and the Internet of Things

Internet of Things applications purport to deliver great value and comfort in the hands of consumers through Internet-connected smart devices. But let us take a look back to the underlying vision and see what remains unrealized.

Ubiquitous Computing (ubicomp)

Ubiquitous computing refers to the phenomena of computers quietly permeating our lives in abundance and in many forms. The concept of smart homes is a potential manifestation of ubiquitous computing in that the home environment can be filled with many computing devices in all shapes and sizes performing various tasks for the benefit of the people living in it. Smart buildings and smart cities could further extend this notion.

Wearable technology is a tactile example of the ubicomp vision coming to life. Smart watches, bracelets, ties, and glasses have all been developed and applied, some with wide commercial success. Main applications are health, sports, and entertainment.

The concept was coined by Mark Weiser around 1988. Weiser and his colleagues from Xerox PARC imagined a world in which computers are unobtrusive quiet servants seamlessly aiding us with everything to improve our quality of life. They advocated for calm technology, which unfortunately stands in stark contrast to some of this day and age’s anxiety inducing mobile and social technology.

“calm technology will move easily from the periphery of our attention, to the center, and back”
Weiser and Brown in “Designing Calm Technology”

https://commons.wikimedia.org/wiki/File:Mark_Weiser.jpg

Furthermore, designs which enable “locatedness” allow a person to use a technology while staying attuned to peripheral queues. Contrast that with the way mobile phone apps push notifications are designed to do the exact opposite.

Ambient Intelligence (AmI)

A term coined in the 1990s by Eli Zelkha and Simon Birrell, AmI puts more emphasis on technology’s ability to react to our presence and on the user experience and interaction in system design. The simplest example would be an automatic door. A defining characteristic of AmI is described as

“The fact that AmI systems must be sensitive, responsive, and adaptive highlights the dependence that AmI research has on context-aware computing”
(Cook et al., 2009)

Cook, Diane & Augusto Wrede, Juan & Jakkula, Vikramaditya. (2009). Review: Ambient intelligence: Technologies, applications, and opportunities. Pervasive and Mobile Computing. 5(4). 277-298

*https://commons.wikimedia.org/wiki/File:Sixt1DSC_1153.jpg*

The Disappearing Computer (DS)

Computers increasingly become invisible to people as they cease to be separate physical entities with which we directly interact. Computers become unnoticeable, receding to the background, allowing us to consume information and socially interact in natural ways. Or as Weiser famously put it:

(described for example in N. Streitz and P. Nixon. Special issue on ’the disappearing computer’. In Communications of the ACM, V 48, N 3, pages 32–35. ACM Press, March 2005)

“The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it.”
(Weiser, 1991)

M. Weiser. The computer for the twenty-ﬁrst century. Scientiﬁc American, 165:94–104,1991, available here

Pervasive Computing

Pervasive computing can be seen as a business incarnation of ubicomp through supportive technologies such as Smart Devices, sensor technology, Wireless, Mobile, Human Computer Interaction, and context-aware systems.

An extensive technological survey is offered in “Ubiquitous Computing: Smart Devices, Environments and Interactions” by Stefan Poslad (2009 John Wiley & Sons).

But whether Pervasive computing business initiatives do in fact fulfil the ubicomp calm technology vision is a different matter.

All four paradigms were researched until the first decade of the 21^st century. In the second decade of the 21^st century there is some decline in focus in favor of the Internet of Things.

Internet of Things (IoT)

The term “Internet of Things”, as commonly told, was coined by Kevin Ashton around 1999 while working at Procter & Gamble after having the idea to attach RFID tags to inventory items (such as lipstick) for stock management.

As can be seen by the fact that IoT’s first application was to innovate in supply-chain management, IoT should be considered to primarily evolve from pervasive computing. It is a technological solution to a set of business problems. And while Ubicomp, AmI and DS all share a human-centric vision at their core, IoT technology is often adopted for internal business reasons, for the sake of digital transformation, not necessarily with added customer value.

IoT and pervasive computing both share the focus on Internet connected devices, whereas ubicomp, AmI and DS do not necessitate it by their definition.

IoT is a 3-tier architecture of edge devices (1^st tier), Internet connected via an optional gateway (2^nd tier) and cloud-based services (3^rd tier). Commercial IoT architectures are abundant (random examples: Microsoft, WSO2). And if one makes the comparison to IBM’s 2003 pervasive computing technology stack, the architecture is essentially the same, of course implemented end-to-end with IBM’s suite of products.

Everyone is excited about IoT these days and its implications for business. Businesses are forewarned not to pass on this opportunity for digital transformation. Gartner says IoT is over the hype and there are real benefits for businesses, but since there are also risks adoption should be highly focused on business value. One cannot argue with the significance of this global trend.

To what extent IoT technologies can realize the vision of ubicomp, AmI, and DS?

I think the answer is that they are only an implementation medium.

First, as described in HBR’s Analytics 3.0, historically there was a shift from data for business intelligence towards customer value in the form of information derived from big data. But the future is in insight derived from information. In this sense, IoT platforms are only a medium.

Second, IoT platforms are not necessarily innovating in user experience. In most cases, the user facing application is developed in very standard ways, as a mobile app or a website.

Proponents of ubicomp emphasize interoperability. Interoperability is what enables cooperating computers to provide seamless experience. Again, IoT systems are not necessarily developed with this vision in mind. In fact, the opposite is true as there is a bewildering proliferation of edge technologies and proximity networks hindering interoperability.

I highly recommend Bill Buxton’s lecture titled “Designing for Ubiquitous Computing” in which he discusses these issues.

Bill Buxton (2003) – Designing for Ubiquitous Computing

Buxton asks us to consider how the smart phone existed well before Apple’s iPhone. Still, the iPhone brought flow and user interface that were never seen before. The move from function to flow is very important but it is no longer enough for a new product to be excellent. The next challenge is much more important – achieving flow at the “society of devices” level.

To illustrate, Buxton describes the use-case of conducting a mobile phone call while going in and out of the car where the phone and car exchange roles, user interfaces switch, and it all happens seamlessly without requiring too much of our attention. This level of interoperability is what we should be seeking a lot more of to realize the ubiquitous computing vision.

Interoperability, user experience and context awareness are unrealized challenges for many of the Internet of Things implementations today.

Want to read more? see Mossberg: The Disappearing Computer on The Verge.

Featured image: https://www.wallpaperflare.com/smart-home-system-man-person-apartment-kitchen-bad-living-room-wallpaper-arlaz/download/1920×1080