IoT Trends: Evolving Skills from Devices to Services, and Beefing Up Security

With any new technology wave, the skills required for success in the new wave may not be the same as the prior wave. Clearly IoT places a premium on connectivity and software skills, as well as user experience, platform development and cross-system testing. Other needs are continuing to emerge and evolve as companies develop more experience with IoT – and learn from early successes and failures.

One such area that’s still evolving is the balance between device-specific and service-specific applications. Early IoT applications tend to follow the traditional format of being specific to a device. This demands expertise in the device and its capabilities, as well as industry-specific protocols, standards and workloads.

However, as the third wave matures, it is not clear that each device will require its own application. We see a shift towards building services that are based on user information, rather than applications based on devices. In the consumer IoT market, Gartner predicts that by 2017, mobile users will provide data streams to more than 100 services each day.

As the platforms and APIs for IoT become more mature, we expect to see an increase in these service-based applications and a decrease in device-based applications. The breadth of knowledge required to build good service-based applications increases the need for companies to have expert product engineering services talent, either in house or sourced externally through service providers like Aricent.

Another characteristic of IoT software development is the complexity of testing required. To test for real world scenarios, developers need to assess the impact of variable connectivity, harsh environments, and unit-to-unit as well as unit-to-local and planetary connections.

Last but certainly not least is the need for security skills at the core of third-wave product development.  Security is a major challenge and needs to be addressed architecturally at the unit, local, and planetary scales. Considering security at just one level is inadequate. It must be part of the earliest product design process, because a secure hardware foundation is required to thwart existing and potential future attacks. Various solutions exist such as hardware roots of trust, cryptographic accelerators, and hypervisors.

At the unit and local levels, the sensing device needs its boot code, real-time operating system and local applications protected. Both software and hardware approaches are required to ensure the integrity of the system and its data. Software provides secure access control and hardware provides sector storage and system boot functions.

ARM’s TrustZone enables a hardware root-of-trust to secure devices by creating different modes of operation – both “normal” and “secure.” This allows a device to maintain the integrity of critical process like cryptographic credentialing or boot code in ROM. When the secure mode is enabled, software running on a CPU has completely different access to system level components. Conversely, a software application running in normal mode does not have access or even awareness of critical security functions like cryptographic credentials or keys.

An embedded hypervisor – such as Mentor Graphics offering – allows product designers to isolate different workloads or, through its support for ARM TrustZone, provide hardware- based partitioning of memory, crypto blocks, and I/O resources. With support for both single and multi-core processors, hypervisor software allows developers to select the best designs to ensure their products survive and thrive.

Securing a third wave device throughout its entire product lifecycle means ensuring its integrity at the earliest stages, beginning with the design of a SoC and continuing through the manufacturing process. Products like Rambus’ CryptoManager platform provide chip and device companies with a hardware root-of- trust for their SoCs, as well as an infrastructure suite for end-to-end security through the manufacturing process.

While third wave products are still relatively new, today’s attackers have amassed highly advanced capabilities over decades of work and research. New, connected products need sufficiently strong security to withstand highly advanced security attacks.

Come back tomorrow for more insights on New Market Dynamics (Fri Feb 27) that will shape the third wave of computing. For more perspective on IoT product engineering, click here to access Aricent’s full white paper titled, “Never Mind the IoT, Here Comes the Third Wave.”

Editor’s Note: This is the fourth in a five-part series on #IoT #Engineering trends that will shape how companies design, build, and bring products to market. To learn more, please register here to meet with our team at #MWC15.

Leave a Reply

Your email address will not be published. Required fields are marked *