by Nam Nguyen, Author of IoT Reference Framework and contributing member of Enabler Workstream 3 (eWS3) – Cybersecurity and Network Resilience; Managing Principal, INFYRA.
The rapid rise of Internet of Things (IoT) technologies across many different industries, has created the need for a common framework or ‘language’ that enables a wide variety of people using it to be able to discuss important issues using consistent terms. The Internet of Things Alliance (IoTAA) enabler Work Stream 3 (eWS3) – Cyber Security and Network Resilience recently released an IoT Reference Framework that will help bridge this divide.
The Cyber Security and Network Resilience enabler workstream within the IoTAA recognised that it would be impossible to create a specific reference security architecture for each and every unique combination of the billions of potential IoT devices the world may see deployed. A straightforward “generic” framework per se was required.
What is the IoT Reference Framework?
The Internet of Things continues to drive “smart” innovation in many industry sectors including smart cities, manufacturing, utilities, agriculture, transportation, healthcare and smart homes, to name a few. The uptake of IoT across many industry sectors means that the participants in an IoT ecosystem are extremely diverse: from low everyday consumers with low knowledge of technology to technology specialists; from manufacturers and developers of the technology and solutions to users, including individual consumers and company executives.
There is a need for a common framework and language that enables this diverse array of participants to discuss important aspects such as security, privacy, safety, maintenance and interoperability cross all sectors and user types, from consumers to industry. It is only through a common language and framework that the participants in the IoT ecosystem will be able to understand their role and accountability in these aspects.
An internet search for IoT Reference Architectures returns many different interpretations of what constitute an IoT Reference Architecture. These IoT Reference Architectures tend to be either vendor-specific, narrow in scope, or limited to a single implementation/solution, therefore making it difficult to apply to other industries/implementations.
Alternatively, they are too high-level, over-simplified or conceptual in nature, therefore making it difficult for users to have a sufficiently detailed conversation on real world application aspects such as security, privacy, safety or operability to determine responsibilities.
The IoT Reference Framework, shown in Figure 1, bridges that gap. It is a Framework, rather than an architecture, which is vendor-neutral and self-explanatory. The framework presents generic building blocks that are common for all IoT solutions. Organisations can use the framework, as their reference building blocks to design their own IoT solution architecture, and specific to their industry sector.
What is the purpose of the IoT Reference Framework?
The IoT Reference Framework:
- Facilitates a common terminology (we call it ‘language’) for describing the elements of an IoT ecosystem
- Is a layered structure that enables an IoT solution to be viewed from different perspectives (which we call ‘lenses’) i.e. contextual, business, users and architectural implementation
- Enables participants in the IoT ecosystem to:
- develop an understanding of the ecosystem and their role(s)
- design their IoT solution, and
- to plan for implementation, across aspects such as IoT solution (across devices, network, systems, applications etc.) security, solution resiliency and reliability, data and user privacy, safety, user security awareness and education, business processes, operational readiness and so on
- Clearly identifies relationships between participants in the IoT ecosystem so accountability can be understood and assigned
- Facilitates the implementation of IoT solutions in a timely manner as all necessary components/layers can be identified upfront
- Ensures security, privacy, safety, reliability and other aspects to be ‘placed front of mind’ from solution conception, rather than being added as an afterthought
- Provides a generic IoT solution building blocks that are common for all IoT solutions
- Is a foundational framework that organisations can utilise to further develop their own IoT solution framework, architecture and roadmap
How is the IoT Reference Framework applicable to infrastructure?
The infrastructure industry encompasses a wide cross section of industry sectors, including smart cities, smart utilities (water, electricity, gas), transportation, construction, smart buildings and so on.
IoT applications are a core component across many aspects of infrastructure, including asset and safety monitoring, predictive maintenance, real–time feedback quality control, supply chain management, security, smart environment measurement, risk measurement, etc.
The key drivers for adopting IoT in infrastructure include cost reduction, improved operational efficiency, and productivity, worker safety and security, and reduced defects due to improved quality control, are just a few to name.
The IoT Reference Framework has been formally adopted by the IoT Alliance Australia, the peak industry body representing IoT in Australia. The IoT AA has over 450 participating organisations and 850 individual participants, all working to accelerate the adoption of IoT across the Australian economy and society.
For more information on how to adopt the IoT Reference Framework for your organisation, visit iot.org.au or contact Nam Nguyen at [email protected], or Chair of Enabler Workstream 3 (eWS3): Cyber security and Network Resilience, Matt Tett, at [email protected].