Getty Images/iStockphoto
Testing IoT devices helps ensure deployment success
The security and effectiveness of IoT deployments start with ensuring that its pieces work as they should. For hardware, that means testing, verifying and validating devices.
IT administrators must test and validate IoT hardware to ensure that it works properly and to their specifications. The testing and validation process confirms that the hardware is interoperable and can work effectively in the environment it was designed for.
Testing typically involves verification and validation. The verification phase confirms that the manufacturer made and configured the device according to the design specifications, said Shawn Chandler, senior member with the professional association IEEE and associate editor of IEEE Internet of Things Magazine. The validation phase confirms that the device can perform the task it was designed to do.
"Just because you design something correctly doesn't mean it works," Chandler said. The validation phase could involve integration, load, compatibility and stress testing.
IoT hardware is typically tested for the following:
- Compatibility to ensure that devices work with other components -- IoT environments often require various hardware, software and networking elements work together.
- Data integrity to confirm that devices accurately collect and format data so it is reliable for and compatible with other systems that will use it.
- Performance to test that devices can handle the expected workload.
- Reliability to confirm that devices will work as expected over time and as the environment scales.
- Security to ensure that devices validate and authenticate connections to keep data safe and to prevent unauthorized access that might compromise data privacy or network integrity.
- Usability to make sure that devices work as intended.
IoT components
IoT hardware components typically have chipsets, communication interfaces, firmware, power and interoperability features. As is the case with other hardware devices, such as laptops and servers, IoT devices encapsulate multiple components that work together:
- Sensors. Mechanisms designed to assess the environment and detect or record the happenings in that environment, such as temperature, movement or the presence of substances -- as is the case with a carbon monoxide sensor.
- Actuators. Components that convert energy into movement. In IoT environments, actuators start prescribed physical actions based on the data that the sensors collect.
- Chips. Electronics that enable connectivity with wireless networks and enable the transfer of data from the sensors. They're sometimes called IoT modules or radio chips.
- Microcontrollers. Compact integrated circuits that typically include a processor, memory and I/O peripherals on a single chip. A microcontroller, which is sometimes called a controller or microcontroller unit, controls a single function within the IoT device.
- Power source. Mechanism that provides power to the device. Many endpoint devices use batteries, but the type, quality, life and delivery of the power supply vary based on the devices' intended use and environment.
IoT endpoints, particularly sensors, tend to have the least amount of these various components. And IoT gateways provide a connection point between the endpoints and corporate systems. In some cases, they also perform some data processing and analytics. They typically contain both a greater number of and more advanced components, including microcontrollers/processors and connectivity modules.
How much testing and how often?
When and how much testing happens to IoT hardware vary. Experts said that OEMs typically do much of the device testing, but rigorous testing adds cost to the final product and can extend the delivery timeline. As such, IoT hardware that is designed for use in low-risk environments generally undergoes less rigorous testing than hardware built for use in high-risk areas, such as healthcare, critical infrastructure and military settings.
Consumer-grade devices "have not traditionally had as rigorous security evaluation or testing as perhaps higher-end enterprise devices," said Merritt Maxim, vice president and research director with the tech research firm Forrester.
IoT hardware that is intended for low-risk uses is usually batch-tested -- a select number of devices from a batch are tested to ensure they meet standards. Testing IoT hardware destined for sensitive and more critical use cases might involve inspecting each device.
As manager of security engineering for Digi International, Josh Heller said he expects IoT device manufacturers to conduct tests to ensure the hardware meets standards, but his company also has its own validation process to make sure all hardware meets performance and operations specifications. Organizations might have testing teams, or they might hire independent third-party contractors to conduct IoT hardware tests.
Testing could involve destructive physical analysis, where IT disassembles the hardware and inspects components to check whether the quality of the manufactured parts meets the organization's requirements.
