kantver - Fotolia
How to deal with the lack of IoT standards
With each IoT standards body creating its own architecture or framework, IT professionals have many options to sort through for any IoT deployment.
Anyone who uses technology likely knows the annoyance of needing a different charger for every device. IoT technology faces the same fundamental issue: There isn't a single IoT standard.
ISA-95 is one of the best-known standards for industrial IoT (IIoT), but it's far from the only one. Instead, each standards body has created its own with the intent to provide more detailed implementation guides downstream. However, the standards organizations have made relatively little effort to harmonize the disparate architectures and frameworks.
The implication for IoT professionals is that they must choose wisely. There's no one-size-fits all IoT framework and implementation roadmap, nor is one likely to emerge in the next year or two given the number of IoT standards bodies. An IT professional should start an IoT deployment with the consortium or standards body that fits his or her organization's needs and work closely with that group to provide feedback to that organization's standardization efforts.
Multiple groups have developed groundwork for IoT standards
Although standards organizations have developed IoT and IIoT standards more slowly than other technological areas, they're beginning to step up to the plate. In 2018, the International Organization for Standardization and International Electrotechnical Commission co-developed an IoT reference architecture, ISO/IEC 30141, that defines a common vocabulary, reusable designs and industry best practices for IoT.
The Internet Engineering Task Force (IETF) and Internet Research Task Force (IRTF) have also actively created IoT guidelines. IRTF focuses on longer-term research issues related to the internet, and IETF focuses on shorter-term issues of engineering and defining standards.
Within the IETF, the Lightweight Implementation Working Group works on several drafts pertaining to IoT security, networking and power issues. One guide, "TCP Usage Guidance in the Internet of Things," explains how to implement and use the TCP in constrained-node networks, which are characteristic of IoT. Another IETF guide, "Security Classes for IoT devices," attempts to define security classes for IoT devices. And an informational request for comment, RFC 8352, describes the challenges for energy-efficient protocol operation on constrained devices and the current practices used to overcome those challenges. The RFC also includes an overview of energy-efficient mechanisms available at each layer of the IETF protocol suite specified for constrained-node networks.
Within the IRTF, the Thing-to-Thing Research Group investigates open research issues pertaining to IoT. The group has recently published RFC 8576, which provides an overview of IoT security areas requiring additional research and development.
Current IoT standards show limitations
It's worth noting that the efforts of both the ISO/IEC and the IETF and IRTF have some limitations from a practical perspective. They aren't standards as some IT pros might understand them. They are not detailed blueprints that engineers can design to. Instead, these standards fit the definition of a generally agreed-upon technology, method or format for an application. ISO/IEC take a very top-down approach, defining the most important characteristics of IoT, abstracting those into a generic IoT conceptual model and developing a high-level reference. To be useful from an implementation perspective, the ISO/IEC document needs to be fleshed out for specific contexts, such as use cases or vertical industries.
Similarly, the IETF and IRTF initiatives are informational documents, highlighting challenges and gaps in the technology rather than providing a detailed guideline for making it work.
The efforts of standards organizations to take a holistic view of the problem are needed, but it would be a mistake for IoT professionals to assume that either organization has developed specifications that an organization can design to. That work is falling to industry consortia, such as the World Wide Web Consortium (W3C). The W3C has developed an IoT architecture and modular building blocks that, together, define a basic conceptual framework for IoT. The W3C goes further by providing an IoT Implementation Report that includes detailed implementation guidelines and functioning use cases.
Understand standards specific to IIoT
For the case of IIoT, the Industrial Internet Consortium (IIC) has developed several volumes of architecture and specifications. The IIC is a global not-for-profit partnership among industry, government and academia. Its publications include frameworks for IIoT security, connectivity and analytics. The IIC also operates testbeds for members who have implemented these frameworks.
Another standards body, the Institute for Electrical and Electronics Engineers (IEEE), is actively developing standards for various aspects of IoT and IIoT. To date, the IEEE has developed the IEEE 2413 Standard for an Architectural Framework for the Internet of Things and is currently working on IoT standards for power distribution networks, blockchain-based data management and security.