• Today is: Sunday, October 22, 2017

IoT Is a Network of Things

Elena Neira
August08/ 2016

What happens if we look at IoT as a Network-Of-Things? This is what scientists from the US National Institute of Standards and Technology (NIST) are proposing. Because “there is no formal, analytic or even descriptive set of building blocks that govern the operation, trustworthiness and lifecycle of IoT components” is difficult to assess, monitor, or even resolve cybersecurity, operational and reliability risks that might exist in these systems.


Network-Of_Things (NoT) as the new ‘Science of IoT”   The starting point is to look at IoT systems in a new way that breaks down the tasks it performs into four fundamental “components” of the system:

  1. Sensing;
  2. Computing;
  3. Communications;
  4. Actuation.

To complete the system, we add to these four components and define six “elements” as follows: environment, cost, geographic location, owner, Device_ID, and snapshot, that although are not primitives, are key players in trusting NoTs. These elements play a major role in fostering the degree of trustworthiness5 that a specific NoT can provide.

Screen Shot 2016-08-07 at 9.34.24 PM
Internet of Things as a Network of Things (Source: US NIST)


Working with NoTs, Open and Closed:   The next step is to apply principles of distributed computing to these components and elements  making them networked and making them share messages about tasks to operate efficiently, timely and securely.

Let’s use an automobile as example, to apply the principles of NoT. An automobile has hundreds of sensors, numerous Central Processing Unit (CPU)s, databases such as maps, wired communication channels throughout the car, and without any wireless access between any ‘thing’ in the car to the outside. This example is a closed NoT. Such a NoT mitigates nearly all wireless security concerns such as remotely controlling a car, however there could still be concerns of malware and counterfeit ‘things’ that could result in reduced safety.  There are also open NoTs where any ‘thing’ interoperates with any ‘thing,’ in any way, and at any time thus from a “trustworthiness” standpoint, is impossible to assure since the NoT is unbounded.

Advantages of Understanding IoT as an NoT:   The key advantage is to prepare use case scenarios employing the primitives of this NoT model to achieve quicker recommendations and guidance concerning a NoT’s potential trustworthiness. For example, authentication can be used in addressing issues such as geo-location and sensor ownership, but authentication may not be relevant if an adversary owns the sensors and can obtain that information based on proximity. Encryption can protect sensor data transmission integrity and confidentiality including cloud-to- cloud communication, but it might render the IoT sensors unusable due to excessive energy requirements. While fault-tolerant techniques can alleviate reliability concerns associated with inexpensive, replaceable, and defective third party ‘things’, they can also be insecure and induce communication overhead and increased attack surfaces. In short, primitives and how they can be composed create a design vocabulary for how to apply existing technologies that support IoT trustworthiness.


Resources: NIST Networks of Things

Elena Neira