A mobile phone is turned off when boarding an airplane and turned on again 10 hours later in another part of the world. And you can immediately make a phone call or download a file over the Internet. Today we take this for granted (at least before the Corona pandemic, when traveling was less restricted than today), but behind the scenes there is a range of technical and regulatory mechanisms at play. In this blog post we look at some of the technical aspects that make this possible and how those mechanisms also apply to the Internet of Things
Since the start of the industrial revolution, systems and solutions developed in different technical areas quickly became more and more complex and composite. It did not take long for engineers as well as industrial and commercial players to agree on the importance of having shared guidelines to follow during the design process. This has become even clearer and widely accepted throughout the following decades all the way up to our modern era that features pervasive information technology and the Internet of Things.
What has been the red thread and North Star all along? It is evident that a purely spontaneous and non-coordinated development of technical solutions would make their trade, adoption in the market, and practical usage increasingly difficult, ultimately hurting business and slowing down societal progress. This was and still is due to mostly two reasons, both of which relate to the natural presence of multiple vendors within the same business and service area.
1. Systems as well as appliances display some degree of modularity. Hence, it is desirable to replace individual components (for instance, in case of degradation) or upgrade them to keep the pace with innovation.
This becomes much easier and more convenient if different vendors that supply a same component, as well as interested users, unambiguously agree on how that component is designed and works.
This is not limited to mechanical gears or transistors, but it applies to algorithms, protocols, and software modules as well.
2. The above-mentioned systems and appliances may end up interacting with one another, thus forming a large-scale “hyper system” able to provide more functionalities in a better way, as well as to serve a larger user base. However, this becomes feasible in reality — or indeed possible at all — only if the individual interacting systems unambiguously agree on how they interact with one another.
This concept is also known as interoperability, since different incarnations and implementations from different, independent (possibly competing) vendors are able to work together under a common hyper system they take part of. One can think of it like the need for using a common language to run an international assembly (the hyper system) of different Heads of State (individual systems), where the absence of language barriers (agreement) enables a discussion to take place (service for the hyper system to be provided).
This is not limited to the monitoring and control of for example power plants, but it also holds for software applications and IT/IoT devices, particularly when used in networked environments and over the Internet.
To summarize, these are the reasons why different vendors of akin products and services wish for a common ground they could agree on and refer to. This must cover especially the fundamental mechanics and other core technical aspects of their products, such as how a system should react if experiencing a certain internal state, or the exact format of pieces of information exchanged over a communication medium.
In practice, such a common ground is released in the form of standard specifications. These are written technical documents that formally describe how a particular “working item” such as an algorithm, a protocol, or a radio technology should work for anyone interested in developing them for possible integration in products and services.
In turn, standards specifications are developed in and released by dedicated standard organizations. When a standard specification is released, it does not just convey its main technical content; it also reflects that such content is the result of a solid agreement achieved within the releasing standard organization.
As one can imagine, reaching such a solid agreement is often difficult. In fact, it requires several back-and-forth discussions to scrutinize and select design choices, develop clear awareness of pros and cons, as well as refine and improve their many details. On the other hand, the eventual end of that journey ensures the high quality of the final result built on thoroughness, solid understanding, and large consensus.
If built on standard specifications, products and services from different vendors will be able to co-exist and work together ultimately as their end-users want. This in turn builds trust among the potential user bases, hence fostering market adoption and further incremental developments.
To conclude, it is appropriate to mention some notable standard organizations that exist today:
* ISO – International Organization for Standardization – Established in 1947, it focuses on industrial & commercial standards and covers a large scope ranging from technology to healthcare, from safety to agriculture. Overall, it provides guidelines for creating products and services that are reliable, safe, and of good quality while enabling common baselines for their comparison. Its members are national bodies as recognized authorities on standards.
* 3GPP – 3rd Generation Partnership Project
Established in 1998, its members are standard organizations involved and focused on mobile telecommunications, together with interested industrial associates. Over the years, 3GPP has notably developed the renowned technologies and protocols for mobile phone communications, such as 3G (UMTS), 4G (LTE) and the latest 5G.
* IEEE – Institute of Electrical and Electronics Engineers
Established in 1963, its scope originally focused on electronic and electrical engineering, and was broadened to also include telecommunications and computer engineering. Its standard specifications are produced by dedicated standardization committees, while members are individuals fulfilling a set of professional or academic criteria. Among its most notable technologies, it is worth mentioning the standard 802.15.4 intended for low-rate devices and sensor networks, as well as 802.11 which is widely known as Wi-Fi and used on a daily basis in local area networks and for Internet access.
* OMA – Open Mobile Alliance
Established in 2002, its main scope includes interoperable service enablers for the mobile phone industry. It acts particularly as a forum for industrial players, such as manufacturers of mobile systems and equipment, mobile operators, and software vendors. OMA focuses on application-level protocols and has established relations with other standardization bodies to prevent possible redundancies. Among its several standards, it is worth mentioning Lightweight Machine-to-Machine (LwM2M), providing functionalities for managing IoT devices.
* IETF – Internet Engineering Task Force
Established in 1986, it is an open standard organization that releases open standards applicable to the Internet. Notably, the IETF has no official member roster as its contributors and managers are volunteers. The development of its standard specifications is steered by building “rough consensus and running code” and is especially supported by discussions on mailing lists and further interactions at regular rotating meetings. Overall, the process relies on bottom-up task creation and is organized around several Working Groups which are in turn grouped under different areas. Some of the most renowned and adopted standards from the IETF include TCP/IP, UDP, HTTP, TLS, OAuth, and CoAP.
About the writer
Marco Tiloca (Ph.D. 2013) is a Senior Researcher in the Cybersecurity Unit of RISE Research Institutes of Sweden (Stockholm, Sweden). His research interests are in the field of network and communication security and include security in the Internet of Things, secure group communication, access control, and key management.
He is actively involved in standardization activities under the Internet Engineering Task Force (IETF), especially in the Working Groups CoRE and ACE. In particular, he is the Chair of the IETF Working Group CoRE and reviewer in the IETF Internet of Things Directorate.
In the SIFIS-Home project, he is the leader of the Network and System Security work package and of the Standardization task.