This is a high-level introduction to the key concepts behind the SIFIS-Home
Home IoT in 2021
Consumers can buy lots of connected devices that provide interesting functionalities. Most, if not all of them, also provide means to control them through separate remote devices and to integrate them within voice agents, such as Amazon Alexa.
The future is here
You can control most of your home from your smart phone, no matter where you are. At home you can just tell Alexa or Siri to do something, and these agents will do it for you.
Could something go wrong?
Who owns what?
A connected device is by definition a physical object that connects to a remote endpoint in order to fully function.
You own the device, but you do not own the remote endpoint. The software inside your device is, more often than not, also in a gray area.
If the device manufacturing company pushes a firmware update that disables a certain functionality there is little the user can do.
If for some reason the endpoint is unreachable, your device might still work with limited capabilities, or possibly not work at all, leaving people in the cold – in some cases literally.
Until something unexpected happens, it is often unclear what the user is entitled to and for how long.
Who knows what?
Connected devices may or may not rely on their remote endpoint to function, but quite often they do share lots of data with the endpoints so that the end-user can access them from their smart phones.
There is a good amount of legislation to prevent misusing the data collected and stored, but if the remote endpoints are outside the reach of the countries that care about data privacy, little can be done when something goes wrong.
Bad actors can harvest sensitive information and use it how they want.
Privacy invasion is bad, but actual home invasion is even worse. Criminals can easily figure out when the house is empty if they have access to the smart meter readings and plan according to that data.
How we can do better
Trustworthy devices
Connected devices tend to be useful, but they are not yet trustworthy as they are.
The software in the device itself might have defects that can turn the device into a hazard.
More often than not, the remote endpoint cannot be trusted to stay connected or not to misuse the information it receives from the device.
Catastrophic failures are unfortunately both common and downplayed.
The first pillar of the SIFIS-home is to make sure the end-user is aware of the risks and has means to mitigate them.
Fault-tolerant connected homes
The SIFIS-Home architecture tries to avoid single points of failure as much as it can.
The smart devices within the SIFIS-Home should function and possibly maintain full functionality relying on in-house endpoints when needed even if their remote endpoints disappear.
Seamless auto-reconfiguration is a first-class concern.
Your data is yours
With the SIFIS-Home the end-user can easily have a smart home setup that does not rely on remote servers.
The safest way to protect your data is to never share it to third parties.
A SIFIS-compliant device or application will provide a clear labeling so the users willing to share their data with a third party can do that, but those more concerned about their privacy will be able to avoid such devices and applications directly on the marketplace-level.
Author
Luca Barbato is a long-time Open Source contributor, member of VideoLan, Gentoo, X.org and few other organizations. He participates in the SIFIS-Home project with his company, Luminem SRLs.