This document provides an overview of harmonizing the Internet of Things (IoT) for smart cities and societies. It discusses the vision of a smart city with ubiquitous access to interoperable sensors and data. It notes that while early projections forecasted massive IoT growth by 2020, development has not matched expectations due to a lack of standards. The document advocates for open, interoperable and secure IoT systems through the use of standards. It presents IEEE's work towards an IoT harmonization standard based on extending the XMPP protocol to bridge isolated IoT systems. Key aspects covered include communication patterns, security, decentralization and infrastructure services needed to support ownership and discovery of IoT devices.

1. © Waher Data AB, 2018.
Smart City Lecture 4
Harmonizing the Internet of Things

2. © Waher Data AB, 2018.
1. Recapture

3. © Waher Data AB, 2018.
Smart City / Society
 Automation
 Open Data
 Transport
 Traffic (C-ITS)
 Parking
 Utilities
 Health Care
 Law enforcement
 Schools
 Libraries
 Waste management
 Citizens?
 …
Smart for whom?

4. © Waher Data AB, 2018.
Vision of a Smart City
 Ubiquitous access to interoperable
sensors and things.
 Ubiquitous access to data and
information from society’s authorities.
 Access to smart services in all niches of
society.
 Definition of ownership of information.
 Protection of Privacy, by design and by
default.
 Market for access to things and data.

5. Ex-Director of National Intelligence
James R. Clapper
http://www.popsci.com/clapper-americas-greatest-threat-is-internet-things
”America's greatest
threat is the
Internet of Things”
Feb 9, 2016

6. © Waher Data AB, 2018.
Vulnerabilities
 National Security
 Exploiting
 Surveillance
 Logistics
 Utilities
 Health Care
 Traffic (C-ITS)
 Residential systems
 Law enforcement
 Waste management
 Schools
 Parking
 Libraries
 Monitoring citizens
 …

7. © Waher Data AB, 2018.
What must Governments do?
Governments must make sure to provide
a strong foundation on which smart
services can be built.
 Broadband access were
infrastructure projects.
 Giving access to broadband for
everyone was a strategy.
 Likewise, Smart City Infrastructure
must be defined, required in RFPs, and
provided to everyone.

8. © Waher Data AB, 2018.
Options?
Sealed secure systems?
or
Open, Interoperable, but vulnerable
systems?
or is it possible to have:
Open, Interoperable & secure systems?

9. © Waher Data AB, 2018.
2. Openness + Security
For Things

10. © Waher Data AB, 2018.
Strong Foundation
Things are “stupid” and need help with:
 Decision Support
 Ownership
 Owner consent
 Lifecycle
 Transfer of ownership
 Decommissioning
 Discovery
 Interoperability
 Data
 Operationsc

11. © Waher Data AB, 2018.
IoT Harmonization (IEEE 1451-99)
 Sensor Data
 Control Operations
 Localization (M2M, M2H)
 Tokens for distributed transactions
 Decision Support (for devices)
 Provisioning (for owners)
 Peer-to-Peer communication
 End-to-end encryption
 Concentrator/Bridge (“Thing of things”)
 Discovery
 Ownership
 Clock Synchronization
 Secure Account Creation
 Legal Identities
 Contracts
 Automated provisioning
 Economic feedback
https://gitlab.com/IEEE-SA/XMPPI/IoT

12. © Waher Data AB, 2018.
Backbone
 Efficiency
 Interoperability
 Global scalability
 Bridges technologies
vs

13. © Waher Data AB, 2018.
Interoperability

14. © Waher Data AB, 2018.
Horizontal Markets
Loose coupling permits new roles:

15. © Waher Data AB, 2018.
Features Summary
Blockchain CoAP HTTP LWM2M MQTT XMPP IoT
Harmonization
Identities ✓ ✓ ✓ ✓ ✓
Authentication ✓ ✓ ✓ ✓ ✓
Authorization ✓ ✓ ✓
Encryption ✓ ✓ ✓ ✓ ✓ ✓
End-to-End Encryption ✓ ✓
Consent ✓ ✓
Decentralized ✓ ✓ ✓ ✓
By design ✓ ✓ ✓
Asynchronous Messages ✗ ✓ ✓ ✓ ✓
Request / Response ✗ ✓ ✓ ✓ ✓ ✓
Publish / Subscribe ✗ ✓ ✓✓✓ ✓✓✓
Federation ✗ ✓ ✓ ✓ ✓
Broker ✗ ✓ ✓ ✓
Serverless ✗ ✓ ✓ ✓
P2P7 ✗ ✓ ✓
Personal ✓ ✓✓✓ ✓✓ ✓✓ ✓ ✓✓✓✓ ✓✓✓✓
Interoperability ✗ ✓✓ ✓✓ ✓✓✓ ✓ ✓ ✓✓✓
Plurality ✓ ✓✓✓✓✓ ✓✓✓✓✓ ✓✓ ✓✓ ✓✓✓✓✓ ✓✓✓✓✓
Law ✓✓✓✓ ✗ ✓ ✓ ✗ ✓ ✓✓✓✓
Transparency ⋆⋆ ⋆⋆⋆⋆ ⋆⋆⋆⋆ ⋆⋆⋆ ⋆⋆ ⋆⋆ ⋆⋆⋆⋆
Privacy ✗ ✓ ✓ ✓ ✓ ✓✓ ✓✓✓✓
11 21 20 19 10 32 41

16. © Waher Data AB, 2018.
3. Harmonizing the IoT
for the Smart City / Society

17. © Waher Data AB, 2018.
Failed expectations
Development of IoT not as projected
 What is missing?
Ericsson, 2010: (about 2020) IoT Analytics, 2018: (about 20B, if you stretch)

18. © Waher Data AB, 2018.
Driving forces of the Smart Society
 Local support and knowledge
 Access to data and things
 Cross fertilization of domains
 Reuse of existing equipment
 Openness and transparency
 Simple and quick integration
 Standardized interfaces
 Economy

19. © Waher Data AB, 2018.
Dilemma
Would you publish your things on the Internet?
 You would add risk to your solution
 You would degrade the performance
 Competitors could do what you do
 But cheaper
(they don’t have to buy equipment)
A crucial element is missing, for IoT to boom.

20. © Waher Data AB, 2018.
Standards
Interoperability is based on standards.
Standards are required for:
 Communication
 Representation
 Operation
 Security
 Privacy
 Discovery
 Decision support
 Economic feedback models

21. © Waher Data AB, 2018.
IEEE IoT Harmonization WG
Goals of the group is to:
 Harmonize IoT technologies
 Use XMPP as backbone to bridge IoT islands
 Standardize use of XMPP
 Sensor Data
 Control
 Concentrator
 Thing Registries
 Provisioning
 Economic feedback models
 Smart Contracts
 Counting of usage
https://standards.ieee.org/project/1451-99.html

22. © Waher Data AB, 2018.
Openness
Any attempt to harmonize technologies must be:
 Globally scalable
 Decentralized
 No centralized authority
 Support processing on the edge
 Federated
 Division of responsibilities
 Open
 Support ad hoc networks
XMPP has proved track record

23. © Waher Data AB, 2018.
Security
XMPP Provides:
 Strong global identities
 Authenticated access to network
 Consent-based authorization (for access)
 Ubiquitous (Transport) Encryption
IoT Harmonization adds:
 Secure/Managed identity creation
 Defines Ownership
 Decision Support for things
 Detailed authorization for things (for operations)
 Peer-to-Peer Communication
 End-to-End Encryption
Data Protection by design & by default

24. © Waher Data AB, 2018.
Flexibility
Any attempt to harmonize technologies must also
support common patterns:
 Asynchronous messaging
 Request / Response
 Event Subscription (Observe)
 Multicasting
 Publish / Subscribe
 Federation
 Edge Computing
IEEE IoT Harmonization is built on XMPP

25. © Waher Data AB, 2018.
4. XMPP

26. © Waher Data AB, 2018.
What is XMPP?
eXtensible Messaging and
Presence Protocol
 Standardized by the IETF
 RFC 6120
 RFC 6121
 RFC 6122
 Originally developed in the late 1990-ies.
 Instant Messaging
 “Jabber”
 Based on XML

27. © Waher Data AB, 2018.
Basic features
Some basic features of XMPP include:
 Global scalability (federation)
 Extensibility (namespaces)
 Robustness (20 years of operation)
 Open (public & free)
 Standardized
 Secure
 Interoperable

28. © Waher Data AB, 2018.
Communication
 Brokers
 Accounts
 Rosters
 Routing
 Federation
 Topology insensitive
 Server-less
 Peer-to-peer
 Authentication
 SASL
 Encryption
 TLS
 E2E

29. © Waher Data AB, 2018.
Communication Patterns
Intrinsic patterns:
 Asynchronous messages (message)
 Request/Response (iq)
 Publish/Subscribe (presence)
Extended
 Publish/Subscribe
 Personal Eventing (extended by XEP-0163)
 Publish-Subscribe (extended by XEP-0060)
 Multicasting (extended by XEP-0045)
 etc.

30. © Waher Data AB, 2018.
Security
Standard layers of security:
 Authentication (SASL)
 Encryption (TLS)
 Consent-based Authorization
 Blocking
 Spam reporting
 Provisioning
 End-to-end encryption

31. © Waher Data AB, 2018.
5. Communication
Patterns

32. © Waher Data AB, 2018.
Asynchronous Messages

33. © Waher Data AB, 2018.
Asynchronous Messages
 Spontaneous communication
 From anyone to anyone (Peers)
 Parties identified
 Full duplex
 Quality of Service
 At most once (“Unacknowledged”)
 At least once (“Acknowledged”)
 Exactly once (“Assured”, “Reliable Messaging”)
 Can be used to build any other pattern
Examples: CoAP, XMPP, IoT Harmonization

34. © Waher Data AB, 2018.
Request / Response

35. © Waher Data AB, 2018.
Request / Response
 Limited Client / Server roles
 Client initiates communication
 Server identified
 No requirement to identify client
 Half duplex
 Polling
 Event-based communication from server
difficult
Examples: HTTP, CoAP, LWM2M, XMPP,
IoT Harmonization

36. © Waher Data AB, 2018.
Event Subscription (“Observe”)

37. © Waher Data AB, 2018.
Event Subscription (“Observe”)
 Combines Req./Resp. & Asynch. Msg.
 Client initiates subscription
 Server initiates updates
 Client determines conditions
 Server does not have to know client use case
 More efficient than polling
Examples: CoAP, LWM2M, IoT Harmonization

38. © Waher Data AB, 2018.
Multicast

39. © Waher Data AB, 2018.
Multicast
 Group membership
 Often only security mechanism
 Group encryption difficult
 Anyone in group can send a message
 Everyone in a group receives messages
 Detailed authorization difficult
 Synchronizing events
 Clocks
 Updates
 Multicast Streaming (like IP-TV)
 Discovery in ad hoc networks
Examples: CoAP, XMPP, IoT Harmonization

40. © Waher Data AB, 2018.
Publish / Subscribe

41. © Waher Data AB, 2018.
Publish / Subscribe
 Publishers send messages
 Subscribers receive messages
 Degree of separation between actors
 Authorization on Topics or Nodes
 Efficient if Subscriber:Publisher ratio high
 Mass distribution
 Syndication
 Inefficient if Subscriber:Publisher ratio low
 Emulation of Asynch. Msg or Req./Resp.
 Difficult to federate a topic/node tree
Examples: MQTT, XMPP, IoT Harmonization

42. © Waher Data AB, 2018.
Queue

43. © Waher Data AB, 2018.
Queue
 Publishers send work items
 Workers collaborate processing items
 One worker per item
 Degree of separation between actors
 Authorization on Topics or Nodes
 Load balancing
 Mostly used in high-load back-ends
Examples: AMQP, IoT Harmonization

44. © Waher Data AB, 2018.
Federated brokers

45. © Waher Data AB, 2018.
Federated brokers
 Global scalability
 Divide & Conquer (federations/domains)
 Brokers cooperate
 Each domain controls its part of the network
 Cross-domain cooperation easy
 Decentralization
 Resilience
 Global distributed identities
 Solves Topology Problem
Examples: XMPP, IoT Harmonization, (SMTP)

46. © Waher Data AB, 2018.
Decentralization / Edge Computing

47. © Waher Data AB, 2018.
Decentralization / Edge Computing
 Processing done at the source
 Permits centralized processing (if required)
 Cloud used for support
 Identity
 Transport
 Discovery
 Decision Support (Orchestration, Provisioning)
 Protects Privacy
 Enforces Ownership of Information
 Distributes processing power
 Scalable
Examples: XMPP, IoT Harmonization

48. © Waher Data AB, 2018.
6. Infrastructure Services

49. © Waher Data AB, 2018.
IoT Harmonization Services
 Thing Registry
 Ownership
 Discovery
 Decision Support
 Provisioning
 Orchestration
 Tokens
 Distributed operations
 Smart Contracts
 Legal identities
 Automation of provisioning
 Economic feedback

50. © Waher Data AB, 2018.
Ownership & Discovery

51. © Waher Data AB, 2018.
iotdisco URI
iotdisco:MAN=waher.se;
MODEL=MIoT%20ConcentratorXmpp2;
PURL=https%3A%2F%2Fgithub.com%2FPeterWaher%2FMIoT;
SN=7321c0de2e6848c28420a8afa3d2ef0f;
#V=2;
COUNTRY=Sverige;
REGION=Stockholm;
CITY=Stockholm;
AREA=Hammarby;
STREET=Hammarby%20Kaj;
STREETNR=10D;
APT=GOTO10;
ROOM=Annexet;
CLASS=Sensor;
TYPE=MIoT%20Sensor;
KEY=c9d4743f959a10b…4eda99d9ba6b8;
R=provisioning.extas.is
https://www.iana.org/assignments/uri-schemes/prov/iotdisco.pdf

52. © Waher Data AB, 2018.
Decision Support

53. © Waher Data AB, 2018.
Distributed Transactions
 Tokens
 User identities
 Service identities
 Device identities
 Challengeable
 PKI based
 Public key registered with broker
 Broker issues token
 Private key used to respond to challenges
 Multiple tokens can be distributed
 Authorization on original, not intermediate, identity

54. © Waher Data AB, 2018.
Clock Synchronization
 Synchronization of events across Internet
 Across multiple networks & time-bases
 High-frequency clocks
 < 1 ms precision in stable conditions
 Adaptation during network/clock reconfigurations

55. © Waher Data AB, 2018.
Smart Contracts
 Legal identities
 Smart Contracts
 Owner defines rules for access
 Automation of Provisioning
 Zero configuration
 Signing smart contract gives access
 Economic Feedback
 Billing based on usage

56. © Waher Data AB, 2018.
Connectivity
 Direct to XMPP network
 TCP
 HTTP (BOSH)
 Web-socket
 UDP (experimental)
 Via Concentrator (“Thing of Things”)
 Embedded
 Gateway
 Bridge protocols
 Bridge patterns
 System Integration

57. © Waher Data AB, 2018.
PLC
 Embeds logical/embedded devices
 One connection to XMPP network

58. © Waher Data AB, 2018.
Protocol/Pattern bridge
 Connecting other technologies
 Adding security
 Adding interoperability

59. © Waher Data AB, 2018.
System Integration
 Integration with Back-end systems

60. © Waher Data AB, 2018.
7. Representation

61. © Waher Data AB, 2018.
Sensor Data
 Loosely coupled representation
 M2M & M2H
 Meta-data describing information
 Localizable

62. © Waher Data AB, 2018.
Control Operations
 Loosely coupled representation
 M2M & M2H
 Meta-data
 Localizable

63. © Waher Data AB, 2018.
8. Operation

64. © Waher Data AB, 2018.
Simple Sensor Data Request
https://gitlab.com/IEEE-SA/XMPPI/IoT

65. © Waher Data AB, 2018.
Slow Responses
https://gitlab.com/IEEE-SA/XMPPI/IoT

66. © Waher Data AB, 2018.
Scheduled / Queued responses
https://gitlab.com/IEEE-SA/XMPPI/IoT

67. © Waher Data AB, 2018.
Fragmented responses

68. © Waher Data AB, 2018.
Example: Simple Readout
https://gitlab.com/IEEE-SA/XMPPI/IoT

69. © Waher Data AB, 2018.
Event Subscription
https://gitlab.com/IEEE-SA/XMPPI/IoT

70. © Waher Data AB, 2018.
Fragmented events

71. © Waher Data AB, 2018.
Example: Simple Event Subscription
https://gitlab.com/IEEE-SA/XMPPI/IoT

72. © Waher Data AB, 2018.
Example: Publish (PEP)
https://gitlab.com/IEEE-SA/XMPPI/IoT

73. © Waher Data AB, 2018.
Example: Subscriber Event (PEP)
https://gitlab.com/IEEE-SA/XMPPI/IoT

74. © Waher Data AB, 2018.
Example: Simple Control Operations
https://gitlab.com/IEEE-SA/XMPPI/IoT

75. © Waher Data AB, 2018.
9. Events

76. © Waher Data AB, 2018.
Smart City Lectures*
1. How to build a Smart City (Oct 4th)
2. Privacy in the Smart City (Oct 18th)
3. An Open and/or Secure Smart City (Oct 25th)
4. Harmonizing the Internet of Things (Nov 8th)
5. Introduction to Encryption (Nov 15th)
6. Earning by Sharing in the Smart City (Nov 22th)
7. …
8. …
(*) Funded by Swedish Internet Fund.

77. © Waher Data AB, 2018.
Smart City Labs*
1. Sensors and actuators (Oct 10th)
2. Connect and chat with your device (Oct 17th)
3. Publishing data from your sensor (Oct 24th)
4. Publishing and discovering devices (Nov 7th)
5. Controlling actuators (Nov 14th)
6. Decision Support for your devices (Nov 21th)
7. …
8. …
(*) Funded by Swedish Internet Fund.

78. © Waher Data AB, 2018.
 Raspberry Pi & Arduino
 Sensors, Actuators, Controllers,
Concentrators, Bridges
 Protocols:
MQTT, HTTP, CoAP, LWM2M, XMPP
 Interoperability
 Social Interaction
 Decision Support
 Product Lifecycle
 IoT Service Platforms
 IoT Harmonization
 Security
 Privacy
Amazon
Packt
Microsoft Store
Contact: https://waher.se/, https://littlesister.se/
Mastering Internet of Things

79. © Waher Data AB, 2018.
10. Open Discussion
Ownership?
Privacy?
Security?
Surveillance?
Interoperability?
Cool stuff?
Qué?
Where’s the Money?
Who pays?
What could go wrong?
Little Sister?
Harmonization?