Designing and manufacturing connected products for the IoT requires a completely different mindset than making traditional, static products. Manufacturers need tools to easily provide expertise in areas previously unfamiliar, starting with embedded design and networking to the development of full-featured mobile apps.
BY OLIVER COCKCROFT, AYLA NETWORKS
Until recently, manufacturers of everything from washing machines and coffee makers to air conditioners and water heaters have not needed to be experts in computer and networking technologies. While their products might have digital displays or timers or other simple electronics built into them, manufacturers are unlikely to have in-house teams of software engineers steeped in the latest best practices in programming and mobile user experience.
The Internet of Things (IoT) is changing all that. Manufacturers of all kinds of everyday products are realizing the advantages of connecting to the IoT, and they might have even started to turn their traditional products into first-generation connected products (Figure 1).
More and more connected devices, such as home appliances, are expected to enter the market.
But when it comes time to create a mobile app to give end users control over those connected devices, manufacturers face a quandary: Do they bulk up their in-house software engineering expertise—which takes time and can slow their market entry while they ramp up the ability to add mobile-app control of their connected products—or do they resign themselves to the expense of hiring a custom development house to create the savvy, secure, reliable mobile apps that today’s consumers expect?
There’s now a third alternative, which is to use an IoT-specific mobile application platform. For manufacturers that lack the specialized software development skills to create their own mobile control apps from scratch, a mobile application platform can provide a rapid, cost-effective way to take advantage of IoT opportunities.
This article describes one such platform that provides the majority of the coding and development work common to any high-performing, reliable and secure IoT mobile app, leaving only business logic and user experience (UX) design work to be completed. This approach allows the manufacturer to focus on the branding and customer experience, while dramatically accelerating time to market.
IoT Mobile Apps Take Center Stage
Smartphones have become ubiquitous. As a result, users expectations for mobile apps have skyrocketed. They have no patience or interest in mobile apps that aren’t high-performing, reliable, secure and intuitive. They want a great mobile app experience.
In the IoT, mobile apps are the way that consumers interact with and control their connected devices. They use mobile apps to set thermostat or lighting controls, or to schedule when coffee makers start brewing in the morning.
In a very real way, end users often equate the IoT mobile app with the IoT device itself. That means that the quality of the mobile app forms a crucial part of the user’s opinion of any connected product.
It turns out that the vast majority of what makes a good IoT mobile app is the same regardless of the specific device it controls. Only about 10% to 15% of the development effort is spent defining device-specific and manufacturer-differentiated features, functionality, and look and feel. This final development push provides the personalization that spells the difference between a thermostat mobile app from company A vs. company B, or between a company’s mobile app controlling a dishwasher and one controlling a clothes washer.
Taking a Platform Approach to Mobile App Development
A mobile app platform such as Ayla Networks’ Agile Mobile Application Platform (AMAP) lets manufacturers begin almost at the finish line to develop iOS or Android apps that can control IoT devices of any kind. The platform provides the 85% of coding and development work that’s common to any good IoT mobile app.
Manufacturers that license the mobile app platform code need only specify the remaining 15% or so of functionality that is specific to their company and device type, and to “skin” the app with company-branded colors, graphics and other features.
This mobile app platform includes mobile libraries that authenticate with the Ayla cloud; enable connection to the end user’s local area network (LAN); manage the user’s interactions with the device; and take advantage of all the cloud functions built into the IoT platform.
In addition, the platform includes pre-made, pre-tested software code supporting the primary features and functionality that users expect from mobile app control of a connected device. These features include user sign-in and registration, device setup, wireless (Wi-Fi and Zigbee) setup, timer setup, device control, schedule creation and management, password recovery, and support for push notification. It also supports over-the-air (OTA) updates for adding new device features or upgrading security capabilities while the devices are deployed in the field.
The mobile app code is delivered as workflows optimized for specific vertical markets, including HVAC (heating, ventilation and air conditioning), home appliances or lighting.
Through the service-oriented architecture (SOA) of its underlying IoT platform, the mobile app platform provides application services that include a rules engine, third-party integrations and custom rules. The IoT platform architecture also includes device services (templates, notification, time and location, image service, OTA updates), user services (security, triggers and alerts, OEM dashboard, developer website) and data and analytics services (logging and metrics, statistics, reports and data discovery, ETL [extract/transform/load data]).
Application programming interfaces (APIs) provide the common language among the SOA-based services, allowing the Ayla cloud to communicate with the APIs of other secure clouds and services.
The mobile app platform is scalable to almost all types of connected device. It provides a framework on top of the APIs and mobile libraries that allows manufacturers’ IoT devices to connect to the Ayla cloud and to integrate with iOS or Android mobile operating system (OS) code. All the code development is done in native Objective C and Java languages, which ensures a high level of quality for manufacturers’ mobile apps.
The IoT platform delivers additional application capabilities, such as an automated join/discovery process at setup for both iOS and Android devices; performance optimization in the LAN for low-latency connectivity; the ability for Ayla-enabled devices to work in the LAN even if the broadband connection goes down; the capture of network logs to assist with customer support issues; and an API for web application development.
Securing IoT Mobile Apps
Security is a top-of-mind concern for every aspect of a connected product. Even if an IoT connected device isn’t set up to transmit end users’ credit card numbers or sensitive health or financial information, consumers have legitimate concerns about their privacy and the kinds of data that are being transmitted. If for no other reason than to allay consumers’ concerns, manufacturers need to be scrupulous about the security of their IoT products.
A good IoT platform will be designed with comprehensive security in mind, from device to cloud to mobile app. IoT platform security should encompass:
• Encryption at the chip level to protect data in transit and to prevent spoofing
• Transport-specific security measures to encrypt data in transit (e.g., using X.509 certificates, public/private key generation, AES crypto ciphers, hashing, and generating and checking packet signatures) and data at rest (encryption keys, backup)
• Key transmission protocols such as TLS, so that data safely reaches its destination
• Multi-factor authentication
• Role-based access control, to limit who can access the device and what functions they can access, control or change
• Multi-tenant operation, enforced with a tenant ID associated with every piece of data and a data access mechanism that enforces the separation of data by manufacturer
• Cloud security, such as leveraging services deployed with an Amazon Web Services (AWS) Virtual Private Cloud (VPC) environment
• Security measures that deal with transfers in ownership or control of a connected device, including new people purchasing a house with smart home controls, or IoT technology in place in a hotel or vacation rental
To some extent, security measures will vary from one type of device to another. For example, unlocking car doors requires strong user authentication, while protecting medical data transmitted from an out-patient’s heart monitor to the doctor’s iPad requires a rock-solid data encryption solution. The architecture of an IoT platform must understand and be able to incorporate multilevel security with end-to-end protection.
A few manufacturers might decide it’s worth the investment to hire in-house or outsourced technical expertise to create their own IoT mobile apps. For the vast majority, though, the best way to compete in the IoT market will be to take advantage of a comprehensive and agile IoT mobile app platform.