New regulation and technology trends are revolutionizing the networking of everything
The hype around the Internet of Things (IoT) has continued for at least ten years. However, the foundation of IoT was created as far back as 1995. The IPv6 standard introduced then expanded the IP address space so that it would be possible to connect every device imaginable to the Internet.
The promise of IPv6 is finally coming to fruition as technology is starting to allow the connection of sensors and a plethora of other devices, even small ones, to the Internet. Everything that can be connected will be connected. One important enabler of this development has been 5G technology. It allows the implementation of a network connection with high connection speeds or alternatively very low power consumption.
However, the design of network-capable devices and sensors is becoming more and more complex as the number of regulations and technology trends applying to it increases.
Regulation hits the IoT
The EU has expanded its Radio Equipment Directive (RED) with a new regulation. It sets data security requirements on all devices connected wirelessly to the Internet, which protect the operation of networks, the protection of users' privacy, and reduce the risk of fraud using devices connected to the network.
Devices sold in the EU must meet these new requirements and carry the CE mark after the transition period ends in August 2024.
"After that, selling devices that do not meet the information security requirements included in the RED or devices with the old CE mark will be illegal. However, the use of equipment acquired before August 2024 is allowed even after the deadline", says Antti Tolvanen, Sales Director for Software and Embedded Solutions at Etteplan.
After the initial phase of the regulation comes into effect, it's most likely that to renew the CE mark of radio equipment a so-called notified body is needed to check the implementation of the new requirements based on the technical documentation of the device. This procedure is applied in situations where a harmonised European standard does not yet exist.
"The impact of the new RED requirements will be significant. Until now, the data security features of radio devices have been allowed to be defined freely, without regulation. Unfortunately, the harmonised product standards [hEN] are delayed, so at least for the time being it is better to discuss the type approval criteria with the notified body right at the beginning of the radio device design project and follow a secure product development lifecycle process," says Antti Tolvanen.
Devices connected to the Internet can also become subject to new requirements due to the EU's proposed Data Act. It aims to give users of internet-connected devices access to the data they produce and the opportunity to use it in third-party services.
"The Data Act is as important for data-based business as the data protection regulation GDPR is for privacy. The legislation challenges the revenue generation model of services and business models that are based on data collected from devices. On the other hand, I believe that the Data Act will also create new growth opportunities for companies whose data-based services can create even more value for customers," says Antti Tolvanen.
For example, the market for device after-sales service might become revolutionized when users can transfer all the data generated by the device away from the manufacturer to a competing party if they wish.
In a need of a redesign?
The large, global device manufacturers are already familiar with the type approval procedure. However, the new requirements will keep especially small device manufacturers busy. They will have to familiarize themselves on how to implement, review and present their information security compliance.
Only a thorough analysis of the product will unearth whether the product meets the new cyber security requirements, or it requires a redesign from a clean slate.
"Unfortunately, implementing the IoT solutions will be more expensive in the future, which will, of course, take a bite out of the margins of device manufacturers," says Antti Tolvanen.
However, a small manufacturer can ensure the compliance of their device cost-effectively by acquiring product development as a service from a provider that is up to date with both the requirements and their implementation, as well as product approvals.
More with less – and in a small size
In addition to regulation, other factors are lurking in the future that will affect the realization of the Internet of Things – and its implementation.
If the speed of network connections increases to up to a thousand times from current standards with 6G, as Nokia's CEO Pekka Lundmark recently envisioned, what does it mean in terms of device design and applications? And what kinds of possibilities open up when the miniaturization of electronics continues, and application-specific ICs (ASIC) fit into ever smaller spaces and consume even less power?
One direction of development may be the need to localize the IoT solutions. It's easy to build support for all global frequency ranges into a larger device such as a mobile phone. But it is practically impossible to support dozens of different frequency bands in a very small low-power device. Antti Tolvanen believes that the need for regional and even operator-specific localization in device design will increase as the smallest IoT devices become more common.
The pressure to implement solutions in accordance with sustainable development is also increasing. The EU plans to expand its eco-design regulations to also electronics in the next few years.
"Projects pertaining to devices will certainly not become any simpler with new requirements and use cases," says Antti Tolvanen. The complexity of design projects and the number of different experts needed will inevitably increase.
A device manufacturer needs IoT know-how in the transformation to a service provider – but you can succeed without an in-house team of experts