How to choose an IoT platform: “Be open, agile and secure,” says Software AG
The only way to manage the rising chaos within industrial IoT systems is to deploy an IoT platform that provides flexibility and control. But there are masses of them out there. How can an ambitious IT chief or digital officer choose between them? German software company Software AG has a three-step guide.
Bernd Gross, the company’s senior vice president of IoT and cloud, explains the madness is in the mechanics. “The complexity is in there, and that complexity can only be properly managed with a platform approach,” he says.
“But if you start out today with a bespoke platform, and you try to solve just one single pain-point, one single issue, then you are going about it the wrong way. You need to add functionality as you go, and the only way to do that is to abstract your machine data from your IT functions. That abstraction, that normalisation of your data environment, is only possible with a platform approach.”
Gross admits he is biased; Software AG provides “ingredients” to Siemens’ MindSphere IoT operating system. Sure, I could tell you which platform to use,” he says. But his point is broader; there are a number of emerging IoT platforms in the market, which obey common principles, and there are a number more that do not; these others should be avoided at all costs, he says.
“The landscape is quite considerable. There are a massive number of platform providers out there,” he explains. The question is how to chooses between them. Gross has three simple steps to distinguish a good IoT platform from a bad one. The final decision is personal, he suggests, but advises enterprises take advantage of free trials, commonly available, to make a final decision.
The first principle when choosing an IoT platform is openness. “Don’t to try to do a bespoke project; not anymore,” says Gross. “That’s not the right choice.” The platform needs to be off-the-shelf, albeit programmable. “They will try to lock you in,” he warns. Every kind of IoT input – both old and new, for both limited experimentation and unknowable expansion – should be available to you.
“Vendor lock-in remains a massive challenge. It’s a new market, and you have to be open and flexible, and ultimately independent. Choose a partner that gives you freedom of choice,” explains Gross. IoT architects and buyers should be able to select the hyper-scale data centre environments they prefer, whether AWS, Microsoft Azure or Alibaba. “You have to have an open platform and open controls,” he says.
The second step is to ensure rapid deployment, explains Gross. “That’s extremely important,” he says. There is no hanging around, anymore; stakeholder management only works when targets are reached, and both the promise and reality of IoT means these internal targets are being stretched. “The expectation today is you should be able to deliver in weeks – not in two months or half a year. That has to be considered when you choose an IoT platform,” says Gross.
It might be noted Software AG advocates caution, in general, when deploying IoT solutions. Enterprises must learn to walk, first, before the technology runs away from them, and well-established processes unravel, it says. “The first thing is to establish a discrete separate application environment,” explains Gross. But after the wizardry has been confirmed, the platform should be quickly and easily scalable across business functions.
Security must be the last word, if not the first as well, when it comes to choosing industrial connectivity, and should be considered a priority when selecting a platform to manage the potential chaos of IoT systems. “It comes in many flavours, on many different levels,” says Gross, describing the expansive attack surface for hackers. Every entrance and exit needs to be locked down.
Unfortunately, both suppliers and customers are struggling. A glance at top IoT security vulnerabilities shows the industry is failing to learn from its mistakes; the same errors and oversights keep cropping up, invariably linked with identity authentication, transport encryption and physical security. Devices are the weakest link.
“Sometimes enterprises secure the connectivity to the cloud data centre, and yet forget to secure the machine,” says Gross, outlining the often-basic nature of IoT errors. The IoT platform gives sight of IoT connections and devices, and a chance to manage them securely. “Security has a big impact on your project,” he says; the challenge is to choose the platform, open and agile, which also boasts the top-level security features.