Active RFID (radio frequency identification) tags are continuously operating, battery-powered sensors that gather and transmit data to a reading device.

An active sensor is a sensing device that requires an external source of power to operate; active sensors contrast with passive sensors, which simply detect and respond to some type of input from the physical environment.

  • In the context of remote sensing, an active sensor is a device with a transmitter that sends out a signal, light wavelength or electrons to be bounced off a target, with data gathered by the sensor upon their reflection.
  • Active and passive sensing technologies are both used in remote sensing to make observations and measurements from a distance or on a scale beyond those observable to the naked eye. Sensors can also be used in harsh environments and places that are inaccessible to people.
  • Active sensors are also widely used in manufacturing and networking environments for example to monitor industrial machines or data center infrastructure so anomalies can be detected and components can be repaired or replaced before they break and shut everything down.
  • Examples of other active sensor-based technologies include: scanning electron microscopes, LiDAR,radar, GPS, x-ray, sonar, infrared and seismic. However, as can be the case with some sensors, seismic and infrared light sensors exist in both active and passive forms.

Depending on what is being sensed, these various sensors might be mounted to a satellite, an airplane, a boat or a submarine UAV drone. They might also be mounted to another convenient observation point, such as a building top.

The data gathered by remote sensing is used for everything from cartography to resource exploration to atmospheric and chemical measurements. Remote sensing is also essential to the Internet of Things (IoT), in which almost any physical or logical entity can be equipped with a unique identifier and the ability to transfer data over a network autonomously.


Addressability is the capacity for an entity to be targeted and found. To be addressable, an entity must be uniquely identifiable, which means that it must be associated with something — typically an alphanumeric string, although there are other possibilities — that is not associated with anything else that exists within that system.

URI (Uniform Resource Identifier) is a unique identifier that makes content addressable on the Internet by uniquely targeting items, such as text, video, images and applications. A URL (Uniform Resource Locator) is a particular type of URI that targets Web pages so that when a browser requests them, they can be found and served to users.

  • Addressability is an increasing trend: more and more things can be assigned unique identifiers, and if something has a unique identifier, it can be tagged, assigned a URI and targeted over a network. That capacity paves the way for the Internet of Things (IoT), a scenario in which everything — including people, animals, servers, applications, shampoo bottles, cars, steering wheels, coffee machines, park benches or just about any other random item that comes to mind.– has a unique identifier and the ability to communicate over the Internet or a similar wide-area network (WAN).



Bluetooth Low Energy is a power-conserving variant of Bluetooth personal area network (PAN) technology, designed for use by Internet-connected machines and appliances.

  • Also marketed as Bluetooth Smart, Bluetooth LE was introduced in the Bluetooth 4.0 specification as an alternative to Bluetooth Classic. Like its predecessor, Bluetooth LE uses frequency hopping wireless technology in the 2.4 GHz unlicensed radio band to interconnect nearby devices. Unlike its predecessor, Bluetooth LE maxes out at just 1 Mbps while consuming just 0.01 to 0.5 watts. That’s up to one third of the speed of Bluetooth Classic, at no more than half the power.
  • Originally introduced in 2004, Bluetooth LE adoption is now being driven by today’s fast-growing Internet of Things (IoT). For example, Internet-connected devices used for personal healthcare, fitness, sports, entertainment, and locationing now use Bluetooth LE to communicate with contemporary smartphones and tablets, including iPhones,  Android phones, Windows phones, and Black Berrys. Battery life depends upon hardware, transmit distance and duty cycle, ranging from 1 to 40 months. For example, an iBeacon â€“ a device that emits periodic Bluetooth pulses to enable inexpensive, precise indoor positioning – could easily operate for 1-2 years on a single battery.
  • Bluetooth LE is attractive to consumer electronics and Internet-connected machine manufacturers because of its low cost, long battery life, and ease of deployment. From thermometers and heart rate monitors to smart watches and proximity sensors, Bluetooth LE facilitates infrequent short-range wireless data communication between devices, powered by nothing more than a dime-sized battery.


Bring your own wearables (BYOW) is a trend toward the use of employee-owned wearable devices in a business setting.



Car hacking is the manipulation of the code in a car’s electronic control unit (ECU) to exploitsvulnerability and gain control of other ECU units in the vehicle.

  • Car hack demonstrations have targeted a variety of makes and models of cars, gaining control of various systems including the entertainment center, speedometer, gas gauge, brakes, steering, air bags and Proof-of-concept (POC) exploits have successfully breached the systems of both driven and driver-less cars.
  • In one demonstration, security researchers Charlie Miller and Chris Valasek wirelessly hacked a Jeep while it was driving on the highway. According to journalist Andy Greenberg, who was in the vehicle, Miller and Valasek were able to control the vehicle’s air vents and windscreen wipers, dashboard functions, transmission and brakes. They then disabled the brakes, sending the Jeep crashing into a ditch.
  • The researchers exploited vulnerabilities in Uconnect software, which Fiat Chrysler vehicles use to control the entertainment system and enable features such as remote locking and the ability to start the car with a smartphone app. According to Miller and Valasek, the biggest security vulnerability is the vehicles’ ability to connect with the Internet, because anyone who knows its IP address can access its computer systems.

A control network is a network of nodes that collectively monitor, sense, and control or enable control of an environment for a particular purpose. A home appliance network is a good example of a control network. In fact, thousands of control networks already exist in everyday life in automobiles, refrigerators, traffic light controls, city lighting systems, and on factory floors. Control networks vary enormously in the number of nodes (from three to thousands) in the network and in their complexity. Unlike networks that people use to communicate with each other, control networks tend to be invisible. In the future, control networks are expected to become an important aspect of what is sometimes called ubiquitous computing.



A device attack is an exploit that takes advantage of a vulnerable device to gain access to a network.

  • The term “device attack” was coined to differentiate such exploits from those targeting personal computers. The attack vector could be any other kind of Internet-connected device. Potential targets include not just smartphones, which are the most commonly cited example, but also network hardware, smart grid components, medical equipment and embedded — among a great many other possibilities.
  • In the past, most malware targeted personal computers because that was the most common type of device connecting to the Internet. Naturally, most anti-malware efforts were designed to protect the PC. Although non-PC devices have become almost ubiquitous in the past several years, security efforts have lagged behind and attackers are taking advantage of that fact.
  • Securing non-PC devices is problematic for a number of reasons. For one thing, many security measures, such as virus scanning, that are suitable for a PC, place too great a demand on the limited resources of smaller devices for memory, processor cycles and electrical power. Administration of patches and updates can be difficult because of sporadic connectivity to the corporate network. Furthermore, portable devices can be easily lost or stolen; unless they can be remotely disabled or wiped in that event, they pose a serious risk to the corporate network.



Embedded device hacking is the exploiting of vulnerabilities in embedded software to gain control of the device.

  • Attackers have hacked embedded systems to spy on the devices, to take control of them or simply to disable (brick) them. Embedded systems exist in a wide variety of devices including Internet and wireless access points, IP cameras, security systems, pace makers, drones and industrial control systems. The hacking may carried out on flashable ROM chips or – as is more commonly the current practice — on firmware.
  • Traditionally, many of the hardware and hardware systems controlled by embedded software have not been easily interfaced with.  This fact, along with the number of embedded operating systems, once provided relative security through obscurity. Because they were not considered prominent attack targets, embedded system security has not always been a prime concern. However, as more and more embedded devices are exposed to the Internet because of driving forces like the Internet of Things (IoT) and remotely-controlled industrial systems, the number of targets is increasing all the time.
  • Before the extensible firmware interface came about, flashable BIOS ROMs could be infected with viruses. However, live updating has made forged or forced flashing through code exploits more common.
  • The Misfortune Cookie flaw, discovered in late 2014, allows an attacker to hack routers and gateway devices. Even more serious is Stuxnet, a worm targeting a rootkit exploit designed to compromise logic controllers in SCADA systems, which are used for nuclear power, water and sewage plants, as well as in telecommunications and oil and gas refining.

Embedded firmware is the flash memory chip that stores specialized software running in a chip in an embedded device to control its functions.

  • Firmware in embedded systems fills the same purpose as a ROM but can be updated more easily for better adaptability to conditions or interconnecting with additional equipment.
  • Hardware makers use embedded firmware to control the functions of various hardware devices and systems much like a computer’s operating system controls the function of software applications. Embedded firmware exists in everything from appliances so simple you might not imagine they had computer control, like toasters, to complex tracking systems in missiles. The toaster would likely never need updating but the tracking system sometimes does. As the complexity of a device increases, it often makes sense to use firmware in case of design errors that an update might correct.
  • Embedded firmware is used to control the limited, set functions of hardware devices and systems of greater complexity but still gives more appliance-like usage instead of a series of terminal commands. Embedded firmware functions are activated by external controls or external actions of the hardware. Embedded firmware and ROM-based embedded software often have communication links to other devices for functionality or to address the need for the device to be adjusted, calibrated or diagnosed or to output log files. It is also through these connections that someone might attempt embedded device hacking.

Embedded software varies in complexity as much the devices it is used to control. Although embedded software and embedded firmware are sometimes used synonymously, they are not exactly the same thing. For example, embedded software may run on ROM chips. Also, embedded software is often the only computer code running on a piece of hardware while firmware can also refer to the chip that houses a computer’s EFI or BIOS, which hands over control to an OS that in turn launches and controls programs.

Embedded software is specialized programming in a chip or on firmware in an embedded device to controls its functions.

  • Hardware makers use embedded software to control the functions of various hardware devices and systems. Embedded software controls device functions in the same way that a computer’s operating system controls the function of software applications. Almost any device can contain embedded software – from those so simple you might not imagine they had computer control, like toasters and light bulbs, to complex tracking systems in missiles.
  • Embedded software is used to control the limited, set functions of hardware devices and doesn’t generally need input; it is not typically worked with directly by users. Its functions are activated by external controls, either external actions of the device itself or remote input. The device may have communication links to other devices for functionality or in case the device needs to be adjusted, calibrated or diagnosed. It is also through these connections that someone might attempt embedded system hacking.
  • Embedded software varies in complexity as much the devices it is used to control. Although the term is often used interchangeably with firmware, embedded software is often the only computer code running on a piece of hardware, while firmware, in contrast, hands over control to an operating system that in turn launches and controls programs.

Embedded system security is the reduction of vulnerabilities and protection against threats in software running on embedded devices.

  • Like security in most IT fields, embedded system security involves a conscientious approach to hardware design and coding as well as added security software, an adherence to best practices and consultation with experts.
  • In the past, the large number of embedded operating systems and the fact that these systems did not typically have direct Internet communication provided some degree of security, both through obscurity and the fact that they were not convenient targets.
  • Traditionally, many of the hardware and hardware systems controlled by embedded software have not been easily interfaced with as they had little need to be exposed. Trends like machine-to-machine (M2M) communication, the Internet of Things and remotely-controlled industrial systems, however, have increased the number of connected devices and simultaneously made these devices targets.
  • The similarities between embedded OSes and live firmware updating in conjunction with the increased number of communication points create a large increase in the attack surface:  Each communication point is a potential point of entry for hackers. A device’s firmware may be hacked to spy on and take control of everything from Internet and wireless access points, USB accessories, IP cameras and security systems to pace makers, drones and industrial control systems.
  • While trends like BYOD, the IoT and automation speed ahead, the security of embedded systems often lags. As attacks on embedded systems and firmware become more common, however, it becomes increasingly crucial to protect these ubiquitous devices.



Fog computing, also known as fogging, is a distributed computing infrastructure in which some application services are handled at the network edge in a smart device and some application services are handled in a remote data center — in the cloud. The goal of fogging is to improve efficiency and reduce the amount of data that needs to be transported to the cloud for data processing, analysis and storage. This is often done for efficiency reasons, but it may also be carried out for security and compliance reasons.

  • In a fog computing environment, much of the processing takes place in a data hub on a smart mobile device or on the edge of the network in a smart router or other gateway This distributed approach is growing in popularity because of the Internet of Things (IoT) and the immense amount of data that sensors generate. It is simply inefficient to transmit all the data a bundle of sensors creates to the cloud for processing and analysis; doing so requires a great deal of bandwidth and all the back-and-forth communication between the sensors and the cloud can negatively impact performance. Although latency may simply be annoying when the sensors are part of a gaming application, delays in data transmission can be life-threatening if the sensors are part of a vehicle-to-vehicle communication system or large-scale distributed control system for rail travel.
  • The term fog computing is often associated with Cisco. “Cisco Fog Computing” is a registered name; “fog computing” is open to the community at large. The choice of the word “fog” is meant to convey the idea that the advantages of cloud computing can — and should — be brought closer to the data source. (In meteorology, fog is simply a cloud that is close to the ground.)



A gateway is a network point that acts as an entrance to another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within your company’s network or at your local Internet service provider (ISP) are gateway nodes.



Home automation is the use of one or more computers to control basic home functions and features automatically and sometimes remotely. An automated home is sometimes called a smart home .

  • Home automation can include the scheduling and automatic operation of water sprinkling, heating and air conditioning, window coverings, security systems, lighting, and food preparation appliances. Home automation may also allow vital home functions to be controlled remotely from anywhere in the world using a computer connected to the Internet. Besides the functions already mentioned, remote control can be extended to telephones and answering machines, fax machines, amateur radios and other communications equipment, and home robot s such as automatic vacuum cleaners.
  • The fundamental components of a well-designed home automation system include a computer (or computers) with the appropriate programming, the various devices and systems to be controlled, interconnecting cables or wireless links, a high-speed Internet connection, and an emergency backup power source for the computer, its peripherals, and the essential home systems.



The Identity of Things (IDoT) is an area of endeavor that involves assigning unique identifiers (UID) with associated metadata to devices and objects (things), enabling them to connect and communicate effectively with other entities over the Internet.

  • The metadata associated with the UID collectively defines the identity of an endpoint. Identity of things is an essential component of the Internet of Things (IoT), in which almost anything imaginable can be addressed and networked for exchange of data online. In this context, a thing can be any entity — including both physical and logical objects — that has a unique identifier and the ability to transfer data over a network.
  • Addressability makes it possible for things to be targeted and found. To be addressable for the Internet of Things, an entity must be globally uniquely identifiable, which means that it must be associated with something — typically an alphanumeric string — that is not associated with anything else.

To make communication among things effective and secure, however, it’s crucial to make more information about their identities available to other things. Following are some of the essential considerations for identities of IoT things:

  • Lifecycle: Some IoT entities can have quite extensive life spans. An individual’s electronic medical record (EMR), for example, is a logical object that maintains its identity through the person’s life. On the other hand some other entities have very brief lifecycles. A parcel, for example, only exists as an entity from the time it is shipped until the time it is received.
  • Relationships: It’s important to know how an IoT entity is related to other entities, including not only other things but also external entities such as owners, administrators and other responsible parties.
  • Context-awareness: Identity and access management (IAM) for IoT entities must have the capacity to be context-dependent. It may be appropriate, for example, for an entity to access another entity or system under certain circumstances and inappropriate — or even dangerous — for it to be granted access otherwise.
  • Authentication: Multi-factor authentication is effective to validate humans but less so for IoT things because many methods — biometric verification, for example — are not relevant. It’s necessary to find other means of securely authenticating IoT identities

The Industrial Internet of Things (IIoT) is the use of Internet of Things (IoT) technologies in manufacturing.

  • Also known as the Industrial Internet, IIoT incorporates machine learning and data technology, harnessing the sensor data, machine-to-machine (M2M) communication and automation technologies that have existed in industrial settings for years. The driving philosophy behind the IIoT is that smart machines are better than humans at accurately, consistently capturing and communicating data. This data can enable companies to pick up on inefficiencies and problems sooner, saving time and money and supporting business intelligence efforts. In manufacturing specifically, IIoT holds great potential for quality control, sustainable and green practices, supply chain traceability and overall supply chain efficiency.
  • A major concern surrounding the Industrial IoT is interoperability between devices and machines that use different protocols and have different architectures. The nonprofit Industrial Internet Consortium, founded in 2014, focuses on creating standards that promote open interoperability and the development of common architectures.

An intelligent device is any type of equipment, instrument, or machine that has its own computing capability. As computing technology becomes more advanced and less expensive, it can be built into an increasing number of device s of all kinds. In addition to personal and handheld computers, the almost infinite list of possible intelligent devices includes cars, medical instruments, geological equipment, and home appliances.

  • Various products are being developed to enable network connectivity for diverse intelligent devices. A new category of software known as device relationship management (DRM) is designed to enable the monitoring, managing, and servicing of intelligent devices over the Internet. Sun Microsystems is promoting Jini , a way to connect new devices into a network in which the devices themselves will describe how to communicate with them. Many observers cite intelligent device networking as a major reason to implement server support for IPv6 , a new version of the Internet Protocol that vastly expands the number of things that can be addressed in networking.
  • According to a January 2002 study conducted by Harbor Research, the number of intelligent devices networked for the purposes of remote administration — excluding telephones and personal computers — is expected to exceed 500 million by 2010.

The Internet of Things (IoT) is an environment in which objects, animals or people are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. IoT has evolved from the convergence of wireless technologies, micro-electromechanical systems (MEMS) and the Internet.

  • A thing, in the Internet of Things, can be a person with a heart monitor implant, a farm animal with a biochip transponder, an automobile that has built-in sensors to alert the driver when tire pressure is low — or any other natural or man-made object that can be assigned an IP address and provided with the ability to transfer data over a network. So far, the Internet of Things has been most closely associated with machine-to-machine (M2M) communication in manufacturing and power, oil and gas utilities. Products built with M2M communication capabilities are often referred to as being
  • IPv6’s huge increase in address space is an important factor in the development of the Internet of Things. According to Steve Leibson, who identifies himself as “occasional docent at the Computer History Museum,” the address space expansion means that we could “assign an IPV6 address to every atom on the surface of the earth, and still have enough addresses left to do another 100+ earths.” In other words, humans could easily assign an IP address to every “thing” on the planet. An increase in the number of smart nodes, as well as the amount of upstream data the nodes generate, is expected to raise new concerns about data, data sovereignty and security.
  • Kevin Ashton, cofounder and executive director of the Auto-ID Center at MIT, first mentioned the Internet of Things in a presentation he made to Procter & Gamble in 1999. Here’s how Ashton explains the potential of the Internet of Things:

“Today computers — and, therefore, the Internet — are almost wholly dependent on human beings for information. Nearly all of the roughly 50 petabytes (a petabyte is 1,024 terabytes) of data available on the Internet were first captured and created by human beings by typing, pressing a record button, taking a digital picture or scanning a bar code.

The problem is, people have limited time, attention and accuracy — all of which means they are not very good at capturing data about things in the real world. If we had computers that knew everything there was to know about things — using data they gathered without any help from us — we would be able to track and count everything and greatly reduce waste, loss and cost. We would know when things needed replacing, repairing or recalling and whether they were fresh or past their best.”

Although the concept wasn’t named until 1999, the Internet of Things has been in development for decades. The first Internet appliance, for example, was a Coke machine at Carnegie Melon University in the early 1980s. The programmers could connect to the machine over the Internet, check the status of the machine and determine whether or not there would be a cold drink awaiting them, should they decide to make the trip down to the machine.

Internet of Things privacy is the special considerations required to protect the information of individuals from exposure in the IoT environment, in which almost any physical or logical entity or object can be given a unique identifier and the ability to communicate autonomously over the Internet or similar network.

  • As endpoints (things) in the IoT environment transmit data autonomously, they also work in conjunction with other endpoints and communicate with them. Interoperability of things is essential to the IoT’s functioning so that, for example, networked elements of a home work together smoothly.
  • The data transmitted by a given endpoint might not cause any privacy issues on its own. However, when even fragmented data from multiple endpoints is gathered, collated and analyzed, it can yield sensitive information.
  • The idea of networking appliances and other objects is relatively new, especially in terms of the global connectivity and autonomous data transfer that are central to the Internet of Things. As such, security has not traditionally been considered in product design, which can make even everyday household objects points of vulnerability. Researchers at Context Information Security, for example, found a vulnerability in a Wi-Fi-enabled light bulb that allowed them to request its Wi-Fi credentials and use those credentials to get network access.
  • Michael Jordon, research director at Context Information Security commented on the need to address the security and privacy issues related to the Internet of Things: “IoT security needs to be taken seriously, particularly before businesses start to connect mission critical devices and systems.”


IoT (Internet of Medical Things)

An IoT botnet (Internet of Things botnet) is a group of hacked computers, smart appliances and Internet-connected devices that have been co-opted for illicit purposes.

  • A conventional botnet is made up of computers that have been remotely accessed without the owners’ knowledge and set up to forward transmissions to other computers on the Internet. The Internet of Things (IoT) is made up of not only dedicated computers but also cardiac implant monitors, household and industrial appliances, automobiles, mechanical sensors and other devices equipped with IP addresses and the ability to transmit data over a network. In the IoT context, these are known as things.
  • In late December 2013, a researcher at Proofpoint (a California-based enterprise security company) noticed that hundreds of thousands of malicious emails logged through a security gateway had originated from a botnet that included not only computers, but also other devices — including smart TVs, a refrigerator and other household appliances.
  • Hijacked computers in a conventional botnet are known as zombies or bots. David Knight, of Proofpoint, coined the word thingbot to refer to devices other than computers that have been co-opted for a botnet.

IoT security is the area of endeavor concerned with safeguarding connected devices and networks in the Internet of things (IoT).

The Internet of Things involves the increasing prevalence of objects and entities – known, in this context as things – provided with unique identifiers and the ability to automatically transfer data over a network. Much of the increase in IoT communication comes from computing devices and embedded sensor systems used in industrial machine-to-machine (M2M) communication, smart energy grids, home and building automation, vehicle to vehicle communication and wearable computing devices.

The main problem is that because the idea of networking appliances and other objects is relatively new, security has not always been considered in product design.  IoT products are often sold with old and unpatched embedded operating systems and software. Furthermore, purchasers often fail to change the default passwords on smart devices — or if they do change them, fail to select sufficiently strong passwords. To improve security, an IoT device that needs to be directly accessible over the Internet, should be segmented into its own network and have network access restricted. The network segment should then be monitored to identify potential anomalous traffic, and action should be taken if there is a problem.

Security experts have warned of the potential risk of large numbers of unsecured devices connecting to the Internet since the IoT concept was first proposed in the late 1990s. In December of 2013, a researcher at Proofpoint, an enterprise security firm, discovered the first IoT botnet. According to Proofpoint, more than 25 percent of the botnet was made up of devices other than computers, including smart TVs, baby monitors and other household appliances.

An IPv6 address is a 128-bit alphanumeric string that identifies an endpoint device in the Internet Protocol Version 6 (IPv6) addressing scheme.

In more precise terms, an IPv6 address is 128 bits long and is arranged in eight groups, each of which is 16 bits. Each group is expressed as four hexadecimal digits and the groups are separated by colons.

Here’s an example of a full IPv6 address:


That address can be shortened, however, because the addressing scheme allows the omission of any leading zero, as well as any sequences consisting only of zeroes. Here’s the short version:

FE80:CD00:0: CDE: 1257:0:211E:729C

It has been a concern for some time that the IPv4 addressing scheme was running out of potential addresses. The IPv6 format was created to enable the trillions of new IP addresses required to connect not only an ever-greater number of computing devices but also the rapidly expanding numbers of items with embedded connectivity. In the Internet of Things (IoT) scenario, objects, animals and people are provided with unique identifiers and the ability to automatically transfer data over a network without requiring human-to-human or human-to-computer interaction.

IPv6 expands the available address space sufficiently to enable anything conceivable to have an IP address. The number of potential IPv6 addresses has been calculated as:


According to Computer History Museum docent Dick Guerin, that number allows an IPv6 address for each atom on the surface of the planet– with enough left over for more than 100 more similar planets.









Machine authentication is the authorization of an automated human-to-machine or machine-to-machine (M2M) communication through verification of a digital certificate or digital credentials.

  • Digital certificates used in machine authorization are like a form of digital passport providing trusted identification for the purpose of securely exchanging information over the Internet. Digital credentials are much like forms of machine-provided ID and password.
  • Machine authentication is used to authorize machine interactions on both wired and wireless networks to enable computers and other machines to interact and exchange information autonomously.  The processes of machine authentication can be performed by simple devices such as sensors and meters in infrastructure.

Common applications of machine authentication include:

  • Backup software updates and patches that must be conducted outside of business hours for optimal performance and reliability with minimal disruption.
  • Telemedicine devices that enable doctors to monitor patients remotely.
  • Smart grid technologies that allow components of the electric grid to both communicate.

M2M communication enables automated remote monitoring, as well as the capacity to trigger actions based on that monitoring. In product restocking, for example, a networked vending machine might message the distributor when a particular item is running low, automatically triggering an order. The technology is central to warehouse management, remote control, robotics, traffic control, logistic services, supply chain management (SCM) and fleet management.

  • Machine-to-machine communication is also a fundamental technology for the Internet of Things (IoT), in which almost any entity or object imaginable can be provided with a unique identifier (UI) and the capacity to exchange data automatically over a network. Internet of Things security and privacy are two crucial areas of concern in that scenario. Machine authentication is integral to ensuring both.
  • Machine authentication contrasts with user authentication, which is reliant upon the presence of a human user.

Machine data (also known as machine-generated data) is digital information created by the activity of computers, mobile phones, embedded systems and other networked devices.  Such data became more prevalent as technologies such as radio frequency identification (RFID) and telematics advanced. More recently, machine data has gained further attention as use of the Internet of Things, Hadoop and other big data management technologies has grown.

  • Application, server and business process logs, call detail records and sensor data are prime examples of machine data. Internet clickstream data and website activity logs also factor into discussions of machine data.
  • Combining machine data with other enterprise data types for analysis is expected to provide new views and insight on business activities and operations. For example, some large industrial manufacturers are analyzing machine data on the performance of field equipment in near-real-time, together with historical performance data, to better understand service problems and to try to predict equipment maintenance issues before machines break down.
  • Other examples of applications that center on the use of machine data include setups for monitoring oil and gas pipelines, natural disaster warning systems based on feeds from marine sensors, forecasting systems that take data from satellites and weather stations to help predict weather in small geographic areas, and a building energy management system that analyzes HVAC and elevator data to improve efficiency. Further use cases are likely to arise as emerging machine learning applications begin to mature.


Machine to machine (M2M) is a broad label that can be used to describe any technology that enables networked devices to exchange information and perform actions without the manual assistance of humans.

  • M2M communication is often used for remote monitoring. In product restocking, for example, a vending machine can message the distributor when a particular item is running low. M2M communication is an important aspect of warehouse management, remote control, robotics, traffic control, logistic services, supply chain management, fleet management and telemedicine.  It forms the basis for a concept known as the Internet of Things (IoT).
  • Key components of an M2M system include sensors, RFID, a Wi-Fi or cellular communications link and autonomic computing software programmed to help a networked device interpret data and make decisions. The most well-known type of M2M communication is telemetry, which has been used since the early part of the last century to transmit operational data. Pioneers in telemetrics first used telephone lines — and later, on radio waves — to transmit performance measurements gathered from monitoring instruments in remote locations. The Internet and improved standards for wireless technology have expanded the role of telemetry from pure science, engineering and manufacturing to everyday use in products like home heating units, electric meters and Internet-connected appliances. Products built with M2M communication capabilities are often marketed to end users as being “smart.”
  • Currently, M2M does not have a standardized connected device platform and many M2M systems are built to be task- or device-specific. It is expected that as M2M becomes more pervasive, vendors will need to agree upon standards for device-to-device communications.

A mesh network topology is a decentralized design in which each node on the network connects to at least two other nodes. Mesh networks are expected to play an important part in the Internet of Things (IoT).

  • Unlike nodes in a star topology, which require a router to deliver Internet service, network nodes can “talk” directly to each other without requiring the assistance of an Internet connection. A big advantage of this decentralized topology is that there cannot be a single point of failure (SPoF). If one node can no longer operate, all the rest can still communicate with each other, directly or through one or more intermediate nodes.
  • Mesh networks can use a full mesh topology or a partial mesh topology. In a full mesh topology, each network node is connected to all the other nodes in the network. In a partial mesh topology, at least one node connects directly to every other node while others may only connect to those nodes they exchange data with on a frequent basis.
  • In the past, when mesh networks were always wired, the topology could be expensive (and complicated) to implement because each node had to be physically connected to the other nodes. Today, however, advances in wireless communication and short-range wireless personal network (WPAN) specifications have removed the physical and financial barriers.

Micro-electromechanical systems (MEMS) is a technology that combines computers with tiny mechanical devices such as sensors, valves, gears, mirrors, and actuators embedded in semiconductor chips. Paul Saffo of the Institute for the Future in Palo Alto, California, believes MEMS or what he calls analog computing will be “the foundational technology of the next decade.” MEMS is also sometimes called smart matter.

  • MEMS are already used as accelerometers in automobile air-bags. They’ve replaced a less reliable device at lower cost and show promise of being able to inflate a bag not only on the basis of sensed deceleration but also on the basis of the size of the person they are protecting. Basically, a MEMS device contains micro-circuitry on a tiny silicon chip into which some mechanical device such as a mirror or a sensor has been manufactured. Potentially, such chips can be built in large quantities at low cost, making them cost-effective for many uses.

Among the presently available uses of MEMS or those under study are:

  • Global position system sensors that can be included with courier parcels for constant tracking and that can also sense parcel treatment en route
  • Sensors built into the fabric of an airplane wing so that it can sense and react to air flow by changing the wing surface resistance; effectively creating a myriad of tiny wing flaps
  • Optical switching devices that can switch light signals over different paths at 20-nanosecond switching speeds
  • Sensor-driven heating and cooling systems that dramatically improve energy savings
  • Building supports with imbedded sensors that can alter the flexibility properties of a material based on atmospheric stress sensing

Saffo distinguishes between sensor-effector type micro computing (which he calls “MEMS”) and micro-devices containing gears, mirrors, valves, and other parts (which he calls “micro-machines”).

A microcontroller is a compact microcomputer designed to govern the operation of embedded systems in motor vehicles, robots, office machines, complex medical devices, mobile radio transceivers, vending machines, home appliances, and various other devices. A typical microcontroller includes a processor, memory, and peripherals.

  • The simplest microcontrollers facilitate the operation of the electromechanical systems found in everyday convenience items. Originally, such use was confined to large machines such as furnaces and automobile engines to optimize efficiency and performance. In recent years, microcontrollers have found their way into common items such as ovens, refrigerators, toasters, clock radios, and lawn watering systems. Microcomputers are also common in office machines such as photocopiers,scanners, fax machines, and printers.
  • The most sophisticated microcontrollers perform critical functions in aircraft, spacecraft, ocean-going vessels, life-support systems, and robots of all kinds. Medical technology offers especially promising future roles. For example, a microcontroller might regulate the operation of an artificial heart, artificial kidney, or other artificial body organ. Microcomputers can also function with prosthetic devices (artificial limbs). A few medical-science futurists have suggested that mute patients might someday be able, in effect, to speak out loud by thinking of the words they want to utter, while a microcontroller governs the production of audio signals to drive an amplifier and loudspeaker.
  • Microcomputers enjoy immense popularity among electronics hobbyists and experimenters. Perhaps the most widely known and used of these devices belong to the PIC family, manufactured by Microchip Technology, Inc. of Chandler, Arizona. All devices in the PIC family come with a wide variety of development tools, are easy to find, remain relatively inexpensive, and have excellent documentation.
  • A passive sensor is a device that detects and responds to some type of input from the physical environment.







Passive sensor technologies gather target data through the detection of vibrations, light, radiation, heat or other phenomena occurring in the subject’s environment.  They contrast with active sensors, which include transmitters that send out a signal, a light wavelength or electrons to be bounced off the target, with data gathered by the sensor upon their reflection.

  • Both active and passive sensing technologies are often used to make observations and measurements from a distance or on a scale beyond those observable to the naked eye. Sensors can also be used in harsh environments and places inaccessible to people.
  • Examples of passive sensor-based technologies include: Photographic, thermal, electric field sensing, chemical, infrared and seismic. However, as can be the case with some sensors, seismic and infrared light sensors exist in both active and passive forms.
  • Depending on what is being sensed these various sensors might be mounted to a satellite, airplane, boat, submarine UAV drone, or from another convenient point of observation such as a building top. The data gathered by remote sensing is used for everything from cartography to resource exploration to atmospheric and chemical measurements. Remote sensing is also one of the basic enabling technologies for the Internet of Things (IoT), in which almost any imaginable entity can be equipped with a unique identifier and the ability to transfer data over a network autonomously.
  • Both types of sensors have benefits and drawbacks. Passive sensor technologies can’t be detected by observed parties as they only sense what is in the environment rather than relying on a transmitter whose activity might be detected with equipment. Active sensors, however, can sometimes be used when passive sources of observations by sensor are impossible. This could be, for example, when the ambient observed phenomena are not available to aCCD camera during the night. Active sensor technologies like LiDAR or radar can still be used independent of daylight to make maps or track movement as they have their own radiations on which to base their observations.

Pervasive computing (also called ubiquitous computing) is the growing trend towards embedding microprocessors in everyday objects so they can communicate information.  The words pervasive and ubiquitous mean “existing everywhere.” Pervasive computing devices are completely connected and constantly available.

  • Pervasive computing relies on the convergence of wireless technologies, advanced electronics and the Internet. The goal of researchers working in pervasive computing is to create smart products that communicate unobtrusively. The products are connected to the Internet and the data they generate is easily available.
  • Privacy advocates are concerned about the “big brother is watching you” aspects of pervasive computing, but from a practical standpoint, most researchers feel it will improve efficiency.  In a 1996 speech, Rick Belluzo, who was then executive VP and general manager of Hewlett-Packard, compared pervasive computing to electricity. He described it as being “the stage when we take computing for granted. We only notice its absence, rather than its presence.”
  • An example of a practical application of pervasive computing is the replacement of old electric meters with smart meters. In the past, electric meters had to be manually read by a company representative. Smart meters report usage in real-time over the Internet.  They will also notify the power company when there is an outage, reset thermostats according to the homeowner’s directives, send messages to display units in the home and regulate the water heater.





A reference architecture is a document or set of documents to which a project manager or other interested party can refer for best practices.

  • In information technology, a reference architecture can be used to select the best delivery method for particular technologies within an IT service catalog. The reference may be built in-house or it may be supplied by a third-party service provider or vendor. Typically, a reference will document such things as hardware, software, processes, specifications and configurations, as well as logical components and interrelationships.
  • A reference architecture can be thought of as a resource that documents the learning experiences gained through past projects. By using a reference architecture, a project team can potentially save time and avoid mistakes by learning from past experiences. The specific structure, documentation and management should be flexible, reflecting an organization’s unique structure and needs. To be effective, a reference architecture should be continually revised to include new insights.

Remote sensing is the use of various technologies to make observations and measurements at a target that is usually at a distance or on a scale beyond those observable to the naked eye.

  • Remote sensing technologies include: LiDAR, radar, infrared radiation (IR), thermal, seismic, sonar, electric field sensing and GPS. Depending on what is being detected, these various sensors might be mounted to a satellite, airplane, boat, submarine or UAV drone or from another convenient observation point such as a building top.
  • The data gathered by remote sensing is used for a large and growing number of applications including cartography, resource exploration, atmospheric chemical measurements, healthcare monitoring, surveillance, navigation and GPS tracking.
  • Remote sensing can be conducted through passive or active sensing. In passive sensor technologies, an existing observable phenomenon, such as light from the sun, is captured by a sensor, which might be, for example, a charge-coupled device (CCD) camera mounted on a satellite. In active sensing, the device includes a transmitter that sends out a signal, a particular light wavelength or electrons to be bounced off the target, with data gathered by the sensor upon their reflection.
  • Remote sensing is one of the basic enabling technologies for the Internet of Things (IoT), in which almost any imaginable entity can be equipped with unique identifiers and the ability to transfer data over a network autonomously.

Robotic process automation (RPA) is the use of software with artificial intelligence (AI) and machine learning capabilities to handle high-volume, repeatable tasks that previously required a human to perform.

  • What distinguishes RPA from traditional IT automation is RPA software’s ability to be aware and adapt to changing circumstances, exceptions and new situations. Once RPA software has been trained to capture and interpret the actions of specific processes in existing software applications, it can then manipulate data, trigger responses, initiate new actions and communicate with other systems autonomously. Large and small companies will be able to reap the benefits of RPA by expediting back-office and middle-office tasks in a wide range of industries, including insurance, finance, procurement, supply chain management (SCM), accounting, customer relationship management (CRM) and human resource management (HRM).
  • RPA software is especially useful for organizations that have many different, complicated systems that need to interact together fluidly. For example, if an electronic form from a human resource system is lacking a zip code, traditional automation software would flag the form as having an exception and an employee would handle the exception by looking up the correct zip code and entering it on the form. Once the form was complete, the employee might send it on to payroll so the information could be entered into the organization’s payroll system. With RPA technology, however, software that has the ability to adapt, self-learn, and self-correct would handle the exception and interact with the payroll system without human assistance.
  • Although RPA software can be expensive, the technology offers companies an alternative to outsourcing and can ultimately result in lower operating costs, decreased cycle times and increased productivity for human employees who no longer are tasked with boring work. Because RPA technology tracks and monitors all the tasks that it automates, it can also help companies to become more audit- and regulatory-compliant. Though it is expected that automation software will replace up to 140 million full-time employees worldwide by the year 2025, many high-quality jobs will be created for those who are able to maintain and improve RPA software.



Sensor analytics is the statistical analysis of data that is created by wired or wireless sensors.

  • A primary goal of sensor analytics is to detect anomalies. The insight that is gained by examining deviations from an established point of reference can have many uses, including predicting and proactively preventing equipment failure in a manufacturing plant, alerting a nurse in an electronic intensive care unit (eICU) when a patient’s blood pressure drops, or allowing a data center administrator to make data-driven decisions about heating, ventilating and air conditioning (HVAC).
  • Because sensors are often always on, it can be challenging to collect, store and interpret the tremendous amount of data they create. A sensor analytics system can help by integrating event-monitoring, storage and analytics software in a cohesive package that will provide a holistic view of sensor data. Such a system has three parts: the sensors that monitor events in real-time, a scalable data store and an analytics engine. Instead of analyzing all data as it is being created, many engines perform time-series or event-driven analytics, using algorithms to sample data and sophisticated data modeling techniques to predict outcomes. These approaches may change, however, as advancements in big data analytics, object storage and event stream processing technologies will make real-time analysis easier and less expensive to carry out.
  • Most sensor analytics systems analyze data at the source as well as in the cloud. Intermediate data analysis may also be carried out at a sensor hub that accepts inputs from multiple sensors, including accelerometers, gyroscopes, magnetometers and pressure sensors. The purpose of intermediate data analysis is to filter data locally and reduce the amount of data that needs to be transported to the cloud. This is often done for efficiency reasons, but it may also be carried out for security and compliance
  • The power of sensor analytics comes from not only quantifying data at a particular point in time, but by putting the data in context over time and examining how it correlates with other, related data. It is expected that as the Internet of Things (IoT) becomes a mainstream concern for many industries and wireless sensor networks become ubiquitous, the need for data scientists and other professionals who can work with the data that sensors create will grow — as will the demand for data artists and software that helps analysts present data in a way that’s useful and easily understood.

A smart home or building is a home or building, usually a new one that is equipped with special structured wiring to enable occupants to remotely control or program an array of automated home electronic devices by entering a single command. For example, a homeowner on vacation can use a Touchtone phone to arm a home security system, control temperature gauges, switch appliances on or off, control lighting, program a home theater or entertainment system, and perform many other tasks.

  • The field of home automation is expanding rapidly as electronic technologies converge. The home network encompasses communications, entertainment, security, convenience, and information systems.
  • A technology known as Powerline Carrier Systems (PCS) is used to send coded signals along a home’s existing electric wiring to programmable switches, or outlets. These signals convey commands that correspond to “addresses” or locations of specific devices, and that control how and when those devices operate. A PCS transmitter, for instance, can send a signal along a home’s wiring, and a receiver plugged into any electric outlet in the home could receive that signal and operate the appliance to which it is attached.
  • One common protocol for PCS is known as X10, a signaling technique for remotely controlling any device plugged into an electrical power line. X10 signals, which involve short radio frequency (RF) bursts that represent digital information, enable communication between transmitters and receivers.
  • In Europe, technology to equip homes with smart devices centers on development of the European Installation Bus, or Instabus. This embedded control protocol for digital communication between smart devices consists of a two-wire bus line that is installed along with normal electrical wiring. The Instabus line links all appliances to a decentralized communication system and functions like a telephone line over which appliances can be controlled. The European Installation Bus Association is part of Konnex, an association that aims to standardize home and building networks in Europe.
  • Echelon Corp., the creator of the LonWorks system, is helping drive adoption of an open interoperability standard among vendors in the control networks industry. LonWorks is an open standard for network automation and control for the building, transportation, industrial and home markets. The American National Standards Institute (ANSI) has adopted the protocol underlying LonWorks control networks as an industry standard. The LonMark Interoperability Association is made up of more than 200 controls companies’ mission working on standard to integrate multi-vendor systems based on LonWorks networks.



A thing, in the context of the Internet of things (IoT), is an entity or physical object that has a unique identifier, an embedded system and the ability to transfer data over a network.

  • Given the prevalence of wireless technology, the increasing ability to miniaturize computer components and develop them inexpensively, and the enormously extended range of IPv6 addresses, that capacity could be developed for almost anything imaginable. In addition to dedicated computing devices such as PCs, notebooks, smartphones or tablets, the list of potential things is almost unlimited.

A thingbot is something with an embedded system and an Internet connection that has been coopted by a hacker to become part of a botnet of networked things.

  • The Internet of Things (IoT) is a scenario in which objects and entities are provided with unique and the ability to automatically transfer data over a network. A thing, in this context, could be a dedicated computing device such as a PC, notebook, smartphone or tablet, or almost anything else. A thingbot might be coopted to send spam or malware or to host illicit content, all without the knowledge of the owner.
  • In December 2013 a researcher at Proofpoint, an enterprise security firm, discovered that hundreds of thousands of spam emails were being logged through a security gateway. Proofpoint traced the attacks to a botnet made up of 100,000 hacked appliances.



A unique identifier (UID) is a numeric or alphanumeric string that is associated with a single entity within a given system. UIDs make it possible to address that entity, so that it can be accessed and interacted with.

Here are a few examples of UIDs: 

  • A Uniform Resource Identifier (URI) is a unique identifier that makes content addressable on the Internet by uniquely targeting items, such as text, video, images and applications.
  • A Uniform Resource Locator (URL) is a particular type of URI that targets Web pages so that when a browser requests them, they can be found and served to users.
  • A Universal Unique Identifier (UUID) is a 128-bit number used to uniquely identify some object or entity on the Internet.
  • A global unique identifier (GUID) is a number that Microsoft programming generates to create a unique identity for an entity such as a Word document.
  • A bank identifier code (BIC) is a unique identifier for a specific financial institution.
  • A unique device identifier (UDID) is a 40-character string assigned to certain Apple devices including the iPhone, iPad, and iPod
  • A service set identifier (SSID) is a sequence of characters that uniquely names a wireless local area network (WLAN).
  • A national provider identifier (NPI) is a unique ten-digit identification number required by HIPAA for all health care providers in the United States.


Universal authentication, also known as single sign-on (SSO), is a network identity-verification method that allows users to move from site to site securely without having to enter identifying information multiple times.

  • Authentication (in contrast to authorization) is the process of determining whether or not an entity attempting to access a network or site is actually who or what it claims to be. With universal authentication, a subscriber enters one set of parameters (such as a username and password) at the start of every network session. The authentication data for any site visited thereafter is automatically generated for the duration of that session.
  • One of the biggest problems with Internet security is the fact that every Web site has its own authentication system. A typical Internet user, who has two or three Web-based e-mail addresses and frequents half a dozen online vendors to buy or sell things, must memorize several usernames and passwords. This can be difficult unless the authentication data is written down or stored as a text file, which then becomes a security issue. Universal authentication can eliminate this problem without compromising security or privacy.



Vehicle-to-vehicle communication (V2V communication) is the wireless transmission of data between motor vehicles.

  • The goal of V2V communication is to prevent accidents by allowing vehicles in transit to send position and speed data to one another over an ad hoc mesh network. Depending upon how the technology is implemented, the vehicle’s driver may simply receive a warning should there be a risk of an accident or the vehicle itself may take preemptive actions such as braking to slow down.
  • V2V communication is expected to be more effective than current automotive original equipment manufacturer (OEM) embedded systems for lane departure, adaptive cruise control, blind spot detection, rear parking sonar and backup camera because V2V technology enables an ubiquitous 360-degree awareness of surrounding threats. V2V communication is part of the growing trend towards pervasive computing, a concept known as the Internet of Things (IoT).
  • In the United States, V2V is an important part of the intelligent transport system (ITS), a concept that is being sponsored by the United States Department of Transportation (DOT) and the National Highway Traffic Safety Administration (NHTSA). An intelligent transport system will use the data from vehicle-to-vehicle communication to improve traffic management by allowing vehicles to also communicate with roadside infrastructure such as traffic lights and signs. The technology could become mandatory in the not-too-distant future and help put driver-less cars on highways across America.
  • The implementation of V2V communication and an intelligent transport system currently has three major roadblocks: the need for automotive manufacturers to agree upon standards, data privacy concerns and funding. As of this writing it is unclear whether creation and maintenance of the supporting network would be publicly or privately funded. Automotive manufacturers working on ITS and V2V include GM, BMW, Audi, Daimler and Volvo.









Z-Wave is a wireless communication technology that is used in security systems and also business and home automation.

  • Z-Wave is often used in locks, security systems, lighting, heating, cooling and home appliances. Support can be integrated in products or added by retrofitting standard electronics and devices.
  • Z-Wave communications use low-power radio signals in the 900 MHz range, separated from Wi-Fi. The system supports automatic discovery of up to 230 devices per controller. Multiple controllers can also communicate with one another and pass commands to support additional devices. Z-wave is optimized for low latency, with data rates of up to 100KB/s.
  • Z-Wave is marketed primarily as a security product. However, vulnerabilities have been detected that allow attackers to spoof an access point to gain control, even on encrypted versions. Like most security automation products, Z-Wave increases a system’s attack surface because it adds connected devices and associated software. To prevent networked devices from increasing the overall vulnerability of a system, it’s important to consider the security of any connected element.
  • Over 80 percent of commercial home security systems use Z-Wave as the protocol by which their components communicate; the Z-Wave Alliance, a global consortium organized to bring compatible devices to market, includes more than 250 manufacturers among its members.

ZigBee is a mesh network specification for low-power wireless local area networks (WLANs) that cover a large area.

  • ZigBee was designed to provide high data throughput in applications where the duty cycle is low and low power consumption is an important consideration. (Many devices that use ZigBee are powered by battery.) Because ZigBee is often used in industrial automation and physical plant operation, it is often associated with machine-to-machine (M2M) communication and the Internet of Things (IoT).
  • ZigBee is based on the Institute of Electrical and Electronics Engineers Standards Association’s 15 specification. It operates on the IEEE 802.15.4 physical radio specification and in unlicensed radio frequency bands, including 2.4 GHz, 900 MHz and 868 MHz. The specifications are maintained and updated by the ZigBee Alliance.
  • As of this writing, there are three ZigBee specifications: ZigBee, ZigBee IP and ZigBee RF4CE. ZigBee IP optimizes the standard for IPv6 full mesh networks and ZigBee RF4CE optimizes the standard for partial mesh networks.