Opening Things Up IoT and the Open Source Community

Devices built with support of the IoT industry’s growing open source community makes a more efficient, universally connected world all the more plausible. At the current rate, more than 20 billion devices will be connected by 2020, and all of them have a few things in common. 

Successful IoT projects are developed with the three goals in mind: connectivity, security, and community, all of which are enabled and supported best by using open source. Meeting these goals ties back to the most critical qualities of an effective IoT software system - it must be easy to use, adopt and develop applications for - and developers should ultimately be able influence its direction. By developing devices with open source software, all of these needs can be met. 

Connectivity, of course, puts the “I” in IoT - a device wouldn’t be a connected Thing otherwise. There are several competing standards emerging about connectivity, though, so how does a developer choose among these standards? 

Major industry leaders invested in the future of IoT – including ARRIS, CableLabs, Cisco, Electrolux, GE Digital, Intel, Microsoft, Qualcomm, and Samsung – united to establish the Open Connectivity Foundation (OCF), an entity whose goal will be to help unify IoT standards, so that companies and developers can create IoT solutions and devices that work seamlessly together. Via cross-industry collaboration, the OCF will work towards unlocking the massive opportunity of the future global IoT segment, accelerate industry innovation and help all developers and companies create solutions that map to a single, open IoT interoperability specification. 

Ultimately, with OCF specifications, protocols and open source projects, a wide-range of consumer, enterprise and embedded devices and sensors from a variety of manufacturers, can securely and seamlessly interact with one another.  The OCF unifies the entirety of the former Open Interconnect Consortium with leading companies at all levels – silicon, software, platform, and finished-goods – dedicated to providing this key interoperability element of an IoT solution. When standards are open, everyone wins: the authors, promoters, developers, and ultimately the public users of the device.

Security is a primary concern for software developers and will only be more important as technology continues to interconnect. While open source may raise concerns about security for some, there are two strong arguments to consider regarding open source and security. 

First, security issues are addressed in open source using the value of transparency, the ability for anyone to see how systems work. This is a primary function when the source code can be seen by anyone, and it ensures no code or backdoors can be hidden from the developer. Transparency enables systems to be more secure than proprietary implementations, not less - they are based on observation rather than trust. 

Second, software availability opens the pool of testers who can find and fix problems in the system. Open source enthusiasts rally around Linus’ Law, “Given enough eyeballs, all bugs are shallow.” Vulnerabilities can be exposed in any project, the Heartbleed incident made that abundantly clear, but an active community of developers that also serve as testers and reviewers greatly reduces the likelihood of major risks lying dormant in the code.

As an example, the Linux kernel had 77 publicly known security vulnerabilities in 2015. However, the kernel’s codebase (without whitespace, comments or other filler) is comprised of more than 11 million lines of code, which equates to a notably solid defect density of one known security vulnerability for every 145,000 lines of code. 

Detailed examination of the publicly available data on security vulnerabilities, such as that published by Mitre, shows open source projects with an active community and the right development processes can create some of the most secure software on the planet. The combination of community, experts and advocates creates a collaborative environment that proprietary development can approach, but not surpass when it comes to secure development. 

That collaborative nature is integral to the open source community, and the answers to intellectual property concerns are often rooted in the same mindset. While limits and regulation drive profitability of proprietary software, open source is all about freedom. With the shackles of intellectual property removed, product builders and designers are free to tinker with and expand upon open source without fear of retribution.

The community mindset is what makes open source such a perfect fit for IoT development projects. Much of what has made open source so popular in embedded systems applies just as well to the burgeoning Internet of Things - freely available source code, transparency in development, flexible licenses, a general lack of royalties and the potential for strong security. 

Most important in open source, though, are the communities that surround that open code. Many projects benefit from a worldwide pool of developers working together and openly sharing answers to difficult problems. 

The freedom and collaboration associated with open source projects also makes them uniquely engaging to work on. The upstream mentality, in which contributions and participation make up a primary aspect of interaction with a project, is one of the most exciting principles of open source projects. Working as a community, sometimes even alongside competitors, transforms the product development mindset from one of constrained secrecy to open participation. 

If a critical component is upstream, or out of one party’s hands, it becomes important to share knowledge as a tide to lift all ships. Products, even from competitors, resulting from the upstream mentality differentiate based on added value, not underlying software. 

There’s an exciting and steady stream of innovation invigorating the IoT community right now. A set of common and easily accessible platforms for connecting all these innovative devices is critical to developing the connected world. Such platforms benefits greatly from open, community-based development, and collaboration among the hundreds of companies building the industry is key to IoT’s continued success.