Everyone is talking up IoT (the Internet of Things) as the next mega trend. Analysts are predicting that IoT will be a multi-trillion dollar category, and thousands of companies, from GE to Evernote, are redefining themselves as IoT companies.

Gartner’s 2014 Hype Cycle has “IoT” placed neatly at the zenith of the “Peak of Inflated Expectations.” Companies across the technology spectrum are rushing to build compelling products and claim their IoT stake, cashing in on the gold rush of IoT product development.

The big problem is a lack of a well-understood tech stack — the layers of components or services that are used to provide software for the Internet of Things. This means that IoT developers are building top-to-bottom proprietary systems, with custom software, hardware, and communication layers. Until an IoT tech stack is codified and adopted, IoT will be hobbled by security issues, time to market challenges, and stability and reliability problems.

IoT Generation I – The Custom Stack

The current state of IoT development is heavily risk-prone. Designs often work well “in the lab” but fail at a high rate when deployed in the wild. Intermittent Internet connectivity, firewalls, proxies, spotty cellular connects, and other “real-world” bumps hamper success. Some of the biggest challenges include:

  • Security holes: The IoT raises a myriad of security concerns. Expecting each IoT development team to engineer best-practice security into each custom stack is leading to well-publicized IoT security breaches (security cameras, wireless routers, and more).
  • Failure detection and remote updates: Most custom stacks don’t easily detect remote failures, nor do they provide a mechanism for updating devices remotely. Expecting manual processes for updating IoT device firmware at scale virtually guarantees disaster.
  • Cost and time-to-market: Custom stack development costs more, makes delivery dates unpredictable, and increases overall project risk.
  • Product silos: Bespoke communication means no interoperability between disparate devices. This concern will expand as more IoT products are released; enterprises and consumers both will expect their devices to work together across vendors.
  • Brittle and bug-prone: Bespoke IoT stacks are hard to upgrade and are failure-prone. The detailed knowledge of the custom stack is lost as the SI project ends, or as the IoT team disbands to move to other projects.

IoT Generation II – An IoT Stack Emerges

The good news is that IoT products are maturing, and with them, we’re seeing a stack starting to emerge. Driving this change are three trends. First, fast-growing IoT categories like Smart Home (Nest, Insteon, Dropcam, etc.) and Connected Car (Uber, Lyft, GetTaxi, Delphi, Moj.io, etc) are seeing stiff competition. Budgets and time-to-market are becoming key drivers, and vendors can’t afford to design and build everything from scratch.

Second, the growing availability of affordable hardware components and easy funding (Kickstarter, etc.) are driving grass-roots product development from teams that are unlikely to use large SI firms to build their products. To drive products to market, these bootstrapped companies are pioneering repeatable patterns of development and helping blaze the trail to a codified IoT stack.

Third, consumer IoT rollouts require massive scalable and geographically distributed backend systems that are complex to build and maintain. Customer support for consumer IoT also becomes a key driver: The products must be easy to set up, reliable, and remotely upgradable. “Bricking” consumer devices via a global remote update is the deepest fear of every consumer IoT vendor. The PR fallout from a security breach can be unrecoverable. Consumer IoT vendors want a vetted IoT stack that can mitigate these risks.

Evolving Components of the IoT Stack

Most of the IoT Stack innovation is occurring within the communication layers. While hardware design and server-side “big-data” technologies are relatively mature, the new risks in IoT are almost always connectivity based.   These can be described in three categories:

Local area communication – There’s no shortage of protocols for local device-to-device communication. Some of these include Zigbee, Insteon, Z-Wave, and 6LoWPAN, all vying to deliver reliable local connectivity between devices. However, protocols are just the map. The actual journey requires frameworks and libraries that implement these products. These are emerging in both open source and commercial varieties and in various stages of development.

Internet communication – Internet connectivity holds the promise to real-time awareness and control of devices from anywhere in the world. But reliable and secure Internet connectivity is fraught with difficulty, since the challenges exist both on the device and the server-side. Devices that “listen” for commands on unprotected Internet IP addresses are guaranteed to be hacked. Server infrastructures must gracefully handle secure signaling to/from devices at massive scale over unreliable connections. Frameworks and libraries built around newer protocols like MQTT, CoAP, and WebSockets are emerging but don’t address the costs and complexity of vendors operating these infrastructures at scale.  Addressing this challenge is the adoption of Data Stream Networks, which are similar to CDNs (Content Delivery Networks) in their global reach but designed specifically for secure communication for the IoT.

Vertical Industry Standards – Interoperability requires standards. Already in Smart Home, we’re seeing announcements of standards from Google, Apple, and others. In consumer electronics, a multi-vendor initiative called the AllSeen Alliance promises eventual cross-vendor compatibility.  These standards will battle it out for years and take time to mature (remember how long after Bluetooth was announced before we could pair our phones to our cars?). Upcoming IoT product releases won’t wait for these standards, but over time and with patience, these standards will eventually succeed.

Todd Greene is founder and CEO of PubNub. He was previoulsy CEO of Loyalize, an audience participation company successfully sold to Function(x), and was founder and CTO/VP Products of CascadeWorks, a company providing services procument solutions that was acquired by Elance. Prior to that, he worked for GE, SGI, and Quantum while a consultant at Price Waterhouse, and then joined NetDynamics (sold to Sun Microsystems in 1998) to help create a truly game-changing product: the first application server built for the Internet.

Get more stories like this on TwitterFacebook