====== IoT System Design Principles ====== It is expected that billions or trillions of IoT devices will be deployed in the various sectors of the society or economy (e.g., intelligent transport systems, smart health care, smart manufacturing, smart homes, smart cities, smart agriculture, and smart energy) to deliver better customer experience, provide more value to the market, and to solve significant problems such as climate change, national security, and public safety. Integrating massive numbers of IoT nodes, networking nodes, and computing devices or applications into the existing infrastructures in various industries will increase their complexity. It is, therefore, essential to follow some design principles to ensure that IoT systems designed to solve problems or create unique value in the various industries are adequately designed to fulfil their intended functions and are easier to operate, maintain, and scale. IoT system design has its own set of challenges as IoT systems often contain multiple components or elements (e.g., sensors and actuators, cyber-physical devices, networking nodes, computing nodes) interacting with one another to collect data, manipulate physical systems, transport data packets, and analyse the collected data to deliver better customer experience, create value, or solve a specific problem. Below are some practical IoT system design principles that should be considered when designing IoT systems. ===== Conduct proper research ===== Before designing IoT systems, it is essential to understand the customers' problems or challenges before designing an IoT solution to address them. The designer must think from the perspective of customers and then design a research study to understand the customers' problems and the existing solutions they have. Then, the designer must find out how IoT solutions can address those challenges. It is only after understanding the actual problem that the customers are facing and how IoT solutions could address them that IoT system designers should engage in developing a solution to address them. An IoT system may be designed not only to solve a problem or pain that potential customers are feeling but could be designed to create unique value. Innovative IoT solutions could create exceptional value to make their potential customers productive and competitive. It is required that IoT system designers understand the unique value that their system or solution is going to offer to their potential customers to improve their productivity, competitive advantage, or user experience. It is, therefore, required to conduct proper research before engaging in the project. The research process could include defining research questions, defining the market segment, sending out questionnaires to potential customers, conducting interviews with relative stakeholders in the target market, talking with sales representatives of potential customers, and attending industry conferences. The research findings should be well documented and analysed by all the stakeholders and the design team before the IoT project is launched so that the designers can cater to the customers' needs during the design process. ===== Focus on the values, needs or problems of users ===== The features to be included in the IoT solution should align with users' needs and problems and the value they can derive from the products to improve their productivity, competitive advantage or experience. The users are sometimes unaware of the value of IoT solutions or how they could address some of their problems, making them reluctant to adopt IoT solutions. Another barrier preventing users from adopting IoT solutions is uncertainties regarding cost, usability, returns on investments, and security concerns. Thus, the design team is responsible for addressing those user concerns when designing IoT solutions. It is essential to answer the following questions: *What value will be delivered to the users by the IoT solution to be designed? *What are some of the barriers that will prevent users from adopting the IoT solution to be designed? *How will the IoT solution be designed to address the users' needs, problems and challenges? *How will the IoT solution be designed to deal with the user adoption barriers? *Which features are to be added to the IoT solution to be designed, and will they address the problems of users and deliver the value that will improve their productivity, competitive advantage, and quality of experience? Addressing the above questions carefully during the research and technical design stages is essential. Thus, when designing IoT systems, focusing on the users' values, needs, and problems is crucial. ===== Adopt a system-based design approach ===== The Internet of Things (IoT) is still in its early stages. We still have the opportunity to ensure that IoT systems are scalable, energy efficient, cheap, and secure by design while providing acceptable QoS. Another design requirement for IoT systems is interoperability. A holistic system-based approach is required to attain all these design goals and the goals of other stakeholders (network operators, service providers, regulators, and end users). There is a need for the development of formal methods and tools for the design, operation, and maintenance of IoT systems, networks, and applications in such a way as to satisfy the goals of the various stakeholders with minimal unintended consequences. An IoT system often consists of multiple elements, such as the cyber-physical system (sensors and actuator device) deployed to collect data from the environment and to manipulate physical systems, communication systems deployed to transport data within the IoT infrastructure, and computing systems deployed to process the massive of data collected by the sensor and send feedback to actuators to automate physical processes or to human operators to make some decisions (or take some actions). One of the elements of the IoT infrastructure is the cyber security system, which should interact with other systems within the IoT infrastructure to deliver the required service. The IoT system is sometimes designed to interact with others to provide a specific value or solve a particular problem. It is, therefore, essential to adopt a system-based approach when designing IoT systems to ensure that the interaction between the various IoT elements and other existing systems of the organisation or users delivers the expected value or addresses the problems they are designed to solve. System thinking, design thinking, and systems engineering methods and tools can be leveraged to develop formal tools for designing IoT systems. ===== Incorporate security measures ===== Users are concerned about possible security weaknesses that could appear in their infrastructure after integrating IoT solutions. IoT system designers should incorporate security mechanisms into their solutions to address the users' security concerns. Sometimes, IoT system designers are preoccupied with implementing features that are required to address customers' problems or deliver the expected value to customers. They may ignore the implementation of features that address customers' security concerns. Some IoT device manufacturers and service providers are often preoccupied with minimising manufacturing and deployment costs and the "time-to-market" such that security concerns are ignored or considered later. Securing an IoT infrastructure's data hardware and software assets is essential and should be considered when designing IoT infrastructures. IoT system designers should consider a robust cyber security system as a subsystem within the IoT system to be designed and how the cyber security system will interact with other subsystems to deliver a secured IoT solution to the users. The IoT cyber security system consists of multiple elements that work together to provide an effective security solution to protect the data and other IT assets within an IoT infrastructure. Some of the cyber security features that should be considered when designing IoT solutions include: *Cryptography: Encryption *Access control *Attack detection and prevention *Honeypots *Runtime monitoring *Firewalls A significant security weakness in IoT infrastructures is often at the IoT device level. Because the batteries that power these devices have a limited energy capacity, their computing and communication capabilities are minimal, making it difficult to implement reliable but sophisticated security mechanisms. As a result, it is easy to compromise these devices to disrupt IoT services and sometimes turn them into an army of botnets to conduct massive and sophisticated distributed denial of service attacks on the IoT infrastructure as a whole and the Internet. Maintaining a rational trade-off between performance, energy consumption, and security is essential. The IoT security threats to be considered during IoT system design are not only those from external attackers but also those from internal attackers. The threats could be within, and there should be a mechanism to deal with internal threats. The internal threats could be from disgruntled employees (users) and reckless or careless ones who may perform operations that may breach or compromise some of the IT assets within the IoT infrastructures. Therefore, the IoT system designer must understand every possible error that may occur when operating IoT systems and then take care of them when designing the IoT solution and ensure that the users are aware of such errors and well-equipped to handle them. The security aspects to be considered when designing IoT systems are not only cyber security aspects but also the physical security aspects. The physical security of the IoT infrastructure should be considered when designing and deploying them. Some adequate measures should be designed to address threats to the physical security of IoT devices. ===== Incorporate green and environmental sustainability measures ===== Energy and environmental sustainability are among the essential constraints to consider when designing and deploying IoT infrastructures. Since IoT devices are designed to be minor, light, and powered by small batteries with limited energy capacity, energy efficiency is a primary design criterion when developing IoT devices. To reduce the energy consumption of IoT devices to a minimum level, low-power communication and networking technologies, low-power computing hardware and software, and low-power security mechanisms are incorporated into IoT devices. As the amount of data collected by the IoT devices from the environment increases, the traffic transported through the networking infrastructure to edge/fog/cloud computing nodes or data centres increases the energy consumed for data communication and computing purposes. The increase in energy consumed by IoT infrastructures increases the carbon emission from the IoT industry, which increases sharply with the rapid increase in the large-scale adoption of IoT in the various sectors of the economy. In addition to energy efficiency, it is essential to minimise the amount of waste the IoT industry creates. IoT devices are powered by batteries with minimal energy capacity, resulting in a very short lifetime for IoT devices (the lifetime of an IoT device is the time to deplete all the energy stored in the battery of the IoT, requiring a recharge or change of battery). If the IoT batteries are replaced within a very short time (less than a decade), then with the deployment of tens of billions or trillions of IoT devices globally, there will be a problem of how to dispose or recycle the IoT batteries. There is already an environmental problem in managing the massive amount of batteries and e-waste the electronics industry generates. The problem will worsen if environmental sustainability is not considered as one of the design criteria when designing IoT devices. Some of the green and environmental sustainability strategies that should be considered when designing IoT devices include: *Green IoT hardware: Designing energy-efficient IoT hardware and incorporating hardware-based energy-saving mechanisms in IoT devices (e.g., shutting down idle devices). *Green IoT communication infrastructure: Designing energy-efficient networking and communication infrastructure and adopting low-power networking and communication technologies for IoT networks. *Green IoT architectures: Adopting energy-efficient networking, communication, and communicating architectures. For example, edge/fog computing-based architectures can be adopted where lightweight processing is shifted from the cloud data centres (often located far away from the IoT devices) to energy-efficient edge/fog computing nodes (closer to the IoT nodes). This kind of architecture improves the performance (decreases the packet delays and packet losses). Also, it increases energy efficiency as it decreases the energy consumed in transporting IoT packets through core networks to cloud data centres and reduces the computing demand of the cloud data centres, reducing their energy demand. The edge/fog nodes are sometimes energy-efficient (low-power) computing devices like Raspberry Pi. *Green IoT software: Designing energy-efficient software and algorithms for processing IoT data and IoT security mechanisms. *Green energy sources for IoT systems: Energy harvesters are incorporated into IoT devices to harvest energy from the environment to charge the energy storage systems (battery or capacitor/supercapacitor/ultracapacitor), which supplies the IoT device when the renewable sources are not able to generate a sufficient amount of energy to power the IoT devices directly. Using renewable energy sources also increases the lifetime of the IoT devices, decreasing the maintenance cost of changing the IoT batteries or capacitors/supercapacitors/ultracapacitors and minimising the amount of waste generated from the IoT industry. *Green IoT policies: Policymakers should also develop green IoT regulations and standards to be followed when designing green and sustainable IoT solutions. *Green IoT education: An education strategy should raise public awareness of the need for green and sustainable IoT solutions so that IoT users, developers, and service providers consider environmental sustainability when making their choices. ===== The IoT application context should be considered ===== When designing IoT solutions, it is essential to consider the physical, social, and environmental context in which the device will be used. The features and specifications when designing IoT devices depend on the context of the application. The IoT systems intended for small agriculture, smart cities, smart health care, smart homes, intelligent transport systems, Internet of military things (Military Internet of Things (MIoT) or Battlespace Internet of Things (BIoT)), or smart energy should take into consideration the physical or social realities that may impact the integration of IoT systems into a given sector to fulfil a defined goal or purpose. For example, IoT devices designed for agricultural, disaster/emergency response, or battlefield purposes should operate sustainably in harsh conditions that may differ from IoT devices designed for smart homes or medical or health care purposes. To consider the application context, it is recommended to treat the entire IoT use case as a system of which the IoT system being designed is part. In this way, the interaction between the IoT system being designed and other existing systems in the sector (e.g., cities, homes, factories, transportation infrastructure, health care infrastructures, etc.) are modelled using system engineering or systems dynamics modelling tools to ensure that the system to which the IoT system being designed is part of functions as a whole. Integrating IoT systems into existing systems in an organisation's infrastructure may create new problems that do not exist or may not benefit the organisation. Hence, it is essential to consider the application context and apply a system-based approach when designing IoT systems or solutions. ===== Effective data management strategies ===== IoT devices collect massive amounts of data from the environments, which should be carefully managed to ensure data privacy or prevent the abusive use of personal data. Incorporating IoT devices into critical infrastructure such as energy, water, transportation, and health care infrastructure poses a national security risk for most countries, enforcing the case for effective data management. The collected IoT data should be protected adequately during processing, transmission, and storage in compliance with data security regulations or standards. Data ownership issues, the kind of data that should be collected, and what the IoT service provider is permitted to do with the data should be considered when designing IoT solutions. The designers should ensure they comply with existing regulations or standards on data collection, management, and processing. Hence, the designers should ensure that the data of users is effectively managed by answering the following questions: *What type of data should be collected? *Who owns the data? *Where is the data stored? *What do the IoT service providers intend to do with the data? *What information is expected from the data, and how will it be used? *What mechanisms are designed to protect the data during processing, transmission and storage? ===== Ensure scalability and flexibility ===== The IoT market is growing steadily, requiring IoT systems to be designed with the possibility of quickly scaling them up with increasing demand for IoT services. When developing IoT systems, it is essential to anticipate future growth and expansion and then provide the flexibility to expand the infrastructure to add more resources to meet the increase in service demand. Scalability and flexibility can be ensured by implementing a modular and flexible architecture that can be adapted to satisfy the growing demand. Also, the hardware, software, computing, networking, energy, and security choices should be made in such a way as to ensure that the designed IoT systems can handle current demand and future growth in data volume, traffic, and computing demand as demand for IoT services increases. Interoperability and compatibility are significant barriers to ensuring scalability and flexibility when designing IoT systems. To ensure scalability, the IoT systems should be designed to integrate and interoperate seamlessly with the existing infrastructure of the organisation and those of other partners. The hardware and software design choices should be made in such a way as to ensure interoperability and compatibility so that it will be easier to scale up the IoT infrastructure. That is, "plan carefully, choose wisely, and design intelligently for a successful IoT system" should be the driving philosophy in IoT systems design ((Digital Mahbub, "How an IoT System is Designed?", August 2023, https://digitalmahbub.com/iot-system-is-designed/, accessed on Oct. 2023)). ===== Design intuitive, user-friendly, and simple user interfaces ===== The user interface for IoT systems should be intuitive, user-friendly, and simple enough for users to operate IoT systems with minimal difficulties or challenges. To ensure that the IoT system being designed can compete with other IoT products in the markets, it should be simple and can be operated relatively easily. Users are often reluctant to adopt complex products that are difficult to use, manage, or maintain and quickly drop such products. They are often quick to adopt simple products that are easy to use, operate, and maintain. It is essential to follow IoT design thinking principles that facilitate the design of IoT systems with intuitive, user-friendly, and simple user interfaces. An IoT designer should prioritise simplicity and clarity to create intuitive, user-friendly, and simple user interfaces to improve users' experience. ===== Develop effective testing and quality assurance plans/methodologies ===== Testing and quality assurance are essential phases in the IoT system development life cycle. Testing and quality assurance enable the development of IoT systems that meet and satisfy the customers' needs, provide satisfactory performance, and are compatible and interoperable with existing IoT systems and other IT infrastructures of organisations. Comprehensive testing and quality assurance inspection plans developed during the IoT system design phase ensure that stress tests and audits can be carried out to ensure that the design goals (performance, security, sustainability, interoperability, cost, etc.) and national (or regional) regulatory rules or standards are fulfilled. Effective performance test plans can ensure that the designed IoT system can withstand high stress and still provide users with acceptable service and experience. Security tests and audits enable IoT system designers and developers to identify potential vulnerabilities and threads and to ensure compliance with security regulations and standards. Effective testing and quality assurance plans can also provide compatibility and interoperability of the designed IoT system with other IoT systems (devices and networks), which is essential to ensure seamless integration to deliver the desired quality of service and experience to the users. Therefore, by implementing robust testing procedures, IoT system designers can ensure that the IoT system they are designing can meet the highest standards of quality and reliability ((Digital Mahbub, "How an IoT System is Designed?", August 2023, https://digitalmahbub.com/iot-system-is-designed/, accessed on Oct. 2023)), satisfying the needs of their users and satisfying their performance expectations. ===== Ensure low-cost deployment, operation, and maintenance ===== An effective deployment, operation and maintenance plan is essential to ensure that the IoT systems being designed are cost-effective or affordable, providing the users with reasonable returns on their investments. Every IoT system development cycle stage should be carefully planned to minimise the design, manufacturing, deployment, operation, and maintenance costs. It is recommended to carefully document the deployment, operation, and maintenance procedures in such a way as to ensure that the deployed IoT systems or infrastructure can easily be deployed, operated, and maintained, requiring minimal intervention and human resources. In IoT applications where thousands, tens of thousands, or millions of IoT devices are deployed and spread across a wide geographical area, deployment, operation, and maintenance procedures are tedious and costly. Effective deployment, operation, and maintenance plans and tools are essential to ensure acceptable performance (reducing downtime and improving the QoS or QoE). Monitoring and preventive maintenance plans to prevent failures or breakdowns and reactive maintenance plans to restore the system after breakdowns to reduce downtime should be carefully designed and documented. Expansion or scalability plans should be created to enable cost-effective expansion and extension of the IoT system to handle more users or to satisfy customers' expectations. It is essential to develop training and support plans to ensure that the users are well trained and supported to effectively use and manage the designed IoT system to satisfy their needs. Reducing the need for human intervention is essential to keep the cost low. Deployment, operation, and maintenance tasks should be automated, especially for large-scale IoT infrastructures. Automation reduces deployment, operation, maintenance, security monitoring, and response costs. The IoT devices should be deployed to operate for decades without needing maintenance or replacement of parts for several decades. Therefore, IoT system designers should ensure that the deployment, operation, and maintenance costs are as low as possible. ===== Develop working prototypes before mass production ===== In the early stage of the IoT system development life cycle, developing a working prototype that is well-tested and satisfies the users' needs may be necessary. A well-tested and working prototype is required before mass production or deployment of the IoT system. Developing a working prototype before mass production or deployments helps resolve many functional, performance, security, deployment, maintenance, and sales issues, increasing the chances of success and long-term adoption and sustainability for the IoT product or project. When a working prototype is created, several iterations may be required to improve the product to satisfy the organisation's or users' needs. The prototype should meet the required design goals (functionalities, performance, security, scalability, interoperability, and sustainability goals) before the system can be mass-produced or deployed. Therefore, getting the product or solution right is essential through the rapid and iterative development of a complete working prototype that satisfies every technical and user design goal. ===== Consider feedback from user-created use cases or requirements ===== The feedback from the various use case applications where the IoT system being designed is deployed should provide user feedback that can be used to improve the production or solution. Users may expect or require features absent from the developed system or solution. IoT designers should be able to improve their designs to cater to users' needs or requirements. The users may use the designed system in ways that the designers did not expect. The designers should have a mechanism to follow up with the users to learn the various methods and contexts in which the systems are being used. Therefore, the ideas from the user feedback should be used to improve the design and adapt the system to satisfy the needs of its users.