Internet of Things and beyond: cyber-physical systems


The new industrial revolution is a cyber-physical systems revolution. The Internet of Things (IoT) forms a foundation for this cyber-physical systems revolution and it is driving the biggest shift in business and technology since World War II.


“Cyber-physical systems (CPS) are physical and engineered systems whose operations are monitored, coordinated, controlled and integrated by a computing and communication core. Just as the internet transformed how humans interact with one another, cyber-physical systems will transform how we interact with the physical world around us.”[1]

It has been said that the world is on the brink of a fourth industrial revolution[2], and that this new industrial revolution is a cyber-physical systems (CPS) revolution. The Internet of Things (IoT) will form a key foundation for this cyber-physical systems revolution. The emergence of IoT is the beginning of a revolution that will have as great an impact on society and the way people and business are organized as the computer revolution did on the post-World War II era.

Machines now interact and interface with other machines and as well as human beings in new ways. The combination of AI, machine learning, the cloud, and IoT means that systems of machines will be able to interact with human beings, learn about them and adapt to their wants and needs.

These systems will also be able to apply the principles of behavioral economics[3] and enable human behavior to be ‘nudged’ in predetermined directions. Governments around the world are already setting up behavioral insight teams – also known as ‘nudge units’.[4] Further, marketers are already applying the principles of neuromarketing[5], where consumers’ sensorimotor, cognitive, and affective response to marketing stimuli are being studied with a view to driving consumer purchasing behavior based upon these studies.  It is likely that we will see autonomous machines adopting the use of these kinds of techniques to drive human behavior in predetermined ways. This trend is emergent, with fitness wearable devices, such as Fitbits[6], using social sharing and gamification to assist users in achieving fitness goals.

Other technologies supporting the evolution of IoT and the emergence of CPS include software-defined networks[7], software defined storage[8]. This drives automation of repetitive tasks, even for manual labor like bricklaying [9] – consumer products as well as industrial output[10]. This is reshaping industrialization, and regulatory frameworks for IoT are now beginning to emerge[11]. Issues like privacy, data ownership, and security will remain important for CPS.

With the emergence of IoT and CPS, consumers face new challenges with their personal data. The new devices, services, and products collect data in volumes hitherto unimaginable. The volume of data being collected about consumers and their activities is reshaping how business is done. For example, insurance companies can offer insurance premiums based, not upon actuarial assumptions, but upon real-time data provided by consenting human beings as they go about their daily activities[12]. This combination of real-time data and analytics enables pricing models and risk profiles can change subject to actual results in real time.

What Will Change?

There is emergence of the industrial internet together with the rise of networked industries, this convergence of industrial, digital, analytics, and connectivity is different, it is:

  • Shaped by a design focus;
  • Enabled by ubiquitous networks;
  • Driven by application ecosystems;
  • Enabled by different modalities such as flying drones, wearables and ingestible technologies;
  • Reshaping industries with adoption of autonomous computer systems, robotics, and 3D printing; and
  • Changing the nature of employment and restructuring the

Advances in IoT and related technologies make it possible to deploy CPS within which information from all related perspectives can be monitored and synchronized between the physical manufacturing locations and computational spaces. With real-time data analytics, capabilities together with software-defined infrastructure, networked machines will be able to perform more efficiently, collaboratively and resiliently. Thus, machines will connect autonomously to each other as and when required without human intervention. This trend is transforming manufacturing industries, leading some to call for a clear definition of CPS.[13] IoT and CPS build upon well-established protocols[14] and use enterprise grade cloud hosting.  Tools such as AI, machine learning, and data analytics are also critical[15], as are mesh networks and peer-to-peer connectivity.[16]

Societal and business impact

Identity, access, privacy and data security remain critical for IoT and CPS. However, as these systems become ubiquitous, understanding what autonomous systems are doing, recording and deciding in relation human beings will emerge as a problem area, together with commercial decisions made based upon this information.

There is be a shift from a product delivery model to a delivering products plus services model, and this is driven from a one-off product sales based model to an ongoing service delivery model. We are already seeing this shift from delivering a one-time only product to providing ongoing services to support connected products. This means that companies will to need to change the way their organization is structured to service customers and products on an ongoing basis.

“Business models will have to change. We used to build them [products], ship them and forget about them until we had to service them…”
“We’ve moved to a new world where we have to ship and remember.”[17]

The sharing economy[18] drives different utilization models for capital equipment, and it is already starting to change the way consumers and business provide access to capital equipment. Uber and Airbnb have enabled people to obtain greater utilization from their assets – cars and houses – to derive additional revenue from an existing asset. This idea of allowing other users to access existing capital equipment is growing, even in the manufacturing sector.[19]

Devices will increasingly communicate and operate autonomously and independent of human oversight. There was a recent example of a motor vehicle involved in an alleged hit-and-run accident where the car reported the accident.[20] The driver of the vehicle did not intend to report that accident, yet her connected vehicle did so autonomously. Thus in this connected world there are new affordances for business and consumers.  However, the reality of this connected world is only now starting to be perceived by society.

The regulatory landscape for IoT is evolving and regulators struggle to understand and support the rapid emergence of new services, products, and business models.[21] The regulatory landscape includes licensing and spectrum management, switching and roaming, addressing and numbering, competition, security and privacy. At present IoT is governed by a plethora of existing regulations, which may or may not be a good fit. A US Senate Committee on Commerce, Science and Transportation hearing noted that IoT is more than merely about consumer protection and privacy. It is also significant in industry and agriculture and that strong security in all devices critical: “We have to design security in at the beginning and throughout a connected device’s lifecycle,” said Intel IoT Group Vice President and General Manager Doug Davis.”[22]


CPS includes traditional embedded and control systems, and these will be transformed by new approaches from IoT. However, the challenge for IoT and CPS remains privacy, security and risk management. As less rigorously controlled systems are linked then risk becomes distributed and the provenance of software components becomes difficult to trace. This gives rise to questions around risk management and liability for breaches or damages. As demonstrated in the 2014 Target hack[23], via their HVAC provider’s system, third party systems are now attack vectors. Further, regulators have not yet addressed this issue of distributed or daisy-chained risk arising from connected systems.  Attacks on connected systems from nation state actors and non-state actors are also an increasing threat: “According to Crowdstrike researchers, targeted intrusions will continue to proliferate and nation-states will use espionage to collect information from any organization with valuable data that will serve the country’s national interests.”[24]  The big challenges that are raised by IoT and CPS center around risk, security, geopolitics, trust, and privacy.


[1] Rajkumar, Ragunathan Raj, Insup Lee, Lui Sha, and John Stankovic. “Cyber-physical systems: the next computing revolution.” In Proceedings of the 47th Design Automation Conference, pp. 731-736. ACM, 2010.

[2] Schwab, Klaus, “The Fourth Industrial Revolution: what it means and how to respond”, World Economic Forum, 15 December 2015, (retrieved at 30 December 2015).

[3] Thaler, Richard H. and Sunstein, Cass R., Nudge: Improving decisions about health, wealth, and happiness, Yale University Press, New Haven, CT, 2008.

[4] Rutter, Tamsin “The rise of nudge – the unit helping politicians to fathom human behavior,” The Guardian, 25 July 2015, (retrieved at 30 December 2015).

[5] Lewis, David & Brigder, Darren (July–August 2005). “Market Researchers make Increasing use of Brain Imaging”, Advances in Clinical Neuroscience and Rehabilitation 5 (3): 35+.

[6] (retrieved at 30 December 2015).

[7] Kirkpatrick, Keith. “Software-defined networking.” Communications of the ACM 56, no. 9 (2013): 16-19.

[8] Ouyang, Jian, Shiding Lin, Song Jiang, Zhenyu Hou, Yong Wang, and Yuanzheng Wang. “SDF: Software-defined flash for web-scale internet storage systems.” ACM SIGPLAN Notices 49, no. 4 (2014): 471-484.

[9] Redrup, Yolanda, “Robot bricklayer that can build a home in two days impresses on ASX debut”, The Australian Financial Review, 18 November 2015 ,  (retrieved at 30 December 2015).

[10] Regalado, Antonio “GE’s $1 Billion Software Bet: To protect lucrative business servicing machines, GE turns to the industrial Internet”, MIT Technology Review, 20 May 2014, (retrieved 30 December 2015).

[11] Spencer, Leon “IoT could ‘smash’ Australia’s regulatory framework”, ZDNet Australia, 25 March 2015, (retrieved at 30 December 2015).

[12] Olson, Parmy “Wearable Tech Is Plugging Into Health Insurance”, Forbes, 19 June 2014,  (retrieved at 30 December 2015).

[13] Lee, Jay, Behrad Bagheri, and Hung-An Kao. “A cyber-physical systems architecture for industry 4.0-based manufacturing systems.” Manufacturing Letters 3 (2015): 18-23.

[14] Protocols include Wi-Fi, RFID, Zigbee, Bluetooth, 2G, 3G, 4G

[15] Kambatla, Karthik, Giorgos Kollias, Vipin Kumar, and Ananth Grama. “Trends in big data analytics.” Journal of Parallel and Distributed Computing 74, no. 7 (2014): 2561-2573.

[16] Wark, Tim, Peter Corke, Pavan Sikka, Lasse Klingbeil, Ying Guo, Chris Crossman, Phil Valencia, Dave Swain, and Greg Bishop-Hurley. “Transforming agriculture through pervasive wireless sensor networks.” Pervasive Computing, IEEE 6, no. 2 (2007): 50-57.

[17] Robinson, Teri, “IoT security forcing business model changes, panel says”, SC Magazine, 22 October 2015,  (retrieved at 30 December 2015).

[18] Zervas, Georgios, Davide Proserpio, and John Byers. “The rise of the sharing economy: Estimating the impact of Airbnb on the hotel industry.”Boston U. School of Management Research Paper 2013-16 (2015).

[19] Anagnost, Andrew “Not Just Airbnb and Uber: Why Manufacturing Is Already a Sharing Economy”, Autodesk LINE/SHAPE/SPACE, 8 December 2015,  (retrieved at 30 December 2015).

[20] Osborne, Charlie “Car calls 911 after alleged hit-and-run, driver arrested: A Ford safety feature has also turned out to be a way to track badly-behaved drivers”, ZDNet, 7 December 2015,  (retrieved at 30 December 2015).

[21] Soltani, Ashkan “What’s the security shelf-life of IoT?”, Federal Trade Commission, 10 February 2015, (retrieved at 30 December 2015).

[22] Bracy, Jedediah “Senate Committee Explores Internet-of-Things Regulation”, The Privacy Advisor, 12 February 2015,  (retrieved at 30 December 2015).

[23] Weiss, N. Eric, and Rena S. Miller. “The Target and Other Financial Data Breaches: Frequently Asked Questions.” In Congressional Research Service, Prepared for Members and Committees of Congress February, vol. 4, p. 2015. 2015.

[24] Vicinanzo, Amanda “Targeted Intrusions By Nation-State Actors Pose A Major Cyber Threat Going Into 2015”, 12 February 2015, Homeland Security Today, (retrieved at 30 December 2015).



Mobile and social media – what it means for business

it's the future

Mobile and social media have created a new business landscape

If you’re not already working out how to disrupt your business and your industry then you will be disrupted…

The web 2.0 revolution and social media changed the game for business. At a basic level brands discovered the notion of customer ‘conversations’. But for the most part this was not  strategic, rather it often consisted of random tactical efforts.

It is amusing to see that even in 2015 many brands are only just now discovering the notion of metrics and measuring their online activity:

“…many brands moving towards measuring audience impressions, clicks, and thinking cross-platform”

Tania Yuki , Shareablee CEO and Founder

Then we often hear statistics like this:

“…Instagram delivered these brands 58 times more engagement per follower than Facebook, and 120 times more engagement per follower than Twitter.”

The real question to ask about all statistics like this is “so what?” What does that engagement translate to as business outcomes?

“There is no ROI in anything if you don’t learn how to use it.”

– Gary Vaynerchuk, Founder VaynerMedia

The simple fact is that hardly anyone is driving direct revenue from social media, and many businesses are not optimized to sell via mobile. And the big question for businesses is what is the goal for their social and mobile activity?

But now all business online presence must be mobile friendly – Google and customers will punish businesses that do not embrace this. Increasingly users are accessing digital  content via mobile devices, and this means that businesses need to ensure a good quality experience.

Social media was only phase 1

Social media was phase one of the new digital revolution, next coming is the collaborative economy and internet of things ( IoT).

The present of social is mobile. The future of mobile is IoT and wearables. and these offer huge  monetization opportunities:

Cisco [former] CEO John Chambers Values Internet of Things at $19T #CES2014


People, both customers and staff, now have a default position that assumes access to any resources they want. And they want it online, on demand, real-time, anywhere, and on any device they choose.

This is all part of the democratisation of communication enabled by the digital revolution. It leads to an inversion of power relationships and puts the means of production for communication in the hands of the populace.

It leads to opportunities and growth in peer-to-peer and mobile. Kevin Kelly sums it up nicely as:

“…a shift towards the individual as the centre of a network of relationships mediated and enabled by technology…”

The shift is from customer channels to a customer continuum mediated by social and mobile.

This means that businesses need to connect social media activity to purchasing activity, they need to make it work on mobile and tablet. And it must be friction-less.

Changes to team and organisation structure

In a fast moving context like this command-control management is dead. This is because the operational tempo of a digital business is not days or weeks or months; it is minutes and seconds.

To support this shift in operational tempo we need employees with skills to work in a social or collaborative context. We need team members who can deal with ambiguity and a fast pace.

To support customers who do not have patience with internal silos businesses need to move towards integrated teams. This means using ideas like DevOps and agile to support cross-functional teams to meet customer needs and deliver across organisational silos. To achieve this all parts of the business will need to bring together expertise:

  • Tech
  • Marketing
  • Sales
  • Operations
  • Customer service

Workforce changes mean that new ways of working will emerge, such as co-working and collaboration. These will lead to increased decentralisation of the workforce and be accompanied by much shorter change cycles.

And these changes will all lead to issues with boundaries between public and private; between personal and business. With this blurring between roles it will be increasingly difficult to establish role clarity. And this means that team members need to be able to manage through ambiguity and across functional lines.

Risk and governance

In the fast-paced world of digital business we still need to consider how to manage risk and how to enact effective governance.  Some factors to consider in this regard include:

  • Monitor your business online
  • Assign responsibility for online channels
  • Include social & mobile in digital strategy
  • Link digital strategy to marketing strategy
  • Ensure cross media planning in place
  • Develop mechanisms to track progress
  • Create and manage loosely connected networks
  • Grow a business in a networked world
  • Engage people and garner advocates for your business
  • Focus outward while protecting your brand

Top 10 checklist for digital business

  1. Digital strategy: is just part of it, includes websites, email marketing, etc.
  2. Tactical plans: For implementation of campaigns
  3. Resource plan: Social is not free, it needs people and tools
  4. Tools: Required to enable management, tracking and monitoring
  5. Metrics: Need to be decided prior to implementation to enable effective reporting
  6. ROI: Need to track investment and results
  7. Reporting: For good governance
  8. Roles & responsibilities: Defined and clear to all parties, in particular governance + cross-functional teams
  9. Cross media plan: Integration with other digital and marketing activities
  10. Risk management: Includes social media policies and procedures and crisis management process

Internet of things, data security and privacy


I’ve been attending the 36th International Conference of Privacy and Data Commissioners in Mauritius, presenting on the Internet of Things (IoT) privacy and security to the attendees.

Kate Carruthers
Pic of Kate Carruthers by John Edwards, NZ Privacy Commissioner

It has made me very conscious of the tension between privacy/security and the drive to bring products to market quickly.

Further, it seems that the challenges of data protection have not been fully considered for many Internet of Things products and services.

An important realisation has been that we are building the Internet of Things on the somewhat rickety security foundations provided by the existing internet. We face a situation where many devices cannot apply security patches because source code is not available.

Finding way to build a safer and more secure Internet of Things and to ensure that we do not increase risk for business and consumers is critical.

An interesting approach to privacy is that taken by the Apple privacy team, who had some people in attendance at the conference. Their inclusion of privacy engineers into development teams seems like a good approach. The idea of privacy by design seems like a useful and pragmatic way to ensure that privacy is not a mere afterthought in the design and product engineering process.

Will post my slides on SlideShare shortly.