Skip to main content

Internet of Things (RP2023)

(A.) Policy and legislation

(A.1) Policy objectives

The Internet of Things (IoT) is a key priority area of the digital single market. The IoT is a cross domain technology that connects more objects to the internet — including industrial processing machines and the items industrially processed (cyber-physical systems), household equipment, wearable electronics, vehicles, and sensors. The number of connected devices are exceeding 20 billions and forecast steadily to grow to 50 billion of devices in use around the world by 2030, creating a massive web of interconnected devices spanning, is expected to generate 79.4 zettabytes (ZB) of data. Besides the innovation potential in many industrial sectors, the IoT also has the potential to help address many societal challenges including climate change, resource and energy efficiency and ageing.

A large number of proprietary or semi-closed solutions to address specific problems have emerged, leading to non-interoperable concepts, based on different architectures and protocols. Consequently, the deployment of truly IoT applications, i.e. where information of connectable “things” can be flexibly aggregated and scaled, has been limited to a set of "intranets of things — or goods".

In the  emerging  IoT  economy,  voluntary global  standards  can  accelerate  adoption,  drive  competition,  and  enable  cost -effective introduction of new technologies. Standardisation facilitates the interoperability, compatibility, reliability, security and efficiency of operations on a global scale among different technical solutions, stimulating industry innovation and providing greater clarity to technology evolution. Interoperability between IoT networks operated by different companies along the value chain opens up opportunities to address EU policy objectives, e.g. greater resource efficiency for a more circular economy, sustainable and responsible supply chains through transparency and traceability, and others.

Industry is in the  best  position  to  develop  the  technological  standards  and solutions  to  address  global  IoT  ecosystem  opportunities  and  challenges. There is a need for a  secure  solution  that is interoperable  and  scales  across  a  global  IoT ecosystem. In this context, the European large-scale pilots (LSP), which were the subject of a call for proposals in 2016, are supporting the deployment of IoT solutions, by enhancing and testing their acceptability and adoption by users and the public, and by fostering new market opportunities for suppliers to the EU. 

Large-scale pilots are providing the opportunity to demonstrate actual IoT solutions in real-life settings and should make it possible for providers to test business opportunities. The concept has now been broadened and further extended to more vertical sectors in the context of the 'Digitising and transforming European industry and services' focus area for cross-programme integrated activities around major challenges. The final Horizon 2020 calls for proposals resulted in the launch of more large-scale projects and pilots to notably address the digital transformation of manufacturing, health and care, rural area, agriculture, and smart energy, paving the way toward the integration of European data spaces and associated platforms.

The first calls of Horizon Europe extended the interoperability framework and platforms to accommodate the most recent developments of the Cloud-Edge-continuum and decentralised processing and machine learning through the creation of a MetaOS for the Edge. The most recent wave of projects is focused on swarm intelligence of distributed Edge nodes. Moreover all IoT recent developments have been continuously being incorporated and aligned with the concept of the Common European data spaces (in areas such as mobility, energy, agriculture, etc.).

(A.2) EC perspective and progress report

The proposed actions on IoT in previous rolling plans followed the direction as outlined in the EU communication on ICT standardisation priorities which identified Internet of Things as a key priority for Europe. 

One of the major achievements over the last years has been the gradual building of cooperation amongst all actors involved in IoT standardisation, the organisation of high-level events on strategic IoT standardisation issues and initiatives have been proven to be successful instruments and are now common practice in several sectors. 

ETSI TC Smart M2M has developed a mapping of standards for IoT and gap analysis taking into account the most promising business models and use-cases, published in ETSI TS 103 375 and TS 103 376.

IoT standards are notably supporting the emergence of business models unleashing the commercial capabilities of systems and devices integrations. Beyond identifying standards, it is also important to identify reference models of implementation that businesses can share. This approach which was initially followed in the Future Internet PPP (FI-PPP), has now been adopted in other industrial organisations, such as the Alliance for Internet of Things Innovation (AIOTI), and PPPs such as, the Big Data Value Association (BDVA) and Open & Agile Smart Cities (OASC), which are now cooperating on common standardisation subjects. AIOTI is also maintaining the High Level Architecture reference model by incorporating new results from priority topics (e.g. semantic interoperability, security, privacy, ...).

There is need to correctly position IoT standardisation in relation to existing global initiatives such as ISO/IEC JTC 1/SC 41 'Internet of Things and Digital Twin', oneM2M, and the ITU Study Group 20. Agreement to cooperate on common topics and take up of European results in global action are very encouraging results.

Semantic interoperability, edge and swarm computing, distributed intelligence and learning, digital twins, security, privacy, and 5G/IoT interactions are emerging as priority topics.

With the broadening of the vertical footprints of IoT the main challenge is to work in cooperation across partnerships (PPPs and other alliances), and to ensure dissemination and adoption of best practices across domains, by continuing and deepening the cooperation towards common objectives to ensure all standardisation efforts converge. As a concrete first step, a joint working group between the DEI stakeholder governance and MSP has been created to work on coordination of platform building and piloting activities and synchronisation and acceleration of standardisation efforts. 

(A.3) References
  • COM(2020) 66: A European strategy for data
  • COM (2020) 767: Data Governance Act
  • COM(216) 176: ICT standardisation priorities for the digital single market
  • COM(2016) 180: Digitising European industry reaping the full benefits of a digital single market
  • SWD(2016) 110/2: Advancing the internet of things in Europe
  • COM(2009)278: "Internet of Things — An action plan for Europe": Standardisation will play an important role in the uptake of IoT, by lowering entry barriers to newcomers and operating costs for users, by being a prerequisite for interoperability and economies of scale and by allowing industry to better compete at international level. IoT standardisation should aim at rationalising some existing standards or developing new ones where needed.
  • BEREC BoR (16)39 , Report on enabling the Internet of Things

(B.) Requested actions

The Communication on ICT standardisation priorities for the digital single market proposes priority actions in the domain of internet of things. Actions mentioned below reflect some of them.

Action 1: SDOs to complement ongoing gap analysis by analysis of gaps in wireless technologies required by IoT, including URLL (Ultra Reliable Low Latency) technologies required by Industry Automation.

Action 2: SDOs to continue ongoing work in the area of semantic standards for better data interoperability. Special focus should be put on further extending the SAREF ontology both in number of extensions and the content of each extension. The results of European projects (such as the large scale IoT pilots and similar) could be used to achieve this, by providing interoperability profiles, associated justifications (interoperability cases) that would extend current standards e.g., ISO 21823 IoT interoperability. SDOs should also continue ongoing work for existing standards (e.g. ISO 13584-1 or IEC 61360/ Common Data Dictionary) on semantics. Concepts for digital twins require additional property types for operational use compared to the purely descriptive properties of an asset. These are states and parameters of the assets as well as their measured and actor values (dynamic data). Commands and entire functions (often called technical functions) must also be described using the same concepts. The concept of properties in today’s standards is to extend such semantics in the data models to be able to represent dynamic values correctly. Models for functions/commands are to be developed or existing ones defined in standards.

Action 3: SDOs to provide standards supporting compliance as well as standards enabling the integration of AI, data processing capabilities and digital twin systems into IoT products, systems, applications and processes.

Action 4: Develop a European standard for cyber security compliance of products that is aligned with the current compliance framework of organisations based on the ISO 27000 Information Security Management Standards series and the GDPR regulation and the future compliance framework of systems based on standards such as ISO/IEC 27100, ISO/IEC 27400, 27402, 27403, ISO 31700.. Preferably the standard could be used to harmonise the requirements set out in the NIS directive and the cybersecurity certification framework.

Action 5: Promote the development and foster the adoption of the international Reference Architecture for IoT developed in ISO/IEC JTC 1/SC 41 as well as the OneM2M architecture. This architecture should be compliant to the latest developments such as edge computing, distributed intelligence and learning, swarm computing and digital twins.

Action 6: SDOs to assess further gaps and develop standards on the safety and cybersecurity of IoT consumer products under the European Cybersecurity Act or sectorial legislation.

Action 7: SDOs should consider further inclusion of and outreach to verticals.

Action 8: SDOs should get involved in the definition of the technical common ground of the Common European Data Spaces to be developed and deployed under the Digital Europe and Horizon Europe programmes and leverage the IoT interoperability standardisation assets for that purpose.

Action 9: SDOs should look in the standardisation needs of the new edge paradigm and investigate the impact on it of the specific use cases of the verticals (such as energy, mobility, agriculture, health and other).

Action 10 Increased collaboration/synchronization between standardisation bodies (e.g., ETSI SAREF, W3C SOSA/SSN, IEEE 1872.2 Autonomous Robotics Ontology, ISO 21823- 3 IoT Semantic Interoperability, etc.).

Action 11 SDOs should consider addressing the standardisation of federated Learning and AI for IoT edge related challenges. In particular, federated Learning brings Al models close to the edge to enhance data protection, improve inference reliability, and increase autonomy of end clusters (e.g., end loT/lloT devices, on-premises servers, etc.). The cloud plays a federation role for aggregating insights from different loT edge distributed clusters to generate a federated model shared with each individual cluster. Such standardisation challenges are: (1) workflow standardisation, (2) interfaces edge/cloud, orchestration, (3) model contamination, and (4) pipes for handling distributed traffic.

Action 12 SDOs should get involved in the standardisation of loT Swarm Systems. In particular, focus on concepts for loT intelligence clustering to promote collaboration and share of resources and functions for performing specific tasks. These concepts impose standardisation challenges in the required architecture, such as interfaces, data models and ontologies and as well as security and privacy models.

Action 13 SDOs should focus on standardisation needs for IoT and edge computing coexistence/integration/interoperability and continuum across several sectors and platforms. In particular, the use of end-to-end capabilities of IoT technologies across the edge granularity and beyond impose continuum standardisation challenges, such as support of interoperability by the means of new interfaces, data models, security and privacy models and security and privacy models.

Action 14 SDOs should consider addressing standardisation challenges for service discovery and authentication in the context of distributed and federated edge computing systems and in particular, for scenarios where multiple mobile devices are used that require services simultaneously and uninterruptedly. There is a challenge of effectively managing billions of IoT devices, ensuring that they are suitably configured, running appropriate software, kept up-to-date with security updates and patches, and run only properly authenticated and authorised applications. Authentication of services and service providers, while accounting for resource usage, is also an essential part of the economics of the network of the future. There is a need of ensuring interoperability across platforms, devices, and locations, by enabling assets to be securely purchased and transferred between virtual and real-world locations, authenticated and validated, using various consensus methods that support the validation of identity, ownership, and usage rights of any asset subject to relevant rights.

Action 15 SDOs to work towards a faster standardisation cycle more adapted to the fast pace of IoT technology developments. Some examples already exist (e.g. for SAREF and FIWARE).

(C.) Activities and additional information 

(C.1) Related standardisation activities
CEN 

CEN/TC 224 'Personal identification and related personal devices' addresses IoT privacy-related standardisation solutions (e.g. EN 419212-4:2018 on 'Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Service'). 

https://standards.cen.eu/dyn/www/f?p=204:7:0::::FSP_ORG_ID:6205&cs=1FB1CC5B5F03F85F0ECCECA7598551CFC 

CEN/TC 225 'Automatic Identification and Data Capture (AIDC) technologies' works in the field of automatic identification and data capture techniques such as 1D and 2D optical data carriers, RFID and RTLS. The Technical Committee develops application-oriented European standards with the aim to promote the use of open and interoperable ways to identify objects, locations and industrial items. These identifiers and data carriers centred standards will serve as a corner stone for the development of interoperable solutions for data sharing in the context of the IoT. 

https://standards.cen.eu/dyn/www/f?p=204:7:0::::FSP_ORG_ID:6206&cs=1E12277AECC001196A7556B8DBCDF0A1C 

Within CEN & CENELEC, vertical sectors further address sector-specific IoT solutions, for example: CEN/TC 251 'Health Informatics', CEN/TC 278 'Intelligent Transport Systems', CEN/TC 294 'Communication systems for meters', CEN/TC 442 'Building Information Modelling (BIM)'

CENELEC

CLC/TC 57 'Power systems management and associated information exchange' has notably developed European Standards for data models in power systems (EN IEC 61850-x), Application Program interfaces (EN IEC 61970-x) and Data and Communication security (EN IEC 62351-x).

CLC/TC 205 'Home and Building Electronic Systems (HBES)' has started, in 2018, to develop a European Standard on IoT Semantic Ontology Model Description (prEN 50090-6-2), which will explain the HBES IoT Model structures, semantically expressing the current HBES Open System solutions, with the goal of improving the semantic information HBES IoT gateways or HBES IoT devices provide.

ECMA

ECMA Technical Committee TC53 is standardising software APIs for embedded systems defining standard APIs for areas that include input/output, sensors, networking, communication, energy management, and displays. These APIs are organized into ECMAScript modules, rather than an operating system. ECMA-419 defines such APIs that support programs executing on embedded systems. See https://www.ecma-international.org/technical-committees/tc53/.

ETSI

TC smartM2M:  ETSI, with the support of the Commission, has developed the SAREF standard ETSI TS 103 264, a reference ontology for smart appliances, which is a first ontology standard in the IoT ecosystem and sets a template and base for development of similar standards for other industries, to unlock the full potential of IoT. SAREF is mapped onto the oneM2M Base Ontology. The SAREF model is being extended to add semantic models for data associated with smart cities, industry and manufacturing, smart agriculture and the food chain, water, automotive, eHealth/aging well and wearables. SAREF allows appliances, of any type, make or manufacturer, to exchange energy related information, with any energy management system (at home or in the cloud) for energy management and keeping the user informed.

ISG CIM (cross-cutting Context Information Management): is developing specifications for applications to publish, discover, update and access context information, initially for a broad range of smart city applications and now for other areas such as Digital Twins. A particular focus is enabling exchange of linked data and context information, using a simple API, NGSI-LD (ETSI GS CIM 009 V1.6.1) based on JSON-LD, and a high-level data model (ETSI GS 006 V1.1.1) referencing existing (or new) taxonomies and ontologies (e.g. SAREF). The NGSI-LD API and data model are useful for implementing digital twins based on property graphs (GR CIM 017, ongoing work).

ETSI TC DECT has published the updates to release of the DECT-2020 NR (New Radio) technology (ETSI TS 103 636 parts 1 to 5) in December 2021. The standardization effort will continue in next years with further releases, additional functionality and defining access profiles addressing the needs of multiple vertical industries. DECT-2020 NR radio interface is supporting Ultra Reliable Low Latency Communications (URLLC) and massive Machine Type Communications (mMTC) as specified for IMT-2020 usage scenarios. The standards support multiple operating bands (19) up to 6 GHz and can operate with 1,728, 3,456 or 6,912 MHz radio channel bandwidths. The new DECT-2020 NR can co-exist with the existing DECT system in 1880-1900 MHz sharing spectrum.
The Harmonised Standard (HEN) EN 301 406-2 for access to radio spectrum has been produced.
DECT-2020 NR is now part of IMT-2020 recommendation M.2150-1 maintained by ITU-R.. Several vertical applications have been considered for DECT-2020 NR, including home and building automation, industry automation and smart metering. https://www.etsi.org/technologies/dect

MSG TFES has developed Harmonized Standards for LTE-M and NB-IoT equipment (Base Stations and devices) to facilitate and accelerate Machine Type Communication deployments in E-UTRA and NR bands.

TC CYBER: ETSI Standard EN 303 645 for "Cyber Security for Consumer Internet of Things" can be used in a certification scheme to be developed under the Cybersecurity Act, and has already led to the development of an accompanying test specification (TS 103 701, published in August 2021) and implementation guide (TR 103 621, latest version published in September 2022) as well as cyber security requirements for residential Smart Door Locking Devices within TC CYBER (see Consumer IoT security roadmap).

ETSI SC USER: has developed a set of documents “User-Centric approach in digital ecosystem”, focusing of the roles, expectations and potential solutions for users.

ETSI has a number of other activities related to radio systems for the IoT. These activities include Smart Body Area Networks developed in TC SmartBAN, and standards for ultra-narrowband radio technology in the TC ERM LTN (Low Throughput Networking) working group. These are used in existing commercial LPWAN networks.

ISG IPE (IPv6 Enhanced Innovation):  is working on a report “IPv6 based enterprise networking and Industrial Internet”, that provides guidelines on how to deploy IPv6-based networks in industrial Internet and enterprise networks using protocols like 6LowPAN, LPWAN, RPL, etc. defined by IETF.

IEC

IEC SyC Smart Energy has a Joint Working Group, JWG 3, with ISO/IEC JTC 1/SC 42

IEC has the following projects underway on IoT:

Due for publication in 2024, the International Standard, IEC/IEEE 60802 'Time-sensitive networking profile for industrial automation', is a joint project between standards committees IEC/TC 65/SC 65C 'Industrial Networks' and IEEE 802 'LAN/MAN Standards Committee'. It will allow IoT wide connectivity without disturbing the Industrial Automation critical control traffic.

Due for publication in 2023, the International Standard, IEC 62872-2..., the International Standard, IEC 62872-2 “Internet of Things (IoT) – Application framework for industrial facility demand response energy management' is a project in IEC/TC 65/JWG 17, a joint working group between IEC/TC 65 and ISO/IEC JTC 1/SC 41, that promotes the development and fosters the adoption of the international Reference Architecture for IoT developed in ISO/IEC JTC 1/SC 41 (see also clause B. Action 5).

IEEE

IEEE has a number of existing standards (current and under development), activities, and events that are directly related to creating the environment needed for a vibrant IoT, recognising the value of the IoT to industry and the benefits this technology innovation brings to the public. Some key standards activities are:

  • Architectural framework:
    • The focus of IEEE 2413-2019 provides an architectural framework for the IoT, which includes descriptions of various IoT domains, definitions of IoT domain abstractions, and identification of commonalities between different IoT domains. It promotes cross-domain interaction, aids system interoperability and functional compatibility.
    • The focus of IEEE P1931.1, the standard for an architectural framework for Real-time Onsite Operations Facilitation (ROOF) is to define how an end user is able to securely provision, commission and decommission devices.
  • Harmonization and security of IoT: The IEEE 1451-99 is focused on developing a standard for harmonization of IoT devices and systems. This standard defines a method for data sharing, interoperability, and security of messages over a network, where sensors, actuators and other devices can interoperate, regardless of underlying communication technology.
  • Sensor Performance and Quality: Sensors are fundamental to IoT ecosystem with large volume of different sensors integrated into a complex framework. IEEE 2700 proposes a common framework for sensor performance specification terminology, units, conditions and limits is provided. 

Smart Manufacturing and Smart Factories: New standardisation efforts on IEEE P2879 - General Principles for Assessment of a Smart Factory, IEEE P2934 - Standard for Logistics Operation Process in a Smart Factory, IEEE P2806 - System Architecture of Digital Representation for Physical Objects in Factory Environments and IEEE P2806.1 - Standard for Connectivity Requirements of Digital Representation for Physical Objects in Factory Environments.

  • Digital Transformation: IEEE P2023: Standard for Digital Transformation Architecture and Framework
  • Impact on Society 5.0: IEEE 3079.3: Standard for a Framework for Evaluating the Quality of Digital Humans

IEEE, through its LAN/MAN Standards Committee, has initiated a collaborative activity with the IEC SC65C committee on the IEC/IEEE 60802 TSN Profile for Industrial Automation, which will define time-sensitive networking profiles for industrial automation.

IEEE also has focused initiatives on sensor interfaces to cyber-physical systems through its IEEE 2888 family of standards, including the specification of sensor interface for cyber and physical world, standard for actuator interface, orchestration of digital synchronization between cyber and physical world, and architecture for virtual reality disaster response training system with six degrees of freedom (6 DoF).

For a list of these and other IEEE standardisation activities on IoT, please see: https://ieeesa.io/eu-rolling-plan

IETF

The IETF has a number of Working Groups chartered to develop standards to support the Internet of Things.

The ​​IPv6 Over Low Power WPAN (6LOWPAN) Working Group developed standards to ensure interoperability between smart object networks and defining the necessary security and management protocols and constructs for building such networks.

The ​IPv6 over Networks of Resource-constrained Nodes (6LO) Working Group develops IPv6 adaptation mechanisms to a wider range of radio technologies including “Bluetooth Low Energy” (RFC 7668), ITU-T G.9959 (as used in Z-Wave, RFC 7428), and the Digital Enhanced Cordless Telecommunications (DECT) Ultra Low Energy (ULE) cordless phone standard and the low-cost wired networking technology Master-Slave / Token-Passing (MS/TP) that is widely used over RS-485 in building automation.

The ​IPv6 Over Low Power Wide-Area Networks (lpwan) WG focuses on enabling IPv6 connectivity over the following selection of Low-Power Wide-Area networking technologies: SIGFOX, LoRa?, WI-SUN and NB-IOT.

The ​Light-Weight Implementation Guidance (LWIG) Working Group focuses on helping the implementors of the smallest devices. The goal is to be able to build minimal yet interoperable IP-capable devices for the most constrained environments.

The ​​Routing over Low Power and Lossy Networks (ROLL) Working Group is developing standards to support the routing of communications within low-power and lossy networks.

The ​Constrained RESTful Environments (CORE) Working Group specifies protocols that allow applications running in resource-constrained environments to interoperate with each other and the rest of the Internet. CORE is one of the most active IoT groups. Its main output centres around the “Constrained Application Protocol” (CoAP, RFC 7252), a radically simplified UDP-based analog to HTTP. Extensions to CoAP enable group communications (RFC 7390) and low-complexity server-push for the observation of resources (RFC 7641). This is complemented by a discovery and self-description mechanism based on a weblink format suitable for constrained devices (RFC 6690). Current WG activities focus on extensions that enable transfer of large resources, use of resource directories for coordinating discovery, reusable interface descriptions, and the transport of CoAP over TCP and TLS. CoRE is also looking at a data format to represent sensor measurements, which will benefit from the “Concise Binary Object Representation” (CBOR) (RFC 7049), a JSON analog optimised for binary data and low-resource implementations.

Security aspects of the IoT are being addressed in the following Working Groups:

The ​Trusted Execution Environment Provisioning (TEEP) WG is working on standardising protocols for provisioning applications into secure areas of computer processors.

The ​Software Updates for Internet of Things (SUIT) WG is working on mechanisms for securely updating the firmware in IoT devices.

The ​Authentication and Authorisation for Constrained Environments (ACE) WG is working on a standardised solution for authentication and authorisation to enable authorised access to resources on a device in constrained environments. In such environments, typical for the IoT, the network nodes are limited in CPU, memory and power. This work was supported by the COSE WG that built simplified CBOR analogs for the JSON object signing and encryption methods that were developed in the JOSE WG.

The ​DTLS In Constrained Environments (DICE) WG focused on supporting the use of DTLS Transport-Layer Security in these environments. Such constrained environments, including constrained devices (e.g. memory, algorithm choices) and constrained networks (e.g. PDU sizes, packet loss), are typical for the IoT, Smart grids, etc.

The ​Lightweight Authenticated Key Exchange (LAKE) WG is developing a ‘lightweight’ authenticated key exchange (LAKE) that enables forward security. 'Lightweight' refers to:

  • resource consumption, measured by number of round-trips to complete, bytes on the wire, wall-clock time to complete, or power consumption
  • the amount of new code required on end systems which already have an OSCORE stack

but the LAKE must still provide the security properties expected of IETF protocols, e.g., providing confidentiality protection, integrity protection, and authentication with strong work factor.

The ​A Semantic Definition Format for Data and Interaction of Things (asdf) Working Group is developing Semantic Definition Format (SDF) into a standards-track specification for thing interaction and data modelling. In the process of developing this specification, further functional requirements that emerge in the usage of SDF for model harmonization will be addressed.

The ​IOT Operations (iotops) Working Group is discussing and documenting operational issues related to IoT devices, in particular related to device onboarding and lifecycle management. This group is also tackling issues related to IoT operational security.

While the IoT-oriented IETF working groups have already produced the first wave of mature standards for IoT, new research questions are emerging based on the use of those standards. The IRTF ​Thing-to-Thing Research Group (T2TRG) was chartered in 2015 to investigate open research issues in IoT, focusing on issues that exhibit standardisation potential at the IETF.

​https://trac.ietf.org/trac/iab/wiki/Multi-Stake-Holder-Platform#IOT

ISO/IEC JTC 1

ISO/IEC JTC 1/SC 41 'Internet of Things and Digital Twin', has published 34 International Standards specific to IoT and continues to develop more. ISO/IEC JTC 1/SC 41 has developed ISO/IEC 30141 (IoT reference architecture) and ISO/IEC 20924 (IoT vocabulary), and ongoing work includes the following:

  • IoT trustworthiness framework (ISO/IEC 30149)
  • Methodology for trustworthiness of IoT system/device (ISO/IEC 30147)
  • Data exchange platform requirements for IoT services (ISO/IEC 30161)
  • Compatibility requirements and model for devices within industrial IOT systems (ISO/IEC 30162)
  • Diverse use-cases covered by IoT
  • Monitoring the ongoing regulatory, market, business and technology IoT requirements
  • Development of IoT standards that build on the foundational standards in relevant ISO/IEC JTC 1 Sub-Committees

The list of ISO/IEC JTC 1/SC 41 projects can be found here:

https://www.iec.ch/dyn/www/f?p=103:23:3095716894820::::FSP_ORG_ID,FSP_LANG_ID:20486,25 and

ISO - ISO/IEC JTC 1/SC 41 - Internet of things and digital twin

ISO/IEC JTC 1/SC27 'Information security, cybersecurity and privacy protection', deals with a broad set of standards in the areas of security and data protection ("privacy"). Many of the existing standards can be applied to IoT systems, such as the ISO/IEC 27001 standard on information security management. Three standards are currently being developed, that are specifically related to IoT Cybersecurity (ISO/IEC 27400, ISO/IEC 27402 and ISO/IEC 27403)

ITU
ITU-R

A variety of radio technologies is used to implement the Internet of Things, extending from short range devices (SRDs) to wide area sensor networks (WASN) and global terrestrial IMT systems as well as satellite systems. The ITU-R Study Groups are developing technical and operational standards to facilitate the deployment of IoT on a global basis, including harmonized frequency spectrum and appropriate regulatory regimes.

Resolution ITU-R 66 invites ITU-R Study Groups to conduct studies on the technical and operational aspects of radio networks and systems and to develop ITU-R Recommendations, Reports and/or Handbooks, as appropriate.

In response to this Resolution, ITU-R Working Party 1A is the main responsible group to carry out studies on Power Line Telecommunication (PLT).

To satisfy the demand of Question ITU-R 221-2/1 that calls for studies of acceptable levels of radiation from telecommunication systems utilizing wired electrical power supply so as not to impair the performance of radiocommunication systems, Reports ITU-R SM.2158 and ITU-R SM.2212 on “Impact of PLT systems on radio systems operating below 80 MHz and in the VHF and UHF bands above 80 MHz” were approved. These Reports illustrate the potential for interference to various radiocommunication services in the presence of emissions/radiation from PLT systems and devices and discuss potential methods for mitigating the interference from PLT emissions.

Report ITU-R SM.2503 on “Evaluation of radiated electromagnetic disturbances of household appliances and their interferences over an IoT network in the 915 MHz frequency band” evaluates the levels of electromagnetic disturbances generated by household appliances and examines how these interferences may affect the functioning of a Wireless Sensor Network (WSN) operating in the 915 MHz band in some administrations, a system which is widely used within IoT due to its technical flexibility and low cost.

Resolution ITU-R 54 calls for studies to achieve harmonization for short-range devices (SRDs).

ITU-R WP 1B is responsible for the studies relating to spectrum management methodologies and economic strategies. Among its current studies, WP 1B deals with the harmonization of SRDs.

Report ITU-R SM.2153 on “Technical and operating parameters and spectrum use for short-range radiocommunication devices” provides SRD definitions and short descriptions of different applications using SRDs, e.g.: Telecommand, Telemetry, Voice and video, Detecting avalanche victims, RLANs, Railway applications, among others. This Report also indicates the typical technical characteristics and limitations such as the common frequency ranges or the antenna requirements, and it explains administrative requirements like the mutual agreements between countries and/or regions and the licences requirements.

ITU-R WP 1B has carried out studies with the aim to globally and regionally harmonize the frequency bands used by SRDs. Recommendation ITU-R SM.1896 on “Frequency ranges for global or regional harmonization of short-range devices” and Recommendation ITU-R SM.2103 on “Global harmonization of short-range devices categories” are the reference documents on this matter.

ITU-R WP1C has also revised Report ITU-R SM.2179 on “Short-range radiocommunication devices measurements”. This Report intends to complete the set of ITU-R Recommendations and ITU-R Reports by documenting the measurement methods available for SRDs.

ITU-R WP 5A cover studies on Wide-area Sensor and Actuator Network (WASN) Systems that support machine-to-machine (M2M) communications to a large number of sensors and/or actuators.

ITU-T

ITU-T SG20 “Internet of things (IoT) and smart cities & communities” is responsible for IoT-related studies including smart cities and communities (SC&C).

Definition of IoT can be found in Recommendation ITU-T Y.4000/Y.2060 “Overview of the IoT” http://itu.int/itu-t/Y.4000

Some of the approved standards by ITU-T SG20 include: “Framework of wireless power transmission application service” (Recommendation ITU-T Y.4202), “Requirements of things description in the Internet of Things” (Recommendation ITU-T Y.4203), “Accessibility requirements for the Internet of things applications and services” (Recommendation ITU-T Y.4204), “Service functionalities of self-quantification over Internet of things” (Recommendation ITU-T Y.4555), “Requirements and functional architecture of smart street light service” (Recommendation ITU-T Y.4458), “Requirements and reference model of IoT-related crowdsourced systems”, (Recommendation ITU-T Y.4205) “Requirements and capabilities of user-centric work space service” (Recommendation ITU-T Y.4206), “Requirements and capability framework of Smart Environmental Monitoring ” (Recommendation ITU-T Y.4207), “Architectural reference model of devices for IoT applications” (Recommendation ITU-T Y.4460), “IoT requirements for support of edge computing” (Recommendation ITU-T Y.4208), “Requirements and use cases for universal communication module of mobile IoT devices” (Recommendation ITU-T Y.4210), “OID-based resolution framework for transaction of distributed ledger assigned to IoT resources” (Recommendation ITU-T Y.4476), “Framework of IoT based monitoring and management for Lift” (Recommendation ITU-T Y.4420), “Framework of service interworking with device discovery and management in heterogeneous Internet of things environments” (Recommendation ITU-T Y.4477), “Requirements and capability framework of edge computing-enabled gateway in the IoT” (Recommendation ITU-T Y.4122), “Requirements and capabilities of network connectivity management in the Internet of things” (Recommendation ITU-T Y.4212), “IoT requirements and capability framework for monitoring physical city assets” (Recommendation ITU-T Y.4213), “Low power protocol for wide area wireless networks” (Recommendation ITU-T Y.4480), “Requirements of sensing and data collection system for city infrastructure” (Recommendation ITU-T Y.4216), “Service requirements and capability framework for IoT-related crowdsourced systems” (Recommendation ITU-T Y.4217), “Framework for data middle-platform in IoT and smart sustainable cities” (Recommendation ITU-T Y.4481), “Reference architecture of service exposure for decentralized services for Internet of things applications” (Recommendation ITU-T Y.4483), “Requirements and capabilities of a digital twin system for smart cities” (Recommendation ITU-T Y.4600) and etc.

The complete list of Recommendations developed by ITU-T SG20 is available at: https://www.itu.int/ITU-T/recommendations/index_sg.aspx?sg=20.

The work items under study is available at: https://www.itu.int/ITU-T/workprog/wp_search.aspx?sg=20.

More info: https://itu.int/go/tsg20

ITU-T SG20 closely collaborates with oneM2M, LoRa Alliance and TM Forum. ITU-T SG20 also closely collaborates with ISO and IEC in the framework of the Joint IEC-ISO-ITU Smart Cities Task Force (J-SCTF).

The joint coordination activity on IoT and smart cities and Communities (JCA-IoT and SC&C) continues its role of promoting international coordination among SDOs in this area of IoT standardization. http://itu.int/en/ITU-T/jca/iot. JCA-IoT and SC&C maintains the global online IoT standards roadmap: http://itu.int/en/ITU-T/jca/iot/Documents/deliverables/Free-download-IoT-roadmap.doc. The IoT and SC&C Standards Roadmap is also available as Supplement ITU-T Y.Suppl.58 “Internet of Things and smart cities and communities standards roadmap”.

ITU-T Focus Group on Artificial Intelligence (AI) and Internet of Things (IoT) for Digital Agriculture (FG-AI4A), established by ITU-T SG20, explores emerging technologies including AI and IoT in data acquisition and handling, modelling from a growing volume of agricultural and geospatial data, and providing communication for the optimization of agricultural production. The activities of FG-AI4A are being conducted in close cooperation with FAO.

More info: https://itu.int/go/fgai4a

ITU-T Focus Group on Data Processing and Management (FG-DPM) developed deliverables on data processing and management to support IoT and Smart Cities & Communities: https://itu.int/en/ITU-T/focusgroups/dpm.

ITU-T SG11 continues its role in developing testing specifications of IoT, its applications and identification systems. SG11 approved six Recommendations which specify testing requirements for IoT.SG11 consented ITU-T Q.4068 “Testing requirements and procedures for Internet of Things based green data centres”. SG11 continues developing draft Recommendation Q.TSRT_IoT “Test specifications for remote testing of Internet of Things using the probes”.

Also, SG11 approved a new Recommendation ITU-T Q.4068 “Open application program interfaces (APIs) for interoperable testbed federations” which describes a set of open APIs for interoperable testbed federation able to manage not only the interconnection and the interoperability of testbeds in a federation, but also to handle the resources advertisement, allocation and provision. It is designed for different domains including IoT and it contains a technical framework, which provides a common reference for developers to facilitate the implementation and promotion of interoperability of testbeds.
SG11 established a new ITU-T Focus Group on Testbeds Federations for IMT-2020 and beyond (FG-TBFxG), which serves as a platform to harmonize testbeds specifications across SDOs/Fora. The FG-TBFxG develops the required application program interfaces (APIs) aligned with the Testbeds Federations Reference Model defined in Recommendation ITU-T Q.4068, developed in collaboration with ETSI TC INT, and define a set of use cases for Federated Testbeds and APIs.

More info:  https://itu.int/go/tsg11.

ITU-T SG13 approved a new Recommendation ITU-T Y.2243 “A service model for risk mitigation service based on networks” (08/2019) dealing with risk mitigation service based on networks (monitors risk events, stores the data in real time and analyses the associated data, provides mitigation services for the identified risks).

More info: https://www.itu.int/en/ITU-T/studygroups/2017-2020/13

ITU-T SG17 approved Recommendations ITU-T X.1361 “Security framework for the Internet of things based on the gateway model”, ITU-T X.1362 “Simple encryption procedure for Internet of things (IoT) environments”, ITU-T X.1363 “Technical framework of personally identifiable information (PII) handling system in Internet of things (IoT) environment”, ITU-T X.1364 “Security requirements and framework for narrow band Internet of things ”, ITU-T X.1365 “Security methodology for use of identity-based cryptography in support of Internet of Things (IoT) services over telecommunication networks”, ITU-T X.1366 “Aggregate message authentication scheme for IoT environment”, ITU-T X.1367 “Standard format for Internet of things (IoT) error logs for security incident operations”, ITU-T X.1368 “Secure firmware/software update for Internet of things devices”, Supplement to ITU-T X.660 - Guidelines for using object identifiers for IoT and is approving ITU-T X.1369 “Security requirements and framework for IoT service platform” (X.ssp-iot)and working on “Security requirements for IoT devices and gateway ” (X.iotsec-4), “Security risk analysis framework for IoT devices” (X.ra-iot), “Security controls for Internet of Things (IoT) systems” (X.sc-iot), and “Security methodology for IoT service platform” (X.ssp-iot) and “Security methodology for zero-touch massive IoT deployment”(X.ztd-iot).

More info: https://www.itu.int/en/ITU-T/studygroups/2017-2020/17

OASIS

The OASIS Message Queuing Telemetry Transport (MQTT) TC has produced a standard M2M/IoT connectivity protocol designed to support messaging transport from remote locations/devices involving small code footprints (e.g. 8-bit, 256KB ram controllers), low power, low bandwidth, high-cost connections, high latency, variable availability, and negotiated delivery guarantees. MQTT also has been approved as ISO/IEC 20922:2016. A variant MQTT-SN protocol is being developed for very constrained devices often operating within unstructured sensor networks.

The OASIS Advanced Message Queuing Protocol (AMQP) TC provides a ubiquitous, secure, and reliable internet protocol for high-speed transactional messaging. AMQP also has been approved as ISO/IEC 19464:2014. A major cloud platform uses AMQP to connect to its cloud IoT hub.

The OASIS Open Building Information Exchange (oBIX) TC enables mechanical and electrical control systems in buildings to communicate with enterprise applications, and provides a platform for developing new classes of applications that integrate control systems with other enterprise functions.

3GPP

3GPP, since Release 13, offers three new Low Power Wide Area Network (LPWAN) radio access technologies for long-range, power efficient, massive machine-type communications: 

  • Extended Coverage GSM Internet of Things (EC-GSM-IoT),
  • LTE for Machine-Type Communications (LTE-M) and
  • Narrowband Internet of Things (NB-IoT).

Each has been standardized to ensure that increasingly diverse device and application types are supported by 3GPP networks, around the world. An overview is available here: http://www.3gpp.org/news-events/3gpp-news/1805-iot_r14 and more details here: http://www.3gpp.org/news-events/3gpp-news/1906-c_iot

3GPP has been adding IoT-centric features, including capabilities to avoid network congestion, use networks more effectively, enhance security and, crucially, enable IoT devices to manage power resources efficiently, to its specification set in Release 13 and Release 14.

Massive IoT support is one of the key objectives of future 5G systems. This will be a focus of future work in 3GPP, given the already extensive IoT support in 4G.

oneM2M 

oneM2M partnership project, launched by several SDOs and industry representatives in 2012 as a global initiative to ensure the most efficient deployment of Machine-to-Machine (M2M) communications systems and the Internet of Things (IoT)
The latest technical specifications can be found on Specifications (onem2m.org).

oneM2M opens up the IoT ecosystem by creating an abstraction layer that simplifies the exchange of cross-silo data. It offers a common IoT Service Layer which can be readily embedded within different hardware and software, connecting the numerous devices in the field with IoT application servers worldwide. To do this, oneM2M offers interworking with the most common technologies and protocols used in the IoT today. Additionally, oneM2M supports access control based discovery and communication across deployments (addressing problem statement above that said we have “Intranet of Things”).

oneM2M has published Release 2A in March 2018 and its Release 3 in September 2018. oneM2M Release 4 will be finalized in Q3 2021, work on Release 5 commenced and is ongoing.

oneM2M includes specifications covering requirements, architecture, protocols, security, and management, abstraction and semantics. Release 2 added new functionality, particularly by expanding management, abstraction and semantics, security, and interworking with underlying technologies. oneM2M Release 3 adds seamless interworking with 3GPP network services for IoT, while Release 4 adds, for instance, time management, process management, semantic reasoning, software campaigning, enhanced and new interworking, security enhancements, discovery based operations as well as semantic ontology mapping. Some of the new features under discussion for Release 5 include the topics of AI for Internet of Things (IoT) systems, tools for data licensing and, controls to guarantee adherence to privacy regulation such as GDPR and PIPA (Korea).

OIC

OIC works on defining the connectivity requirements for devices including the definition of the specification, certification and branding to deliver reliable interoperability; IP  protection; and providing an open source implementation of the standard.
https://openconnectivity.org/developer

UNECE

The United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT) has developed a library of clearly defined semantic data elements called the Core Component Library in order to enable clear understanding of electronic information between source and receiver of the information. UNECE would encourage consideration of the UN/CEFACT Core Component Library in trade-related applications of Internet of Things. See: http://www.unece.org/cefact/codesfortrade/unccl/ccl_index.html

UN/CEFACT has also developed standards and clear guidance related to Smart Containers. This includes a White Paper to explain the potential use cases and a Business Requirement Specification in order to clearly define the processes and information relevant to each potential use case. See: White Paper (available also in French and Russian): http://www.unece.org/fileadmin/DAM/cefact/GuidanceMaterials/WhitePapers/WP-SmartContainers_Eng.pdf and BRS: http://www.unece.org/uncefact/mainstandards.html

Further work is continuing on Trade Facilitation applications of Internet of Things. See: https://uncefact.unece.org/display/uncefactpublic/Internet+of+Things+for+Trade+Facilitation

W3C

W3C continues to push for the use of Linked data to help manage data streams in IoT and Smart City scenarios. The latest developments were discussed at the Second W3C Workshop on the Web of Things.

Currently, there are two active Groups:

The Web of Things Interest Group brings together stakeholders interested in the Web of Things to explore ideas prior to standardisation together with collaboration with external groups, e.g. standards development organizations and industry alliances. 

The Web of Things Working Group has recently advanced two specifications to Candidate Recommendation and aims to advance them to W3C Recommendations. The Web of Things (WoT) Architecture describes the abstract architecture for the W3C Web of Things. The architecture can be mapped onto a variety of concrete deployment scenarios, several example patterns of which are given, including the RAMI reference architecture. The Web of Things (WoT) Thing Description describes a formal model and a common representation for a Web of Things (WoT) Thing Description. A Thing Description describes the metadata and interfaces of Things, where a Thing is an abstraction of a physical or virtual entity that provides interactions to and participates in the Web of Things. Because it is Linked data, things can thus be combined with other semantics, e.g. the GDPR vocabulary from the Data Privacy Community Group.

OGC

The Open Geospatial Consortium (OGC) defines and maintains standards for location-based, spatio-temporal data and services. Some of the work is related to IoT, e.g. a modular suite of standards for web services allowing ingestion, extraction, fusion, and (with the web coverage processing service (WCPS) component standard) analytics of massive spatio-temporal data like satellite and climate archives.

ISO/TC 211 ‘Geographic information’ and OGC have a strong relation and cooperation in the development of standards for the geospatial domain, and particularly geospatial data. ISO/TC 211 activities are mirrored at European level by CEN/TC 287 'Geographic Information'.

http://www.opengeospatial.org

(C.2) Other activities related to standardisation
AIOTI

The Alliance for Internet of Things Innovation (AIOTI) was initially created under the Commission's auspices in 2015. Its goals are to promote interoperability and convergence between standards, to facilitate policy debates and to prepare a Commission's initiative for large scale testing and experimentation, tabled for 2016.  AIOTI has meanwhile been transformed and set up as a stand-alone organisation. Forging new alliances between IoT sectors, stakeholders, large companies, SMEs and start-ups help Europe get a global lead in this field and will foster a digital single market for IoT.

AIOTI Working group 3 focuses on standardisation.

The Commission published a EUR 51 million call (H2020 ICT-30). The initiative cuts across several technological areas (smart systems integration, cyber-physical systems, smart networks, big data), and targets SME and IoT innovators for to create an open IoT environment.

Among AIOTI's European largest technical and digital companies are:

  • Alcatel, Bosch, Cisco, Hildebrand, IBM, Intel, Landis+Gyr, Nokia, ON Semiconductor , Orange , OSRAM, Philips, Samsung , Schneider  Electric, Siemens, NXP Semiconductors, STMicroelectronics, Telecom Italia, Telefonica, Telit, Vodafone, Volvo, and start-ups (SIGFOX)…
  • Representatives of different industries:  nanoelectronics/semiconductor companies, telecom companies, network operators, platform providers (IoT/Cloud), security, service providers, sectors: energy, utilities, automotive, mobility, lighting, buildings, manufacturing, healthcare, supply chains, cities etc.

https://ec.europa.eu/digital-agenda/en/news/launch-alliance-internet-things-innovation

European Commission

Several projects funded by the European Commission, integrated in the Internet of Things Research in Europe Cluster (IERC), deal with aspects of standardisation in IoT: CALIPSO, GAMBAS, IOT.EST, OPENIOT, UIOT6, SPRINT and PROBE-IT. In particular:

  • OPENIOT deals with standardisation of open source solution for creating utility/cloud-based environments of internet-connected objects,
  • SPRINT has an active contribution to W3C (web services), OMG (e.g. on exchange formats, APIs) and OASIS (data exchange formats),
  • PROBE-IT validates standards or pre-standards at European and international level and performs pre-standardisation research work on standardisation requirements.

The Future Internet PPP (FI-PPP) also deals with some issues connected to standardisation for the IoT.

IVA

IVA is a subproject of ´ICT for Sweden´, with the objective of supporting the entire value chain, from business benefits to sensors.

http://www.iva.se/IVA-seminarier/Internet-of-Things-IoT---fran-affarsnytta-till-sensorer/

UK

The KTN (Knowledge Transfer Network) has an IoT interest group

https://connect.innovateuk.org/web/internet-of-things

Finland

An IoT cluster supports investment in IoT

http://www.investinfinland.fi/industries/rd-and-innovation/internet-of-things-in-finland/124

LoRa Alliance

Specifications intended for wireless battery-operated things in regional, national or global networks. LoRaWAN targets key requirements of the IoT such as secure bi-directional communication, mobility and localisation services

IIC

Works on promoting the uptake of technologies around the industrial internet including:

  • building confidence around new and innovative approaches to security;
  • developing use-cases and test beds;
  • influencing global standards development; and

facilitating open forums to share and exchange best practices.

Denmark

The Nordic IoT center is supported by the Danish Agency for Science and Higher Education, enabling partnerships in the Nordic region, completing the value chain for IoT products and services and documenting compliance to international standards http://www.nordiciotcentre.com/

(C.3) Additional information

There are a number of global activities ongoing in the area of IoT standardisation. In particular there are: the oneM2M partnership project, to which ETSI contributes and of which ITU-T SG20 transposed the oneM2M specifications; relevant standardisation activities in IEC; a focus group in ISO/IEC JTC 1; the standards project on MQTT in OASIS; the IoT reference architecture; and the IoT Interoperability standards at ISO/IEC JTC 1/SC 41.

The IoT requirements of e.g. from retail manufacturing, the automotive, aeronautics, pharmaceutical, and medical equipment industries and the medical sector in general should be taken fully into consideration. Security, privacy, and management of control of the access to and ownership of data are essential for the development of IoT. Without acceptance by commercial users and consumers, the role of IoT would be limited to specific vertical markets. Wide acceptance is essential in commoditising IoT mechanisms and make them accessible e.g. to manufacturing and for manufactured products, or into m/e/Health applications.

IoT requires the interlinking of often disparate standards.  These standards are often the product of different SDOs.  There is a need to bring these bodies and their standards together to achieve the often small changes needed to allow products and services to interoperate.

Existing standards should be checked to take account of the protection of individuals with regard to personal data processing and the free movement of such data in the light of the proposal for a General Data Protection Regulation. Specific privacy by design standards should be identified and where necessary developed.