Most companies think that the connected products they sell are theirs – this is a mistake. All connected products and their associated services and applications are the property of, and for the benefit of, the consumers who have purchased them.
This is one of the reasons that I am adamantly against a Smart Grid initiative that is utility-centric – see my recent “Is the Smart Grid Dumb” blog for reference. I ended my last blog on this topic with the question: How does a vending machine become MY VENDING MACHINE?
Let’s consider some of the elements that enable a product to be mine. In general it boils down to control of the following:
- Who has access to it
- What it does
- When it does it
- What it can do
- And who else it plays with
It is much like a drawbridge on a castle. You can’t pass the alligator filled moat unless the bridge is down. The bridge will only be down if someone on the inside says its ok.
A connected product respects this concept. From a software stack perspective, a connected product looks like the picture below:
In the wild is the physical product, creatively called the “Product Instance” in this drawing. The “Product Instance” communicates through the Internet (wired or wirelessly) to the Cloud. The Cloud holds a virtual incarnation of the product, I call the Product Avatar. (Since everyone saw the movie, I thought the word would work) In this context a Product Avatar is a data representation of a specific product. Now here is the interesting part: the Product Avatar is wrapped via owner credentials. This means that the web services, the data, and everything that makes this product in the wild yours is protected and controlled by the owner’s user credentials. That means that nothing can be done to the product without the owner’s explicit permission.
Next up in the stack are the applications that interact programmatically with the Product Avatar. The manufacturer or 3rd parties may provide the applications. The owner may use the applications or enable the manufacturer or a service provider to operate them on their behalf. But the key point is that no one can do anything without the owner providing the credentials that say it’s ok.
A subtle, but very important point, is that the Product Avatar is separate from the applications that operate on it. There are several reasons for this:
- This separation enables a single application to operate on many Product Avatars
- The application and Product Avatar can be updated separately and independently of each other without breaking
- The credentials for access to the core of the Product Avatar are separate from the applications that operate on them, improving security significantly
The morals of the story?
- Connected product interaction is shielded from activity by the owner’s credentials and preferences
- A manufacturer’s business process must respect owner credentials and permissions
- All connected product interactions should be managed through applications that my have additional/independent settings.
Think about your connected products – are they owned by you or your customers?