IoT: How to Prevent Issues in a More Complex, Risky Environment

The Internet of Things is rapidly expanding and creating new business opportunities for generating revenue, reaching customers and weaving Internet-connected services into a variety of devices, such as home appliances and embedded sensors. Numbers from Cisco and Intel indicate that the IoT could connect between 50 billion and 200 billion devices to the internet by the end of the decade.

While it creates a lot of possible rewards, the IoT also opens the door for an equally vast set of risks. Security has been a hot topic when discussing the IoT ever since the beginning. It is easy to see why. IP-enabled PCs, smartphones, and web servers already face the constant danger of malware infection and distributed denial-of-service attacks. This issue is greatly magnified by the enormous scope of the IoT.

Software testers must be especially diligent when IoT testing, especially since it is a relatively new space and one that can be impacted on a huge scale by a bug or successful cyber attack. There are plenty of examples to note here, including attempts against oil rigs in 2014 and the spread of the Stuxnet worm across Iran's nuclear power facilities in 2010.

Here's what QA teams can do to keep IoT issues in check:

Use Emulation and Automation

When mobile apps first started to rise in popularity near the end of the 2000s, organizations struggled to adjust to the new sets of constraints and screen sizes before them. The transition to the IoT could bring a replay of this issue, with tons of different device types (e.g., Wi-Fi enabled cameras, in-vehicle sensors, etc.) to potentially develop for.

"If you thought that the fragmentation headache, in terms of hardware and software, was bad with smartphones, then you had better brace yourself," explains Simon Hill for LeanTesting. "The IoT is going to make it even tougher to cover every possible device and permutation that your software might run on. Test departments are going to have to increasingly rely on emulators and outsource some testing to hardware labs."

Essentially, testers will have to rethink some of their approaches. Test management software will help here by allowing them to model different scenarios and collaborate with each other.

Focus on Security

Vulnerabilities can come seemingly out of nowhere, for example in an exploit in an age-old software component like OpenSSL or Bash. Keep an eye on proper authentication and encryption in particular when vetting applications for the IoT.

Switch to an Agile DevOps Culture

Like mobile applications, IoT programs require development at great speed and scale. This requirement makes them ideal for an agile and DevOps culture that emphasizes collaboration as well as the use of agile processes that are much more adaptive than traditional waterfall methodologies. 

Across the board, IoT testing demands scalability, security and speed — a seemingly impossible combo to pull off. But with the right DevOps culture and access to the right testing tools, companies can get a leg up on IoT testing.

Related Articles:

• The future of IoT testing
• Webinar Recap: The Internet of Things-Risks presented by Security
• 4 key IoT testing types: Performance, security, compatibility & exploratory