June 13, 2016
A Hidden IoT Network
Cirrent Leverages Home Hotspots for Connecting Gadgetry
Alrighty then! You’ve got yourself a handy-dandy new Gadget McWidget! How awesome is that? And it says, “IoT” right here on the packaging! Even awesomer! What does it do, you ask? Well, smart things! Because… connected!
All you’ve gotta do is connect it. Just like… this. Ta-dahhh! No, wait… there! Oops, wait, what happened? Um… hang on, hang on, I got this… must be… this button here. Yeah! No… this button and then that button? No? [Small voice] Halp?
We recently looked at consumer IoT adoption (or the lack thereof), and one of the barriers is setting the things up. As in, 20% or so of the so-called on-boarding attempts fail. “On-boarding” is not just about turning on a machine for the first time; it’s where the device connects to its network, shakes hands with its long lost cousins in the cloud, tells them about its wonderful new forever home, and settles back to do some smart work.
For devices not inside the house, there are numerous low-power wide-area networks in development and deployment, and they represent a huge investment in new infrastructure, all for connecting the expected billions of devices to the Internet.
Well, Cirrent has a different approach, and it leverages existing infrastructure – much of which you may not even be aware exists. It uses, however, a wireless link that you probably have heard of: WiFi. No, not some new version of WiFi; regular ol’ WiFi.
Of course, this makes no sense, since we all know that WiFi is short-range and not mobile and not power-miserly. And if nothing else, you need to tighten down the security on your link so no one else can poach it. So taking advantage of all the existing WiFi in some way would never work. Right?
Well, almost. Except that there’s this thing lurking inside your WiFi router, hidden away and mostly unused up to now. These boxes are provisioned to generate two SSIDs: your private one and then one that the ISP controls, referred to as a “device guest network.” It’s mostly not used today. Once enabled, Cirrent refers to them as “home hotspots” (Cisco refers to them as “home spots”).
You may wonder, as I did, why you don’t see these networks as a choice when connecting to your WiFi. Cirrent says that not everyone has one yet, citing recent Cisco data projecting that, while there were 57 million such hotspots in 2015, they see it growing to 423 million by 2020. But even if your home hotspot is active, the providers don’t always make them visible.
The home hotspot, when used, is supposed to defer bandwidth to your private SSID so that your access speed isn’t noticeably affected by whatever happens on the guest SSID. The guest SSID also comes with its own IP address that’s separate from the one the ISP allocates to your private SSID.
As it turns out, many ISPs use a single common name for the home hotspot. You know how that hotel chain you use a lot has the same SSID in each hotel, so that you can automatically connect whether or not you’ve been to that particular hotel? It’s like that. Once you’re on SSID BigGiantISP*, then you can get onto the network anywhere that second channel has that name.
What Cirrent is doing is creating a list of such home hotspots and enabling users to on-board more easily using this SSID. Clearly, this has to be done with the cooperation of the ISP (since they’re the ones authenticating any connections on their link). The technology involves a little bit of code and a network list. If you’re in range of one of the networks on the list, then you can automatically connect.
In other words, the gadget you’re trying to spin up can connect itself at power-up as long as it’s in range of a network on the list. In urban areas, there should be pretty good coverage. In rural areas… well, rural areas have more basic connectivity issues than this, so we can add this to the pile. But, within your home, if you’ve got WiFi with an active home hotspot, then this should work.
Of course, as you’re probably pointing out, WiFi should be secured! How can you just connect willy-nilly to a WiFi network without knowing the password? And the answer to that is… these will be unsecured links. I know, the horror!
Actually, the idea is that any apps will implement TLS, including authentication, from end to end. It’s just that the wireless link won’t be further encrypted. If the application itself uses no security and relies solely on WiFi security, well, come on, no one would write an app like that, where only the WiFi link – and no other link – is protected. (Would they?) By dropping the WiFi encryption, it becomes easy to jump onto any local ISP network that’s on the list.
It’s entirely likely that a fully functioning app would not use this ISP SSID – you’re likely to want to migrate it to your own private SSID (which you have locked down, right?) once the on-boarding is complete. The phone app lets you do this, although there are extra security measures with such an operation to make sure that you’re authorized to make that network switch.
In other words, you power up, your device connects via the home hotspot, it says its howdies and how’s-it-hangin’s, and then you can transfer the conversation onto your own network.
That said, this becomes a semi-mobile technology. As you move through town, you could jump from network to network (all with the same name, or at least on the list) several times. There’s no actual hand-off, so if you’re actively engaged in some sort of session, then the session might break and have to be re-established – especially if there’s a gap between networks. Then again, for IoT stuff, long sessions are less common; it’s more about short bursts of data. If you happened to interrupt such a burst, minimal buffering would allow a retry without the user knowing there’s been a hiccup.
What about the fact that SSIDs come and go? That’s certainly true of personal SSIDs – especially when a mobile device acts as an access point. But there’s likely to be far less churn on this ISP SSID. Then again, “less churn” doesn’t mean “no churn.” So, on a daily basis or on each connection, your gadget silently receives a list update.
The other knock that WiFi takes as compared to other protocols is that it’s not exactly easy on the battery. This isn’t an issue for line-powered equipment, but hand-held devices whose batteries need to last a long time (months +) don’t typically feature WiFi.
Cirrent’s answer to this notes first and foremost that the network usage will be brief and infrequent, which reduces the power requirement. The bigger problem comes when the network goes down or when you move out of range of a network. If the device cranks up the radio and SHOUTS LOUDER as it searches for a connection, then it’s going to wear out its battery (and maybe its welcome) rather quickly.
There are a few strategies for addressing this. One is to have a fallback plan B connection – like the neighbor’s version of the ISP SSID. That works only if the outage is only in your home, however. If the power goes out to the neighborhood, then that plan B won’t work.
The other obvious approach is to time out at some point until instructed to reconnect again. Because, by definition, the connection is down, this restart instruction can’t be given remotely using, say, your phone in the way you’d normally manage your app; you’d need to be physically present – perhaps even to push a hardware button. Or you might provision a device with a fallback Bluetooth connection so that you could restart via Bluetooth – as long as you’re in range.
Or you could dial down the ping rate after some time so the thing could restart itself, although perhaps with some latency after the network goes back up. Tuning the timing would be a direct tradeoff against battery life.
I’ve had my own third-party WiFi router for years, so it’s something of a surprise to me to learn that the majority of routers are still rented from ISPs, giving them more control. I asked Cirrent about third-party ISPs, in particular in the event that manufacturers might compete on price and eliminate support for the guest network as a cost-cutting measure.
Turns out that most WiFi chips can support up to 8 SSIDs concurrently, so the second SSID doesn’t add any hardware cost. That probably keeps this safe (unless someone decided to provide a much cheaper one-network-only WiFi chip). In any case, if the second network isn’t available (either due to no hardware at some point or due to simply not being turned on by the manufacturer), then connecting the gadget will default to the way it works now.
So, to sum up, the infrastructure for this is already in place. Cirrent isn’t adding anything to that infrastructure. Instead, they’re providing code that allows access, as well as the list of SSIDs and a means of updating that list. How that gets used is up to gadget makers and apps writers.
PS When searching for a relevant image using a keyword “frustrated,” most of the returned pictures showed people frustrated with technology. Just think of all the non-technology things that could frustrate us – and the one that resonates most often is yelling at a computer or other technology. Just gonna leave that right here.
*There is no network called BigGiantISP. That I know of, anyway. I made that up. Please don’t call complaining that you don’t see BigGiantISP on the SSID list. Do please let us know in the comments if you DO see a network so named.
Posted on June 13, 2016 at 10:48 AMDo you see home hotspots as a feasible way to simplify IoT device on-boarding?