Aside from the widespread attention and hype surrounding the prolific growth expectations of the Internet of Things (IoT), industry focus has been on potential (IoT) device vulnerabilities and cybersecurity. The recent well publicized cyberattack demonstration on an automobile adds more fuel to the fire. However, industry analyst firm Gartner adds another interesting topic to the IoT discussion. They point out that with software at the core of embedded systems, manufacturers of IoT devices will soon be consumed with understanding the importance of software monetization.
In a recent news release, Laurie Wurster, research director at Gartner, said: "By monetizing the software on their devices, these (IoT) vendors will be able to increase and drive recurring revenue streams, creating billions of dollars of additional value. For example, with an estimated 25-plus billion 'things' in the marketplace, and if manufacturers are able to collect an average of $5 for software from each of these installed units, that translates to additional revenue estimated at $130 billion."
While software monetization strategies were an ongoing focus for successful ISVs of conventional PC applications for the past decade or more, it is a novel concept for this new breed of embedded system manufacturers. But once they have a full understanding of the financial benefits of a solid software monetization strategy, these IoT “software vendors” will be heading down the same path to maximize revenues.
What can IoT device manufacturers learn from the past experiences of ISVs about monetizing their IoT devices? I see three key areas of note:
- license lifecycle management
- software protection for the ISV and security for the user of the IoT device
- security implementation
Let’s take a closer look:
License Lifecycle Management
Device manufacturers will need to learn how embedded software can be leveraged to create product differentiation and provide competitive advantages. An agile licensing schema will facilitate software monetization techniques that will enable them to quickly adjust product functionalities, pricing and compliance needs and enable new business models – such as Pay-Per-Use or Features on Demand - to adapt to the ever changing market requirements. A comprehensive license lifecycle management strategy will not only provide a flexible licensing component, but also help to increase revenue growth through operational and logistical cost reductions and efficiency optimization.
Software Protection and Security
Flexible licensing models paint only half of the license lifecycle management picture. The other half relates to the protection and security of the device and the software itself. Without fool-proof protection, it is all too easy for unscrupulous hackers to attack embedded devices by tampering with unprotected software code, disabling insecure license management systems, or extracting proprietary code to reverse engineer and build counterfeit products. ISVs have learned the hard way how this rampant criminal activity adversely affects bottom line revenues. And, this is just as true for IoT device manufacturers. But it’s not all about ISVs. Users of IoT devices also benefit from these security mechanisms.
Finally, many ISVs learned over the years that licensing and security are complex and not necessarily a core strength of their developers. Some of those ISVs who struggled to build their own licensing systems often overburdened their development resources and took them away from their strength – developing application code. Other ISVs turned to commercial licensing solutions and security experts, and partnered with them. This is an important lesson for IoT device manufacturers as well. I’ve already seen many solutions where the access to a device or the activation of a feature was protected by a simple password. Once hacked over the Internet these features became available to anyone. Cryptographic methods are only one part of the equation; their implementation is as important as the technology itself. With the growing concerns over connected device vulnerabilities and cyberattacks, security is one area that needs to be considered as early as possible in the device development process together with security professionals.
I hope I have conveyed the importance of license lifecycle management. If you would like to learn more about license lifecycle management, I invite you to review our white paper Integrity Protection for more information.