Bitcoin, please, do not sell me the promised land!

Since last July, when I wrote the first article on blockchain, I have written three blog posts, I have been interviewed twice on the topic, I have contributed to a conference on the topic. Am I a blockchain expert? No really. I am a researcher trying to understand the interconnections between blockchain and the Internet of Things. I do a fair amount of reading on the topic. And, also, most importantly, I listen to the experts. But, then, I think I need to filter between the experts and who is promising me a joyful future. In the latter category, there are a number of people contacting me presenting me a lucrative future with bitcoin. In their mind, I look like the picture below.

blockchain saverio

The blockchain/bitcoin expert promising “the promised land” comes to me with emails such as: “invest in bitcoin and you will earn €13,000 in 24 hours!” Now, my father uses to tell me that there is not such a thing like the promised land and there are not builders of promise land unless the builders have some return. Therefore, after several of these emails and conversations, I am start thinking that all this damages the beauty of the philosophy behind blockchain. Blockchain means democratisation of opportunities and eliminating favouritism due to not very transparent middlemen. If the main objective of the blockchain is becoming rich as quick as it is possible and effortless, then, the blockchain is not the revolution we are looking for!


When Nudging is Not Enough to Entrench Security Best Practices in IoT – by Yiru Zhong, Principal Analyst at Beecham Research

It is a pleasure to have Yiru Zhong, Principal Analyst at Beecham Research, writing for ETPO. Long experience in the sector, analytical thinking, Yiru always brings insightful perspectives and food for thought.


Richard Thaler’s win of the Nobel Economic Prize last month for his behaviour economics theory reminds us of the important role of psychology in everyday decision making.  He states that individuals make decisions not solely based on hard evidence but a combination of evidence and “irrational” inputs.  This theory and his pop-culture book on Nudge theory have been applied successfully in several public policies; the creation of Nudge Units around the world reflects the widespread belief in the theory’s efficacy to influence an outcome.  However, this has limited applicability to embed security and privacy by design practices in IoT deployments.  This is because unlike other nudge outcomes such as a ban on public smoking or the opt-in nature of organ donations, the shape of a desired outcome for security and privacy protection in IoT systems is ever shifting.  There is no such thing as the optimal security and privacy posture at a single point in time; the journey to get there differs from organisation to organisation, and most importantly, there are such vast differences in the value of security and privacy among individuals that stronger-arm tactics are required.

This week, ARM releases Platform Security Architecture in open source to address the challenges of adding security features at scale that befits the needs of the IoT vision of “more than a trillion devices”.  This is only one of several similar news in the last 2 months.  In August, the US Senate proposes a bill, “IoT Cybersecurity Improvement Act 2017 “, to ensure that government entities only purchase internet connected devices that meet a baseline security standard.  In September, the EU proposes a regulation to create a Cybersecurity Certification Framework to certify ICT products in the union.  Early October, the IIC showcased several joint projects at the IoT Solutions World Congress to demonstrate the positive cases that operations can perform as usual even after implementing IIC’s security recommendations from their Industrial Internet Security Framework.  These recommendations or frameworks are only a few of recent ones.  The upcoming General Data Protection Regulation (GDPR) looms over enterprises to prepare for compliance on both data protection and privacy come 25th May 2018.  This can be considered the most strong-arm of all regulation; penalties for non-compliance are much higher at up to €20m or 4% of global annual revenue.  In comparison, the maximum penalty in the UK currently is £500,000 and TalkTalk’s breach only incurred a £400,000 fine.

The disparity in the types of top down tactics to encourage security and privacy best practices reflects the range of perceived value of security.  Spending on security is often considered as something to be tolerated, an expense to be made and at times begrudgingly, or something to be done because of heightened fear.  Already, enterprises face a shifting landscape of external and internal security risks and have a finite budget to build their arsenal of tools and skills to mitigate the risks as best as they can. With IoT deployments, many enterprises have started experiments without involving security professionals to provide the necessary framework to ensure deployments are also secure.  Checkpoint reported last week that another strain of IoT botnet (IoTroop) has been discovered and infected an estimated 1million organisations.  They also worried that IoTroop will have even more widespread impact than the Mirai-infected Botnets that brought down Dyn and subsequently cloud infrastructure provider AWS, among others.  Despite the reliance on fear to push security products, the more sustainable act is to spread the positive case of security investment, particularly in IoT deployments.  Beecham Research, together with Internet of Business, is conducting a survey to track IoT adopters’ attitudes towards security and privacy in their IoT systems, particularly to uncover perception of business value in security investments.  We would love it if you would participate in this survey.  In return, we would be happy to share with you the results of the findings.


Narrating Blockchain and the IoT – The Case of Tomatoes for Passata

My journey in blockchain and the IoT continues. I am trying to explain the meanings of the two concepts and their combination. I start with something important to me: tomatoes, passata and tomato sauce for pasta. It would be great to have your view.

I need good tomatoes of a specific type because I need to do good “passata” for doing the tomatoes sauce. I buy my tomatoes from a specific shop because I know the owner. My  father used to buy the tomatoes from his father. The tomatoes I have bought from him in the past years are very good quality and we know each other well. He has been bought those tomatoes from the same distributor. The distributor knows to find those tomatoes at a specific market, which sells tomatoes from specific farms. This chain – as showed in the picture below – is based on a chain of trust starting from me and ending to the farmers built in years of relationships.


But, one day, the shop owner wants to attract my attention on other types of tomatoes or on tomatoes coming from different farms. Everything has gone great until now. My passata is great. My sauce for pasta is fantastic. Why should I change? So, I ask the shop owner: how do I know that those new farmers are producing what I want? The shop owner answers me saying that we have a new system for understanding – tracking – the quality of the tomatoes and that that quality will be kept during the journey from the farmers to the shop. Tell me more, I say.

There are sensors in the tomato field. Those sensors gather information about the tomatoes telling the farmer when the right time for picking has come. The farmer puts the tomatoes in sensor-enabled basket sending to the market. They call all this smart farming. The data is exchanged between the farmer and the market sellers. That data should enable the market seller to know the perfect conditions to keep the tomatoes. The distributor arrives, purchases the tomatoes, and the data on the tomatoes is exchanged again. Meanwhile, the distributor has sensors in the vehicle that enables him or her to keep the perfect conditions of the tomatoes until they are the shop. You can then buy new perfect tomatoes for your passata. They call the data gathering and analysis Internet of Things. They call the exchange of data smart contracts. They also use the term Blockchain.


With Internet of Things and Blockchain, the shop owner can buy tomatoes from different distributors having the desired quality from different farmers without a traditional chain of trust.




Akamai Intelligent Platform for a Content Delivery Network View of the Internet of Things

On the 12th of October at the Edge 2017 event, Akamai launched the following press release:

Akamai Unveils Strategy to Support Customers Adopting IoT – Akamai OTA Updates Designed to Meet the Unique Needs of the Connected Car”

The press release stated that: “Through this initiative, Akamai will leverage the scale, performance and security of the Akamai Intelligent Platform to support fast, secure, and resilient distribution of data to connected devices anywhere across the globe, as well as to power advanced distributed communications and processing of data originating in these connected devices.” Akamai OTA (Over the Air) is part of the initiative and focussed on car manufacturers and connected vehicles ecosystem players.

Does the IoT community need to put some attention on this? To answer that question, it is important to understand the business and technological nature of Akamai. When you download your content from BBC iPlayer or other similar streaming services, most probably, that content is coming to you through Akamai servers via Akamai technologies. You content is going through something called “Akamaization”. The objective is to send you content, which is all or in part stored near you in the Akamai server. That process is done through a dedicated network of servers, also known as Edge Servers, called Content Delivery Network (CDN) as shown in the picture below.


Akamai is one of the most important players in the CDN market. That position gives Akamai a tremendous insight in the Internet traffic. In fact, Akamai’s report on the traffic over the Internet is well-known and highly rated. That report shows also the strong data traffic analytics provided by Akamai. Akamai has dealt with any type of Internet data for more than 20 years. The data is various, but, it is fair to say that the receiving end of the Akamai CDN has mainly been devices such as TVs and PCs. But, the jump from there to any type of devices at the edge is not that difficult. In other words, Akamai Content Delivery Network, through the Akamai Intelligent Platform, could be used to manage, deliver, and measure any type of traffic towards any type of device. And that traffic, today, is also machine-generated data. In addition to that, the Akamai Intelligent Platform introduces a new level of analytics and measurements on the Internet traffic. The IoT community has talked for some time about connectivity analytics. Akamai can strongly contribute to that debate. It is fair to say that the idea of proposing the content delivery network model for the IoT is not new. PubNub has done that before and it is doing it. However, Akamai can strongly boost that view from its position of historic leader of the CDN world.

The answer to the question is that the IoT community has found another important player to include and to look at. The three most important reasons for that are:

          Akamai brings a new view, and maybe refreshing one, on the Edge debate.

          Akamai provides a profound understanding of data traffic and its analytics over the Internet.

          Akamai is a very experienced player in delivering data traffic globally whatever type of devices are considered.




The Gender Problem of the Telecom/IoT Community


I started my career 18 years ago with a software house. The company was a university spin-off. It specialised in telecommunication network services. The company Director left a career in the university to found the company. He always had that nostalgia for academia, but kept the deep specialist knowledge that made him an expert in network planning. Because of that, he was often invited to events and workshops. Once, he took me with him. The event was held at Politecnico di Milano University. We entered the conference room. He went to sit with the other speakers. I found my seat among the audience. I looked around me. There were no women. Being an engineering student, I was used to the large number of men in the lecture rooms. But this audience was made up of managers and experts from companies, not students. I was expecting a different gender distribution. Certainly, I was naïve!

Today, I was invited to an event hosted by a very well-known and large technology company. I looked at the programme. The programme showcases a number of C-level speakers from a variety of telecoms and IoT companies. There are 18 speakers. There is not a single woman among the speakers. After 18 years of a career in telecoms, I am back at that day at the Politecnico di Milano!

Perhaps, I thought, it is just a coincidence. So, I took a look at the visitor guides for three IoT events I had attended recently, both as a member of the audience and as a speaker. I am not going to name the events, but here are the percentages of speakers that were women: 18%, 11%, 13%.

I thought we were addressing the gender unbalance of the telecoms/IoT industry. But I am obviously naïve, still so naïve after 18 years! Clearly, our industry has not moved far. The gender problem is there and it’s loud and clear. I’m aware of a number of initiatives, both private and public, that try to address the issue. But, it’s not just a matter of initiatives. It is also, and mostly, about changing culture in organisations. And, perhaps, it is also about “gently” nudging changes. Conferences are good places to show that change. What about “gently” nudging conference organisers to have at least a certain percentage of women in their programmes?

Most probably, conference organisers are already trying to involve more female speakers. There are not many female speakers to choose from. There may not be many female science and engineering students or specialists. Or perhaps there are, but, their journey towards the boardrooms encounters obstacles that men do not understand. The issue is not simple. Even the UK Parliamentary Science and Technology Committee is composed of only men! Yes, the problem is not simple and very far from a solution!


My Journey in the Blockchain – Understanding It, Explaining It, Stretching It

Two years ago, I was a frequent participant of London-based evening meet-ups: bringing people together on a specific topic, some beers, presentations, and networking. The evening meet-ups are still going in London animating various communities. But, I am not a frequent participant anymore. The most important reason for that is that preparing for meet-ups and events takes time. You do not have then a lot of time for researching and understanding new trends and new ideas. But, meet-ups are the perfect places for discovering new ideas. And, in fact, during one of those meet-ups in which I presented, a young woman approached me. My presentation was about securing the IoT. She told me that my presentation was good, but, it had a strong weak point. I did not talk about blockchain. At the time, blockchain for me was a sort of legend said somewhere, in places that I did not know and in which I was not allowed to. She lectured me about blockchain for 5 minutes. I listened to her with attention, but, I did not understand what blockchain was about. But, her enthusiasm was contagious. She continued to say that “blockchain is a revolution”. She claimed that it will be inevitable the encounter between blockchain and the IoT. Other people joined the conversation. We all had a beer together. They all appeared to know what blockchain was about. They conversed on the topic confidently. I looked at them with curiosity without saying much. I did not know what to say! I went back home thinking about it. It was not much the promise for a better world that surprised me, but that enthusiastic relationship between those people and blockchain. Those people were all 10-15 years younger than me. I believe youth is irresponsible and with that irresponsibility comes great ideas. And that irresponsible youth made me curious about blockchain.

From the day after, I started to read about blockchain. I chose a systematic way of learning about blockchain. I run a systematic literature review on the topic starting from academic papers. It was a slow process for two reasons. The first one is that was a parallel exercise to many other activities. The second one is that the topic is not that easy to grasp. My background allowed me to read those papers, but, my knowledge of certain concepts was, perhaps, a bit rusty. The first question I wanted to answer was: what is blockchain? How does it work? And why are we doing it? The systematic literature review gave me some good ideas. I can say that my understanding of blockchain is better than it was during that night at the meet-up. The next step was to come out with an easy narrative to explain what blockchain is. Because, if blockchain is a revolution that will affect all of us, then, we need to explain that revolution to people. I should say that I still struggle to come out with something simple. I have asked for help and I have asked members of the blockchain community that I know. They argued that my explanations were too simplistic. But, they also did not have better ones too. Clearly, there is a communication issue in the blockchain community. But, put aside that, I am now exploring the connection blockchain-IoT. I am running another systematic literature review on the topic. It is not over yet, but, other questions are coming to my mind such as: which is the interaction between blockchain and edge computing, important issue in the IoT? And, then reading on artificial intelligence and IoT, is there a magic triangle between blockchain-edge computing-artificial intelligence?

After almost two years of reading on blockchain, my sentiment waves between moments of joy in which everything seems clear and moments in which I am back to that evening meet-up. Certainly, I understand the theory. I start to understand the applications. I have clues on the IoT and blockchain. But, then, this knowledge brings up new unanswered questions. I wonder when this journey will end, if it will never end! I will share my findings soon. For the moment, I invite you to undertake the same journey. It is not a revolution, but, there is so much for shaping markets and society in the future in a certain way.

Universities and innovation agencies at the core of local innovation systems via LPWAN

I have been visiting some universities around Europe that have launched LPWAN-centric initiatives. The common objective is to use LPWAN as an enabler of ideas for local SMEs and local governments. The results are really promising. The enthusiasm is contagious. Basically, LPWAN revamps the mission of universities to be an enabler for social and economic development for the areas in which they are located.

The Triple Helix Model ( for innovation has highlighted the driving role of universities for promoting innovation, and therefore from a Schumpeterian point of view, for promoting economic growth. The Entrepreneurial University is a key concept in the Triple Helix Model conceptualising the university as a producer of knowledge, but also a user of knowledge for innovation purposes. That model is then linked to geographic-centric view of innovation such as regional innovation systems or local innovation system. LPWAN enables universities to be the Entrepreneurial Universities of local innovation systems, and, even further to social innovation systems when LPWAN is used to respond to citizens’ needs. LPWAN seen as enabler of social innovation is also highlighted in the recent call from Digital Catapult on social housing and independent living ( Digital Catapult is not an university, but an innovation agency, which could have the same strong role in local innovation systems empowering innovation at SME and local government levels. LPWAN is an ideal technology for that. But, policy makers should support more this view of technology, a view coming from the needs of citizens and SMEs rather than from the top of the business system. The two directions are equally important, but, historically, SME technology policy has chased technological trends rather than being part of it. Instead, LPWAN could take SMEs, citizens, and local authorities to the core of the current developments of the Internet of Things. Universities and innovation agencies can drive that.