Accessibility Requirements in the Internet of Things

By on Jul 11, 2013

In system engineering, and good system design begins with establish good “requirements”.  Requirements are not just technical and engineering features, they can also be operational (what are the designed configuration features,  what is the required uptime, downtime or service interval, etc) and requirements can be business-orient related to regulatory obligations (privacy, safety) or internally mandated policy (“be ISO 27002 compliant).

An interesting Internet of Things (IOT) requirement I have been researching recently is “accessibility”.  This was a surprise to me since I had naively (ignorantly?) associated “accessibility” mostly with wheelchair ramps and big buttons on calculators and hard-wired phones at my grandmother’s house.

With the IOT, accessibility takes on a whole new meaning and has risk and security consequences. Accessibility, as an operational requirement, must be part of the IOT design process but not for reasons we usually associate with “accessibility”: for instance, accessibility for the elderly or those with disabilities.

Accommodating technologies for users will definitely be part of the IOT, for instance for IOT devices to associated with health and aging: sic., “smart health”. Features like larger control screens and buttons, auditory instructions in lieu of written instructions, multi-lingual capabilities (both written and verbal), will all play a role in making IOT devices widely accessible, which in turn drives adaption rates up, efficiencies up and aggregated costs down.

Another interesting form of accessibility will have to due with Environmental Accessibility: being able to read screens in the sun, or in the dark, in the rain, as noise  levels change (as you move from your office to a train), or when you must move from visual/touch-screen controls to verbal controls because you start to drive a car  etc. – IOT devices will be everywhere and we should not assume that the environment will be clean, dry and well lit for typical consumer usage.

Accessibility must also work across heterogeneous networks – you should not be limited according to the network that you have roamed onto – for instance, subtitles should not disappear from the video controls because you move to a new network.

To maintain accessibility, IOT devices will need to have integrated sensors which detect the environment and communicate the conditions back to the application over the network.  The various applications that mange the many devices in the IOT then make a decision about which form of command and control is best for the conditions and provide the necessary information (how much backlight to use,  subtitles in the appropriate language or subtitles “for dummies” versus  experts) back to the to the device back over the network; otherwise the device must maintain all that information locally – and keep it up to date.  That type of capability – locally stored and managed accessibility features – would raise the cost of IOT devices and IOT service substantially, given the range of accessibility requirements emerging in the IOT.

Therefore, accessibility  users/consumers, administrators, technicians, law enforcements, regulators and the full range of potential stakeholders will be enabled by the networks which carry the critical instructions and information for different types of control and HMI (human-machine interface).

This is where security and risk come in.  Poorly designed devices could have their critical control interfaces tampered with over the internet if poorly secured.  Similarly, poorly secured networks could be slowed or disabled such that IOT devices cannot updated their user interfaces. Resulting for instance in voice commands not being available when you need them?  Or a screen you can no longer read as you move from a dark room to the car.  The risks could also be associated with critical infrastructure management; for instance, a novice technician when trying to reconfigure a device like a pump is sent an falsified command interface when he asks to transition out of the expert mode.  Or, perhaps due to network availability (and element of security) only the expert mode is available and a wrong command is issued out of inexperience.


About the Author


We're here to make life online safe and enjoyable for everyone.

Read more posts from McAfee

Subscribe to McAfee Securing Tomorrow Blogs