our stories

tech never sleeps, so neither do we

Industrial Internet of Things Standards


The manufacturing industry has embraced the Internet of Things (IoT) with open arms. Here, the Industrial Internet of Things, or IIoT – that is, the introduction of smart sensors, new connectivity and analytics platforms to the industrial settings of manufacturing factory floors – is driving process efficiencies, greater cost-effectiveness and product innovation.

The manufacturing industry, also, is governed by a strict set of regulatory frameworks and operating standards. These are essential to maintain appropriate levels of quality, health and safety, environmental protection, data protection and privacy and so on. However, because the IIoT is still a relatively new, immature and constantly evolving concept – and because of specific challenges pertaining to its technology and the organisations involved – the specific frameworks and standards applying here have not yet been set in stone.

How, then, can manufacturing organisations best navigate this complex, shifting and uncertain landscape? What do you need to know now in relation to IIoT standards, and what will you need in the future?

The importance of clear standards

In any setting, standards between different organisations and different parts of a sector are vital to ensure minimum quality standards and appropriate interoperability. This interoperability is particularly pertinent in the IIoT context because it ensures both scalability and growth. Since any form of the IoT fundamentally depends on connectivity, joining together disparate devices and sensors to capture and harness useful information, it is crucial for standards to be agreed between the different stakeholders involved.

In the Industrial IoT, that connectivity becomes even more pertinent, because the goal is to join up existing hardware, which may already be controlled and managed by diverse computing systems. As such, the IIoT will rapidly become unmanageably complex if standards for interoperability and systems integration and convergence are not settled soon. Standards are vital for future growth and scalability.

The barriers to agreeing standards

If, then, standards are so critical to the IIoT’s ongoing development and future reliability and stability, why have they been so slow to happen?


Many of the major IoT developers, vendors and suppliers are jostling for prominence in a highly dynamic and complex industry, competing to maintain intellectual property rights and their own dominance. This means that agreeing and adopting standards between them is not always a key priority.


As outlined above, ensuring interoperability is one of the key motivators for IIoT standards. However, it is also a barrier to adoption. The IIoT combines two different forms of technology: information technology (IT) and operational technology (OT), meaning that more interoperability and therefore more standards are required than in non-industrial settings. There is also the challenge of integrating legacy applications, which can be particularly complex and demanding in industrial and manufacturing settings – such as proprietary technologies or SCADA systems which were never intended to communicate with each other via the internet.


Organisations deploying the IIoT are essential adding hundreds or thousands of new endpoints to their infrastructures and therefore dramatically increasing their potential attack surface. This means that robust device verification and data protection processes are truly critical to protect those organisations from malicious cyberattacks, and these processes need to be formalised in yet another set of standards.There is still no internationally recognised and agreed-upon security architecture for the IIoT, and the 2018 SANS Industrial IoT Survey found that over half of OT security specialists are worried about their abilities to patch IIoT systems or devices.

Where are we now?

From a technical perspective, the foundations for a clear framework of international IIoT standards do exist. For example, IoT protocols for data transfer in field-area networks, such as the Constrained Application Protocol and MQ Telemetry Transport (MQTT), as well as more industry-specific protocols like Modbus, can be deployed in the communication networks required by many IIoT applications. In wide area networks MQTT and HTTP are most common, and communications to back-end applications tend to use messaging protocols such as Apache Kafka.

oneM2M, the global standards initiative for machine to machine communications and the Internet of Things, aims to ‘develop technical specifications which address the need for a common M2M Service Layer that can be readily embedded within various hardware and software, and relied upon to connect the myriad of devices in the field with M2M application servers worldwide’. Industrial automation is one of the organisation’s specialist focuses, where it understands the need for scalability and interoperability above all else.

Many other organisations, too, are working to smooth out much of the existing complexity and lay the foundations for a clearer standards system. These include the Industrial Internet Consortium (IIC), the Open Connectivity Foundation (OCF), the Industrial Internet Consortium (IEE) and the Internet Engineering Task Force (IETF), which runs multiple working groups. 

In the US, three industrial groups – the Open Platforms Communication (OPC) Foundation, the Organization for Machine Automation and Control (OMAC) and PLCopen are collaborating to ‘develop and promote common standards’, bringing together the work they carried out individually for a more unified and interoperable future. The OPC Foundation’s Unified Architecture (UA) is an industrial interoperability framework. Which aims to deliver ‘information modelling with integrated security, access rights, and all communication layers to provide plug and play machine-to-machine (M2M) communication inside factories’. It is also designed to be scalable from the plant floor through to the enterprise IT infrastructure and cloud environments. 

Meanwhile, the Gartner Hype Cycle for IoT Standards and Protocols lists 30 standards, around ‘connectivity, security, messaging and operating systems for the Internet of Things’. 15 of these are said to deliver ‘high business benefit’, and six are predicted to become mainstream over the next five years. Many overlap in terms of the functionality and target markets, suggesting that as the market matures, some will become more dominant than others. At this stage, it makes most sense for organisations working with the IIoT to familiarise themselves with these standards, but be aware that change is likely over the coming months and years.

In short, whilst clear international standardisation is yet to occur, many stakeholders understand the urgency of the situation and are working hard to change it. Additionally, there are sophisticated technical foundations in place to support an agreed framework of standards – once that agreement takes place.

“In the Industrial IoT, that connectivity becomes even more pertinent, because the goal is to join up existing hardware, which may already be controlled and managed by diverse computing systems”

What can we do?

Navigating all this complexity is not easy, and until international agreement takes place as to a shared IIoT standards framework, all organisations in the sector need to be prepared for change. However, there are some steps you can take to ensure that you are both deploying the most robust and resilient IIoT solution possible today, and are positioned as strategically as possible for the emerging landscape of tomorrow.

Familiarise yourself with the landscape

As outlined in this document, there are many different technologies, protocols, organisations and working groups to be aware of in the emerging standards landscape. Whilst it will be impossible for any organisation, particularly smaller ones, to retain a sharp focus on all of the moving parts, reaching it to some relevant organisations now, and immersing yourself in the emerging standards landscape as far as possible, should ensure that you are positioned as strongly as possible in the future.

Understand the three-way pull for your project managers

IIoT project managers are typically responsible for enabling dynamic connections between the information required by system engineers, the security posture of the IIoT ecosystem, and this evolving standards landscape. This is a lot of moving parts to manage and requires careful management and a holistic yet strategic approach. As a consensus on standards develop over time, interoperability should improve; in the meantime understand the pressures that your project managers, whether internal or external, are under, and the sometimes conflicting priorities that they need to manage.

Prioritise security and interoperability

Interoperability and security should be at the heart of your IIoT strategy, always – since these are going to be the guiding principles for any future standards that are set. By embedding them into your IIoT ecosystem from the start, you are far more likely to be well-positioned once a standards framework is agreed. Think about the verification of all devices and users, the protection and encryption of data at point of generation, in transit and in storage, and the ways in which the different systems, hardware and software within your organisation need to work together.

The IIoT landscape is in constant evolution. The only certainty currently is change. However, with a deeper understanding of the challenges and pressures facing the development of IIoT standards, your organisation can position itself in the best possible way for a more regulated future.