Developers, vendors, and manufacturers are rushing to join the Internet of Everything, creating new types of products, systems, and devices to make our lives more efficient and comfortable. Many of these are based on Wi-Fi technology to link them together, as well as connecting them to wireless access points that in turn connect to the web and cloud-based intelligence.

As a result, many designers, instead of trying to handle the complexity of developing their own wireless systems for their Internet of Everything products, are instead choosing to use pre-certified fully integrated Wi-Fi connectivity solutions. Created specifically to help designers meet these new challenges, these embedded modules and software provide a cost-effective way for Internet of Everything product makers to get their products to market more quickly with less cost and less risk.

Important features for Wi-Fi connected Internet of Things (IoT) devices

What Wi-Fi standard does the module support? Depending on the end use, it is often essential that modules support all existing flavors of Wi-Fi, including IEEE 802.11b/g/n standards at data rates of up to 20 Mbps.

In addition to basic 802.11 capabilities, the firmware should also include support for advanced Wi-Fi features such as DLNA, Wi-Fi Direct with P2P-Client, and P2P-GO plus the full range of security options (WPS 2.0, WEP, and the personal and enterprise versions of WPA/WPA2), HTTPS/SSL security stacks, a DHCP Client/Server, a Configurable Web Server, and standard TCP/UDP Sockets to name a few.

To speed up the design process, developers can select Wi-Fi modules that are equipped with internal flash and integrated antenna, and are certified for all agencies. For designers who plan on shipping products worldwide, it is important that the radio section is pre-certified and offer internationally compliant solutions – this can dramatically shorten acceptance cycles and ultimately reduce time to market.

The Wi-Fi modules should incorporate an MCU that supports the 802.11 protocol stack, a full-featured TCP/IP Stack with the accompanied network applications, data security, and also provisioning methods for device configuration. The MCU is also responsible for exchanging data and control signals with the host system via U(S)ART, SPI, I2C, I2S, or SDIO interfaces.

The application software should also include cloud services support to assist in the development of cloud-based applications for use with the IoT. In a similar manner, home entertainment and home automation applications need to be supported via Digital Living Network Alliance’s (DLNA/UPnP) protocol stack or alternatives like Apple’s Airplay.

A new feature to recently emerge allows Wi-Fi connection settings mass configuration technology to be built into modules for simplified out of the box configuration and rapid registration of devices on existing Wi-Fi networks. Called “ProbMe,” it enables device manufacturers, system providers, and end users to simultaneously install, set up, and configure multiple Wi-Fi devices with minimal user input.

It works by utilizing the discovery functionality of Wi-Fi networks. Instead of using the standard 802.11 management frames to interrogate the surrounding networks for their SSID information, the ProbMe method uses these frames as configuration carriers. This enables the Wi-Fi module to recognize when it is receiving configuration information and then utilize that information to configure itself on the network. With multiple devices are ON and awaiting configuration information, all of them can be provided information simultaneously with the same SSID and pass phrase, or SSID and WPS information. This means it is possible to configure 10, 100, or even 1,000 devices all at the same time with one configuration command.

Once the Wi-Fi device is configured with this information, the module by default disables the ability to be reconfigured and requires a physical button be manually pressed on the device in order for the device to be placed back into configuration mode. Various manufacturers could elect to set up secure approaches to access the reset capability through a physical button or software.

Typical installation and setup challenges

Today, most devices that users connect to a Wi-Fi network need a service set identifier (SSID) and a pass phrase, which is generally longer than a password. Manufacturers of wireless routers initially supplied routers with a default and generic SSID and open settings that required no pass phrase to join the network. However, most router manufacturers now provide more unique SSIDs and initial unique pass phrases that are printed on a sticker on the Wi-Fi router. This means that when the router is turned on, it comes on in a secure mode with a set SSID and pass phrase. Anyone wanting to join the network then uses the “Join Network” or “Add Network” utility on a smartphone, tablet, laptop, or desktop. A user can easily join and rejoin the network and when moving between locations.

Over the last decade, most of the devices that consumers have been connecting to Wi-Fi wireless routers have had rich computing resources – displays, keyboards, and other abilities – that make entering the information for a secure connection relatively easy.

However, the “things” now being added to homes, offices, commercial spaces, and industrial facilities are quite small and don’t have a display or convenient data entry capability to allow users to configure them. Thus, the devices need to be configured by a smarter device that can transmit the necessary configuration information to join the network.

For instance, a consumer buys a Wi-Fi enabled coffee maker. The coffee maker needs to know the SSID and pass phrase so it can connect to the network as a client device to allow the user to turn the coffee maker on and off remotely, change brewing settings, get a signal that the coffee has finished brewing, and possibly connect the coffee maker to the cloud for even more advanced features. Today, there are a couple of options for manufacturers who want to put Wi-Fi capability in a coffee maker.

One option is to use a Wi-Fi protected setup (WPS) button on the coffee maker and assume the user’s wireless router has a WPS button as well. This requires the user to press the button on the coffee pot and also press the button on the wireless router.

This approach works well if both devices and their set up buttons are easy to access. However, if the wireless router doesn’t have a WPS button or if it isn’t easily accessible, this system won’t work at all. Also, if both buttons are pressed and the coffee maker doesn’t show up on the network, there’s no way to troubleshoot. Most importantly, the WPS push-button method has known security flaws.

Another common approach is to have the coffee maker appear as an access point with its own SSID and pass phrase, which is supplied on the manufacturer’s quick start card. In this approach, when the coffee maker is plugged in and powered on the SSID of the coffee maker is broadcast so that it is easily identified. A user disconnects from the wireless network, connects wirelessly and directly to the coffee maker, and navigates to an area to enter the SSID and network pass phrase. The device is then configured as a client on the user’s network.

The main disadvantage of this method is the required level of technology expertise. Also, the process can be quite time consuming, which is compounded if there are several devices to install, such as light switches, light bulbs, outlets, speakers, cameras, door locks, thermostats, alarms, and so on. Most importantly, this may not be the most secure approach depending on how the manufacturer decides to handle the start-up scenario. In some cases, consumers may not decide to configure the Wi-Fi feature to their wireless network, and thus, it would remain visible to everyone within broadcast range of the device. A next-door neighbor could find and then take control of another neighbor’s coffee maker.

An alternative method

Let’s assume that the user has a device on any operating system. Let’s assume the user does not have physical access to wireless router. Let’s also assume the user is minimally tech-savvy, and able to navigate the basic menus required for getting the device configured on the home’s network. And, finally, let’s assume that the user doesn’t want to announce to the world a coffee maker on the Wi-Fi, nor does the user wish to have an unsecured coffee pot, an easy target for neighborhood shenanigans.

A user would need the coffee pot to power on in a listen-only mode and await configuration. Based on the type of device, it might be desirable to configure in a particular mode or a specific network. And it would be ideal that when multiple devices were turned on out-of-the-box, if all of them could be configured identically with one single entry by the user. Then, after configuration, to keep out the drive-by hackers, it would also be nice for the device to lock itself down from future reconfiguration, assuring it could only be managed by authorized users. This would likely require a user to have access to the device to push a reset button if the device ever needed to be reconfigured.

Now imagine an alternative scenario to the ones described above. In this scenario, the user brings home the coffee maker. After plugging it in, looks at the quick-start card, then using a smartphone enters the proper network SSID and pass phrase, and finally clicks, “Join Network.” The smartphone transmits the configuration information and automatically connects all the new ProbMe-enabled devices to the network.

Nikos Vokas is an FAE at Econais.