Device Activity Policy Design

The Device Activity Policy design in the Watson IoT platform enables users to define the messaging intervals of healthy devices and track compliance to such Risk and Security Policy settings.

In 2017 I contributed to the design research and design concepts for Device Activity Policy for Risk and Security Management in the Watson IoT Platform.

What is Device Activity

Device Activity is an indicator of device health. In the Design Research on IoT Device Activity, it was proven that Time since the last message is a preferred metric on device activity and health. This new design for the Watson IoT Platform provides a new Risk and Security Management policy that defines the expected messaging activity for devices connected to the IoT platform. The policy monitors whether a device sends a request at least once every defined time period. A threshold for device activity can be defined generally for all devices, and exceptions defined for individual device types. Compliance with the Device Activity policy can be monitored on the dashboard, or reported on using drill-in reports.

Design Vision

The design vision for the new Device Activity policy is to call with the concepts already established for Risk and Security Management policers in the Watson IoT Platform. Learn more about the common design policies in Risk and Security Management Design. The new policy should be available in the Security section in the platform, next to other policies. The policy should have a simple default setting that applies generally across devices on the platform. This policy should set clear a clear threshold on the expended frequency of messages arriving from healthy devices exhibiting an active behavior. The policy should also allow exceptions to be set individually for any device type that differs from a default general policy. As an option, the threshold value may be set indefinitely to disable checking and make any devices of a type compliant.

Using compliance reporting, administrators and operators may identify any devices that exhibit unhealthy behavior. Drill-in reports allow users to view device status and perform diagnostic actions.

Personas

Risk and Security Management is primarily targeting two of the IoT personas

Adam is an IoT Security Operator. He ensures security and compliance by specifying policies that detect abnormalities and prevents devices to be compromised. He reports to audits on compliance with regulations and policy coverage on devices.
Sally is an IoT System Operator. She handles the day-to-day system operations on the LOB and client IoT organization. She makes sure that new device types and devices are registered, are behaving, and are up to date with recent secure firmware. She defines policies, creates and runs actions on policy alerts that act on misbehaving devices.

Hills

“Adam, the security analyst can define a Device Activity policy for devices, to determine whether a device is active or inactive by tracking how frequently a device talks to the platform, activating the policy, and reporting on the coverage of the policy, in under 5 minutes”

Use-Cases

As a security analyst, I can

View the default (disabled) device activity policy configuration
Modify the default device activity and set a messaging interval
Add a custom rule as exception device activity policy configuration for a device type
Preview the predicted compliance of the new policy configuration
Save and enforce the updated device activity policy configuration

UX Design

The UX design of the use-case above.

The UX design of the Device Activity policy.

Final Product Design

Final production design for Device Activity Policy editor.

Final production design for Device Activity Dashboard and Compliance Reporting.

Related Designs

Design Research on IoT Device Activity.
Read more about the research on device behavior metrics to use for a Device Activity policy in Watson IoT Platform Risk and Security Management.

Risk and Security Management Design.
Read more about the design of the Watson IoT Platform Risk and Security Management policies.

Compliance Reporting Design.
Read more about the design for reporting compliance with Watson IoT Platform Risk and Security Management policies.

Watson IoT Platform Risk and Security Management Lab.
DevZone Quick Lab at Think 2018 on Risk and Security Management.

Sally

Meet Sally the IoT System Operator.

Sally is one of the most frequently used operator personas in the design across the platform capabilities.

Adam

Also, meet Adam the IoT Security Operator.

Design Research on IoT Device Activity.
Read more about the research on device behavior metrics to use for a Device Activity policy in Watson IoT Platform Risk and Security Management.

Risk and Security Management Design.
Read more about the design of the Watson IoT Platform Risk and Security Management policies.

Compliance Reporting Design.
Read more about the design for reporting compliance with Watson IoT Platform Risk and Security Management policies.

Watson IoT Platform Risk and Security Management Lab.
DevZone Quick Lab at Think 2018 on Risk and Security Management.