In 2017 I contributed to the design research and design concepts for Device Activity Policy for Risk and Security Management in the Watson IoT Platform.
What is Device Activity
Device Activity is an indicator of device health. In the Design Research on IoT Device Activity, it was proven that Time since the last message is a preferred metric on device activity and health. This new design for the Watson IoT Platform provides a new Risk and Security Management policy that defines the expected messaging activity for devices connected to the IoT platform. The policy monitors whether a device sends a request at least once every defined time period. A threshold for device activity can be defined generally for all devices, and exceptions defined for individual device types. Compliance with the Device Activity policy can be monitored on the dashboard, or reported on using drill-in reports.
The design vision for the new Device Activity policy is to call with the concepts already established for Risk and Security Management policers in the Watson IoT Platform. Learn more about the common design policies in Risk and Security Management Design. The new policy should be available in the Security section in the platform, next to other policies. The policy should have a simple default setting that applies generally across devices on the platform. This policy should set clear a clear threshold on the expended frequency of messages arriving from healthy devices exhibiting an active behavior. The policy should also allow exceptions to be set individually for any device type that differs from a default general policy. As an option, the threshold value may be set indefinitely to disable checking and make any devices of a type compliant.
Using compliance reporting, administrators and operators may identify any devices that exhibit unhealthy behavior. Drill-in reports allow users to view device status and perform diagnostic actions.
Risk and Security Management is primarily targeting two of the IoT personas
- Adam is an IoT Security Operator. He ensures security and compliance by specifying policies that detect abnormalities and prevents devices to be compromised. He reports to audits on compliance with regulations and policy coverage on devices.
- Sally is an IoT System Operator. She handles the day-to-day system operations on the LOB and client IoT organization. She makes sure that new device types and devices are registered, are behaving, and are up to date with recent secure firmware. She defines policies, creates and runs actions on policy alerts that act on misbehaving devices.
As a security analyst, I can
- View the default (disabled) device activity policy configuration
- Modify the default device activity and set a messaging interval
- Add a custom rule as exception device activity policy configuration for a device type
- Preview the predicted compliance of the new policy configuration
- Save and enforce the updated device activity policy configuration
The UX design of the use-case above.
The UX design of the Device Activity policy.
Final Product Design
Final production design for Device Activity Policy editor.
Final production design for Device Activity Dashboard and Compliance Reporting.