There are two fundamental architectural paradigms battling for supremacy for the Internet of Things (IoT). First, as the appellation Internet would suggest, we have the Client/Server (C/S) paradigm. At the core of (C/S) is the notion of one-to-many: one server serving the needs of many clients. We?ve added layers to this structure, and the Web brought us thin clients, and SOA exposed server capabilities as contracted interfaces we called Services, but both the Web and SOA follow C/S under the covers.
Perhaps the IoT should follow C/S. The various sensors and controls that characterize the IoT could be thought of as a type of client, and they get their job done by talking to servers somewhere. Those servers, naturally, serve many such clients. Or perhaps not, as there is another architectural paradigm fighting for its spot in the sun: Peer-to-Peer (P2P).
P2P eschews servers, instead basing its core interaction paradigm on communications between endpoint nodes. True, there may be some box in a data center somewhere facilitating this interaction, but the role of that device is to support a lookup service so that nodes can find each other. Instant messaging and Skype are two P2P examples, although P2P file sharing services like BitTorrent are also quite prevalent.
So, maybe P2P is the way for the IoT to go? If we want our thermostat controlling our dishwasher, after all, doesn?t it make sense for the one device to speak directly to the other, perhaps over our home Wi-Fi? We don?t need a server for such interactions, certainly.
Again, perhaps. Clearly there are reasons to follow C/S, especially when you?re counting on the server to provide core functionality ? just as there are good reasons to follow P2P, when you?re looking to establish a network of interacting nodes. But even when you use these architectural styles in combination, there remain a broad range of desirable functionality that neither approach can adequately deliver.
The gaping hole with the IoT, of course, is security. I?ve written about this problem before, but what I didn?t point out is that security, in fact, is the biggest pitfall for an even broader challenge: control. As consumers of IoT technology, we have a deep level of discomfort with the notion that somehow we won?t be in control of the various sensors and devices that are springing up all around us. True, we don?t want anyone hacking our automobiles or refrigerators or factory floor equipment, but threat prevention is only part of the battle. But in this post-NSA spying world, we just don?t like the idea of some kind of IoT device in our proximity that someone else controls.
Fair enough, but we don?t want the burden of controlling each device and sensor manually, either. After all, if we had to manually manage the device that controlled our dishwasher, we might as well simply have an ordinary, 20th century dishwasher! From the perspective of the consumer, the entire value proposition of the IoT centers on automation. If we have to control everything manually, we?ve just defeated the entire purpose of the IoT.
The solution to this conundrum is to delegate control of each IoT node locally to the node itself. In other words, IoT nodes must contain intelligent agents that are able to take initiative based upon the instructions we give them, as well as policies or other metadata that apply to their behavior. In addition to this autonomous, goal-oriented behavior, they must also be social: interaction between agents is a core part of their functionality. And finally, they must be able to learn about their environment and from their previous behavior.
Intelligent agents have been around for decades. I first heard of them with the advent of General Magic, a mid-1990s Apple Computer spin-off that sought to build a precursor to the personal digital assistant (PDA) based on networked intelligent agents ? and the Wikipedia article I just referenced describes a system that is eerily like the agent-based IoT I?m proposing in this article.
I ran into agents again in the SOA era with SOA Software?s Network Director product, a set of distributed agents that act as lightweight intermediaries to support the Service abstraction in conjunction with ESBs or other traditional middleware. And of course, we?re all familiar with Apple Siri, the snarky intelligent agent on the iPhone.
To address the architectural and security issues with the IoT, however, intelligent agents must represent more than a smarter way to build IoT nodes. We must actually move to a new architectural paradigm ? an architectural style I hazard to label Agent-Oriented Architecture (AOA). AOA inherits some characteristics of C/S and P2P, but is truly a different paradigm, because the agents control the interactions. And as long as the agents do our bidding, AOA puts us ? the technology consumer ? in control of the IoT.