Unfortunately, security vulnerabilities in IoT applications are not uncommon. To increase IoT security, more skilled IoT development professionals are needed. Alternatively, low-code platforms can facilitate app development and provide security by design in IoT apps. However, for this to happen, the low-code solutions themselves must meet security requirements.
The barriers to the use of Industrie 4.0 applications have remained virtually unchanged in recent years, according to the digital association Bitkom. The biggest challenges are a lack of financial resources (77 percent), data protection requirements (61 percent) and IT security (57 percent), and a shortage of skilled workers (55 percent).
“95 percent of German industrial companies see Industrie 4.0 as an opportunity for their own business. The development and deployment of such solutions are therefore a must for the successful digitization of Germany as a business location,” says Bitkom CEO Dr. Bernhard Rohleder.
But the IT security requirements for Industrie 4.0 and IIoT (Industrial IoT) are complex, and human resources for development and security are notoriously scarce. New approaches are needed so that security can still be improved in IoT apps.
Low-code helps in the development of apps
According to analyst firm Gartner, professionals outside of IT will develop the majority of technology products and services in the future. By 2024, this is expected to be the case for 80 percent of technology products and services.
Rajesh Kandaswamy, Distinguished Research Vice President at Gartner, also explains how this will be possible: “The growth of digital data, low-code development tools and artificial intelligence (AI)-assisted development are among the many factors enabling the democratization of technology development beyond IT professionals.”
Market research firm GlobalData takes a similar view, saying that the need for digital transformation has accelerated demand for application development in many industries. However, there is a heavy reliance on IT experts or platforms to meet the increasing demand for creating new applications. According to GlobalData, it will be low-code no-code (LCNC) platforms that enable non-IT experts to drive application development faster.
Kiran Raj, Principal Disruptive Tech Analyst at GlobalData, comments, “LCNC technologies can bridge the gaps by breaking down silos between business leaders and IT and enabling non-developers, often referred to as Citizen Developers, to quickly develop new applications for various industries, including finance, services, healthcare, manufacturing, retail and technology.”
IoT apps are an important use case of low-code
Siemens subsidiary Mendix has published the results of its international “State of Low-Code 2021” study on the status quo of low-code technology in the workplace: model-based, visual software development via low-code is involving more employees in digitization and is now being used in a variety of ways in different industries. According to the German respondents, the most important areas of use are applications for complex, individual enterprise software (37%), industrial IoT apps (35%), automated, existing work processes (35%), data modeling and visualization (34%), and for automated robotic process automation applications (31%).
“Low-code allows IoT apps to be developed much faster and more efficiently than traditional methods,” explains Tino Fliege, Solution Architect at OutSystems. “This is because, in the low-code cosmos, applications are not created line by line of code, but with the help of visual modeling: prefabricated function modules can be assembled on a graphical interface using drag-and-drop so that the wheel does not have to be reinvented every time, but developers can fall back on existing standard functions.”
Tino Fliege adds: “Thanks to extensive configuration options and the possibility to add your own code as required, the IoT store floor apps developed can still be tailored precisely to the individual requirements of the respective scenario. The actual connection to the IoT devices used or to IoT platforms such as PTC Thingworx, AWS IoT, or Azure IoT takes place via standard interfaces, which are provided by the OutSystems low-code platform, for example. In this way, the transmitted IoT data from the machines or sensors can be used for any scenario, for example, to process and visualize it or to react to events, such as by triggering an emergency shutdown.”
IoT security then also depends on low-code security
In this context, a low-code platform can not only make development more independent of scarce developer resources, as the business departments can create the IoT apps themselves. Thanks to a low-code solution, the IoT apps can also be equipped with the necessary security functions, in line with the principle of security by design.
The prerequisite here is that the low-code platform itself internalizes security. This is demonstrated, for example, by IoT apps in the automotive sector, where manufacturers and suppliers often process highly sensitive data such as detailed product information and confidential prototypes. The TISAX test standard of the German Association of the Automotive Industry (VDA), which is based on ISO 27001, proves that their applications meet a standardized level of protection.
TISAX (Trusted Information Security Assessment Exchange) was developed in 2017 by the German Association of the Automotive Industry (VDA) and has since been operated by the ENX Association. It is a testing model for a uniform level of information security across the entire value and supply chain. From manufacturers to suppliers to service providers, it provides a standardized catalog of questions and thus enables industry-wide recognition of the test results.
For example, “Sentry” from OutSystems has been certified according to TISAX. Users of the platform for modern application development can thus rest assured that data processed with the corresponding solution is secure and comprehensively protected, says OutSystems.
“In such a sensitive industry as automotive, security is a top priority, both physical and digital,” said José Casinha, chief information security officer at OutSystems. “For the German industry, automotive manufacturing represents one of the core sectors – and therefore also for our activities in the DACH market. Our goal is to provide comprehensive support to customers in this sector, and with the TISAX certification, we have invested further in this goal.”
It turns out that more security can also come into IoT apps via secure low-code solutions, despite a shortage of skilled workers in security and programming. This means that certain obstacles to Industry 4.0 can be removed.