Chip Changes, New Security and Going Open Source to Define IoT in 2025 | 2024 RFIDJournal.com Year in Review

Published: December 27, 2024

As we come to the end of 2024, RFIDJournal writers and experts who contributed their knowledge are taking both a look back at this year and what is ahead in 2025. This entry is from by Carsten Rhod Gregersen, founder and CEO of Nabto

This is a year of major acceleration in the Internet of Things (IoT). Smart home and office users are doubling down on post-pandemic digital transformation and integrating connected devices into nearly every facet of modern life. Whether in business or leisure, for efficiency or convenience, these devices are opening up new possibilities and growing at record numbers.

This brings new challenges and solutions heading into the new year. More endpoints mean larger attack surfaces and mounting cybersecurity threats. Case in point: the number of IoT devices engaged in botnet-driven DDoS attacks increased by five times in the past year.

Yet threats consistently drive innovation, especially with entire industries and their data at stake. As a result, backed by stronger regulations and new baselines, expect producers to meet the moment with new chips, improve device performance and power, and further open source experimentation in 2025.

Prepare for New Chips in the New Year

Let’s start with what’s making our devices tick. On the production side, this year saw the emergence and consolidation of “low-cost, high-value” microcontrollers. These chips are a new breed—packing immense computing possibilities into tiny, affordable bodies. They’re powerful enough to run advanced applications while sipping energy and costing less than a cup of coffee.

For example, take a closer look at Espressif’s ESP32, Raspberry Pi’s Pico, and Nordic Semiconductor’s nRF54. Despite miniature sizes, these chips boast strong cores, decent memory, and wireless connectivity. As a result, they deliver a remarkable combination of performance and efficiency that enables developers to create smart cameras, wearables, and industrial sensors at lower prices. Our team managed to create a prototype surveillance system capable of real-time streaming for just a few dollars with Espressif’s microcontroller and related camera—imagine what’s possible in the next 12 or 24 months?

This democratization of smart technology is just beginning. Regardless of chip type, the overall market is moving to boards that are harder, better, faster, and stronger. This will deliver us next-gen devices with ripple effects for years to come.

The Shift to Open Source Hardware and Software

This chip evolution goes hand-in-hand with another big shift—the rise of open source hardware and software. As I covered in October, many of these new microcontrollers incorporate processors based on RISC-V, an open-source instruction set architecture that’s challenging Arm’s long-standing dominance in connected devices. Built on established reduced instruction set computer (RISC) principles, these processors eliminate licensing fees while enabling new levels of customization. This matters since designers can create specialized processors for specific applications without starting from scratch.

There are important knock-on effects in software as better chips and hardware foster richer development environments. In turn, we’re seeing device makers prefer open-source, real-time operating systems (RTOS). As middleware matures and cloud storage giants join the fray—with Amazon and Microsoft offering their own RTOS solutions like ThreadX and FreeRTOS—this ecosystem is now more comprehensive while maintaining its crucial real-time responsiveness. As a result, we’re seeing improvements across the board in usability, security, and scalability.

There’s similar open-source momentum in surveillance and video devices with WebRTC for IoT—a standard that enables real-time communication without requiring specialized plugins or external software. In all, there’s a concerted push in software and hardware favoring open source, driving a virtuous cycle where better tools enable better devices, which then attract more developers and ecosystem innovation. Watch this space.

Stricter Security Thresholds are on the Way

Expect incoming security regulations to force device makers’ hands in 2025 and beyond. After years of lobbying and debate, multiple jurisdictions are stepping in with concrete cybersecurity rules for connected devices. Europe, The United States, and The United Kingdom are leading this charge with new laws that demand higher cybersecurity thresholds and outlaw negligent password and patching practices.

Europe’s Cyber Resilience Act sets the highest bar to clear. After passing in October, lawmakers began a transition period toward full implementation. Over the next three years, device makers must protect their internet-connected products from unauthorized access throughout their lifecycle. This means shipping products without known exploitable vulnerabilities and ensuring “appropriate security levels” in design, development, and production. If they don’t or can’t get up to speed, device makers face fines of up to €15 million or 2.5 percent of the company’s global annual turnover, whichever is greater.

The United States is opting for the invisible hand of market forces to encourage makers to up their security game. The Cyber Trust Mark, launching this quarter, offers voluntary certification for products meeting “robust” security standards. Much like Energy Star, products that make the grade earn the mark—letting consumer choice drive industry change.

It remains to be seen which method is more effective but one thing’s clear—governments are taking this sector and its threats seriously. With connected devices projected to reach 40 billion by the end of the decade, we need forcing functions to ensure device makers prioritize safety.

As a thought leader in this space with more than two decades of experience, I’m heartened by these developments heading into 2025. Governments are backing consumers and cybersecurity, developers are experimenting with more open and flexible standards, and devices are packing better components. The table is set for a new chapter of IoT innovation.

Related stories:

About the Author: Carsten Rhod Gregersen

Carsten Rhod Gregersen is the CEO and founder of Nabto, a company that provides a P2P-based platform for IoT devices.