Martin's corner on the web

Thoughts on time/date management on IoT nodes

Accurate time/date information is crucial for the correct operation of IoT nodes.

From a security perspective, time/date information is necessary to perform SSL certificate validations. If your embedded device’s clock isn’t accurate, you can’t ensure the presented server certificate hasn’t expired, or is not yet usable, leading to connection rejection. In that case, your device won’t be able to connect to SSL-encrypted cloud backends.

From a functional perspective, time/date information is necessary for all scheduled operations, say run thermostat schedule. While some IoT solutions rely on cloud induced schedule triggering, in my opinion, it is better to be independent of internet connection availability and do time management locally.

So – yes, time and date availability is important for an IoT node. Some may say – that’s why we have NTP. Not so fast. In my experience with thousands of IoT edge nodes all over the world, I have to say that NTP isn’t as widely available, as one might expect. NTP amplification attacks have lead to the restriction of NTP by many ISPs, my observations are that roughly 15% of the edge nodes I manage have no or degraded NTP service available. Furthermore, 433Mhz RF battery-operated wireless sensors cannot do NTP, to begin with.

NTP blocked

A possible solution to this problem is to have hardware RTC with battery backup on the nodes. That, of course, increases the product cost, so fitting each node with their own RTC might not be justified. Rather, I’d dedicate that function to a gateway, which can act as a time master. Time can then be sent out via 433Mhz RF transmissions to RF-enabled wireless nodes and UDP multicasts on the local network for network connected nodes.

I’ll explore that idea to see if works as envisioned.

Tagged on: ,