Security concerns are shaping the future of smart homes, says Vivint's principal software architect

'Security is a big challenge and it's one of the reasons we have a closed system' says Nick Brown

In the ideal smart home scenario users would be able to take a pick'n'mix approach, choosing devices from different vendors to suit their needs. At present, though, concerns over data security and iteroperability favour a single vendor platform strategy.

Nick Brown, principal software architect at US smart home provider Vivint, says his company is closer to the "Apple model" than the DIY one, providing a range of hardware and software that is designed to work together as a platform, although other devices are still able to connect to the central hub via APIs. Which is not to say that Vivint would not support a more DIY approach if the difficulties in securely connecting disparate consumer devices over wireless could overcome.

"Security is a big challenge and it's one of the reasons we have a closed system," Brown told Computing during the MongoDB World 16 event in New York. "We can't use an open standard or participate in one until we are sure it's secure for our customers."

A victor has yet to emerge in the fierce battle for smart home connectivity standards, with all the big vendors lining up behind competing alternatives as members of consortia or pushing their own, such as Apple whose effort receives short shrift from Brown.

"Great company, but I don't think their IoT solution has legs," he said, adding that the future is impossible to predict. "We may end up with several standards not just one. Everything is moving so fast and we're just waiting to see what's coming, but it's certainly frustrating for consumers."

Security concerns many be shaping the current smart home landscape but that will not always be the case. Once a suitable standard or range of standards emerges Vivint is prepared to change tack Brown said. In fact the whole company is predicated on being able to adjust its operations quickly according to the prevailing conditions.

As a volume hardware and software provider the manufacturing lead times are long in relation to the rate of technological development in the space. Other factors lined up against smart home vendors, especially in the early years, include a short sales season (people overwhelmingly buy smart home devices in the summer) and huge and often unexpected peaks in demand at certain times of the day or the year.

"Halloween, my God," Brown groaned, remembering the biggest nightmare of the company's first year of operations. "We expected a 20 per cent increase in load as people opened their doors and turned on their lights more often but it turned out to be 150 per cent."

This caused a massive spike in the number of events written to the firms main MongoDB database, rapidly filling disk space and causing performance problems.

In short, assumptions have to be made that are likely to prove to be very wrong, so the company, and particularly its software and systems, must be flexible enough to cope, capable of fixing problems quickly. This favours agile development and technologies like NoSQL that facilitate making changes on the fly. The Halloween headache was cured by making changes to the document structure and storage.

"One of the most important things is that forgiveness aspect," Brown said. "Not just in the configuration and load profile but in the schema design. I made several mistakes along the way about how we should structure the data and how we should store and access it but all of those things you can change at any time in a live system."

The company is set up with a flat structure so that the developers can do pretty much everything themselves, he said.

"We have no DBAs. We have operations folk who manage the hardware that the database runs on but actually managing the database only takes about five per cent of one person's time, and from a developer perspective it's simple enough that any developer can get in there and work out what they need to do."

"We have 50 big MongoDB servers but we don't need anyone to babysit our database," he added.