Why isn't HomeKit open source?Shaun AllanInternet of Things
Open source software makes source code available for modification or enhancement by anyone. Whilst there are obvious benefits to the open source approach - individuals, mobile app developers and organisations can rapidly contribute to the code-making development process – it also has its disadvantages. One of the major drawbacks is the vulnerability of open source software on the security front, both in terms of present and future threats.
Apple is a brand that is renowned for taking security seriously. From calls and messages to sharing photos with friends and family, the company has long been averse to making its software development kit (SDK) open source. As HomeKit is an IoT platform that allows remote control of smart devices at home such as locking systems, lighting and thermostats, it’s no wonder that security is high on Apple’s agenda.
Apple is committed to protecting users’ data and applications designed by mobile app developers within its close knit ecosystem, and does so by adopting a no open source policy. But the recent decision to make Swift open source is a paradigm shift from this policy, required to integrate devices and device makers into Apple's developer eco-system.
HomeKit – A framework for home automation
As a home automation platform which works with the iOS platform, it can be integrated with any hardware devices and IoTs, but can only pick up signals from an iOS application, rather than an application on any platform. As a result, whilst the could indeed be installed in any device, its application is limited by the fact that its SDK isn’t open source.
This may seem inconvenient for consumers eager to adopt home automation, but look at it from another perspective: Can you afford to leave everything in your home open to hacking, simply because the firm that made your plug sockets couldn't be bothered to invest in better security practices? Apple takes a strict approach to the security and privacy of its users; manufacturers must pass stringent norms in order to qualify for the MFI license from Apple.
Apple's developer ecosystem
Apple has integrated tight security measures into its developer ecosystem. It has an impeccable record in synchronising hardware with software. This is where the big electronics and hardware players like LG and Samsung have failed to deliver; their standards in building software rarely match their impressive innovations in hardware.
For third party software such as mobile apps to make it onto Apple devices, each piece of code written by mobile app developers has to pass through a set of stringent tests before it is allowed onto the App store, making it extremely secure for its users to be able to use the apps without the fear of being hacked or their data being misused. Which makes for a strong case against making any of their SDK's open source.
The future for HomeKit?
Making HomeKit open source would pose various security issues, leaving it vulnerable to malware and unregulated content. Apple’s MFI (Made for iPhone/iPod/iPad) license requires device manufacturers to follow the norms set by Apple to integrate them into the HomeKit framework. Whilst this works out well with most of the small and medium players in the industry, the big players may be deterred from joining the bandwagon.
However, we hope that Apple might find a middle ground in the future, by keeping its core code secure and allowing the ApI calls and app interactions to be open source. This would enhance the integration of third party devices and apps into the HomeKit framework, without compromising on the security for which Apple is famous.
The fact that Apple has made Swift open source certainly sends signals in the right direction. Yet it remains to be seen how far this decision benefits the mobile app developer community, Apple and the users at large.
To further explore the world of mobile apps Get in touch with hedgehog lab.