Is it the vendor of the faulty device, is it the developer of the gateway for failing to filter the bad data or the controllers for being unable to cope with extraneous events? A large number of IoT systems will also need to be able to cope with user-written software. Those used in home automation, for example, may be controlled by a combination of downloadable apps and user-written or customised scripts. Errors in these may, if not guarded against, could cause IoT nodes to behave unpredictably.
Developers of IoT devices not only need to consider the stability of their design when used in a networked context but their vulnerability. When things become financially important, they will become enticing targets to hackers.
Even those without a direct financial benefit for successful attackers, some devices may provide an avenue for hackers to gain personal data that can be used for phishing attempts or simply be attractive targets for digital vandalism. In the wake of security disclosures about an internet-enabled thermostat, showing how it was possible to load a web page showing the password it required, some users reported their devices misbehaving. In one case, a home user woke up in the early morning to find theirs had been set to 35°C.
In the world of personal computers and servers, the idea of regularly patching the software to counter types of attacks as they become known has become entrenched. But devices that do not have any form of high-bandwidth connection to the internet or which cannot suffer the downtime associated with a firmware update and reboot cannot realistically be treated the same way.
An IoT device may have no high-bandwidth connection to load new software other than a custom connector inside the package that was used during factory configuration, and after commissioning in the field may be installed out of easy reach.