It’s not easy to create seamless, secure software for smart home systems. In this article, I am going to provide my first-hand experience and share my advice on software development for an IoT project.


You can use Z-wave, ZigBee and Bluetooth LE. All of them are readymade wireless technologies, or communication protocols, used in smart home systems with sufficient noise immunity and range. However, I’ve found that the key requirement for smart home technology is its energy efficiency. Some technologies may have sufficient range and noise immunity and be suitable for roomy homes but be compatible only with costly devices like sensors and control elements. They also have different ranges, and devices from different manufacturers may not be compatible with one another with all technologies. Others, like Bluetooth LE, are said to have topology issues. 


For a software vendor, one of the primary challenges is planning out a simple and seamless smart home setup.

For example, in some smart home solutions, all of the network devices need to be connected manually. However, you can implement automatic plug-ins to facilitate a better customer experience. The process looks like this: The control device connects to the Wi-Fi, and it scans the space around it to find smart home devices (including sensors and executing devices). Finally, the devices connect to the network and are set up automatically. Another idea is to provide a QR-code identification system to prevent accidental connection with neighboring devices.

Another challenge is organizing secure remote access when the IP addresses are dynamic. In this case, technology like WebRTC that provides a cloud intermediary (for example, to an Amazon or Google server) for a trusted binding can be helpful.


As mentioned above, you can’t directly connect to the smart home because of the dynamic IP, so the cloud intermediary comes into play again when you’re sending videos from smart home cameras, which can add a major expense. Adding homes to your network will increase the traffic.

Not all types of internet service offer speeds exceeding 100 megabits per second (Mpbs). Decide on the optimal resolution and quality of the video. You can try implementing a variable bit when encoding a video stream (like on YouTube) where the picture quality depends on the bandwidth. Another solution is to set limits. (For example, you could limit customers to no more than four cameras, one Mpbs and 640-by-480-pixel resolution per camera.)

Logging And Support Service

Another challenge is to record events and user actions to improve the support service quality in case something goes wrong. You can develop a special logging system to gather data, send it to the cloud and then redirect it to the processing server. In our case, the development of a logging system turned out to be rather complicated, as it needed to process terabytes of data from thousands of smart homes. Be ready for that.

However, systems like these grant the customer access to all of the logs. They can chronologically search to reveal system errors and their combinations. To get a full picture of the problem, search for apps to store and view logs: We use Elasticsearch database for storage and Kibana for viewing.


A lot of users have concerns about internet traffic interception. Therefore, you should simulate a lot of scenarios and search for solutions.

You can mitigate traffic interception risks by using multistage encryption. You can back up the smart home system and install it onto a new control device to avoid letting intruders in. To restore from backup, you can have users enter the login and password of the super administrator and provide a “memorable word.” The memorable word can be recovered by a code sent by email or via text message. Even if the intruder finds out what your code is, they won’t be able to install the app and modify the password as long as you set it to require access to the phone number or the email of the super administrator.

In the pursuit of security, you should always keep usability in mind. To save users from the necessity to enter logins and passwords every time, you can bind the smart home to the phone ID. You can also make it so users won’t be able to install the app if the smartphone is not protected by the touch ID or a pin number. This way, even if the device is stolen, the attacker cannot proceed.


However, I believe the biggest challenge of developing a smart home system is maintaining its stability. All smart homes I’ve encountered implement cloud technologies in one way or another. And if the mobile cloud server fails, users could lose access to the system from their mobile devices.

You can mitigate this risk by deploying cloud servers in a cluster for a safe backup. Besides, it is important to consider balancing the server load. After all, as the number of smart homes grows, the server load will also grow.

All this rests on potentially massive infrastructure costs. Many companies believe that you can only focus on development as if all the infrastructure issues can be solved by a cloud server. In my opinion, such an approach is not viable. It may be a good option for testing but not for full-fledged operation.

For smart homes, it is necessary to deploy the entire infrastructure in existing data centers, or even create your own in order to optimize costs. And if you’re scaling the solution to several countries, it may be desirable to have your own data center in each of them and then connect the data centers into single regional nodes.