Universal Plug and Play is the original Internet of Things, in a way. Devices sharing media and information is the basis of IoT, so it is no wonder that UPnP hopes to shape IoT in the near future.
If the Internet is the Wild West, then the Internet of Things is the Space Frontier. IoT is full of possibilities, from the types of batteries used to power each object to the method of communication in a network. It's impossible to pin down just about anything concrete about it, other than the connectivity of basic objects. With connectivity comes a need for standardization.
Standards, Standards, Everywhere
UPnP uses the same standards and protocols to connect devices as other node-to-node technologies, such as IP and HTTP. In order to connect, a device acquires an IP address and uses HTTP to facilitate communication from device to device. It's meant to be a simple and easy way to stream content from device to device, rather than routing data or communications through the cloud, which is a central feature of the Internet of Things.
And this is why the UPnP Forum is a group to watch in the future, because it hopes to insert its technology and standardization into new IoT devices from a variety of companies, rather than work locking things down with proprietary technologies. This is a horizontal integration tactic that should pay off in the future compared with entities that are more focused on vertical integration technologies and the resulting lockdown.
Not so long ago, UPnP was considered a security risk, and for good reason. In essence, any device could connect to a network, acquire an address, and stream media from any device in said network. Through its new device architecture and device protection, however, the UPnP-activated device no longer assumes that any object in the network is safe to communicate with.
According to UPnP Forum representatives, not all devices within a network will have the ability to support cryptography or certain device architecture, and this could be a potential problem. After all, your chain is only as strong as your weakest link, and if a device can't encrypt its messages, that is dangerous for a network.
But devices in the network that don't support cryptography are likely going to be devices that sit low on the hierarchy. Take for example the "connected toaster" (a favorite foil when discussing IoT). In this example, a connected toaster sits rather low on the totem pole in terms of communication. Is your personal Internet of Things network as weak as your toaster? Can a hacker get to your data through your weakest device?
It's not likely, considering a toaster won't even have that level of access to itself, let alone to another device in the network. In other words, devices like toasters and light switches aren't necessarily mission critical, and they aren't "smart" enough to need (nor can they support) special security measures.
When broadly considering the Internet of Things, security issues will most likely lie in the standardization between parties. If all devices have different standards of security, each device will have to trust that the certification of each device is legitimate.
To that end, the group rolled out its UPnP+ initiative to ensure security and interoperability across platforms and devices with current and evolving standards. You can learn about the program here.
Barriers To Adoption
The biggest issue that the UPnP Forum faces in the burgeoning IoT market is simply being noticed for its work. Currently, convincing OEMs to spend more money than is necessary to equip their devices with UPnP technology has proven difficult.
IoT is a vision that is constantly changing. Mass adoption appears to be a matter of if and not when, but the path towards a mature IoT market is not yet a clear one. The UPnP Forum's strategy of horizontal integration is likely a sound strategy going forward.
Update, 5/11/15, 8:15am PT: Adjusted references to UPnP Forum for clarity.