The act of designing, deploying, and maintaining an IoT solution involves the close examination of many criteria ranging from the business needs of the organization to the realities of supply chain influences over the lifecycle of components involved. Some factors to consider are obvious such as dashboards and telemetry data while others are more esoteric and not always top of mind when beginning the design of a solution. In this series of articles, we hope to cover a breadth of considerations as it pertains to the device(s) needed to provide data or affect changes on premises. Whereas the Well Architected Framework for IoT pays attention to the holistic solution ranging from device concerns to data ingestion to the cloud as well as cloud side architecture, these complimentary documents focus more directly on the device and its role in the solution. For this article's purposes, we refer to the term Unified Edge Device Architecture, to represent a methodology of designing, deploying and maintaining IoT devices as part of an IoT solution.
This series of articles will be structured as follows:
Designing an IoT Device to be effective in production and at scale requires a careful examination of many different facets ranging from supply chain to power consumption to communication standards as well as lifecycle. This paper is not intended to be a comprehensive list of concerns that if addressed will yield the perfect device for a project. Instead, this paper attempts to introduce some typical concerns device makers face and a methodology for making your own assessment as that what constitutes an appropriate design for your use case.
When formulating a set of criteria that needs to be satisfied for your device design, it is instructive to consider the personas of those who will be impacted by the device. Once you identify those personas, visit each of the design pillars and ask questions from the perspective of those personas. Each will surface topics for which you need to provide a reasonable resolution within your design specification.
One way of identifying these personas is to consider the lifecycle of an IoT device. We view this as a cycle consisting of 5 stages.
Much of the service life of a device will be in a virtuous cycle of configure/monitor within the overall lifecycle of an IoT device. This represents the ongoing steady state of the operation of the device (providing telemetry, receiving and applying updates, etc.).
As you can imagine, multiple personas start to become apparent when considering these various phases. For example, during the Plan phase, supply chain realities need to be considered relative to the hardware BOM (bill of materials), deployments need to be planned as it relates to how devices are to be grouped, amongst others. During the Provision phase, special consideration needs to be placed on establishing a device identity that can be trusted and how to associate that with the IoT cloud solution.
These are just 3 examples of personas that you may wish to consider when formulating the criteria for your design. It would be beneficial to read the remainder of this paper with your set of personas in mind.
Device management is a crucial process for maintaining devices working properly in a network, which includes device provisioning and authentication, operating system updates, device configuration, application updates, the ability to monitor and perform diagnostics on the IoT environment.
Device Management usually has many aspects, but it can be categorized into some main “areas”:
These main “areas,” separate the app deployment from the infrastructure management. It allows continuous app deployment and management to be on a different release cadence from the platform management cadence. This is sometimes referred to as the data plane and control plane.
It can also be seen in certain Industry sectors where Operational Technology (OT) is separated from Information/Infrastructure Technology (IT).
One of the key components of an IoT system is the device, and with them comes a weighty decision when choosing the operating system or run-time that we will use to run the application and that is going to be capable of integrating with a management tool. Microsoft offers different OSes across the Azure IoT portfolio from Windows for IoT to Azure RTOS to Azure Sphere. At this point, you may be wondering which operating system best suits your needs. To facilitate the decision-making process,
Once the platform (hardware + OS) on which the IoT solution will run has been determined, we can choose a platform to manage the solution that is compatible with it and fits our requirements. Assess what aspects of the DM provider are important to your organization, including hosting and pricing. Consider compatibility with your devices, the ability to deploy devices at scale, authentication mechanisms the provider supports, integration with the cloud, integration with data analysis and visualization services, data transfer protocols supported, physical location of the devices, frequency, and type of updates.
The tools that exist for managing devices are varied and will depend on the requirements of each IoT solution and the technical capabilities of the devices.
IoT Hub is a PaaS (platform as a service) that allows organizations to on-board and manage devices that run on a broad range of operating systems, including Windows IoT Enterprise, Linux, Sphere OS, Azure RTOS, Raspbian, among others. Some features include provisioning devices and connecting to the Azure Cloud, enable over-the-air updates, group, and nest devices, monitor health and security of the IoT network. Learn more about IoT Hub at IoT Concepts and IoT Hub | Microsoft Docs.
When the intention is to provision large numbers of devices just-in-time, without human intervention, automatically load-balancing devices across multiple hubs and regions, reprovision devices or massively rolling keys, you might want to use DPS (Device Provisioning Service), a service that helps IoT Hub provision devices in a scalable and secure way.
Two broad categories of connectivity will be considered: short range and wide area. Short range is often a local RF (Radio Frequency) source and examples include Bluetooth, Bluetooth Low Energy (BLE), 802.15.4 based protocols, proprietary sub-GHz, and LoRa, among others. There are techniques that increase the base RF range by creating networks, typically either a simple repeater scheme or a mesh network. Examples of mesh network-based systems include Zigbee, BLE Mesh, and LoRaWAN. Range can be extended at the cost of network latency. It takes time for the packets to propagate between repeaters regardless of protocol or topology.
Managing connectivity is much easier if the radios themselves are a viable choice for the task at hand. In radios, there are two general principles that are good to know. First, the faster the data rate the lower the radio sensitivity. Therefore, faster is not always better as it will have a shorter range if all other factors are equal. The second is that the lower the frequency the better the RF signal will propagate and the better it will be at going through objects. There are many other factors that influence RF choices including interference, low power considerations, and compliance issues just to name a few.
Despite repeaters or a mesh extending the basic range these networks are not global in the way that telecommunication networks or the internet is. How each network type manages connectivity will be different. Indeed, there are many different management schemes, often dependent on what protocol is being used. In the simplest case a single protocol is used for all devices on the network. More often an installation will want to use multiple protocols as real-world installs are usually a mix of battery powered devices, which are optimized to spend as much time as possible in a low power sleep mode, and mains powered devices. To deal with the complexity introduced by various protocols with different control mechanisms, Connectivity Management Platforms arose. Connectivity management platforms can be defined as a platform used by a service provider to provision devices or users on a wireless network and manage them. Several companies currently offer connectivity management platforms. Connectivity management at scale blurs into device management at scale. In a perfect world you would have a single pane of glass that shows both as devices and their connectivity are intertwined and having one without the other is not useful.
Some of the tasks that should be considered are provisioning devices onto the network, managing network connectivity issues (e.g., data consumption or cellular subscriptions), how diverse types of networks will be handled (e.g., separate tools for separate networks or try and get everything all under one tool), and geographic scope (e.g., local networks or larger regions or even worldwide). Note that as the exposure of a device increases the security needs will increase also. Networks that are local and not internet connected directly do not have the attack surface of internet-facing devices.
The above considerations are fairly high level but provide a good starting point for factors to consider. To dig deeper into the specifics of the exact problem being solved will begin to dictate design choices. In many cases contradictory design goals will force compromises between range, performance, power needs, and latency.
Some would say that data management is the primary job of an IoT Device. IoT solutions use ingested data to direct all its reporting, alerting, and to drive the insights needed to trigger actions. Data is at the core of every IoT solution. From the device perspective, there are multiple facets to consider for its participation in the data estate. In many cases, the device in question will be gathering the data, from directly attached sensors or as the first IP (Internet Protocol) capable device receiving telemetry from non-IP capable sensors such as Bluetooth or serial.
The IoT device may need to act on the data as it receives it, it may also need to be able to analyze data gathered while offline. It is helpful to think of the needs of the data in 3 modes:
The different paths described above may be satisfied by different techniques and technologies and must be weighed against the capabilities of the device in question (RAM, processing power, etc.).
However, merely acting upon data is only part of the considerations necessary when planning data management on a device. Equal consideration must be paid to the data's security, both in transit and at rest, privacy controls and storage. Data encryption becomes a vital topic. You should design with the assumption that data in transit can be intercepted and thus protocol selection needs to be intentional and well thought out. If data is to be stored locally (warm path or even cold path), the design needs to consider what techniques are required to satisfy your security needs. If the device itself can be stolen, for example, you would not want sensitive data stored as plaintext on some removable storage. This could mean you may want to design for encrypting data before persisting it or even leveraging secure storage options. There are many tradeoffs to be considered in your design. While encryption does not have to impose a huge compute load, it does not have a zero cost either. What design tradeoffs make sense to satisfy your use cases? Learn more about Azure Confidential Computing by visiting Confidential Computing on Azure.
The design of your IoT device needs to consider how to transfer data both “to” the device (from sensors, etc.) as well as “from” the device (to the cloud). What requirements are necessary to satisfy your use case? Azure IoT Hub only accepts secure methods of data transfer from devices which then implies compliance of one of those protocols on the device side. From a pattern perspective, your device may then well be performing as a translation gateway. More discussion can be found on translation patterns can be found here: Gateways for downstream devices - Azure IoT Edge. Note, IoT Edge is not required to fulfill the pattern per se but does provide a great framework for doing so.
IoT Security breaches can have significant impact on organizations revenue, legal and cost impact among other factors. Devices can be rendered useless, attackers can take control of the devices and use them for malicious purposes, data could be polluted, confidential data could be stolen. Security of Edge Devices at scale, data protection, connectivity, communication, and lifecycle management of related security attributes when edge devices are out in the wild is always challenging and customers top priority.
Microsoft builds security for the enterprise and technology you have and is not just securing Microsoft technology. This is possible as we are constantly investing into our incredible network of solution integration and MDR/MSSP partners, working closely with external organizations like NIST (National Institute of Standards and Technology), CIS (Center for Internet Security), The Open Group, CERTS, ISACs (Information Sharing and Analysis Centers), Law Enforcement agencies (for botnet takedowns), and others to bring in the best-in-class security solutions that are secure from silicon up. Before diving into the solutions aspects of security management at scale, we recommend adopting a Zero Trust Framework mindset from the outset and gathering key requirements for your product or devices.
Luckily, there are plenty of resources available to device manufacturers and solution integrators to help define requirements for a safe and secure IoT solution. A great starting point, Essential Properties of Secure Connected Devices, can help identify foundational security requirements for your IoT device. Additionally, several best practices both from a product engineering perspective as well as a deployment and configuration perspective can be found in Windows 10 Secured-core PCs | Microsoft Learn.
Because security is a broad topic, it is helpful to consider multiple perspectives that can help inform your approach – such as whether your target use case is a new (greenfield) or existing (brownfield) deployment. If you are working with an existing deployment, what special considerations might you need to think about given the constraints introduced by those legacy systems? If they are already connected, how are they currently managed and how might that need to evolve or be adapted to address your new solution. Given the connectivity requirements of the IoT device (such as BLE, Zigbee/Matter, Wi-Fi, Ethernet, Cellular) - pay attention to practices for securing those exchanges. If your device may store data locally, such as PII (personally identifiable information) data, encryption of that data at rest becomes an important design criterion. If that data is transmitted off the IoT device, you would again want to ensure that it is encrypted to prevent plain text interception of sensitive information. A highly secure device begins with the “hardware root of trust.” Without a foundation upon which to build, any stack is subject to attack. What, if any, is a viable approach for your hardware root of trust for your device design (TPM: Trusted Platform Module, other)?
All of these are important considerations to manage, including how to control the security configuration state (firmware updates, policy updates, etc.) at scale. For your design, would this roll under a natural function of your Device Management design assets or do you need to consider approaches specifically designed around security? As with all the other topic areas raised in this article, costs must be considered. What tradeoffs are reasonable to make to achieve the business objective of the IoT device?
The act of designing a holistic IoT solution involves many topic areas – as considered in the Well Architected Framework for IoT (WAF for IoT). This article has focused on topics more germane to the IoT devices that comprise the solution. Once a set of criteria has been generated given all the considerations introduced in each section, device manufacturers can then use standard DevOps processes and Azure device SDKs to create a compelling IoT device that will integrate easily into an IoT solution. IoT solution integrators can use these devices with confidence knowing that their IoT device partners have designed their products with this holistic vision driving their design criteria.
This article acts as the introduction to a series of articles that takes a more thorough look at each section mentioned above. The intent is to highlight a methodology of considering multiple aspects relevant to IoT device design and not specifically as a complete checklist. It is our belief that an ecosystem of partners that share an understanding of how to design and integrate IoT devices into an IoT solution will accelerate adoption of both the devices and the solutions that use them.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.