Making Physical AI Practical for Real-World Industrial Operations: Part 1
We’ve all read the headlines, but are companies really implementing AI with success, and at scale in manufacturing? The answer is yes - by replicating proven operational practices through simple, but highly practical AI implementations that help improve operational efficiency. For many years I helped industrial customers complete manual data analysis of root causes, lean black-belt style, using pareto charts and continuous improvement cycles to get results. Doing so required practical expertise, manual scrubbing to get good quality data (garbage in, garbage out), and a bit of charting to get to a simple set of recommendations for areas of focus. With modern advances, it’s not hard to see how easily that task can be accomplished with more range, more accuracy, and more speed using agentic AI running over AI-curated data sets. What once required weeks of expert-led analysis can now be surfaced continuously, turning root cause analysis from a retrospective exercise into a real-time operational capability. AI innovation is accelerating rapidly, and industrial organizations are eager to translate that momentum into real business outcomes. As the companies we partner with advance their AI initiatives, they are increasingly focused on designing and deploying scalable, responsible AI systems that can access and contextualize diverse data sources to proactively identify issues, assess business impact, and coordinate appropriate responses. Microsoft has been working closely with these organizations to build the right architecture to support their modernization goals while maintaining the control and stability required in industrial environments. At Hannover Messe 2026, we’re excited to share our vision for running AI‑powered factories, highlight the partners helping bring this vision to life, and announce our latest innovations in this space. Operationalizing Continuous Improvement with Agentic AI Industrial organizations are at varying stages of AI maturity, but many are exploring how AI can enhance established methodologies such as Lean and Six Sigma that utilize continuous improvement loops like identify–observe–analyze–decide–act. By enabling the ongoing collection and analysis of operational data, AI agents can fundamentally change the speed and accuracy of these data driven processes. In the early stages, organizations often start by using AI to generate chat-style insights and recommendations based on observed patterns; but as model performance improves and trust increases, they’re often motivated to include agents as part of a mixed human/AI team for supervised decision‑making and closed loop actions. Even simple agents can be used deliver ongoing analytics including cross‑deployment comparisons, failure clustering, and variance analysis across plants, regions, or device fleets on the fly by continuously monitoring telemetry, reading free-text fields on incident reports & support summaries, and by adding context from deployment metadata. This enables earlier intervention, helping reduce waste, improve sustainability, enhance quality, and increase operational efficiency. To support the effective use of AI agents across industrial operations, organizations need an architecture that captures real‑time operational data from machines and processes, transforms it into cloud‑ready formats, and contextualizes it with enterprise systems such as ERP and CRM to understand both operational and fiscal impact. AI and analytics must be developed and deployed across both edge and cloud environments - using cloud capabilities for scalable analytics, enterprise integration, and complex workloads, while leveraging edge execution for low‑latency insights, resilience to connectivity loss, and support for sovereign on‑site data. Leveraging cloud and edge-based data, agents can help enable coordinated, proactive responses across systems and teams. In addition, organizations need the ability to scale and govern these capabilities consistently across sites, while maintaining the control, security, and reliability required in industrial environments. You can learn more about Microsoft’s Industrial AI stack in Part 2 of this blog, which provides the foundation for scalable industrial AI deployments. However, I would first like to shine a light on the role of our ecosystem, who play a critical role in enabling physical AI in complex operational environments. How our partners help accelerate and scale Physical AI deployments We recently had a partner, Sight Machine, accelerate a customer outcome by reducing their deployment timeline by about 90% using a validated, repeatable solution built on adaptive cloud architectural patterns. This is not an uncommon outcome. Our partners work to extend Azure IoT's capabilities with end-to-end solutions that give manufacturers the confidence to standardize once and deploy everywhere with security, governance, and repeatability built in. Advantech At HMI, Advantech is showcasing its LoRaWAN industrial sensing portfolio, including sensors connected through the WISE‑6610 LoRaWAN gateway. The gateway aggregates telemetry from distributed sensors and publishes it via MQTT, enabling seamless integration with Azure IoT Operations and downstream Azure cloud services. Learn more here and drop by our booth to see it in action as part of the hero demo. Celebal Tech At HMI, Celebal Tech is showcasing how its UniPlant platform integrates with Azure IoT Hub and Azure IoT Operations to harmonize fragmented OT data from machines, SCADA, PLCs, and MES systems into ISA 95 aligned, enterprise ready models. By transforming real time industrial telemetry into contextualized KPIs and operational insights, the joint solution enables unified plant visibility, predictive maintenance workflows, and AI ready data foundations across production environments. Stop by the Microsoft booth or CT’s booth A02 in Hall 16 to see how Celebal Tech and Microsoft are helping manufacturers scale intelligent operations with trusted, decision grade industrial data powered by Azure IoT. Helin Helin has built its edge‑to‑cloud industrial operations platform on Azure IoT Hub, orchestrating secure device connectivity and streaming large‑scale industrial telemetry into Microsoft Fabric and Azure Databricks to power real‑time operational intelligence for energy and maritime customers. As an early validation partner for Azure Device Registry (ADR) and Microsoft-backed certificate management, Helin is helping shape the future of unified asset identity and fleet‑scale device lifecycle management across distributed industrial environments. Meet Helin at Hannover Messe to learn how they're advancing unified asset identity across industrial fleets, learn more here. Litmus Automation At Hannover Messe, Litmus is announcing Litmus Edge Bridge for Azure IoT Operations, enabling automated, real-time discovery, cataloging, and onboarding of industrial assets. When Litmus Edge detects a new PLC, sensor, or controller, it becomes visible in Azure IoT Operations and can be onboarded with a single click – no manual mapping, scripting, or custom pipelines required. Built on the open-source Akri framework, this integration provides Azure-native representation of devices and their data models, enabling OT and IT teams to bring industrial data into Azure in a consistent, governed way. Learn more here and stop by the Litmus booth (Hall 16, booth A09) to see a live demo. Mesh Systems Mesh Systems is showcasing its Akri‑based industrial connectivity architecture at Hannover Messe 2026, designed to enable flexible integration across new and existing OT assets. Built to align with Azure IoT Operations and Kubernetes‑based edge architectures, Mesh’s framework provides a scalable way to onboard industrial protocols at the customer site and route operational data across edge‑to‑cloud environments, accelerating time to value for downstream AI‑driven workflows. As a trusted Azure IoT partner, Mesh delivers end‑to‑end implementation to help customers move from connectivity to production‑ready, data‑driven operations. Read their announcement press release here. NVIDIA Microsoft and NVIDIA are partnering to accelerate customers’ adoption of Physical AI through two new collaborative efforts unveiled at GTC. A public Azure Physical AI Toolchain GitHub repository - integrated with the NVIDIA Physical AI Data Factory and core Azure services - enables developers to build, train, and operate robotics and physical AI workflows that connect physical assets, simulation environments, and cloud‑based training into repeatable, enterprise‑grade pipelines. In addition, a deeper integration between Microsoft Fabric and NVIDIA Omniverse libraries connects live operational data with physically accurate digital twins and simulation, allowing organizations to monitor physical systems in real time and use AI‑driven insights to inform next‑best actions. These capabilities will be brought to life at HMI in Microsoft’s Factory of the Future demo. Rockwell Automation Rockwell Automation and Microsoft are advancing an established adaptive cloud pattern for scalable industrial AI. FactoryTalk Optix captures and contextualizes OT data at the edge, while Azure IoT Operations provides consistent governance and lifecycle management across site deployments through Azure’s control plane. Together, Rockwell and Microsoft are co-innovating to do information model discovery and synchronization at the edge to bring agent-ready data to cloud. Stop by the Microsoft booth at HMI to learn how the joint architecture enables scalable industrial AI deployments from factory floor to cloud analytics. Sight Machine In 2025, Sight Machine integrated its industrial AI platform with Azure IoT Operations and Microsoft Fabric to turn fragmented plant data into contextualized, production-ready insights. Its unified marketplace offering for industrial data ingestion, streaming, and AI analysis helps manufacturers standardize OT data at scale and move from pilot to production in weeks. This is proven in the field: a major global bottler moved from setup to full rollout in under two months using the joint solution, and many manufacturers across industries are seeing similar gains while realizing their industrial AI goals. Toyota Industries Corporation (TICO) reports improved paint shop quality with AI-powered defect detection with Sight Machine and Azure IoT Hub. Join Sight Machine’s MSFT booth theatre session at HMI (Mon, April 20, 2:30 PM) to learn more - or explore their solution here. Siemens Siemens Industrial Edge and Azure IoT help manufacturers move from fragmented OT environments to unified, insight‑driven operations across sites. By standardizing how industrial data is captured and governed from edge to cloud through Siemens’ Industrial Edge Management (IEM) and Azure IoT Operations, customers can reuse operational data across analytics, AI models, and digital twins without re‑architecting underlying systems. The joint solution accelerates time to value, reduces integration effort, and enables real‑time optimization, predictive maintenance, and closed‑loop quality across production environments. Join the theatre session on April 22 at 9:45am in Microsoft’s booth to learn how Siemens and Microsoft are enabling scalable industrial AI in production environments. Conclusion As manufacturers scale AI from pilots to production, success depends on a foundation that connects operational data, applies AI where it’s needed, and governs everything consistently from edge to cloud. At Hannover Messe 2026, we’re proud to share how Microsoft and our partners are helping customers run AI powered factories with an adaptive cloud approach - so teams can move faster with confidence, improve uptime, and turn real-time insights into action. To learn more: Visit us at Hannover Messe 2026 in Hall 17, Booth G06 to explore the latest partner innovations across Azure IoT Operations, Azure IoT Hub, Foundry Local, and Azure Local. Not attending in person this year? Reach out to your Microsoft account team to find the right solution for your environment. Read the next blog in this series that details the latest product innovations we will be sharing at Hannover Messe 2026: Making Physical AI Practical for Real-World Industrial Operations: Part 2 See full list of our industrial ecosystem partners here: Microsoft Industrial AI Partner Guide: Choosing the Right Data Expertise for Every StageMaking Physical AI Practical for Real-World Industrial Operations: Part 2
In my previous blog, I talked about how we collaborate with great partners such as Sight Machine, Litmus, Mesh Systems, Siemens, Rockwell, Schneider Electric, and others to deliver end to end value for the practical application of AI in manufacturing environments. These partners, along with forward-thinking customers like Chevron, Husqvarna and Ecopetrol continue to drive our innovation roadmap and push the boundaries of how to use Agentic AI for operational efficiency improvements, visual inspection, and safety enhancements. How Ecopetrol is modernizing its data platform to take advantage of AI As an integrated energy conglomerate, Ecopetrol operates across the entire hydrocarbon chain encompassing exploration, production, transportation, refining, and commercialization, as well as linear infrastructure, including energy transmission and road concessions. The company is dedicated to leading the energy sector into a more sustainable future by adopting technology that enables intelligent operations. Ecopetrol has partnered with Microsoft to build a flexible and secure edge to cloud platform, based on Azure IoT Operations and Fabric Real-Time Intelligence, that can standardize data across diverse sources to enable data contextualization and eventually, AI integration. This improved ability to harness data can help Ecopetrol meet key objectives such as improved operational performance, cost savings, lowered energy consumption, and reduced carbon emissions. New innovations introduced at Hannover Messe 2026: Microsoft’s Industrial AI platform has been purpose-built to support edge and physical AI scenarios. It offers a comprehensive foundation to build, scale, and govern Industrial AI initiatives with a unified intelligence layer powering AI (Fabric IQ, Foundry IQ, Work IQ) and a consistent framework to managing apps, data and infrastructure with the adaptive cloud approach. Looking more closely at how these components come together to enable business outcomes: Azure IoT Operations and Azure IoT Hub collect real-time data from operational assets and devices and send semantically-ready modelled data to Fabric IQ so that it can be contextualized with other enterprise data sources for downstream analytics. Microsoft Foundry has been extended to the edge with Foundry Local so that organizations can use the same tooling that they use to deploy and manage AI models in the cloud for edge use cases as well. Azure IoT Operations, Azure IoT Hub, and Foundry Local integrate into Azure Resource Manager, which brings OT devices, assets, and edge AI models into the same management and security paradigm as all other Azure managed resources. For organizations with sovereignty requirements, Microsoft enables Sovereign Private Cloud with Azure Local, which can run in connected or disconnected mode, depending on customer requirements. At HMI 2026, we are announcing our next set of innovations in this space to help manufacturers and partners initiate and scale industrial AI initiatives on a trusted foundation. Unlocking value from operational data Azure IoT Operations, enabled by Azure Arc, is a set of scalable edge services, built on industry standards to easily capture device and equipment data, process and normalize it at the edge, seamlessly send and receive operational insights to and from the cloud, and contextualize that data so it can be used directly by Physical AI workloads running at the edge. Through Arc and Kubernetes, Azure IoT Operations empowers our customers with a unified technology architecture and data plane that supports repeatable solution deployment, automated updates to apps, cost-effective high availability, and redundancy at the edge. At HMI 2026, we are announcing the next major release of Azure IoT Operations, 2603. This release enables manufacturers to build, manage, and operate industrial data flows across the full edge-cloud lifecycle without custom code. Key new capabilities include edge-to-cloud industrial data management with no-code visual data pipelines, cloud-to-edge device and asset command and control, unified health status and observability, as well as new connector integrations for third-party MQTT brokers and Litmus Edge industrial gateways. Furthering our commitment to open standards, we also recently announced support for WC3 Web of Things (WoT) in Azure IoT Operations, which simplifies the process of integrating industrial assets into intelligent applications. Agentic operations at the edge Foundry Local enabled by Azure Arc extends cloud grade AI inference to on-premises and edge environments. It allows organizations to deploy, run, and manage generative and predictive AI models directly on customer-controlled infrastructure, such as factory floors, remote industrial sites, and disconnected environments, where low latency, data locality, and operational autonomy are critical. The solution builds on Azure Arc-enabled Kubernetes as a unified control plane, enabling AI workloads to be deployed and operated locally using the same paradigms as in the cloud. Today, we are excited to announce Foundry model catalog in Azure Local, which supports both curated open-source models from a managed catalog and customer proprietary bring-your-own-model (BYOM) deployments. Models can run concurrently across available on-premises hardware, on CPU-only systems or with GPU acceleration, so customers can match performance and cost requirements across diverse edge environments. AI models are delivered as containerized services, exposing standard REST endpoints, including OpenAI compatible APIs for generative models and dedicated APIs for predictive workloads. This allows applications to consume local AI inference in the same way they consume cloud AI services, with minimal changes. New capabilities for secure policy and identity management While properly contextualized data and AI hold the key to optimizing business outcomes, organizations cannot risk rolling out these initiatives without the proper management and security foundation in place. Taking an adaptive cloud approach for these capabilities is also crucial, to ensure organizations have the right level of visibility, control, and protection across their entire digital and physical domain. Azure IoT Hub is Microsoft’s key offering to connect and manage IoT devices and assets with direct connections to the cloud. In November, we announced the public preview of Azure IoT Hub integration with Azure Device Registry which brought IoT devices under the purview of the Azure management plane (ARM, Azure resource manager) and allowed them to be secured with best-in-class Microsoft-backed X.509 certificate management capabilities. Today, we are expanding upon that preview with strengthened device identity, security, and fleet‑scale management. This refresh delivers a more complete, end‑to‑end certificate management experience, covering certificate issuance, renewal, and revocation, with support for hybrid trust models, including customer‑managed root CAs from non‑Microsoft PKIs. It also introduces a more cohesive Azure Portal experience for service configuration and device operations, allowing operators to manage devices consistently as ADR resources using standard Azure tooling and workflows. Firmware analysis capabilities Another critical security consideration for customers is the security profile of the device itself. With firmware analysis, enabled by Azure Arc, our goal is to provide deeper visibility into IoT/OT and network devices by analyzing the foundational software (firmware) they run. At HMI, we are releasing a preview of integration of firmware analysis with Azure Device Registry, delivering fleet-level visibility into where firmware vulnerabilities exist across deployed IoT and OT environments. This new integration correlates analyzed firmware images with devices and assets registered in Azure Device Registry, allowing customers with both Azure IoT Operations and IoT Hub to quickly see how many devices are running a given firmware image and which specific assets may be exposed to known security risks, bridging the gap between firmware insights and real-world operational impact. This release also offers new capabilities to help customers prioritize vulnerabilities, work with larger firmware images, and share security analysis results with supply chain partners. Sovereign options for mission-critical workloads While security continues to be a strategic priority for most large, global organizations, digital sovereignty is an increasingly critical requirement for many manufacturers as well. For these scenarios, Microsoft offers capabilities that support customers across connected, intermittently connected and fully disconnected modes. With Azure Local disconnected, organizations can now run mission-critical infrastructure with Azure governance and policy control, with no cloud connectivity, optimizing continuity for sovereign, classified, or isolated environments. With Azure Local disconnected operations, management, policy, and workload execution stay within the customer-operated environments, so services continue running securely even when environments must be isolated or connectivity is not available. Using familiar Azure experiences and consistent policies, organizations can deploy and govern workloads locally without depending on continuous connection to public cloud services. Azure Local is designed to scale with mission-critical needs from smaller deployments to larger footprints that support data-intensive and AI-driven workloads. Conclusion As a leading forum for industrial innovation, Hannover Messe provides manufacturers with an opportunity to explore the latest technologies transforming modern operations. This year’s theme, “Think Tech Forward,” aligns with the industry’s growing emphasis on applying proactive, AI‑driven intelligence across business processes and ecosystems. Join Microsoft in Hall 17, Booth G06 to discover practical approaches for implementing AI to improve operational outcomes. Learn more about Microsoft’s overall presence at the show here. For a deeper dive into how Microsoft is driving industrial outcomes with partners, please refer to the first blog in this series: Making Physical AI Practical for Real-World Industrial Operations: Part 1 holderAzure IoT Hub + Azure Device Registry (Preview Refresh): Device Trust and Management at Fleet Scale
What’s New in this Preview In November 2025, we announced the preview integration of Azure IoT Hub with Azure Device Registry, marking a huge step towards integrating IoT devices into the broader Azure ecosystem. We’re grateful to the customers and partners who participated in the preview and shared valuable feedback along the way. Today, we’re expanding the preview with new capabilities to strengthen security, improve fleet management, and simplify development for connected devices. With this refresh, preview customers can: Automate device certificate renewals with zero-touch, at-runtime operations to minimize downtime and maintain a strong security posture. Integrate existing security infrastructure like private certificate authorities with your Azure Device Registry namespace. Leverage certificate revocation controls to isolate device or fleet-level risks and maintain operational continuity Utilize an improved Azure Portal experience for streamlined configuration and lifecycle management of your devices. Accelerate solution development with expanded IoT Hub and DPS Device SDK compatibility for smoother integration and faster time to value. Together, these enhancements help organizations to secure, govern, and manage their IoT deployments using familiar Azure-native tools and workflows. Why this matters: From Connected Devices to Connected Operations Operational excellence begins by bridging the gap between physical assets and digital intelligence. Consider a global logistics fleet where every vehicle is more than just a machine; it is a trusted, connected, and manageable digital entity in the cloud. As these assets move, they emit a continuous stream of telemetry - from engine vibrations to fuel consumption – directly to a unified data ecosystem, where AI agents can reason over it with greater context. Instead of waiting for a breakdown, these agents detect wear patterns, cross-reference with digital twins, and provide recommendations to reroute a vehicle for service before a failure occurs. This completes a shift from reactive troubleshooting to proactive physical operations. Yet, for many organizations, this transformation is often stalled by fragmented systems where security policies, device registries, and data streams exist in silos. Overcoming this requires a sophisticated stack designed to establish trust, manage device lifecycles, and orchestrate data flows at a global scale: The Digital Operations stack for cloud-connected devices This journey starts with having a secure foundation for fleet management. In an era where perimeter security is no longer enough, organizations need an identity foundation that is both hardware-rooted and deeply integrated with device provisioning. Utilizing robust X.509 certificate management, where keys and credentials are anchored in tamper-resistant hardware, provides high-assurance system integrity across millions of endpoints. Once trust is established, Azure Device Registry creates a unified management plane, where devices are represented as first-class Azure resources, enabling ARM-based fleet management, role-based access control for lifecycle operations, and Azure Policy for enforcement. Simultaneously, IoT Hub provides secure, bidirectional messaging for at-scale fleets. This high-fidelity data provides the essential fuel for Physical AI. By streaming trusted telemetry into Microsoft Fabric, organizations can break down data silos and allow AI agents to reason over real-world events in a centralized analytics environment. The Azure IoT stack provides the essential bridge for cloud-connected devices, enabling customers to transform their industrial environments into highly secure and intelligent ecosystems. For more information on Azure's approach to industrial AI, check out: Making Physical AI Practical for Real-World Industrial Operations. Azure IoT Hub + ADR (Preview): Expanding Fleet and Certificate Lifecycle Management The April 2026 Preview for Azure IoT Hub and Azure Device Registry (ADR) deliver key features to further standardize device identity and enable policy‑driven management for certificates at scale. You can think of device identity in Azure Device Registry like the birth record of a person. When someone is born, certain information becomes permanently associated with them - such as their date and place of birth. In the same way, a device’s identity represents its immutable existence within your solution - things like its serial number, model, or ownership context. However, as that person moves through life, they obtain different credentials that allow them to prove who they are in different situations - such as a driver’s license or passport. These credentials may expire, be renewed, or even replaced entirely over time without changing the person’s underlying identity. In IoT, devices use X.509 certificates as their credential to prove identity to services like IoT Hub. In your Azure Device Registry namespace, you can define the public key infrastructure (PKI) that manage your X.509 certificates and certificate authorities (CAs). In this preview, we are making it easier to integrate with existing security infrastructure and manage certificates at fleet scale. Certificate Management for Cloud-connected Devices in Azure Bring Your Own Certificate Authority (BYO CA) in Azure Device Registry Organizations that already operate sophisticated certificate authorities, with well‑established compliance controls, audit processes, and key custody requirements, want to integrate their trusted CA with the Azure Device Registry operating model. With BYO CA, customers can use their own private certificate authority while still benefiting from Azure’s fully managed device provisioning, and lifecycle management. Azure handles the heavy lifting of issuing, rotating, and revoking issuing certificate authorities (ICAs) and device certificates - while you stay in control of the top-most CA. Full Ownership of Trust and Keys: By bringing their own CA, organizations maintain absolute control over their private keys and security boundaries. Azure never takes custody of the external CA, ensuring existing governance, auditability, and compliance controls remain fully intact. Automated Lifecycle Management: While the CA remains customer-owned, Azure Device Registry automates the issuance, rotation, and revocation of device certificates. This eliminates the need for custom tooling or manual, per-device workflows that typically slow down deployments. Bring your own Certificate Authority in Azure Device Registry Fleet‑Wide Protection with Certificate Revocations Revocation is a mechanism for selective isolation, used to contain a single or group of devices by decommissioning a single device's certificates or the entire anchor of trust. When a single device is compromised, lost, or retired, device certificate revocation enables a precise, targeted response. This allows organizations to isolate individual devices instantly, reduce blast radius, and maintain uninterrupted operations for healthy devices - without rebuilding device identities. ADR propagates the revocation state to IoT Hub, blocking revoked devices until they’re re-provisioned. When a subset of devices requires isolation, policy revocation allows operators to decommission an entire trust anchor rather than managing individual devices. By mapping a specific Issuing CA to a single ADR policy, organizations gain a high-precision containment mechanism. In a single action, an operator can invalidate a compromised CA and then plan for a staged credential rollover across the entire segment. ADR automatically enforces this updated trust chain within IoT Hub, ensuring that only devices with newly issued certificates can connect. This makes large‑scale certificate rotation predictable, controlled, and operationally simple. Revoking the certificate for a single ADR Device on Azure Portal Flexible Options to renew Device Certificates Managing X.509 certificates at scale doesn’t stop once a device is onboarded. Operational certificates are short-lived by design, ensuring devices do not rely on long-lived credentials for authentication. In real-world IoT fleets, devices are often intermittently connected, deployed in hard-to-reach locations, and expected to run continuously - making certificate renewal one of the most operationally challenging parts of device security. Azure IoT Hub now enables device certificate renewal directly through IoT Hub, complementing the role of Device Provisioning Service (DPS). While DPS remains the solution for first-time device onboarding and certificate issuance, IoT Hub renewal is designed for the steady state - keeping already-connected devices securely authenticated over time without introducing downtime. IoT Hub certificate renewal follows similar patterns as other device-initiated operations such as twin updates and direct methods. With this capability, devices can request a new certificate as part of normal operation, using the same secure MQTT connection they already rely on. Support for IoT Hub and Device Provisioning Service (DPS) Device SDKs Managing credential issuance and renewals at scale is only possible if devices can handle their own credential lifecycles. We’ve added Certificate Signing Request (CSR) support to our C, C# (.NET), Java, Python, and Embedded device SDKs for IoT Hub and Device Provisioning Service (DPS). Beyond developer convenience, this provides multiple device-initiated paths for certificate renewal and trust-chain agility. Devices can generate CSRs and request newly signed X.509 certificates through IoT Hub or DPS as part of normal operation. This allows security teams to rotate and update certificates in the field without touching the hardware, keeping fleets secure as certificate authorities and policies evolve over time. Customer Feedback from Preview We’re grateful to the customers and partners who participated in the preview and shared valuable feedback along the way. Hear some of what our customers had to say: "The availability of a built-in certificate manager is a great upgrade in keeping the IoT space more secure."— Martijn Handels, CTO, Helin Data “Secure data is the starting line for industrial AI. With Azure certificate management, at CogitX we can ingest manufacturing signals safely and confidently - then use domain‑aware models to deliver real‑time insights and agentic workflows that improve throughput, quality, and responsiveness.” – Pradeep Parappil, CEO, CogitX Get Started Explore the new capabilities in preview today and start building the next generation of connected operations with Azure IoT Hub and Azure Device Registry: Get Started with Certificate Management in Preview.Advancing Firmware Security: Fleet Visibility and New Capabilities in Firmware Analysis
When we announced general availability of firmware analysis enabled by Azure Arc last October, our goal was clear: help organizations gain deep visibility into the security of the firmware that powers their IoT, OT, and network devices. Since then, adoption has continued to grow as customers use firmware analysis to uncover vulnerabilities, inventory software components, and secure their software supply chain. Leading into the Hannover Messe (HMI) 2026 conference, we’re excited to share the next wave of firmware analysis capabilities, delivering enhancements that help customers connect firmware risk to real-world fleet impact, prioritize vulnerabilities more effectively, scale to larger and more complex firmware images, and expand security analysis for UEFI-based platforms. These updates are driven directly by customer feedback and by the rapidly evolving threat landscape facing embedded and edge devices. Connecting Firmware Risk to Your Deployed Fleet with Azure Device Registry (Preview) Securing connected devices doesn’t stop at identifying vulnerabilities in firmware—it requires understanding where those vulnerabilities exist in your deployed fleet and which devices are affected. We’re excited to announce a new preview integration between firmware analysis enabled by Azure Arc and Azure Device Registry, bringing fleet-level visibility of IoT and OT devices directly into the firmware analysis experience. This helps customers quickly understand how many devices and assets are running a given firmware image, and which ones may be exposed to known security issues. From firmware insights to fleet impact Firmware analysis helps customers uncover security risks hidden deep inside the firmware running IoT, OT, and network devices—risks such as known CVEs, outdated open-source components, weak cryptography, and insecure configurations. Until now, these insights were primarily scoped to the firmware image itself. With this new preview integration, firmware analysis now connects directly to Azure Device Registry, allowing customers to: See how many devices from IoT Hub integration with ADR (preview) and assets from Azure IoT Operations are associated with a specific analyzed firmware image Understand the real-world blast radius of vulnerabilities discovered in firmware Quickly identify which devices may require patching, mitigation, or isolation This preview bridges an important gap between security analysis and operational decision-making. What’s included in this preview With this release, we’re introducing new fleet-level context directly into the firmware analysis experience: A new Devices + Assets count column in the firmware analysis workspace showing how many Azure Device Registry devices and assets are running each analyzed firmware image A click-through experience that lets users view the list of affected devices and assets in Azure Device Registry Visibility spanning both: Devices connected via IoT Hub Assets managed through Azure IoT Operations This information is derived by correlating firmware metadata with device and asset inventory in Azure Device Registry, giving customers immediate insight into deployment exposure. Key use cases Identify vulnerable devices at scale: When critical CVEs are discovered in a firmware image, customers can immediately see how many deployed devices are impacted—without manually correlating spreadsheets, tools, or inventories. Prioritize remediation actions: With fleet visibility, teams can decide whether to patch devices, temporarily isolate affected devices from the network, or disable devices that pose unacceptable risk. Bridge security and operations teams: Security teams gain clear insight into where vulnerabilities exist, while operations teams can quickly act on specific devices and assets—all within the Azure portal. This integration is especially valuable in environments where downtime, safety, or regulatory compliance matter—such as manufacturing, energy, telecommunications, and critical infrastructure. Prioritizing Vulnerabilities with Enhanced CVE Metadata (Preview) The number of publicly disclosed vulnerabilities continues to rise year over year, making it increasingly difficult for security teams to determine which CVEs truly require urgent action. Simply knowing that a vulnerability exists is no longer enough—teams need context to prioritize remediation efforts. With this release, firmware analysis now provides richer metadata for each discovered CVE, helping customers focus on vulnerabilities that pose the greatest real-world risk. New CVE metadata includes: CISA Known Exploited Vulnerabilities (KEV) status – Indicates whether a CVE is listed in the CISA KEV catalog, signaling that the vulnerability is actively exploited in the wild. EPSS score (Exploit Prediction Scoring System) – A data-driven probability score that estimates the likelihood of a vulnerability being exploited in the next 30 days, complementing traditional severity metrics by focusing on exploitation likelihood rather than impact alone. Additional vulnerability context, including CVSS vectors and base scores, CWE classifications, and expanded metadata to support filtering and analysis. Together, these enhancements make it easier to triage findings, align remediation with risk, and communicate priorities across security, engineering, and product teams. Faster Performance for Large and Complex Firmware Images As firmware analysis adoption has grown, we’ve seen customers analyze increasingly large and complex firmware images—particularly in domains like networking equipment, where a single image can generate thousands of findings. To support these scenarios, we’ve made architectural enhancements to the service that significantly improve performance when working with large result sets. Key improvements include: Up to 90% reduction in load times of analysis results, especially for firmware images producing 10,000+ findings More responsive filtering and exploration of results These changes ensure that firmware analysis remains fast and usable at scale, even for complex network and infrastructure firmware images. Expanding UEFI Firmware Analysis (Preview) Modern devices increasingly rely on UEFI firmware as a foundational security boundary. In this release, we’re expanding our UEFI analysis capabilities to provide deeper visibility into UEFI executables and components. New UEFI-focused capabilities include: Detection of OpenSSL libraries and related CVEs within UEFI firmware Binary hardening analysis for UEFI executables, including detection of proper configuration of Data Execution Prevention (DEP) memory protection Continued support for discovering cryptographic material in UEFI images, including embedded certificates and keys This preview allows customers to evaluate the new capabilities, provide feedback, and help shape future enhancements in this area. Note: UEFI SBOM and binary analysis features are currently in preview and intended for evaluation and feedback. Bulk Export of Analysis Results for Supply Chain Collaboration We also recently released a highly requested feature that makes it easier to share firmware analysis results with partners and suppliers. Customers can now: Bulk download analysis results across one or more firmware images Export results as CSV files packaged into a ZIP archive This capability simplifies workflows such as sharing findings with device manufacturers or firmware suppliers, integrating results into downstream analysis or reporting pipelines, and supporting software supply chain security and compliance processes. Looking Ahead We’re excited about the progress we’ve made with this release and what it means for customers securing IoT, OT, and network devices. From connecting firmware risk to fleet-level impact with Azure Device Registry, to richer vulnerability prioritization, improved scalability, and deeper UEFI analysis—these enhancements reinforce firmware analysis as a critical tool for addressing some of the most challenging blind spots in modern infrastructure security. Firmware security is foundational to trustworthy systems—especially as edge devices continue to play a central role in industrial operations, networking, and data collection. If you’re already using firmware analysis and Azure Device Registry, the ADR integration preview will appear directly within the firmware analysis experience as it rolls out. We look forward to your feedback as we continue building secure, observable, and manageable digital operations with Azure. As always, we value your feedback, so please let us know what you think.W3C Web of Things (WoT) support in Azure IoT Operations
Integration challenges often pose a barrier to the ability to scale industrial solutions. When new or updated assets show up having a new protocol, a slightly different telemetry shape, or an undocumented interface, teams end up rewriting glue code and retesting end-to-end pipelines. Azure IoT Operations reduces that friction by providing a unified data plane at the edge: modular services running on Azure Arc-enabled Kubernetes, with an edge-native MQTT broker as the backbone for reliable, event-driven architectures. Key concepts Azure IoT Operations is Microsoft’s edge platform for running IoT services on Kubernetes via Azure Arc. MQTT is the pub/sub messaging protocol Azure IoT Operations uses for event-driven data movement. OPC UA is a common industrial connectivity standard that can expose rich information models, but many assets don’t implement it directly. W3C Web of Things (WoT) standardizes machine-readable descriptions of an asset’s interface via a “Thing Model.” We’re announcing a key step toward open, model-driven interoperability in Azure IoT Operations: W3C Web of Things (WoT) is now a first-class modeling input for developer workflows, backed by the Azure IoT Operations SDKs and the code generation (codegen) v2 toolchain. Why WoT in Azure IoT Operations? Azure IoT Operations already emphasizes open standards such as MQTT and OPC UA to foster interoperability across OT and IT systems while staying Kubernetes-native and scalable. In practice, though, many assets cannot natively present an OPC UA information model and integration documentation still often arrives as a static PDF. To scale deployments, teams need a machine-readable asset description they can use for automated onboarding and repeatable pipelines. WoT enables that path for non-OPC UA assets: instead of relying on a PDF, vendors (or integrators) can provide a WoT Thing Model that describes the asset’s telemetry, commands, and properties so onboarding and integration can be automated. What’s included The Azure IoT Operations SDKs are a set of tools and libraries (across multiple languages) for building and extending solutions. Within that toolbox, the Protocol Compiler is the centerpiece: it takes an interface model as input and generates client and server code so you can focus on business logic instead of message plumbing. With WoT support, you can use a WoT Thing Model as that input to generate code stubs for telemetry and for mRPC (message-based remote procedure calls used for service-to-service interactions in Azure IoT Operations). If you’re coming from the DTDL (Digital Twins Definition Language) world, the workflow will feel familiar: the Protocol Compiler takes a model as input and outputs generated client/server libraries in your target language. When an asset interface and data model are expressed as a WoT Thing Model, you can treat that model as the contract. Generated code then enforces the expected payload shapes for telemetry and mRPC interactions, reducing bespoke glue code and lowering the risk of mismatched or undocumented data. Eclipse ediTDor as a practical editor for WoT Thing Models A model-first workflow only works if authoring is approachable. Eclipse ediTDor is an open-source, web-based editor that helps you create and validate W3C WoT Thing Models, including export to JSON-LD (a standard JSON format for linked data). It is hosted by the Eclipse Foundation, and you can try it here: Eclipse ediTDor. WoT as the asset description that unlocks automation Putting it all together, a typical workflow looks like this: Start with a WoT Thing Model for the asset (from the vendor, a partner, or authored in-house). Open the model in Eclipse ediTDor to review, validate, and refine it. Use the Protocol Compiler (codegen v2) to generate client/server code stubs for telemetry and mRPC interactions. Deploy your application into an Azure IoT Operations environment running on Azure Arc-enabled Kubernetes and integrate with data services via the built-in MQTT broker. Getting Started If you want to explore this further, here are the key starting points: Azure IoT Operations SDKs overview and quick start: [Azure IoT Operations Developer Guide] Codegen V2 in the SDK repo: Azure IoT Operations SDK Eclipse ediTDor for WoT authoring: Edi{td}or Azure IoT Operations product overview: [What Is Azure IoT Operations] Conclusion With WoT support in Azure IoT Operations, we continue our commitment of building an open, standardized ecosystem where machine-readable asset descriptions are a first-class input to onboarding and development. Combined with the Protocol Compiler and practical authoring options like Eclipse ediTDor, it becomes feasible to go from an asset description to running code with significantly less integration friction.Azure IoT Operations 2603 is now available: Powering the next era of Physical AI
Industrial AI is entering a new phase. For years, AI innovation has largely lived in dashboards, analytics, and digital decision support. Today, that intelligence is moving into the real world, onto factory floors, oil fields, and production lines, where AI systems don’t just analyze data, but sense, reason, and act in physical environments. This shift is increasingly described as Physical AI: intelligence that operates reliably where safety, latency, and real‑world constraints matter most. With the Azure IoT Operations 2603 (v1.3.38) release, Microsoft is delivering one of its most significant updates to date, strengthening the platform foundation required to build, deploy, and operate Physical AI systems at industrial scale. Why Physical AI needs a new kind of platform Physical AI systems are fundamentally different from digital‑only AI. They require: Real‑time, low‑latency decision‑making at the edge Tight integration across devices, assets, and OT systems End‑to‑end observability, health, and lifecycle management Secure cloud‑to‑edge control planes with governance built in Industry leaders and researchers increasingly agree that success in Physical AI depends less on isolated models, and more on software platforms that orchestrate data, assets, actions, and AI workloads across the physical world. Azure IoT Operations was built for exactly this challenge. What’s new in Azure IoT Operations 2603 The 2603 release delivers major advancements across data pipelines, connectivity, reliability, and operational control, enabling customers to move faster from experimentation to production‑grade Physical AI. Cloud‑to‑edge management actions Cloud‑to‑edge management actions enable teams to securely execute control and configuration operations on on‑premises assets, such as invoking methods, writing values, or adjusting settings, using Azure Resource Manager and Event Grid–based MQTT messaging. This capability extends the Azure control plane beyond the cloud, allowing intent, policy, and actions to be delivered reliably to physical systems while remaining decoupled from protocol and device specifics. For Physical AI, this closes the loop between perception and action: insights and decisions derived from models can be translated into governed, auditable changes in the physical world, even when assets operate in distributed or intermittently connected environments. Built‑in RBAC, managed identity, and activity logs ensure every action is authorized, traceable, and compliant, preserving safety, accountability, and human oversight as intelligence increasingly moves from observation to autonomous execution at the edge. No‑code dataflow graphs Azure IoT Operations makes it easier to build real‑time data pipelines at the edge without writing custom code. No‑code data flow graphs let teams design visual processing pipelines using built‑in transforms, with improved reliability, validation, and observability. Visual Editor – Build multi-stage data processing systems in the Operations Experience canvas. Drag and connect sources, transforms, and destinations visually. Configure map rules, filter conditions, and window durations inline. Deploy directly from the browser or define in Bicep/YAML for GitOps. Composable Transforms, Any Order – Chain map, filter, branch, concatenate, and window transforms in any sequence. Branch splits messages down parallel paths based on conditions. Concatenate merges them back. Route messages to different MQTT topics based on content. No fixed pipeline shape. Expressions, Enrichment, and Aggregation – Unit conversions, math, string operations, regex, conditionals, and last-known-value lookups, all built into the expression language. Enrich messages with external data from a state store. Aggregate high-frequency sensor data over tumbling time windows to compute averages, min/max, and counts. Open and Extensible – Connect to MQTT, Kafka, and OpenTelemetry (OTel) endpoints with built-in security through Azure Key Vault and managed identities. Need logic beyond what no-code covers? Drop a custom Wasm module (even embed and run ONNX AI ML models) into the middle of any graph alongside built-in transforms. You're never locked into declarative configuration. Together, these capabilities allow teams to move from raw telemetry to actionable signals directly at the edge without custom code or fragile glue logic. Expanded, production‑ready connectivity The MQTT connector enables customers to onboard MQTT devices as assets and route data to downstream workloads using familiar MQTT topics, with the flexibility to support unified namespace (UNS) patterns when desired. By leveraging MQTT’s lightweight publish/subscribe model, teams can simplify connectivity and share data across consumers without tight coupling between producers and applications. This is especially important for Physical AI, where intelligent systems must continuously sense state changes in the physical world and react quickly based on a consistent, authoritative operational context rather than fragmented data pipelines. Alongside MQTT, Azure IoT Operations continues to deliver broad, industrial‑grade connectivity across OPC UA, ONVIF, Media, REST/HTTP, and other connectors, with improved asset discovery, payload transformation, and lifecycle stability, providing the dependable connectivity layer Physical AI systems rely on to understand and respond to real‑world conditions. Unified health and observability Physical AI systems must be trustworthy. Azure IoT Operations 2603 introduces unified health status reporting across brokers, dataflows, assets, connectors, and endpoints, using consistent states and surfaced through both Kubernetes and Azure Resource Manager. This enables operators to see—not guess—when systems are ready to act in the physical world. Optional OPC UA connector deployment Azure IoT Operations 2603 introduces optional OPC UA connector deployment, reinforcing a design goal to keep deployments as streamlined as possible for scenarios that don’t require OPC UA from day one. The OPC UA connector is a discrete, native component of Azure IoT Operations that can be included during initial instance creation or added later as needs evolve, allowing teams to avoid unnecessary footprint and complexity in MQTT‑only or non‑OPC deployments. This reflects the broader architectural principle behind Azure IoT Operations: a platform built for composability and decomposability, where capabilities are assembled based on scenario requirements rather than assumed defaults, supporting faster onboarding, lower resource consumption, and cleaner production rollouts without limiting future expansion. Broker reliability and platform hardening The 2603 release significantly improves broker reliability through graceful upgrades, idempotent replication, persistence correctness, and backpressure isolation—capabilities essential for always‑on Physical AI systems operating in production environments. Physical AI in action: What customers are achieving today Azure IoT Operations is already powering real‑world Physical AI across industries, helping customers move beyond pilots to repeatable, scalable execution. Procter & Gamble Consumer goods leader P&G continually looks for ways to drive manufacturing efficiency and improve overall equipment effectiveness—a KPI encompassing availability, performance, and quality that’s tracked in P&G facilities around the world. P&G deployed Azure IoT Operations, enabled by Azure Arc, to capture real-time data from equipment at the edge, analyze it in the cloud, and deploy predictive models that enhance manufacturing efficiency and reduce unplanned downtime. Using Azure IoT Operations and Azure Arc, P&G is extrapolating insights and correlating them across plants to improve efficiency, reduce loss, and continue to drive global manufacturing technology forward. More info. Husqvarna Husqvarna Group faced increasing pressure to modernize its fragmented global infrastructure, gain real-time operational insights, and improve efficiency across its supply chain to stay competitive in a rapidly evolving digital and manufacturing landscape. Husqvarna Group implemented a suite of Microsoft Azure solutions—including Azure Arc, Azure IoT Operations, and Azure OpenAI—to unify cloud and on-premises systems, enable real-time data insights, and drive innovation across global manufacturing operations. With Azure, Husqvarna Group achieved 98% faster data deployment and 50% lower infrastructure imaging costs, while improving productivity, reducing downtime, and enabling real-time insights across a growing network of smart, connected factories. More info. Chevron With its Facilities and Operations of the Future initiative, Chevron is reimagining the monitoring of its physical operations to support remote and autonomous operations through enhanced capabilities and real-time access to data. Chevron adopted Microsoft Azure IoT Operations, enabled by Azure Arc, to manage and analyze data locally at remote facilities at the edge, while still maintaining a centralized, cloud-based management plane. Real-time insights enhance worker safety while lowering operational costs, empowering staff to focus on complex, higher-value tasks rather than routine inspections. More info. A platform purpose‑built for Physical AI Across manufacturing, energy, and infrastructure, the message is clear: the next wave of AI value will be created where digital intelligence meets the physical world. Azure IoT Operations 2603 strengthens Microsoft’s commitment to that future—providing the secure, observable, cloud‑connected edge platform required to build Physical AI systems that are not only intelligent, but dependable. Get started To explore the full Azure IoT Operations 2603 release, review the public documentation and release notes, and start building Physical AI solutions that operate and scale confidently in the real world.Microsoft Industrial AI Partner Guide: Choosing the Right Data Expertise for Every Stage
As organizations scale Industrial AI, the challenge shifts from technology selection to deciding who should lead which part of the journey -- and when. Which partners should establish secure connectivity? Who enables production grade, AI ready industrial data? When do systems integrators step in to scale globally? This Partner Guide helps customers navigate these decisions with clarity and confidence: Identify which partners align to their current digital transformation and Industrial AI scenarios leveraging Azure IoT and Azure IoT Operations Confidently combine partners over time as they evolve from connectivity to intelligence to autonomous operations This guide focuses on the Industrial AI data plane – the partners and capabilities that extract, contextualize, and operationalize industrial data so it can reliably power AI at scale. It does not attempt to catalog or prescribe end‑to‑end Industrial AI applications or cloud‑hosted AI solutions. Instead, it helps customers understand how industrial partners create the trusted, contextualized data foundation upon which AI solutions can be built. Common Customer Journey Steps 1. Modernize Connectivity & Edge Foundations The industrial transformation journey starts with securely accessing operational data without touching deterministic control loops. Customers connect automation systems to a scalable, standards-based data foundation that modernizes operations while preserving safety, uptime and control. Outcomes customers realize Standardized OT data access across plants and sites Faster onboarding of legacy and new assets Clear OT–IT boundaries that protect safety and uptime Partner strengths at this stage Industrial hardware and edge infrastructure providers Protocol translation and OT connectivity Automation and edge platforms aligned with Azure IoT Operations 2. Accelerate Insights with Industrial AI With a consistent edge-to-cloud data plane in place, customers move beyond dashboards to repeatable, production-grade Industrial AI use cases. Customers rely on expert partners to turn standardized operational data into AI‑ready signals that can be consumed by analytics and AI solutions at scale across assets, lines, and sites. Outcomes customers realize Improved Operational efficiency and performance Adaptive facilities and production quality intelligence Energy, safety, and defect detection at scale Partner strengths at this stage Industrial data services that contextualize and standardize OT signals for AI consumption Domain-specific acceleration for common Industrial AI scenarios Data pipelines integrated with Azure IoT Operations and Microsoft Fabric 3. Prepare for Autonomous Operations As organizations advance toward closed‑loop optimization, the focus shifts to safe, scalable autonomy. Customers depend on partners to align data, infrastructure, and operational interfaces, while ensuring ongoing monitoring, governance, and lifecycle management across the full operational estate. Outcomes customers realize Proven reference architectures deployed across plants AI‑ready data foundations that adapt as operations scale Coordinated interaction between OT systems, AI models, and cloud intelligence Partner strengths at this stage Industrial automation leadership and control system expertise Edge infrastructure optimized and ready for Industrial AI scale Systems integrators enabling end‑to‑end implementation and repeatability Data Intelligence Plane of Industrial AI - Partner Matrix This matrix highlights which partners have the deepest expertise in accessing, contextualizing, and operationalizing industrial data so it can reliably power AI at scale. The matrix is not a catalog of end‑to‑end Industrial AI applications; it shows how specialized partners contribute data, infrastructure, and integration capabilities on a shared Azure foundation as organizations progress from connectivity to insight to autonomous operations. How to use this matrix: Start with your scenario → identify primary partner types → layer complementary partners as you scale. Partner Type Adaptive Cloud Primary Solution Example Scenarios Geography Advantech Industrial Hardware, Industrial Connectivity LoRaWAN gateway integration + Azure IoT Operations Industrial edge platforms with built in connectivity, industrial compute, LoRaWAN, sensor networks Global Accenture GSI Industrial AI, Digital Transformation, Modernization OEE, predictive maintenance, real-time defect detection, optimize supply chains, intelligent automation and robotics, energy efficiency Global Avanade GSI Factory Agents and Analytics based on Manufacturing Data Solutions Yield / Quality optimization, OEE, Agentic Root Cause Analysis and process optimization; Unified ISA-95 Manufacturing Data estate on MS Fabric Global Capgemini GSI The new AI imperative in manufacturing OEE, maintenance, defect detection, energy, robotics Global DXC GSI Intelligent Boost AI and IoT Analytics Platform 5G Industrial Connectivity, Defect detection, OEE, safety, energy monitoring Global Innominds SI Intelligent Connected Edge Platform Predictive maintenance, AI on edge, asset tracking North America, EMEA Litmus Automation Industrial Connectivity, Industrial Data Ops Litmus Edge + Azure IoT Operations Edge Data, Smart manufacturing, IIoT deployments at scale Global, North America Mesh Systems GSI & ISV Azure IoT & Azure IoT Operations implementation services and solutions (including Azure IoT Operations-aligned connector patterns) Device connectivity and management, data platforms, visualization, AI agents, and security North America, EMEA Nortal GSI Data-driven Industry Solutions IT/OT Connectivity, Unified Namespace, Digital Twins, Optimization, Edge, Industrial Data, Real‑Time Analytics & AI EMEA, North America & LATAM NVIDIA Technology Partner Accelerated AI Infrastructure; Open libraries, models, frameworks, and blueprints for AI development and deployment. Cross industry digitalization and AI development and deployment: Generative AI, Agentic AI, Physical AI, Robotics Global Oracle ISV Oracle Fusion Cloud SCM + Azure IoT Operations Real-time manufacturing Intelligence, AI powered insights, and automated production workflows Global Rockwell Automation Industrial Automation FactoryTalk Optix + Azure IoT Operations Factory modernization, visualization, edge orchestration, DataOps with connectivity context at scale, AI ops and services, physical equipment, MES Global Schneider Electric Industrial Automation Industrial Edge Physical equipment, Device modernization, energy, grid Global Siemens Industrial Automation & Software Industrial Edge + Azure IoT Operations reference architecture Industrial edge infrastructure at scale, OT/IT convergence, DataOps, Industrial AI suite, virtualized automation. Global Sight Machine ISV Integrated Industrial AI Stack Industrial AI, bottling, process optimization Global Softing Industrial Industrial Connectivity edgeConnector + Azure IoT Operations OT connectivity, multi-vendor PLC- and machine data integration, OPC UA information model deployment EMEA, Global TCS GSI Sensor to cloud intelligence Operations optimization, healthcare digital twin experiences, supply chain monitoring Global This Ecosystem Model enables Industrial AI solutions to scale through clear roles, respected boundaries and composable systems: Control systems continue to be driven by automation leaders Safety‑critical, deterministic control stays with industrial automation partners who manage real‑time operations and plant safety. Customers modernize analytics and AI while preserving uptime, reliability, and operational integrity. Data, AI, and analytics scale independently A consistent edge to cloud data plane supports cloud scale analytics and AI, accelerating insight delivery without entangling control systems or slowing operational change. This separation allows customers and software providers to build AI solutions on top of a stable, industrial‑grade data foundation without redefining control system responsibilities. Specialized partners align solutions across the estate Partners contribute focused expertise across connectivity, analytics, security, and operations, assembling solutions that reduce integration risk, shorten deployment cycles, and speed time to value across the operational estate. From vision to production Industrial AI at scale depends on turning operational data into trusted, contextualized intelligence safely, repeatably, and across the enterprise. This guide shows how industrial partners, aligned on a shared Azure foundation, create the data plane that enables AI solutions to succeed in production. When data is ready, intelligence scales. Call to action: Use this guide to identify the partners and capabilities that best align to your current Industrial AI needs and take the next step toward production‑ready outcomes on Azure.Siemens and Microsoft: Beyond Connectivity to Autonomous, Sustainable Manufacturing
Explore how Siemens Industrial Edge and Microsoft Azure IoT Operations enable secure edge-to-cloud integration, contextualized data, and AI-driven insights—transforming factories into adaptive, future-ready operations.
Azure IoT Hub with ADR (preview): Extending Azure capabilities and certificate management to IoT
Operational excellence in every industry begins by linking the physical world to the digital, enabling organizations to turn raw data from connected assets into actionable insights and real-world improvements. Azure IoT Hub and Azure IoT Operations make this possible by seamlessly integrating data from machines whether on a single factory floor or spread across the globe into a unified platform. Together, they serve as the backbone of connected operations, ensuring that assets, sensors this data is then moved to Microsoft Fabric for real-time analytics and further leveraged by AI agents to drive informed decisions. This approach lets organizations scale efficiently, unifying teams, sites, and systems under the Adaptive Cloud Strategy. It enables use of cloud-native and AI technologies across hybrid, multi-cloud, edge, and IoT environments in a single operational model. Azure IoT Hub empowers organizations to securely and reliably manage connected assets across the globe, providing real-time visibility and control over diverse operations. With proven scalability, broad device support, and robust management tools, IoT Hub delivers a unified platform for developing and operating IoT solutions. Organizations in various industries are using Azure IoT Hub to enhance their operations. In mining, sensors provide real-time safety data and support compliance. Fleet managers track equipment health to boost efficiency and prevent failures, while rail operators use GPS and vibration sensors for precise monitoring and issue detection. Ports utilize conveyor and loading system metrics to optimize scheduling and reduce delays. These examples show how Azure IoT Hub delivers actionable insights, greater safety, and operational efficiency through connected devices. As customers evolve, Azure IoT Hub continues to advance, deepening its integration with the Azure ecosystem and enabling AI-driven, connected operations for the next generation of applications. Today, we’re announcing the public preview of Azure IoT Hub integration with Azure Device Registry bringing IoT devices under the purview of Azure management plane via ARM resource representation and securing them with best-in-class Microsoft-backed X.509 certificate management capabilities. From Connected Devices to Connected Operations Ready-to-use AI platforms are enabling organizations to unlock untapped operational data and gain deeper insights. Organizations are leveraging AI to unify machine and enterprise data, extract actionable insights, and translate them into measurable business gains. They are broadly transitioning from connected devices that simply gather and transmit telemetry, to connected operations which empower supervisors and AI agents to interpret events and respond to scenarios in real time. The integration of Azure IoT Hub with ADR enhancements extends the comprehensive capabilities of Azure to IoT devices. With this integration, Azure Device Registry (ADR) acts as the unified control plane for managing both physical assets from Azure IoT Operations and devices from Azure IoT Hub. It provides a centralized registry, ensuring every entity whether an industrial asset or a connected device is uniquely represented and managed throughout its lifecycle. By integrating with Azure IoT Hub, ADR enables consistent device onboarding, certificate management, and operational visibility at scale. This integration simplifies large-scale IoT fleet management and supports compliance and auditability across diverse deployments. What’s New in this Preview We’re excited to announce the public preview of new capabilities that bring IoT devices into the broader Azure ecosystem. This integration allows IoT to be managed at scale through the Azure management plane. It also strengthens security and enables consistent governance across large deployments: Deep integration with Azure: The Azure Device Registry (ADR) now offers a unified control plane, simplifying identity, security, and policy management for millions of devices. New ADR features make it easier to register, classify, and monitor devices, supporting consistent governance and better operational insights. Combined with Device Provisioning Service (DPS), these enhancements help reduce deployment challenges, speed up time-to-value, and lower operational risks. With IoT Hub integration, IoT Hub devices are represented as Azure resources, providing: One unified registry across multiple IoT Hubs and Azure IoT Operations (AIO) instances. ARM-based management for all Azure resources from cloud to edge. A consolidated view of the entire IoT fleet, simplifying large-scale deployments, monitoring and management. Certificate lifecycle management: Now in public preview, this capability enables secure onboarding and automated certificate rotation for IoT devices, directly integrated with ADR and IoT Hub. X.509 certificates are widely recognized for providing a robust security posture by establishing trusted, cryptographically verifiable device identities. Starting today, customers can use a Microsoft-backed PKI to issue X.509 certificates across their IoT fleets. Devices receive operational certificates that authenticate with IoT Hub, chained to Certificate Authorities (CAs). Policy-driven lifecycle management makes certificate renewal simpler and keeps state in sync with your Hubs. This integration sets the stage for Physical AI by connecting digital and physical systems, thus unlocking new possibilities for data and artificial intelligence. Customer feedback from Private Preview This release has received positive feedback from private preview customers. Particularly the Microsoft-supported PKI and certificate management capabilities, highlighting that previous manual processes were inefficient and fragmented. Customers further noted the advantages of grouping devices from multiple IoT Hubs under a unified namespace, which streamlined management. Moreover, the integration of certificate management within ADR has diminished the reliance on custom solutions. “We were genuinely impressed by how seamless it was to implement. With just a few clicks, clear policy definitions, and two calls in firmware, the entire process became automated, frictionless, and reliable with no external dependencies.” – Uriel Kluk, CTO, Mesh Systems Why It Matters These investments make Azure IoT Hub the cornerstone for connected operations at scale, empowering customers to: Reduce manual cert ops with policy‑driven rotation (fewer outages due to expired certs). Consolidate device registry in ADR for cross‑hub fleet governance. Accelerate compliance audits with centralized certificate lineage. Apply advanced AI tooling for predictive insights and automation. Call to Action Explore the new capabilities in public preview today and start building the next generation of connected operations with Azure IoT Hub and ADR. Learn more on Azure IoT Hub documentation
