Back

TechnologyMar 20, 2018

The State of Device Management: Getting Low

Simon Saugier and David Barrett

While watching the 2018 Winter Olympics’ women’s downhill skiing qualifying trials recently, I noticed one of the athletes was struggling to keep her speed up. “The trick,” said one of the announcers, “is to stay low.” He went on to describe how this athlete was a crossover from the slalom competition, and her tendency to straighten up when she got air was costing her speed.

Many technologists who embark on internet of things (IoT) endeavors have a similar difficulty in “getting low.” Crossovers from application development often want to immediately start building solutions that consume huge quantities of data and produce cutting-edge insights with machine learning and big data analytics. But where is all of that data coming from?

In our last article on IoT, we identified the components of an IoT implementation. One of the first issues any IoT project will encounter is managing the IoT devices themselves. We find that device management is often overlooked when designing IoT implementations. The temptation is to skip straight to thinking about sensors, data, and the analytical insights to be gained. Good device management provides the foundation necessary to gather the data that feeds advanced capabilities like analytic insights, but it’s tricky. Luckily, IoT cloud platforms provide capabilities that make it easier.

In this article, we will look at the device management considerations that must be made when deploying a fleet of IoT devices and identify cloud services that help meet these needs and make life easier.

device management considerations

Good device management is critical, but what does it entail? In our experience, companies often fail to address five key capabilities:

  • Placement & Power

  • Network

  • Identity & Authorization

  • Describing & Discovering Devices

  • Command & Control

Placement & Power

These are typically electrical and mechanical engineering concerns. Where will you put the device? Will it be hot, cold, wet, dusty? Will it be mounted on or embedded in something else? Will it be hard-wired to power, or will it require a battery? Are there safety concerns?

Unfortunately, cloud IoT platforms can’t help you answer this question. You will need to work with device manufacturers and your field services personnel to design your solution.

Network

How is your device networked? WiFi, Ethernet, or narrowband? Does it connect directly to the internet? Is your device already sending data to a programmable logic controller that needs to forward the data to the cloud for capture and analysis? Is it capable of encrypting traffic or does it need to sit behind a secure gateway?

Here, cloud providers have started making inroads. AWS Greengrass and Azure IoT Edge are platforms that push IoT cloud capabilities to the edge, reducing latency for control loops. They allow local devices to communicate with one another through a local hub, while also providing an internet gateway.

 Identity & Authorization

When a device turns on and connects to your IoT cloud, how will you know which device it is? How do you establish trust with a device?

Authenticating a device with a cloud service follows a similar path on each of the IoT cloud platforms:

  • Register a device ID with the cloud service and associate a public key.

  • Embed the private key on a device with that ID.

  • Bring the device with that ID online and call a registration endpoint to receive a message encrypted with the public key for that device.

  • Use the private key to decrypt the message from the cloud service and authenticate the device.

Each of the IoT cloud platforms has an identity store service. Azure has IoT Hubs, AWS has the Device Registry, and Google has Cloud IoT Core. Each of these services allow you to register a device using a public/private key pair for authentication. You can also authorize devices to connect to your IoT cloud using fine-grained access controls.

Azure IoT Hub and AWS Device Registry services also offer bulk-registry services, which allow you to provision many devices at once, and just-in-time device registry, which allows you to register a device programmatically with no a priori knowledge of that device.

Describing & Discovering Devices

How can you find all cameras on the fourth floor of a building? Or determine which devices are running a specific firmware version that needs a security patch?

IoT cloud platforms maintain a copy of the metadata and the last-known state of your device in something AWS calls a “device shadow.” Azure calls this same concept a “device twin,” and Google Cloud calls it simply a “device.”

AWS and Azure both support a rich set of capabilities using these stores of information for each device. You can query devices based on their metadata and discover the device’s configuration and capabilities.

Command & Control

How do you roll out a firmware upgrade or reboot a device that is permanently installed in the field?

IoT cloud platforms allow you to modify the state of your device by changing its “desired” state on the cloud copy of your device (discussed above). Your device will be notified of the desired change in state (such as a firmware update and a reboot) as soon as the device is connected to your cloud platform. This allows you to specify the desired state of a device even when that device is intermittently connected.

need some help?

As you can see, there are many low-level considerations to be made when designing an IoT solution. But taking care of these device management concerns will provide the stable platform your business needs to build differentiating analytical capabilities.

If you need help implementing these device management services in your IoT cloud platform, Credera can help. Feel free to reach out to us at findoutmore@credera.com.

Have a Question?

Please complete the Captcha