Building and deploying an end-to-end enterprise IoT application is a complex process. There are multiple players involved (hardware providers, embedded device manufacturers, network providers, platform providers, solution providers, system integrators) which increase the complexity of integration, security, and management. To address the complexity holistically, an enterprise IoT stack needs to provide a set of capabilities which would ease the overall process and take care of end to end cross cutting concerns like security and performance. In this section, we will talk about key aspects at a minimum, which should be addressed by an enterprise IoT stack.
Device Management
Device management includes aspects like device registration, secure device provisioning and access from device to cloud platform and cloud platform to device, monitoring and administration, troubleshooting and pushing firmware and software updates to devices including gateway devices. A device gateway might also include local data storage and data filter component as discussed earlier, which needs to be updated in case of new versions or support patches.
An enterprise IoT platform should provide administration console and/or APIs to allow devices to register on the platform securely. The device registration capability should allow fine-grained access and permissions on what operations the device can carry out in the context of that application. Some devices may require only one-way communication from cloud to device for handling firmware updates and some others would need a bidirectional communication like gateways. Some devices may only have read access while some device can post messages to the platform. The security aspects should provide configuration related security as well as security over the specified protocol. For instance, even if an intruder gets access to the devices, the intruder may not be able to post the messages to the platform. Device SDKs should provide libraries that are safer to access thereby ensuring that there is no vulnerability in the communication process.
Monitoring and administration
Monitoring and administration are about managing the lifecycle of the device. The lifecycle operations include register, start, pause, stop activities and the ability to trigger events/commands to and from devices. A pause state could be a valid requirement in use cases like a health tracking devices as opposed to a connected car. The ability to add custom states based on the requirements should be a part of the monitoring and administration capabilities. Monitoring should also capture various parameters to help troubleshoot devices like device make, software installed, library installed, last connected date, last data sent, storage available, current status, etc. For instance, a device gateway may have stopped functioning due to it running out of storage space. This could happen if the remote synchronization service was not running to transfer out the storage data from the device and clear the space. Monitoring can also identify suspicious activity, and therefore needs a mechanism to address it.
Lastly, the device management should provide capabilities to update the firmware, software and dependent libraries on the devices securely through administrative commands or auto-update features. Deploying device updates across millions of devices still needs to be solved at large. In next section, we would talk about various deployment options.
Deployment
Deployment of IoT applications needs to be looked at holistically, right from IoT devices, networks, and topology, cloud services and end solutions and taking care of end-to-end security. We are already seeing a lot of partnership in this space, where device manufacturers are partnering with cloud providers that enable devices to register with the cloud provider in a secured way. The deployment and management of devices is an area that needs a lot of attention and innovations and we feel the next investments would happen in this space. This would include providing an end to end set of tools and environment to design and simulate connected products, deployment, and management of millions of devices, using docker images for device updates, testing network topologies to services and solutions which build up the IoT application.