Functional Architecture For IoT Platforms

Samuel Hale, Josh Taubenheim, Steve Hilton
MachNation, https://www.machnation.com/

While much literature exists on the types of enterprise Internet of Things (IoT) platforms available, until now there was no independent source that described the detailed functional components that enterprises demand in an IoT platform.

MachNation is a leading testing and benchmarking firm for IoT platforms and solutions. Enterprises are using the functional architecture developed by this company to

  • ensure IoT platform vendor selection RFXs have the relevant product category questions,

  • create solution architectures for their IoT use cases,

  • determine functionality gaps in their current IoT platform product portfolio.

This article presents an IoT platform functional architecture and provides definitions for each category and microservice. While each IoT deployment is unique, MachNation has attempted to create an architecture and definitions that capture the most common and relevant IoT platform functionality.

Functional Architecture For IoT Platforms

(click on figure to enlarge)

Categories Of IoT Platform Functionality

The IoT architecture has 3 primary layers for IoT platform functionality shown as cloud, edge and device. These 3 layers are comprised of a total of 33 functional building blocks. Some of these functional blocks are logically and technologically related, therefore, we have chosen to color code them into the 8 categories shown in the legend: Application, Access Control, Analytics, Data Management, Device Management, Event Processing, Integration, and Monitoring.

MachNation continues to update this document as appropriate and will incorporate additional functional blocks like analytic techniques of AI as they become more commonly adopted as part of an IoT platform architecture.

You will find below the definitions for all 8 categories and the current 33 functional blocks.

Definitions Of 8 Categories (Alphabetical)

Application

An application is any piece of contained logic either running on or directly integrated to an IoT platform. On-cloud and on-premises applications enable code-based control over IoT platform components, enriching the raw assets or data with customer-specific logic. An

application can contain customer-, operator-, or administrator-facing user interfaces (UIs), or could function as a self-contained service, providing any type of relevant data or device manipulation.

Access Control

Access control is the system of identity verification and permission management for all platform-connected elements including APIs, administrator or operator interfaces, devices, users, organizations, stored or in-transit data, or any other platform service.

Analytics

Analytics refers to the ability of an administrator or operator to monitor both historical and real-time observations collected from platform-connected IoT devices. Analytics can include descriptive, predictive, and prescriptive components.

Data Management

Data management is defined as the capabilities within an IoT platform to ingest, store, manage, and forward data received from platform-connected IoT devices.

Device Management

Device management refers to the ability of a platform to provide lifecycle management functionality for connected devices, including device onboarding, deployment of software and firmware updates, and configuration of managed devices.

Event Processing

Event processing refers to the ability of an IoT platform to execute actions or provide notifications based on administrator or operator configured rules or triggers.

Integration

Integration is defined as the ability of an IoT platform to interface and share data with off-platform or third-party applications, services, or systems.

Monitoring

Monitoring is defined as the ability of a platform to trigger events, evaluate device status, and follow ingested data streams. Platform capabilities for monitoring should include both aggregated and drill-down views, and typically include operator- or administrator-facing dashboards and other graphical interfaces.

Definitions Of Functional Blocks (Alphabetical)

Administrator User Interface (UI)

The administrator UI provides configuration management capabilities including access control and platform configuration. This administrator interface is also typically responsible for configuration of vendor-provided on-platform services, such as device and data management configuration.

Alerting and Notification

Alerting and notification is any system of pushing data, metadata, and messages to operators, administrators, or external systems for purposes of generating logged events. Alerting and notifications may include user-configurable notifications provided through UI and user experience (UX) elements in a dashboard or list views. Alerting and notifications might also use push-based or pull-based API/M2M elements to complete their message delivery purposes.

Authentication and Access Control

Authentication and access control is a system of identity verification and identity management for all platform-connected elements including APIs, admin UI, operator UI, devices, and platform-provided services. Authentication and access control should support multi-factor authentication for both users and devices and support multi-tenant and customer-of-customer models. Authentication and access control may also include encryption, data protection, and OAuth models though not required in all IoT cases.

Cloud Machine Learning

Cloud machine learning is a technology that enables real-time analytics and inference to be executed on pre-trained models within a cloud environment. The model itself may be trained either offline or it may be trained within

the cloud infrastructure itself, better leveraging the scalability and cost efficiency offered by large cloud vendors. Cloud machine learning solutions are commonly utilized to perform predictive maintenance, learning associations, complex classifications, and more.

Connectivity Management

Connectivity management is a service which manages the device-to-cloud or edge-to-cloud communications layer. Connectivity management may include, SIM management (e.g., provisioning, billing metric collection, etc), LPWAN management (e.g., a LoRa server or SigFox integration), or WiFi/BTLE/LAN management (e.g., 802.1X, mesh routing, etc). While many connectivity management services such as SIM management for 4G/5G connectivity may be protocol-specific, connectivity management integration should be protocol agnostic and enable a variety of device-to-cloud or edge-to-cloud communication technologies.

Data Ingestion and Routing

Data ingestion and routing is a service that allows platforms to ingest machine data from connected IoT devices, aggregation points, and gateways and then forward ingested data to other on-platform or off-platform services. Data ingestion and routing is often an MQTT/HTTP endpoint, but is logically protocol agnostic. Data ingestion and routing acts as a message hub, enabling an individual ingested message to pass through the variety of on-platform or off-platform services.

Device

A device is a combination of hardware and software assembled to perform some IoT function. The hardware component is often comprised of an integrated circuit or system on chip (SoC), sensor, actuator, communication module, and a security module. The software component is often comprised of firmware, bootloader, operating system, and device agent.

Device Connectivity

Device connectivity is the communication path allowing data to travel from an individual device to an IoT edge gateway using Bluetooth low-energy, Zigbee/Z-Wave, or other LAN-based technologies. In addition, some devices may connect directly to the platform without transiting an IoT gateway by using LPWAN, cellular, satellite, or fixed-line services.

Device Management Core

Device management core is a service that provides a central repository and inventory of information for all connected or managed IoT devices, aggregation points, and gateways. In addition, the device management core exposes services that enable lifecycle management of devices.

Device Metadata Storage

Device metadata storage is an asset database that provides a collection point for all IoT device metadata including device current state and historical state. Very often device metadata storage is implemented as a SQL-type datastore. Device metadata storage can be exposed

directly to the IoT platform or enterprise application (e.g., asset tracking or inventory management systems), or can only be exposed internally to the IoT device management services.

Edge Analytics

Edge analytics is any type of data- and metadata-related quantitative exploration executed locally at the edge. Edge analytics often include limited anomaly detection or other essential security-related analytic services, though more complete analytic implementations are also possible.

Edge Data Normalization

Edge data normalization is a service that enables the conversion and standardization of machine data at the IoT edge from unstructured, streaming sources to compressed, structured data formats for northbound transmission or

storage. Additionally, data normalization may aggregate high refresh-rate sensor data into moving averages or other windowed metrics.

Edge Data Storage

Edge data storage is a service that provides either ephemeral or persistent storage of machine data at the IoT edge. Edge data storage can be used as a short-term storage engine during periods of intermittent platform connectivity or as a longer-term storage engine for edge-based analytics or monitoring.

Edge IoT Application

An edge IoT application is an IoT application deployed to and executed from the edge of an IoT solution. It typically interfaces with locally available resources and devices, but may also connect to southbound or northbound (data and management) APIs.

Edge Event Processing

Edge event processing is the ability to execute actions including external callouts, notifications, and alerts executed on the edge of the IoT network. Edge event processing is often a feature-limited version of the on-platform, cloud-based event processing, though it may also be implemented as fully featured complex event processing (CEP).

Edge to Cloud Connectivity

Edge-to-cloud connectivity is the communication service allowing data to travel from IoT devices, aggregation points, and gateways to cloud IoT platform and other cloud services. Connectivity options include low-power wide-area networks (LPWAN), cellular, satellite, proprietary networks, and fixed-line services. Typically, this component is monitored and controlled via the Connectivity Management service.

Edge Machine Learning

Edge machine learning is a technology that allows analytical inference to be performed on pre-trained models on an edge device, closer to the point of data ingestion. Although the training process for machine learning models can be performed locally on the edge device itself, this is rarely done in practice due to computational constraints. However, once the inference model has been created, edge machine learning can deliver real-time analytics allowing edge devices to make operational decisions autonomously without requiring a connection to a network or central processing hub. The sophistication of machine learning processes at the edge can vary with hardware and implementation. Edge machine learning solutions are commonly utilized to perform real-time anomaly detection, image recognition, speech recognition, data traffic optimization, and more.

Enterprise Application

An enterprise application is any external service including a third-party analytics service, data-storage service, and others, that interfaces with northbound (data and management) APIs to provide functionality to platform operators.

Event Processing (Historical)

Event processing (historical) is the ability to execute actions including external callouts, notifications, and alerts based on stored machine data. The actions performed are based on machine data that have been stored. Event processing (historical) can either be based on anomaly-detection rules, moving averages, or other operator- or administrator-defined parameters.

Event Processing (Real-time)

Event processing (real-time) is the ability to execute actions including external callouts, notifications, and alerts based on live or streaming machine data. Event processing (real-time) can also provide anomaly-detection and value limits, but these must be provided near real-time with event processing occurring within a few minutes after initial data ingestion.

External Integration

An external integration is a solution using an API or other connector allowing the bidirectional flow of data between an IoT platform and external systems or platforms including ERP, CRM/SFA, inventory management, trouble ticketing, and others. External integrations, unlike generic machine data egress topologies, are productized offerings providing pre-built connectors to selected external systems or platforms. These external integrations allow the selective push of data based on business rules.

IoT Application

An IoT application is any piece of contained logic running on the IoT platform or directly integrated to the IoT platform. An application could contain customer-, operator-, or administrator-facing UIs, or function as a self-contained service, providing any type of relevant data manipulation or device manipulation. IoT applications running on-cloud or on-premises enable code-based control over the IoT platform components, enriching the raw assets or data with customer-specific logic.

Machine Data Egress

Machine data egress is a service to programmatically provide data retrieval from on-platform data stores. Machine data egress usually allows users to create time series filters and queries against underlying data stores that are then typically exposed to either on-platform or off-platform applications.

Machine Data Normalization

Machine data normalization is a service that enables the conversion and standardization of machine data from unstructured, streaming sources to compressed, structured data formats for northbound transmission or storage. Additionally, data normalization may aggregate high refresh-rate sensor data into moving averages or other windowed metrics.

Machine Data Storage

Machine data storage is a service that allows the persistent storage of IoT device data typically in time-series formats. Machine data storage provides services to allow querying of machine data based on IoT device or time period. It usually consists of a NoSQL data store, although relational data stores are also possible. Some IoT platforms provide no storage capabilities, some require usage of an external-to-platform data store, and some provide limited periods of data retention.

Northbound Data APIs

Northbound data application programming interfaces (APIs) are either a single API or collection of APIs facilitating management of data storage. The northbound data APIs provide programmatic access to data stored within the IoT platform as well as live data received from IoT devices.

Northbound Management APIs

Northbound management APIs are either a single API or collection of APIs facilitating management of the configuration and operations of an IoT platform. The northbound management APIs may be separated into a device management API, operation API, administrator API, and others.

On-Platform Analytics

On-platform analytics is any type of data- and metadata-related quantitative exploration executed in the cloud platform. On-platform analytics can include discrete analytics services, fully-integrated analytics services, or vendor-provided applications.

Operator UI

The operator UI provides the day-to-day interface for platform operators for functions including device management, data management, reporting, and analytics. All capabilities are provided for the platform and associated services.

Protocol Adapter

Protocol adapter is a service deployed at the IoT edge that enables compatibility between industrial or other SCADA-type hardware and the device management and data management platform components. This service typically serves as a bridge between proprietary protocols and standardized protocols such as MQTT or LWM2M and can be deployed either within the platform or directly on edge devices or gateways.

Software and Firmware Repository

Software and firmware repository is a service that provides a centralized collection point for software and firmware to be pushed to or accessed directly from IoT devices, aggregation points, or gateways.

Southbound Data APIs

Southbound data APIs enable communication on the data layer between connected IoT devices, aggregation points, and gateways and data ingestion and routing service components. Southbound data APIs are typically MQTT/HTTP endpoints, but many different protocols are used in different platforms.

Southbound Management APIs

Southbound management APIs enable bidirectional management-layer communication between a device management service and managed IoT devices, aggregation points, and gateways. Southbound management APIs are often provided as an HTTP endpoint or via a standard such as LWM2M, but proprietary protocols are also common. These APIs are distinct from the machine data ingestion endpoint in that no actual machine data is provided over this channel, only data associated with device management including lifecycle management data, firmware, and other.

This content was originally published on https://www.machnation.com/iot-architecture/ is reproduced with permission from MachNation.


Related IoT and software architecture articles

Key Factors for a Realistic Internet of Things (IoT)

How To Choose Between Microservices and Serverless Architectures


Click here to view the complete list of Methods & Tools articles

This article was published in September 2020

Methods & Tools
is supported by


Vornexinc.com

Testmatick.com

Software Testing
Magazine


The Scrum Expert