Building Enterprise Grade IoT Architectures for Digital Transformation with WSO2 IoT Server

Sumedha RubasingheDirector - API Architecture

WSO2

Plan for IoT Track

• Building Enterprise Grade IoT Architectures for Digital Transformation

• Hands on - Android and EMM• Hands on - Understanding WSO2 IoT Framework• Two customer stories• Panel Discussion

Plan for this session

• Three topics (90 mins)– How enterprises can digitally transform with Devices?

– How WSO2 can help in digital transformation?

– Key Architectural considerations when building IoT Architectures

Reference : http://www.sap.com/documents/2016/05/0eea93b3-707c-0010-82c7-eda71af511fa.html

Topic 1: How Enterprises can digitally transform with

devices?

Amazon- already digitized enterprise

- expanding further with

devices

Automobile Industry- On an ever increasing battle on

device integration and servicesReferences :

https://cbi-blog.s3.amazonaws.com/blog/wp-content/uploads/2016/05/1-unbundling-car.png

https://www.deltapartnersgroup.com/sites/default/files/exhibit%202.1.png

Role of Devices in Digital Transformation

Devices = Mobiles + Rest of Things (IoT)

Role of Devices in Digital Transformation

• Mobile devices

– manage, secure employees’ mobile devices (MDM)

– adopt BYOD/COPE mobile application management (MAM) strategies

Then Now

Role of Devices in Digital Transformation

• IoT devices (every other device type)

– Foster business innovation/increase business opportunities

– Streamline business operations/improve efficiency/cost savings/increase

productivity

– Enhance asset utilization/optimize supply chains

– Integrate your enterprise assets to your digitally transformed enterprise

– Create new digital business opportunities with digital products

– Understand consumer behaviour and provide better consumer experience

Stories from our customers..

Refer : http://wso2.com/library/conference/2015/06/wso2con-eu-2015-ibeacons-events-processing/

60 beacons going from the central station of Amsterdam to the Scheepvaart Museum (Nautical Museum) and former marine base (Marine Terrein), slightly more than 3.4 kilometers in distance

So.. when are you going digital with devices?

Define your strategy first..

Business Planning

Product Building

Operational

Scaling

Support

Value Creation

Sustainability

Device Strategy

Business Planning

• Who are you? / Who do you want to be?

Device Manufacturer Develops hardware, basic software showcasing device capabilities

Application Developer Build IoT applications on top of existing hardware

System Integrator Integrates IoT applications together to bring greater value to an industry

Device User End users/enterprises using devices and applications for business / personal tasks

Business Planning

• Who are you? / Who do you want to be?

–Device Manufacturer

–Application Developer

–System Integrator

–Device User

• Which Industry and Market ?

• Target customer or business engagement

Build Strategy

• Device Manufacturer

–Example decisions to make

•Robustness (indoor use, outdoor, operating temperatures)

•Existing protocols or develop new

•Use existing chipset or design new

•Security

•Power consumption

Build Strategy (contd..)

• Application Developer

–Example decisions

•Which device(s) to choose

•Choosing a software platform (or building from scratch)

–Device Management

–Data Storage & Analytics (real time, batch, machine learning), dashboarding

–Integration capabilities (standards, built in connectors)

–Security

•Application Distribution - App Store?

•Application logic vs power consumption

Build Strategy (contd..)

• System Integrator

–Example decisions to make

•What is the integration platform to use? Or build one from scratch?

•Security

•Protocols / connectors / message formats to support

•Delivery / transaction guarantees / message brokering

•How to perform analytics?

•How to expose APIs?

•How to create dashboards?

Build Strategy (contd..)

• Device User

–Example decisions to make

•Is this the right device?

–Functionality, power consumption, mobility, security

•User friendly application?

•Data (ownership, security, retrievability, ..)

•Ownership - BYOD / COPE

Operational Strategy

• Device Failure Detection

• Anomaly Detection

• How to push firmware/software updates

–Push

–Pull

• How to reset?

• Users capable of operating the devices?

• Migrating manual processes to digitized ones

Scaling Strategy

• Where to scale?

• How to scale?

• Pattern recognition

–Usage patterns

–Failure patterns

• Throttling

• Server vs Edge computing

Support Strategy

• What to do when a remote device fails?

Value Creation Strategy

• How to measure the impact of device integration?• How do you stop your product or service from degrading in

value?• How to capture new values and get a competitive advantage?• Capture new insights and increase diversification (E.g. Retail)

Sustainability - Technology

• IoT is a rapidly evolving space

–New devices

–New processing capabilities

• Is the platform open enough to connect?

–New devices

–New systems

• Is there a vendor lock-in?

–License fees paid upfront for N years ahead

–Who owns the data?

Sustainability - Data Security

Source :

http://www.truste.com/blog/2014/05/29/internet-of-things-industry-brings-data-explosion-but-growth-could-be-impacted-by-consumer-privac

y-concerns/

Privacy of speech

- Voice assistants

- Smart TVs

Sustainability - Data Security

• Are apps (mobile) written using containerization?

• Where is data stored?

–App and data are separated?

–Who has access to data?

–Data Filtering technique

•Application level or data storage based?

Sustainability - Legal Challenges

• Privacy and security

• Regulations in different parts of the world

• Chain of liability

• Complex ownership scenarios

• Availability of bandwidth and net neutrality

• Automated contracts

Source :

http://www.techrepublic.com/article/potential-iot-legal-challenges-should-be-hitting-your-enterprise-radar/?ftag=TREa988f1c&bhid=22382528

094118196648159014619331

Topic 2: How WSO2 can help Digital Transformation

Technologies for Digital Business

API Management

Integration

Identity & Access Mgt

Streaming Analytics

IoT

Reference : http://www.sap.com/documents/2016/05/0eea93b3-707c-0010-82c7-eda71af511fa.html

We first started with WSO2 Enterprise Mobility Manager

• 1.0.0 (2013) -> 1.1.0 -> 2.0.0 -> 2.0.1 -> 2.1.0 -> 2.2.0 (2016

November)

EMM to IoT - Evolution

• Renaming WSO2 EMM to WSO2 IoT 3.0.0

• Generalized device management platform

–Going beyond EMM needs

– IoT Specific transports, message delivery channels

• Plugins for different device types (eg: Android, iOS, Windows, etc ..)

• Scenario specific Analytics

In world of devices, you will be one of ...

Device Manufacturer Develops hardware, basic software showcasing device capabilities

Application Developer Build IoT applications on top of existing hardware

System Integrator Integrates IoT applications together to bring greater value to an industry

Device User End users/enterprises using devices and applications for business / personal tasks

IT / Infra Admins Manages IT infrastructure and its services offered to employees, customers, partners

CTO / CIO Responsible for overall enterprise strategy on digital content, distribution and access

Device Users Employees of an enterprise using mobile devices

EMM

IoT

IoT Server is for...• IT Admins

– Looking for a OOB EMM solution that can scale, extend and integrate with

existing systems (eg: IAMs)

• Device Manufacturers / Vendors (OEM)

– Looking for software processing platform for new devices

•Registering new device types, enrolment extensions, dashboard building,

appdev lifecycle mgt

• Architects ( Application Developers / System Integrators)

– Integrating device data (in/out) to existing solution architectures

– Analytics for existing device deployments

– Device Management (registration, metadata repository)

• WSO2 Cloud (App, API, Integration, Device - cloud)

OOB solution for EMM

Platform for IoT

Goto market strategy

• EMM

– Why?

• Android for IoT

– Why?

•Several existing customers

•Google’s Android Things

•Apple, Microsoft, Google, Samsung IoT Strategies

• IoT Platform for any device type

How we understand IoT ecosystem...

IoT Ecosystem

IoT Ecosystem - Challenges

Identity Mgt

Integration

App Distribution

API Portal for Developers

Registration

Sharing

Failure/Anomaly Detection

Analytics

Scalability

Event Mgt

Security

Introducing WSO2 IoT Server

Key Components

Distribution Structure

Analytics

Core

Message Broker

IoT Server

WSO2 DAS + IoT Analytics

Separate JVMs, ships with SSO configured, ports offsetted

WSO2 Message Broker

Core platform

Plugins

bin

Typical Deployment

CoreLB

Analytics

Key Manager

Gateway [Core]

Device1

Device2

Device3

Device4

3rd Party Systems

Message Broker

Cloud Deployment

Topic 3: Key Components for building IoT Architectures

Source : https://espressif.com/en/products/hardware/esp8266ex/overview

Setup

WSO2 IoT Server

ESP 8266 - 12E

Wifi Router

Setup

SetupDevice WiFi IoT Server

SetupDevice WiFi IoT Server

Agent ESP 8266 Device API Graphs

SetupDevice WiFi IoT Server

Agent ESP 8266 Device API Graphs

Provided by IoT Server

Provided by IoT Server

SetupDevice WiFi IoT Server

Agent ESP 8266 Device API Graphs

Provided by IoT Server

Provided by IoT Server

Device Plugin

Device Plugin

Device Plugin

Device Type Plugin

Dev

ice

Man

agem

ent

Plu

gin

Interface defined by WSO2 Device Management Component

Dev

ice

Man

agem

ent

Plu

gin

Interface defined by WSO2 Device Management Component

Dev

ice

AP

ISwagger annotations

JAX-RS Service defining device’s capabilities

Access Permission Model

Dev

ice

AP

I

Device Management APIs available for ownership

based access control

Dev

ice

Man

agem

ent

UI

An

alyt

ics

Scri

pts

Stream definition for temperature

Payload Data

Meta Data

An

alyt

ics

Scri

pts

Summarising temperature data into a table

Device Registration / Identification Management

• Managing Device Identity• Human Identity / Device Mapping• UMA support (coming up)• Industrial devices vs consumer devices• Extensible Enrolment methodologies

–API endpoints–QR code–Self enrolment / auto enrolment / bulk enrolment–Workflow extensions

Integration

• Built-in API G/W is powered by WSO2 Enterprise Integration capabilities

• Comprehensive connector support–https://store.wso2.com

Application / Firmware Delivery Management

• Supports Android App Delivery

Scaling

CoreLB

Analytics

Key Manager

Gateway [Core]

Device1

Device2

Device3

Device4

3rd Party Systems

Message Broker

Public Cloud

Managed Cloud ??

Private cloud managed

by WSO2 devops team

on a customer provided

environment

Enterprise Mobility Management

• A solution on top of generic IoT Framework to deal with EMM.–For enterprises to manage mobile devices

•BYOD, COPE, COSU–Android, iOS, Windows as device types–Mobile device specific policies

•Eg: Camera on/off, Silence, Passcode rules, Wifi rules, etc..–Mobile Application Management–Enterprise Wipe, locate me

Extending WSO2 IoT Server

• Writing new device types• Transport extensions• Authentication extensions• Adding Analytics capabilities• Building dashboards• Creating integration scenarios

First .. understand the Metadata Model for Device Mgt

Writing new device types

• Currently supported types for demo purposes

–Raspberry Pi, Arduino Uno, Android Sensors, ESP 8266

•Maven Archetype - https://docs.wso2.com/display/IoTS300/Creating+a+New+Device+Type

• Writing new device types https://docs.wso2.com/display/IoTS300/Device+Manufacturer+Guide

Writing Transport Extensions

• Currently supported transports

–MQTT

–XMPP

–HTTP

• WIP

–CoAP

–AMQP

– OCP (for PLCs)

Device Management Standards

• Lightweight M2M

–Integration with Eclipse Leshan

• OMA DM (WIP)

Security

Authentication Mechanisms for Devices

• OAuth2

–OAuth2 token is issued per every device instance connected

–Each device instance is creating an OAuth2 client application using Dynamic Client Registration (DCR) endpoints

–Token Verification available for HTTP & MQTT protocols

• SCEP (Simple Certificate Enrollment Protocol)

–Each device is identified to IoT Server (and vice versa) using a SSL certificate

– (capable) Device is sending a certificate sign request (CSR) with unique identifier (challenge password) generated by IoT Server

IoT Analytics Extensions

IoT Analytics

Built-in Analytics Support

• Moving Dots–Speed–Geo Fencing

• Failure detection (planned)• Anomaly Detection (planned)

IoT Analytics - Multiple Levels

Future Directions

• Generic Policy Management Framework• Edge Computing support

Thank You!