IOT Edge within th eAzure IOT Framework
2 likes568 views
The document discusses the integration of IoT Edge within the IoT framework, emphasizing the capabilities of Azure's various services for data management, analytics, and device support. It highlights the importance of real-time processing, security, and device lifecycle management in deploying IoT solutions. Furthermore, it outlines design principles and operational patterns for effectively utilizing Azure IoT Edge.
IOT Edge within th eAzure IOT Framework
- 1. IoT Edge within the IoT Framework Axel Dittmann Diplom-Betriebswirt (FH) Diplom-Wirtschaftsinformatiker (FH) Global Technical Solution Specialist IOT CISSP, MCP Twitter: @DittmannAxel
- 2. Waves of Innovation Globally available, unlimited compute resources Harnessing signals from sensors and devices, managed centrally by the cloud Intelligence offloaded from the cloud to IoT devices Breakthrough intelligence capabilities, in the cloud and on the edge
- 4. Azure Time Series Insights Azure Machine Learning Azure Stream Analytics Cosmos DB Azure Data Lake Azure Data Lake Analytics Azure HD Insight Azure Event Hubs Microsoft Flow Azure Logic Apps Notification Hubs Azure Websites Microsoft Power BI Azure Active Directory Azure IoT Hub Azure IoT Hub Device Provisioning Service Azure IoT Edge Azure Monitor PaaSServices& DeviceSupport Edge SupportDevice Support Azure IoT Device SDK Certified Devices Azure Certified for IoT Security Program for Azure IoT IoT Services Data & Analytics Services Visualization & Integration Services PaaSSaaS Microsoft IoT Central IoT SaaS Remote Monitoring Predictive Maintenance Connected factory Windows 10 IoT Core Azure IoT Suite Comprehensive Set of Capabilities for IoT SolutionsSolutionsServices
- 5. Auto
- 6. Challenges today create high barriers to entry
- 7. Deploy workloads as containers via IoT Edge runtime Manage devices and containers centrally in the cloud Secure solution from chipset to cloud Use existing AI, cloud analytics or create your own code
- 8. IoT in the Cloud and on the Edge IoT on the Edge Low latency tight control loops require near real-time response Protocol translation & data normalization Privacy of data and protection of IP Symmetry IoT in the Cloud Remote monitoring and management Merging remote data from multiple IoT devices Infinite compute and storage to train machine learning and other advanced AI tools
- 9. Operational patterns for Azure IoT Edge • Protocol translation – Collect data using any protocol and translate to IoT friendly protocols (e.g. Modbus -> MQTT) • On-prem data aggregation and analysis – Aggregate and save on bandwidth, cost, privacy, IP • Offline – Short or long term • Deploy intelligence at the edge – Azure Machine Learning and AI, Azure Stream Analytics, Functions, your own code
- 10. Cloud Gateway Insights ActionsThings IoT Pattern + Edge Azure IoT Hub Insights ActionsActions
- 11. Azure IoT Edge IoT Hub Devices Local Storage Azure Machine Learning (Container) Container Management • Offline / Synchronized Device Twins • Local Storage • Container Management • Local “IoT Hub” • HA/DR, Cloud Dev/Test Support • Container based workloads • Azure Functions • Azure Stream Analytics • Azure Machine Learning • Cognitive Services Device Twin Device Twin Azure Stream Analytics (Container) Azure Functions (Container) Cognitive Services (Container) Custom Code (Container) Module Twin Module Twin Module Twin Module Twin Module Twin Module Twin Module Twin Module Twin Module Twin Module TwinModule Twin Module Twin Module Twin Module Twin Device Twin Module Twin Module Twin Module Twin Module Twin Device Twin Edge Hub
- 12. • Secure Provides a secure connection to the Azure IoT Edge, update software/firmware/configuration remotely, collect state and telemetry and monitor security of the device • Cloud managed Enables rich management of Azure IoT Edge from Azure provide a complete solution instead of just an SDK • Cross-platform Enables Azure IoT Edge to target the most popular edge operating systems, such as Windows and Linux • Portable Enables Dev/Test of edge workloads in the cloud with later deployment to the edge as part of a continuous integration / continuous deployment pipeline • Extensible Enables seamless deployment of advanced capabilities such as AI from Microsoft, and any third party, today and tomorrow Azure IoT Edge Design Principles
- 13. Well site Example – Machine Learning on the Edge Azure IoT Edge Replaying pump readings
- 15. Thank You
- 16. PLAN PROVISION CONFIGURE MONITOR RETIRE Group devices and control access according to your organization's needs Securely authenticate devices, on-board for management, and provision for service Provide updates, configuration, and applications to assign the purpose of each device Monitor device inventory, health and security while providing proactive remediation of issues Replace or decommission devices after failure, upgrade cycle or service lifetime IoT device lifecycle
- 17. Business ConnectivityData Processing, Analytics and ManagementDevice Connectivity and Management Low power devices Existing IoT devices IoT Client Solution UX Stream Processors Analytics & Machine Learning Business IntegrationGateway Storage App Backend IoT Edge Personal mobile devices IP capable devices IoT Client Business systems Data Path Optional solution component Azure IoT solution component Azure IoT Reference Architecture Device Metadata Intelligence and Interaction* (HoloLens, Cortana, etc) Custom Protocol Gateway (Cloud Service, VM) Cloud Gateway Existing Flow JVM/ Azure Container Service Device provisioning
- 18. Hardware-based Root of Trust Unforgeable cryptographic key generated and protected by hardware. Does the device have an unforgeable identity, inseparable from the hardware? Small Trusted Computing Base Security enforcement features protected from other hardware and software. Is most of the device’s software outside the device’s trusted computing base? Defense in Depth Multiple countermeasures mitigate the consequences of any one successful attack. Is the device still protected if the security of one layer of device software is breached? Compartmentalization Internal barriers limit the reach of any single failure. Can a compromised software sub-component be reset & restarted independently? Certificate-based Authentication Trust brokered using signed certificates, proven by unforgeable cryptographic keys. Does the device use certificates instead of passwords for authentication? Renewable Security Device security renewed to overcome evolving threats and security breaches. Is the device’s software updated automatically? Failure Reporting Device failures automatically reported to cloud-based failure analysis system. Does the device report failures to its creator? = Cloud Service support required.= OS support required.= Silicon support required.