- What is IoT Device?
An IoT device is any nonstandard computing device that connects wirelessly to a network and has the ability to transmit data; these are then things in the Internet of Things.
IoT devices include thermostats, light bulbs, door locks, fridges, cars, and implants for RFID and pacemakers (among an almost infinite list of possibilities). The concept behind the Internet of Things (IoT) is all these things working in concert for people in businesses, in industry, or at home.
Here’s an example of the Smart Home enabled by IoT devices: The user arrives home and his car communicates with the garage to open the door. The thermostat is already adjusted to his preferred temperature, due to sensing his proximity. He walks through his door as it unlocks in response to his smart phone or RFID implant. The home’s lighting is adjusted to lower intensity and his chosen color for relaxing, as his pacemaker data indicates that it’s been a stressful day.
What is Device management?
Capability to connect to multiple devices and control, manage, configuration provision, software provision them in remote manner.
Device management helps to protect devices and their data by making it easier to secure and monitor the devices. Device management capabilities allow IoT developers to control IoT devices by performing operations like resetting them to factory defaults or applying updates to patch security issues or fix bugs.IoT Device Management lets you register your devices individually or in bulk, and manage permissions so that devices remain secure. Then, you use the IoT Device Management console to organize your devices into groups, monitor and troubleshoot device functionality, and send remote updates to your devices.
Why Device management is important for IoT use cases:
Imagine a connected home with smart water and energy management components, this solution may land up in embarrassing situation for the customer if Device Management is not properly. Water not available when needed due to software update failure.
security plays a vital role in IoT.
Fundamentals of IoT device management:
Four fundamental device management requirements exist for any Internet of Things (IoT) device deployment: provisioning and authentication, configuration and control, monitoring and diagnostics, and software updates and maintenance. Here, each of these is defined.
Once an Internet of Things (IoT) device is installed, it is not a “fire and forget” scenario. There will be bug fixes and software updates needed; some devices will fail and need to be repaired or replaced; and each time this happens your company is on the hook to minimize downtime – not only to keep your customers happy, but to ensure that you protect your revenue stream.
Any IoT system must address four fundamental categories of device management, which are:
- Provisioning and authentication
- Configuration and control
- Monitoring and diagnostics
- Software updates and maintenance
- Provisioning and authentication:
Device authentication is the act of securely establishing the identity of the device to ensure that it can be trusted. A cloud-hosted service that the device connects to needs to know that the device is actually a genuine device, is running trusted software, and is working on the behalf of a trusted user.
Provisioning is the process of enrolling a device into the system. Authentication is part of that process, where only devices that present the proper credentials are registered. The exact details of this process can vary widely based on implementation. However, in most applications, the device being deployed is loaded with a certificate or key (stored in a secure memory area) that identifies it as authentic, and knows the server URL to connect to in order to enroll itself. When the device is first plugged in and connected to the local network, it “calls home,” and then, based on the credentials and other information such as the model and serial number of the device, it might receive further configuration data.
- Configuration and control:
Your device will need to be further configured by the end user with attributes such as its name and location and application-specific settings.In a fleet-management example, a device is used to track the location and certain on-vehicle telemetry and report that information back to the cloud via a cellular connection. Certain parameters will need to be written once the device is installed, such as the unique ID of the trailer or truck (perhaps the license plate or VIN number). Other configuration settings, such as the amount of time between sending position messages, are also determined and programmed into the device.
To implement certain control capability into a system, you’ll want to remotely reset the device so as to achieve a known-good state and recover from errors and implement new configuration changes. You may also want to be able reset the device to a factory default configuration, which is useful when you want to decommission a device or as a more invasive way to recover from unknown error conditions. Lastly, issuing a command to update or reload firmware is very important in order maintain security of the remote device, implement feature enhancements, and patch bugs.
- Monitoring and diagnostics:
In a system of thousands of remote devices, the smooth and secure operation of each device can directly affect the financial bottom line. Small issues can impact customer sentiment enough to hamper successful business outcomes. Monitoring and diagnostics are vital to minimize the impact of any device downtime due to software bugs or other unforeseen operational problems.
As an example, you can detect when something is amiss by monitoring compute, storage, networking, and I/O statistics at the task or process level, and comparing those statistics to characterized nominal values. If the CPU utilization goes up to 60 percent in a process that would normally consume 5 percent, then that gives troubleshooters another data point that make identifying the bug much faster. Monitoring network statistics can also indicate possible security breaches.
- Software maintenance and update:
You may not think so, but you will release software with bugs in it; you will want to add features and functionality to it; and, yes, you will deploy devices with security vulnerabilities. Because this is not key value-adding functionality, it is viewed as an afterthought (just like documentation!) to most product developers, especially startup companies who are trying to get quickly to market. However, this is one of the most important aspects of device management – it is absolutely essential to securely update and maintain remote device software.
Software maintenance in remote devices is a long-term, running process. You may not have a persistent connection to a remote device if, for example, the device communicates via a wireless connection. The link may not be reliable, especially if the device is moving, or if there is a consumption cost involved in the data connection (for example, via cellular), then the link might be established only periodically to save cost. Finally, one of the main reasons software updates are complicated is that you need to perform them when there is minimal business impact.
Benefits of IoT Device Management Solution:
- Fast Device Onboarding:
With AWS IoT Device Management, you can securely add device attributes like device name, type and manufacturing year, certificates and access policies to the AWS IoT Registry in bulk, assign them to devices, and put large fleets of devices into service quickly.
- Simple Device Organization:
AWS IoT Device Management lets you organize your devices into groups and manage access policies for these groups. This makes it easy to track, operate, and manage your device according to business and security requirements, such as deploying a firmware update for all devices in a building or defining how devices communicate with each other. You can create hierarchy for your groups such as grouping multiple sensors within a single vehicle and grouping multiple vehicles in a fleet. Then, your devices will inherit access policies based on the group hierarchy.
- Locate Device Quickly:
AWS IoT Device Management lets you quickly search and find any devices across your entire device fleet in near real-time. You can easily find devices based on a combination of attribute like device ID,device state and type, andquickly find specific devices so that you can take action or troubleshoot your devices.
- Easy Remote Management:
AWS IoT Device Management makes it easy for you to maintain the health of your device fleet. With IoT Device Management, you can remotely update the software running on your devices after they have been deployed in the field – allowing you to ensure that devices are always running on the latest software. You can also remotely execute actions on the devices such as reboots, factory resets, software updates, and security patches.
How It Works:
Device management features:
When a new device is added to the system, the device should securely register itself with the device management service, as well as registering the metadata for the device. Registering the device provides it with identity and credentials.
Authentication services establish the identity of devices. The device uses the identity created initially during the provisioning process, so that whenever it communicates with other devices, apps or services, the other party can be assured that the device is a trusted, authentic device.
Device management services typically support applying new configurations to IoT devices directly or by broadcasting new configurations to update devices in bulk, as well as managing device configuration dependencies.
- Monitoring & diagnostics:
Device management services are also responsible for keeping track of device logs and metadata, for example, a service might track device capabilities, firmware version, the usual location of the device, device ID and status. Device management services often expose this information, along with error and connectivity logs through dashboards or APIs to use for monitoring health and status as well as for diagnostics and remote debugging. The logs and status can also be used to generate alerts, for example, if the device has not produced any data for a certain period of time.
- Scheduling remote operations:
Many device management services support scheduling remote operations, including device reboot, enabling or disabling the device, performing a factory reset and triggering a new firmware download and update through over the air updates. Being able to perform these maintenance operations remotely without manual intervention, helps to save time and money throughout the life of the device, as well as helping to avoid mistakes and minimize device downtime throughout the process. It also removes the need to manually retrieve or update devices installed in locations that are difficult to access physically.
Automation becomes a necessity when the number and range of devices deployed within an IoT system starts to scale. Automation helps to simplify applying remote operations in bulk, for example to rapidly perform a firmware update on multiple devices to address security vulnerability.
Devices eventually fail, or are superseded when they come to the end of their service life. Device management services should support decommissioning devices securely, including revoking any tokens and identities associated with the device so that it is no longer able to communicate with other devices, apps or services within the system.
Device management challenges:
The key challenges involved with managing and maintaining IoT devices include security, interoperability, constrained devices, scalability, and availability.
Security is an important consideration across all layers of your IoT system. Device management services can make it easier to secure the IoT devices themselves by providing secure device registration and authentication services and by supporting encrypted machine-to-machine (M2M) communication.
The devices deployed within an IoT system now and into the future might be of different classes, be produced by a range of manufacturers, and use a range of communication protocols. Device management tools must support managing all of the devices consistently to maintain interoperability across heterogeneous devices. Look for device management services that support standard device management protocols, or which implement protocols and APIs to provide abstractions for managing devices generically in bulk.
IoT devices are often constrained, which means they have limited power, memory, processing capability, or connectivity. These constraints affect whether the device is capable of being managed remotely, and how effectively it can apply remote operations. If a device is powered by a battery, it is vital that the device be able to communicate with the device manager and perform updates or operations without exhausting the power available. If the power supply is exhausted and then an operation such as a factory reset or firmware update is interrupted, it could result in bricking the device.
As more devices are added to the system, device management services need to scale to handle larger numbers of devices that are registering and communicating with the device management service. Device management services need to be able to handle the increased number of routine device management operations that will need to be performed at any given time.
Automation is key to scaling device management for IoT, because it quickly becomes impractical to monitor and manage all of the devices manually. An administrator should only need to step in to intervene if something unexpected happens.
Device management services must be aware of context in order to ensure availability. Device management includes monitoring the current state of devices so that you don’t try to reboot a device while it is in the middle of an update, but also includes broader awareness of the state of the network, awareness of the device’s status and available power, or what the current device usage looks like before performing maintenance operations.
Why Device Management is difficult for IoT:
- Scale of the devices: The number of devices to be connected is very huge.
- Variations in the devices: Different categories/models/vendors
- Criticality of the services: IoT touches almost critical parts of life (Like the example figure above, it even impacts regular day to day life)
- Regulation compliance
- Performance issues
Device management services help to automate the management of IoT devices throughout their lifecycle – including provisioning, authentication, configuration, maintenance operations, monitoring, and eventually decommissioning. Device management is a critical component for any scalable, secure and interoperable IoT solution.