Although later than projected, IoT connections are finally starting to ramp up in volume as the IoT industry moves from trials and pilots to real world deployments at scale. However, the proliferation of connections is only one part of an IoT solution. Alongside huge numbers of connections come huge numbers of IoT devices and these devices will generate data at hyperscale. Organisations making IoT deployments therefore have to prepare in terms of device and data management if they are to succeed in the mass IoT market
Elements of an IoT solution
For any IoT solution involving connected devices, there are three key elements that must be managed:
- The connected device, that may be one sensor measuring temperature, location or some other parameter or an asset such as a vehicle that has many sensors each measuring something different. Device management aspects may include device identity in the network, provisioning for use of the network and secure over-the-air update of device firmware. These and other related areas are part of Device Management.
- The connection, from the device to a server to which the data is transmitted for processing. That may be a short-range or long-range connection, wired or wireless, or a combination thereof. The server may be at the network edge or in the cloud, or in both for different needs. Some of the areas that need managing are connectivity options, coverage, network protocol support and billing/usage. These and other related areas are part of Connectivity Management.
- The data generated needs to be stored, processed – sometimes in real time – either on its own or in combination with other data, to create results. Additional areas that need managing are: workflow handling, visualisation, orchestration and data analytics. These and other related areas are part of Data Management.
In addition to these, an application usually needs to be developed or provided to make specific use of the data created. All of this must be carried out securely so that the device itself and anything that is using the data, such as a controller, is not compromised. Security needs to bind together all the other elements so that potential attack surfaces are minimised.
These elements can be illustrated as in Figure 1, where they form a stack that sits above the sensors and network infrastructure. Since Device Management requires the connectivity to be in place before it can function for remote devices, it sits above Connectivity Management.
These are then also the main elements of an IoT platform, which is essentially a software middleware suite that facilitates secure monitoring, control and analysis of device and sensor behaviour in the field. In essence, it provides an enabling layer between these connected devices or sensors and user applications.
IoT platforms have been created for the express purpose of reducing the time and cost of getting new IoT solutions built and implemented. As shown in Figure 1, there are several layers to an IoT solution and these are becoming increasingly complex as the market develops. The IoT platform takes advantage of the fact that the majority of what is needed in IoT solutions is the same and does not need to be redeveloped for every application. In theory, at least 80% of IoT solutions are made from common parts, so can be predesigned and made available through an IoT platform. The platform then also provides the means for customising and configuring the solution (the other 20%) for a specific application need.
To some extent, this is why there are so many IoT platforms on the market – well over 500 at this time. Some have a narrow market focus and specialise in particular application areas – such as smart city or smart energy – while others provide a more horizontal capability that aims to satisfy requirements across a wider range of vertical sectors. In reality, what has been found is that those with a narrow market focus typically have less customisation to do for any one project (more like 90%:10% rather than 80%:20%). On the other hand, those with a more horizontal platform often find more customisation is required (more like 70%: 30%). Either approach is still far preferable to building a new platform from scratch for each new IoT solution required.
Towards hyperscale – new challenges for IoT platforms
Preparing for scale is a huge challenge for IoT, and for IoT platforms in particular. While there are many IoT forecasts currently being talked about, some more optimistic than others, the general consensus is for rapid growth over the next decade.
Figure 2 shows expected growth for cellular IoT connections to 2022 at an overall rate per annum of 35%. This is aided by the introduction of new cellular technologies LTE-M and NB-IoT specifically for IoT at the lower data rate end of the market. Yet within this growth is an even faster change, which is the growth in use of embedded SIM (eSIM) solutions and associated embedded universal integrated circuit cards(eUICC). The eUICC is expected to feature in a growing proportion of new cellular IoT connections, so that by 2022 up to 67% of new cellular IoT connections will be eSIM based. At that rate, eSIM – and in the future integrated SIM (iSIM) – will become the new norm for cellular IoT. This change represents a substantial challenge for IoT platforms to cater for over the next few years.
Beyond cellular, other technologies like Bluetooth and Wi-Fi are also set for increasing IoT use, with the number of such short-range connections in the orbit of 8x cellular connections by 2022. Overall, this means that IoT connections are likely to exceed 15 billion by that time. This represents a further huge scalability challenge for IoT platforms.
While these changes are developing, for an increasing number of businesses IoT is rapidly moving from nice-to-have to strategic necessity. At its simplest, an IoT solution provides the opportunity to save operational costs, introduce new service revenue opportunities, or help to ensure compliance with new regulations. In practice, it is increasingly a combination of these dressed up in a wide range of business needs, some more urgent than others. It gets more challenging when that means processing large amounts of data in real-time to support current business operations. It can be more challenging still to integrate these new real time data flows with traditional batch update data typical of IT systems already in use. Those challenges increase yet further when these data flows need to interoperate smoothly and securely across several different business operations, all in real-time.
To cater for these and other challenges and create an IoT solution that will stand the test of time, IoT platforms must adapt further. Yet all of this needs to be managed within a secure environment. There is no doubt that, over the next few years, there will be increasing reliance on the huge amounts of data collected through IoT solutions. So long as we can trust it, this data will become relied on by all of us, driving business insights and transformations everywhere. This trust is all-important. If we are going to depend on this device data, we need to be sure it is genuine. That means having the right level of security for each use case, which in turn requires a framework to be in place for securing large numbers of connected devices.
Arm’s approach to IoT
Figure 3 shows the main elements in Arm’s Pelion IoT Framework, including the Pelion IoT platform. This follows directly the principles outlined in Figure 1.
In addition to the Pelion IoT platform layers, Mbed OS is a free, open-source embedded operating system that comprises of all the necessary features to facilitate the development of IoT connected products, including standards based security and connectivity stacks, an RTOS kernel, middleware for storage, and networking, and remote device management. It is particularly suitable for small, constrained devices with limited processing and storage and integrates closely with Pelion Device Management in particular. Also, of note is Arm’s Platform Security Architecture (PSA), a framework that ensures secure IoT devices with Root of Trust. When coupled with Pelion IoT Platform services’ security features like Trusted Boot and Firmware Update, data encryption, and developer application programme interfaces (APIs), PSA provides an end-toend security solution.
With 95% of the world’s smartphones based on Arm and over 150 billion Armbased chips shipped to date, Arm is already very familiar with the challenges of scalability. This experience has been incorporated into the Pelion IoT platform layers, including Pelion Device Management. This layer is expanded in Figure 4.
The rapid growth of connected devices expected in the IoT market over the next decade presents major challenges for device management. The mix of such devices will include both highly constrained devices with limited on-board power, storage and processing capabilities, to fully featured end nodes and gateways. All of these will require secure remote management. In addition, information requirements from device data is increasing quickly, with greater use of analytics, visualisation tools and – as these mature – greater use of artificial intelligence. This means vastly more traffic utilising a wider variety of data processing resources, with increasing opportunities for that data to be compromised. This requires a robust chipto-cloud approach for security. Pelion Device Management, coupled with PSA, enables secure and reliable onboarding, monitoring, updates and lifecycle management of the wide mix of types of connected devices expected in the future.
Examples of Pelion in action
- Bringing connectivity, scalability and security to constrained devices
The challenge: A global manufacturer of high-end consumer embedded devices undertook a review of their product portfolio after a number of successful iterations of their product. Their custombuilt hardware solution is paired with their scientifically-researched algorithm, which generates user data in real-time on the device. Market success has meant that the algorithm has become the subject of much competitor interest. They concluded that additional security measures to protect their intellectual property would be critical to maintaining their differentiation and market share.
Hardware constraints within the existing product meant incorporating additional measures to existing devices would not be simple. They realised they would need a partner to guide them with best practice advice and help them build a whole new software solution with additional capabilities within the constraints of existing hardware.
The solution: Arm’s comprehensive knowledge of software development for embedded devices, combined with the capabilities of the Pelion IoT platform and Mbed OS enabled them to overcome these challenges.
The solution bolstered the feature set of their constrained devices, including adding a complete operating system to the device firmware; chip-tocloud encryption and communications protocols to protect user data; and numerous specific defences against hardware attacks on the device to detect and report attacks to the enterprise’s security operations centre.
After their initial market success, the projections for the ramp up of device production meant they needed an IoT device management platform that could scale with their ambitions. Pelion Device Management handles automated monitoring, support and update for many millions of intermittently connected devices, whilst Mbed OS provided a foundation for the IoT platform. Together with Arm, they also needed to go further to build and integrate the solution with their existing digital services.
- KEPCO Advanced Metering Infrastructure
Korea’s sole energy provider Korea Electric Power Company (KEPCO) was embarking on a digital IoT transformation that helped facilitate their transition from an energy provider to an energy platform and service company. This evolution involved complementing their infrastructure with 30 million smart meters and deploying an additional billion IoT nodes across their very large grid.
However, the challenges faced by KEPCO were numerous and included concerns over:
- Device security
- Lifecycle management of deployments on a very large scale
- Wireless connectivity
- Real-time billing data collection
KEPCO chose Arm’s Pelion IoT platform as it could provide a dedicated chip with end-to-end security complemented by an IoT operating system (OS), device management tools, hardware IP and consultancy services. Arm was tasked with two key objectives:
Objective 1 – Device control: Arm’s Internet Services Group (ISG) offered the means to securely manage devices’ on-boarding, monitoring and updating, and even decommissioning of the device at the end of its lifecycle. Over the Air (OTA) updates mean additional security patches and functionality can be administered without the need to physically travel to support remote devices.
Objective 2 – Chip-to-cloud security and efficiency: KEPCO utilised both Arm’s ISG support and IPG’s (IP Products Group) secure chipset to reduce time to market, also creating a solution to ensure these insights are shared with partners and customers easily and securely. Come 2021, Pelion Device Management will be responsible for the onboarding, connecting and updating of both devices on a national scale. The platform will consolidate a very large number of data feeds and manage devices via a single pane of glass, as well as simplifying and securing the management of each stage of the device’s lifecycle. This includes managing data indicating device health and billing, relayed to KEPCO in real-time. This information is then also shared via APIs to their partners and bills to customers.
KEPCO engaged with several original equipment manufacturers (OEMs) to help deliver the very large number of meters required. Third parties used Arm’s Mbed OS and toolchain, including Mbed Studio, Mbed CLI and Manifest Tool. These applications are part of a suite of tools and reference designs created to expedite application development, debugging and web services integration. Arm’s Pelion IoT platform supports a broad range of connectivity options, meaning meters and gateways could communicate via the low energy, low latency qualities offered by WiSUN wireless communications, before relaying to KEPCO’s on-premise servers.
Arm collaborated with KEPCO’s joint R&D partner ARGO to create a custom System on Chip (SoC) powered by a Cortex-M3 for meters and with OEMs for a highly secure KEPCO gateway infrastructure powered by an Arm Cortex-A9 and Arm TrustZone. This collaboration, combined with a suite of tools, are helping KEPCO to trial, then mass deploy gateways and millions of smart meters by June 2021.
To read the full KEPCO case study visit: https://learn.arm.com/kepco-iot-case-study