wso2con usa 2017: building enterprise grade iot architectures for digital transformation with wso2...
TRANSCRIPT
Building Enterprise Grade IoT Architectures for Digital Transformation with WSO2 IoT Server
Sumedha RubasingheDirector - API Architecture
WSO2
Plan for IoT Track
• Building Enterprise Grade IoT Architectures for Digital Transformation
• Hands on - Android and EMM• Hands on - Understanding WSO2 IoT Framework• Two customer stories• Panel Discussion
Plan for this session
• Three topics (90 mins)– How enterprises can digitally transform with Devices?
– How WSO2 can help in digital transformation?
– Key Architectural considerations when building IoT Architectures
Automobile Industry- On an ever increasing battle on
device integration and servicesReferences :
https://cbi-blog.s3.amazonaws.com/blog/wp-content/uploads/2016/05/1-unbundling-car.png
https://www.deltapartnersgroup.com/sites/default/files/exhibit%202.1.png
Role of Devices in Digital Transformation
• Mobile devices
– manage, secure employees’ mobile devices (MDM)
– adopt BYOD/COPE mobile application management (MAM) strategies
Then Now
Role of Devices in Digital Transformation
• IoT devices (every other device type)
– Foster business innovation/increase business opportunities
– Streamline business operations/improve efficiency/cost savings/increase
productivity
– Enhance asset utilization/optimize supply chains
– Integrate your enterprise assets to your digitally transformed enterprise
– Create new digital business opportunities with digital products
– Understand consumer behaviour and provide better consumer experience
60 beacons going from the central station of Amsterdam to the Scheepvaart Museum (Nautical Museum) and former marine base (Marine Terrein), slightly more than 3.4 kilometers in distance
Business Planning
Product Building
Operational
Scaling
Support
Value Creation
Sustainability
Device Strategy
Business Planning
• Who are you? / Who do you want to be?
Device Manufacturer Develops hardware, basic software showcasing device capabilities
Application Developer Build IoT applications on top of existing hardware
System Integrator Integrates IoT applications together to bring greater value to an industry
Device User End users/enterprises using devices and applications for business / personal tasks
Business Planning
• Who are you? / Who do you want to be?
–Device Manufacturer
–Application Developer
–System Integrator
–Device User
• Which Industry and Market ?
• Target customer or business engagement
Build Strategy
• Device Manufacturer
–Example decisions to make
•Robustness (indoor use, outdoor, operating temperatures)
•Existing protocols or develop new
•Use existing chipset or design new
•Security
•Power consumption
Build Strategy (contd..)
• Application Developer
–Example decisions
•Which device(s) to choose
•Choosing a software platform (or building from scratch)
–Device Management
–Data Storage & Analytics (real time, batch, machine learning), dashboarding
–Integration capabilities (standards, built in connectors)
–Security
•Application Distribution - App Store?
•Application logic vs power consumption
Build Strategy (contd..)
• System Integrator
–Example decisions to make
•What is the integration platform to use? Or build one from scratch?
•Security
•Protocols / connectors / message formats to support
•Delivery / transaction guarantees / message brokering
•How to perform analytics?
•How to expose APIs?
•How to create dashboards?
Build Strategy (contd..)
• Device User
–Example decisions to make
•Is this the right device?
–Functionality, power consumption, mobility, security
•User friendly application?
•Data (ownership, security, retrievability, ..)
•Ownership - BYOD / COPE
Operational Strategy
• Device Failure Detection
• Anomaly Detection
• How to push firmware/software updates
–Push
–Pull
• How to reset?
• Users capable of operating the devices?
• Migrating manual processes to digitized ones
Scaling Strategy
• Where to scale?
• How to scale?
• Pattern recognition
–Usage patterns
–Failure patterns
• Throttling
• Server vs Edge computing
Value Creation Strategy
• How to measure the impact of device integration?• How do you stop your product or service from degrading in
value?• How to capture new values and get a competitive advantage?• Capture new insights and increase diversification (E.g. Retail)
Sustainability - Technology
• IoT is a rapidly evolving space
–New devices
–New processing capabilities
• Is the platform open enough to connect?
–New devices
–New systems
• Is there a vendor lock-in?
–License fees paid upfront for N years ahead
–Who owns the data?
Sustainability - Data Security
Source :
http://www.truste.com/blog/2014/05/29/internet-of-things-industry-brings-data-explosion-but-growth-could-be-impacted-by-consumer-privac
y-concerns/
Privacy of speech
- Voice assistants
- Smart TVs
Sustainability - Data Security
• Are apps (mobile) written using containerization?
• Where is data stored?
–App and data are separated?
–Who has access to data?
–Data Filtering technique
•Application level or data storage based?
Sustainability - Legal Challenges
• Privacy and security
• Regulations in different parts of the world
• Chain of liability
• Complex ownership scenarios
• Availability of bandwidth and net neutrality
• Automated contracts
Source :
http://www.techrepublic.com/article/potential-iot-legal-challenges-should-be-hitting-your-enterprise-radar/?ftag=TREa988f1c&bhid=22382528
094118196648159014619331
Technologies for Digital Business
API Management
Integration
Identity & Access Mgt
Streaming Analytics
IoT
Reference : http://www.sap.com/documents/2016/05/0eea93b3-707c-0010-82c7-eda71af511fa.html
We first started with WSO2 Enterprise Mobility Manager
• 1.0.0 (2013) -> 1.1.0 -> 2.0.0 -> 2.0.1 -> 2.1.0 -> 2.2.0 (2016
November)
EMM to IoT - Evolution
• Renaming WSO2 EMM to WSO2 IoT 3.0.0
• Generalized device management platform
–Going beyond EMM needs
– IoT Specific transports, message delivery channels
• Plugins for different device types (eg: Android, iOS, Windows, etc ..)
• Scenario specific Analytics
In world of devices, you will be one of ...
Device Manufacturer Develops hardware, basic software showcasing device capabilities
Application Developer Build IoT applications on top of existing hardware
System Integrator Integrates IoT applications together to bring greater value to an industry
Device User End users/enterprises using devices and applications for business / personal tasks
IT / Infra Admins Manages IT infrastructure and its services offered to employees, customers, partners
CTO / CIO Responsible for overall enterprise strategy on digital content, distribution and access
Device Users Employees of an enterprise using mobile devices
EMM
IoT
IoT Server is for...• IT Admins
– Looking for a OOB EMM solution that can scale, extend and integrate with
existing systems (eg: IAMs)
• Device Manufacturers / Vendors (OEM)
– Looking for software processing platform for new devices
•Registering new device types, enrolment extensions, dashboard building,
appdev lifecycle mgt
• Architects ( Application Developers / System Integrators)
– Integrating device data (in/out) to existing solution architectures
– Analytics for existing device deployments
– Device Management (registration, metadata repository)
• WSO2 Cloud (App, API, Integration, Device - cloud)
OOB solution for EMM
Platform for IoT
Goto market strategy
• EMM
– Why?
• Android for IoT
– Why?
•Several existing customers
•Google’s Android Things
•Apple, Microsoft, Google, Samsung IoT Strategies
• IoT Platform for any device type
IoT Ecosystem - Challenges
Identity Mgt
Integration
App Distribution
API Portal for Developers
Registration
Sharing
Failure/Anomaly Detection
Analytics
Scalability
Event Mgt
Security
Distribution Structure
Analytics
Core
Message Broker
IoT Server
WSO2 DAS + IoT Analytics
Separate JVMs, ships with SSO configured, ports offsetted
WSO2 Message Broker
Core platform
Plugins
bin
Typical Deployment
CoreLB
Analytics
Key Manager
Gateway [Core]
Device1
Device2
Device3
Device4
3rd Party Systems
Message Broker
SetupDevice WiFi IoT Server
Agent ESP 8266 Device API Graphs
Provided by IoT Server
Provided by IoT Server
SetupDevice WiFi IoT Server
Agent ESP 8266 Device API Graphs
Provided by IoT Server
Provided by IoT Server
Device Plugin
Device Plugin
Device Plugin
Dev
ice
AP
ISwagger annotations
JAX-RS Service defining device’s capabilities
Access Permission Model
Device Registration / Identification Management
• Managing Device Identity• Human Identity / Device Mapping• UMA support (coming up)• Industrial devices vs consumer devices• Extensible Enrolment methodologies
–API endpoints–QR code–Self enrolment / auto enrolment / bulk enrolment–Workflow extensions
Integration
• Built-in API G/W is powered by WSO2 Enterprise Integration capabilities
• Comprehensive connector support–https://store.wso2.com
Scaling
CoreLB
Analytics
Key Manager
Gateway [Core]
Device1
Device2
Device3
Device4
3rd Party Systems
Message Broker
Public Cloud
Managed Cloud ??
Private cloud managed
by WSO2 devops team
on a customer provided
environment
Enterprise Mobility Management
• A solution on top of generic IoT Framework to deal with EMM.–For enterprises to manage mobile devices
•BYOD, COPE, COSU–Android, iOS, Windows as device types–Mobile device specific policies
•Eg: Camera on/off, Silence, Passcode rules, Wifi rules, etc..–Mobile Application Management–Enterprise Wipe, locate me
Extending WSO2 IoT Server
• Writing new device types• Transport extensions• Authentication extensions• Adding Analytics capabilities• Building dashboards• Creating integration scenarios
Writing new device types
• Currently supported types for demo purposes
–Raspberry Pi, Arduino Uno, Android Sensors, ESP 8266
•Maven Archetype - https://docs.wso2.com/display/IoTS300/Creating+a+New+Device+Type
• Writing new device types https://docs.wso2.com/display/IoTS300/Device+Manufacturer+Guide
Writing Transport Extensions
• Currently supported transports
–MQTT
–XMPP
–HTTP
• WIP
–CoAP
–AMQP
– OCP (for PLCs)
Authentication Mechanisms for Devices
• OAuth2
–OAuth2 token is issued per every device instance connected
–Each device instance is creating an OAuth2 client application using Dynamic Client Registration (DCR) endpoints
–Token Verification available for HTTP & MQTT protocols
• SCEP (Simple Certificate Enrollment Protocol)
–Each device is identified to IoT Server (and vice versa) using a SSL certificate
– (capable) Device is sending a certificate sign request (CSR) with unique identifier (challenge password) generated by IoT Server
Built-in Analytics Support
• Moving Dots–Speed–Geo Fencing
• Failure detection (planned)• Anomaly Detection (planned)