Sept19 Meetup: IoT - From Hardware to Cloud, Real-world Scenarios by Michael Epprecht

Transcript

1. IoT – Hardware, Edge and the Cloud Michael Epprecht

2. Sources: 1McKinsey, How IoT Can Support A Dynamic Maintenance Program,

   2016 2IDC, 2016 ~80% margin1 driven by apps, analytics, and services in 2020 Average increase in income for the most digitally transformed enterprises $100M 2020 2009 30B Things Income Intelligence “Every business will become a software business, build applications, use advanced analytics and provide SaaS services.“ Satya Nadella 2 2
3. None
4. None

5. Hardware and Devices

6. © Microsoft Corporation • Externally positioned as research project. •

   Sopris is a proof-of-concept highly secured microcontroller (MCU). • Key hardware innovations: • MS-developed “Pluton” security subsystem • Cortex-A w/MMU as primary processor • With appropriate software and service, allows creation of highly secured devices. • Project Sopris Security Challenge: 150 professional hackers attacking prototype devices for $100K in rewards. • Round one closed on 7/7. No exploits. Project Sopris

7. © Microsoft Corporation A new Azure Sphere class of MCUs,

   from silicon partners, with built-in Microsoft security technology provide connectivity and a dependable hardware root of trust. A new Azure Sphere OS secured by Microsoft for the devices 10-year lifetime to create a trustworthy platform for new IoT experiences The Azure Sphere Security Service guards every Azure Sphere device; it brokers trust for device-to-device and device-to-cloud communication, detects emerging threats, and renews device security. Azure Sphere is an end-to-end solution for securing MCU powered devices

8. © Microsoft Corporation S E C U RE D with

   built-in Microsoft silicon security technology including the Pluton Security Subsystem CROSSO VE R Cortex-A processing power brought to MCUs for the first time CONNECTED with built-in networking Microsoft Pluton Security Subsystem Firewall Firewall Firewall Firewall Firewall Firewall Multiplexed I/O SPI I2C UART I2S TDM PWM GPIO ADC ARM Cortex-A Optimized for low power FLASH ≥ 4MB SRAM ≥ 4MB Network Connection Wi-Fi in first chips ARM Cortex-M For real-time processing Azure Sphere MCUs create a secured root of trust for connected, intelligence edge devices CONNECTED with built-in networking SECURED with built-in Microsoft silicon security technology including the Pluton Security Subsystem CROSSO VE R Cortex-A processing power brought to MCUs for the first time

9. © Microsoft Corporation Our Silicon Partners

10. © Microsoft Corporation Azure Sphere OS Architecture App Containers for

    POSIX (on Cortex-A) App Containers for I/O (on Cortex-Ms) On-chip Cloud Services HLOS Kernel Security Monitor Azure Sphere MCUs OS Layer 4 OS Layer 3 OS Layer 2 OS Layer 1 Hardware The Azure Sphere OS is optimized for IoT, Security and MCU agility On-chip Cloud Services Provide update, authentication, and connectivity Custom Linux kernel Empowers agile silicon evolution and reuse of code Security Monitor Guards integrity and access to critical resources Secure Application Containers Compartmentalize code for agility, robustness & security

11. © Microsoft Corporation The Azure Sphere Security Service connects and

    protects every Azure Sphere device Protects your devices and your customers with certificate-based authentication of all communication Detects emerging security threats through automated processing of on-device failures Responds to threats with fully automated on-device updates of OS Allows for easy deployment of software updates to Azure Sphere powered devices

12. © Microsoft Corporation Simplify development Focus your device development effort

    on the value you want to create Streamline debugging Experience interactive, context-aware debugging across device and cloud Simplify Azure connect Connect your Azure Sphere devices quickly and easily to Azure IoT Modernize MCU development with Azure Sphere and Visual Studio

13. © Microsoft Corporation Three components. One low price. No subscription

    required. An Azure Sphere certified MCU The Azure Sphere OS with 10 years of on-device updates The Azure Sphere Security Service for 10 years

14. © Microsoft Corporation Azure Sphere is open Open to any

    MCU manufacturer We are licensing our Pluton security subsystem royalty free for use in any chip* Open to any cloud Azure Sphere devices are free to connect to Azure or any other cloud, proprietary or public for application data Open to any innovation MCU manufacturers are free to innovate with our GPL’d OSS Linux kernel code base * Azure Sphere branding requires an Azure Sphere chip with Azure Sphere OS and Azure Sphere Security Service
15. None
16. None

17. Retrofitting “Neglecting your current installed-base means your project will have

    a time-to-value of years” – Thomas Müller, CTO, Thermoplan

18. Hardware and Devices – PnP

19. IoT Today Tight coupling between software on device and IoT

    solution in the cloud IoT Devices Cloud IoT Solutions

20. We had a similar challenge in the past… Peripherals Windows

    OS

21. That was solved with Windows “Plug and Play” Peripherals Windows

    OS Capability Model Device Metadata Devices published their capability models and adhered to them Windows used the capability model to know how to interact with them

22. Announcing: IoT Plug and Play Public Preview Solution Developers Dramatically

    reduces the effort needed to build IoT solutions since IoT Plug and Play devices just work w/ Azure IoT Device Builders Certify your device for IoT Plug and Play and it can be used with Azure IoT solutions Customers & Partners Large ecosystem of devices that just work with Azure IoT solutions, without any code development required Benefits

23. Solution Providers Device Manufacturers

24. Key IoT Plug and Play concepts Interface​ A shared contract

    that uniquely identify the capabilities exposed by a device​ Expressed as Properties, Telemetry, and Commands​ Interfaces are reusable across different devices and models Device Capability Model A collection of Interfaces representing a thing or entity​ E.g. represents a specific device model/SKU Description Language Digital Twin Description Language (DTDL) Language for describing models and interfaces for IoT digital twins (Azure Digital Twins support coming soon!) Open source based on open standards (JSON-LD, RDF) Device Capability Model JSON-LD Schema Digital Twin Description Language github: aka.ms/DTDL Interface Telemetry Properties Commands Interface Telemetry Properties Commands Interface Telemetry Properties Commands

25. D2C Message Routes C2D/Methods Device Twin D2C Message Routes C2D/Methods

    Device Twin D2C Message Routes C2D/Methods Device Twin IoT Plug and Play in Azure IoT platform context IoT Device IoT Edge IoT Edge IoT Device IoT Device Azure IoT Hub & IoT Hub Device Provisioning Service Azure IoT Central Custom Solution Capability Model Repository (Optional) Interface Telemetry Properties Commands Interface Telemetry Properties Commands Interface Telemetry Properties Commands

26. Where are capability models stored? IoT device sends capability model

    ID and version expected for the solution to know If unknown, the following are the model retrieval options for the solution: Device Sent Stored and sent by the device to the solution. Quick and easy but device must be updated if model changes Capability Model Repository Can be pre-cached by Azure solutions. Includes publish-time validation/versioning and integration with Azure dev tooling

27. Azure IoT Device SDK Generated Device Agent Easy to model

    device capabilities, easy to generate device software skeleton Easy to certify plug and play devices Easy for customers and partners to find plug and play devices that just work Devices that just work out of the box with no code required Easy to develop device software and ensure it just works with IoT solutions IoT Plug and Play Device Capability Model JSON-LD Schema

28. IoT Plug and Play device discovery in Central via DPS

    IoT Device Azure IoT Hub Azure IoT Central Model Repository Azure IoT DPS 1 Device initiates provisioning and sends DCM ID. Receives IoT Hub connection string. 2 DCM ID is retrieved by Central 3 Central retrieves model definition 4 Device connects to IoT Hub and starts transmitting Telemetry and Properties, receiving Commands 5 Central receives Telemetry, gets/sets Properties, sending Commands

29. IoT Plug and Play device discovery for a custom solution

    via IoT Hub IoT Device Azure IoT Hub Model Repository Azure IoT DPS 1 Device initiates provisioning and receives IoT Hub connection string. 4 Solution retrieves interface definitions 2 Device connects to IoT Hub and sends discovery telemetry message (defined in ModelInformation interface) 3 Solution listens for discovery message and gets interface IDs Custom Solution 5 Solution invokes command to retrieve model definition (defined in ModelDefinition interface) 6 Device received command and sends model definition (defined in ModelInformation interface)

30. Gateway support © Microsoft Corporation Azure Non-PnP protocol PnP protocol

    PnP protocol PnP protocol Non-PnP protocol PnP protocol Transform module for Edge Transform module PnP protocol

31. Resources 1. Read IoT Central documentation to learn how to

    build solutions with IoT Plug and Play devices. 2. Read the IoT Plug and Play documentation to learn how to build solutions using the Azure IoT platform. 3. Learn how to build and certify IoT Plug and Play devices. 4. View the Digital Twin Definition Language specification on GitHub. 5. Tune in to the Internet of Things Show deep dive on September 11. 6. Browse IoT Plug and Play devices on the Azure IoT Device Catalog. 7. See a demo of IoT Plug and Play bridge with a MODBUS environmental sensor on the Channel 9 IoT Show. 8. Try IoT Plug and Play bridge on GitHub. 9. Learn how to implement IoT spatial analytics using Azure Maps and IoT Plug and Play location schema.

32. Hardware and Devices – IoT Security Center

33. https://docs.microsoft.com/en-us/azure/asc-for-iot/overview

34. Edge

35. IoT in the Cloud and on the Edge IoT in

    the Cloud IoT on the Edge Symmetry

36. Principles and Goals - Cross Platform (Linux, Windows, multiple architectures)

    - Standardized Protocols - Secure technology isolation from app developer - Availability of technology Security Hardware Root of Trust Secure Boot/Updates Secure Execution Environment Protected General Computing Application execution with runtime integrity checking Privileged executions and systems resource access control Bootstrapping and recovery Trust anchor

37. IoT Edge in action IoT Hub IoT Edge operator 3

    – Define modules on Edge node via device twin 2 – Select Edge node to deploy to 4 – Define message routes for modules on edge node via device twin IoT Edge Hardware based root of trust Local storage Device Twin • Module • Routes Edge runtime Security Manager • Secure Boot • Secure Storage Container Modules Container Module Container Module Container Module Container Module 5 – Define Module twins for module configurations (parameters) Device Twin Module Twin Module Twin IoT Device with IoT Device SDK IoT Device (e.g. BLE) Connects to Edge Hub (Owns a device twin) Connects to BLE Module for protocol translation (configured via BLE Module twin) Device Provisioning 1 – Edge device provisioned with right agents for scenario

38. VS VS Code VSTS Github Jenkins Comprehensive DevOps workflow for

    IoT Edge solution teams of any size • Shorten cycle times and deliver IoT solution faster • Improve quality and availability • Can be easily adopted with essential tools Dev tools for IoT Edge for all languages & platforms • Visual Studio IoT Edge extension (coming soon) • Visual Studio Code IoT Edge extension (github.com/microsoft/vscode-azure-iot-edge) • CLI dev tool (github.com/azure/iotedgedev) • CI/CD in VSTS, Jenkins and etc. IoT Edge CI/CD • Check in IoT Edge deployment • Distribute to test cluster, run tests • Deploy to edge devices on successful tests • Support single + multiple of devices

39. Cloud

40. Automate actions in a space with custom functions that send

    events and /or notifications to endpoints based on incoming telemetry. Virtually represent the physical world with a digital twin that models the relationships between people, places and devices. Leverage predefined and extensible Twin Object Models to build contextually-aware solutions uniquely attuned to your industry domain. Securely replicate solutions across multiple tenants through built-in multi- and nested-tenancy. AZURE DIGITAL TWINS Build next generation IoT solutions with Azure Digital Twins

41. TWIN OBJECT MODEL

42. MODEL & INTERACT WITH THE REAL WORLD THINGS INSIGHTS ACTIONS

    Devices: RTOS, Linux, Windows, Android, iOS Azure IoT Edge Edge Modules: •Protocol Adaptation •Functions •Stream Analytics •Machine Learning •AI Power BI App Service Logic Apps Web Apps Mobile Apps Search Azure Maps Manage View and manage solutions Azure Sphere Secured MCU Secured OS Cloud Security • Spatial intelligence graph o People, Space, Device Twins o Loadable Twin Object Models o User Defined Functions o Blob storage o Nested tenancy • Role-based access & control • AuthN/AuthZ via AAD • Notifications & egress routing Cold Analytics Find insights over historical data AzureML Azure Data Lake Analytics Hot Analytics Real-time monitoring Azure Stream Analytics HDInsight Spark & Storm Warm Analytics Time series data storage & analytics Azure Time Series Insights Business Integration Connect to Business Processes Office 365 Dynamics 365 Flow AI - Cognitive Services Azure IoT Hub • Bi-directional device-cloud • Telemetry ingestion • Command & Control • Device Registry & Identity • Device Provisioning • Device Mgmt • HTTP, AMQP, MQTT Azure Digital Twins

43. Solutions Connected Grid Azure IoT PaaS Services & Device Support

    Edge Support Device Support IoT Services Data & Analytics Services Visualization & Integration Services DIGITAL TWIN SOLUTIONS Connected Building Connected Office Connected Factory Azure IoT Hub • BACnet • KNX • EEBUS • … Connected Vehicle Cortana • OPC-UA • Modbus • CIP • … Device Provisioning Service Azure Sphere Security Service Factory Twin Object Model Azure Digital Twins Building Twin Object Model Office Twin Object Model Grid Twin Object Model Vehicle Twin Object Model Things Things Multi-tenant SaaS by ISV and SI Partners • BACnet • ZigBee • LoRa • … Things • SCADA, • CoAP, • Modbus •… Things • CAN Bus • FlexRay • LIN • … Things Connected Agriculture Agro Twin Object Model • TV Whitesp.. • LoWPAN • LoRa • … Things Remote Monitoring & Predictive Maintenance Azure Time Series Insights Azure Machine Learning Azure Stream Analytics Cosmos DB Azure Data Lake Azure Data Lake Analytics Azure HD Insight Spark, Storm, Kafka Azure Event Hubs Microsoft Flow Azure Logic Apps Azure Event Grid Azure Websites Microsoft Power BI Azure Maps Azure IoT Edge Azure Monitor Azure Sphere Windows 10 IoT Core Azure IoT Device SDK Azure Certified for IoT Azure Active Directory

44. A fully managed global IoT SaaS (software-as-a-service) solution that drives

    business transformation and makes it easy to connect, monitor, and manage IoT assets at scale What is Azure IoT Central?

45. Azure IoT Central Architecture Time series store Application data store

    Reporting Rules and actions Metadata management Cloud gateway DEVICES

46. Microsoft Confidential, For Internal Use Only Occupant Employee Engagement Enable

    employees to do their best work, Ambient Intelligence, More Personal Computing Tenant Apps & Services Interactive Workspace, Place & People Finder, Concierge Services Smart Space Platform Services RTC/Telepresence, Location/Traffic Sensing, Interactive Walls, Digital Assistant Security & Accessibility Infrastructure Egress, Signage, Security & Surveillance, Location, Elevators, Parking Building Operation Infrastructure Power (electric), Air (HVAC), Water (plumbing), Data, Sensors Beyond BMS, BAS, BIM, … Productivity needs Engagement needs Basic needs WORKSPACE " SPACE WORKING Option Value 3 Energy 30 Leased space 300 Employees within the space Annual cost per square foot ($): As we look at the economics of smart spaces and IoT, employee productivity, well-being and satisfaction will have a very beneficial ROI compared to slowing the power meter. Facilities

47. Microsoft Confidential, For Internal Use Only MICROSOFT SMART CAMPUS 500,000,000

    transactions added daily to event database 30,000 Analyzed and compiled through Communicated through an array of different Protocols, Hardware, & Interfaces Assimilating information from 30,000 pieces of equipment Improves technician efficiency with 32,300 work orders per quarter 164 Buildings 2,000,000 data points collected every 5 minutes Transforming raw data into Actionable Information 48% of faults corrected within 60 seconds Energy savings of 6-10% per year with implementation payback in less than 18 months Advanced Analytics Dashboards faults surfaced per day 3 Decades of construction 4 Generations of controllers 7 BAS & BMS solutions

48. «Smart Airport City» - Unsere Vision Flughafen Zürich – auch

    in der digitalen Welt das führende Verkehrs- und Begegnungszentrum in Europa durch die Nutzung intelligenter, datengestützter Ansätze... …um Passagieren, Besuchern und Mitarbeitenden personalisierte, durchgängige Reise- und Aufenthalts- erlebnisse zu ermöglichen und sie so in begeisterte und loyale Kunden zu verwandeln ...um den Energieverbrauch sowie Betriebs- und Unterhaltskosten zu minimieren und so den effizienten und nachhaltigen Einsatz von Ressourcen weiter zu fördern
49. None

50. «The whole is more than the sum of its parts»

    Aristoteles

51. Enabling a Connected, User-Centric Experience Presence & Location Temperature Humidity

    Light CO2 Noise Security Systems Lighting Blinds HVAC Elevators Smoke & Fire Power Meters Building Assets Built-in Sensors & Beacons Smart Building Platform Smart Brandhouses Smart Hospitality Digital Access Smart Healthcare Smart Airport Connected, User-centric Experience Technical Facility Management Infrastructural Facility Management Smart Workplace

52. Enabling a Connected, User-Centric Experience Presence & Location Temperature Humidity

    Light CO2 Noise Security Systems Lighting Blinds HVAC Elevators Smoke & Fire Power Meters Building Assets Built-in Sensors & Beacons Smart Building Platform Smart Brandhouses Smart Hospitality Digital Access Smart Healthcare Smart Airport Connected, User-centric Experience Technical Facility Management Infrastructural Facility Management Smart Workplace
53. None

54. Engineering Workflow

55. Enabling a Connected, User-Centric Experience Presence & Location Temperature Humidity

    Light CO2 Noise Security Systems Lighting Blinds HVAC Elevators Smoke & Fire Power Meters Building Assets Built-in Sensors & Beacons Smart Building Platform Smart Brandhouses Smart Hospitality Digital Access Smart Healthcare Smart Airport Connected, User-centric Experience Technical Facility Management Infrastructural Facility Management Smart Workplace
56. None

57. Gemeinsame Gestaltung der digitalen Experience People centric Facility centric People

    centric Facility centric Access Management Tech. Facility Management Smart Workplace Smart Healthcare Smart Cleaning Smart Brandhouses Smart Hospitality 57

58. Airport Smart Airport City – Kernbereiche HQ & Offices Healthcare

    Brand Houses Hospitality People centric Facility centric People centric Facility centric

59. Ausblick • Definition eines «IoT Standards» im Grundausbau • Definition

    von «IoT Guidelines» im Mieterausbau IoT Infrastruktur Service Katalog Finanzierung • Verschiedene Modelle durch die unterschiedlichen Ausprägungen der Digital Services • Mischung zwischen kostenlosen und kostenpflichtigen Services • Schärfung des Scope der geplanten Digital Services von Smart Airport City • Berücksichtigung von Feedback und weiterer Ideen der Mieter • Entwicklung der Roadmap
60. None
61. None

62. © Copyright Microsoft Corporation. All rights reserved.

63. http://rolls-royce.azurewebsites.net http://johnsoncontrols.azurewebsites.net https://schneider-electric.azurewebsites.net Typical Apps