Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Sept19 Meetup: IoT - From Hardware to Cloud, Real-world Scenarios by Michael Epprecht

Sept19 Meetup: IoT - From Hardware to Cloud, Real-world Scenarios by Michael Epprecht

Remember when IoT first came up? Everybody spoke about the future of IoT and how millions and millions of devices will be connected. But what is the current state of the Internet of Things out in the field? And how does it all relate to the Azure Cloud? We want to know and Michael will tell us. He will go into the details of what Microsoft does from a hardware, operating system and cloud perspective to make IoT happen. And of course how large enterprise customers are using IoT today.

Speaker: Michael Epprecht
Michael has been architecting, administrating and developing complex systems since 1991, with extensive experience on high performance, high volume and mission critical. Over the years, Michel has been involved in Architecture, Security, Development (T-SQL and .NET), Performance Tuning, Operations, Deployment, Data and System recovery of applications and systems. Process Control and Industrial Automation Systems. Presenting at Events, leading workshops, 1:1 knowledge transfer and contributing to forums and newsgroups is his passion.

Prior to joining Microsoft, Mike Epprecht was awarded the status of Microsoft Most Valuable Professional (MVP) on SQL Server.

You can find him at:
https://www.linkedin.com/in/michaelepprecht/
https://twitter.com/fastflame

Azure Zurich User Group

August 27, 2019
Tweet

More Decks by Azure Zurich User Group

Other Decks in Technology

Transcript

  1. Sources: 1McKinsey, How IoT Can Support A Dynamic Maintenance Program,

    2016 2IDC, 2016 ~80% margin1 driven by apps, analytics, and services in 2020 Average increase in income for the most digitally transformed enterprises $100M 2020 2009 30B Things Income Intelligence “Every business will become a software business, build applications, use advanced analytics and provide SaaS services.“ Satya Nadella 2 2
  2. © Microsoft Corporation • Externally positioned as research project. •

    Sopris is a proof-of-concept highly secured microcontroller (MCU). • Key hardware innovations: • MS-developed “Pluton” security subsystem • Cortex-A w/MMU as primary processor • With appropriate software and service, allows creation of highly secured devices. • Project Sopris Security Challenge: 150 professional hackers attacking prototype devices for $100K in rewards. • Round one closed on 7/7. No exploits. Project Sopris
  3. © Microsoft Corporation A new Azure Sphere class of MCUs,

    from silicon partners, with built-in Microsoft security technology provide connectivity and a dependable hardware root of trust. A new Azure Sphere OS secured by Microsoft for the devices 10-year lifetime to create a trustworthy platform for new IoT experiences The Azure Sphere Security Service guards every Azure Sphere device; it brokers trust for device-to-device and device-to-cloud communication, detects emerging threats, and renews device security. Azure Sphere is an end-to-end solution for securing MCU powered devices
  4. © Microsoft Corporation S E C U RE D with

    built-in Microsoft silicon security technology including the Pluton Security Subsystem CROSSO VE R Cortex-A processing power brought to MCUs for the first time CONNECTED with built-in networking Microsoft Pluton Security Subsystem Firewall Firewall Firewall Firewall Firewall Firewall Multiplexed I/O SPI I2C UART I2S TDM PWM GPIO ADC ARM Cortex-A Optimized for low power FLASH ≥ 4MB SRAM ≥ 4MB Network Connection Wi-Fi in first chips ARM Cortex-M For real-time processing Azure Sphere MCUs create a secured root of trust for connected, intelligence edge devices CONNECTED with built-in networking SECURED with built-in Microsoft silicon security technology including the Pluton Security Subsystem CROSSO VE R Cortex-A processing power brought to MCUs for the first time
  5. © Microsoft Corporation Azure Sphere OS Architecture App Containers for

    POSIX (on Cortex-A) App Containers for I/O (on Cortex-Ms) On-chip Cloud Services HLOS Kernel Security Monitor Azure Sphere MCUs OS Layer 4 OS Layer 3 OS Layer 2 OS Layer 1 Hardware The Azure Sphere OS is optimized for IoT, Security and MCU agility On-chip Cloud Services Provide update, authentication, and connectivity Custom Linux kernel Empowers agile silicon evolution and reuse of code Security Monitor Guards integrity and access to critical resources Secure Application Containers Compartmentalize code for agility, robustness & security
  6. © Microsoft Corporation The Azure Sphere Security Service connects and

    protects every Azure Sphere device Protects your devices and your customers with certificate-based authentication of all communication Detects emerging security threats through automated processing of on-device failures Responds to threats with fully automated on-device updates of OS Allows for easy deployment of software updates to Azure Sphere powered devices
  7. © Microsoft Corporation Simplify development Focus your device development effort

    on the value you want to create Streamline debugging Experience interactive, context-aware debugging across device and cloud Simplify Azure connect Connect your Azure Sphere devices quickly and easily to Azure IoT Modernize MCU development with Azure Sphere and Visual Studio
  8. © Microsoft Corporation Three components. One low price. No subscription

    required. An Azure Sphere certified MCU The Azure Sphere OS with 10 years of on-device updates The Azure Sphere Security Service for 10 years
  9. © Microsoft Corporation Azure Sphere is open Open to any

    MCU manufacturer We are licensing our Pluton security subsystem royalty free for use in any chip* Open to any cloud Azure Sphere devices are free to connect to Azure or any other cloud, proprietary or public for application data Open to any innovation MCU manufacturers are free to innovate with our GPL’d OSS Linux kernel code base * Azure Sphere branding requires an Azure Sphere chip with Azure Sphere OS and Azure Sphere Security Service
  10. Retrofitting “Neglecting your current installed-base means your project will have

    a time-to-value of years” – Thomas Müller, CTO, Thermoplan
  11. IoT Today Tight coupling between software on device and IoT

    solution in the cloud IoT Devices Cloud IoT Solutions
  12. That was solved with Windows “Plug and Play” Peripherals Windows

    OS Capability Model Device Metadata Devices published their capability models and adhered to them Windows used the capability model to know how to interact with them
  13. Announcing: IoT Plug and Play Public Preview Solution Developers Dramatically

    reduces the effort needed to build IoT solutions since IoT Plug and Play devices just work w/ Azure IoT Device Builders Certify your device for IoT Plug and Play and it can be used with Azure IoT solutions Customers & Partners Large ecosystem of devices that just work with Azure IoT solutions, without any code development required Benefits
  14. Key IoT Plug and Play concepts Interface​ A shared contract

    that uniquely identify the capabilities exposed by a device​ Expressed as Properties, Telemetry, and Commands​ Interfaces are reusable across different devices and models Device Capability Model A collection of Interfaces representing a thing or entity​ E.g. represents a specific device model/SKU Description Language Digital Twin Description Language (DTDL) Language for describing models and interfaces for IoT digital twins (Azure Digital Twins support coming soon!) Open source based on open standards (JSON-LD, RDF) Device Capability Model JSON-LD Schema Digital Twin Description Language github: aka.ms/DTDL Interface Telemetry Properties Commands Interface Telemetry Properties Commands Interface Telemetry Properties Commands
  15. D2C Message Routes C2D/Methods Device Twin D2C Message Routes C2D/Methods

    Device Twin D2C Message Routes C2D/Methods Device Twin IoT Plug and Play in Azure IoT platform context IoT Device IoT Edge IoT Edge IoT Device IoT Device Azure IoT Hub & IoT Hub Device Provisioning Service Azure IoT Central Custom Solution Capability Model Repository (Optional) Interface Telemetry Properties Commands Interface Telemetry Properties Commands Interface Telemetry Properties Commands
  16. Where are capability models stored? IoT device sends capability model

    ID and version expected for the solution to know If unknown, the following are the model retrieval options for the solution: Device Sent Stored and sent by the device to the solution. Quick and easy but device must be updated if model changes Capability Model Repository Can be pre-cached by Azure solutions. Includes publish-time validation/versioning and integration with Azure dev tooling
  17. Azure IoT Device SDK Generated Device Agent Easy to model

    device capabilities, easy to generate device software skeleton Easy to certify plug and play devices Easy for customers and partners to find plug and play devices that just work Devices that just work out of the box with no code required Easy to develop device software and ensure it just works with IoT solutions IoT Plug and Play Device Capability Model JSON-LD Schema
  18. IoT Plug and Play device discovery in Central via DPS

    IoT Device Azure IoT Hub Azure IoT Central Model Repository Azure IoT DPS 1 Device initiates provisioning and sends DCM ID. Receives IoT Hub connection string. 2 DCM ID is retrieved by Central 3 Central retrieves model definition 4 Device connects to IoT Hub and starts transmitting Telemetry and Properties, receiving Commands 5 Central receives Telemetry, gets/sets Properties, sending Commands
  19. IoT Plug and Play device discovery for a custom solution

    via IoT Hub IoT Device Azure IoT Hub Model Repository Azure IoT DPS 1 Device initiates provisioning and receives IoT Hub connection string. 4 Solution retrieves interface definitions 2 Device connects to IoT Hub and sends discovery telemetry message (defined in ModelInformation interface) 3 Solution listens for discovery message and gets interface IDs Custom Solution 5 Solution invokes command to retrieve model definition (defined in ModelDefinition interface) 6 Device received command and sends model definition (defined in ModelInformation interface)
  20. Gateway support © Microsoft Corporation Azure Non-PnP protocol PnP protocol

    PnP protocol PnP protocol Non-PnP protocol PnP protocol Transform module for Edge Transform module PnP protocol
  21. Resources 1. Read IoT Central documentation to learn how to

    build solutions with IoT Plug and Play devices. 2. Read the IoT Plug and Play documentation to learn how to build solutions using the Azure IoT platform. 3. Learn how to build and certify IoT Plug and Play devices. 4. View the Digital Twin Definition Language specification on GitHub. 5. Tune in to the Internet of Things Show deep dive on September 11. 6. Browse IoT Plug and Play devices on the Azure IoT Device Catalog. 7. See a demo of IoT Plug and Play bridge with a MODBUS environmental sensor on the Channel 9 IoT Show. 8. Try IoT Plug and Play bridge on GitHub. 9. Learn how to implement IoT spatial analytics using Azure Maps and IoT Plug and Play location schema.
  22. IoT in the Cloud and on the Edge IoT in

    the Cloud IoT on the Edge Symmetry
  23. Principles and Goals - Cross Platform (Linux, Windows, multiple architectures)

    - Standardized Protocols - Secure technology isolation from app developer - Availability of technology Security Hardware Root of Trust Secure Boot/Updates Secure Execution Environment Protected General Computing Application execution with runtime integrity checking Privileged executions and systems resource access control Bootstrapping and recovery Trust anchor
  24. IoT Edge in action IoT Hub IoT Edge operator 3

    – Define modules on Edge node via device twin 2 – Select Edge node to deploy to 4 – Define message routes for modules on edge node via device twin IoT Edge Hardware based root of trust Local storage Device Twin • Module • Routes Edge runtime Security Manager • Secure Boot • Secure Storage Container Modules Container Module Container Module Container Module Container Module 5 – Define Module twins for module configurations (parameters) Device Twin Module Twin Module Twin IoT Device with IoT Device SDK IoT Device (e.g. BLE) Connects to Edge Hub (Owns a device twin) Connects to BLE Module for protocol translation (configured via BLE Module twin) Device Provisioning 1 – Edge device provisioned with right agents for scenario
  25. VS VS Code VSTS Github Jenkins Comprehensive DevOps workflow for

    IoT Edge solution teams of any size • Shorten cycle times and deliver IoT solution faster • Improve quality and availability • Can be easily adopted with essential tools Dev tools for IoT Edge for all languages & platforms • Visual Studio IoT Edge extension (coming soon) • Visual Studio Code IoT Edge extension (github.com/microsoft/vscode-azure-iot-edge) • CLI dev tool (github.com/azure/iotedgedev) • CI/CD in VSTS, Jenkins and etc. IoT Edge CI/CD • Check in IoT Edge deployment • Distribute to test cluster, run tests • Deploy to edge devices on successful tests • Support single + multiple of devices
  26. Automate actions in a space with custom functions that send

    events and /or notifications to endpoints based on incoming telemetry. Virtually represent the physical world with a digital twin that models the relationships between people, places and devices. Leverage predefined and extensible Twin Object Models to build contextually-aware solutions uniquely attuned to your industry domain. Securely replicate solutions across multiple tenants through built-in multi- and nested-tenancy. AZURE DIGITAL TWINS Build next generation IoT solutions with Azure Digital Twins
  27. MODEL & INTERACT WITH THE REAL WORLD THINGS INSIGHTS ACTIONS

    Devices: RTOS, Linux, Windows, Android, iOS Azure IoT Edge Edge Modules: •Protocol Adaptation •Functions •Stream Analytics •Machine Learning •AI Power BI App Service Logic Apps Web Apps Mobile Apps Search Azure Maps Manage View and manage solutions Azure Sphere Secured MCU Secured OS Cloud Security • Spatial intelligence graph o People, Space, Device Twins o Loadable Twin Object Models o User Defined Functions o Blob storage o Nested tenancy • Role-based access & control • AuthN/AuthZ via AAD • Notifications & egress routing Cold Analytics Find insights over historical data AzureML Azure Data Lake Analytics Hot Analytics Real-time monitoring Azure Stream Analytics HDInsight Spark & Storm Warm Analytics Time series data storage & analytics Azure Time Series Insights Business Integration Connect to Business Processes Office 365 Dynamics 365 Flow AI - Cognitive Services Azure IoT Hub • Bi-directional device-cloud • Telemetry ingestion • Command & Control • Device Registry & Identity • Device Provisioning • Device Mgmt • HTTP, AMQP, MQTT Azure Digital Twins
  28. Solutions Connected Grid Azure IoT PaaS Services & Device Support

    Edge Support Device Support IoT Services Data & Analytics Services Visualization & Integration Services DIGITAL TWIN SOLUTIONS Connected Building Connected Office Connected Factory Azure IoT Hub • BACnet • KNX • EEBUS • … Connected Vehicle Cortana • OPC-UA • Modbus • CIP • … Device Provisioning Service Azure Sphere Security Service Factory Twin Object Model Azure Digital Twins Building Twin Object Model Office Twin Object Model Grid Twin Object Model Vehicle Twin Object Model Things Things Multi-tenant SaaS by ISV and SI Partners • BACnet • ZigBee • LoRa • … Things • SCADA, • CoAP, • Modbus •… Things • CAN Bus • FlexRay • LIN • … Things Connected Agriculture Agro Twin Object Model • TV Whitesp.. • LoWPAN • LoRa • … Things Remote Monitoring & Predictive Maintenance Azure Time Series Insights Azure Machine Learning Azure Stream Analytics Cosmos DB Azure Data Lake Azure Data Lake Analytics Azure HD Insight Spark, Storm, Kafka Azure Event Hubs Microsoft Flow Azure Logic Apps Azure Event Grid Azure Websites Microsoft Power BI Azure Maps Azure IoT Edge Azure Monitor Azure Sphere Windows 10 IoT Core Azure IoT Device SDK Azure Certified for IoT Azure Active Directory
  29. A fully managed global IoT SaaS (software-as-a-service) solution that drives

    business transformation and makes it easy to connect, monitor, and manage IoT assets at scale What is Azure IoT Central?
  30. Azure IoT Central Architecture Time series store Application data store

    Reporting Rules and actions Metadata management Cloud gateway DEVICES
  31. Microsoft Confidential, For Internal Use Only Occupant Employee Engagement Enable

    employees to do their best work, Ambient Intelligence, More Personal Computing Tenant Apps & Services Interactive Workspace, Place & People Finder, Concierge Services Smart Space Platform Services RTC/Telepresence, Location/Traffic Sensing, Interactive Walls, Digital Assistant Security & Accessibility Infrastructure Egress, Signage, Security & Surveillance, Location, Elevators, Parking Building Operation Infrastructure Power (electric), Air (HVAC), Water (plumbing), Data, Sensors Beyond BMS, BAS, BIM, … Productivity needs Engagement needs Basic needs WORKSPACE " SPACE WORKING Option Value 3 Energy 30 Leased space 300 Employees within the space Annual cost per square foot ($): As we look at the economics of smart spaces and IoT, employee productivity, well-being and satisfaction will have a very beneficial ROI compared to slowing the power meter. Facilities
  32. Microsoft Confidential, For Internal Use Only MICROSOFT SMART CAMPUS 500,000,000

    transactions added daily to event database 30,000 Analyzed and compiled through Communicated through an array of different Protocols, Hardware, & Interfaces Assimilating information from 30,000 pieces of equipment Improves technician efficiency with 32,300 work orders per quarter 164 Buildings 2,000,000 data points collected every 5 minutes Transforming raw data into Actionable Information 48% of faults corrected within 60 seconds Energy savings of 6-10% per year with implementation payback in less than 18 months Advanced Analytics Dashboards faults surfaced per day 3 Decades of construction 4 Generations of controllers 7 BAS & BMS solutions
  33. «Smart Airport City» - Unsere Vision Flughafen Zürich – auch

    in der digitalen Welt das führende Verkehrs- und Begegnungszentrum in Europa durch die Nutzung intelligenter, datengestützter Ansätze... …um Passagieren, Besuchern und Mitarbeitenden personalisierte, durchgängige Reise- und Aufenthalts- erlebnisse zu ermöglichen und sie so in begeisterte und loyale Kunden zu verwandeln ...um den Energieverbrauch sowie Betriebs- und Unterhaltskosten zu minimieren und so den effizienten und nachhaltigen Einsatz von Ressourcen weiter zu fördern
  34. Enabling a Connected, User-Centric Experience Presence & Location Temperature Humidity

    Light CO2 Noise Security Systems Lighting Blinds HVAC Elevators Smoke & Fire Power Meters Building Assets Built-in Sensors & Beacons Smart Building Platform Smart Brandhouses Smart Hospitality Digital Access Smart Healthcare Smart Airport Connected, User-centric Experience Technical Facility Management Infrastructural Facility Management Smart Workplace
  35. Enabling a Connected, User-Centric Experience Presence & Location Temperature Humidity

    Light CO2 Noise Security Systems Lighting Blinds HVAC Elevators Smoke & Fire Power Meters Building Assets Built-in Sensors & Beacons Smart Building Platform Smart Brandhouses Smart Hospitality Digital Access Smart Healthcare Smart Airport Connected, User-centric Experience Technical Facility Management Infrastructural Facility Management Smart Workplace
  36. Enabling a Connected, User-Centric Experience Presence & Location Temperature Humidity

    Light CO2 Noise Security Systems Lighting Blinds HVAC Elevators Smoke & Fire Power Meters Building Assets Built-in Sensors & Beacons Smart Building Platform Smart Brandhouses Smart Hospitality Digital Access Smart Healthcare Smart Airport Connected, User-centric Experience Technical Facility Management Infrastructural Facility Management Smart Workplace
  37. Gemeinsame Gestaltung der digitalen Experience People centric Facility centric People

    centric Facility centric Access Management Tech. Facility Management Smart Workplace Smart Healthcare Smart Cleaning Smart Brandhouses Smart Hospitality 57
  38. Airport Smart Airport City – Kernbereiche HQ & Offices Healthcare

    Brand Houses Hospitality People centric Facility centric People centric Facility centric
  39. Ausblick • Definition eines «IoT Standards» im Grundausbau • Definition

    von «IoT Guidelines» im Mieterausbau IoT Infrastruktur Service Katalog Finanzierung • Verschiedene Modelle durch die unterschiedlichen Ausprägungen der Digital Services • Mischung zwischen kostenlosen und kostenpflichtigen Services • Schärfung des Scope der geplanten Digital Services von Smart Airport City • Berücksichtigung von Feedback und weiterer Ideen der Mieter • Entwicklung der Roadmap