The complexities of integrating and connecting today’s smart devices into industrial IoT (IIoT) environments are growing by the day. While cloud vendor-provided software development kits (SDKs) are readily available and utilized, both capability and device implementation gaps continue to impede adoption across the IIoT infrastructure.
How can these gaps be addressed to ensure a smoother deployment and more efficient day-to-day operation?
This article takes a closer look at how OS/System services complement and extend the many functions provided by the typical cloud vendor SDK. Cloud vendor SDKs do an adequate job of providing the much-needed functionality at the cloud backend, but down at the device level, at the end points or edge nodes, more robust device management functionality is required.
Embedded Devices in Industrial IoT
IIoT devices can be categorized as end nodes, which are located in the lower tier of an IIoT ecosystem, and edge nodes that often serve as a gateway between the end nodes and the cloud backend. End nodes are commonly actuators, sensors, controllers, human-machine interfaces (HMIs), etc. In some cases, end nodes will connect directly to the cloud without the use of an edge node/gateway.
Although both end nodes and gateways are embedded devices, they can vary significantly in form factor and functionality. End-node devices can be quite small. Often, they’re 8- or 16-bit smart sensors that utilize simplified wireless protocols and extreme power-management strategies to harvest local energy for maintenance-free operation. On the other end of the spectrum, edge nodes can be powerful multi-processor, multicore devices with enterprise/server-like computational power.
From a software perspective, end node devices can run on bare metal (no operating system), For larger devices, a real-time operating system (RTOS) or even a general-purpose operating system (GPOS), such as a Linux, is often deployed.
An example component architecture for runtime software for an edge node, or a cloud-connected end node, is shown in Figure 1. The diagram depicts a typical architecture that consists of a cloud vendor-provided SDK for the device and other OS/System services needed to fulfill the device management needs for the connected device.
1. Device software IIoT architecture is comprised of a cloud vendor-provided software developer kit (SDK) for backend services, and OS/System services that are specific to the OS runtime environment.
OS/System Services for IIoT Device Management
OS/System services expand on the foundation of device onboarding and communications infrastructure provided by cloud vendor SDKs. These services fulfill the functions necessary for comprehensive device management of an IIoT device. Some of these functions include software updates services (for both system firmware and applications); system diagnostics, health monitoring, and profiling services; and secure system services.
Software updates services
The ability to update device operating-system (OS) software and application software is an essential element of IIoT smart-device enablement. Security is an important tenet when it comes to delivering OS and app updates to the device. Most use cases require privacy, integrity, and authenticity attributes be confirmed before an update artifact is consumed by a device.
The device software architecture should consider infrastructure needed to assess firmware health. It should also support a fail-safe rollback function that allows the device to rollback to a known working firmware version. Application updates to devices can be delivered as encrypted/signed binary packages.
In the case of Linux- or Windows-based devices, container-based application management is becoming extremely popular. A container-based approach for application management provides numerous benefits, including portability, ease of migration, scalability, standardization, continuous integration (CI) and delivery (CD), and the availability of a strong open-source ecosystem of runtime components and tools for management and orchestration of container-based applications.
2. The process of software updates in an IoT infrastructure.
An end-to-end infrastructure is required to enable a secure OS software updates workflow (Fig. 2). This includes:
- Host tooling for encryption, digital signing, and packaging of update artifacts.
- A cloud or on-premises backend application to deliver updates to the device fleet.
- Device runtime software to receive the update artifacts, and authenticate, decrypt, and consume the artifact appropriately.
Cloud vendor-provided enablement doesn’t typically include such capabilities and associated workflows. That’s because the update infrastructure needed depends largely on the device-specific OS runtime environment and application-management requirements.
System diagnostics, health monitoring, and profiling services
IIoT devices deployed in manufacturing environments have to be monitored for system health and performance. The ability to profile applications on the device can provide deep insights into the device software runtime and assist with troubleshooting deployed devices.
Secure system services
In IIoT environments, the convergence of informational technology (IT) and operational technology (OT) networks has made security of paramount importance. The device runtime should provide the security infrastructure needed for hard isolation of the IT and OT network interfaces and associated middleware such that an external attacker can’t compromise the internal factory network. Suitable firewalls and edge network configuration tools should be employed to enable this isolation.
An IIoT Smart-Device Solution: Integrating a Cloud SDK with OS/System Services
To fulfill the complete potential of the industrial IoT environment, devices must be able to offer the full set of runtime functionality previously discussed in this article. Figure 3 illustrates an example of a commercial software framework that addresses these demands and requirements. This particular IIoT framework integrates the functions and capabilities of a vendor-provided cloud SDK with the OS/System services needed for comprehensive device management.
3. The Mentor Embedded IoT Framework (MEIF) architecture integrates the capabilities of a cloud vendor-provided SDK with OS/System services to enable comprehensive device management for end-node to gateway-type devices.
The Mentor Embedded IoT Framework (MEIF), a new product from Mentor, now a Siemens business, supports multiple cloud platforms including Amazon Web Services (AWS), Microsoft Azure, and Siemens MindSphere. The MEIF architecture also supports Eclipse IoT-based backend applications (e.g., Leshan for device management, and hawkBit for fleet software management) on the cloud or on-premises.
It’s important to understand that Mentor’s solution doesn’t replace technologies and investments already provided by a cloud vendor. Rather, it aims to fill the gaps between the provided functions of cloud vendor SDKs and the required device functions for comprehensive device management in IIoT environments.
Fig. 3 offers a high-level illustration of the MEIF architecture. Everything within MEIF pertains to the device or gateway. Everything located above MEIF essentially goes on the cloud or on-premises infrastructure (local server, gateway, or industrial PC). MEIF integrates the cloud vendor-provided SDK on the device OS runtime environment to ensure seamless operability with the cloud backend. It provides additional services needed for the management and monitoring of the device from the backend. This helps give IIoT users greater insight and functionality into and throughout the entire industrial IoT environment.
Conclusion
Device manufacturers, along with software architects and developers, are facing new challenges related to IIoT device management, unknown or changing cloud environments, portability, scalability, and of course, security. There’s growing demand to remotely monitor and diagnose these devices as well.
The Mentor Embedded IoT Framework addresses these challenges and extends the massive investments made by cloud vendors. Mentor’s IoT framework empowers a comprehensive set of IIoT features that can be implemented down to the hardware of the edge or end-node devices and ported across platforms and clouds. The benefits of using such a framework include minimized learning curves, simplified implementations, increased code reuse, and reduced porting, testing, and maintenance costs.
Arvind Raghuraman is a senior architect for the embedded platform solutions group at Mentor, now a Siemens business.