Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News Best Practices for IoT on Azure

Best Practices for IoT on Azure

Depending on who you ask, the Internet of Things is something brand new and revolutionary or just a natural progression of what we’ve been doing for decades. The truth is somewhere in the middle. We have had IoT style devices for a long time, but they’ve either been incredibly simple devices like thermostats or extremely complex devices like fly-by-wire controls on airplanes. What is changing is that we now have the ability to deliver complex devices without incurring costs associated with aviation-style engineering.

With this in mind, Kevin Miller of Microsoft offers these basic guidelines for starting an IoT project.

Pattern: Think big. Start small

Developing IoT devices is much more difficult than pure software. So the mantra when beginning a new project is “Think big. Start small”. Prototyping is incredibly important because you can’t wait until you have shipped a million devices to decide how you are going to ship firmware updates. Conversely, if you build an architecture that only supports 100 devices, then you’ll have to completely rewrite it once you start shipping. So while capacity should start small, scalability must be available.

Warranty periods vary significantly for IoT devices. While most consumer hardware is designed to last a few years, maybe a decade, these are easily replaced. Once you start considering things that are physically built into structures, the warranty period may extend to decades.

Pattern: Telemetry First

It is very hard to predict what data will be useful in advance, so work on that aspect first. Gather what you can, both business data and diagnostics data, and store them in high volume systems. When using Azure this means Event Hub, which can handle millions of messages per second.

Security is easier when you start with telemetry. While privacy and security breaches are still a valid concern, the amount of damage that can be done is fairly limited when compared to what happens when you expose command and control features. For example, a manufacturing company would rather have the number of widgets produced per hour exposed than allow someone to take control of their production line robots.

Once your telemetry and security solution is proven, you can add command and control with confidence.

Product Focus: Stream Analytics

Stream Analytics is Microsoft’s recommended tool for working with massive amounts of message based data. It uses a combination of JavaScript and SQL-like queries to process the data coming through the Event Hub.

The SQL for Stream Analytics offers capabilities that are not normally available in databases. One of these is the ability to group by a sliding window. Sliding windows can be non-overlapping, which is similar to what you would build with SQL Server. Alternately, you can have a continuous sliding window. For example, of you have a 15-second window, you can look at any 15-second period, not just those at the 0, 15, 30, and 45 second marks.

Stream Analytics includes a REST style interface, allowing you to integrate it with any application or data source. In the demo, they showed using the telemetry data and sliding windows find devices that have multiple failures in a 15-second window. Extending this, a monitoring tool can use the REST endpoint to periodically poll Stream Analytics for failing devices and push out an alert to the appropriate people.

Pattern: Don’t interrupt the fast path

Be very careful to avoid putting anything in-between high capacity components. For example, don’t try to massage the data between Event Hub and Stream Insight. If data needs to be cleaned up, do it before it hits the “fat pipe” or after the results come out of the other side.

Pattern: Defense in depth

Security is a shared responsibility. Every part of the system, from the device to the cloud server, needs to be secure. And this requires everyone’s participation; you can’t just buy security like you buy other services. Failure to over every aspect has led to troubling news reports of hacked automobiles and medical devices.

A commonly overlooked scenario is device disposal. If you have a keyless entry system keyed to your phone and that phone is sold, will that phone still be able to unlock your home or car? Or maybe that phone is keyed to your bank account.

So multiple security layers are important. Besides the normal practices, you’ll need to watch for pattern violations such as a device in the wrong place or sending data that is inconsistent with what it normally offers.

For more information on delivering Internet of Things, check out the Channel 9 presentation Best Practices for Creating IoT Solutions with Azure.

Rate this Article