Iot

IoT
Modul 1
In this topic, you'll learn:
 What IoT means

 How to think about IoT in the context of a scenario
You have probably read many different descriptions and definitions for the Internet of
Things, but with so many different sources of information, do you have a clear idea of what
the IoT is?
Articles on the web often include phrases like the following:
 The Internet of Things is the next industrial revolution.

 The Internet of Things is a business revolution enabled by technology.
 The Internet of Things will impact everything and everyone, in our businesses and in
our day-to-day lives.
Those are interesting statements but they're not very descriptive. So what is the Internet of
Things (IoT)? Common definitions go something like the following:
The Internet of Things is the network of physical devices that combine IP connectivity with
software, sensors, actuators, and other electronics to directly integrate the physical world into
our computer-based systems, resulting in efficiency improvements and economic benefits
Again, that sounds amazing. Many definitions even take this a bit further to add something
about making everyone's life easier as well as more efficient and more cost effective.
Although these types of definitions do provide us with some specifics, they often try to
encompass all possibilities within a single sentence, which can make them somewhat
convoluted and confusing. Here is a simpler version of the definition above:
The Internet of Things is a network of Internet connected devices that communicate

embedded sensor data to the cloud for centralized processing
Okay, that gets more to the essence of what IoT is but probably doesn't give us enough
nuance to really understand the space. In fact, coming up with a definition is pretty
challenging even though the core concepts are fairly straightforward. The international
organization Institute of Electrical and Electronics Engineers (IEEE) has been developing a
white paper just on a definition of IoT. Their paper is 75 pages long (86 with glossary and
notes) so far (it's not final) and the definition alone at the end of the paper is roughly four
pages long (pages 70-73). If you want a comprehensive overview of the technology, this is
the place to start.
Thankfully, we don't have to go as deep as the IEEE to get a good overview of the
technology. Put simply, IoT involves two essential components:
1. A device-side (made up of individual devices) that acts as a data source

2. A cloud-side that gathers data and provides resources for analyzing it
Of course, once we dig in we will find that both the device-side and the cloud-side involve
complex implementations that provide hundreds of required features, and even the
communication between the device and cloud requires secure communication protocols. But
at least we have something simple that can get us started.
An Example
Perhaps the best way to understand an IoT solution is to look at how one might be used in a
true-to-life scenario. The specifics of this example are fictional but it should illustrate how
the technology could be used. For more scenarios,see the list the IEEE is compiling here.
The Scenario
Suppose a small town is trying to figure out how to price water during the summer months.
They want the town to look nice and enable people to keep their lawns green but they also
don't want people wasting water which is in shorter supply during the summer. The town's
officials need data to determine how often people actually need to water their lawns to keep
them green and will use those data to help inform what price they should put on water usage
during the summer.
The IoT Solution
The Devices
In order to collect they data they need, the town's officials select 100 houses at random across
the town and ask them to install a small water sensor in their lawns that will detect the
amount of moisture in the soil and send that data over the home's Wi-Fi connection to a
central cloud service that will collect and store the data. The devices have the following
requirements:
 They must be small and unobtrusive.

 They must be able to connect to Wi-Fi and be monitored by the home owner.
 They must be battery operated and be able to run for 6 months without needing a new
battery.
 They must be able to detect moisture in the soil in percent saturation.
 Must be able to store data for a 24-hour period in case the connection with the Wi-Fi
router is lost.
 Must be able to provide a rudimentary failure signal.
There could be a lot of other device requirements but these are the basics the device must
contain. City engineers visit each house that has agreed to install the sensor, places the device
in the yard at an optimal location, connects the device to the home's Wi-Fi router, and tests
the connection with the cloud service.
The Data
The devices are programmed to collect moisture data every hour for a 24 hour period and
average the readings to form a single number that is sent to the cloud service for storage. The
dataset includes the device ID, the GPS location, a time/date stamp, and other relevant
metadata.
The Cloud Service
City engineers developed a cloud-based solution to listen for incoming data from each device
and collect that data in a database. The cloud service also listens for failure signals and can
alert city engineers of an actual or pending device failure. The cloud services include an IoT
gateway that handles communication with the devices, a storage solution to store the data,
stream analytics service to manage the data coming in from the devices and an analytic
services to analyze the data and inform decision making.
Here is a simple diagram that shows how the solution could work for this scenario:
Analytics and Assessment
In our scenario, the town officials may use this data to understand better how often people
actually are watering their lawns, how much they need to and make recommendations both to
homeowners as well as policy makers about water usage and costs. Since weather is variable,
the city engineers may need to collect data for many months to get accurate and actionable
data. But the first step always is to collect the data in the first place and that's the power of
IoT.
Maker, Consumer, and Enterprise IoT

As we learned above, IoT encompasses a lot of different technologies and definitions tend to
be pretty broad. This also is true when we consider how IoT solutions are developed and
implemented. We'll look more closely at this in the next topic but let's look briefly at three
different categories of IoT devices and services.
1. “Maker” IoT. The term "maker" has come to be equated with “hobbyist” and refers
to those who like to build things to experiment or for personal use out of electronic
components. When it comes to IoT, the idea of building unpolished but functional
devices that collect data, using cloud services to gather and store that data, and maybe
even doing analytics on the data collected all is a part of what is included in this
category. But a commercial business may employ a maker's approach to experiment
with ideas, create proof-of-concept devices, do costing, and other planning exercises.
So "maker" need not be limited to hobbyists but describes an approach to
development.
2. Consumer IoT. As we'll see in the next topic, consumer IoT largely consists of
commercial devices and associated services that are geared towards home or personal
use such as connected thermostats or appliances. While the basic IoT concepts apply,
the scope of what the devices collect, how they manage and store data, and how the
data is used may be much more limited than what you'd find in an enterprise
environment.
3. Enterprise IoT. Whereas Consumer IoT is focused on “turnkey” device solutions that
solve specific problems or enable new scenarios for individuals or homes, enterprise-
class IoT is focused on solving specific business problems like efficiency, reducing
waste, increasing speed to market or of production, and providing intelligence on how
business systems are running. A single enterprise may deploy dozens of devices that
work in concert to give a business a single view of a factory or fleet of planes or gas
pipeline. Enterprises also may require real-time data and real-time analysis of those
data in order to make just-in-time adjustments or prevent disastrous consequences
from a failed system. Consumer-grade IoT products rarely require this so the type of
architecture needed in an enterprise will be more involved and require more services
than a consumer solution requires.
---------------------------------------------------------------------------------------------------------------
IoT revolution
In some ways, the core value proposition of IoT has been around for centuries. Even before
the advent of the Internet, people have been, out of necessity, using data to make decisions. A
shop owner keeps an eye on inventory to determine what people tend to buy and ensures her
shop is well stocked with those items. Engineers examine bridges or dams for early signs of
failure and use that information to anticipate upcoming repairs and budgets for those repairs.
A commuter watches the morning news for information about which route to work might be
the quickest.
The promise of IoT is to instrument hundreds of millions of individual pieces of hardware

from cars, to bridge parts to jewelry to collect, store, and analyze data to give us real-time
intelligence on the things we care about.
We saw in the first lesson that IoT is a term being used for a collection of devices and
services that has the power to transform the way we work and live in ways that are similar to
the Internet itself. In this lesson, we'll begin looking at the business and social impact IoT can
have and look at ways the technology is being and can be used.
The Current and Future Impact of IoT

The IEEE has compiled data and makes the following claims[^1] about its current and future
impact:
 In 2015, the global wearables market had already increased 223% from the previous
year (and data on Statista shows it increasing by another 243% between 2015 and
2022)[^2]
 By 2020, 250 million vehicles will be connected to the Internet
 IoT will add 15 trillion dollars to the global economy over the next 20 years
 There will be 50 billion Internet-connected devices by the year 2020.
As the market becomes more mature, these figures will no doubt change but the current trend
looks as if IoT is not only here to stay but positioned to make a substantial impact both
socially, in business, and economically.
[^1]: Source: https://www.comsoc.org/blog/infographic-internet-things-iot
[^2]: Source: https://www.statista.com/statistics/437871/wearables-worldwide-shipments/
Where the Technology is Headed

As with any new technology, predicting where it will go is difficult since advances in
production, new innovations, and unexpected disrupter all have an impact. Given current
trends it looks like Internet-connected devices will be as common place as the integrated
circuit in years to come. In 2008, SRI Consulting Business Intelligence and the United States
National Intelligence Council created the diagram below as a roadmap of where IoT would be
headed. While the pacing of the advances may be inaccurate, the diagram does illustrate a
fairly accurate picture of how IoT is advancing.
Of course, the success of IoT will not rely solely on advances in device technology or even
cloud services (though advances in both are essential). Omar Valdez-de-Leon, in a 2017
article[^3] for the IEEE focuses on 6 areas that will require investment as IoT technology
advances:
1. Platforms. Platform development will enable developing solutions easier and enable
both market verticals and a marketplace.
2. APIs (application programming interfaces). Valdez-de-Leon claims that, “APIs are
the basic building blocks of an IoT ecosystem” and argues that building robust and
market-friendly APIs will help create or ultimately destroy the market effects that will
be essential for IoT adoption.
3. Communities Strong partner communities will enable IoT systems to inter-operate
and that will create a true ecosystem around the technology. Proprietary and isolated
systems will stifle growth.
4. Branded Services True to the open source model, some companies can demonstrate a
commitment to the technology and find ways to make money by branding products
(sometimes called “white labeling”) using partner technology.
5. Revenue Models Generating revenue for IoT products and services will involve
thinking differently about how to work with partners and pricing.
6. Support Often overlooked, ongoing maintenance of partner relationships, updating
aging models, and ensuring partners support their products and services will be key to
ensuring IoT moves beyond an interesting idea to becoming a part of the
technological ecosystem.
[^3]: Source: https://iot.ieee.org/newsletter/may-2017/key-elements-and-enablers-for-

developing-an-iot-ecosystem.html
Business Opportunities
When you hear IoT described, you might be inclined to think about the products and services
you interact with on a daily basis–what business people call “consumer products.” The Nest
thermostat might come to mind because it is a product that is regularly held up as a paradigm
case of an Internet-connected device. The hardware uses data to make decisions about how
you want your home heated or cooled, gives you reports on how you're using energy, and
interacts with other services to report on the weather outside your home.
But IoT is being adopted by businesses of all sizes to enable a host of productivity gains,
make products safer and less prone to error, and build more efficient machines. Microsoft has
highlighted specific use cases to illustrate how the technology is being adopted to enable
companies to run their businesses. The German company Bosch describes IoT in terms of
outcome–what connected devices can produce.
Here is a sample of how IoT can benefit businesses and create new opportunities for
companies adopting the technology.
IOT for manufacturing
Microsoft highlights the following benefits for implementing IoT solutions in a

manufacturing scenario:
 Improved visibility across your manufacturing operations—make more informed

decisions with a real-time picture of operational status
 Improved utilization—maximize asset performance and uptime with the visibility
required for central monitoring and management
 Reduced waste—take faster action to reduce or prevent certain forms of waste,
thanks to insight on key production metrics
 Targeted cost savings—benchmark resource usage and identify inefficiencies to
support operational improvements
 Improved quality—detect and prevent quality problems by finding and addressing
equipment issues sooner
Each of these items can enable a manufacturer to improve efficiency and reduce waste,
increase safety (for both workers and customers), help drive profitability by using real-time
data to make decisions and, with automation, make real-time adjustments to processes.
IoT-enabled Smart City
Telecom company AT&T describes the following benefits of a city fitted with smart devices
that provide real-time data on things like parking, traffic, violent activities, and air quality:
 Enhanced citizen safety

 Optimized public services
 Economic growth
 Improved traffic flow
 Improved environment
 Empowered civic engagement
Businesses can use data from these systems to improve products, innovate on new products to
meet needs that may have been hidden or unknown without the data, and help cities solve
seemingly intractable problems.
Here's an example. The popular traffic app Waze enables users to report on road situations in
real-time like the existence of a dangerous pothole or other hazardous conditions. That data
could be used by city officials to develop maintenance plans to address issues like these in
more efficient ways that improve public safety. While this does involve some user
interaction, it's easy to see how cars or street lamps could be fitted with artificial intelligence
systems to detect conditions like these and report them in an automated way.
IoT-enabled Retail
Analytics company SAS reports that IoT is starting to find its way into the retail experience.
Using devices like RFID tags, mobile devices, and even digital signs, retail is embracing the
advantages IoT can provide. The SAS report highlights five places where retail is using IoT
to enhance their business and customer's experience:
1. Predictive Equipment Maintenance. As we've talked about, equipment, like

refrigerators or point-of-sale devices, that are instrumented with IoT devices can help
manufacturers predict failures and alert service staff when equipment needs to be
maintained.
2. Smart Transportation. Internet-connected trucks and even products can help
optimize the logistics around getting goods from one place to another.
3. Data-aware Warehouses. Retailers can outfit their warehouses with sensors and
inventory tags so product placement in the warehouse can be optimized for easier
access and quicker delivery. SAS anticipates that using automation, warehouses will
“self-organize” to be the most optimal at all times.
4. Connected Consumer. Gone will be the days of mass marketing. Being aware of
who is in your store can help you optimize sales or promotions to meet the needs of
individual shoppers. Shoppers benefit because they can get a sale price on products
that matter to them.
5. Smart Store. Imagine a mall that uses IoT to determine how customers shop and then
enable mall planners to place stores that optimize around those patterns. SAS expects
that this is on its way.
IoT Adoption
In the previous section, we talked about the opportunities business can take advantage of by
adopting IoT solutions. While much of that is forward-looking, you may have come to see
that IoT already is being adopted by many businesses and consumers.
 In a 2018 blog post, Microsoft gave an overview of companies that are starting to use
IoT solutions (specifically built on Azure IoT) in what they call “Smart Buildings.”
These companies are using IoT technology to help people navigate buildings, trigger
maintenance requests, help engineers design better buildings and help property
managers oversee their properties in a more efficient and effective way.
 Technology company Intel is working with many companies to enable IoT solutions.
Intel describes solutions that range from building smarter trains to smarter roads.
They've helped a plastics company determine inefficiencies in their control system as
well as improve their product cycle and reduce inventory risks. Intel's “wearables”
solutions "improve worker efficiency and safety, including hands-free operations of
industrial equipment."
Opportunities Abound
Whether its connecting a thermostat in your home or improving the efficiency of a jet engine,
IoT solutions are the next big wave in technological advancement. Businesses already have
begun to adopt IoT technology and the need for IoT architects and engineers will be growing
over the next decade. Come join the revolution!
IoT for Consumer and Businesses

 The differences between consumer and business IoT solutions

 Ways that consumers are using IoT
 The way data is treated in consumer and business scenarios
In the previous topic, we took a high-level view at how IoT solutions are being used in the
near term to how they might evolve in the long term. In this topic we'll take a closer look at
business and consumer scenarios and sort out the similarities and differences between the
two.
Consider how you might answer the following questions:
 What makes one or more connected devices an IoT implementation?

 What is the difference between consumer devices and the devices used in an IoT
business implementation?
Let's take a look a the first question - what is the difference between a connected device and
an IoT device? For example, a personal computer generally is connected to the Internet. Does
that make it an IoT device? Is a smartwatch or door lock that both have internet connectivity
IoT devices? As we saw in a previous lesson, definitions can be hard to come by but its
possible to put some boundaries around devices that should be included under the umbrella of
IoT and those that should not.
An IoT Device
Here are some criteria that a device should meet to be considered an IoT device. Many of
these properties are defined in the IEEE white paper on IoT and confirmed from other
sources.
1. Connected to the Internet. The most obvious criterion is that the device has a
connection to the internet with a unique identifier, and two-way communication. Both
of these properties are important for a device to be considered a part of an IoT system.
The device has to be unique to ensure secure communications with both the server
and with other devices and the device has to be able to consume and deliver data. A
primary value proposition for IoT is data collection as well as consumption.
2. Secure. Being able to uniquely identify a device on the internet or within an IoT
ecosystem is one aspect of security but making a device secure also means it's
resistant to being hacked (both the hardware and software), uses encrypted
communication protocols, and is immune to mimicry either by an alternate hardware
device or a virtual device.
3. Smart Features. This simply means that the device must have sensors or hardware
that enable it to collect specific data based on events (like smoke in the air or a light
being switched on or a key being turned). There is an implication that the device
should be able to do this without user interaction so it has an “embedded
intelligence.”
4. Communication Capabilities. The device should have the capability to communicate
not only with cloud-based services but with other devices.
5. Configurable. The device should be remotely configurable or have the ability to self-
adjust its configuration based on changes in the ecosystem. This includes the ability to
automatically install updates, modify sensor receptivity, repair problems, and modify
energy consumption among others.
6. Programmable. Like connectivity to the Internet, this should be a basic function of
any connected device but certainly is true of IoT devices. The main idea here is that
the function of the device should be able to be modified without having to make
changes to its hardware. This may mean that a device has a number of sensors that
could be activated or deactivated by software or, if a single-purpose device, the
features should be able to be modified by software to accomplish a different task (for
example, a thermostat that can deliver outside temperature readings from a service vs.
taking the internal temperature readings from a sensor).
These probably wouldn't be considered “core” features but here are other properties to
consider when defining a device as an "IoT device."
 Replaceable. In many scenarios, when an IoT device fails (for example, a sensor on
an airplane engine or wind turbine), the device should be able to be replaced and it's
entire firmware and software settings loaded onto the device quickly and easily. This
could mean that every programmable feature of the device should be able to be stored
in the cloud and downloaded to a replacement device.
 Environmentally Flexible. Depending on the scenario, the device should be able to
maintain power, collect and store data, and smartly upload stored data in the event of
a power outage, and/or loss of Internet connectivity.
Consumer and Business Implementations

Now let's consider the second question - what is the difference between consumer devices
and the devices used in an IoT business implementation? The difference between a consumer
scenario and a business scenario often comes down to how the devices are being used and
why. Or viewed a bit differently, the goals of the implementation and the data being
generated.
When we consider the features of IoT devices above, some may be more important in
business scenarios and others take more prominence in consumer scenarios. For example,
designing a device so it can easily be replaced may be more important in mission-critical
business scenarios than it would be for a consumer device that checks the weather or turns on
your lights.
Let's take a look at a couple of scenarios and how they might differ. Microsoft created a case
study for an IoT implementation for BaxEnergy–a company that supplies analytic and
optimization solutions for energy companies. While this white paper largely is about data
ingestion and processing, it illustrates features of an IoT solution that is relevant for this
business but may not be relevant for a consumer device. Microsoft outlines the following
benefits of IoT in three distinct areas.
Data Ingestion
This area defines how sensors collect and queue data for deliver to the database. Specifically,
the Microsoft solution:
 No complex setup for data acquisition via VPN

 Workload reduced to read/write operations by establishing queues
 Data flow divided into hot and cold paths
 Asynchronous model allows for temporary storage of the data without putting more
pressure on the already busy databases
Data in Motion
This category defines how the solution improves real-time monitoring of the energy plant.
The article notes the following improvements:
 Visualizing real-time monitoring without accessing the database
 Presenting the data in nearly real time
 Portal still allowing for execution of queries on historical data
 Immediate notification as soon as the device is not sending any data
Messaging and Analytics
This category describes how incoming data is analyzed workflows are triggered based on
certain event parameters.
 Creation of automatic workflows and additional services

 Instantaneous notification to wind farm operators so they can take immediate action
 Cost-effective feature
 Real-time data analytics
The advantages provided to BaxEnergy from this particular IoT implementation may be true
of many business scenarios. Real time monitoring and reporting, real-time analytics, problem
reporting, and asynchronous data communication are essential in many business contexts.
These probably wouldn't be true in most consumer contexts.
For example, taking the paradigm case of a connected thermostat, getting real-time
information about energy usage may not be that important. A customer may only need (and
actually prefer) weekly or monthly reports so the data the device is collecting doesn't need to
be analyzed in real time or available immediately after it's collected. Similarly, the home
thermostat may not need to be able to initiate additional workflows when specific events
occur or queue data if the power goes out.
Consumer versus Business Goals for IoT

Consumer Products and IoT
Individual consumers implement cloud connected devices (such as doorbells, thermostats,

and even refrigerators) in order to make their life easier, more comfortable, or more secure.
Consumer devices in the home are not typically being used for the same purpose as an IoT
device implemented in a business scenario.
While IoT in the consumer space is still fairly nascent, there regularly are new examples of
the technology being used to improve customer experiences and expand product features.
Here are a few scenarios (some with which you may already be familar):
 Connected Refrigerators. The Samsung “Family Hub” line of refrigerators includes

a large, touch screen that enables customers to more easily track their food inventory
through the use of interior, web-enabled cameras, an easy-to-use shopping list,
calendaring and TV mirroring features. While the element of data collection and
analysis isn't central to this IoT solution, the refrigerator is an early look at the
potential for connected appliances.
 Connected Doorbells and Cameras. Many companies have gotten into the consumer
doorbell and camera business. The Ring system and Google's Nest Hello device are
examples. These doorbells record and store video and enable two-way voice and one-
way video calling for people at the door. The Nest device will do facial recognition
and use AI to determine which type of object it detects (car, person, animal).
 Connected Thermostats. As we mentioned earlier, the connected thermostat is
probably the most widely-used example of an IoT consumer device most likely
because it was one of the first connected devices to check all the boxes in terms of
using an IoT architecture. The most famous device is the Nest Thermostat but there
are others. Microsoft recently released its GLAS thermostat in partnership with
Johnson Controls and Honeywell has a line of connected thermostats. These devices
enable customers to view and control their indoor temperature anywhere using a
mobile device and an internet connection, set a heating and cooling schedule, view
historical data on their home's temperature and energy consumption, and even get
alerts when their heater's filter needs to be changed.
There are many other connected devices coming to market, that range from practical to weird.
But the possibilities are nearly endless. Consumers are moving from a mindset of
experimentation to anticipation that will soon evolve into expectation as connected devices
enable customers to do more.
Business Goals and IoT
In a way, business goals for IoT are simple compared with consumer goals. Businesses tend
to implement IoT solutions in order to be more profitable, to increase safety for their work
force, and to more easily comply with government regulations in order to create a better
business environment. Profitability can be realized either directly through cost reductions or
indirectly through competitive advantage. For example, businesses can use IoT to reduce
their manufacturing or operating costs, which increase profits directly. Or, a business could
use IoT to provide customers with improved service, resulting in increased market share (and
overall profits). In most cases both the business and their customer benefit.
Business goals for IoT focus on improvement in one or more of the following areas:
 Product Quality and Extended Product Lifetime

 Service Reliability and Uptime
 Operating Efficiency
 Workforce safety
 Governmental compliance
We've been looking at specific business-focused scenarios for IoT solutions but you can read
more at the Microsoft IoT site to see examples of how industry and vertical lines of business
are using the technology.
Strategies for Implementing IoT

 How businesses are rolling out IoT implementations

 Differences in vertical market implementations
 How businesses are using solution accelerators to get started
In the last lesson, we looked at some how IoT can offer advantages for businesses that
implement the technology. We took a look at a case study on how BaxEnergy was able to
leverage IoT technology to improve data collection and analytics for their customers. In this
lesson, we'll look at specific strategies businesses are using to deploy IoT solutions.
Getting Started
As with most technology, an enterprise may adopt IoT to solve specific business problems or
to take advantage of new opportunities. In either case, the process starts with a project plan
that defines how the technology will be used to meet the goals of the business.
Stephanie Jernigan and Sam Ransbotham in an article for MITSloan Management Review
offer the following guidance for getting an IoT solution off the ground.
1. Keep the initial scope small. Since an IoT solution involves devices as well as cloud
services, doing small experiments with an initially low-cost investment gives business
the ability to try things and adjust quickly without spending too much capital on the
front side. They write, “The result of such an approach is that future phases aren’t
saddled with large compatibility requirements from the first phase. Low investments
mean lower sunk costs for replacement (if necessary). And fewer relationships mean
fewer affected systems in other organizations.”
2. Think about the short- and long-term value of IoT. Companies may have an initial
set of metrics they want to meet or goals they want to achieve with an IoT solution.
But the authors advise that businesses should stay open to possibilities that they may
not conceive of at the beginning of a project. In other words, it may be best to think of
implementing an IoT solution and think of IoT as an on-going experiment.
3. Consider Alternatives. A good way to figure out what an IoT implementation ought
to do is to think about other ways you might get the data you need. If implementing
IoT is the best way to get that data, then its more likely that the project will be
successful.
IoT Governance
As you plan an IoT solution, engineering and deploying the solution are just the beginning of
the solution as a whole. Given the complexities of an IoT solution, planning for how an IoT
solution will be maintained and monitored is essential to make the project successful. This
topic is often referred to as IoT Governance, and is a topic that Microsoft and others have
worked on to provide guidance.
Microsoft's cloud offering, Azure, has been built from the ground up to align with the needs
of the Enterprise and has created a documentation hub, the Azure Architecture Center, which
provides access to resources that provide general guidelines and best practices for governance
strategies.
Let's look at the major aspects of IoT governance in turn.
Develop an IoT technical strategy

Similar to the MIT Sloan Review guidance, a successful IoT deployment will include a
robust planning phase that will define all aspects of the solution. IBM recommends focusing
on business objectives and the team members you'll need to not only build and deploy the
solution but to maintain the hardware, software, and cloud services as well as analyze and act
on the data.
Microsoft's guidance stresses the importance of identifying the key stakeholders and
managing cross-team buy-in at this early stage. This helps to ensure that the essential
business goals are identified and on-going sponsorship is maintained though the project
lifecycle. Of course, prototyping and experimentation are important in this “Proof of Value”
phase as are the operational aspects of the deployment including automation and fine-tuning
the solution.
In order to accelerate the Proof of Value phase, Microsoft has provided Azure IoT Central - a
“Software as a Service” IoT Offering, as well as a number of preconfigured solution
accelerators that can be used as the basis of custom solutions:
 Remote Monitoring
 Connected Factory
 Predictive Maintenance
 Device Simulation
Define an IoT reference architecture
A reference architecture is a guide against which all IoT implementations will be based. By
using a reference architecture, you can ensure that when an IoT solution is being developed
for your organization, each implementation is doing things in generally the same way. It also
helps ensure that best practices are being followed and that reusable elements are being
shared across implementations. The governance policy should enforce that the reference
architecture includes all the elements and best practices that you want to be used across IoT
implementations. To support the development of a governance strategy, Microsoft has a
dedicated documentation hub for governance that provides a collection of concepts and
services that are designed to enable management of various Azure resources at scale.
Throughout this course, we'll be referring to Microsoft's own reference architecture document
as a guide for how to implement an IoT solution based on Microsoft's software and services.
As the Azure IoT Reference Architecture document states:
Every organization has unique skills and experience and every IoT application has unique
needs and considerations.
So while the reference document can be a good start for your own reference architecture
document, the reference architecture and technology choices recommended should be
modified as needed for each.
A key aspect of any reference architecture is security. As Microsoft states:
When designing a system, it is important to understand the potential threats to that system,
and add appropriate defenses accordingly, as the system is designed and architected. It is
important to design the product from the start with security in mind because understanding
how an attacker might be able to compromise a system helps make sure appropriate
mitigations are in place from the beginning.
The Azure IoT Reference Architecture has been designed to incorporate many of the
foundational governance and security guiding principals:
 Governance Design
 Prescriptive subscription governance
 Internet of Things (IoT) security architecture
Acquire the right roles or skills on the development team
Because of the complexity of developing and maintaining IoT solutions, IBM recommends
specific roles for building the team you'll need for the entire development and support life
cycle of the solution. Specifically, they recommend the solution include:
 IoT architect role that defines the entire solution including the strategy, integration
approach, and best practices.
 IoT developer who is focused on implementation and definition for the technical
implementation of the solution.
 Data analyst role which focuses on all aspects of the data collection, modeling, and
analysis and reporting strategy.
 IoT tester who manages quality control for the entire solution and ensures the system
is secure.
 Device SME (subject matter expert) who defines the device specifications and works
with the other roles to ensure the right devices are in place and how those devices
should be managed over the life cycle of the solution.
 Security Architect. IBM calls this out as a distinct role for good reason. Security
should be thought of as a solution, according to IBM, and not merely a feature of the
system. The security architect defines all aspects of the security of the solution
including data collection and analysis, network operation, and governance practices
(among others).
In addition to the development team, IBM recommends forming an IoT “Center of

Excellence” which essentially is a governance board (or person depending on the size of the
project) that is responsible for defining and governing everything from the business side of
the solution to the operational side. The CoE would work with the solution architect (who
most likely would be a key member) and help create the reference architecture. IBM defines a
number of other roles for the CoE including analyzing the solution for reuse opportunities,
promoting the adoption of best practices, and working with vendors device and platform
vendors that will develop key aspects of the solution.
Define your IoT governance processes and policies
All of the above would fall under IoT governance and requires written policies and processes
that should be “followed, applied, and enforced” to make the IoT solution successful and
secure.
Business Models for IoT

 How to think about the business of IoT

 How IoT can enhance your products or business
 About key aspects of an IoT business model and how to decide what you might need
in yours
Do you want upfront revenue or a continuous revenue stream? Can you charge more for your
product because it’s highly differentiated? Knowing the answers to these and other questions
will help you determine which business model is right for your IoT solution.
In this task, you will investigate the different approaches your business can take in the
transition to IoT. You will be working through a guide that Microsoft has assembled that will
help you understand how IoT can benefit your business. If you're not an active participant in
a business, think about a business you regularly engage with like a postal service or a utilities
company. You'll use this company or business as you work through the exercise below.
Note: As a part of the capstone for this course, you will be required to write a business model
for your solution. This topic will help you think through key aspects of a business model and
will help you as you work on the capstone.
We'll walk through this guide step-by-step and then give you questions to consider as you
think about a business model for your IoT solution.
Success with IoT starts with the right strategy

1. Open your web browser and then navigate to
https://content.microsoft.com/iot/business-models
2. Sign up to explore new business models that you can enable with an IoT solution.
3. Reach each of the sections under Four pillars of what IoT can do for your business.
4. Next read each of the sections under Three things to look for in a good business
model
Now consider the following as you think about a business model for your solution. As you
think about these questions, keep the three aspects of a good business model your read about
in step 4 above in mind.
 When you think about your business which of the four pillars would be most relevant?
 Based on your answer to question 1, in what ways could you implement that pillar to
improve your business? Think specifically of goals an IoT solution could help you
reach or problems it could help you solve in that specific area.
Now click Continue to the Next Section at the bottom of the page.
Choose the right IoT-enabled business model

This page discusses ways companies can get value from an IoT solution. It breaks the value
into two axes with “pricing power” (the ability to aggressively and competitively price
products and services) along the 'y' axis and “revenue recurrence” (the ability to generate
regular and consistent revenue) along the 'x' axis. The six business models the page covers
fall along those axes each providing different value depending on what you want to
accomplish.
Now read each of the sections under the topic titled, Which IoT-enabled business model is
right for you? These section define each of the models in the chart and describe their pros
and cons. As your read through the sections, think about what you decided about how you
want to improve your business from the first section and use those goals or problems to solve
as a way to filter the business models in this section. Ideally, you'll want to focus on one or
two of the models described on the page. It's generally not possible to do everything
described there all at once.
When you're done working through each of the sections, consider the following questions as
you develop your business model:
 Which business model best applied to the goals you want to reach or problems you
want to solve for your business? Why did you choose that model? Be as specific as
you can as you can use your answer to define how you will implement an IoT solution
to address your business needs.
 Would more than one model work for your business? If so, in what order would you
implement the model for your business and why? Answering these questions can help
you develop a long-term approach to your IoT solution. You may want to implement
more than one business model in stages depending on the needs of your business.
 Are there business models described on the page that would be out of scope for your
IoT solution? If so, why wouldn't you include them? Answering these questions will
help refine what architects call “non-goals”–things you want to make sure don't
distract you from focusing on what is important.
Now click Continue to the next section at the bottom of the page.
Start your IoT Engines

This page is about action: how you will get started building an business model around IoT.
While this is focused on Microsoft's offering, you should consider how you would implement
IoT as a general technology solution for the business you're considering. As you think about
putting an IoT-enabled business model together, use the information you gathered in the
previous sections to describe the following:
1. The goals you want to achieve and the problems you want to solve with IoT as it
relates to your specific business.
2. The relationship between cost and benefit in implementing an IoT solution. This will
involve analyzing all the resources and expenditures you'll need for an IoT solution
and whether the benefits your business will derive from implementing the solution
will offset those costs. (You'll be working through a couple of laps in upcoming
lessons where you'll have an opportunity to practice this.)
3. How you will “sell” an IoT solution to business stakeholders and partners. While an
IoT-enabled business may sound "modern" in theory, a solid business model will have
to show why an IoT solution makes sense for your business. This is related to the
previous consideration on cost but this consideration goes beyond cost and involves
things like company culture, core values and priorities, and similar aspects. Your
business model should address these considerations.
4. How your IoT solution will be perceived by your customers. You may have to
consider if an IoT solution is good for your business overall even if it makes financial
sense. For example, some businesses may work with customers who are unfamiliar
with or skeptical of using devices that collect data. You may have to consider if
implementing IoT for your customers would be perceived as a security or privacy risk
even if no real risk is involved. You'll have to consider how to message this.
5. What you need to get started. A solid business model will address the specific steps
involved in getting an IoT solution off the ground. As we saw in earlier lessons in this
module, this will involve a prototyping and testing phase as well as a full analysis of
the costs, the team needed, and how the project will progress once the initial stage is
complete.
6. How you maintain the solution over the long term. We studied this in previous lessons
in the course and this consideration involves taking a long-term approach to an IoT
solution. A business model should not only address the immediate concerns of getting
a solution implemented but how the business will maintain and operationalize the
solution over the long term.
IoT Business Scenarios

In this lesson, you will explore the ways that different businesses/industries (often referred to
as “verticals” by industry experts to denote the depth of a solution rather than it's breadth)
implement IoT solutions. Each vertical has their own specific needs and problems that must
be addressed, so the IoT implementation within a vertical is often customized in some
manner to address their requirements. Of course, there is a significant overlap between
verticals, but as we saw in lesson 1 of this module, it's important to think through the needs of
the industry for which you are creating an IoT solution.
As you might imagine, IoT can be implemented in both small and large businesses, and in
nearly any type of business as well. Some of the industry verticals that have a high adoption
rate are listed below. We won't be exploring all of theses verticals during this course, but we
have selected a few that demonstrate the different approaches that may be applied by
businesses within a vertical during the design and implementation of an IoT solution.
 Manufacturing
 Smart City
 Smart Building
 Healthcare
 Energy
 Transportation and Smart Vehicles
 Logistics and Inventory Management
 Retail
 Agriculture
IoT For Manufacturing

 How IoT can revolutionize a manufacturing scenario
 Ways to implement an IoT solution for this vertical
 How companies are using IoT today to impact their manufacturing business
We saw in the previous topic that instrumenting a factory floor with IoT devices can enable
factory managers and line workers to better anticipate problems, understand where critical
systems are failing and improve the overall operation of a single factory or a network of
factories around the world. In this topic, we'll take a closer look at what IoT can do for the
manufacturing industry and how you can get started building a connected factory solution.
Monitor Manufacturing Equipment

Improve your processes using industrial IoT. Use sensors and advanced analytics to predict
needed maintenance, and reduce unplanned downtime cutting into production time. See
https://blogs.microsoft.com/iot/2016/04/29/intelligent-manufacturing-takes-plant-operations-
to-the-next-level-of-iot/
Monitor Customer Equipment

Create new business models that offer predictive maintenance and performance monitoring
for the equipment you produce, delivering a richer customer experience.
Improve Field Service

Access sensor data to improve field service scheduling, ensuring the right technicians and
tools are dispatched before potential issues become a major problem.
Capitalize on the factory of the future

The factory of the future is enabling companies to seize new opportunities by expanding their
value chain, implementing more agile production, and discovering new revenue streams. At
the center of this change is IoT’s ability to transform the entire connected manufacturing
ecosystem, from R&D, through the supply chain, to customer service. See
https://enterprise.microsoft.com/en-us/trends/the-factory-of-the-future/
Competing in the Digital Age of Manufacturing

Operational technology and information technology are coming together for the first time,
creating new opportunities for digital manufacturers. Connected products, people and things
produce terabytes of data every day that manufacturers can access and extract deep insights to
optimize business and manufacturing processes better than ever before.
More importantly, insight from this data helps manufacturers identify new revenue streams
by developing high-value service offerings focused on how products and customers interact
in the real world.
This transformation is changing the landscape for manufacturers, enabling them to
differentiate themselves, achieve operational excellence and disrupt markets.
The Connected Factory

Len Calderone for the website “Manufacturing Tomorrow” describes a connected factory as
"An array of innovations that impact a consolidated, connected and flexible model of
organizing factory operations. These improvements primarily relate to the ability of machines
to efficiently communicate with each other, the integrated flow of data to a centralized
platform, and cross-device functionality."
Put simply, this means that an IoT-enabled factory will use devices that communicate with
each other and the cloud to capture and collect real-time data to enable a more efficient and
productive factory. This is the promise of IoT that we've been reinforcing throughout this
course and applied to this particular scenario.
At a very high level, a connected factory will use IoT devices to communicate machine
information with other machines as well as cloud services, collect and store data from those
machines, and enable the creation of reports and alerts.
The Future of Industry is IoT

The value proposition for disrupting industry and manufacturing using IoT solutions is high
and corporations are just scratching the surface of what IoT can offer. As devices become
cheaper and more reliable and cloud services add features that enable quicker startup times,
better data collection and analytic options, as well as device management and maintenance
features, the way products are built will change for the better.
To get started with an IoT manufacturing solution, explore the resources below.
Further Resources for Getting Started
An e-book, infographic, and more on the factory of the future: Azure IoT Connected
Factory solution
Whitepaper: Realize the potential of a connected factory: Connected Factory whitepaper
Solution Accelerator: Connected Factory: Create Connected Factory solution
IoT For Healthcare

 How IoT can impact both the healthcare provider's ability to provide care and help
patients take more control over their care
 How healthcare providers are using IoT today to impact their work
In a 2014 article, Forbes quotes McKinsey & Company who predicted that by 2020,
healthcare spending will surpass 1 trillion USD – in China alone. It can be difficult to think of
healthcare as an industry since it's in the “business” of dealing with life and death. But the
reality is that there is a lot of money involved in providing healthcare so finding ways to do
more with less is a constant goal. But IoT has the potential for impacting much more than the
economics of healthcare. IoT has the potential to be a disrupter in this vertical by providing
better optimization of equipment and personnel, enable non-traditional options for self care,
and help monitor and maintain essential equipment used in providing care.
Healthcare: Personalized
While there are many potential applications for IoT in the healthcare industry, applying
solutions can be tricky as concerns about patient privacy, misdiagnoses, security breaches,
and malfunctioning equipment can make patients and doctors hesitant about adopting the
technology. When architecting an IoT solution for healthcare that involves direct patient
interaction, special care has to be taken to account for these factors.
Still, when taking these concerns into consideration, IoT has the power to provide better care
in real-time and lower costs. In a 2015 report prepared by the consulting firm Deloitte, the
authors write,
In striving to improve outcomes and reduce costs, health care providers have long struggled
with several nagging problems—most notably, their interactions with their patients are
sporadic, giving them little insight into the daily decisions and activities that have a huge
impact on patient health. Providers could be much more effective in supporting their patients’
health if it was easy, or even automatic, for information and feedback to flow between
patients, providers, and caregivers.
Some of these scenarios involve critical care such as alerts being sent to caregivers for remote
patients that are experiencing an issue with their health or a device intended to address their
health.
But not all IoT healthcare applications need to focus on critical situations. As with other
verticals, the primary value of IoT as it applies to healthcare is in the data generated by the
devices and services in the ecosystem. Deloitte agrees,
Where data about consumers have been critical to the transformation in retail, in health care
the key is patient-generated data (PGD), defined as ‘health-related data created, recorded,
gathered, or inferred by or from patients or their designees to help address a health concern.’
Areas of Opportunity
Deloitte outlines three primary areas for growth and adoption of IoT technologies in
heathcare. Some of these opportunities overlap with other verticals we're looking at but
healthcare is unique in specific ways.
Short-term care planning
Providing patients with a plan for self care once they leave a medical facility as well as
reminding patients of their plan and monitoring how well they're following that plan is one
scenario the reports calls out as an area ripe for IoT solutions. For example, an app on a
mobile device or wearable that can help remind patients to take medication or follow a
physical therapy routine and monitor how often they follow those instructions can help
healthcare providers understand challenges, prepare for follow up visits, and create
modifications to a plan that may be more effective for specific patients.
Chronic-disease management and home care

Similarly, IoT devices and services can help those in long-term care, chronic-disease
management and in frail condition to give health-care providers real-time information on
their condition (e.g. an elderly person that has fallen or a diabetic whose glucose levels have
reached critical levels). And the collection of data across hundreds of thousands of patients
can help healthcare providers build models that will service new patients in the future. This
points to the last item in Deloitte's list.
Population-based evidence creation
The authors point out that much of the current use of data has been used for risk analysis and
health underwriting. But big data collected by IoT systems can help healthcare providers
better understand health trends across populations and be used to prevent disease rather than
merely manage it. Here's an example cited by the authors:
Current State Examples of IoT opportunities Benefits

Evidence-based care Understanding the unique Improved treatment
determination often comes causes of a disease, patient guidelines to reflect
from data collected through profiles that may be more variances in certain patient
surveys and clinical studies responsive to certain treatments, populations through the use
not utilizing Internet-enabled or patients who suffer more of larger population sample
devices serious side effects sizes and mobile technology
IoT solutions will enable significant advances in healthcare over the next decade. While there
are many challenges to overcome–some technical, others social–this vertical is primed for
disruption and innovation.
IoT For Retail

 How IoT can be used for a better retail experience for both retailers and their
customers.
 How retailers are using IoT today to impact their businesses
When people mention or hear about IoT, it's likely that the idea of a smart thermostat comes
to mind or the term evokes thoughts of connected stores that use RFID tags to monitor
inventory and enable a cashless payment system. Retail has the potential to offer the easiest
entry point for an IoT developer since the vertical is so massive in both scope and
opportunity. From vending machines to signage, the potential for IoT to disrupt the retail
experience–for sellers and consumers–is massive.
While there are others, we can define four main benefits that IoT solutions offer to retailers
and customers as illustrated in this graphic:
 Operational Efficiency: As we saw with IoT for Manufacturing, in the retail space,
IoT can enable retailers to optimize their staff, delivery, security, and other parts of
their supply chain. This can ensure the right products are on the shelf at the right time,
that customers are kept safe at all hours of the day or night, and that theft and loss are
kept to a minimum. Equipping shipping containers that enable stores to track product
availability, using cloud-enabled web cameras and using mobile devices to enable
easier communication with staff and track their hours can reduce the overall load
retailers are burdened with.
 Inventory Management: In a paper outlining the benefits of IoT for the retail
experience, Intel makes the claim that IoT can help retailers “achieve near-100-
percent inventory accuracy.” And this isn't merely about preventing lossUsing big
data, retailers can ensure that products customers want and care about are always on
the shelf and items purchased less often don't consume valuable shelf space.
 Improved Customer Experience: As we saw above with the Amazon Go store
experience, customers can benefit from IoT solutions in retail by being able to
purchase the products they want with less friction. By eliminating checkout lines and
eliminating the need for customers to carry cash or credit cards, customers get more
time back and can be safer shopping. Of course, privacy is always a concern in these
scenarios so IoT architects need to take great care to find the right balance between
technical advances and privacy concerns.
 Cost Efficiency and Savings: All of the above items should result in more efficient
operations and reduce costs in terms of both running the business and supporting
customers. Intel goes further and says IoT can be used to “lower energy usage by
powering down lighting, POS, and HVAC systems” as well as "reduce POS [point of
sale] repair costs and downtime." The idea is that retailers can not only outfit the retail
experience with an IoT architecture but outfit the stores themselves to make retail
operations “smart.”
See Module 4 for more examples and details on how actual retailers are using IoT to enhance
their businesses.
IoT For Smart Cities and Buildings
 How IoT can be used to create smarter cities that optimize safety and efficiency.
 How cities are using IoT today to impact their citizens
If you've installed and use any one of the many “smart home” devices on the market today,
you are becoming familiar with the value of a smart home: improved safety through lock
monitoring, automatic lighting, and security cameras and increased productivity and
efficiency through home automation. These consumer examples of IoT, when extrapolated to
the scale of a town or city, show us what can be possible in making where we live safer, more
efficient, and better places to work and play.
As we saw with the healthcare vertical, when many people talk about “smart cities” dystopic
images of "Big Brother" watching our every move are painted and many have concerns about
invasions of privacy and too much central control. While many of these concerns are valid,
and architects of IoT solutions need to consider the right balance between innovation and
personal privacy, the opportunities to improve civic life through IoT are enormous and, with
proper controls and privacy considerations in place, can make communities safer, more
efficient, and easier to live in.
Let's look at some ways “smart cities” can improve life for communities of people. Microsoft
has outlined four primary ways IoT can transform this vertical and we'll look at each in turn.
Optimize natural resource use

Making better use of natural resources is more than a political slogan. Doing more with less
makes good economic sense (as any successful business person can attest to) and makes for
better stewardship in using the resources we have. IoT implementations can help the citizens
of cities minimize waste, use power more intelligently, and make the best use of resources for
farming, mining, and energy.
Create safer cities

"By connecting to the Internet and using cloud-based analytics tools, city governments can
aggregate anonymous, raw numbers into intelligent insights that can improve how they
deliver services and respond to emergencies — all to improve the quality of urban life."[^1]
As we'll see in the next topic on transportation, city life is a buzzing array of complex
variables that are under continual change. While cities to have a “heartbeat” and rhythm, the
regularity is a product of a variety of individual activities all occurring at the same time.
From an IoT perspective, this can create a data management and analytics challenge. But it
also creates a lot of problems for city managers:
 How does a city ensure emergency services have enough resources to meet the
demands of the city?
 How do managers of those emergency resources deploy the resources in the most
efficient ways to keep citizens safe?
 How does a city manage high demand (say for a significant weather event)?
 Does demand vary based on the time of the day or the time of the year?
To be sure, city and services managers have gotten very good at managing many of these
scenarios. But IoT solutions can refine these abilities and provide more powerful tools to help
those responsible for keeping citizens safe.
Create smart buildings

As we've been seeing in the other verticals, IoT technology can bring value to a segment or
vertical by collecting and aggregating data for insights that formerly would have been hidden
without the data collection. These insights can help enable cost savings, efficiency, and even
comfort and safety. All these are true when it comes to smart buildings.
Improve field service

The final area of focus for “smart cities” is providing quicker and more efficient services for
public equipment and utilities. Providing the ability for municipalities and service providers
to instrument equipment, get data, and respond to problems, can make cities safer and make
life better in the city. From repairing street lamps and roadways to monitoring and
anticipating problems in public utilities, IoT can help cities better maintain their
infrastructure and respond to problems.
These are a couple of examples of how IoT can be used in intelligent city scenarios. There are
many more opportunities to innovate in this vertical.
Here is a list of some of the top initiatives being driven by industry leaders in this space.
 Johnson Controls is developing an extensible, connected platform capable of

integrating with virtually any building component—from building sensors and
thermostats through rooftop air handling and chiller systems.
 IBM is working with municipalities to improve water utilities by using IoT solutions
to detect problems and use data to build in efficiencies and improve water safety.
 The municipality of Selangor in Malaysia is using IoT to improve roadway safety and
alert engineers of problems so repairs can be made more quickly keeping drivers
safer.
For more stories and ideas, check out Microsoft's IoT site for smart cities.
[^1]: Source: https://blogs.microsoft.com/iot/2016/07/15/to-get-smart-cities-must-get-

connected-and-have-an-iot-plan/
IoT For Transportation and Logistics
 How IoT can be used to create smarter roadways with improved traffic flow and
transportation options.
 How transportation providers are using IoT today to impact their customers
Transportation advances are perhaps the most exciting area where IoT solutions are being
developed. Getting from one place to another can be an arduous, frustrating, and sometimes
dangerous thing to do. Anyone who has spent more than an hour sitting in traffic has said to
themselves, “There has to be a better way.” What makes this vertical so exciting is the many
opportunities for improvement and innovation it presents.[^1]
[^1]: In many ways, IoT for transportation is a sub-category of the previous topic, IoT for
smart cities. But the space is so large and there are so many unique opportunities for
innovation that it warrants its own topic. But in terms of learning, it can be helpful to
consider this topic together with the previous one.
In 2012, Google created a video that demonstrates their early thinking into autonomous
vehicles. Part of their vision is that each vehicle is connected to a central service (a cloud
service) and to each other enabling the system and each vehicle know where all other
vehicles are at any given time.
https://www.youtube.com/watch?v=4pbAI40dK0A&feature=youtu.be
This would enable intersections without traffic lights and minimize the need for vehicles to
stop or even slow down as they entered the intersection. Using predictive analytics and
location awareness, vehicles would know where they are in the “swarm” of vehicles and
navigate appropriately. The video shows computer models that demonstrate this ability (the
model illustration starts at the 55 second mark).
Viewing Transportation Holistically

But individual vehicle advances are only part of the opportunity space that IoT can address.
As we saw in the previous topic, transportation needs to be viewed as an ecosystem which
each part working together. The more complex the variables in that ecosystem, the more
complex the solution will be.
While their application isn't in the transportation vertical specifically, General Electric is
attempting to solve complex problems by processing large amounts of data (called “Big
Data” by industry professionals). In an article for the MIT Sloan Review, the author describes
how GE has developed an analytics engine to process "50 million data variables from 10
million sensors" to do more robust predictive analytics which increases it's ability to find the
cause of problems and not merely get alerted when a problem exists.
The problem space is similar to what we find in a complex system like transportation and any
IoT solution or set of solutions will have to deal with the problem of big data. Bill Ruh, the
chief digital officer at GE describes the problem his team faces as if they were dealing with
an organic life form:
Machines generate time-series data, which is very different than social or transactional data.
We had to optimize for the kinds of analytics that would help us understand the behavior of
machines. (p. 5)
This accurately describes the problem of transportation even in a localized scenario like a
city. Vehicles, people, pets, and other objects move–they have behaviors. Any IoT
transportation solution has to account for those behaviors and orchestrate whatever variables
are under its control (the vehicle itself, traffic lights, lighting systems, road or track
modification systems) appropriately. This will involve analyzing enormous amounts of data
in real time and creating a decision engine that can set a large number of variables in a
productive, efficient, and safe way.
And while economics is a factor in transportation solutions, governments may be more

interested in efficiency and safety which creates a different dynamic for solution architects
compared to the other verticals we've been looking at.
----------------------------------------------------------------------------------------------------------------
Core Subsystems of an IoT Architecture

At the core an IoT application consists of the following subsystems: 1) devices (and/or on
premise edge gateways) that have the ability to securely register with the cloud, and
connectivity options for sending and receiving data with the cloud, 2) a cloud gateway
service, or hub, to securely accept that data and provide device management capabilities, 3)
stream processors that consume that data, integrate with business processes, and place the
data into storage, and 4) a user interface to visualize telemetry data and facilitate device
management. Following, these subsystems are briefly described with prescriptive technology
recommendations.
1. Cloud Gateway: The Cloud Gateway provides a cloud hub for secure connectivity,
telemetry and event ingestion and device management (including command and
control) capabilities.
2. Stream Processing: Processes large streams of data records and evaluates rules for
those streams.
3. Business Process Integration: Facilitates executing actions based on insights
garnered from device telemetry data during stream processing. Integration could
include storage of informational messages, alarms, sending email or SMS, integration
with CRM, and more.
4. Storage: Storage can be divided into warm path (data that is required to be available
for reporting and visualization immediately from devices), and cold path (data that is
stored longer term and used for batch processing).
5. User Interface: The user interface for an IoT application can be delivered on a wide
array of device types, in native applications, and browsers.
Optional Subsystems of an IoT Architecture

In addition to the core subsystems many IoT applications will include subsystems for: 5)
telemetry data transformation which allows restructuring, combination, or transformation of
telemetry data sent from devices, 6) machine learning which allows predictive algorithms to
be executed over historical telemetry data, enabling scenarios such as predictive maintenance,
and 7) user management which allows splitting of functionality amongst different roles and
users.
1. Data transformation: The manipulation or aggregation of the telemetry stream either

before or after it is received by the cloud gateway service (the IoT Hub).
Manipulation can include protocol transformation (e.g. converting binary streamed
data to JSON), combining data points, and more.
2. Machine Learning (ML) Subsystem: Enables systems to learn from data and
experiences and to act without being explicitly programmed. Scenarios such as
predictive maintenance are enabled through ML.
3. User Management Subsystem: Allows specification of different capabilities for
users and groups to perform actions on devices (e.g. command and control such as
upgrading firmware for a device) and capabilities for users in applications.
Cross-Cutting Architectural Concerns

There are multiple cross-cutting needs for IoT applications that are critical for success
including: 8) security requirements; including user management and auditing, device
connectivity, in-transit telemetry, and at rest security, 9) logging and monitoring for an IoT
cloud application is critical for determining health and for troubleshooting failures both for
individual subsystems and the application as a whole, and 10) high availability and disaster
recovery which is used to rapidly recover from systemic failures.
1. Security: Security is a critical consideration in each of the subsystems. Protecting IoT

solutions requires secure provisioning of devices, secure connectivity between
devices, edge devices, and the cloud, secure access to the backend solutions, and
secure data protection in the cloud during processing and storage (encryption at rest).
2. Logging and monitoring: Logging actions and monitoring activity of IoT application
is critical for determining system uptime and troubleshooting failures.
3. High availability and disaster recovery (HA/DR): This focuses on ensuring an IoT
system is always available, including from failures resulting from disasters. The
technology used in IoT subsystems have different failover and cross-region support
characteristics. For IoT applications this can result in requiring hosting of duplicate
services and duplicating application data across regions depending on acceptable
failover downtime and data loss.
Data Flow and Processing

Note: See IoT Reference Architecture section 3.6
As data is delivered to the IoT, it is important to understand how the flow of data processing
may vary. Depending on scenarios and applications, data records can flow through different
stages, combined in different order, and often processed by concurrent, parallel tasks.
These stages can be classified in four categories - storage, routing, analysis and
action/display:
 Storage includes in-memory caches, temporary queues and permanent archives (e.g. a
database).
 Routing allows sending data records to one or more storage endpoints, analysis
processes, and actions. Routing makes decisions on what data should go which target
and when.
 Analysis is used to run data records through a set of conditions and can produce
different output data records. For instance, input telemetry data encoded in one format
may return output telemetry encoded in another format.
 Original input data records and analysis output records are typically stored and
available to display, and may trigger actions such as emails, instant messages,
incident tickets, CRM tasks, device commands, etc.
These processes can be combined in simple graphs, for instance to display raw telemetry
received in real time, or more complex graphs executing multiple and advanced tasks, for
example updating dashboards, triggering alarms, and starting business integration processes,
etc.
For example, the following graph represents a simple scenario in which devices send
telemetry records which are temporarily stored in Azure IoT Hub, and then are immediately
displayed on graph on screen for visualization:
The following graph represents another common scenario, in which devices send telemetry,
store it short term in Azure IoT Hub, shortly after analyzing the data to detect anomalies, then
trigger actions such as an email, SMS text, instant message, etc.:
IoT architectures can also support multiple systems that can accept and do something with
data. For instance, some telemetry storage and/or analysis may occur on premise, within
devices and field/edge gateways. In other scenarios, protocol translations may be required to
connect constrained devices to the cloud. While the resulting graph is more complex, the
logical building blocks are the same:
IoT Security Overview

The Internet of Things is the wave of the future, offering businesses immediate and real-
world opportunities to reduce costs, increase revenue, and transform their business. Many
businesses, however, are hesitant to deploy IoT in their organizations due to concerns about
security, privacy, and compliance. A major point of concern comes from the uniqueness of
the IoT infrastructure, which merges the cyber and physical worlds together, compounding
individual risks inherent in these two worlds. Security of IoT pertains to ensuring the
integrity of code running on devices, providing device and user authentication, defining clear
ownership of devices (as well as data generated by those devices), and being resilient to cyber
and physical attacks.
Then, there’s the issue of privacy. Companies want transparency concerning data collection,
as in what’s being collected and why, who can see it, who controls access, and so on. Finally,
there are general safety issues of the equipment along with the people operating them, and
issues of maintaining industry standards of compliance.
Given the security, privacy, transparency, and compliance concerns, choosing the right IoT
solution provider remains a challenge. Stitching together individual pieces of IoT software
and services provided by a variety of vendors introduces gaps in security, privacy,
transparency, and compliance, which may be hard to detect, let alone fix. The choice of the
right IoT software and service provider is based on finding providers that have extensive
experience running services, which span across verticals and geographies, but are also able to
scale in a secure and transparent fashion. Similarly, it helps for the selected provider to have
decades of experience with developing secure software running on billions of machines
worldwide, and have the ability to appreciate the threat landscape posed by this new world of
the Internet of Things.
Protecting IoT solutions requires that businesses ensure each of the following:
 secure provisioning of devices

 secure connectivity between these devices and the cloud
 secure data protection in the cloud during processing and storage
Working against such functionality, however, are resource-constrained devices, geographic

distribution of deployments, and a large number of devices within a solution.
https://docs.microsoft.com/en-us/azure/iot-fundamentals/iot-security-ground-up
https://www.microsoft.com/en-us/internet-of-things/security
https://docs.microsoft.com/en-us/azure/iot-fundamentals/iot-security-architecture
https://docs.microsoft.com/en-us/azure/iot-fundamentals/iot-security-best-practices
IoT Threat Modeling

 The definition of a threat model

 How threat modeling applies to IoT security
 How to develop your own threat model
IoT Security
As we've seen in previous lessons, planning for security in an IoT solution is not only
essential but it can get complicated very quickly. IoT solutions involve data-collecting
devices, cloud services (which includes storage and analytics), and can involve personal or
sensitive data (a lot of it). Each of these can represent “soft targets” for hackers or others with
malicious intent so understanding how a solution can be vulnerable should be an integral part
of any IoT architecture.
Intel, in their IoT Platform Reference Architecture document what they refer to as the
“security layer” in their architecture. They describe it this way:
Robust hardware- and software-level protection are essential for ensuring world-class
security, which is a foundational IoT tenet. Security is more like a process than a product
because it depends upon evaluating the threat model for specific use cases and addressing
each possible threat. A layered security approach is highly recommended since it establishes
multiple defense mechanisms against hackers.
Let's look more specifically at how this layered approach to security works in an IoT
architecture.
Threat Modeling
When designing a system, it is important to understand the potential threats to that system,
and add appropriate defenses accordingly, as the system is designed and architected. The
objective of threat modeling is to understand how an attacker might be able to compromise a
system and then make sure appropriate responses and repairs are in place.
The movie The Big Short includes a quote (falsely attributed to Mark Twain) states, “It ain’t
what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t
so.” In the context of IoT security, this means that we can get in the most trouble when we
confidently assert that something won't (or will) happen. Part of threat modelling is planning
for the things you can't plan for or anticipate. This might be as radical as taking a server
offline or sending technicians to collect devices from the field if there's a breach. But it could
include a lot of much less dramatic measures to ensure that data is safe and hackers are
thwarted.
You should threat model the solution as a whole and also focus in the following areas:
 The security and privacy features

 The features whose failures are security relevant
 The features that touch a trust boundary
Three rules of thumb to keep in mind when building a threat model:
 Create a diagram out of reference architecture.

 Start breadth-first. Get an overview, and understand the system as a whole, before
deep-diving. This approach helps ensure that you deep-dive in the right places.
 Drive the process, don’t let the process drive you. If you find an issue in the modeling
phase and want to explore it, go for it! Don’t feel you need to follow these steps
slavishly.
Threat modeling and IoT architecture
Microsoft's guidance on threat modeling includes four main areas of focus. Each of these will
have specific needs and involve particular “threat vectors” (ways the area can be attacked).
They include:
 Devices and Data Sources

 Data Transport
 Device and Event Processing
 Presentation
The diagram below illustrates an IoT architecture with each of these areas designated. The
blue arrows indicate paths the data can take through the system. While this looks complex,
it's important in a threat model to understand where your data is coming from and every
possible place it can go. Missing just one path can create a serious vulnerability.
Attack Vectors to Consider
Again, an attack vector is simply a particular way that a hacker or person with malicious
intent could compromise your IoT system. Microsoft documentation lists many possible
options and we'll summarize a few of the most important here.
1. Spoofing. Device spoofing takes place when an analogous device or virtual device
takes the place of an intended device without the system knowing a switch was made.
Spoofing can happen with services, APIs and other parts of an IoT system.
Certificates can help reduce spoofing but an IoT architecture should have mechanisms
in place to ensure that the devices and services deployed to the solution are the ones
you intend to be there.
2. Denial of Service. Denial of Service (DOS) attacks are something we hear about in
the news every so often because they can negatively affect our ability to reach a web
site or service provider. One type of DOS attack involves overwhelming a service or
device with garbage data or requests so the service or device can't operate normally.
General a DOS attack is any hack where the device or service designed to perform a
particular function is rendered useless. These types of attacks (besides being
annoying) can prevent critical data from reaching a destination or enable hackers to
attack other parts of an IoT installation.
3. Elevation of Privilege. This type of attack causes a device or service that has a set of
capabilities that are limited by permissions or function (e.g. an automobile accelerator
that has a mechanism that prevents the car from exceeding a certain speed) to function
beyond their imposed limitations. You can imagine an API or device that has
permission to collect or store impersonal data being tricked into collecting or storing
personal data that could cause harm if it got into the wrong hands (e.g. credit card
information).
As mentioned above, there are many other attack vectors to consider and a threat model
should include mitigations for as many as possible.
A Secure Ecosystem
As you think about the security of an IoT solution, it can help to break down each aspect of
the problem into functional categories. In the threat model we considered above, we saw four
areas of focus. We can abstract these even more to help us build a threat model. In an article
for Network World, author Dean Hamilton echos the guidance that we'll be looking at in this
module. He recommends that IoT architects focus on securing devices, the network, and data.
We'll talk about security in three primary areas: devices, connection and communication,
and cloud services. We'll call this our secure IoT Ecosystem.
In the next three lessons, we'll look at each of these categories in turn.
Device Security
 How a secure device model fits into a secure IoT ecosystem

 An introduction on how to secure IoT devices
 How to develop your own device security model
Device security includes primarily device provisioning and authentication. But a threat model
for devices should also include how data is stored and transmitted as well as how to protect
devices from spoofing and DOS attacks.
Basic Device Security

Intel, in their IoT Platform Reference Architecture document describes device security by
claiming that a device is secure when an IoT solution can:
Protect device and user identities, ensure device integrity, and protect operational and
personal data on every device. Each device should guarantee authentication without
jeopardizing individual privacy and have the ability to automatically self-assess and resolve
any situation.
That's a tall order but this level of device security should be considered essential for a secure
IoT ecosystem. Similarly Microsoft recommends IoT architects focus on the physical security
of devices and sensors.
Physical tamper proofing and safety
Sensors and devices can and must often be placed in public areas, where anyone may
potentially have physical access to them. Also, tampering with the device is not just the act of
manipulating the device hardware or software. A digitally trustworthy sensor may be tricked
into reporting misleading data by dismounting and relocating it. Or an attacker could impact
the environment around the device, creating misleading physical conditions in the immediate
proximity of the device, pushing the overall system into an erroneous reaction. A lit lighter
held near a smoke or temperature sensor might, for instance, trick a digital building control
system into flooding a hotel hallway with the sprinkler system.
As the IoT space blurs digital and physical concerns, it also blurs security with safety.
Suddenly, security threats become safety threats. If something “goes wrong” with automated
or remote controllable devices—from physical defects to control logic defects to willful
unauthorized intrusion and manipulation—production lots may be destroyed, buildings may
be looted or burned down, and people may be injured or die. That is a different class of
damage than someone maxing out a stolen credit card limit. The security bar for commands
that make things move, and also for sensor data that eventually results in commands that
cause things to move, must be higher than in any e-commerce or banking scenario.
Some exemplary measures that can be taken to improve the security of the physical device
are:
 Choosing microcontrollers/microprocessors or auxiliary hardware that provide secure

storage and use of cryptographic key material, such as trusted platform module
(TPM)63 integration.
 Secure boot loader and secure software loading, anchored in the TPM.
 Using sensors to detect intrusion attempts and attempts to manipulate the device
environment with alerting and potentially “digital self-destruction” of the device.[^1]
[^1]: For more information on how the Azure IoT framework can help keep devices secure,
see the Azure IoT Reference Architecture.
Device Security and Azure IoT Hub

You can secure devices out in the field by providing a unique identity key for each device,
which can be used by the IoT infrastructure to communicate with the device while it is in
operation. With Azure's IoT framework, the process is quick and easy to set up. The
generated key with a user-selected device ID forms the basis of a token used in all
communication between the device and the Azure IoT Hub.
Device IDs can be associated with a device during manufacturing (that is, flashed in a
hardware trust module) or can use an existing fixed identity as a proxy (for example CPU
serial numbers). Since changing this identifying information in the device is not simple, it is
important to introduce logical device IDs in case the underlying device hardware changes but
the logical device remains the same. In some cases, the association of a device identity can
happen at device deployment time (for example, an authenticated field engineer physically
configures a new device while communicating with the solution backend). The Azure IoT
Hub identity registry provides secure storage of device identities and security keys for a
solution. Individual or groups of device identities can be added to an allow list, or a block list,
enabling complete control over device access.
Azure IoT Hub access control policies in the cloud enable activation and disabling any device
identity, providing a way to disassociate a device from an IoT deployment when required.
This association and disassociation of devices is based on each device identity.
To support these features, the Azure IoT framework supports the following features through
the device identity store:
 Device identity authority. The device identity store is the authority for all device
identity information. It also stores and allows for validation of cryptographic secrets
for the purposes of device client authentication. The identity store typically does not
provide any indexing or search facility beyond direct lookup by the device identifier;
that functional role is taken on by another store that keeps the application specific
domain model. These stores are primarily separated for security reasons; lookups on
devices should not allow disclosing cryptographic material.
 Provisioning. Device provisioning uses the identity store to create identities for new
devices in the scope of the system or to remove devices from the system. Devices can
also be enabled or disabled. When they are disabled, they cannot connect to the
system, but all access rules, keys, and metadata stay in place. A solution’s
provisioning workflow takes care of processing individual and bulk requests for
registering new devices and updating or removing existing devices. It will also handle
the activation, and potentially the temporary access suspension and eventual access
resumption.The provisioning workflow ensures, that the device is registered with all
backend systems that need to know about its identity and additional metadata
attributes as needed.[^2]
[^2]: See the Azure reference architecture document for more details on this.
These features help ensure that device identity is securely managed and that onboarding or
suspending a device from the solution can be managed centrally which can help ensure that
only secure devices are included in the ecosystem when a threat has been detected.
Device security is a logical first step as you consider how to secure your IoT solution. Using
a centrally managed framework like the Azure IoT hub can help make the complicated task
of device deployment and management simpler.
Connection Security
 A security philosophy for communication as it applies to IoT architectures

 How to use tools to properly secure communication networks
 How Azure's IoT framework can assist in developing secure communication
Durability of messaging is an important feature of any IoT solution. The need to durably
deliver commands and/or receive data from devices is underlined by the fact that IoT devices
are connected over the Internet, or other similar networks that can be unreliable.
Referring again to the Intel IoT Reference Architecture, the document describes connection
security (their term is “network level” security), as an IoT solution's ability to:
Ensure secure application, traffic, and data security in transit through every type of wired and
wireless network connection.
Microsoft similarly recommends IoT solutions focus on secure communication as a top

architectural priority. As a foundational principle, all cloud communication with devices or
field gateways must occur through secure channels when the devices talk directly to
endpoints.
The Microsoft reference architecture adopts the following principles of Clement Vasters's
Service Assisted Communication model:
 Devices do not accept unsolicited network connections. All connections and routes
are established in an outbound-only fashion.
 Devices generally only connect to or establish routes to well-known service gateways
that they are peered with. In case they need to feed information to or receive
commands from a multitude of services, devices are peered with a gateway that takes
care of routing information downstream and ensures that commands are only accepted
from authorized parties before routing them to the device.
 The communication path between device and service or device and gateway is
secured at the transport and application protocol layers, mutually authenticating the
device to the service or gateway and vice versa. Device applications do not trust the
link-layer network.
 System-level authorization and authentication should be based on per-device
identities, and access credentials and permissions should be near-instantly revocable
in case of device abuse.
 Bidirectional communication for devices that are connected sporadically due to power
or connectivity concerns may be facilitated through holding commands and
notifications to the devices until they connect to pick those up.
 Application payload data may be separately secured for protected transit through
gateways to a particular service.
Trustworthy and secure communication

Information received from and sent to a device must be trustworthy, if anything depends on
that information. Trustworthy communication means that information is of verifiable origin,
correct, unaltered, timely, and cannot be abused by unauthorized parties in any fashion.
Even telemetry from a simple sensor that reports a room’s temperature every five minutes
should not be left unsecured. If any control system reacts to this input, or draws any other
conclusions from it, the device and the communication paths from and to it must be
trustworthy.
Unless a device can support the following key cryptographic capabilities, its use should be
constrained to local networks and all inter-network communication should be facilitated
through a field gateway:
 Data encryption with a provably secure, publicly analyzed, and broadly implemented
symmetric-key encryption algorithm, such as AES with at least 128-bit key length.
 Digital signature with a provably secure, publicly analyzed, and broadly implemented
symmetric-key signature algorithm, such as SHA-2 with at least 128-bit key length.
 Support for either TLS 1.2 for TCP or other stream-based communication paths or
DTLS 1.2 for datagram-based communication paths.
 Updateable key-store and per-device keys. Each device must have unique key
material or tokens that identify it toward the system. The devices should be able to
store the key securely on the device (for example, using a secure key-store). The
device should be able to update the keys or tokens periodically, or reactively in
emergency situations in case of system breach. Key update might occur over the air or
through some other means, but updateability is required.
 The firmware and application software on the device must allow for updates to enable
the repair of discovered security vulnerabilities.
Legacy Devices. If (legacy) devices must use insecure or nonstandard and proprietary
communication paths into the cloud system, they should be connected through a separately
hosted custom protocol gateway or a local field gateway.[^1]
[^1]: For more information on how the Azure IoT framework can enable secure
communication, see the Azure IoT Reference Architecture.
Connection Security and the Azure Iot Hub

We saw in Lesson 1 of this module that understand how data is flowing through your solution
is an important first step in creating a robust threat model and ensuring data flow is secure.
Azure IoT Hub offers durability of messaging between cloud and devices through a system of
acknowledgments in response to messages. Additional durability for messaging is achieved
by caching messages in the IoT Hub for up to seven days for telemetry and two days for
commands.
Efficiency is important to ensure conservation of resources and operation in a resource-

constrained environment. HTTPS (HTTP Secure), the industry-standard secure version of the
popular http protocol, is supported by Azure IoT Hub, enabling efficient communication.
Advanced Message Queuing Protocol (AMQP) and Message Queuing Telemetry Transport
(MQTT), supported by Azure IoT Hub, are designed not only for efficiency in terms of
resource use but also reliable message delivery.
Scalability requires the ability to securely interoperate with a wide range of devices. Azure
IoT hub enables secure connection to both IP-enabled and non-IP-enabled devices. IP-
enabled devices are able to directly connect and communicate with the IoT Hub over a secure
connection. Non-IP-enabled devices are resource-constrained and connect only over short
distance communication protocols, such as Zwave, ZigBee, and Bluetooth. A field gateway is
used to aggregate these devices and performs protocol translation to enable secure bi-
directional communication with the cloud.
Additional connection security features include:
 The communication path between devices and Azure IoT Hub, or between gateways
and Azure IoT Hub, is secured using industry-standard Transport Layer Security
(TLS) with Azure IoT Hub authenticated using X.509 protocol.
 In order to protect devices from unsolicited inbound connections, Azure IoT Hub does
not open any connection to the device. The device initiates all connections.
 Azure IoT Hub durably stores messages for devices and waits for the device to
connect. These commands are stored for two days, enabling devices connecting
sporadically, due to power or connectivity concerns, to receive these commands.
Azure IoT Hub maintains a per-device queue for each device.
https://docs.microsoft.com/en-us/azure/iot-fundamentals/iot-security-ground-up
Cloud Security
 How to think about cloud security in an IoT solution

 About Azure IoT cloud-based components that can be used in developing an IoT
solution
Cloud security involves secure storage and processing of information as well as device
management.
Once again, Intel in their IoT Reference Architecture includes this component in their model.
The “cloud level” of an IoT is secure according to Intel when it can:
Deliver the necessary trust for data centers and multi-tenant public cloud environments to
unleash powerful IoT services and analytics while protecting data and ensuring privacy.
The previous two topics address some of the cloud services that can be used to secure an IoT
system. In what follows, we'll look at other cloud services that can be used to secure an IoT
architecture.
Azure and IoT Cloud Security

Azure Active Directory
Using Azure Active Directory (AAD) for user authentication and authorization provides a
policy-based authorization model for data in the cloud, enabling easy access management that
can be audited and reviewed. This model also enables near-instant revocation of access to
data in the cloud, and of devices connected to the Azure IoT solution accelerators.
Once data is in the cloud, it can be processed and stored in any user-defined workflow.
Access to each part of the data is controlled with Azure Active Directory, depending on the
storage service used.
All keys used by the IoT infrastructure are stored in the cloud in secure storage, with the
ability to roll over in case keys need to be re-provisioned. Data can be stored in Azure
Cosmos DB or in SQL databases, enabling definition of the level of security desired.
Additionally, Azure provides a way to monitor and audit all access to your data to alert you
of any intrusion or unauthorized access.
Virtual Private Network (VPN) technology
Virtual private network (VPN) technology allows for integrating and isolating a network,
creating a single address space functionally equivalent to a local network, while in reality
spanning multiple underlying networks. It provides mechanisms to securely join and
participate in an isolated network but does not secure the traffic inside the network. Without
further components like per-endpoint firewalls, it intentionally does not limit how the
participants of the virtual network can communicate with each other. In scenarios where
devices participating in a VPN are in physical control of users or potentially unknown
intruders, the virtual network environment must be considered as hostile as the Internet
environment.
The Cloud Gateway
The Cloud Gateway (e.g. Azure IoT Hub service) provides a cloud hub for secure
connectivity, telemetry and event ingestion and device management (including command and
control) capabilities. The IoT Hub offers built-in secure connectivity, telemetry and event
ingestion, and bi-directional communication with devices including device management with
command and control capabilities. In addition, the IoT Hub offers an entity store that can be
used to store device metadata.
Cloud gateway is a system that enables remote communication from and to devices or field
gateways from several different sites across public network space, typically towards a cloud-
based control and data analysis system, a federation of such systems. In some cases, a cloud
gateway may immediately facilitate access to special-purpose devices from terminals such as
tablets or phones. In the context discussed here, “cloud” is meant to refer to a dedicated data
processing system that is not bound to the same site as the attached devices or field gateways.
Also in a Cloud Zone, operational measures prevent targeted physical access and are not
necessarily exposed to a “public cloud” infrastructure.
A cloud gateway may potentially be mapped into a network virtualization overlay to insulate
the cloud gateway and all of its attached devices or field gateways from any other network
traffic. The cloud gateway itself is not a device control system or a processing or storage
facility for device data; those facilities interface with the cloud gateway. The cloud gateway
zone includes the cloud gateway itself along with all field gateways and devices directly or
indirectly attached to it. The edge of the zone is a distinct surface area where all external
parties communicate through.
Services
In modern IoT solutions, most services used for an IoT solution are run from the cloud
though some services can be run from a field gateway[^1] or even on devices itself.
A “service” is defined for this context as any software component or module that is
interfacing with devices through a for data collection and analysis, as well as for command
and control. Services are mediators. They act under their identity towards gateways and other
subsystems, store and analyze data, autonomously issue commands to devices based on data
insights or schedules and expose information and control capabilities to authorized end users.
As we've been discussing in this module, any service used in an IoT solution should be fully
secure and risks should be considered in any threat model. Modern cloud services like Azure
are built with security in mind but architects still need to evaluate how data flows through any
service. Data is the responsibility of the data owner and not of the service itself.
[^1]: Field gateway is a device/appliance or some general-purpose server computer software

that acts as communication enabler and, potentially, as a device control system and device
data processing hub.
Security Best Practices
Securing an Internet of Things (IoT) infrastructure requires a rigorous security-in-depth
strategy. This strategy requires you to secure data in the cloud, protect data integrity while in
transit over the public internet, and securely provision devices. Each layer builds greater
security assurance in the overall infrastructure.
This security-in-depth strategy can be developed and executed with active participation of
various players involved with the manufacturing, development, and deployment of IoT
devices and infrastructure. Following is a high-level description of these players.
 IoT hardware manufacturer/integrator: Typically, these players are the

manufacturers of IoT hardware being deployed, integrators assembling hardware from
various manufacturers, or suppliers providing hardware for an IoT deployment
manufactured or integrated by other suppliers.
 IoT solution developer: The development of an IoT solution is typically done by a
solution developer. This developer may be part of an in-house team or a system
integrator (SI) specializing in this activity. The IoT solution developer can develop
various components of the IoT solution from scratch, integrate various off-the-shelf or
open-source components, or adopt solution accelerators with minor adaptation.
 IoT solution deployer: After an IoT solution is developed, it needs to be deployed in
the field. This process involves deployment of hardware, interconnection of devices,
and deployment of solutions in hardware devices or the cloud.
 IoT solution operator: After the IoT solution is deployed, it requires long-term
operations, monitoring, upgrades, and maintenance. These tasks can be done by an in-
house team that comprises information technology specialists, hardware operations
and maintenance teams, and domain specialists who monitor the correct behavior of
overall IoT infrastructure.
See Microsoft's document on IoT best practices for more detail on each of these.
Areas of Focus
In this module, we've categorized security considerations into three main areas: devices,
communication, and cloud services. The IEEE focuses their “best practices” guidance on two
areas: securing devices and securing networks. As a standards body, this makes sense since
they wouldn't focus on specific technologies but on high-level categories. Much of the
guidance here amplifies what we've already seen in this module but we'll briefly cover some
of the salient points here for easy reference and to provide a wrap up summary for the
module.
Securing Devices
1. Make hardware tamper resistant
This guidance focuses on the ensuring the physical device is secure. Since devices
exist in the public domain and can be vulnerable to manipulation, protecting the
device is critical for ensuring a safe IoT deployment. Specifically the IEEE
recommends (as examples):
o Use tamper-resistant packaging when transporting devices (to ensure the
device is not manipulated during transit)
o Using small plastic containers with a lock to keep ports and apertures from
casual manipulation
o Using port locks (a small device that keeps the physical network port on a
device from being manipulated)
o Setting the device so it automatically is disabled if certain types of tampering
occurs
o Using strong boot-level passwords on the device itself or requiring the device
to boot from local storage
o Close unused TCP/UDP and serial ports
o Disabling open password prompts
2. Provide for firmware updates/patches
As the title implies, IoT architects must ensure that devices are easily patchable and
updatable when vulnerabilities are found. This becomes more challenging when you
consider that hardware vendors may have little incentive (legal and financial) to keep
devices up to date. It is up to the IoT architect to ensure that solid relationships exist
with device manufacturers and agreements (preferably written) are in place to keep
devices updated with the latest firmware and that vulnerabilities are patched as soon
as possible after one is discovered.
3. Perform dynamic testing

4. Specify procedures to protect data on device disposal
This is an item that may be an after-thought to IoT architects but the reality is that
devices do fail and most have an end-of-life date when it becomes unfeasible to
update, repair, or maintain the device. Ensuring that the device contains no on-board
data, passwords, or other information that could compromise security when the device
is discarded is an important part of an overall security plan.
Securing Networks
1. Use strong authentication
While it may seem obvious, ensuring network resources don't use simple passwords,
duplicate credentials, or include “back doors” are fundamentals of a secure system.
According to the IEEE,
Each device should have a unique default username/password, perhaps printed on its
casing, and preferably resettable by the user. Passwords should be sophisticated
enough to resist educated guessing and so-called brute force methods.
Using multi-factor authentication where possible is also highly recommended. Cloud

IoT platforms like Azure help IoT engineers manage a lot of this more easily as we've
seen in previous topics. For more information on multi-factor authentication and how
it works, see the following:
o Azure MFA documentation

o wikipedia artical
2. Use strong encryption and secure protocols
There is no substitute for using encrypted communication over secure protocols when
building an IoT solution. As with device patching, the ability of a device or network
to use encryption and communicate over a particular protocol may be a function of the
device or network itself so architects have to ensure, up front, that the components
they're working with will support the type of security they desire. Committing to a
particular device family or cloud solution and learning after commitments have been
made that the component doesn't meet the required security level can have monetary
and scheduling consequences.
3. Minimize device bandwidth
IEEE's guidance on this area focuses on reducing the attack surface area for denial-of-
service attacks (a subject we touched on in the topic on threat modeling). The
document includes an intimidating future scenario: if 1.1% of 50 billion IoT devices
became compromised in a coordinated attack, they could generate 55 petabytes of
data per second overwhelming the current fastest network interface by a factor of
183,333 to 1. To secure devices against these types of attacks, hard vendors should
include limiters to throttle network transmissions to the task at hand. They conclude,
Additional kernel-level controls within devices that notice and attenuate large
amounts of uploaded traffic or stop other unexpected behavior could further
reduce the destructive capabilities of compromised devices without requiring
heroic efforts by network defenders. Thus, we recommend serious
consideration of the performance requirements of each device and that modest
limitations be emplaced that are difficult to circumvent. This will greatly
increase the safety of IoT devices and make it possible to safely field many
more of them in the future.
4. Divide networks into segments
We've seen this guidance repeated often in other material. By using network “zones”,
architects can provide more localized firewalls, security gates, and secure interfaces to
ensure attacks can be stopped before compromising an entire system. While
segmentation can make management more complex, it can reduce the attack surface
area by restricting access to other segments of the system if a single segment becomes
compromised.The Azure IoT framework provides tools for working with network
segments making management easier for engineers.
Conclusion
These are just some recommendations for securing an IoT solution. Based on threat
modeling, architects should design a security plan that fits the needs of their solution.
Security should be a primary consideration when developing an IoT solution. Thankfully, IoT
services offer like those offered through Azure are build with security as a “first-class
citizen” making building secure systems easier. Even so, security is always the responsibility
of the engineers that build the system so making it an integral part of the design from day one
can help mitigate problems later in development and deployment.
----------------------------------------------------------------------------------------------------------------
IoT Hardware
 About the different types of IoT hardware used in IoT solutions

 How IoT hardware is being deployed and used in the real world
When thinking about building an IoT solution, perhaps the first area of consideration is what
hardware you will need. This partly is driven by the fact that data is the main driver behind
implementing many IoT solutions so figuring out what data you want to collect and how you
want to collect it has a primary place in your architecture.
The hardware implemented in an IoT solution often includes a network infrastructure that is
used to connect devices. Still, some devices could be stand-alone. How would this work? A
sensor, for example, could collect temperature data or collect data about how a bridge is
being stressed but not deliver those data immediately to a network database. A technician
could come by on a regular schedule, collect the data from the device using an internet-
connected tool which then delivers the data to the database.[^1]
[^1]: Though some argue that when a device no longer is able to connect to the internet, the
“Internet” part of IoT no longer applies so the device shouldn't be considered an IoT device.
Other hardware involved in a broad IoT solution don't collect data at all but broker
communication with other hardware and cloud services. In the following, we'll look at
various types of hardware used in IoT solutions and talk about the role they might play.
IP-enabled Devices
An IP-enabled device is, simply, a device that can establish a a connection to a network (for
many IoT devices, this means the internet) and have a unique identity on that network. “IP”
stands for "internet protocol" and defines the way messages are delivered over a network. A
message in networking terms is just a packet of information and single packet could deliver
part of a text message or a video file. Most data that is transferred over the internet uses this
communication protocol.
Examples
In terms of IoT, an IP-enabled device is one that can connect directly to a network like the
internet and transmit or receive data. Examples we commonly think of are the home
automation devices like doorbells and thermostats that use an internet connection to
communicate with a central server. But industrial-grade IoT devices can be IP-enabled as
well. IP-enabled devices require special hardware to enable this functionality.
Usage
As you might expect, people deploy IP-enabled devices in scenarios where data needs to be
collected, delivered, and analyzed in real-time or near real-time. IP-enabled devices enable
live connections to the other networked devices or services so data can be transmitted without
interaction from a technician.
Data collection isn't the only reason to use an IP-enabled device. If transmitted data over the
internet is particularly risky, your device may not have “outbound” ability enabled but the
device still can receive messages (inbound) from the network so its firmware or software can
be updated. Or it may have the ability only to send status messages but not any data it has
collected.
While it's possible that a device may have only outbound communication abilities over IP, it's
not typical since when delivering messages, it is important that the device knows if the
receiving node has an error or if messages did not transmit for some reason. So some inbound
communication typically is needed.
Non-IP Enabled Devices

As mentioned above, it's not necessary for a device to be IP-enabled in order to be a part of
an IoT solution. Some devices don't use IP to connect to other parts of an IoT solution but can
use other protocols. These devices don't connect to the internet per se but their messages are
routed to the internet via other hardware like a field gateway which we'll discuss below.
Devices can use industry-specific protocols (such as CoAP5, OPC),and short-range

communication technologies (such as Bluetooth, ZigBee) to connect to other hardware.
Examples
For example, when setting up an internet connected lock, you may need first to connect the
lock to your phone using Bluetooth in order to set up a relationship with a cloud service.
While this is a temporary situation, you can imagine a scenario where the device can only
connect to a local device using Bluetooth and the secondary device brokers all the
communication with the cloud service.
Usage
Devices of this type can be useful in scenarios where data from a number of devices needs to
be aggregated, cleaned-up, and possibly even analyzed before being sent to a cloud service.
Since IP-enabled devices typically take more resources, low-powered or resource- (or space-)
constrained devices can use protocols with lower resource consumption requirements that
transmit to a device that doesn't have these constraints.
Sensors
We can break this category into two subcategories: sensors and smart sensors.
The IEEE, in their definition paper on IoT, writes this about sensors:
Sensors are one of the key building blocks of IoT. As ubiquitous systems, they can be
deployed everywhere – from military battlefields to vineyards and redwoods and on the
Golden Gate Bridge. They can also be implanted under human skin, in a purse or on a t-shirt.
Some can be as small as four millimeters in size, but the data they collect can be received
hundreds of miles away. They complement human senses and have become indispensable in
a large number of industries, from health care to construction. Sensors have a key advantage
in that they can anticipate human needs based on information collected about their context.
Their intelligence, “multiplied” by numerous networks, allows them not only to report about
the external environment, but also to take action without human intervention.
Within an intelligent networked system, sensors perform the functions of input devices – they
serve as “eyes,” collecting information about their environment.
We can define a sensor, then, as a device that collects a specific type of data about the
physical environment. As IoT as a technology grows, the list of available sensors most likely
will grow with it. There also are communities that will help you build your own sensors if the
one you need doesn't exist.
A smart sensor according to the website IoT Agenda is “a device that takes input from the
physical environment and uses built-in compute resources to perform predefined functions
upon detection of specific input and then process data before passing it on.” That is, the
device itself processes the data to some degree before sending it to the next node in the IoT
architecture.
Sensors of both types can be embedded on other devices which manages communication with
a network or stand alone and handle all the necessary functions needed to collect and
communicate data.
Examples
Sensors that can collect data on a wide variety of things actively are being developed. Intel
has compiled a list of some sensors currently available. Examples include:
 Temperature
 Humidity
 Energy
 Compass
 Pressure
 Sonar
 Light and UV
Usage
As should be clear from the above, sensors are used whenever a discrete bit of information
needs to be collected about something in the physical environment.
Edge Devices and Field Gateways

A field gateway is a specialized device-appliance or general-purpose software that acts as a
communication enabler and, potentially, as a local device control system and device data
processing hub. A field gateway can perform local processing and control functions toward
the devices; on the other side it can filter or aggregate the device telemetry and thus reduce
the amount of data being transferred to the cloud backend.
A field gateway’s scope includes the field gateway itself and all devices that are attached to
it. As the name implies, field gateways act outside dedicated data processing facilities and are
usually collocated with the devices.
A field gateway is different from a mere traffic router in that it has an active role in managing
access and information flow. It is an application-addressed entity and network connection or
session terminal. For example, gateways in this context may assist in device provisioning,
data filtering, batching and aggregation, buffering of data, protocol translation, and event
rules processing. NAT devices or firewalls, in contrast, do not qualify as field gateways since
they are not explicit connection or session terminals, but rather route (or deny) connections or
sessions made through them.
The Growing IoT Device Ecosystem

This is a brief introduction to the growing world of IoT devices. Which devices you'll need
for a solution will depend largely on what data you're interested in collecting how you want
to work with that data and what devices are available in the market (or that you have the
capability of building).
IoT Device Software

 About device operating systems and configurations

 About IoT programming languages and environments
 About IoT software development kits (SDKs) and how to use them when
programming IoT hardware.
Like any piece of complex hardware, IoT devices need an operating system in order to be
useful. But because IoT devices tend to be small and resource-constrained, operating systems
will vary in functionality, memory footprint, and feature set. Devices also need to be
programmed–given the instructions they need to do the tasks that engineers need them to do.
There are many vendors developing operating systems and programming tools and the choice
you make for any given solution will be the product of a number of factors including:
 Availability of the software you need

 Compatibility of the software with the devices you've chosen
 Compatibility with other software/cloud systems in your solution
 Reputation and longevity of the software provider
 The commitment of the software provider to update the operating system and tools to
address security issues, bugs, and new features.
 Security and privacy requirements
Of course, your solution may involve devices with a variety of operating systems and
development environments. But the more you add to your solution, the more complex
development and maintenance becomes so it pays to be mindful of the software choices you
make and the implications of each one during the architectural phase of the project.
Device Operating Systems
As we mentioned above, there are a lot of options for device operating systems. In this
section, we'll survey a few of the more popular onces to get a sense of the features and
options available on them.
OS Type Description
Windows IoT Core is a version of Windows 10 that is
Windows IoT Core Managed optimized for smaller devices with or without a display
that run on both ARM and x86/x64 devices.
"Ubuntu Core uses the same kernel, libraries and system
software as classic Ubuntu. You can develop snaps on your
Ubuntu Core Open Source
Ubuntu PC just like any other application. The difference
is that it’s been built for the Internet of Things."
“RIOT supports most low-power IoT devices and
microcontroller architectures (32-bit, 16-bit, 8-bit). RIOT
Riot Open Source aims to implement all relevant open standards supporting
an Internet of Things that is connected, secure, durable &
privacy-friendly.”
And there are many others. Which OS you choose will largely depend on what you need to
accomplish, your architectural design, development tools and developer resources and similar
considerations. Most vendors and organizations (even if they're not open source) provide free
“trial” options so you can spend some time with the software and tools as you work through
the options. Be sure to look at development tools as well as being able to write software for
your devices should be as much of a consideration as the operating system itself. Let's look at
the development environments next.
Programming Languages
When it comes to programming devices, the operating system running on the device may
determine what languages can be used to program it. Many modern hardware devices can
support multiple languages and board engineers may develop specific flavors of hardware to
support various languages. Microsoft's IoT core, for example, supports most languages that
Windows develop in general supports including C#, C++, and JavaScript. Ubuntu Core, on
the other hand, supports Python, Ruby, and Node.js.
This makes choosing a programming platform complex and attempting to even outline the
matrix of options here would not present an adequate picture. Instead, we can suggest how to
approach the decision-making process when it comes to a programming platform. These
suggestions build upon the strategies we've been seeing throughout this course so some items
will be familiar and other items will be new.
1. Determine what data you want to collect. As we've seen throughout the course,
your IoT architecture generally will begin by figuring out what problems you're
solving and this, most times, will be characterized in terms of the data you want to
collect. This relates to programming languages because the data you want to collect
will impact the devices you choose and the programming language(s) you choose will
have to work with the device infrastructure you deploy.
2. Think about your development team. When considering the programming
languages you want to use in your solution, you will need to consider whether you
want to use talent you already have at your disposal, bring on new resources, or use a
blend of both. If your current software development team knows C# but doesn't know
Python, choosing a platform that supports C# as a programming language will most
likely enable you to get to market quicker than having either to train existing talent in
another language or bring on new talent that knows an alternate language.
3. Think about your broader software environment. Similar to item 2 above, when
you think about what software platform you want to use, it can be helpful to think
about the development environment across your business group or enterprise. By
using a language that already is deployed in other areas of your business can make
tasks like resource balancing, code sharing, source control, hiring, and similar factors
more efficient.
4. Choose a device or devices platform. Once you've figured out what data you want to
collect and have thought about your larger ecosystem, you'll be better informed when
it comes to choosing a device platform. As we've said in other lessons, you may need
more than one device platform so choosing platforms that are the most compatible
with items 1-4 above will give you a more efficient overall environment in which to
develop your solution.
These are not the only factors to consider of course. Items like cost can have a big impact on
choices but sometimes using a device platform that is slightly higher in cost per item can pay
off in the long run if the platform supports a language platform that will mean more
efficiency in the long run.
What about the cloud? It may go without saying we'll say it: an essential component of the
software platform when making a platform decision is the cloud services you'll use to support
your software and hardware. We'll talk a bit more about this in the next topic but we think it's
important to call out here as an essential aspect of the decision-making process.
Software Development Kits

Before we leave this topic, let's briefly discuss IoT software development kits (SDKs) as a
means by which you can more quickly create an environment to build your solution. If you've
never used an SDK before, these kits can accelerate the software development process by
providing the developer with all the necessary tools, software packages, and integration
software necessary to build a complete solution. While the degree to which any given SDK
does this will vary with providers and companies, a good SDK will provide many if not most
of the software-related tools needed to build a solution.
There are many IoT SDKs you can review and we'll survey a couple here.
Microsoft IoT SDKs
Microsoft provides a number of IoT SDKs that range across a variety of languages and
devices and are designed to provide the software and services needed to accelerate your
solution development. The company breaks down their SDKs into three categories:
 Device SDKs enable you to build apps that run on your IoT devices using device
client or module client. These apps send telemetry to your IoT hub, and optionally
receive messages, job, method, or twin updates from your IoT hub. You can also use
module client to author modules for Azure IoT Edge runtime. The device SDK comes
in the following platform flavors: .NET, C, Java, Node.js, Python, and iOS
 Service SDKs enable you to manage your IoT hub, and optionally send messages,
schedule jobs, invoke direct methods, or send desired property updates to your IoT
devices or modules.
 Device Provisioning SDKs enable you to provision devices to your IoT Hub using
the Device Provisioning Service.
AWS (Amazon Web Services) IoT Device SDKs
Amazon's IoT device SDKs cover a variety of platforms and languages including, Embedded
C, JavaScript, Arduino Yun, Python, Java, C++, and iOS.
The SDK provides developers with the ability to work with Amazon's “Thing Shadows”
which are virtual versions of physical devices, as well as interacting with the MQTT
messaging protocol which is used by AWS services. Similar to Microsoft's offering, each of
the various SDKs implement specific features not necessarily shared by other SDKs in the
same family. As with all SDKs, architects and developers should examine the SDK they're
interested in to ensure it supports the features they'll need for their solution.
There are other SDKs available and, many times, hardware vendors will provide their own
SDKs to make development on their platform easier. Once you've chosen a hardware and
software platform, investigate the SDKs available for those platforms. You may want to use
the availability of an SDK as a part of the decision-making process when evaluating hardware
and software platforms.
Cloud Service Components of an IoT Solution

 About cloud-based gateways and storage options

 About cloud-based analytics and data visualization
 About how to use machine learning in IoT solutions
As we noted in the last topic, the cloud services you choose is an essential part of your
overall solution. In fact, the cloud services used in your solution constitutes the ‘I’ in IoT.
There are options from many of the larger companies participating in this space as well as
offerings from startups and medium-sized businesses. You can explore the individual
offerings on your own. In this topic, we'll look at categories of services these companies offer
to give you an idea of how cloud services fit into an overall IoT architecture.
Cloud Gateways
In an earlier topic in this lesson, we looked at, briefly, the concept of a field gateway–a piece
of hardware that brokers communication between IoT devices and cloud services. Cloud
gateways do more than broker communication. They provide a set of services that devices
can run either locally or in the cloud. Cloud gateways can provide workloads such as (among
others):
 Authentication and authorization

 Message brokering
 Data storage and filtering
 Data analytics
 Functions (discrete code blocks that perform specific tasks)
Data Storage Options

Given the centrality of data in an IoT solution, figuring out the right cloud-based data storage
and retrieval options ranks high on the list in terms of importance. IoT devices can generate
enormous amounts of data very quickly and storing high volumes of data in the cloud can not
become expensive but also unwieldy–you have to be able to do something with the data and
too much of it can make analytics and decision-making harder.
Cloud service providers are continually updating their data services to make it easier and
more cost-effective for organizations to store, manage,and analyze data. Even so, a thorough
analysis of cloud storage technical options and prices should be a fundamental part of any
IoT architecture. For example, some architectures may demand a multi-tiered approach with
some data being stored on the device, other stored in on-premise databases and other data
stored in the cloud. Depending on the needed architecture, you should be sure the cloud
services you choose supports your needs.
Here are some other concepts to be aware of when considering cloud storage.
Data is often time series data and is required to be stored where it can be used in visualization
and reporting as well as later accessed for additional processing. It is common to have data
split into “warm” and “cold” data stores. The warm data store holds recent data that needs
to be accessed with low latency. Data stored in cold storage is typically historical data. Most
often the cold storage database solution chosen will be cheaper in cost but offer fewer query
and reporting features than the warm database solution.
A common implementation for storage is to keep a recent range (e.g. the last day, week, or
month) of telemetry data in warm storage and to store historical data in cold storage. With
this implementation, the application has access to the most recent data and can quickly
observe recent telemetry data and trends. Retrieving historical information for devices can be
accomplished using cold storage, generally with higher latency than if the data were in warm
storage.
Cloud service providers may provide services to support both types of storage and make
managing data across these types easier.[^1]
[^1]: You can read more about warm and cold storage different technologies Microsoft Azure
provides for managing these storage options in section 3.5 of the Azure Reference
Architecure document.
Analytics Services and Data Visualization

Analytics
Once data is captured and stored, it only becomes useful when it provides insights into the
physical world from which your IoT devices have captured the data. This is where analytic
services come into play.
Azure Analysis Services, for example, enable architects to use advanced mashup and
modeling features to combine data from multiple data sources, define metrics, and secure
data in a single, trusted tabular semantic data model. The data model provides an easier and
faster way for users to browse massive amounts of data for ad-hoc data analysis.
Without analytics, data collected from IoT would be too voluminous and unstructured to
visualize or gain insights. Analytic services enable architects to build meaningful
relationships between sets of data in order to make it easier to manage. For example, Azure
Stream Analytics can take stream data from IoT devices and engineers can specify a
transformation query that defines how to look for data, patterns, or relationships. The
transformation query leverages a SQL-like query language that is used to filter, sort,
aggregate, and join streaming data over a period of time.
Data Visualization
Stream analytics can help condition data so its easier to manage and provides models that
give insight into what you need to understand or learn. Once the data is conditioned and
you've created the right models, the data can be visualized using tools like Microsoft's
PowerBI or Tableau so it can be acted upon.
Data visualization tools can take input from various data streams and combine them into
“dashboards” that can be used to tell a story about the data that was collected. Ultimately, this
is the goal of IoT.
Machine Learning
Machine Learning (ML) is one of the more exiting developments in modern computer
science. It's a complex field but one that is producing significant positive results with large
datasets. As we've said throughout this course, IoT devices produces large large volumes of
data. Analytic systems help engineers to model the existing data in meaningful ways.
Machine learning takes this a step further and can actually make predictions about what new
data will show and provide insights that would not be possible without the machine learning
algorithms.
As the name states, the technology gives computers the ability to “learn” (predict) from data
by expressing trends or a direction future data will take. This can provide engineers with a
powerful mechanism for enabling a wide variety of scenarios.
Using big data and machine learning to predict purchasing decisions is one simple example.
Suppose a retailer has warehouse space in various cities and needs to determine which items
to stock in those cities in order to be able to get products to customers in the most efficient
and timely way. Using machine learning the retailer can predict, for example, that a given set
of users that purchase a specific television tend to buy a particular type of cable and other
accessories like tv stands and audio equipment. This would allow the retailer to keep those
items in the warehouse near where those television sales are popular so that if a customer
orders the cable or other accessory, the item can be shipped more and get to the customer
more quickly.
Can you think of other, IoT-specific scenarios where machine learning would be help enable
various scenarios that can make the IoT architecture more effective?
Because of the tremendous amount of computer power needed to perform the calculations
needed to do this type of analysis, cloud-based ML technology tends to be the most effective
at providing the type of insights machine learning promises.
Conclusion
In this topic, we've surveyed the various cloud-based services and technologies that make IoT
possible. Below, you can try your hand at using the Azure cloud to model IoT scenarios.
While these exercises are just an introduction to the space, they can give you a good feel for
how the technology works together and how it can be used in an IoT architecture.
IoT Implementation Patterns

In this lesson, we're going to look at examples of specific IoT architectural patterns[^1] and
technologies. In this lesson, more than the others in this course, we'll be focusing specifically
on Microsoft technology, specifically Azure-based IoT services. While we'll be focusing on
Azure in this lesson, other IoT cloud providers offer similar services though their
implementations may differ from the way Azure works.
Specifically in this lesson, we'll introduce you to:
 Using Azure IoT Solution Accelerators to get started with your IoT implementation
 Device and cloud implementations focusing on Azure IoT Hub
 Messaging in IoT Hub
 How to configure devices using IoT Hub
 Data Analytics services in Azure
 Using business intelligence and machine learning services in Azure to enhance
reporting for your IoT solution
While this material will be introductory, you can explore these concepts more deeply in other
courses in this series. These topics will give you a good overview of how these services work
and what options are available to you using Microsoft's robust and growing IoT platform.
[^1]: A pattern in software and hardware design is a model or template for a way to build a
software architecture or hardware component in part or in whole. A pattern can describe a
specific way to do something or can be as general as a best practice. Take software security
as an example. A pattern can describe all the component pieces of a secure system like the
type of hardware that should be in place, the protocols that should be used to send and receive
data. This would be an implementation-specific example of a pattern. A pattern also can
describe best practices like a software design should include security considerations as core
part of the software architecture. See this Wikipedia Article for more information.
IoT Solution Accelerators

 What Solution Accelerators are

 How Solution Accelerators are used
 About the limitations of Solution Accelerators
What are Solution Accelerators?

The IoT solution accelerators are a collection of complete, ready-to-deploy, IoT solutions that
implement common IoT scenarios such as remote monitoring, connected factory, predictive
maintenance, and device simulation. When you deploy a solution accelerator, the deployment
includes all the required cloud-based services along with any required application code.
Think of Solution Accelerators as fully scaffolded starter solutions that you can use either to
learn about various IoT scenarios or as templates upon which you can build your own.[^1]
[^1]: Note: In order to use the solution accelerators, you will need to have or sign up for an
Azure account and deploying an accelerator will incur charges on Azure.
These accelerators have been developed my Microsoft and are built on Azure IoT services.
As of this writing, the following Solution Accelerators are available:
1. Remote Monitoring: Use this solution accelerator to collect telemetry from multiple
remote devices and to control them. Example devices include cooling systems
installed on your customers' premises or valves installed in remote pump stations.
2. Connected Factory: Use this solution accelerator to collect telemetry from industrial
assets with an OPC Unified Architecture (a standards-based, service-oriented
framework) interface and to control them. Industrial assets might include assembly
and test stations on a factory production line.
3. Predictive Maintenance: Use this solution accelerator to predict when a remote
device is expected to fail so you can carry out maintenance before the predicted
failure happens. This solution accelerator uses machine learning algorithms to predict
failures from device telemetry. Example devices might be airplane engines or
elevators.
4. Device Simulation: Use this solution accelerator to run multiple simulated devices
that generate realistic telemetry. You can use this solution accelerator to test the
behavior of the other solution accelerators or to test your own custom IoT solutions.
Each of these accelerators conform to Microsoft's reference architecture (the document we've
been looking at throughout this course) so you know at least the basics of your solution starts
out the way Microsoft recommends.
How are Solution Accelerators used?

Like any template, Solution Accelerators provide the basic framework needed for to model
and then provide the foundation for specific aspects of an overall solution. Given the
complexity of an IoT solution, the accelerators deploy all the necessary components needed
to get essential parts of an overall solution up and running quickly.
This model is used in software development. For example, those familiar with Angular
development may have used the Angular CLI (command line interface) command 'ng new'.
This command will install all the files necessary needed to build an Angular application and
can scaffold the application creating a basic Angular app. By using ‘ng new’, developers can
avoid having to figure out which parts of the framework they need to install individually and
get a basic app they can build on for their own solution. IoT Solution Accelerators work in a
similar way for IoT development.
For example, the Remote Monitoring solution accelerator will provision the following
services in Azure:
1 Azure Active Directory application 1 Virtual Machine 1 IoT Hub 1 Cosmos DB Account 1
Storage account 1 Web Application 1 Azure Maps account 1 Azure Stream Analytics 1 Azure
Device Provisioning Service 1 Azure Time Series Insights
These service will provide you with all the basics you will need to to explore a remote
monitoring solution. You can use this basic deployment as a basis for your own solution and
the accelerator helps you get started by taking the guess work out of what you'll need. Of
course you need to first understand how to use all these services and understand how to put
together an architecture for your IoT solution. You can learn more about each of the
architectural areas the four accelerators cover in other courses in this series.
Limitations of Solution Accelerators

As we stated above, the accelerators will provide only the basic framework for parts of an
IoT solution. Using them assumes that you know how to put together an overall architecture
and build upon them if your goal is to build a solution that you can deploy for a real-world
scenario. Note also that the accelerators are limited in the following ways:
1. They are not a single solution but isolated scenarios designed to provide a primer for a
specific aspect of what could become a solution. Connecting the individual solutions
together to create an overall solution would require development work.
2. The accelerators are not comprehensive. That is, even if you deployed all the
available accelerators, you still would not have everything you'd need for a complete
IoT solution.
3. As the name of the last accelerator in the list indicates, devices are simulated in these
accelerators so you would need to do the work of provisioning physical devices and
managing them on your own. The accelerators do, however, give you the framework
for working with physical devices and the simulated hardware is a good start for
learning how to work with IoT devices.
Despite these limitations, Solution Accelerators are a great way to get started with IoT and
can be a good solution to jump start your own development. they can also be used to develop
cost models and proof-of-concept projects as you work through your own architectural
models.
We encourage you to experiment with the accelerators as you work through the other courses
in this series.
Implementing IoT Devices

 Basic principles in Azure IoT Device Management

 About the foundation of the life cycle of devices in IoT
 About the limitations of Solution Accelerators
Azure IoT Hub provides the features that, along with an extensibility model, enable device
and back-end developers to build robust device management solutions. Regardless of what
cloud solution you choose, a solution must accommodate devices that range from constrained
sensors and single purpose micro-controllers, to powerful gateways that route
communications for groups of devices. In addition, the use cases and requirements for IoT
operators vary significantly across industries. In this topic we explore how device
management with IoT Hub provides the capabilities, patterns, and code libraries to cater to a
diverse set of devices and end users.
Device Management Principles

IoT brings with it a unique set of device management challenges and every enterprise-class
solution must address the following principles:
Scale and automation: IoT solutions require simple tools that enable operators to manage
devices remotely and in bulk. Operators should only be alerted when issues arise that require
their direct attention.
Openness and compatibility: Management tools must be tailored to accommodate a

multitude of device classes, platforms, and protocols.
Context awareness: Device management operations must take into account various states a
device can be in to ensure that maintenance downtime doesn't affect critical business
operations or create dangerous conditions.
Service many roles: Operators must work within the constraints of internal IT department
workflows and processes, and they must surface real-time device operations information to
supervisors and other business roles.
Device Life Cycle

In Azure IoT, there are five device management stages within the device life cycle that are
common to all enterprise IoT projects. Within each of these five stages, there are several
device operator requirements that should be fulfilled to provide a complete solution:
Plan: Enable operators to create a device metadata scheme (a way of categorizing and
organizing data across devices) that enables them to easily and accurately query for and target
a group of devices for bulk management operations. You can use the device twin to store this
device metadata in the form of tags and properties. We will look more closely at how device
twins can be used for this purpose in an upcoming topic later in this lesson.
Provision: Securely provision new devices to IoT Hub and enable operators to immediately
discover device capabilities. Use the IoT Hub identity registry to create flexible device
identities and credentials and perform this operation in bulk by using a job. Build devices to
report their capabilities and conditions through device properties in the device twin.
Configure: Facilitate bulk configuration changes and firmware updates to devices while
maintaining both their health and security. Azure IoT Hub enables you to perform these
device management operations in bulk by using desired properties or with direct methods and
broadcast jobs.
Monitor: Monitor overall device collection health, the status of ongoing operations, and alert
operators to issues that might require their attention. Apply the device twin to allow devices
to report real-time operating conditions and status of update operations. Build powerful
dashboard reports that surface the most immediate issues by using device twin queries.
Retire: Replace or decommission devices after a failure, upgrade cycle, or at the end of the
service lifetime. Use the device twin to maintain device info if the physical device is being
replaced, or archived if being retired. Use the IoT Hub identity registry for securely revoking
device identities and credentials.
For more information on these ideas, see Microsoft's device management overview
documentation.
An Implementation Example
Microsoft's Transform blog describes a specific implementation of devices and Azure cloud
services along with HoloLens technology that has enabled elevator manufacturer
thyssenkrupp to monitor the health of elevators they've deployed and use HoloLens to
empower engineers to better service those elevators without having to be on site. While the
article focuses on the solution thyssenkrupp and Microsoft developed together, consider the
implementation details needed to manage the IoT deployment described in the article. Use the
material in the sections above to consider how you might use those services to manage the
deployment and keep the solution running.
In the solution, Microsoft and thyssenkrupp developed a solution, “that securely connects
thyssenkrupp’s thousands of sensors and systems in its elevators to the cloud. With the
Microsoft Azure IoT Suite, thyssenkrupp captures elevator data – such as motor temperature,
shaft alignment, cab speed and door functioning – and transmits it to a single dashboard.”
The implementation enables the company to monitor the health of the elevators and, using
HoloLens allow technicians to remotely troubleshoot and plan for site visits by better
understanding the problem before a truck is deployed. This reduces the on-site time needed to
make repairs and helped them ensure that the right parts are taken to the site reducing the
need for second visits.
While the solution focuses on how IoT helps the company manage their elevators, as an IoT
architect, you would need to be responsible for the IoT devices themselves. Each of the
sensors deployed to the field needs to be monitored, updated, and configured and your IoT
solution would need to account for these activities. This is where Azure IoT hub helps. Any
complex deployment would have the same requirements.
By using the services we describe above, device configuration information (for multiple
devices) can be stored in the device twin, queried for information and updated using jobs or
direct method calls. We'll explore how these services work in an upcoming topic later in this
lesson.
Architecting a Device Management Solution

You can apply the same thought experiments to the other examples we've explored in
previous lessons. As an exercise, while working through Module 4, pick one of the scenarios
we discuss and mock up a device management plan for the devices used in that solution. You
can ask yourself the following questions:
1. What devices might I need for this solution?

2. How can I use Microsoft's IoT Hub to provision these devices?
3. How can IoT Hub help me push updates or configuration changes to the devices in
this solution?
4. How does IoT Hub help me monitor the health of these devices?
If you're not sure how to answer these questions, work through the rest of the topics in this
lesson to learn more about how IoT Hub works and the services it provides to help with each
of these tasks.
IoT Cloud Services: The Azure IoT Hub

 About the benefits of Azure IoT Hub as an IoT cloud service provider
 How Azure IoT Hub can help manage device identity
 About the Azure IoT Hub messaging and communication services
 How Azure IoT Hub keeps your devices connected to the cloud
Azure IoT Hub is a fully managed service that enables secure and reliable bidirectional
communications between the solution back end and a wide variety of devices. In fact, a single
IoT Hub is capable of connecting millions of IoT devices and ingesting high volumes of
telemetry.
The IoT Hub service

 Provides multiple device-to-cloud and cloud-to-device communication options,
including one-way messaging, file transfer, and request-reply methods.
 Provides built-in declarative message routing (one-to-one messaging or being able to
target specific endpoints with specific messages – contrast with a broadcast message)
to other Azure services.
 Provides a queryable store for device metadata and synchronized state information.
This means you can request information about devices in your IoT network and get
information about the state they're in.
 Enables secure communications and access control using per-device security keys or
X.509 certificates.
 Provides extensive monitoring for device connectivity and device identity
management events.
 Includes device libraries for the most popular languages and platforms.
Azure IoT Hub Identity Registry

Every IoT hub has an identity registry that stores information about the devices that are
permitted to connect to the IoT hub. Before a device can connect to an IoT hub, there must be
an entry for that device in the IoT hub's identity registry. A device must also authenticate
with the IoT hub based on credentials stored in the identity registry.
At a high level, the identity registry is a REST-capable collection of device identity

resources. When you add an entry to the identity registry, IoT Hub creates a set of per-device
resources in the service such as the queue that contains messages that have been transmitted
from the cloud to the device.
Messaging
IoT Hub provides the following messaging primitives to communicate with a device:
 Device-to-cloud from a device to a back-end app.

 Cloud-to-device from a back-end app (service or cloud).
See the IoT Hub Messaging resource documentation for a more detailed look at Device-to-
cloud and Cloud-to-device messaging.
Service-Assisted Communication
Azure IoT Hub implements the service-assisted communication pattern to mediate the
interactions between your devices and your solution back end. The goal of service-assisted
communication is to establish trustworthy, bidirectional communication paths between a
control system, such as IoT Hub, and special-purpose devices that are deployed in untrusted
physical space. The pattern establishes the following principles:
 Security takes precedence over all other capabilities.

 Devices do not accept network information it has not specifically requested. A device
establishes all connections and routes in an outbound-only fashion. For a device to
receive a command from the solution back end, the device must regularly initiate a
connection to check for any pending commands to process.
 Devices should only connect to or establish routes to well-known services they are
paired with, such as IoT Hub.
 The communication path between device and service or between device and gateway
is secured at the application protocol layer (that is, the technology that handles the
actual communication between the devices and services).
 System-level authorization and authentication are based on per-device identities. They
make access credentials and permissions nearly instantly revocable. This means you
can prevent or allow access to a device nearly instantaneously.
 Bidirectional communication for devices that connect sporadically due to power or
connectivity concerns is facilitated by holding commands and device notifications
until a device connects to receive them. IoT Hub maintains device-specific queues for
the commands it sends.
 Application data is secured separately for protected transmission through gateways to
a particular service.
Device Connectivity
In addition to a rich set of device-to-cloud and cloud-to-device communication options,
including messaging, file transfers, and request-reply methods, Azure IoT Hub addresses the
device-connectivity challenges in the following ways:
 Device twins. Using Device twins, you can store, synchronize, and query device
metadata and state information. Device twins are JSON documents that store device
state information (metadata, configurations, and conditions). IoT Hub creates and
maintains a device twin for each device that you connect to IoT Hub.
 Per-device authentication and secure connectivity. You can provision each device
with its own security key to enable it to connect to IoT Hub. The IoT Hub identity
registry stores device identities and keys in a solution. A solution back end can add
individual devices to allow or deny lists to enable complete control over device
access.
 Route device-to-cloud messages to Azure services based on declarative rules. IoT
Hub enables you to define message routes based on routing rules to control where
your hub sends device-to-cloud messages. Routing rules do not require you to write
any code, and can take the place of custom post-ingestion message dispatchers.
 Monitoring of device connectivity operations. You can receive detailed operation
logs about device identity management operations and device connectivity events.
This monitoring capability enables your IoT solution to identify connectivity issues,
such as devices that try to connect with wrong credentials, send messages too
frequently, or reject all cloud-to-device messages.
 An extensive set of device libraries. Azure IoT device SDKs are available and
supported for various languages and platforms–C for many Linux distributions,
Windows, and real-time operating systems. Azure IoT device SDKs also support
managed languages, such as C#, Java, and JavaScript.
 IoT protocols and extensibility. If your solution cannot use the device libraries, IoT
Hub exposes a public protocol that enables devices to natively use the MQTT v3.1.1,
HTTP 1.1, or AMQP 1.0 protocols. You can also extend IoT Hub to provide support
for custom protocols by:
o Creating a field gateway with the Azure IoT Gateway SDK that converts your
custom protocol to one of the three protocols understood by IoT Hub.
o Customizing the Azure IoT protocol gateway, an open source component that
runs in the cloud.
 Scale. Azure IoT Hub scales to millions of simultaneously connected devices and
millions of events per second.
An Example Implementation
The Microsoft Azure team has put together a demo project you can explore to better
understand how to implement Azure IoT Hub services into your solution. This demo shows
how to use the Azure Service Fabric along with IoT Hub, Event Hubs, OWIN, and Web API.
The application ingest events from the input Event Hub, processes sensor readings and
generates an alert whenever a value outside of the tolerance range is received.
Working with this demo will require an Azure subscription and some technical proficiency
that may be beyond what you're ready for at this point in your coursework. However, it will
be beneficial for you to review the implementation to see what is possible using Azure IoT
Hub. As you move into more advanced topics in the rest of the courses in this series, you can
revisit this demo to test your skills and further lock in the concepts you're learning. You can
also check out a more advanced IoT demo that uses the Observer design pattern to show how
changes in one part of an implementation can be broadcast and inform changes to other parts
of an implementation.
IoT Hub Messaging

 How Azure IoT Hub manages messages going deeper on this topic
 How device-to-cloud and cloud-to-device messaging works
 How to manage the messaging life cycle using Azure IoT Hub
As we noted in the previous topic, IoT Hub provides the following messaging primitives to
communicate with a device:
 Device-to-cloud from a device to a back-end app.
 Cloud-to-device from a back-end app (service or cloud).
Core properties of IoT Hub messaging functionality are the reliability and durability of
messages. These properties enable resilience to intermittent connectivity on the device side,
and to load spikes in event processing on the cloud side. IoT Hub implements at least once
delivery guarantees for both device-to-cloud and cloud-to-device messaging.
IoT Hub supports multiple device-facing protocols (such as MQTT, AMQP, and HTTP). To
support seamless interoperability across protocols, IoT Hub defines a common message
format that all device-facing protocols support.
IoT Hub exposes a built-in Event Hub-compatible endpoint to enable back-end apps to read
the device-to-cloud messages received by the hub. You can also create custom endpoints in
your IoT hub by linking other services in your subscription to the hub.
Use device-to-cloud messages for sending time series telemetry and alerts from your device
app, and cloud-to-device messages for one-way notifications to the device app.
Device-To-Cloud
You send device-to-cloud messages through a device-facing endpoint

(/devices//messages/events). Routing rules then route your messages to one of the service-
facing endpoints on your IoT hub. Routing rules use the properties of the device-to-cloud
messages flowing through your hub to determine where to route them. By default, messages
are routed to the built-in service-facing endpoint (messages/events), that is compatible with
Event Hubs. Therefore, you can use standard Event Hubs integration and SDKs to receive
device-to-cloud messages.
IoT Hub implements device-to-cloud messaging using a streaming messaging pattern. IoT
Hub's device-to-cloud messages are more like Event Hubs events than Service Bus messages
in that there is a high volume of events passing through the service that can be read by
multiple readers.
This implementation has the following implications:
 Like Event Hubs events, device-to-cloud messages are durable and retained in an IoT
hub's default messages/events endpoint for up to seven days.
 Like Event Hubs events, device-to-cloud messages can be at most 256 KB, and can be
grouped in batches to optimize sends. Batches can be at most 256 KB.
There are, however, a few important distinctions between IoT Hub device-to-cloud
messaging and Event Hubs:
 IoT Hub allows per-device authentication and access control.

 IoT Hub allows you to create up to 10 custom endpoints. Messages are delivered to
the endpoints based on routes configured on your IoT hub.
 IoT Hub allows millions of simultaneously connected devices (see Quotas and
throttling), while Event Hubs is limited to 5000 AMQP connections per namespace.
 IoT Hub does not allow arbitrary partitioning using a PartitionKey. Device-to-cloud
messages are partitioned based on their originating deviceId.
 Scaling IoT Hub is slightly different than scaling Event Hubs.
 Cloud-To-Device
 You send cloud-to-device messages through a service-facing endpoint
(/messages/devicebound). A device receives them through a device-specific endpoint
(/devices//messages/devicebound).
Each cloud-to-device message is targeted at a single device by setting the to property to

/devices//messages/devicebound.
Message Lifecycle
To guarantee at least once message delivery, IoT Hub persists cloud-to-device messages in
per-device queues. Devices must explicitly acknowledge completion for IoT Hub to remove
them from the queue. This guarantees resiliency against connectivity and device failures.
The following diagram shows the lifecycle state graph for a cloud-to-device message.
CloudToDeviceMessaging
When the service sends a message, it is considered Enqueued. When a device wants to
receive a message, IoT Hub locks the message (sets the state to Invisible) allowing other
threads on the same device to start receiving other messages. When a device thread completes
the processing of a message, it notifies IoT Hub by completing the message.
A device can also:
 Reject the message, which causes IoT Hub to set it to the Deadlettered state. Note:
devices connecting with MQTT cannot reject cloud-to-device messages.
 Abandon the message, which causes IoT Hub to put the message back in the queue,
with the state set to Enqueued.
A thread could fail to process a message without notifying IoT Hub. In this case, messages
automatically transition from the Invisible state back to the Enqueued state after a visibility
(or lock) timeout. The default value of this timeout is one minute.
A message can transition between the Enqueued and Invisible states for, at most, the number
of times specified in the max delivery count property on IoT Hub. After that number of
transitions, IoT Hub sets the state of the message to Deadlettered. Similarly, IoT Hub sets the
state of a message to Deadlettered after its expiration time (see Time to live).
IoT Device Configuration

 How to use Azure IoT Hub to configure devices

 About using Azure IoT Hub to run programs on devices and run batch jobs
 About using device twins to manage device configuration information
We learned in an earlier topic in this lesson about the types of devices and device services
that can be used in an IoT solution. We looked at the Azure IoT Hub can be used to manage
IoT devices and in this topic we'll look more closely at how the IoT Hub can be used to
configure devices in your solution and ensure that devices are kept up to date.
Remote Operations
In many (perhaps most) IoT solutions, devices are deployed “in the field” which means they
are placed in areas distinct from those where the engineers and operators who need to manage
those devices are located. Because of this, most of the operations that need to be performed
on these devices will need to be done remotely. When a solution includes dozens or hundreds
of devices, monitoring, updating, and managing the configuration of those devices can
present significant operational and logistical challenges. Azure IoT Hub was designed with
this scenario in mind and can make remote device operations much more manageable.
Remote operations that target IoT devices can be divided into three implementation
categories: Direct Methods, Device Twins, and Device Management. Let's look at each of
these in turn.
Direct Methods
IoT Hub gives you ability to run programs on devices from the cloud. Direct methods
represent a request-reply operation with a device similar to an HTTP call in that they succeed
or fail immediately (after a user-specified timeout). This is useful for scenarios where the
course of immediate action is different depending on whether the device was able to respond,
such as sending an SMS wake-up to a device if a device is offline.
Each direct method targets a single device. Jobs provide a way to invoke direct methods on
multiple devices, and schedule operations on disconnected devices.
For example, you may want to update the firmware on a set of devices deployed to turbines in
a wind farm. You can use the Jobs feature to push the update to all devices that are online and
schedule the update for devices that currently are offline (perhaps some turbines go into a
“sleep mode” for a period of time each day to reduce wear) so that the update is pushed the
next time the device comes back online.
Each IoT hub has an identity registry that you can use to create per-device resources in the
service, such as a queue that contains cloud-to-device messages. The identity registry also
enables you to control access to the device-facing endpoints (like a field gateway).
Jobs manage import and export operations like transferring data collected from an IoT device
(or set of devices) or pushing a settings file to the device. These enable you to execute bulk
service operations using the IoT hub.
What are Jobs?
Identity registry operations use the Job system when the operation:
 Has a potentially long execution time compared to standard run-time operations.

 Returns a large amount of data to the user.
In these cases, instead of a single API call waiting or blocking on the result of the operation,
the operation asynchronously creates a Job for that IoT hub. The operation then immediately
returns a JobProperties object. So instead of your program waiting for the result of the
operation (for example, requesting a large amount of data from the IoT device), you can use
the JobProperties object as a pointer to the request and run other operations at the same time.
It's like dropping your clothing at the dry cleaners and, instead of waiting for them to finish
the job, you get a ticket which represents the job so you can go home and do other things.
You can then call them or visit the shop again to see if the work is done.
Device Twins
Device twins are JSON documents that store device state information (metadata,
configurations, and conditions). IoT Hub persists a device twin for each device that you
connect to IoT Hub.
Device twins store device-related information that:
 Device and back ends can use to synchronize device conditions and configuration.
 The solution back end can use to query and target long-running operations.
 The lifecycle of a device twin is linked to the corresponding device identity. Device
twins are created and deleted when a new device identity is created or deleted in IoT
Hub.
Use device twins to:
 Store device-specific metadata in the cloud. For example, the deployment location of
a vending machine is metadata about the physical vending machine.
 Report current state information such as available capabilities and conditions from
your device app. For example, whether a device is connected to your IoT hub over
cellular or WiFi.
 Synchronize the state of long-running workflows (operations or running programs)
between device app and back-end app. For example, when the solution back end
specifies the new firmware version to install, and the device app reports the various
stages of the update process.
 Query your device metadata, configuration, or state.
Device Management Patterns

IoT Hub enables the device management patterns described below. If necessary, you can
extend these patterns to fit your exact scenario, or you can design new patterns based on these
core templates.
Reboot - The back-end app informs the device through a direct method that it has initiated a
reboot. The device uses the reported properties to update the reboot status of the device.
Factory Reset - The back-end app informs the device through a direct method that it has
initiated a factory reset. The device uses the reported properties to update the factory reset
status of the device.
Configuration - The back-end app uses the desired properties to configure software running
on the device. The device uses the reported properties to update configuration status of the
device.
Firmware Update - The back-end app informs the device through a direct method that it has
initiated a firmware update. The device initiates a multistep process to download the
firmware image, apply the firmware image, and finally reconnect to the IoT Hub service.
Throughout the multistep process, the device uses the reported properties to update the
progress and status of the device.
Reporting progress and status - The solution back end runs device twin queries, across a set
of devices, to report on the status and progress of actions running on the devices.
Introduction to IoT Data Analytics and Storage
 About IoT data storage options

 The basics of IoT data analytics in Azure IoT Hub
Introduction to Data Storage

There are several cloud storage options to consider when planning a storage solution for your
IoT data.
Azure Cosmos DB
Azure Cosmos DB is a multi-model (e.g. document, relational, key-value pair) storage option
that includes a fully managed NoSQL database service that provides rich and familiar SQL
query capabilities with consistent low latencies on JSON data. Cosmos DB is a great fit for
IoT solutions and many other types of applications that need seamless scale and global
replication.
SQL Database
SQL Database is a relational database service in the Microsoft cloud based on the Microsoft
SQL Server engine and capable of handling mission-critical workloads. SQL Database
delivers predictable performance at multiple service levels, dynamic scalability with no
downtime, built-in business continuity, and data protection — all with near-zero
administration. These capabilities allow you to focus on rapid app development and
accelerating your time to market, rather than allocating precious time and resources to
managing virtual machines and infrastructure. Because SQL Database is based on the SQL
Server engine, SQL Database supports existing SQL Server tools, libraries, and APIs.
For more information see SQL Database Documentation
Azure Storage
Azure storage provides the following services that can be used in your IoT solutions: Blob
storage, Table storage, Queue storage.
Blob Storage stores unstructured object data. A blob can be any type of text or binary data,
such as a document, media file, or application installer. Blob storage is also referred to as
Object storage.
Table Storage stores structured datasets. Table storage is a NoSQL key-attribute data store,
which allows for rapid development and fast access to large quantities of data.
Queue Storage provides reliable messaging for workflow processing and for communication
between components of cloud services.
For more information see Azure Storage Documentation
Azure Data Lake Store
Azure Data Lake Store is an enterprise-wide hyper-scale repository for big data analytic
workloads. Azure Data Lake enables you to capture data of any size, type, and ingestion
speed in one single place for operational and exploratory analytics.
Azure Data Lake Store provides unlimited storage and is suitable for storing a variety of data
for analytics. It does not impose any limits on account sizes, file sizes, or the amount of data
that can be stored in a data lake. Individual files can range from kilobyte to petabytes in size
making it a great choice to store any type of data. Data is stored durably by making multiple
copies and there is no limit on the duration of time for which the data can be stored in the
data lake.
For more information see Data Lake Store Documentation
Data Analytics and IoT

Being able to run analytics on data in real time and generate alerts is a key component of
most IoT solutions.
Stream Analytics Job

Azure Stream Analytics is a fully managed, real-time event processing engine that helps you
to unlock deep insights from your data. Stream Analytics enables you to set up real-time
analytic computations on data streaming from devices, sensors, applications, and more.
The Azure portal enables you to create a Stream Analytics job using the same methods that
you would use to add any other service. Once the service is deployed to your resource group,
you are presented with a blade that can be used to specify the input source of the streaming
data, the output sink for the results of your job, and a SQL-like query expression that can be
modified to transform your data. You can monitor and adjust the scale/speed of your job in
the Azure portal to scale from a few kilobytes to a gigabyte or more of events processed per
second. Your Stream Analytics jobs are backed by highly tuned streaming engines for time-
sensitive processing.
Scenarios of real-time streaming analytics can be found across all industries: personalized,
real-time stock-trading analysis and alerts offered by financial services companies; real-time
fraud detection; data and identity protection services; reliable ingestion and analysis of data
generated by sensors and actuators embedded in physical objects (Internet of Things, or IoT);
web clickstream analytics; and customer relationship management (CRM) applications
issuing alerts when customer experience within a time frame is degraded.
Configuring Inputs
The data connection to Stream Analytics is a data stream of events from a data source. This is
called an “input.” Stream Analytics has first-class integration with Azure data stream sources
Event Hub, IoT Hub, and Blob storage that can be from the same or different Azure
subscription as your analytics job.
As data is pushed to a data source, it is consumed by the Stream Analytics job and processed
in real time. Inputs are divided into two distinct types: data stream inputs and reference data
inputs.
 Data stream inputs: A data stream is unbounded sequence of events coming over
time. Stream Analytics jobs must include at least one data stream input to be
consumed and transformed by the job. Blob storage, Event Hubs, and IoT Hubs are
supported as data stream input sources. Event Hubs are used to collect event streams
from multiple devices and services, such as social media activity feeds, stock trade
information or data from sensors. IoT Hubs are optimized to collect data from
connected devices in Internet of Things (IoT) scenarios. Blob storage can be used as
an input source for ingesting bulk data as a stream.
 Reference data: Stream Analytics supports a second type of input known as reference
data. This is auxiliary data which is either static or slowly changing over time and is
typically used for performing correlation and look-ups. Azure Blob storage is
currently the only supported input source for reference data. Reference data source
blobs are limited to 100MB in size.
For more information on configuring inputs, see

https://go.microsoft.com/fwlink/?linkid=848177
Configuring Outputs
When authoring a Stream Analytics job, consider how the resulting data will be consumed.
How will you view the results of the Stream Analytics job and where will you store it?
In order to enable a variety of application patterns, Azure Stream Analytics has different
options for storing output and viewing analysis results. This makes it easy to view job output
and gives you flexibility in the consumption and storage of the job output for data
warehousing and other purposes. Any output configured in the job must exist before the job is
started and events start flowing. For example, if you use Blob storage as an output, the job
will not create a storage account automatically. It needs to be created by the user before the
ASA job is started.
We looked at various storage options above so refer to that content for your options.
Configuring Queries
Queries in Azure Stream Analytics are expressed in a SQL-like query language, which is
documented in the Stream Analytics Query Language Reference guide. Using the Stream
Analytics query language in the in-browser query editor, you get intellisense auto-complete
to help you can quickly and easily implement time series queries, including temporal-based
joins, windowed aggregates, temporal filters, and other common operations such as joins,
aggregates, projections, and filters. In addition, in-browser query testing against a sample
data file enables quick, iterative development.
For an explanation of how to implement Query patterns that support the real-world scenarios
listed below, review Query examples for common Stream Analytics usage patterns
Conclusion
In this topic, we provided an overview of the many data storage options available for your
IoT solution. Each has a specific purpose and you may use one or many of these options
depending on the needs of your architecture. We also covered ways in which you can process
data coming from your devices. Well talk more about how to present the data you've
collected and stored in the next topic.
You can learn more about how to work with data in a course devoted to this topic in this
series. So while this gives you a taste of what is available, you'll need to explore the topic
more deeply in the other course in order to learn how to use these tools and services in your
implementation.
IoT Business Intelligence using PowerBI

 What PowerBI is and how it can be used in business intelligence scenarios

 The basics of using PowerBI to create reports
Power BI[^1] is a collection of software services, apps, and connectors that work together to
turn your unrelated sources of data into coherent, visually immersive, and interactive insights.
Whether your data is a simple Excel spreadsheet, or a collection of cloud-based and on-
premises hybrid data warehouses, Power BI lets you connect to your data sources, visualize
(or discover) what’s important, and share that with anyone or everyone you want.
[^1]: While this topic covers PowerBI as a tool for presenting your data in a meaningful way,
be aware that Azure data services can be used with other data analytics tools like Tableau.
Power BI can be simple and fast – capable of creating quick insights from an Excel
spreadsheet or a local database. But Power BI is also robust and enterprise-grade, ready for
extensive modeling and real-time analytics, as well as custom development. So it can be your
personal report and visualization tool, and can also serve as the analytics and decision engine
behind group projects, divisions, or entire corporations.
The Parts of Power BI

Power BI consists of a Windows desktop application called Power BI Desktop, an online
SaaS (Software as a Service) service called the Power BI service, and mobile Power BI apps
available on Windows phones and tablets, as well as for iOS and Android devices.
PowerBI - Apps and Services
These three elements – the Desktop, the service, and Mobile – are designed to let people
create, share, and consume business insights in the way that serves them, or their role, most
effectively.
Power BI Workflow
The common flow of activity in Power BI is the following:
 Bring data into Power BI Desktop, and create a report.

 Publish to the Power BI service, where you create new visualizations or build
dashboards.
 Share your dashboards with others, especially people who are on the go.
Creating Reports with Power BI Desktop

With Power BI Desktop, you connect to data (usually multiple data sources), shape that data
(with queries that build insightful, compelling data models), and use that model to create
reports (which others can leverage, build upon, and share).
When the steps are completed to your satisfaction – connect, shape, and report – you can save
that work in Power BI Desktop file format, which is the .pbix extension. Power BI Desktop
files can be shared like any other file, but the most compelling way to share Power BI
Desktop files is to upload them (share them) on the Power BI service.
Power BI Desktop centralizes, simplifies, and streamlines what can otherwise be a scattered,
disconnected, and arduous process of designing and creating business intelligence
repositories and reports.
----------------------------------------------------------------------------------------------------------------
-
IoT Scenarios for Manufacturing
We saw in Module 1 that IoT is transforming manufacturing and industry in general. In this
topic, we'll survey some specific examples of how IoT is being used in real-world situations
and how companies are using IoT to transform their business.
Rolls-Royce
Rolls-Royce has more than 13,000 engines for commercial aircraft in service around the
world, and for the past 20 years, it has offered customers comprehensive engine maintenance
services that help keep aircraft available and efficient. As the rapidly increasing volume of
data coming from many different types of aircraft equipment overtakes the airlines’ ability to
analyze and gain insight from it, Rolls-Royce is using the Microsoft Azure platform to
fundamentally transform how it uses data to better serve its customers.
To bring its vision of a powerful and scalable data analytics system to life, Rolls-Royce chose
to build it on the Microsoft Azure platform. “We realized early on, as customer and engine
data volumes increased, that we were looking at a big-data problem,” says Richard Beesley,
Senior Enterprise Architect Data Services, Rolls-Royce. “We quickly concluded that a cloud
platform like Azure was a ready-made solution for us.”
Beesley explains, “With Microsoft, it isn’t just about the infrastructure, it’s end-to-end and
global. There are the skills, the capabilities, the service offering, the development
environment, the security. It all just fit together.” Once Rolls-Royce started to collaborate
with Microsoft, it began to develop a number of new capabilities using an expansive set of
Azure platform services.
Starting with Azure IoT solution accelerators, Rolls-Royce will be able to collect and
aggregate data from disparate and geographically distributed sources at an unprecedented
scale. “With the increase in the volume and velocity of data that we’re looking at, Microsoft
Azure IoT solution accelerators will have a key part to play in our ability to reliably
aggregate data across our customers’ fleets,” Beesley says. Initially, the types of data being
processed include snapshots of engine performance that the planes send wirelessly during a
flight, massive downloads of comprehensive “black box”–type data, technical logs, and flight
plans as well as forecast and actual weather data provided by third parties.
read the full story here
OSIsoft
The Industrial Internet of Things (IIoT) - harnessing data produced by connected industrial
sensors and devices - is predicted to have a larger impact on global economic output than any
of the other big data sources. IIoT data also promises to help solve complex problems that
have far-reaching impacts, but deriving the value from that data is going to require the use of
sophisticated analytics. For more than 35 years, OSIsoft has been a leader in helping
organizations capture operational data from industrial equipment. Today, the company is on
the front lines of helping businesses use highly advanced analytics to gain valuable
operational intelligence from their sensor-based data.
Long before people were talking about the IIoT, OSIsoft was capturing, processing, and
sharing data from industrial sensors and equipment to help its customers optimize their
operations. The company’s PI System provides data infrastructure for organizations in several
key industrial sectors, including oil and gas, utilities, pharmaceuticals, food and beverage,
water, metals and mining, pulp and paper, and chemicals. It collects data from more than 1.5
billion sensor-based data streams at over 19,000 sites in more than 125 countries.
By consolidating and visualizing massive volumes of high-fidelity, time-series data & events
from disparate sources, OSIsoft helps businesses improve efficiency, sustainability, quality,
and safety. Whether it’s saving an energy company millions of dollars a year through better
wind forecasting or helping a mining company better organize its supply chain to boost iron
ore production by millions of tons annually, OSIsoft enables organizations to use their data to
improve their operations and make better decisions.
This study illustrates that the architecture for an IoT manufacturing solution must go beyond
merely collecting data to ensuring that the way the data is collected and stored to how it is
analyzed must be architected properly to provide reporting models that are effective at
addressing the business problems the solution aims to solve.
One option for experimenting with the right data solution is to model the IoT solution in a
simulated environment so various approaches can be tested, modified, and enhanced. By
exploring simulated interfaces and dashboards, you can get a sense of how equipment all over
the world can be viewed holistically, including both an overall view of performance and
detailed insight into the status of individual machines. Even if connecting operations around
the globe is a much later step, seeing the results of a simulation firsthand can help you refine
your objectives and get a better sense of what’s possible. Cloud solutions like Microsoft's
Azure IoT can make this modeling easier and faster.
Jabil
Established in 1966, Jabil is one of the world’s largest and most innovative providers of
manufacturing, design engineering, and supply chain management technologies and services.
With global operations spanning 102 locations and 28 countries, Jabil helps leading
companies in a diverse range of industries become more competitive.
And in recent years, staying competitive requires more than just offering newer, better
products. “One of the biggest industry trends we’re seeing is the desire for flexibility and
independence,” says Matt Behringer, Chief Information Officer, Enterprise Operations and
Quality Systems at Jabil. “We feel a continuous pull that says we want to have things the way
we want them, and we want them quicker.” Behringer says that the modern consumer’s
expectation of faster, more personalized services has permeated the industrial world, bringing
a “whole new level of complexity to organizations.”
For Jabil, an Internet of Things (IoT) approach based on the Microsoft Azure Cortana
Intelligence Suite was the only solution that made sense. Behringer says, “If you think about
the IoT mindset, and the ability to connect equipment, sensors, people, and whatever else you
can think of, we had to look at our factory from the viewpoint of system capability, and then
see what we could do to move forward in a way that enables us to be competitive and
differentiated.”
Other Resources and Case Studies

 Whitepaper: Competing in the digital age of manufacturing
o Download - Register for download
o Online - View online
 Hershey: https://customers.microsoft.com/en-us/story/hershey-office365
 Rockwell Automation: https://customers.microsoft.com/en-us/story/fueling-the-oil-
and-gas-industry-with-iot-1
IoT Scenarios for Smart Cities

Building on the concepts we reviewed in Module 1, the following are examples where cities
are using IoT to improve infrastructure and operations making services more reliable and
cities safer and more efficient.
Safer Cities
Peter O'Dell of Swan Island Networks in an article for Microsoft relates the following, simple
example of how IoT can be deployed to make the transportation of hazardous materials a bit
safer. He writes,
Take a simple example of an inexpensive sensor that can replace the current signs and decals
that appear on hazardous materials containers, particularly tanker trucks. This sensor
transmits its status and identity every 60 seconds, but it can also be activated by readers at
electronic toll-collection points. The city can collect and process data from the readers in real
time to gain a highly accurate understanding of where hazardous materials are located
throughout the city—particularly on transit points like major bridges.
In critical scenarios like a major storm or police action, having this data can help emergency
services respond in a way that keeps more people safe.
The Economist Magazine created what they call a Safe Cities Index which
attempts to define how 60 cities across the world define security. One segment of this feature
titled, “Unlocking the potential of Iot” which covers everything from data management to
applications of IoT in the security space. The segment includes a white paper titled, "A City
Planner's Handbook to Public Safety" in which they attempt to define how tradition methods
along with digitization can help rapidly growing urban areas maintain high safety standards.
The executive summary outlines the following key areas of focus–many of them involving
IoT technology:
 Biometric identification systems, which have the potential to reduce human error and
processing time at borders, will enhance citizen services and immigration control.
 Facial recognition systems and other predictive technologies will shift law
enforcement from reactive to proactive.
 Automated surveillance systems will reduce the dependence on human labor and
provide round-the-clock monitoring of critical infrastructure such as power, water and
telecommunications services.
 Electronic security measures will protect sensitive public administration services from
virtual risks, while data analytical tools can predict disease outbreaks.
 Strong information management, through enhanced security measures and data
protection schemes, will help institutions and corporations defend against cyber-
attacks.
 On-demand systems that integrate information, analyze the data and communicate
with first responders and the public will help governments respond to emergencies
and disasters.
 Technology platforms will facilitate efficient collaboration between different branches
of the government, enhancing inter-agency collaboration.
Many of these types of systems are being deployed in cities around the world and as the
technology advances and IoT services become more readily available, more city planners will
be looking to IoT to help them manage their responsibilities. You can read more on each of
these items by downloading the whitepaper here.
Improving Field Service

Alert: Pothole Ahead
In this simple example, drivers using their phones as the “IoT device” to send
data, can alert the municipality of Selangor in Malaysia of a problem and the city uses the
information to address roadway problems.
The popular driving app Waze enables drivers to report problems like an accident or roadway
issues. Selangor is using Waze data to learn about potholes and fix them. According to an
article in Malaysian technology magazine Vernonchan, when a pothole is reported, “The
Selangor State Local Authority will patch the pothole within five days.” While the reporting
mechanism is is not fully automated at this stage (but still very much IoT), one can imagine
cars fitted with sensors and AI image recognition technology that can detect things like
potholes and automatically report those problems to authorities.
Follow the Water
In another example, Microsoft describes how the Miami-Dade County Water and Sewer
Department (WASD) has the task of managing more than 6000 miles of pipes for that region.
The county had a system in place to collect large amounts of data but struggled to analyze it
quickly enough as well as holistically so they could predict problems and address immediate
issues.
The county went from being able to analyze three years of data on one metric of a single
station at a time to being able to analyze 22 years of data from more than 1000 stations in a
few seconds. This provides a much more holistic view of the system as a whole which can
tell the county much more about how things are operating.
IoT Scenarios for Smart Buildings

Smart Buildings are a particular example within the general topic of smart cities but they do
deserve a topic all their own. Smart Buildings are not merely about enabling operational
efficiency (as important as that is). They also are about comfort and providing a better
environment for their inhabitants. Let's look briefly at a couple of examples.
ICONICS
No longer must engineers manually inspect and tune buildings to run more efficiently.
ICONICS smart building software collects and analyzes Internet of Things (IoT) sensor data
from building management systems, giving owners visibility into their property’s health,
improved energy efficiency, and lower costs. Based in Foxborough, Massachusetts,
ICONICS relies on Microsoft Azure Digital Twins to boost software scalability and rapidly
deliver innovative capabilities to customers, such as occupancy and spatial analytics.
ICONICS smart building software has run on Microsoft Azure since 2015. ICONICS
software acts as an integration hub to building management systems that control heating,
ventilation, lighting, and more. It also collects and centralizes each system’s sensor data.
ICONICS’ proprietary technology performs visualization and historization of this data while
artificial intelligence rules predict when a machine will fail or use more energy than
necessary. It also predicts which issues will have the most impact on energy usage or cost, so
building managers can prioritize remediation.
"The Microsoft Energy Smart Buildings program has saved Microsoft 20 percent off its
energy bills,” says Russ Agrusa, President and CEO of ICONICS.
thyssenkrupp
Essen, Germany-based thyssenkrupp Elevator is a worldwide leader in elevator technology,
and the company is taking its knowledge of urban mobility to the next level with help from
its partner, Willow. At its Innovation Test Tower in Rottweil, Germany, thyssenkrupp
Elevator is using Willow Twin—a digitalized virtual model of the physical building—to
revolutionize the way buildings are maintained and to enhance the experience of tenants and
visitors. Willow Twin is built on Microsoft Azure, using a wide range of Azure services,
including the recently released Azure Digital Twins.
As today’s cities grow and change, the concept of urban mobility becomes an increasingly
important consideration for the people who plan, design, construct, and run the offices and
residences that make up those cities. Urban mobility isn’t just about the way that people
move around the city—it’s also about the way that people move within and interact with the
buildings where they work and live.
“Real estate owners and managers are always seeking ways to reduce costs and increase
tenant satisfaction,” says Professor Michael Cesarz, Chief Executive Officer for MULTI at
thyssenkrupp Elevator. “We believe that putting intelligence into the building that improves
facilities management and analyzes how occupants and visitors use the building is the best
way to fulfill their needs. We’re employing digitalization, AI, and Internet of Things
technologies to optimize usage at every level and make the building a pleasant place to work,
visit, and live.”
To help develop new solutions, thyssenkrupp partnered with Willow, a member of the
Microsoft Partner Network that is creating a new category of innovation for the built
environment. thyssenkrupp uses the company’s Willow Twin platform, which provides a
“digital twin” of the tower that delivers actionable insights to the building managers.
“A digital twin is a virtual replica of the spaces, devices, and people within a building,”
explains Joshua Ridley, Cofounder and Chief Executive Officer at Willow. “The digital twin
takes in live data from IoT sensors that are monitoring all of the building’s systems—from
lighting and elevators to heating, ventilation, and air conditioning—along with data about the
way space is being used and occupied. It makes all that data available to owners, managers,
and maintenance staff in real time. They can identify problems, track usage patterns, and gain
new insights into the way they operate the building and the way people use it. This opens the
door to new and better experiences for tenants and visitors.”
Sam George Interview

The Internet of Things, advanced computing, virtual reality and artificial intelligence are all
technology trends that are creating change in the workplace and live our daily lives. As
Steelcase and Microsoft collaborate to build the Smart + Connected Workplace, Microsoft
director of Azure IoT, Sam George, spoke to 360 about how the two companies leverage each
other’s strengths to create a secure network ready to adapt to the changing ways in which
people are working.
Further reading
 Smart buildings, built on Azure IoT
 Willow and thyssenkrupp Elevator take building smarts to a new level
 Rigado delivers IoT edge-as-a-service for smart workplace solution
 PCL Construction uses IoT with Azure to revolutionize the construction industry
 Steelcase Demonstrates the Smart and Connected Workplace with New IoT-Powered
Solutions
IoT Scenarios for Energy

Safer and more efficient energy usage is something on that is on the minds of a lot of people
these days and effective IoT solutions have enormous potential to improve the production of
energy but also the way existing energy systems distribute and use the energy we currently
have access to.
Rockwell Automation
Here's an example from a Microsoft customer story of how IoT is being used by Rockwell
Automation to improve how energy is used in a real-world situation.
Monitoring Oil Production
The story asks us to consider the incredible (and precarious) journey the gasoline in your car
takes from the moment its mined to when it ends up in your vehicle. The journey begins, at a
remote offshore oil well more than 500 feet below the surface, being battered by turbulent
waves in transport across the rugged North Pacific, only to find themselves traveling
hundreds more miles in a pipeline across searing desert terrain. A stop at the refinery and
then they were off again, carried by train and truck until finally arriving at your local filling
station. Along the way, they passed through countless pumps, holding tanks, meters, monitors
and hoses.
With all those myriad systems and variables like weather, corrosion, local transportation
scenarios, and mining and distribution equipment, building systems to ensure timely, safe and
efficient production and delivery of vehicle fuel requires continual monitoring, maintenance,
and adjustments across the entire supply chain.
Rockwell Automation is using IoT to assist engineers in monitoring remote equipment. Using
data collected in sensors in drilling pumps (the failure of single pump can cost between
$100,000 and $300,000 per day in lost productivity according to the article) to build
dashboards that engineers can use to monitor the health of the pumps hundreds of miles
away. The system can also alert engineers about problems in real-time allow for immediate
and more efficient trouble-shooting and minimal down time. According to one engineer, “The
last time we had a well trip offline, within five minutes we had a phone call telling us what
broke, what to look at, and how to test it . . .”
Delivering the Fuel
Rockwell's solution extends to the gas pump as well. They're implementing IoT sensors to
enable safer delivery of liquid natural gas which takes up less volume to store and transport
than traditional vehicle fuels and is being used mainly in large trucks used to transport goods.
In order to keep the pumping stations operating efficiently and safely, Rockwell is using IoT
sensors to monitor pumps and predictive analytics to anticipate failures and keep stations well
supplied with the fuel customers need.
Rockwell also is experimenting with machine learning to better analyze the large amount of
data being collected from their sensors. Better data analysis can provide better insights into
how fueling stations are functioning and may foster innovative ways to distribute fuel more
safely and efficiently.
Other IoT Energy Solutions
XTO Energy
XTO Energy is a subsidiary of ExxonMobil and has major holdings in the Permian Basin,
one of the world’s most important oil-producing regions. To overcome the challenges of
monitoring and optimizing a vast number of widely dispersed field assets, XTO Energy has
been digitalizing its Permian operations. By using Microsoft Azure IoT technologies to
electronically collect data and then using Azure solutions to store and analyze it, XTO
Energy gains new insights into well operations and future drilling possibilities.
Emerson
Emerson research found that $1 trillion in value is lost annually across manufacturing
industries to inefficient operations and monitoring of manufacturing processes. That’s
because historically, processing plants have used systems that limit the online monitoring of
second-tier equipment, like heat exchangers, pumps, or valves. This equipment typically is
repaired on a routine maintenance schedule - during which the entire plant is shut down and
taken offline for examination - or as needed, based on manual spot checks. The result: Some
manufacturing companies have faced challenges achieving their production or financial
goals.
In 2016, the company pushed into the digital future by harnessing the power of the Internet of
Things in a Plantweb digital ecosystem. This ecosystem offers manufacturers a scalable IoT
solution using wireless technologies, advanced instrumentation, and data analytics to improve
plant performance.
Opportunities for the Consumer
IoT technologies in the power supply industry are also showing up at the home. Years ago,
technicians had to visit each home on a regular basis to “read the meter” so the power
company would know how much to charge the customer. With IoT, power consumption can
be reported in real-time. This not only benefits the provider but also gives the power
company the means by which to provide better, and more frequent reports to customers so
they have access to the information that can help them conserve or prepare for the bill they
will be getting.
As alternate means of electrical power (wind and solar are two examples) become more
widely available, IoT will also enable customers to make choices about how best to utilize the
options at their disposal. For example, customers who have installed solar panels on their
home and collect energy from the sun can “sell back” excess energy to the power company or
their neighbor. Internet-connected devices along with real-time reporting on energy collected,
usage trends, and available excess power will enable customers to make smart choices about
their usage and distribution.
These are just a few examples of how IoT is transforming energy. We hope these examples
have inspired you to think of more ways IoT can be used to innovate on our ever-pressing
power needs whether it be extending our existing energy sources to get the most out of them
or finding new sources of energy.
IoT Scenarios for Healthcare

Microsoft has outlined specific scenarios where IoT is being used in healthcare. You can read
about these in the ebook, From the person to the cloud and back. We'll survey a couple of
them here and look at how the principles and concepts we discussed above are being used in
the real world.
Roche
Diagnostic devices play a vital role in helping to improve healthcare delivery. In fact, an
estimated 60 percent of the world’s medical decisions are made with support from in vitro
diagnostics (IVD) solutions, such as those provided by Roche Diagnostics, an industry leader.
To deliver these services cost-effectively, the company explored the use of Internet of Things
(IoT) technologies to address the following requirements:
 Remotely monitoring and managing IVD devices as fixed assets.

 Optimizing device availability with predictive maintenance.
 Recommending the best IVD solution for a customer’s needs through data analytics.
CHAMP
Children's Mercy Hospital in Kansas City Missouri developed a tool which parents use to
enter vital statistics for a critical-care baby. The system then analyzes the data. “If there are
any measurements outside healthy cardiac parameters, such as oxygen saturation that’s too
low or high, the baby’s medical team is automatically alerted.” They call the tool Cardiac
High Acuity Monitoring Program or CHAMP.
The solution is relatively simple in its architecture. It uses a Windows 10 laptop or tablet
that's connected to a cloud-based database. The data entry is manual–parents enter numbers
into an app that sits on the device.
But this illustrates that IoT solutions can start out relatively simply with data being entered
manually and aggregated and analyzed by cloud services. One easily can imagine subsequent
versions of CHAMP that uses wireless sensors to collect vital statistics securely in real time,
aggregate the data into an app that parents can review and send a various intervals throughout
the day.
Predicting Outbreaks
Medical device manufacturer Becton Dickinson (BD) partnered with Microsoft to build a
cloud-based solution that helps aggregate the results of blood tests to help determine trends
(such as a flu epidemic) in real-time. As with CHAMP, the architecture of this solution is
relatively simple (this is not to downplay the sophistication of the technology itself).
BD builds a device that can offer a quick diagnosis on whether a child has the flu and the data
is sent to a cloud-based database. This data is used by the hospital itself but can be used by
other hospitals or disease control centers to see if trends are emerging and enable them to act
much more quickly to prevent the disease from spreading or develop vaccines.
The company takes its HIPAA responsibilities serious and has built into its architecture
models for keeping private data private. Personal data is removed, leaving aggregate data that
can be used to inform population-based health decisions. Even this “de-identified” data has
restrictions on use based on data rights agreements put in place between BD and their
customers. During a flu outbreak, connected Veritor devices would alert hospitals to consider
the potential need to increase emergency room staffing and order additional medicines to
support the projected influx of patients.
Next-generation Healthcare
These case studies just scratch the surface of what can be done in this vertical to move the
healthcare industry forward. This space, perhaps more than any other vertical we'll study has
the potential to positively impact billions of lives. The space is nascent and emerging. How
will you get involved?
For more information, see: https://www.microsoft.com/en-us/internet-of-things/healthcare
IoT Scenarios for Retail

We saw in Module 1 how IoT promises to transform retail into a more personalized, efficient,
and secure experience both for the shopper and the retailer. Let's look at a few scenarios
where IoT solutions are being developed for the retail experience. Use these scenarios as
inspiration for how you might use IoT to enhance your business or industry.
Microsoft has outlined a few specific scenarios where IoT for retail is being used. You can
read about them here but we'll review a couple of them to see how to apply this technology to
this vertical.
As with all IoT solutions, much of the value of these products is in the data they collect and
that can be given to homeowners to build the efficiencies and advantages described in the
bullets above. As we've said for the other verticals, privacy and security is of utmost
importance in these solutions but if those concerns are accounted for properly, the
possibilities are endless.
Intelligent Signage
There's a scene in Steven Speilberg's blockbuster movie Minority Report where the main
character John Anderton (played by Tom Cruise) walks into a Gap store and is greeted by a
“smart sign.” The sign does a retinal scan of each person who walks in and uses the unique
identity of the retina to personalize the shopping experience. Anderton had his eyes replaced
with someone else's so the sign believes he's "Mr. Yokomoto" which makes for an amusing
scene since Anderton didn't know whose eyes he had.
The technology depicted in this scene is an advanced version of the kind of personalization
that IoT for Retail can offer shoppers. Signs like these can show shoppers sale items that
might be of particular interest to him or her based on past shopping patterns (stores may even
wish to do “instant” sale prices available only to that particular shopper to entice him or her
to buy more items). The company XOGO is using IoT technology to create signage that can
turn Windows 10 devices into a digital sign.
While these signs aren't as intelligent as the signs in Miniority Report, the idea is that retailers
can create interactive, flexible signage using a simple IoT device and a Windows 10
computer and monitor. The interactive piece is what makes this an IoT solution: based on
what users click on, spend time on, and search for, the retailer gains insights into what
customers care about and can stock their shelves appropriately, better train sales staff, and
ensure the customer feels included and welcome.
As we've seen with other verticals, this is a relatively simple solution using a lot of off-the-
shelf hardware. Getting into the IoT space does not have to be a months-long project with a
huge capital investment. All it takes is an awareness of problems that need to be solved, some
creativity, and an intelligent use of cloud services.
Sam’s Club Now – Reimagining the Future of Retail

Sam’s Club is working hard on implementing innovations with their Sam’s Club Now
location in Dallas. It will be a mobile-first shopping experience powered by the new Sam’s
Club Now app. At its core, Sam’s Club Now will be a technology lab that doubles as a live,
retail club.
https://youtu.be/ITjsb22-EwQ
Shoppers will be able to try the following:
 Smart shopping lists: We’ve developed intuitive technology that combines machine
learning and purchase data to auto-fill a member’s shopping list. They can easily add
or remove things, and as items are scanned the list will automatically update and
move the item to their mobile basket.
 Wayfinding and navigation: Gone are the days of wondering where something is in
the club. Using voice search capabilities combined with new wayfinding and
navigation features, a map will pop up and take members right to what they need.
Eventually, we’ll be able to use beacon technology and a member’s smart shopping
list to map the best route through the club.
 Augmented reality: We’ll bring items to life in the club by sharing new ways to use
them, and we’ll work to integrate stories that highlight cool features, including how
items are sourced. We also have plans to use augmented reality to transform
members’ digital carts into pirate ships. Or maybe you’d prefer a rocket? More on that
soon!
 One-hour Club Pickup: Using the app, members can now place and pickup an order
within the hour.
IoT Scenarios for Transportation

Smart Signals
In late 2017, the Maryland government announced plans to begin installing “smart” traffic
lights in fourteen locations around the state to help clear congestion. According to an article
in the Washington Post, the new lighting system will implement the following features and
benefits:
 The system will use pavement sensors to detect congestion and the lights will adjust
their timing to the changing conditions
 The signals will communicate with one another to better manage the flow of traffic in
specific regions
 Signals can be modified 24-hours a day and “adjust on the fly” to the needs of the
area
Plans for these systems are being discussed for many other locations around the world
including a major investment in Nairobi Kenya. Similar systems already have been
implemented in various locations in the United States as well. Notably Las Angeles
California has implemented its ATSAC (Automated Traffic Surveillance and Control) system
which “provides real-time monitoring and adjustment of signal timing for nearly 4600
signalized intersections citywide.” According to the report, the system has reduced travel
times by 12% and increased speeds by 16%.
Like the proposed Maryland solution, the ATSAC system uses large amounts of data to
analyze traffic patterns and make adjustments accordingly. The data is a central part of this
solution which makes it an IoT solution in the strict sense. Specifically the solution:
 Uses sensors to detect the passing of vehicles, speed, and congestions

 This data is received in real time, analyzed, then used either to enable lights to
automatically adjust timing or provide manual control to operators
 CCTV (closed-circuit television) cameras also are used to supplement data from the
sensors
The results of the program are analyzed (another important piece of an overall IoT solution)
and have shown “that travel times, traffic signal delay, vehicular stops, air emissions and fuel
use are significantly reduced.” As we've seen in all the verticals, the real value of IoT is in the
data and what the data can provide in terms of providing better solutions and validating
expected outcomes.
Smart Rail and Air

We've been focusing mainly on traffic congestion in this lesson mainly because its a problem
most people can relate to. But IoT innovations are happening across the transportation space.
German railway company Deutsche Bahn is implementing smart sensors along its railway
system to help detect early failures and mitigate the conditions that could lead to delays or
harm to passengers.
Konux, the company that supplies the sensors for Deutsche Bahn, describes the system as a
true IoT implementation. Specifically, the system has the following features:
 Real-time monitoring. Sensors placed on tracks sends data to a central system to

provide key data points that engineers use to determine track health. This real-time
aspect of the solution is central to the IoT models we've been looking at.
 Intelligent Networking. Like any true IoT system, this implementation wirelessly
transmits data to a central system. This enables the automation that the railway system
needs to analyze problems in real time.
 Embedded Analytics. Again, true to the promise of IoT, the Konux solution “pre-
processes” the data on the sensor and then does advanced analytics in the central
system to better predict where problems might occur (or are occurring) and alerts
engineers of the issues. Konux uses a proprietary "Andromeda" software platform
where "the data are analyzed using machine learning algorithms and visualized on the
user-friendly interface."[^2]
This system embodies everything we'd expect in a true IoT solution. It includes sensors that
collect and processes data, a central data management and analytics component, and real-time
reporting.
[^2]: Source: http://railwayinnovation.com/wp-content/uploads/2016/07/KONUX-1-Pager-

Railway.pdf
Similarly, Microsoft has written a case study about work being done with jet engine
manufacturer Rolls Royce to implement IoT sensors in their jet engines to collect and analyze
data to help predict failures and potential problems in their engines. Rolls Royce has been
collecting data from their engines for decades but needed a better way to analyze the
problems in real time and manage the large volume of data coming into their systems.
The case study quotes Senior Vice President at Rolls Royce Nick Farrant who describes some
of the benefits of the solution as follows:
Microsoft Cortana Intelligence capabilities are helping us filter the signal from the noise
across large data sets so we can focus on finding the real value in the data. Our vision of
future digital capability will need to aggregate many sources of data and provide a platform
for collaboration with customers.
This example is interesting from an IoT perspective because the implementation Microsoft is
providing is helping Rolls Royce with one aspect of their problem space. When we think of
how IoT can help customers or provide solutions, we need not think of an end-to-end
implementation. Aspects of IoT whether it be the devices component, the data collection
component, or the analytics component can be implemented where needed to create a full
solution even if parts already exist.
Where To Next
These are just some examples of how IoT is being used to transform the transportation
industry. Microsoft used to use the slogan “Where do you want to go today?” in some of its
marketing. The question when it comes to IoT and transportation is "How can we improve
the way we get there?" That is the challenge that you as an emerging IoT architect can help
answer.
Other Resources to Explore

Read more case studies on IoT and transportation here
This article discusses other ways IoT is being use to address traffic challenges.
IoT Scenarios for Agriculture

In the early days of IoT, there were industry jokes about the “connected cow” where farmers
would use IoT devices to monitor all aspects of livestock management from food
consumption to time in an open field to how much waste they produce. While thinking of
livestock in this way may not be top-of-mind for most consumers (and this is why some
found it humorous), farming is one of the areas most ripe for innovation and modernization.
In fact, farming has been modernizing since it's inception. Modern farms have much more
yield per acre, more efficient use of labor, and better land management techniques than their
predecessors even 50 years prior. As farmers look for the “next big thing” in agriculture, IoT
is at the forefront of innovative opportunities.
Enter FarmBeats
FarmBeats is a multi-dimensional program that is working to provide innovative tools across
the agriculture ecosystem. For example, in a connected world, we tend to forget that internet
access can be spotty to non-existent in rural parts of the world and even in countries that are
able to deploy advanced technology, large farms can be cut off from robust connection
technology. Microsoft is working for over a decade on a project to use TV white space to
deliver data to remote areas (TV signals have a longer range and maintain fidelity over that
range than other types of signals and can be more readily available in remote areas). While
not an IoT solution per se, this program provides the essential infrastructure that can enable
more robust IoT solutions to areas that formerly wouldn't even be able to consider them.
Sensors and Drones

In order to make farming more efficient, farmers need data to better understand how their
farms are working (data is king in the IoT world). Through the FarmBeats program,
Microsoft is working with farmers to deploy ground sensors to farmland, add sensors to farm
equipment, and place data-collecting cameras to strategic areas that all collect data sent over
TV white space to computers running at nearby buildings on the farm.
These data are collected analyzed in real-time on these computers so farmers can make
decisions on critical situations as they happen. Some data can then be sent to cloud services
for further analysis to provide more robust and deeper intelligence on how the farm is
operating.
A researcher with Microsoft working on the FarmBeats project says it this way,
You don’t have to send all the data to the cloud; it sits on the farm, and is able to ingest a lot
of the data, apply the intelligence on top of it to generate actionable insights for the farmer.
As we've seen in the course, this is the promise of IoT
Another cool innovation is the use of drones to create areal maps of farmland that gives
farmers a different view on their farms. These drones, using specialized software, create
“orthomosaics” (multiple images stitched together to show a single areal view of a farm).
These images can then be analyzed to create heatmaps that, "enable farmers to quickly
identify crop stress and disease, pest infestation or other issues that may reduce yield."
Similar systems can be used with livestock that will enable farmers to get real-time
information on the status of their animals to deal with problems and more efficiently manage
transportation, feeding, and other activities.[^1]
Greenhouse in a Box
Managing existing farms isn't the only area IoT is enabling innovation in agriculture. This
article by Ronald Holden for Forbes magazine highlights a project whereby a large container
(cleverly called “Leafy Green Machine” or LGF) can be delivered just about anywhere there
is space and enables the operator to grow food–"as much food as two acres of rural
farmland"–in the container.
The solution is a true IoT solution in that it uses devices, sensors, and software that “monitors
the plants, controls irrigation, orders supplies, and so on.” The article suggests uses cases
such as farm-to-table restaurants that want to take more control of their supply chain or
schools that want to engage children in agriculture or provide healthier meals.
While the LGF may not be something we immediately think of when we ponder ways to
improve agriculture, it does represent an “outside the box” (pun intended) way to think about
new ways to grow and deliver food powered by IoT devices and data. As IoT devices and
services become more mainstream, solutions like the LGF just scratch the surface of what is
possible.
[^1]: See this article for more information.

Iot

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Iot

Загружено:

Авторское право:

Доступные форматы

IoT

In this topic, you'll learn:

 What IoT means

Articles on the web often include phrases like the following:

 The Internet of Things is the next industrial revolution.

The Internet of Things is a network of Internet connected devices that communicate

1. A device-side (made up of individual devices) that acts as a data source

The IoT Solution

 They must be small and unobtrusive.

The Cloud Service

Analytics and Assessment

Maker, Consumer, and Enterprise IoT

The promise of IoT is to instrument hundreds of millions of individual pieces of hardware

The Current and Future Impact of IoT

[^1]: Source: https://www.comsoc.org/blog/infographic-internet-things-iot

[^2]: Source: https://www.statista.com/statistics/437871/wearables-worldwide-shipments/

Where the Technology is Headed

[^3]: Source: https://iot.ieee.org/newsletter/may-2017/key-elements-and-enablers-for-

IOT for manufacturing

Microsoft highlights the following benefits for implementing IoT solutions in a

 Improved visibility across your manufacturing operations—make more informed

IoT-enabled Smart City

 Enhanced citizen safety

1. Predictive Equipment Maintenance. As we've talked about, equipment, like

IoT for Consumer and Businesses

 The differences between consumer and business IoT solutions

 What makes one or more connected devices an IoT implementation?

Consumer and Business Implementations

 No complex setup for data acquisition via VPN

Messaging and Analytics

 Creation of automatic workflows and additional services

Consumer versus Business Goals for IoT

Individual consumers implement cloud connected devices (such as doorbells, thermostats,

 Connected Refrigerators. The Samsung “Family Hub” line of refrigerators includes

Business Goals and IoT

 Product Quality and Extended Product Lifetime

Strategies for Implementing IoT

 How businesses are rolling out IoT implementations

Let's look at the major aspects of IoT governance in turn.

Develop an IoT technical strategy

Define an IoT reference architecture

A key aspect of any reference architecture is security. As Microsoft states:

Acquire the right roles or skills on the development team

In addition to the development team, IBM recommends forming an IoT “Center of

Define your IoT governance processes and policies

Business Models for IoT

 How to think about the business of IoT

Success with IoT starts with the right strategy

Choose the right IoT-enabled business model

Start your IoT Engines

IoT Business Scenarios

IoT For Manufacturing

Monitor Manufacturing Equipment

Monitor Customer Equipment

Improve Field Service

Capitalize on the factory of the future

Competing in the Digital Age of Manufacturing

The Connected Factory

The Future of Industry is IoT

Whitepaper: Realize the potential of a connected factory: Connected Factory whitepaper

Solution Accelerator: Connected Factory: Create Connected Factory solution

IoT For Healthcare

Short-term care planning