Discussion on foreign IoT Platform (v): Exosite Murano

A probe into the foreign internet of Things Platform (v)
--exosite Murano

Ma Zhi

?

Positioning

Murano is a cloud-based IoT software platform that provides a secure, scalable infrastructure that supports an end-to-end ecosystem that helps customers develop, deploy, and manage applications, services, and networked products in a secure, scalable way.

?

Function

• The Murano platform simplifies the entire IoT technology stack and can be seen as a layer of multiple cloud software that is integrated together.
• Murano provides IoT infrastructure, development environments, and functional integration, including device connectivity, product management, data routing, service integration (such as data store/alerts/third-party analytics platforms), application open APIs, user authentication/roles/permissions, and app hosting.
• Murano allows integration with third-party software, developers only need to focus on user applications and device applications.
• Murano enables developers to quickly create an entire IoT system while maintaining the flexibility to add new and custom features.

?

Architecture

?

Product Layer

The product layer in Murano represents the type of networked device that provides tools and interfaces for managing product definitions, allowing developers to use common APIs for device deployment, business provisioning, data routing definitions, field upgrades, and configuration. Developers can use an integrated dashboard prototype to quickly create devices and verify device behavior.

?

Product Layer Features

• Device Management: Manage device status, deploy firmware and upgrades, version control.
• Device Connectivity & Security: Create an encrypted connection channel using the TLS standard protocol, and developers can quickly connect devices and communicate data.
• Equipment Open: Secure, extensible interface to meet OEM manufacturers in the equipment production status and operating conditions of the flexible opening requirements.
• Open access: Compatible with most embedded hardware configurations.
• Dashboard tools: Quickly create, configure, and deploy dashboards to visualize device data.
• Embedded Sdk:exositeready? The embedded SDK can be ported to most Wi-Fi and Ethernet embedded platforms.
• Gateway Engine: Exosite's Gateway engine framework features include auto-launch, device management, and field firmware upgrades to accelerate gateway design.
• Development resources: Open source libraries with C, C + +, Python, Java,. NET, Node, go, and more.
• Data Model: Provides the flexibility to develop, maintain, and upgrade complex data models based on device metadata, data sources, device groupings, access policies, process links, events, and alarms.

?

Solution Layer

• The solution layer in Murano represents the application logic, user interface, and application API. Leverage device data to provide tools for developing and deploying applications and services based on data routing, service integration, custom APIs, user authentication/roles/permissions, and application hosting, enabling developers to create solution templates, including application functionality throughout deployment to end users, and custom APIs for products.

?

Solution Layer Capabilities

• Roles & Rights Management: Integrated User Services provide a rights model, including authentication, management, and role definitions.
• Custom APIs: Customizable Web-service APIs that define the context, application logic, and device/user access for each solution based on device data.
• App hosting: Static application file hosting enables the entire application to be hosted on Exosite, Exosite provides technical support and 24x7 monitoring.
• Service data Routing and event logic: Use the event logic system to set thresholds and dispatch services to alert via SMS, e-mail, or HTTP.
• Application Library: A rich application library makes it easy to design, configure, and deploy native apps.
• Data storage: Key-value storage with timestamp, all data has replicas on different servers.
• Analytics Engine: Provides real-time data stream processing and automatic processing for easy parsing of raw packets and format conversions.
• Converged solution: Integrate other cloud services with exosite partner solutions or custom Cloud-cloud connections.
• IoT supermarket: Access to a large number of integrated partner scenarios to accelerate IoT deployment, with all service plug-ins hosted by Exosite.

?

Business Layer

• Murano fully transforms networked products and solutions into data-driven businesses. With enterprise-class features, Murano seamlessly integrates business systems to unleash the true value of IoT and accelerate enterprise transformation.

?

Business Layer Features

• Management Console: Easy-to-use management tools that set the data-plane scenario configuration.
• System usage reports: Analyze, optimize, and understand resource usage models to provide implementation monitoring.
• Scenario Templates: Vertical Application templates are used for product definition, data routing, User role definition, and application content to accelerate the IPO.
• Business software Integration: Use third-party software such as Salesforce, Twilio, and other CRM software, business reports, analytics tools, and cloud-based scheduling and data services.
• Scenario Monitoring: Provides end-to-end, cross-scenario business insights with a deep visibility into overall performance.
• Data discovery: Use data browsing, visualization, and export tools to gain business knowledge and operational insight.
• Access control: Determine who can view and access information at different account levels, quickly and securely create hierarchies and presentation options.
• Security Management: Manage SSL certificates and DNS, integrate monitoring services into Murano, and smooth and secure IT operations.
• Standardized tools: Integrate source control tools to reuse common components.

?

Safety-Multiple protection

• Integrated with a leading security framework with bank-level SSL encryption on all sensitive interfaces
• The API endpoint uses the Socket Layer Security protocol (SSL/TLS) to prevent data theft, tampering, and forgery.
• The user interface and the Web app use HTTPS encrypted communication to protect the privacy and integrity of the data exchange.

?

Security-Data storage

• Multi-level security model to ensure data access security policy execution
• Restrict physical access to data servers, monitor physical facilities on-site, provide multi-factor authentication and security logs
• User data access is tightly controlled, and each request must be authenticated, and access is isolated from the user's data.

?

Security-user authentication

• User authentication strictly control the platform access, the privilege hierarchy is easy to multi-dimensional information access authorization, based on the user permission level to generate the API temporary key.
• Securely store sensitive user information, passwords, and tokens.

?

Safety-Equipment Certification

• Any data exchange between the platform and the terminal is prohibited without authorization.
• All devices use the private key to exchange data with the platform.
• When configured to prevent spoofing, field devices use encrypted API communication (DTLS and TLS) to establish authentication with the platform within the Controlled time window.
• Once the device is certified, it establishes its ownership and authority level.

?

Device SDK

To reduce development time, Exositeready? The embedded SDK provides commercial-grade terminal software to quickly and securely connect hardware devices.

?

Device SDK Features

• Device migration: The Exositeready SDK provides porting of existing configurations to new hardware platforms.
• Sample program: Browse the demo to see the porting method.
• Supported hardware platforms: Exositeready certified hardware includes development guides, sample programs, and binary encoded files.
• Integration API: Provides an easy-to-integrate application-level API.
• Library-level Api:exositeready certified hardware presets connect to Exosite cloud platform capabilities.
• Secure connection: The Exositeready certified hardware incorporates the latest security standards.
• Open Source: Exositeready SDK is open source software, based on Apache 2.0 license is completely free.
• Code portability: written using C99, the Exositeready SDK can be used on any embedded platform.

?

Device Gateway Engine

Exositeready? The gateway engine is a software package that facilitates fast and secure communication between endpoints, gateways, and Murano platforms.

?

Device Gateway Engine Features

• App Hosting: Develop and monitor custom gateway apps, versioning, restart and failure definitions, debug log access.
• OTA Upgrade: Remotely install and upgrade gateway firmware and applications using a secure and reliable OTA engine.
• Gateway Data acquisition: Monitor critical gateway information such as hard disk usage, file system metadata, mobile network data usage, and ease of debugging and predicting potential problems.
• Message Queuing: Use a flexible storage-forwarding HTTP service to avoid data loss caused by power outages or unreliable connections.
• Process and log management: records the restart process and log files through open source process management tools and monitoring systems.
• API Library: Accelerate the development of Python applications with a secure and validated API library.
• Modular Sensor Interface: Use built-in sensor drivers, or add and extend I/O interfaces to meet real-world requirements.
• Pluggable Service Interfaces: Use the built-in cloud module to route device data to the Murano platform for easy integration with other field business management systems.

?

Device HTTP API

• Device firmware and applications must use this API to enable business and interact with the platform.

Time Series data Class API:

• Write: Writing data to a group of resources
• READ: Reading the latest data from a set of resources
• Hybrid Write/read: Writes a set of resources and then reads a set of resources
• Long-polling: Timely notification when resources are updated

Device Activation Class API:

• Activate: Activating the device and acquiring the device Cik
• List Available content: Get a listing of device contents files
• Get content Info: Get meta data for device content files
• Download content: Download Device contents file

Tool Class API:

• Timestamp: Gets the current UNIX format timestamp

?

Murano Script

• The Murano platform is an event-driven system that uses scripts to route data and execute application logic and rules.
• Murano Script:
  • It has rich functions for accessing device data to time series database, performing device tasks, processing Scheme application API request and so on.
  • Access to all Murano services.
  • Written in the Lua language, running on Luajit virtual machines.
  • Can be added to the solution using either the administration console or the command line interface.

?

Murano Script-related concepts

• Service Calls: Services call
• Scripting execution and Event handling: Script Execution & Events handlers
• API Endpoint script: API Endpoint Scripts
• Websocket Script: Websocket Scripts
• Script module: Modules
• Scripting environment: Script environment

?

Murano Service

The Murano service can be accessed by a script, consisting of 2 different components: operations and events.

• Action operations: Methods that can be called in a script?
• Event events: Trigger Script execution

?

Murano Service List

Communication class:

• Device: Appliance Gateway Service
• Email:email Service
• Twilio:twilio Service (SMS and phone)
• Webservice: Gateway Service Custom API
• Websocket:websocket Gateway Service

?

Core class:

• TSDB: Time Series Storage Service
• Keystore: Key-value Storage service

Other classes:

• Config: Scenario Configuration service
• Timer: Timer Service API
• User: Admin Service

Discussion on foreign IoT Platform (v): Exosite Murano