Share via


Asia Tour: June 2016

Hi!

I'm on the way back from touring partners customers in Taiwan, South Korea and Japan. We had very interesting meetings with our partners there who are ready to get "things" connected to the cloud. In this post, I want to elaborate on the questions that were most common and how I answered them.

  • What if my device isn't supported by the Azure IOT SDK? Can you please add support for device XXX, OS YYY and CPU ZZZ?

The Azure IOT SDK on GitHub https://github.com/Azure/azure-iot-sdks is already supporting many different device and operating system combination, but given the large number of possible combinations (including legacy devices that still need to be connected) this cannot cover everything. However, it is not required to use our SDK, it's just there to make things easier for you and to get a head start.

So what if my device or OS isn't on the compatibility list https://azure.microsoft.com/en-us/documentation/articles/iot-hub-tested-configurations/? Maybe the SDK actually works! If you have a Windows device that supports the .net Framework Version 4.5, this should be sufficient to run the C#-Versions. If you have a Linux-based OS, the C-version should work as long as you have a fairly recent GCC and OpenSSL version. The Java SE and Node versions should work on most underlying OS platforms that these runtimes support. So maybe you're actually done.

But what if there's a feature missing in my underlying platform, e.g. it does not support TLS1.2 that seems to be required for the SHA256 requirement? Technically, the SHA256 is required to generate a shared access signature from the device key you configure in IOT Hub for your device. But nothing keeps you from pre-computing a shared access signature with a long validity somewhere else and install it on the device. Maybe you could even implement a service that the device can connect to occasionally to request a new signature. (I actually have some code for this as part of my Azure IOT hub proxy I've explained here,  but that's for another post.)

As an alternative, you could use an additional SSL library such as OpenSSL or wolfSSL to implement TLS1.2 and SHA256, the IOT SDK has the ability to link to these libraries. This would work independently of the crypto functions provided by your existing OS.

  • Can I use IOT Hub to manage my devices?

And I usually reply to this with another question: What is it you want to manage?

When you think about device management from an IT perspective, there is a common device management definition and there are plenty of solutions to address this. In this area, management means managing OS and application installation and updates, monitoring device usage and applying policy-based restrictions to the devices under management.

In IOT, it might be all of the above, a subset or none of the above.

For IOT devices, it is uncommon to re-install an operating system via device management. Instead, devices are often just replaced when they fail or reach their end of life. Even updates are managed more carefully, and there are still devices out there that never received an OS update in their entire device life. I'm not recommending this practice since the era of unconnected devices is essentially over and anything that's connected can be attacked in some form, so implementing update mechanisms is more important than ever.

Monitoring devices is often very application specific in IOT and it's often more a stream of events sent by the devices than common monitoring task such as the status of the antivirus software installed.

And although device policies exist also on embedded devices, they hardly change over the lifetime of the device.

So a full-fledged IT device management solution might be too much.

But as IOT hub provides a cloud to device messaging channel, that might be just enough to implement a simple, custom device management solution.

In addition, there is a preview of device management functions in IOT hub, but that will be another blog post soon.

 

Hope this helps,

H.