Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapido, sicuro e scalabile

© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Michele Alessandrini, Sr.Solutions Architect
Milan - June 8, 2017
Building and Managing Secure,
Scalable IoT Solutions

The “Internet of Things”
(plural)

The customer has many
identities

Publish / Subscribe
Standard Protocol Support
MQTT, HTTP, WebSockets
Long Lived Connections
Receive signals from the cloud
Secure by Default
Connect securely via X509 Certs
and TLS 1.2 Client Mutual Auth

Rules engine: Extracting value from messages
• Filter messages with certain criteria
• Transform the payload of messages
• React based on messages
• Move messages to other topics
• Move messages to other systems
• Predict changes based on trends

What is a rule?
• ruleName: human-readable name
• description: human-readable description
• ruleDisabled: true/false
• sql: e.g. SELECT * FROM ‘pm/topic’
• actions:
• action 1:
• action 2:

Rules engine: Filter and transform

Rules engine: Filter and transform
• SQL
• SELECT * FROM topic WHERE condition
• SELECT status.space_id AS room_id FROM
'iot/tempSensors/#' WHERE temp > 50
• Functions (in SELECT or WHERE)
• String manipulation (regex support)
• Mathematical operations
• Context-based helper functions
• Crypto support
• UUID, timestamp, rand, etc.

Rules engine: React and move

Rules engine: React (and move)
"rule": {
"ruleName": "republishPredictions”,
"ruleDisabled": false,
"sql": "SELECT no AS id, cycle AS c_number FROM 'pm/topic' WHERE failure = 1",
"description": "Republish ids of engines that are predicted to fail within 30 cycles",
"actions": [
{
"republish": {
"topic": "pm/failures",
"roleArn": "arn:aws:iam::012345678901:role/iot-actions-role”
}
}
],
}

Rules engine: Move messages to other systems

Rules engine: Move messages to other
systems
Invoke a Lambda function
Put object in an S3 bucket
Insert, update a
DynamoDB table
Publish to an SNS topic
or endpoint
Publish to a Amazon Kinesis
stream
Publish to Firehose
Republish to AWS IoT
Publish to Amazon ES
Capture a CloudWatch
metric or change an alarm
Write to an SQS queue

AWS IoT <-> Salesforce IoT Cloud partnership
Profiles (Event & Context)
Build 360° views of customers and device
Journeys (Business Logic)
State-based orchestration engine
Translate business goals into action

1. Device publishes current state
2. Persist JSON data store
3. App requests device’s current state
4. App requests change the state
5. Device shadow syncs
updated state
6. Device publishes current state 7. Device shadow confirms state change
AWS IoT device shadow flow

AWS IoT device shadow: Simple yet powerful
{
"state" : {
“desired" : {
"lights": { "color": "RED" },
"engine" : "ON"
},
"reported" : {
"lights" : { "color": "GREEN" },
"engine" : "ON"
},
"delta" : {
"lights" : { "color": "RED" }
} },
"version" : 10
}
Device
Report its current state to one or multiple shadows
Retrieve its desired state from shadow
Mobile App
Set the desired state of a device
Get the last reported state of the device
Delete the shadow
Shadow
Shadow reports delta, desired, and reported
states along with metadata and version

Authentication
Certificate/private key
AWS IAM (user/role: API keys)
Amazon Cognito (role: API keys)
AWS IAM (role: API keys)
Things
Users
AWS services

Just-in-time registration (JITR)

Just-in-time registration
Manufacturing line
JIT registration

Manufacturing line
Provisioning of the Identities
signed with customer’s CA
JIT registration

Manufacturing line
Provisioning of the Identities
signed with customer’s CA
First data connection
JIT registration

Unauthenticated (anonymous) user access
IAM
unauthenticated
role
Amazon
Cognito

Authenticated user access
IAM
authenticated
role
Amazon
Cognito
IoT policy
per user
Identity
provider

Most machine data never reaches the cloud
Medical equipment Industrial machinery Extreme environments

Why this problem isn’t going away
Law of physics Law of economics Law of the land
AWS Greengrass

Three pillars of IoT
Things
Sense
& Act
Cloud
Storage
& Compute
Intelligence
Insights &
Logic → Action
AWS Greengrass

Things
Sense
& Act
Cloud
Storage
& Compute
Intelligence
Insights &
Logic → Action
AWS IoT
Starting in the cloud
Action
Device
State
AWS Services
Applications
Authentication
& Authorization
Device
Gateway
Registry
AWS IoT API
Messages Messages
AWS Greengrass

Messages Messages
Authentication
& Authorization
Device
Gateway
Action
Device
State
AWS Services
Applications
Registry
AWS IoT API
AWS IoT
Going to the edge
Introducing AWS Greengrass
Device
State
Action
Device
Gateway
Messages
Authentication
& Authorization
Security
*Note: Greengrass is NOT Hardware (You bring your own)

Greengrass Core (GGC)
The runtime responsible for
Lambda execution, messaging,
device shadows, security, and for
interacting directly with the cloud

• Min Single-Core 1GHz
• Min 128MB RAM
• x86 and ARM
• Linux (Ubuntu or Amazon)

The sky is the limit.
GGC takes advantage of your
device’s compute, memory,
storage, and peripherals

IoT Device SDK
Any device that uses the IoT
Device SDK can be configured to
interact with Greengrass Core via
the local network
Starts with the IoT Device SDK
for C++, more coming soon

IoT Device SDK
Devices that connect to
Greengrass can be small
(microcontroller-based),
and they can also be big

Devices work together locally
A Greengrass Group is
a set of Cores and other
devices configured to
communicate with one
another

Devices work together with the cloud
Greengrass works with
AWS IoT to maintain
long-lived connections
and process data via
the rules engine
Your Lambda functions
can also interact directly
with other AWS services

Local
Lambda
Local
Device Shadows Local
Security
Greengrass
is …
AWS
Local
Broker

Local Lambda
Greengrass runs Lambdas
written in Python 2.7
Invoke Lambda functions with
messaging and shadow updates

Local Lambda
Lambdas are event-driven
compute functions
With Greengrass you can write
Lambda functions in the cloud
and deploy them locally

Local Lambda – What you can do
Command and control
Offline operation
Data filtering & aggregation
Iterative learning

Shadows
JSON documents that represent
state of your devices and Lambdas
Define them however is logical to
you—a car, an engine, a fleet
Sync to the cloud or
keep them local

Shadows – What you can do
Device state (current and desired)
Granular device state (only
synched to the cloud for debug)
Dynamic configuration (e.g,.
numeric factors of an ML model)

Messaging
Local MQTT Pub/Sub messaging
Define subscriptions between
publishers and subscribers
Apply MQTT topic filters

Messaging – What you can do
Bridge to the cloud
Local distributed system

Security
Mutual auth, both locally and also
with the cloud
Certificate on your devices can be
associated to SigV4 credentials in
the cloud
You can directly call any AWS
service from AWS Greengrass
AWS Greengrass

Benefits of AWS Greengrass
Respond to local events quickly
Operate offline
Simplified device programming
Reduce the cost of IoT applications

AWS Summit Milano
Ignacio Berenguer (ignacio.berenguer@enel.com)
Enel / Global ICT / Digital Enabler
08/06/2017

About Enel
60
Global Diversified Energy Operator

About Enel
61
Enel Mission
We are opening energy access to
more people
We are opening the world of
energy to new technologies
We are opening new ways for
people to manage energy
We are opening new uses of
energy

Residential
Customers
Industrial
Customers
Industrial
Installations
The Challenge
62
IoT at Enel

AWS IoT at Enel
63
GoodLife Project
Home Gateway
Smart Devices IoT Platform
Mobile App and Web AppEnergy Meter
Internet connectivity

AWS IoT at Enel
64
Evolution of the Enel IoT for Future Projects
Cloud
Dashboards
Edge
PI Network
LoRa Network
Zwave Network
IoT Platform
IoT
Gateway
Monitoring
Storage &
Persistence
64
Sensor
Sensors
LoRa
Gateway LoRa
Network Server
Sensors PI
Server
Internet
IoT
API
Gateway
Lambda
IoT Device
Registry
IoT Rule
Device
Shadows
S3 DynamoDB
Other Systems
Data Lake
ElasticSearch
SQS
Vertical
Applications
Kibana
API Interfaces
Application 1
Application 2
Application N
IoT Gateway
Lambda Greengrass
Camera
Kinesis
Device Management, device registry, get /
set status, command execution, data
aggregation, camera, monitoring,
authentication / authorization
IAM
Salesforce Connector

Benefits of Working with AWS
65
IoT solution for Enel
Time to Market
Future Proof
Strategic choice
Scalability

IoT evolution
66
Future Relationship with AWS (1
Minute)
Initial IoT
projects
Building
new
generation
IoT
architecture
2nd wave of
IoT
solutions

Customers and Partners
AWS
Snowball

AWS Partner Network (APN)
AWS IoT customers can leverage the tens of thousands of APN partners
(Technology and ISV). APN grew by 50% in membership in the last 12
months

Native integration with Sigfox
What is Sigfox
Network operator in the Sub-GHz
Global network (one network)
Very Low power (up to 10 years on a single charge)
Very Low volume (12B per message)
Very Low cost (~$1/y in volume)
What is the integration
Sigfox transports data and passes it to AWS IoT
Device Management in AWS IoT
Rules Engine in AWS IoT
All the Power of the AWS Cloud
Coverage
Massive European Coverage
Rapid deployment in the US (100 cities by end of year)

Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapido, sicuro e scalabile

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapido, sicuro e scalabile

Similaire à Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapido, sicuro e scalabile (20)

Plus de Amazon Web Services

Plus de Amazon Web Services (20)

Dernier

Dernier (20)

Implementare e gestire soluzioni per l'Internet of Things (IoT) in modo rapido, sicuro e scalabile