WSO2 IoT Server is one of the most adaptive Apache licensed open source IoT platforms available today. It provides best of breed technologies for device manufacturers to develop connected products as well as rich integration and smart analytics capabilities for system integrators to adopt devices into systems they build.
WSO2 IoT Server continues to evolve and introduces key capabilities in its upcoming release: version 3.1.0 Join Sumedha as he explores these new features which include.
A complete API-driven device type definition eliminating the necessity to create deployable plugins
Support for location based services such as Geo-fencing and alerting as a reusable functionality
A redesigned device overview page for better user experience
Improved product profiles for scalable deployment
Performance enhancements
Enhancements to prebuilt agents
3. TRANSFORMATION: FROM AN EMM PRODUCT TO IOT PLATFORM
● Started with an enterprise mobility management (EMM) product
○ EMM 1.0.0 (2013) -> 1.1.0 -> 2.0.0 -> 2.0.1 -> 2.1.0 -> 2.2.0 (November 2016)
● Generalized to a broader device management platform
○ IoT Server 3.0.0 (February 2017) -> IoT Server 3.1.0 (July 2017)
○ Generalized device management platform
○ Extensible plugin architecture
○ EMM capabilities re-implemented as plugins on top of a platform that can do much more
○ Scenario specific analytics
3
History
6. WSO2 IOT SERVER
● Built on WSO2’s mature technology platform which handles billions of a transactions a day by Global 2000
companies (through APIM, Integration, IDAM, Analytics)
● Most adaptable IoT Platform
○ Apache licensed open source
○ Mature extensibility platform for different device types
○ Fully API enabled
○ Supports popular mobile phones and tablets as IoT sensor and interaction devices
○ Add smarts and auto-responsiveness with powerful real-time event analysis at server and on the edge
○ Identity pluggability and integration
● Complete reference architectures for connected product solutions (consumer, wearable, appliance, health,
smart displays, industrial equipment)
● WSO2 Device Cloud is enterprise-grade platform that provides instant access to the system for evaluation,
demonstrations, proofs of concept, and initial deployment, leading to on-prem migration if/when needed 6
8. WSO2: OPEN TECHNOLOGY FOR AGILE DIGITAL BUSINESS
8
Platform enable your
digital business with
microservices and micro
integrations
Manage identity,
security, and privacy
across your digital
business
Make mobile and IoT
devices integral to your
digital business
Create real-time,
intelligent, actionable
business insights and data
products
Build internal and external
developer ecosystems
with an API marketplace
11. WSO2 IOT SERVER
Device Management
● Device Identity, ownership management & repository
● Extensions for registering built-in or custom device types
○ Android, Windows, iOS, Raspberry Pi, Arduino, ESP8266
● Self-service enrollment and extensible Enrolment methodologies
○ API endpoints
○ QR code
○ Self enrolment / auto enrolment / bulk enrolment
○ Workflow extensions
● Group, manage, and monitor connected devices and users
● Share device operations and data with other users
● Extensible framework to distribute and manage applications/ firmware
11
12. WSO2 IOT SERVER
Device Integration
● Built-in protocol support for MQTT, XMPP, HTTP and extensible
transport support
● Devices are exposed as subscribable managed APIs on top of WSO2
API management capabilities
● Support for CoAP and OMA-DM via third-party (Eclipse Leshan)
integrations
● Real-time message capability based on values from device
12
14. WSO2 IOT SERVER
14
Powered by WSO2 Streaming Processor
● Batch and Interactive Analytics
● Real time Analytics
● Predictive Analytics
15. WSO2 IOT SERVER
Android-Based Device Management
● Firebase Cloud Messaging (FCM) or local push notifications
● Auto enroll device with mutual SSL
● Integrate with Android system service apps (sign with vendor firmware
signing key)
○ Reboot, firmware upgrade, silent app install/update/remove, etc.
● Data containerization
● Android for work support
● Device ownership application via device owner APIs (for COPE)
15
17. WSO2 IOT SERVER
Android-Based Device Management - Private App Store
● Custom apps + public apps through Playstore/AppStore
● Enterprise subscriptions - Provision apps to devices/users with a
certain role (e.g. auto provision an inventory app to all inventory
officers)
● Rating, Liking and Sorting apps in private app store
17
18. ● Enterprise subscriptions - install an app to all devices/users/user roles
● Role-based restrictions for apps
● App lifecycle management
● Mobile app versioning
● Instant or scheduled app updates
● App lifecycle management
WSO2 IOT SERVER
Android-Based Device Management - App Lifecycle
18
INITIAL CREATED IN-REVIEW
REJECTED
APPROVED PUBLISHED
DEPRECATED
UNPUBLISHED
RETIRED
19. WSO2 IOT SERVER
Edge Computing
● A platform specific packaged offering of WSO2 Siddhi
○ E.g.
■ Edge Computing Engine for Android
■ Edge Computing Engine for Yocto Linux
● WSO2 Siddhi
○ Lightweight, easy-to-use open source complex event processing (CEP) engine
○ https://github.com/wso2/siddhi
● Centralized distribution of rules and offline execution mode
19
20. WSO2 IOT SERVER
100% API Driven Device Management Platform
● Complete IoT platform is available an API
● Facilitates easier integration to existing applications
● Management Console is just an optional administrative web app
● REST, OAuth2 protected
20
21. WSO2 IOT SERVER
Extensible Security Framework
● OOB capabilities
○ OAuth2
■ OAuth2 token is issued per every device instance connected
■ Per device instance tokens using Dynamic Client Registration (DCR)
■ Token Verification support available for HTTP & MQTT protocols
○ SCEP (Simple Certificate Enrollment Protocol)
■ Each device is identified to IoT Server (and vice versa) using a SSL certificate
■ Device sending a certificate sign request (CSR) with unique identifier (challenge password)
generated by IoT Server
● Extensible to support multi factor verifications or custom token types
21
23. WSO2 IOT SERVER 3.1.0
New Features
● A complete API-driven device type definition eliminating the necessity to
create deployable plugins
● Support for location based services such as Geo-fencing and alerting as a
reusable functionality
● Improved product profiles for scalable deployment
● A redesigned device overview page for better user experience
● Performance enhancements
● Enhancements to prebuilt agents
● Improvements to Android powered IoT capabilities
23
24. API Driven Device Type Definition
● Before
○ Device Types are introduced as plugins or XML configurations
○ Plugin - an archive deployed into server, deployed with restart
○ Plugin logic runs within IoT Server
○ Plugin involves UI, Java logic
● Now
○ Previous plugin model is still supported
○ An API is introduced so that device types can be defined remotely
○ IoT Server keeps the definition of the plugin
24
New Feature
25. ● Let’s create a smart bulb device type
■ Can remotely switch on/off
■ Can change the intensity of the light
API Driven Device Type Definition - Example
API based device type registration
25
26. API Driven Device Type Definition
26
API Store - Portal to access/subscribe to all product APIs
27. ● Obtain access token for Device Management APIs
● Get client credentials
curl -k -X POST https://localhost:8243/api-application-registration/register
-H 'authorization: Basic <Base64 encoded username:password>'
-H 'content-type: application/json'
-d '{ "applicationName":"device-management-app", "tags":["device_management"]}'
● Get access token
curl -k -d
"grant_type=password&username=admin&password=admin&scope=perm:admin:device
-type perm:device-types:events perm:device-types:events:view perm:device-types:types
perm:devices:operations" -H "Authorization: Basic <Base64 encoded client credentials>"
-H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
API Driven Device Type Definition - Example
API based device type registration
27
28. ● Registering a device type
curl -X POST
http://localhost:8280/api/device-mgt/v1.0/admin/device-types
-H 'authorization: Bearer <access token>'
-H 'content-type: application/json'
-d '{"name": "smart-bulb","deviceTypeMetaDefinition":
{"properties": ["buildinId", "floorId"],"features": [{"code": "bulb",
"name": "control bulb", "description": "on/off the bulb"},{"code":
"intensity","name": "intensity", "description": "change light
intensity of the bulb"}],
"pushNotificationConfig": {"type": "MQTT", "scheduled": false},
"description": "this is a new remote control light bulb",
"initialOperationConfig": {"operations": ["bulb"]}}}'
API Driven Device Type Definition - Example
API based device type registration
28
Communication
Features
29. ● Registering an event stream definition
curl -X POST
http://localhost:8280/api/device-mgt/v1.0/events/smart-bulb
-H 'authorization: Bearer <access token>'
-H 'content-type: application/json'
-d '{"eventAttributes": {"attributes": [{"name": "state","type":
"BOOL"}, {"name": "light","type": "DOUBLE"}]}, "transport":
"MQTT"}'
API Driven Device Type Definition - Example
API based device type registration
29
30. ● Obtain access token for Device Agent APIs
● Get client credentials
curl -k -X POST https://localhost:8243/api-application-registration/register
-H 'authorization: Basic <Base64 encoded username/password>'
-H 'content-type: application/json'
-d '{ "applicationName":"smart-bulb-milan",
"isAllowedToAllDomains":false,"tags":["device_agent"]}'
● Get access token
curl -k -d "grant_type=password&username=admin&password=admin&scope=perm:device:enroll
perm:device:disenroll perm:device:modify perm:device:operations perm:device:publish-event"
-H "Authorization: Basic <Base64 encoded client credentials>"
-H "Content-Type: application/x-www-form-urlencoded"
https://localhost:8243/token
API Driven Device Type Definition - Example
API based device type registration
30
31. ● Enrolling a smart bulb device
curl -k -X POST
https://localhost:8243/api/device-mgt/v1.0/device/agent/enroll
-H 'accept: application/json'
-H 'authorization: Bearer <access token>'
-H 'content-type: application/json'
-d '{ "name": "area51-bulb", "type": "smart-bulb", "description":
"Area51 room bulb", "deviceIdentifier": "123456",
"enrolmentInfo": {"ownership": "BYOD", "status": "ACTIVE",
"owner": "admin"} ,"properties": [{"name": "buildingId","value":
"wso2"}, {"name": "floorId","value": "7"}]}'
API Driven Device Type Definition - Example
API based device type registration
31
32. ● Send an operation to the device from server
curl -X POST http://localhost:8280/api/device-mgt/v1.0/devices/smart-bulb/operations
-H 'accept: application/json'
-H 'authorization: Bearer <access token>'
-H 'content-type: application/json'
-d '{"deviceIdentifiers":[123456],"operation":{"code":"bulb","type":"CONFIG",
"payLoad":"state:true"}}'
API Driven Device Type Definition - Example
API based device type registration
32
33. ● Retrieve pending operation to the device from server
curl -k -X GET
https://localhost:8243/api/device-mgt/v1.0/device/agent/pending/operations/smart-bulb/123456
-H 'authorization: Bearer 34670364–56c8–3f25-ac04–5c01af28c6d1'
-H 'content-type: application/json'
API Driven Device Type Definition - Example
API based device type registration
33
34. ● Send operation response to the server from device
curl -k -X PUT
https://localhost:8243/api/device-mgt/v1.0/device/agent/operations/smart-bulb/123456
-H 'authorization: Bearer <access token>'
-H 'content-type: application/json'
-d '{"id": 1, "status": "COMPLETED", "payload": "this is my response"}'
● Publish data from device
curl -k -X POST
https://localhost:8243/api/device-mgt/v1.0/device/agent/events/publish/smart-bulb/123456
-H 'authorization: Bearer <access token>'
-H 'content-type: application/json'
-d '{"state": true, "light":20}'
API Driven Device Type Definition - Example
API based device type registration
34
35. Location Based Services Support
● Devices can be moving / stationary
● Analytics on moving devices
○ Real time location updates
○ Geo Fencing
○ Geo Tagging
○ Geo Messaging
○ Alerting
● Analytics on stationary devices
○ Location Map
○ Geo location based groups
35
New Feature
37. Location Based Services Support
37
● Current support
○ Ability to define mark an area (geo fence)
○ Define actions when entering/existing a geo fence
○ Receiving alerts based on action
○ Standard metadata model and APIs for location services
○ Sharable UI widgets for
■ Defining geo fences
■ Receiving alerts
39. ● Consist core services
○ Device Management and Device Type Management
○ Policy Management and Operation Management
○ Application Management and Configuration Management
○ Certificate Management and User management
○ Push Notification Management
○ Plugin Management and Compliance Monitoring
● Does not contain GUI
● Included gateway functionalities
● Custom extension points
● Devices are enrolled into this profile
● Exposed as REST APIs
WSO2 IOT Profiles
Backend service profile
39
40. ● Contains GUI
○ Device Management UI
○ Application Publisher UI
○ Application Store UI
○ API Store UI
● Contains REST APIs
○ API Publisher
○ API Store
WSO2 IOT Profiles
Manager service profile
40
41. ● Authentication and Authorization
○ Basic Auth
○ Oauth
○ SCEP
○ Mutual SSL
○ JWT
● Both device and user
● Act as Key Manager and Identity Provider
● Extensions points
● Supports pluggable user stores
○ Works as single user store.
○ Can operate in read / write mode
○ Lightweight Directory Access Protocol (LDAP)
○ Active Directory Directory Services (AD DS)
○ Active Directory Lightweight Directory Services (AD LDS)
○ Roles can be linked with external user stores
● Permission Management
○ Role based
○ Scope based - much more fine grained
WSO2 IOT Profiles
Key Manager profile
41
42. ● Support MQTT
● Messages are pushed to devices and received from devices
● Can subscribe and published from profiles
● Integrated Authentication and Authorisation
WSO2 IOT Profiles
Message Broker profile
42
43. ● Big data solution
○ Device sends various details
○ Event receiving
● Analytics
○ Batch
○ Real time
● Machine Learning
WSO2 IOT Profiles
Analytics profile
43
44. ● Go to <IOT_HOME>/bin and execute the profile-creator script.
○ Linux : <IOT_HOME>/bin/profile-creator.sh
○ Windows: <IOT_HOME>/bin/profile-creator.bat
WSO2 IOT Profiles
How to create
44
46. Improvements to Android Powered IoT Scenarios
● Enhancements to Android for Work
● Support for enrolling COSU (Corporate Owned Single User) type of devices
46
New Feature
48. WSO2 IOT SERVER
Summary
● Brings the flexibility of open source (Apache2) to your IoT and mobile projects
● Manage devices, sensors & capture data from them
● Connect devices and their data to larger enterprise ecosystem
● Transform information into actionable insights in real time
● Adaptability to match any complicated IoT Architecture
● New Features in upcoming 3.1.0 release
○ A complete API-driven device type definition eliminating the necessity to create deployable plugins
○ Support for location based services such as Geo-fencing and alerting as a reusable functionality
○ Improved product profiles for scalable deployment
○ A redesigned device overview page for better user experience
48
49. WSO2 IOT SERVER
49
● Download URL: http://wso2.com/iot
● Migrating from an older version of IoT server
● Documentation : https://docs.wso2.com/display/IoTS310
● Reporting Issues via WSO2 IoT GIT Issues
Useful Link