Amazon Securing IoT Data With CertificatesAmazon Securing IoT Data With Certificates

11 IoT Programming Languages Worth Knowing

The Amazon Internet of Things will not simply collect data from thermostats and other consumer devices. It's been given an industrial-strength foundation that establishes where the data is from, what format it needs as it's captured, who owns it, whether it's secure, and where it must be stored.

In addition, Amazon Web Services (AWS) is making available a query engine-rules engine that will allow the data to be analyzed as it comes in, decide whether any rules or conditions apply to it, and implement the action required.

After that, it may be stored in one of several AWS storage systems, including the Redshift data warehouse, S3 permanent storage or its unstructured big data system DynamoDB.

Once the device data is embedded in the Amazon IoT, the other analytics systems already there can be applied to it as well, including the Amazon Lambda service, which can scrutinize a pattern of events and look for anomalies or signs of trouble and commission a response.

Amazon Web Services CTO Werner Vogels launched Amazon's Internet of Things on Oct. 8, the third day of Amazon's four-day Re:Invent event in Las Vegas.

The IoT is not something you need to plan for in the future. It's here already, he said.

"We see the Internet of Things in so many places on AWS," Vogels said. Customers such as the Philips Consumer Lifestyle division of the big Dutch consumer electronics firm, which includes the Philips Health Care unit, are already using Amazon to collect and store device data, consumer application data, and medical image data.

Jeron Tas, CEO of Philips Healthcare Informatics Solutions, said his firm built its own IoT over two years ago to collect data from its patient monitors, medical imaging machines, hospital sensors, and defibrillators. It is currently collecting data from 7 million devices.

Figure 1:

(Image: Andrey Prokhorov/iStockphoto)

But Tas sees the network growing to more than 10 times its current size as patient populations start to shift toward self-monitoring of health for maintenance of good health and healthcare moves away from treatment of advanced disease and acute-care cases. As consumers move into a new phase of health care, they will churn out data from their smartphones on their diets, sleep habits, etc. Fitbit-style exercise devices can become part of their patient profile.

"I challenged my staff: How are we going to connect 100 million devices to our IoT? How are we going to add millions of home devices? We started looking at how we could hook it up to Amazon Web Services," he said during an interview at Re:Invent on Thursday.

[Read about the ways Amazon is targeting the BI market.]

That process is well underway, although Philips hasn't started depending on AWS IoT yet.

"We're bringing out IoT environment to Amazon so it can have a very solid, scalable foundation," Tas said. Philips has no applications in production, but Philips did a field test on the impact of the IoT on consumer health care with the Banner Healthcare plan in Arizona. Philips concluded that the IoT could reduce hospital readmissions by 46%, cut emergency room visits by 67%, and lower overall healthcare costs by 27%.

One area in which it is planning to experiment is in collecting voice data as a healthcare system interface, by means of the Amazon Echo device, which picks up a consumer's voice in the home.

Page 2: How the Amazon IoT works.

Matt Wood, general manager of Amazon product strategy, explained how the Amazon Internet of Things will work in an interview after Vogel's keynote Thursday.

Shadow Devices, Rules Engines, and More

Medical devices or devices in the home or industry will communicate with the Amazon IoT through a Device Gateway. The gateway depends on a 30-year-old protocol, MQTT, for its communications. The protocol is well suited for the purpose, because it functions for irregular or intermittent data transmissions characteristic of devices on the IoT, and requires little compute power.

The Device Gateway requests a digital certificate from a communicating device that identifies the sender, authenticates the sender, sets policies and privileges over who may access the data, and encrypts the data for its movement into the cloud.

Before being sent on to permanent storage, an IoT Rules Engine is allowed to query it. The data's owner can submit SQL-like queries to the data as it arrives, as in asking a block of temperature data if it includes any readings over 80 degrees. When the query discovers such a reading, a rule is triggered that tells the end point system to consume less power until the temperature falls to a normal range.

In addition to the Device Gateway and Rules Engine, Amazon will create a virtual or "shadow device" from the data, describing a real one, and allow that virtual device to reflect the state or most recent status of an actual device. Since communications may be intermittent, a message slated for a physical device but unable to reach its target would be stored by the shadow device and forwarded when its counterpart became accessible again. The Device Gateway will talk to the shadow device exactly as it would its real counterpart, Wood said.

The shadow device is "the alter ego in the cloud" of a real device, he noted. Each shadow device will have a Web standard REST API in front of it so users of the IoT can determine the last reported state of any device, whether currently connected or not.

Finally, the IoT Gateway will recognize the designated storage for a particular stream of device data and ensure that it ends up there.

Wood said there is no reason why anyone interested in collecting device data can't master the MQTT or other protocol, build their own gateway, set up their own ID and authentication systems and querying/rules engine, and scale the capture and storage of the data as needed. "Doing it with best practices, particularly around security, is very challenging," he said.

Such comments are obviously meant to give cloud users pause if they're thinking of a do-it-yourself approach. That doesn't mean it can't be done, but Wood was explicitly challenging customers to compare that cost versus what Amazon is charging for IoT as a service. No pricing was announced with IoT details Thursday.

[Want to learn more about the IoT from GE's point of view? See GE: IoT Makes Power Plants $50 million more valuable.]

Those who adopt Amazon's services instead of building an IoT themselves "will be able to focus more on the edge of the network, the sensors and machines and consumer apps." That, clearly, is where Amazon Web Services thinks its customers' best efforts ought to go.

To help customers get started with the IoT, Amazon offers an IoT device software development kit and connector to AWS IoT. Third-party partners can add functionality to a basic connection such as over-the-air updates or remote diagnostics. Ayla Networks, Cirus Link, Thingworx, and Xively offer those services. Customers may also use Splunk, another partner, for data analysis. System integrators such as Accenture, Booz Allen Hamilton, Thinglogix, and Two Bulls can bring the pieces together and customize their function.

In addition to Philips, NASA and the Jet Propulsion Laboratory are early users of the AWS IoT, employing data collected from sensors on the Mars Rover and other craft that were sent into the solar system.