Enabling the Internet of Things

TECHNICAL BRIEF

Accelerate secure and scalable connected soluti ons.

Introducti onThe number of connected things in the world is expected to exceed 20 billion by 2020 (Gartner) and the sheer volume of identi ti es will grow in parallel. A connected product to a manufacturer means building a bett er, more valuable or sti cky product and unlocking new service-based revenue models. A connected asset to an owner/operator is a means to increase operati onal effi ciency and improve services by opti mizing the use of the asset.

But the challenge is that IoT has an Identi ty problem – there is a need to deliver trusted informati on to many mission criti cal stakeholders. Need to make it possible for owners and operators of product ecosystems to create and manage a network of physical objects that securely connect, communicate, collect data and intelligently distribute this data to create value.

Anatomy of a connected device ecosystem

A connected device ecosystem is oft en more vast than one might think, serving many more stakeholders than apparent to the untrained eye. Looking at a connected soda dispenser at a restaurant as an example: all stakeholders in the ecosystem benefi t from connecti vity. Connecti vity enables them to consume informati on and act intelligently before an event occurs.

The machine itself can send messages to a system that monitors machine health and maintenance can be performed in advance of any failures, enabling the restaurant to sell as many beverages as possible. Additi onally, distributors can be noti fi ed that the machine is running low on syrup, and should be refi lled before any ingredients run out completely. The restaurant can track delivery of products in real ti me. The beverage company can bett er plan producti on and distributi on with accurate visibility into demand.

Connecti ng people, systems and things enables operati onal agility across the value chain.

Like organizati ons, people, applicati ons and devices have a broad spectrum of att ributes – these enti ti es and their relati onships need to be carefully managed. The Covisint Platf orm standardizes how these device identi ti es are represented; making sure that the highest level of integrity can be maintained at scale. Common enti ty defi niti ons allow for consistent identi ty relati onship behavior, versioning, and extensibility.

Connected ecosystem of people, applicati ons and things, requires inti mate knowledge and experti se in each of the areas described in this brief. Not only that, but it also requires the ability to purchase, code, and maintain a string of components. Industry leaders understand that connecti ng the myriad of people, systems and things that touch the value chain can have a profound positi ve impact on business. They have also come to realize that piecing a soluti on together with multi ple standalone components or building it themselves would take a considerable amount of ti me and resources – oft en more than they have to spare – resulti ng in something that is error-prone, challenging to manage and not easily scalable.

Alternately, these soluti ons can be developed using a cloud Platf orm-as-a-Service (PaaS) to manage enti ti es and their relati onships, the lifecycle of all connected enti ti es, the orchestrati on of device data streams, and messaging for integrati on of device and applicati on data. The Covisint Platf orm was purpose-built to do this and has gained notoriety for its reliability, massive scalability and for enabling operati onal agility. With this platf orm, the enterprise can easily unlock customer and partner led development, and innovate quickly in the applicati on layer.

The Covisint Platf orm

The Covisint Platf orm has evolved a great deal since its incepti on as the world’s largest B2B exchange and since enabling companies like General Motors to moneti ze vehicle telemati cs – providing car owners with convenient services through OnStar, the world’s fi rst consumer-facing connected car experience. Today, this Platf orm-as-a-Service combines all of the foundati onal technologies required for any IoT initi ati ve, and the tools to get started quickly.

Covisint’s identi ty-centric approach to IoT is what makes this platf orm in parti cular both unique and highly complementary to other platf orms in the marketplace.

• This platf orm comes with advanced out-of-the-box identi ty and access management functi onality, which would otherwise have to be built from scratch – typically consuming 20-40% of development ti me for IoT initi ati ves.

• Messaging and orchestrati on services provide the integrati on layer for transporti ng customer data and integrati ng across devices and systems eliminati ng the complexity of creati ng and syndicati ng integrati ons for machine-to-machine, machine-to-people, or machine-to-applicati on scenarios.

• IoT services enable:

• Management of device lifecycle at all stages – tracking and authorizing devices as they are provisioned, registered, acti vated, locked, unlocked, suspended, unsuspended, deleted, and reset.

• Fine-grained audit and tracking, for every event associated with a device, provide complete transparency across the ecosystem.

• Rapid development and deployment of IoT projects using templates.

• This platf orm is much more secure and scalable than any other platf orm, providing autonomous authenti cati on, authorizati on and interacti on between enti ti es.

• This infrastructure-agnosti c architecture is built on Cloud Foundry which allows for soluti ons to scale dynamically, ingest data rapidly, upgrade with no downti me and run on any IaaS.

This brief covers the scope of Covisint’s IoT services. These capabiliti es make it possible to isolate, manage and orchestrate device behavior and model for security.

IoT services accelerate secure, scalable connected soluti ons

Getti ng started is easy with Covisint’s IoT services. Services include advanced profi le management that helps to catalog and defi ne templates for re-use, tools to manage the lifecycle of devices and the relati onships that they have to other devices, people and systems, as well as Internet-scale IoT messaging functi onality. Managing and operati ng an IoT ecosystem securely would be impossible to do without these capabiliti es, and extremely challenging to build from scratch.

Profi le management – defi ne device profi les and leverage templates for bulk creati on and update. Unlike other IoT services providers, Covisint makes it possible to create templates for devices, events, commands and even enti re soluti ons. Templates make it easy to onboard new devices quickly, catalog att ributes for future use and they allow users to instanti ate enti re soluti ons based on prior models that have proven to be eff ecti ve.

• Catalog management – defi ning the taxonomy of the soluti on and representi ng it as a catalog of universal att ributes that can be applied to devices, events and commands.

• Att ribute type – metadata or properti es applicable to devices.

• Templates – collecti on of att ributes, commands and evets to create devices. A device based on a template will inherit all att ribute, command and event properti es.

• Device template – collecti on of att ributes applicable to a device.

• Event template – collecti on of att ributes applicable to an event that a device can produce.

• Command template – collecti on of att ributes applicable to a command that a device can act on.

• Soluti on templates – templates of complete soluti ons, consisti ng of all att ributes, commands and events associated with devices, for simple reuse in future projects and rapid deployment. For example, a soluti on template can represent a connected farm or connected vehicle.

• Device management – creati on and management of devices in the ecosystem which includes a registry that makes it possible to instanti ate, track and maintain metadata related to a device.

• Rules – robust engine that enables real ti me decision-making based on events and device lifecycle.

Relati onship & Lifecycle Management – register, authenti cate and authorize interacti on across the enti re lifecycle of people, systems and things. The ability to manage the identi ty of a device throughout its lifecycle is criti cal to security across the enti re ecosystem. The ability to manage the relati onship that a device has with anyone or anything that it interacts with is what makes Covisint uniquely qualifi ed to handle IoT initi ati ves requiring the highest level of security.

• Registrati on – instanti ati on of a device based on a device template.

• Authenti cati on – authenti cate devices by issuing credenti als and/or certi fi cates.

• Authorizati on – defi ne authorizati on policies to manage devices and interacti ons in the ecosystem. Manage subscripti on and publicati on of streams. Dynamic security context provides fi ne-grained authorizati on policies down to the command level of the device.

• Lifecycle management – devices have lifecycle states associated to them and they can transiti on from state to state either automati cally or through workfl ows/commands. Manage metadata and audit data associated with changes in enti ty lifecycle and authorizati ons over ti me.

• Relati onship management – manage interacti ons between devices, systems and things, across ecosystems. Create and manage subscripti ons to device and applicati on streams.

IoT messaging – internet-scale stream processing engine for sending events and commands across devices, systems and processes with workfl ow and stream analyti cs. Advanced messaging capabiliti es are key to all IoT ecosystems, and especially those in which mission criti cal functi ons are performed. Unlike other IoT service providers, Covisint enables protocol brokerage and fi ne-grained traceability of messages.

• Stream processing – event data hub and processing engine to receive multi ple streams of data in diff erent protocols through a broker, persist the data, apply business logic and route it to the right recipient (applicati on), enabling IoT scenarios with high number of device messages processed in real ti me. Employs pub-sub model, an emerging standard paradigm, for messaging where an IoT platf orm publishes the data into a public queue and the applicati ons which are subscribed to that queue may access the data.

• Device presence – messaging framework for device states (offl ine/online) and the logic associated to the transiti on between the states.

• Protocol brokerage – protocol brokering and support for legacy and/proprietary device communicati on technologies.

• MQTT – a lightweight messaging protocol for small sensors and mobile devices, opti mized for high-latency or unreliable networks.

• JMS and MOM – a Java message API that allows communicati on between diff erent components of a distributed applicati on to be loosely coupled, reliable and asynchronous. The platf orm uses it to allow applicati ons to subscribe to public queues and consume IoT events/data.

• HTTP 1.1 – an applicati on-level protocol for distributed, collaborati ve, hypermedia informati on systems.

• Websockets – a protocol providing full-duplex communicati on channels over a single TCP connecti on.

• STOMP – a simple text-based protocol, designed for working with MOMs, providing an interoperable wire format that allows STOMP clients to talk with any message broker supporti ng the protocol.

• AMQP – an open standard message queuing applicati on layer protocol for MOMs.

• TCP/UDP – transport layer protocols built on top of internet protocol.

• Custom applicati on protocol service – allows for creati on of a custom applicati on protocol on top of any IP stack based protocol, such as, UDP, TCP, HTTP, and FTP.

• Encrypti on and decrypti on – payload level encrypti on/decrypti on for high to low range. Ciphers are supported at 256, 128 and 96 bit and include AES PSK, Simon PSK, Speck PSK.

• Events and commands – event and command processing with acknowledgements. Event based rules executi on that triggers commands, noti fi cati ons and message delivery to enterprise systems.

• Real-ti me analyti cs – ability to apply stati sti cal aggregators to multi ple data points from stream and device metadata in real ti me and the ability to generate rules based on analysis.

• Trace and audit – fi ne grained traceability of messages for troubleshooti ng, audit and billing. Ability to replay IoT messaging and to capture any transacti ons or system state changes and make them available for audit.

• Transformati on – the ability to transform any data format for validati on, mapping, pre-processing, data enrichment and post-processing.

The building blocks of a complete IoT soluti onCarlito operates an IoT ecosystem of connected assets, fi eld operators and the devices that they use. He needs to be able to add additi onal assets to his ecosystem, connect them to fi eld operators, and apply rules for health monitoring purposes.

Integrate: Carlito uses Covisint APIs to

integrate the applicati ons and systems that he and his fi eld

operators use to interact with diff erent assets.

Confi gure/Build:

He starts by logging into his dashboard where he can manage

templates for easy onboarding of new assets/devices, monitor existi ng ones, and manage the

relati onships between assets, other devices and fi eld operators.

Manage: Carlito not only has the ability to

manage the ecosystem as a whole, but he has fi ne-grained control

over individual assets. Using the platf orm, he can closely manage the identi ti es of people, systems and things in their varying states within a lifecycle. He can set up

commands and workfl ows to transiti on assets and other devices

from state to state

Operate: Carlito can closely monitor the

messages being sent and received throughout the ecosystem.

With these advanced tracking capabiliti es, he has insight into

the fl ow of data between all connected people, systems and

things transacted through the Platf orm, at any level.

Analyze: Carlito benefi ts from advanced

real-ti me analyti cs for a high level look at all operati ons as they’re

occurring, making it easy to track down bott lenecks and assess

overall operati onal health.

Scale & Manage Enti ty Hierarchies: As his IoT ecosystem grows, Carlito

can visualize and manage the hierarchies of people, system and

things. He can onboard new assets quickly using templates that allow

him to apply the same att ributes to new, similar assets. He is also able

to easily manage access controls for groups within an ecosystem.

With Identi ty at the center of almost every Internet of Things initi ati ve, a platf orm that enables rapid development around the identi ty of things, is essenti al. Advanced profi le management, lifecycle and relati onship management, and IoT messaging are the pivotal components needed to make IoT useful to businesses. Covisint’s IoT Services make it easy to isolate, manage and orchestrate device behavior and model for security.

The Covisint Platf orm provides technologies that allow you to register and manage physical things and create soluti ons that connect people and systems with the integrated world. Covisint’s IoT services encompass everything needed to monitor the health of products and equipment to create secure interacti ons and integrati ons, and manage the identi ty lifecycle of connected things.

Conclusion

All Covisint products and services listed within are trademarks of Covisint Corporati on. All other company or product names are trademarks of their respecti ve owners. ©2017 Covisint Corporati on.

Covisint Corporati onDetroit | Frankfurt | London | San Francisco | Shanghaip 800 229 4125 | covisint.com

Covisint is the connected company — we securely connect ecosystems of people, systems and things to enable new service off erings, opti mize operati ons, develop new business models and ulti mately enable the connected economy. Today, we support more than 2,000 organizati ons and connect to more than 212,000 business partners and customers worldwide.

TECHNICAL BRIEF