Exploring Domestic and International IoT Platforms (Part Five: Exosite Murano)

Author: Ma Zhi

Published by IoT Think Tank

Please cite the source and origin when reprinting

—— [Introduction] ——

The IoT Think Tank will publish a series of articles titled “Exploring Domestic and International IoT Platforms” written by Mr. Ma Zhi every Friday afternoon in the second article.

The IoT Think Tank will publish a series of articles titled “Exploring Domestic and International IoT Platforms” written by Mr. Ma Zhi every Friday afternoon in the second article.

—— Domestic ——

(1) Baidu IoT Hub Access

(2) Alibaba Cloud IoT Suite

(3) QQ IoT · Smart Hardware Open Platform

(4) JD Micro Link

(5) Smart Cloud IoT Cloud Service Platform and Smart Hardware Self-Development Platform

(6) Qingke Cloud FogCloud

(7) Ablecloud IoT Self-Development and Big Data Cloud Platform

(8) China Mobile IoT Open Platform OneNet

—— International ——

(1) Amazon AWS IoT

(2) Microsoft Azure IoT

(3) IBM Watson IoT

(4) Ayla Networks

(5) Exosite Murano

Overview

Murano is a cloud-based IoT software platform that provides a secure and scalable infrastructure, supporting an end-to-end ecosystem that helps customers securely and scalably develop, deploy, and manage applications, services, and connected products.

Features

• The Murano platform simplifies the entire IoT technology stack and can be seen as multiple integrated cloud software layers.

• Murano provides IoT infrastructure, development environment, and functional integration, including device connectivity, product management, data routing, service integration (such as data store/alerts/third-party analytics platforms), application open APIs, user authentication/roles/permissions, and application hosting.

• Murano allows integration with third-party software, enabling developers to focus solely on user applications and device applications.

• Murano enables developers to quickly create entire IoT systems while maintaining flexibility, allowing for the addition of new features and custom functionalities.

Architecture

Product Layer

The product layer in Murano represents the types of connected devices, providing tools and interfaces for managing product definitions, allowing developers to deploy devices, define business openings, data routing, on-site upgrades, and configurations using a common API. Developers can quickly create devices and validate device behavior using the integrated dashboard prototype.

Product Layer Features

• Device Management: Manage device status, deploy firmware and upgrades, version control.

• Device Connectivity & Security: Create encrypted connection channels using TLS standard protocols, allowing developers to quickly connect devices and communicate data.

• Device Activation: Secure and scalable activation interfaces meet the flexible activation needs of OEM manufacturers in both production and operational states.

• Open Access: Compatible with most embedded hardware configurations.

• Dashboard Tools: Quickly create, configure, and deploy dashboards for visualizing device data.

• Embedded SDK: The ExositeReady™ embedded SDK can be ported to most Wi-Fi and Ethernet embedded platforms.

• Gateway Engine: Exosite’s gateway engine framework includes automatic activation, device management, and on-site firmware upgrades to accelerate gateway design.

• Development Resources: Open-source libraries available in C, C++, Python, Java, .NET, Node, Go, etc.

• Data Model: Based on device metadata, data sources, device groups, access policies, process links, events, and alerts, allowing for flexible development, maintenance, and upgrading of complex data models.

Solution Layer

The solution layer in Murano represents application logic, user interfaces, and application APIs. Utilizing device data, it provides tools for developing and deploying applications and services based on data routing, service integration, custom APIs, user authentication/roles/permissions, and application hosting, allowing developers to create solution templates that include application functionalities deployed to end-users, as well as custom APIs for products.

Solution Layer Features

• Role & Permission Management: Integrated user services provide a permission model, including authentication, management, and role definitions.

• Custom API: Custom web-service APIs can be defined based on device data, defining the context, application logic, and device/user access for each solution.

• Application Hosting: Static application file hosting allows the entire application to be hosted on Exosite, with technical support and 24/7 monitoring provided by Exosite.

• Service Data Routing and Event Logic: Use event logic systems to set thresholds and schedule services to trigger alerts via SMS, email, or HTTP.

• Application Library: A rich application library facilitates the design, configuration, and deployment of native applications.

• Data Storage: Key-Value storage with timestamps, with all data replicated across different servers.

• Analytics Engine: Provides real-time data stream processing and automated handling, making it easy to parse raw data packets and format conversions.

• Integration Solutions: Utilize Exosite’s partner solutions or custom cloud-to-cloud connections to integrate other cloud services.

• IoT Marketplace: Access a large number of integrated partner solutions to accelerate IoT deployment, with all service plugins hosted by Exosite.

Business Layer

Murano completely transforms connected products and solutions into data-driven businesses. With enterprise-level features, Murano seamlessly integrates business systems, unlocking the true value of IoT and accelerating business transformation.

Business Layer Features

• Management Console: User-friendly management tools for setting data-level solution configurations.

• System Usage Reports: Analyze, optimize, and understand resource usage models, providing monitoring for implementation solutions.

• Solution Templates: Vertical application templates for product definitions, data routing, user role definitions, and application content, accelerating time to market.

• Business Software Integration: Use third-party software such as Salesforce, Twilio, and other CRM software for business reporting, analytics tools, and cloud-based scheduling and data services.

• Solution Monitoring: Provides end-to-end cross-solution business insights, with deep visibility into overall performance.

• Data Discovery: Use data browsing, visualization, and export tools to gain business knowledge and operational insights.

• Access Control: Determine who can view and access information at different account levels, quickly and securely creating hierarchies and display options.

• Security Management: Manage SSL certificates and DNS, integrating monitoring services into Murano for smooth and secure IT operations.

• Standardization Tools: Integrate source control tools to reuse common components.

Security – Multi-layer Protection

• Integrate leading security frameworks, employing bank-level SSL encryption on all sensitive interfaces.

• API endpoints use socket layer security protocols (SSL/TLS) to prevent data theft, tampering, and forgery.

• User interfaces and web applications use HTTPS encrypted communication to protect the privacy and integrity of data exchanges.

Security – Data Storage

• Multi-layer security models ensure the execution of data access security policies.

• Restrict physical access to data servers, monitor physical facilities on-site, and provide multi-factor authentication and security logs.

• User data access is strictly controlled, with each request requiring authentication, isolating access from user data.

Security – User Authentication

• User authentication strictly controls platform access, with layered permissions facilitating multi-dimensional information access authorization, generating temporary API keys based on user permission levels.

• Secure storage of sensitive user information, passwords, and tokens.

Security – Device Authentication

• Prohibit any data exchange between the platform and terminals without authorization.

• All devices use private keys to exchange data with the platform.

• During configuration, to prevent spoofing, on-site devices establish authentication with the platform using encrypted API communication (DTLS and TLS) within a controlled time window.

• Once a device is authenticated, ownership and permission levels are established.

Device SDK

To reduce development time, the ExositeReady™ embedded SDK provides commercial-grade terminal software to quickly and securely connect hardware devices.

Device SDK Features

• Device Portability: The ExositeReady SDK provides portability of existing configurations to new hardware platforms.

• Example Programs: Browse demos to see porting methods.

• Supported Hardware Platforms: ExositeReady certified hardware includes development guides, example programs, and binary encoding files.

• Integrated API: Provides easy-to-integrate application-level APIs.

• Library-level API: ExositeReady certified hardware is pre-configured to connect to the Exosite cloud platform.

• Secure Connection: ExositeReady certified hardware adopts the latest security standards.

• Open Source: The ExositeReady SDK is open-source software, completely free under the Apache 2.0 license.

• Code Portability: Written in C99, the ExositeReady SDK can be used on any embedded platform.

Device Gateway Engine

The ExositeReady™ gateway engine is a software package that facilitates quick and secure communication between endpoints, gateways, and the Murano platform.

Device Gateway Engine Features

• Application Hosting: Develop and monitor custom gateway applications, version control, restart and failure definitions, and access to debug logs.

• OTA Upgrades: Use a secure and reliable OTA engine to remotely install and upgrade gateway firmware and applications.

• Gateway Data Collection: Monitor important gateway information such as disk usage, file system metadata, and mobile network data traffic usage, making it easy to debug and predict potential issues.

• Message Queue: Use flexible storage-forwarding HTTP services to avoid data loss caused by power outages or unreliable connections.

• Process and Log Management: Record restart processes and log files using open-source process management tools and monitoring systems.

• API Library: Use secure and validated API libraries to accelerate Python application development.

• Modular Sensor Interface: Utilize built-in sensor drivers or add and extend I/O interfaces to meet actual needs.

• Pluggable Service Interface: Use built-in cloud modules to route device data to the Murano platform, facilitating integration with other on-site business management systems.

Device HTTP API

Device firmware and applications must use this API to activate services and interact with the platform.

Time Series Data APIs:

• Write: Write data to a set of resources

• Read: Read the latest data from a set of resources

• Hybrid Write/Read: Write to a set of resources and then read from a set of resources

• Long-Polling: Notify promptly when there are updates to resources

Device Activation APIs:

• Activate: Activate the device and obtain the device CIK

• List Available Content: Get a list of device content files

• Get Content Info: Get metadata of device content files

• Download Content: Download device content files

Utility APIs:

• Timestamp: Get the current Unix timestamp

Murano Scripts

• The Murano platform is an event-driven system that uses scripts to route data and execute application logic and rules.

• Murano scripts have rich functionalities for accessing device data to time series databases, executing device tasks, processing solution application API requests, and more.

• Murano scripts can access all Murano services.

• Murano scripts are written in Lua and run on the LuaJIT virtual machine.

• Murano scripts can be added to solutions via the management console or command line interface.

Murano Script Concepts

• Service Call

• Script Execution & Event Handlers

• API Endpoint Scripts

• Websocket Scripts

• Modules

• Script Environment

Murano Services

Murano services can be accessed by scripts and consist of two different components: operations and events.

• Operations: Methods that can be called in scripts

• Events: Triggers for script execution

Murano Services List

Communication:

Device: Device gateway service

Email: Email service

Twilio: Twilio service (SMS and calls)

Webservice: Custom API for gateway service

Websocket: WebSocket gateway service

Core:

Tsdb: Time series storage service

Keystore: Key-value storage service

Others:

Config: Solution configuration service

Timer: Timer service API

User: User management service

If you like this column or want to connect with the author, feel free to scan the code to treat the author to coffee!

Previous Hot Articles (Click the article title to read directly):

• “[Heavyweight] IoT Industry Panorama Report, the First Domestic IoT Industry Two-Dimensional Perspective Panorama”

• “13 authoritative experts deeply analyze the nine major new trends in the IoT that attracted attention in 2017“

• “China’s first low-power wide-area network LPWAN market report released: Where is the next IoT opportunity? [Text version]”

• “A cartoon tells you: What is LoRa that everyone is talking about behind NB-IoT?”

• “A cartoon tells you: Besides WiFi and Bluetooth, what can the recently popular NB-IoT do?”“

• “Terry Gou of Foxconn does not do “Gou Run”, 50 days to finalize the ambition behind the 61 billion investment“