Bosch IoT Device Management

Device communication capabilities

images/inline/01dfc6f4a3896dcd296bd7a94e184170c5b7253e.png

The features in detail:

Device-to-cloud communication

Connect devices through various protocols to IoT applications

  • Communication patterns

    • Telemetry - for processing data generated by devices in a highly scalable manner – handled as “pass through”

    • Events - for guaranteed delivery of messages sent by devices to your application – handled with “store & forward”

  • Communication protocol adapters

    • Bosch IoT Hub - supports HTTP, AMQP, MQTT, CoAP, and LoRaWAN.

    • Custom protocol support upon request.

  • Application integration

    • Managed or ad-hoc connections for forwarding events: HTTP Webhooks, WebSocket, AMQP, MQTT, Apache Kafka

    • Payload mapping - on the fly - in case your application expects the data in another format

    • Enrichment and filtering of events - configurable per connection

Cloud-to-device communication

Control devices remotely from IoT applications

  • Application layer protocols
    Various application layer protocols for accessing your device data in a uniform manner, regardless of what protocol the device level understands.

    • Managed or ad-hoc connections: HTTP, WebSocket, AMQP, MQTT

    • Payload mapping - on the fly - in case your application expects the data in another format

    • Enrichment and filtering of events - configurable per connection

    • Custom integration can be supported, as long as you respect the Eclipse Ditto Protocol (open spec.)

  • Communication pattern: Command and control

    • Remote operation execution (incl. response)

    • Remote operation triggering

    • Configuration update notification

Digital twin

Abstract representation of an IoT asset

  • Manage the digital representation along with the life-cycle of your product
    Support all types of activity in the life-cycle of your IoT asset:

    • Create (aka provisioning)

    • Read, update, search

    • Delete (aka de-provisioning)

  • Device abstraction

    • One unified interface for devices, regardless of the device type or connectivity protocol

    • Support of models created with Eclipse Vorto.

  • Synchronize information received from devices and from applications

    • Data from the physical device is forwarded to all authorized subscribers.

    • Messages from authorized IoT business applications are routed to the devices.

  • Always available - the latest state of your device can be looked up even if the device is not online at the moment you request the data.

  • Search across the full set of devices / digital twins

    • RQL – query syntax for filter - applicable as search criteria

    • Result fields definition, sort criteria

    • Indexed fields: attributes, features, properties etc.

Security and privacy

From transport layer security to application level access control

  • Transport layer security (TLS) – everywhere

  • Device authentication

    • Username and password based device authentication

    • X.509 Certificate based device authentication

    • Certificate management - including revocation and update of certificates

  • Integration with 3rd party services for device security

    • Key management services and public key infrastructures

    • Hardware security modules

  • Authorization management for applications

    • Unified authorization by Suite OAuth tokens

    • OAuth2 and OpenID Connect compatibility

  • Policy management

    • Ensure that only authorized users and applications can read or write data
      (this can be defined very fine-grained).

    • Ensure that only authorized users and applications can send messages,
      e.g. to interact with your digital twins or even with the physical devices they represent.

  • Multi-tenancy

    • All tenants are completely separated from each other, by default.

    • The communication from the devices to the business application and from the business application to the devices is isolated at tenant level.

    • Optional: operations across tenant boundaries can be granted - but respective policies need to be managed by the tenants themselves.

Device communication at the edge

Additionally, device communication at the edge can be enabled by Bosch IoT Edge if used in combination with Bosch IoT Device Management.

  • Out-of-the-box connectivity to Bosch IoT Device Management over MQTT

  • Device bootstrapping for connecting to a target Bosch IoT Device Management subscription

  • Local messaging over MQTT using Ditto protocol

  • Extended device connectivity via gateways and IoT protocol support (in combination with Bosch IoT Edge Services)

    • Protocols include Z-Wave, Zigbee, KNX, UPnP, Bluetooth LE, DECT ULE, ONVIF, HomeConnect, Modbus, EEBus SHIP, EEBus SPINE, and BACnet

    • Custom IoT protocol support upon request