HOW TO BUILD IOT INFRASTRUCTURE AND APP USING AWS IOT?

There are numerous IoT platforms available in the market that can help you handle the challenges of building IoT applications. But, it is vital to choose a suitable and effective platform to create such diverse applications. Amazon Web Services IoT platform is one of the most sought-after platforms for developing IoT applications. But before getting into the technicalities of building IoT applications on AWS IoT, we must understand the platform in detail. In this article, we will talk about:

  1. What is AWS IoT?
  2. What are the features of AWS IoT?
  3. How does AWS IoT work?
  4. Why should you choose the AWS IoT platform?
  5. What are the use cases of AWS IoT?
  6. How to create an IoT infrastructure and build an IoT app using AWS IoT?

Let’s begin by understanding the concept of AWS IoT.

1. What is AWS IoT?

AWS IoT stands for Amazon Web Services Internet of Things. It allows developers to build complex and scalable IoT systems by providing:

  • end-to-end device control
  • end-to-end data control
  • management services

It is a part of the Amazon Web Services Cloud Computing platform. According to Forbes, Amazon owned nearly half of the public cloud infrastructure market in 2019, valued over $32 Billion.

AWS IoT platform provides cloud services and device software to help you connect your IoT devices with:

  • other devices
  • AWS cloud applications
  • AWS IoT-based solutions

2. What is AWS IoT Core?

AWS IoT Core is a cloud service on which the AWS IoT platform functions. It is managed and lets connected devices interact securely with cloud applications and other devices. AWS IoT Core can:

  1. enable you to connect and manage your devices 
  2. help you keep track of your devices and communicate with them even when they aren’t connected.
  3. secure device connections and data.
  4. process and act upon device data.
  5. read and set the device state at any time.
  6. help you to scale to numerous Alexa built-in devices cost-effectively 

AWS IoT core makes it easy to use various Amazon services to build IoT applications without managing any infrastructure.

Let’s discuss the features of AWS IoT Core to understand it in a better way.

3. What are the features of AWS IoT Core?

Features of AWS IoT Platform
Features of AWS IoT are:

  1. AWS IoT Device SDK
    AWS IoT Device SDK refers to Amazon Web Services Internet of Things Device Software Development Kit. It assists your devices to connect, authenticate and correspond with AWS IoT Core easily. It uses protocols like:

    • MQTT: Message Queuing Telemetry Transport
    • HTTP: HyperText Transfer Protocol
    • WebSockets Protocol

    The AWS IoT Device SDK includes client libraries, developer guide, porting guide and supports programming languages like:

    • C
    • JavaScript
    • Arduino

     

  2. Message Broker
    The Message Broker is a fully-managed, high performance publish/subscribe message broker. It securely conveys messages between your IoT devices and applications with a short waiting time. It is flexible and scales automatically with your message volumes. It allows you to:

    • set up fine access controls that let you manage individual connection permissions.
    • ensures that your devices will only exchange the information that you want.
    • exchange messages between numerous devices.

     

  3. Security
    AWS IoT Core secures all communications as it doesn’t allow any information exchange without authentication. It secures all received messages with security certificates.

    Also, with the help of Message Broker, it enhances security by allowing you to set up fine access controls.

  4.  

  5. Registry
    The registry gives a unique identity to each device and tracks metadata. Metadata consists of the device’s capabilities. You need to access and update your registry entry after every seven years not to get additionally charged for storing metadata in your registry.
  6.  

  7. Jobs
    Jobs are a set of remote operations executed on AWS IoT connected devices. With this feature, we can send files to devices and update their systems using OTA updates.

    A job document explains the function the device needs to carry out. It is usually stored in an Amazon S3 bucket and contains URLs for downloading files.

  8.  

  9. Rules Engine
    The rules engine allows you to build IoT applications that collect, process, examine and work on information generated by connected devices globally. Based on the rules defined by you, it analyzes, transforms and delivers messages to other devices or a cloud service. It offers numerous functions to modify your information. You can author rules to act differently, based on your message’s content and write them using an SQL-like structure.
  10.  

  11. Device Shadow
    Device Shadow refers to making a shadow of devices on the cloud, which allows you to communicate with them even when they are offline. The “Shadow” includes the latest state of the device. Applications can set the device’s desired future state, and AWS IoT Device SDK makes it convenient for the device to respond to them and get in sync with the Device Shadow.
  12.  

  13. Alexa Integration
    Alexa Voice Services Integration reduces costs of building Alexa inbuilt devices but shifting computing needs like state management, audio mixing & decoding and media retrieval to a cloud. This feature allows Alexa integration in:

    • Resource restricted devices
    • Low-cost products
    • Small Appliances

    It allows you to integrate Alexa directly into parts of your homes or offices so that you can talk directly to your surroundings instead of Alexa devices.

    Alexa Voice Service (AVS) for AWS IoT has three components:

    1. Reserved MQTT Topics Set to exchange audio messages among Alexa enabled devices and AVS.
    2. Virtual Alexa Enabled Device in the cloud transfers functions from the physical device to the virtual device.
    3. A set of Application Programming Interfaces (APIs) to support:
      •  exchange of messages over reserved topics
      • connecting with the device microphone and speaker
      • managing device state

 

AWS Integration

4. How does AWS IoT work?

AWS IoT enables internet-connected devices to communicate with each other over the AWS cloud. IoT applications collect information, process it and send messages in JavaScript Object Notation (JSON) format on MQ Telemetry Transport (MQTT) topics. MQTT topics are UTF-8 strings used by the broker to filter messages for each connected device. The working of AWS IoT has been explained as follows:

  1. Device Gateway is the entry point for IoT devices connecting to AWS.
  2. Communications are secured with X.509 certificates, which need to be registered and activated using AWS IoT. 
  3. All devices connected on the AWS IoT platform need to have a registry, which contains the details of their certificates.
  4. Rules are set up to perform specific actions and filter messages.
  5. To establish connections, the protocols supported by the AWS IoT platform are:
    • MQTT – Light weight protocol used for low bandwidth devices
    • TLS – Transport Layer Security Protocol is used to communicate and avoid issues like tampering securely.

Apart from this, the AWS IoT platform offers various services that play an essential role in its working. Let us learn about them.

Services Included in AWS IoT Platform

Services Included in AWS IoT Platform

Services included in the AWS IoT Platform are:

  1. AWS IoT Device Defender

    As the name suggests, AWS IoT Device Defender is used to protect your IoT device. It is used for:

    • Data encryption
    • Device identification
    • Authentication
    • Authorization

    It sends alerts if gaps or security risks are detected, such as multiple sharing of identity certificates or unauthorized devices trying to connect to the platform.

  2. AWS IoT Sitewise
    AWS IoT Sitewise is a customized tool for industrial applications. It provides software to gather, store, manage and monitor data received from industrial equipment by MQTT messages or APIs at scale. The software runs on a gateway in your facilities, which safely connects to your on-site data servers and automates the processes of collecting, organizing and sending data to the AWS cloud.
  3. Amazon FreeRTOS

    Amazon FreeRTOS is a Real-Time Operating System for micro-controllers. It allows you to connect small, low-power devices to AWS IoT. It is open-source and includes software libraries that support numerous applications by providing all essential tools to conveniently connect your devices with AWS IoT Core and AWS IoT Greengrass.

  4. AWS IoT Greengrass

    AWS IoT Greengrass service allows devices to work even without connectivity by behaving like an AWS Cloud extension. It extends AWS to edge devices to operate on analyzing, managing and storing data locally. It allows devices to work on AWS Lambda functions, sync device data and communicate with each other without internet connectivity.

    AWS Lambda functions include running code without managing servers.

  5. AWS IoT Analytics
    AWS IoT Analytics is a highly scalable service that can handle data from numerous devices without the requirement of expensive infrastructure. It allows you to quickly analyze vast amounts of unstructured data, filter it, and transform it for business use. It automates steps required to analyze data and stores it in a time-series data store. Data can be analyzed by running scheduled queries through the built-in SQL query engine or machine learning.

  6. AWS IoT Device Management
    AWS IoT Device Management allows you to monitor and manage your IoT devices after they have been deployed. It ensures their smooth and secure functioning. Using AWS IoT Device Management, you can monitor your devices using a single system, making maintenance easier for you.

  7. AWS IoT Things Graph
    AWS IoT Things Graph enables you to connect different devices and services visually to build IoT applications. It has features like a visual drag-and-drop interface that allow efficient coordination of devices. You can visualize and connect these devices in one single image.

  8. AWS IoT Events
    AWS IoT Events is a service used to identify and respond to events from IoT sensors. Events are patterns of information that identify more than expected, like motion sensors using data to control lights. AWS IoT Events allows:
    • easy monitoring of sensors
    • early detection
    • integration with other services
    • exceptional insights

     

5. Why should you choose the AWS IoT platform?

Why AWS IoT

AWS IoT Platform is a suitable choice for building IoT platform as it offers various advantages.

Advantages of the AWS IoT platform are:

  1. Flexible
    AWS IoT offers numerous services, which we discussed earlier in this article. These services can conveniently integrate with your IoT devices and provide various applications in various 1industries.
  2.  

  3. Easy-to-Use
    AWS IoT platform is one of the easiest cloud-based IoT platforms to use. After connecting your device to the AWS IoT cloud, you can easily manage and control it as it offers several services and options, all in one place. It also provides various uncomplicated tools like drag-and-drop to make its use easier for you. Hence, it is uncomplicated and convenient to use.
  4.  

  5. High Security
    AWS IoT platform offers multi-layered security services, including:
    • preventive security mechanisms
    • encryption
    • access control to device data
    • services to continually monitor and audit configurations

    It protects:

    • AWS Users with the help of IAM policies and AWS security credentials.
    • Devices by IoT services and IoT policies.
    • Amazon Cognito Identity by authentication provider token + AWS, IAM role policies and IoT policies.

    All connected devices should have credentials to interact with AWS IoT. Interactions on the AWS IoT platform are securely done over Transport Layer Security (TLS). You are liable to manage policies in AWS IoT and device credentials like:

    • X.509 certificates
    • AWS credentials
    • Amazon Cognito identities
    • federated identities
    • custom authentication tokens, etc.

    While using AWS IoT Authentication, the message broker

    • authenticates your devices
    • safely consumes device information
    • allows and rejects access permissions based on your specifications.

    The AWS IoT Rules Engine sends information to other devices based on rules defined by you by AWS Identity and Access Management (IAM).

  6.  

  7. Secure Tunneling
    Secure tunneling enables users to securely build two-way communication with remote devices managed by AWS IoT. You can ensure the same security standards set by firewall rules at remote sites because secure tunneling doesn’t need updates to the present inbound firewall rule.

     

    For example, suppose a sensor located at a remote farm is facing issues in measuring soil temperatures. Secure tunneling can be used to promptly start a session with the sensor to identify the problem, reset the file and restart it.

    Secure tunneling is beneficial in comparison to usual fixing methods as it reduces:

    • incident response
    • recovery time
    • operational costs
  8.  

  9. Offers Modest Pricing
    All services of the AWS IoT platform offer modest pricing. According to its rules, you only pay for what you use. There are no upfront commitments or default payments.
  10.  

  11. Sustainable
    AWS invests in renewable power projects and aims at using renewable energy to run AWS entirely. In 2018, more than 50% of the energy used to run AWS was renewable.
  12.  

  13. AI Integration
    AWS makes devices smarter by combining Artificial Intelligence (AI) and the Internet of Things (IoT). Models can be created in the cloud and deployed to devices where they run twice the speed offered by other platforms.
  14.  

  15. Scalability
    AWS IoT is highly scalable. It is built on a secure cloud infrastructure and offers integration with various services to create effective IoT solutions. It scales to over billion devices and trillion messages.
  16.  

  17. Multiple Use Cases
    AWS IoT offers multiple use cases. Its server-less approach is very suitable for both huge and small projects.It offers complete services for very diverse use cases. Some industries where Amazon has deployed numerous applications based on its AWS IoT platform are agriculture, manufacturing, care of elderly, smart homes, transportation, predictive maintenance and many more.

Let’s discuss some of its use cases in detail.

6. What are the use cases of AWS IoT?

Here we are discussing four use cases of AWS IoT, which are listed as follows:

  1. Industrial Internet of Things (IIoT)

    Usually, an industrial facility has numerous sensors and applications producing data. For improved performance, it is essential to organize and combine this data. AWS Industrial IoT aims to improve industrial operations’ productivity by bringing machines, analytics, people, and cloud computing together on one platform. With IIoT, industrial firms can:

    • modify business models
    • digitize processes
    • improve productivity
    • enhance performance
    • decrease waste

    Industries like manufacturing, energy, transportation, etc. can invest in IIoT projects to connect and maintain their devices to achieve optimum results.

    For example, with IIoT in the manufacturing industry, manufacturers can gather information from all working sites and quickly identify failures, gaps and potential issues in their manufacturing processes. It can also help the manufacturers to:

    • efficiently control material flow
    • identify production issues
    • eliminate production issues
    • identify supply issues
    • eliminate supply issues
    • optimize the functioning of equipment and machinery.

     

  2. AWS IoT Connected Homes

    There has been a substantial growth of IoT connected devices in homes across the globe. With AWS IoT, companies can easily and securely manufacture connected home products. This platform allows manufacturers to build scalable IoT applications to gather, process, evaluate and function on information produced by connected home devices. It enables them to provide quality experiences to their business as well as their consumers.

    For Example, in 2016, LG shifted to the AWS platform as it provided a scalable infrastructure to process elaborate analytics on their data.

    With AWS IoT connected homes, you can:

    • Automate your house by enabling devices to connect to the Internet to act quickly and reliably on wanted operations.
    • Enhance security and monitoring by building door locks, security cameras, or other detectors on AWS IoT to receive instant alerts, even without internet connectivity.
    • Manage home networks by integrating their set-top boxes with AWS IoT. AWS IoT enabled set-top boxes can log network analysis automatically to send to customer service centers and allow users to monitor their network issues through mobile apps

     

  3. AWS IoT Transportation

    We will understand this use case with the help of an example – Miovision.

    Miovision is a company that improves transportation capacity, security and performance economically in over 17,000 municipalities in 50 countries. It converts physical infrastructure into information assets with its Spectrum and Scout solutions and services. Miovision functions on the AWS platform. It uses AWS IoT to:

    • manage its devices
    • securely connect numerous hardware end-points
    • add value to its data with other AWS services
    • handle significant amounts of real-time data
    • automatically scale their applications
    • configure individual policies for devices & services
    • manage all certificates
    • secure their solutions
    • provide traffic management data to cities
    • speed up its pace of innovation

     

  4. Predictive Maintenance

    Predictive maintenance refers to building techniques to evaluate the condition of equipment and when maintenance should be performed on them. IoT devices can be combined with analytics and machine learning to identify equipment failures’ patterns and enhance their durability. AWS IoT has proven to be a very efficient operating platform for this particular use case.

    For example, Newport, Great Britain, uses the AWS IoT platform to supervise numerous sensors across the city. It has also used IoT devices to predict and prevent flood damage in a better way. Using the AWS IoT platform for predictive maintenance has led to various benefits for Newport, like:

    • Saving huge costs
    • Timely established a smart-city proof of concept for Newport
    • Safely connect information sets from across the Council, business sector, partners and technology organizations
    • Bring a new smart city solution to the market in minimal time.

7. How to create an IoT infrastructure and build an IoT app using AWS IoT?

A while ago, a client reached out to us to make an AWS IoT enabled soil temperature monitoring system. Following is a brief of steps we followed to build that system for our client.

Step 1 – Installed AWS CLI

The first step was to install AWS CLI. AWS CLI refers to Amazon Web Services Command Line Interface. This tool assisted us in managing our amazon services. It was essential to install AWS CLI and configure AWS credentials before starting with AWS IoT.

The latest version of AWS CLI is AWS CLI version 2. We were able to quickly set up AWS CLI installation by running the following command:

aws configure

Running this command enabled AWS CLI to give us the following information:

  1. Access Key ID
  2. Secret Access Key
  3. AWS Region
  4. Output Format

Programmatic Requests made to AWS were signed by using Access Key ID and Secret Access Key.

AWS Region refers to the servers where we wanted to send our requests by default.

The Output Format refers to the format in which our results were formatted.

For example:

$ aws configure
AWS Access Key ID [None]: AKAIIODFNODD7EXAMPLE
AWS Secret Access Key [None]: 
wJalrXUtnMETI/K7MMNDG/bPxFciCYEXAMPLE
Default region name [None]: us-north-2
Default output format [None]: json

We used the following command for verification of installation to list the commands available for AWS IoT:

aws iot help

Subcommands’ help includes its:

  • functions
  • output
  • options
  • usage

To get help for subcommands, we used:

aws iot command help

Step 2 – Registered a Device in the Device Registry

The device is known as “thing”, which were temperature sensors in our case. We created a thing in the thing registry before connecting it to AWS  IoT. Thing registry enables us to keep track of all things connected to AWS IoT.

To create a thing, we used the AWS IoT Console, but the following CLI command can also be used:

create-thing

For confirmation of the thing created in the Thing Registry, we used the following command:

list-thing

Step 3 – Connect the Device with AWS IoT

We wanted to ensure that AWS IoT and the thing are able to communicate securely. We secured this communication by X.509 certificates, which needed to be activated before use.

Provisioning the Certificate

The process of provisioning the certificate included:

  1. Creating a Certificate
  2. Registering the Certificate

Usually, certificates can be provisioned in AWS IoT by using:

  1. pair of public and private key provided by AWS IoT
  2. your own pair of key

We used the following command to create and activate the certificate:

aws iot create-keys-and-certificate --set-as-active

The output of this commands included:

  • the certificate
  • the public key
  • the private key

We saved the keys in seperate “.pem” files. To save the certificate, we used the following command:

describe-certificate

AWS Policy

After creating the certificate, we made an AWS IoT Policy to enable the client to control the AWS IoT operations he can perform. Then, we attached the policy to the certificate.
The following command was used to create an AWS IoT Policy:

create-policy

Attach Certificate to the Thing

In order to attach the certificate to the thing, the following command was used:

attach-thing-principal

This command took the following two parameters:

  1. The thing’s name, to which we attached the certificate.
  2. The ARN of the certificate – ARN refers to Amazon Resource Number.

For example, our thing’s name was temperature sensor, so the command that displayed ARN and name was like:

{

"thingArn": "arn:aws:iot:us-east-1:
<aws-account-id>:thing/temperaturesensor", "thingName": "temperaturesensor" }

So, to call “attach-thing-principal”, the following was used:

aws iot --endpoint attach-thing-principal 
--thing-name <temperaturesensor> --principal <arn:aws:iot:us-east-1:<aws-account-id>:thing/temperaturesensor>

Step 4 – Visualization

It was essential to ensure that our client had a suitable way to access and visualize all data which will be processed by the thing. Hence, we developed Mobile Application for the same.

Developing Mobile Applications

To be able to call actions on AWS resources through the application, programmatic access was required. Both web and mobile applications needed security credentials for the same. For safe access to AWS resources, Amazon Cognito was a suitable service to use with AWS Mobile SDK for iOS and Android as it assisted us to:

  • produce unique identities for users
  • authenticate users

We created a mobile application for our client to visualize the data in a graph format.

An iOS app was created on XCode and connected with a gateway in Amazon API Gateway. This gateway showed the AWS Lambda functions, which were required to collect the data for making graphs.

Step 5 – Data Capturing and Transmission

Once the thing was registered with AWS IoT and mobile application was developed, the process of capturing data from the sensors and transmitting it to the mobile application started, so that the client can view and understand the data. Let’s understand how this process works. There were four components in this process.

AWS IoT is a cloud platform that enables connected devices to communicate with cloud applications and other devices securely.

Amazon Kinesis Firehose offers a convenient way to rapidly collect, modify, and load data into AWS from IoT devices. This service is entirely managed and automatically scalable.

Amazon Kinesis Analytics quickly provides you useful insights and enables you to process incoming data from IoT devices with standard SQL (structured query language).

Amazon QuickSight is a cloud-based business analytics service which enables you to quickly and easily:

  • form visualizations
  • perform specific analysis
  • retrieve business insights from the information
  1. The AWS IoT gateway receives MQTT messages from registered IoT devices. The solution here allows you to use device data from your existing IoT data source and send it in JSON payload.
  2. AWS IoT rules engine enables you to select information from message payloads, process it and send it to other devices.
  3. The information is sent to a Firehose delivery stream to combine data into batches for processing. Batched information is also stored in the Amazon S3 bucket for later retrieval.
  4. Information received from the Firehose delivery stream is entered into an Analytics application to process data in real-time by using standard SQL queries.
  5. Analytics enables you to write standard SQL queries to retrieve particular components from the information received and perform ETL on it.
  6. The processed information from queries is entered into Firehose delivery streams, which batch information into CSV files and store it in S3.
  7. Finally, Amazon QuickSight uses the processed CSV files from S3 to form numerous visualizations with different graph types.
  8. Amazon QuickSight also has a built-in story feature to combine visualizations into dashboards, which can be shared securely.
implementation of AWS IoT

Implementation

  1. Set up your AWS IoT data source

    In case you don’t have an existing IoT device, you can create simulated device data on your local device with the help of a script and publish it on the AWS IoT platform.
    If you have an IoT device, skip to step 2.

  2. Create firehose delivery streamsIn the AWS Management Console, select Kinesis from the Services menu and choose Firehose console. Then create all Firehose delivery streams required. Keep all settings default and only change the Buffer interval under the S3 buffer conditions to 60 seconds.If you are using Kinesis Firehose for the first time, allow the console to make new firehose_delivery_role with a pre-defined policy for the Identity and Access Management Role (IAM Role) for each stream. In the diagram, we have used three Firehose delivery streams –
    • One stream to batch raw information from AWS IoT
    • Two streams to batch output device information and combined information from Analytics.
  3. Set up AWS IoT to receive and forward incoming dataSelect AWS IoT from the Services menu in the console and select Act and Create a Rule to create a new AWS IoT rule.For first-timers, choose to Create a New Role so that the console can produce an IAM role with the appropriate permissions. You can also use an existing role by selecting the role from the dropdown and clicking Update Role.
  4. Create an Analytics application to process dataYou can build a new application by going on the console and selecting Kinesis and Go to Analytics Console.You should choose IoT-Source-Stream as your source. You can allow the console to produce or update an IAM role for using it with Kinesis Analytics.

    Select Discover Schema to allow Analytics to discover information’s schema automatically by sampling records from inputs. It also consists of a built-in SQL editor to write standard SQL queries to modify received information and generate output delivery streams.

  5. Connect the Analytics application to output Firehose delivery streamsIn this step, you create destinations for the delivery streams. One analytics application can have numerous defined destinations that are set up using the AWS Command Line Interface instead of the console.This step completes the Amazon Kinesis setup. Analytics processes and delivers received IoT data by using output delivery streams and folders in the S3 bucket.

    The Amazon Kinesis setup finishes here. The incoming IoT data is processed by Analytics and delivered, using two output delivery streams, to two separate folders in your S3 bucket.

  6. Set up Amazon QuickSightThe processed CSV files from the S3 bucket should be entered into Amazon QuickSight to generate a visualization dashboard.You can set up Amazon QuickSight by going to the Amazon Management Console services menu and selecting QuickSight. First-timers will be asked to create a new account.

    Select New Analysis and New Data Set/Available Data Set after logging into your account. Follow the leads.

Conclusion

AWS IoT platform is one of the most in-demand platforms for developing IoT applications, mainly because it offers a server-less approach and various services to enhance people’s experience using the platform. By developing IoT devices on the AWS IoT platform, you can avail all of the advantages and services that come with it. 

If you are looking for a company to efficiently develop an application on the AWS IoT platform for your use case, contact our experts and schedule a consultation.

Author’s Bio

Akash Takyar
Akash Takyar
CEO LeewayHertz
Akash Takyar is the founder and CEO at LeewayHertz. With the experience of building over 100+ platforms for startups and enterprise allows Akash to rapidly architect and design solutions that are scalable and beautiful.
Akash's ability to build enterprise-grade technology solutions has attracted over 30 Fortune 500 companies, including Siemens, 3M, P&G and Hershey’s. Akash is an early adopter of new technology, a passionate technology enthusiast, and an investor in AI and IoT startups.

Start a conversation by filling the form

Once you let us know your requirement, our technical expert will schedule a call and discuss your idea in detail post sign of an NDA.

All information will be kept confidential.

 Send me the signed Non-Disclosure Agreement (NDA)

Insights