ARM mbed has today announced our new IoT device management solution, mbed Cloud. mbed Cloud simplifies the connection of any IoT device to the cloud in a secure and efficient way, allowing a service provider to easily manage devices and unlock their
full value throughout their lifetime.
The Internet of Things revolution is here and now connecting billions of devices worldwide, with more joining the party every day. For us at ARM, it is evident that many more devices are coming and for all of the right reasons.
Connectivity: A plethora of wireless connectivity options are widely available and the next wave of low cost wireless technologies is already in sight, including cellular networks tuned for IoT such as LTE Cat M and LTE-NB, low powered mesh networks like Thread, 6LoWPAN and BLE, as well as Low Power Wide Area Networks (LPWA networks) such as LoRa. Some of those connectivity technologies provide a low bandwidth connection.
Cost: Market adoption of IoT devices and technologies has driven module prices to the lower single digit range. The use of unlicensed spectrum has reduced the ongoing connectivity costs.
Low power: Power efficient connectivity solutions are paving the way for new use cases that call for dispersed, zero maintenance devices.
Connecting and serving all of those devices is an opportunity and a challenge accepted by ARM! The mbed Cloud is ideally placed to address this set of challenges caused by the scaling out of IoT deployments.
The mbed Cloud is an end-to-end offering, with a holistic approach to IoT. It aims to expedite the development of secure, standards-based innovative devices and cloud applications.
A device in the IoT world needs to be updated and secured throughout its lifecycle. mbed Cloud tackles common device management needs with an IoT angle, serving small and constrained devices with optimized network utilization and easily handling low-powered and battery operated devices.
mbed Cloud also addresses the more challenging needs that require intimate knowledge of security, device software and hardware architecture. In addition, it offers an IoT-specific focus, with features like identity management, remote over-the-air software update, production line tools and management of secure assets and smart supply chain rights delegation.
mbed Cloud services - Connect
mbed Cloud Connect is a powerful command and control service between devices and mbed Cloud. It offers reliable, as well as secure, delivery of device data to be managed and used in your IoT application. It is at the heart of mbed Cloud and is based on a set of industry standards building blocks, optimized for IoT devices and networks.
Large networks of IoT devices will have devices coming from multiple suppliers. mbed Cloud’s use of standard application level protocols is the key to preventing vendor lock-in (a customer dependent on a vendor for products and services, unable to use another vendor without substantial switching costs).
mbed Cloud communicates with the devices using OMA Lightweight M2M, the protocol and its building blocks are:
- OMA Lightweight M2M (LWM2M) - an application layer communication protocol between a LWM2M Server and a LWM2M Client optimized for IoT devices. The protocol makes use of a light and compact building blocks and an efficient resource data model.
- Constrained Application Protocol (CoAP) IETF RFC 7252 a specialized web transfer protocol for use with constrained nodes and constrained networks.
- Datagram Transport Layer Security (DTLS) protocol IETF RFC 6347, enabled by mbed TLS, provides communications privacy for datagram protocols. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.
mbed Cloud services - Provision
mbed Cloud Provision provides secure management of device assets. Ordinary people simply call these “secrets”.
Secrets are handy when new devices come to life on the production floor and when they’re powered on for the first time. mbed Cloud Provision assigns a secure identity to the device and creates trust between mbed Cloud and the device. That trust is a key enabler for multiple services throughout the device lifetime.
mbed Cloud Provision will enable the following type of services:
- Services that are based on sensitive data coming from the device that should be shared with a data consumer (which is not the service provider).
- Activation of services or features that have an associated cost across the device lifecycle.
Some examples of possible services:
- Advanced inventory management - Supply chain simplification by SKUs reduction, through features enablement after shipment instead of on the production line.
- Sensitive data management - Secure locking of sensitive information (Personally identifiable information (PII) or sensitive personal information (SPI)) on the device, all the way to the cloud and on the cloud. Once on the cloud, restricted access to the sensitive information.
In the wise words of Stephen Covey: “Trust is the glue of life. It’s the most essential ingredient in effective communication …and all relationships.”
mbed Cloud services - Update
IoT devices have a long product lifetime of up to 20 years. To enrich those devices and unlock additional business potential and address defects in the device, you must replace the device software. Remote over-the-air software update is the only cost effective way to distribute and install new software.
mbed Cloud Update provides a fail safe and secure software update mechanism. The service includes an end-to-end update orchestration managing and monitoring the update process. Updates can be performed over-the-air, over USB or by a cable updates. The Update client is pre-integrated to leading IoT OS’s.
Want to find out more about how mbed Cloud can help
you to scale your IoT solutions to the next level? Sign up to receive more
information about mbed Cloud.
mbed Cloud is one part of the overall secure, scalable IoT strategy at ARM - read the full news brief for further detail!
 Lower level protocols as messaging protocols (e.g. MQTT) do not prevent vendor lock-in.