物联网平台架构

iot arch


Application Layer 应用层

  • App development tools : IDEs, SDKs, and GUIs development software to shorten the lead time for creating the service interfaces

  • Service access app : The end-user access point for the service; it usually consists of a service portal or an app

  • Administration portals :

    • Enterprise portal enabling customers to access the assets of the service, e.g. managing the sensors in an IoT-connected building

    • Service provider portal to allow the owner of the service to add/delete customers, and so on

  • Marketplace : An online store where the enterprises can manage, market, and sell services and assets

Plat form Layer平台层

    Public/Private Cloud
    Government Regulation
    Quality of Service
    Data Management Costs
    Security and Access Management
    User Protection
    API Protection
    Device Protection
    Data Protection
    API Management
    Enterprise Integration
    Analytics and Machine Learning
    Device Management
    Provisioning
    Remote Device Management
    Data Management
    Connectivity Management Services
    Monetization and Billing

Communication Layer 通讯层

Short range
Cellular蜂窝
Bluetooth
ZigBee

是一种低速短距离传输的无线网上协议,底层是采用IEEE 802.15.4标准规范的媒体访问层与物理层。主要特色有低速、低耗电、低成本、支持大量网上节点、支持多种网上拓扑、低复杂度、快速、可靠、安全。
Thread

是一种基于IPv6的、低功耗网状网络技术,主要是为物联网设备提供安全、无缝通信。最初设计Thread是为了针对智能家居和楼宇自动化应用,如电器管理、温度控制、能源使用、照明、安全等,现其范围已扩展至更广泛的物联网应用当中去了。由于Thread使用了6LoWPAN技术,并基于IEEE 802.15.4网状网络协议,因此Thread也是IP可寻址的,其不仅能为低成本、电池供电的设备之间提供有效通信,也支持云和AES加密。

Wi-Fi

Long-Range Cellular 2G, 3G, LTE (4G), 5G

IoT/M2M Alliances

Low Power Wide Area
NB-IoT

窄带物联网(Narrow Band Internet of Things, NB-IoT)成为万物互联网络的一个重要分支。NB-IoT构建于蜂窝网络,只消耗大约180KHz的带宽,可直接部署于GSM网络、UMTS网络或LTE网络,以降低部署成本、实现平滑升级。 NB-IoT是IoT领域一个新兴的技术,支持低功耗设备在广域网的蜂窝数据连接,也被叫作低功耗广域网(LPWAN)。NB-IoT支持待机时间长、对网络连接要求较高设备的高效连接。据说NB-IoT设备电池寿命可以提高至少10年,同时还能提供非常全面的室内蜂窝数据连接覆盖。
Sigfox

Sigfox兴起于法国的Sigfox公司以超窄带(UNB,Ultra Narrow Band)技术建设物联网设备专用的无线网络。Sigfox公司目标成为全球物联网运营商,通过自建及与运营商等各方合作式部署网络,向客户提供物体联网、API接口、云计算Web服务,客户可通过每台设备每年约1美元打包价购买服务。Sigfox相对封闭,生态系统构建相对缓慢。Sigfox向芯片制造商免费提供技术,鼓励芯片厂家在其产品中集成Sigfox技术。TI、Intel、Atmel、SiliconLab等公司均生产支持Sigfox技术的各种芯片。Sigfox网络已覆盖法国、西班牙全全境,美国、荷兰和英国部分城市。
LoRa

LoRa是由Semtech公司研发的低功耗广域 网无线通信技术,LoRa联盟成立于2015年3月,目前拥有超过290多家成员。包括运营商、系统、软件、芯片、模组、云服务、应用厂商,构成完整的生态系统。LoRa产业链成熟比NB-IoT早,针对物联网快速发展的业务需求和技术空窗期,部分运营商选择部署LoRa,作为蜂窝物联网的补充,如Orange, SKT, KPN, Swisscom等。


通讯协议比较

communctionprotorl


Device Layer设备层


Sensors

  • Customizations should be kept to a minimum, and backward compatibility should always be maintained.

  • Do sensors require data storage capabilities in case of communications issues?

  • Are remote updates available to enable additional services to be deployed within the cost limitations of the business plan?

Gateways

   连接感知网络与传统通信网络的纽带。作为网关设备,物联网网关可以实现感知网络与通信网络,以及不同类型感知网络之间的协议转换.既可以实现广域互联.也可以实现局域互联。此外物联网网关还需要具备设备管理功能,运营商通过物联网网关设备可以管理底层的各感知节点,了解各节点的相关信息,并实现远程控制。

Communication Capabilities

Capacity

  • Number of sensors that can be deployed per gateway

  • Data per message and the number of messages per second/minute/day/week

  • Communication capabilities, what protocols it can handle


Storage Capabilities

Single Processor Devices

Device Longevity

Industry 4.0

Life Cycle Management

技术业务决策


Software as a Service

iotservicestack

分布式设计

  • Communication: Is there a QoS between the nodes that needs to be guaranteed?

  • Security: What security is provided for each node and how is the communication between each secured?

  • Maintenance: Life cycle management and fault handling complexity usually increases in distributed solutions.

Security安全架构

securityref

Access and identity management covers all aspects of identity and access to IoT services including the following:

  • User access controls authorized users and levels of access to service components.

  • Login and password security measures should be implemented to restrict access.

  • 3PP session security measures for external IT systems accessing data or services should include monitoring.

Key and certificate management provides a means to implement and manage keys and certificates that are important security mechanisms.

  • Identity management and protection of stored data and while it is being transmitted is often overlooked and should be considered for all services.

  • Middleware security

    • Data protection manages the security of the life cycle management of personal and secure data. It covers confidentiality, integrity, and availability of data at rest, in transfer, and used by the service.

    • Device management allows operations to detect and take actions regarding fraudulent/stolen devices or devices that are performing unapproved actions

    • API security is usually implemented via encryption and authentication

    Physical security relates to the hardware, including infrastructure and devices.

    • Infrastructure protection covers the characteristics that are used to secure the platform both within the data center and at the data center itself. In general, data centers are ISO270001 compliant as a minimum, but there are other standards that may be considered, such as SSAE 16, SOC1, and SOC2.

    • Access to the infrastructure in the data center should be monitored and checked to ensure it is adequate, especially if it is a hosted environment with other companies.

    • Network protection looks at network-level isolation between different internal and external network segments. Server nodes and devices should be hardened to the comply with the service requirements.

    • Virtualization security is required if software is implemented on a virtual machine in a cloud. It relates to hardening the virtualization platform and protecting the logical and virtual network structures by network level isolation.

    • E2E security can be achieved by using generic bootstrap architecture (GBA). GBA aims at providing shared keying material between the service user and the device/sensor/gateway so that they can communicate securely.

    Data Protection数据保护

    • Analytics data

    • Application-specific data stored or hosted on the platform

    • Business process logic

    • Charging and billing records including all billing metadata

    • Customer relationship data

    • Subscription data linked to the different users of the platform

    • Transaction and payload data




      今天先到这儿,希望对您技术领导力, 企业管理,物联网,  系统架构设计与评估,团队管理, 项目管理, 产品管理,团队建设 有参考作用 , 您可能感兴趣的文章:
      2017-2018年Scrum状态调查报告
      2016年测试状态调查
      2017年IT行业测试调查报告
      项目管理-习惯发生范围变更
      前端性能核对表Checklist-2018
      大型电商互联网性能优化案例
      国际化环境下系统架构演化
      微服务架构设计
      视频直播平台的系统架构演化
      微服务与Docker介绍
      Docker与CI持续集成/CD
      互联网电商购物车架构演变案例
      互联网业务场景下消息队列架构
      互联网高效研发团队管理演进之一
      消息系统架构设计演进
      互联网电商搜索架构演化之一
      企业信息化与软件工程的迷思
      企业项目化管理介绍
      软件项目成功之要素
      人际沟通风格介绍一
      精益IT组织与分享式领导
      学习型组织与企业
      企业创新文化与等级观念
      组织目标与个人目标
      初创公司人才招聘与管理
      人才公司环境与企业文化
      企业文化、团队文化与知识共享
      高效能的团队建设
      项目管理沟通计划
      构建高效的研发与自动化运维
      某大型电商云平台实践
      互联网数据库架构设计思路
      IT基础架构规划方案一(网络系统规划)
      餐饮行业解决方案之客户分析流程
      餐饮行业解决方案之采购战略制定与实施流程
      餐饮行业解决方案之业务设计流程
      供应链需求调研CheckList
      企业应用之性能实时度量系统演变

      如有想了解更多软件设计与架构, 系统IT,企业信息化, 团队管理 资讯,请关注我的微信订阅号:

      MegadotnetMicroMsg_thumb1_thumb1_thu[2]

      作者:Petter Liu
      出处:http://www.cnblogs.com/wintersun/
      本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。 该文章也同时发布在我的独立博客中-Petter Liu Blog。

      posted on 2019-03-08 22:02  PetterLiu  阅读(7457)  评论(0编辑  收藏  举报