AWS allows customers to manage and protect IoT devices

Get a copy of the upcoming book "Secure Operations Technology"

Amazon Web Services (AWS) announced six significant services and capabilities for connected devices at the edge.

AWS IoT

AWS IoT 1-Click, AWS IoT Device Management, AWS IoT Device Defender, AWS IoT Analytics, Amazon FreeRTOS, and AWS Greengrass ML Inference make getting started with IoT as easy as one click, enable customers to onboard and manage large fleets of devices, audit and enforce consistent security policies, and analyze IoT device data at scale.

Amazon FreeRTOS is an operating system that extends the rich functionality of AWS IoT to devices with very low computing power, such as lightbulbs, smoke detectors, and conveyor belts. And, AWS Greengrass ML Inference is a new capability for AWS Greengrass that allows machine learning models to be deployed directly to devices, where they can run machine learning inference to make decisions quickly, even when devices are not connected to the cloud.

“The explosive growth in the number and diversity of connected devices has led to equally explosive growth in the number and scale of IoT applications. Today, many of the world’s largest IoT implementations run on AWS, and the next phase of IoT is all about scale as we’ll see customers exponentially expand their fleet of connected devices,” said Dirk Didascalou, VP IoT, AWS.

AWS IoT 1-Click

With AWS IoT 1-Click, enabling a device with an AWS Lambda function is as easy as downloading the mobile app, registering and selecting an AWS IoT 1-Click enabled device, and – with a single click – associating an AWS Lambda function.

AWS IoT 1-Click comes with pre-built AWS Lambda code for common actions like sending an SMS or email. Customers can also easily author and upload any other Lambda function.

Managing, securing, and analyzing data

At scale, IoT solutions can grow to billions of connected devices. Today, this requires customers to spend time onboarding and organizing devices, and even more time integrating multiple systems to manage tasks like monitoring, security, auditing, and updates. Building solutions for such tasks is time consuming and easy to get wrong, and integrating third party solutions is complex and may introduce hard-to-detect gaps in security and compliance.

Once a device fleet is operationalized, analytics is often the next challenge customers face. IoT data isn’t the highly structured information that most existing analytics tools are designed to process. Real-world IoT data frequently has significant gaps, corrupted messages, and false readings, resulting in the need for customers to either build custom IoT analytics solutions, or integrate solutions from third parties.

AWS IoT Device Management and AWS IoT Device Defender simplify onboarding, managing, and securing fleets of IoT devices, while AWS IoT Analytics makes it easy to run sophisticated analytics on the data generated by devices.

AWS IoT Device Management (available today) makes it easy to securely onboard, organize, monitor, and remotely manage IoT devices at scale throughout their lifecycle—from initial setup, through software updates, to retirement. Getting started is easy; customers simply log into the AWS IoT Console to register devices, individually or in bulk, and then upload attributes, certificates, and access policies.

AWS IoT Device Defender (coming in the first half of 2018) continuously audits security policies associated with devices to make sure that they aren’t deviating from security best practices, and alerting customers when non-compliant devices are detected. AWS IoT Device Defender also monitors the activities of fleets of devices, identifying abnormal behavior that might indicate a potential security issue. For example, a customer can use AWS IoT Device Defender to define which ports should be open on a device, where the device should connect from, and how much data the device should send or receive. AWS IoT Device Defender then monitors device traffic and alerts customers when anomalies are detected, like traffic from a device to an unknown IP address.

AWS IoT Analytics (available in preview) is a fully managed analytics service that cleans, processes, stores, and analyzes IoT device data at scale. Getting started is easy: customers simply identify the device data they wish to analyze, and they can optionally choose to enrich the device data with IoT-specific metadata, such as device type and location, by using the AWS IoT Device Registry and other public data sources. AWS IoT Analytics also has features for more sophisticated analytics, like statistical inference, enabling customers to understand the performance of devices, predict device failure, and perform time-series analysis.

AWS IoT

Amazon FreeRTOS: Securely connect small, low-power devices to the cloud

Amazon FreeRTOS extends FreeRTOS with software libraries that make it easy to securely connect small, low-power devices to AWS cloud services like AWS IoT Core, or to more powerful edge devices and gateways running AWS Greengrass (a software module that resides inside devices and gives customers the same Lambda programming model as exists within the AWS Cloud).

With Amazon FreeRTOS, developers can easily build devices with common IoT capabilities, including networking, over-the-air software updates, encryption, and certificate handling. Developers can use the Amazon FreeRTOS console to configure and download Amazon FreeRTOS.

Several microcontroller manufacturers and AWS Partner Network (APN) Partners support Amazon FreeRTOS, including Microchip, NXP Semiconductors, STMicroelectronics, Texas Instruments, Arm, IAR, Percepio, and WITTENSTEIN.