How to choose the right IoT platform for your business

What is an IoT platform?

An IoT platform is middleware that manages sensors and other devices and connects devices, controllers, storage systems and analytics platforms.

It's possible to deploy and operate IoT environments gradually, with each part acquired or developed separately and integrated later by the enterprise. IT and the business line stakeholders in the IoT system are responsible for managing all aspects of it and expanding and updating it as needs and use cases change.

Sometimes, a manufacturer will produce all the sensors, actuators, controllers, servers, storage, management and analytics tools needed to run a complete IoT environment -- but its controllers and management tools won't work with devices from other manufacturers. Each IoT system operates in a silo, and IT and stakeholders have very little ability to modify them, with limited options for integrating each siloed environment with others.

It's becoming more common for enterprises to adopt a vendor-neutral IoT platform to mitigate the risks and limitations of siloed IoT management and the cost of in-house development.

Key functions of an IoT platform

Key functions of IoT platforms include the device manager, messaging hub, integration hub, analytics engine and security overlay.

Device manager

An IoT platform should help manage devices distributed throughout the enterprise environment -- or deployed on enterprise assets out in the world, e.g., a package, shipping container or rail car -- from initial installation and deployment through retirement and disposal. It encompasses device configuration and registration, asset inventory management, monitoring devices in the field and updating software and firmware as needed.

A relatively new and increasingly common feature is providing a logical twin for each deployed device, also known as device shadowing. This amounts to maintaining a persistent digital copy of the device embodying its last known state. It's compute- and storage-intensive but useful for troubleshooting and what-if configuration change analysis.

Messaging hub

The IoT platform is a central hub for communication among devices, controllers and data consumers such as aggregators and analytics nodes. This is essentially message brokering or queuing, and it supports publish/subscribe models and push models.

Some platforms might refer to this as event brokering or event streaming. Still, the essential functions are the same: receiving data from some nodes, optionally transforming it in some way -- for example, by converting it from one format to another -- and then getting it to or making it available to other nodes.

Platforms will support multiple generic messaging protocols, such as XMPP, and will usually also support vendor- or industry-specific protocols.

Integration hub

Beyond sending data from sensors to controllers or aggregators, IoT platforms also connect different systems -- most often by providing REST APIs for their functions, such as messaging and inventory management.

They might also provide API access to the IoT devices they manage through layers of abstraction. In this capacity, they might help send data to external analytics platforms or the analytics components of the IoT platform.

Analytics engine

An IoT platform might simply serve as an aggregator, preprocessor and integration point for a broader analytics platform or provide its own analytics capabilities.

If a platform provides analytics, it should include time series analysis, flexible correlation analysis, and trending and predictive analytics. A platform that performs its own analytics might or might not have a built-in visualization engine; if it doesn't, it should integrate with external ones.

Security overlay

Although an IoT platform doesn't secure the network segment that each device is on, it is responsible for ensuring that its communications with all devices and other integrated systems are encrypted and comply with current security standards, which might include using quantum-resistant encryption technologies in some cases.

It is also responsible for authenticating and authorizing all messaging and API-mediated device access. Additionally, as the tracker of device configurations, it plays a key role in IoT security by helping keep all managed devices updated on security patches.

Lastly, in a well-architected zero-trust environment, it provides current inventory and device identity information to the environment's policy engine to adjust access decisions in real time.

Types of IoT platforms

The main types of platforms are general, function-specific and vertical-specific:

• General IoT platforms. These include most or all of the functions outlined earlier.
• Function-specific IoT platforms. These specialize in just one or two functional areas; one might focus on asset and device management, while another might focus on message brokering for IoT environments.
• Vertical-specific IoT platforms. These are built for the needs of specific verticals, such as industrial IoT, medical IoT and logistics IoT.

Every platform of any kind should implement strong security measures for all the functions it offers.

How to choose the right IoT platform

As with all platform selections, IT should first connect with stakeholders to understand where the IoT systems to be managed fit into the current line of business or corporate strategy and the extent to which the enterprise will be able to dictate platforms.

Then, while working with stakeholders, IT should define a set of minimum requirements for the platform and its desired characteristics to adapt to future needs. This could include the following features, among others:

• Protocols that the platform must support to work with current and future IoT systems.
• Processing and storage capacities that the platform must meet or exceed to serve current and projected use cases.
• External analytics or other packages that the platform must integrate with immediately.

IT should incorporate standard requirements or preferences from the overall IT and security architecture. For example, it might be a requirement that the platform provides an on-premises version to meet data sovereignty needs, or that its device-facing communications use only encryption technologies that can be exported widely.

After clearly distinguishing "must-haves" from the "nice-to-haves" and thoroughly documenting everything to the best of IT's ability, the selection team should quickly scan the environment for potential platforms. They should triage as they go, focusing on swiftly eliminating options that don't meet their requirements. Then, using a balanced scorecard method, they should evaluate the remaining vendors to conduct a proof of concept with at least two before choosing a platform to pilot.

All this can be overridden if senior management presents IT with a fait accompli: "We are strategically invested in this vendor, so use its platforms." However, even a strong senior-level influence shouldn't outweigh actual use-case-driven needs. If the preferred vendor can't meet the requirements of the use case -- either directly or with a minor addition of another platform to fill a gap -- and if the use case can't wait for the preferred vendor to catch up, IT must seek alternatives.

Popular IoT platforms to consider

There are hundreds of function-specific IoT packages out there. There are far fewer general-purpose ones. Among those, some of the most important ones are cloud services:

• AWS IoT Core. Adds a rules engine controlling integrations with other AWS services to the core functions in device management, messaging, etc., and implements logical twins (as device shadowing).
• Azure IoT Central. Implements all the key functions outlined above and facilitates using other Azure services for storage, analytics and visualization.
• ThingWorx. Emphasizes model-driven, rapid development of IoT applications to use the underlying middleware functions.

Some major cloud players, such as Google, Salesforce and IBM, have retired IoT-centered platforms with no direct replacement. However, with DIY integrations or a third-party partner, one can typically recreate much of what they did using other functionality in their portfolios.

Also worth mentioning is Kaa, a microservices-based platform that supports self-hosting in IaaS, on-premises or edge data centers or as a hybrid spanning multiple sourcing options.

John Burke is CTO and a research analyst at Nemertes Research. Burke joined Nemertes in 2005 with nearly two decades of technology experience. He has worked at all levels of IT, including as an end-user support specialist, programmer, system administrator, database specialist, network administrator, network architect and systems architect.