macrovector - Fotolia


Amazon FreeRTOS aims to simplify, secure IoT deployment

Operational technology teams have been slow to update microcontroller software due to safety and logistics concerns, but Amazon FreeRTOS aims to ease that process for AWS users.

Large devices can have dozens -- or even hundreds -- of separate components. As AWS shapes its edge computing strategy, it added support for these components in an attempt to ease IoT deployment.

Amazon FreeRTOS bakes AWS integration capabilities into the popular FreeRTOS for embedded devices. This service aims to weave IoT capabilities into devices with microcontrollers, which are single-chip processors inside of modern devices, such as home appliances, fitness trackers and industrial equipment.

Due to their lower cost and functionality, many businesses favor microcontrollers over traditional microprocessors. For example, some modern cars have over 600 microcontrollers, which can make it easier to write programs that operate actuators, such as motors or car doors, or gather and format sensor data.

The minimum hardware requirement for Amazon FreeRTOS is a microcontroller with 25 MHz processing speed and 64 KB RAM. However, if you install communication and security libraries on a separate networking processor, it's possible to use a 10 MHz processor with only 16 KB RAM.

While Amazon FreeRTOS is free, enterprises pay fees for other cloud services in an IoT deployment, such as AWS IoT Device Management and tools to transfer and manage data.

Microcontrollers, IoT pose unique challenges

Chip companies developed the FreeRTOS kernel over a decade ago to provide an abstraction layer for microcontrollers, similar to what Linux provides for microprocessors. The FreeRTOS kernel has been deployed on billions of devices and enables industrial app developers to write the application logic for a device once and then port it to a better or cheaper chip later.

The FreeRTOS kernel is tiny and runs in about 6 KB to 12 KB RAM, compared to multiple gigabytes for an OS like Windows. It also has support for real-time computing, which means it responds to requests in shorter time windows and with higher guarantees than larger OSes. This response time is important in safety-critical apps to ensure, for example, that the brake engages quickly when someone hits the pedal.

Operational technology (OT) involves a different set of constraints and considerations than the IT systems most web developers know. When an IT app goes down, it is inconvenient. But when an OT system goes down, such as the motor inside an industrial blower, it can cause expensive damage and potentially hurt someone.

As a result, OT engineers are reluctant to update their software in the field unless they find a critical defect. In addition, many of these devices lack direct internet connectivity, and updates require a factory recall. This is partly a convenience issue, as engineers might be reluctant to update hundreds of microcontroller devices. But, more significantly, no one wants hackers to deploy a malicious update that blows up a fridge or a furnace.

FreeRTOS in an IoT deployment

Amazon FreeRTOS could provide some security assurance, because it ensures that only permissions granted via AWS Identity and Access Management can deliver updates. Amazon FreeRTOS includes a code-signing feature, which makes it harder for hackers to side-load malware via the internet or direct access to the device. This same deployment infrastructure can also help an OT team configure a device to use a local network or add support for newer protocols, like LoRaWAN.

However, this security is only as good as an enterprise's certificate management process. For this reason, it's a good practice to establish more robust security reviews than what you see in existing app deployment practices. After all, while it's embarrassing for a company like Tesla to discover hackers exploited a security vulnerability to mine cryptocurrency, this type of intrusion could prove disastrous in connected cars.

Amazon FreeRTOS also eases data orchestration and collection from these devices. The service makes it easier to configure devices into sensor networks in a home, office, factory or car. You could configure AWS Greengrass servers to collect the data and integrate it with other AWS apps in the cloud via AWS IoT Core. This architecture could help a team update functionality on edge servers to refine device triggers. For example, a consumer AI app might learn a family's schedule to customize the timing of lights and heating in a home.

Dig Deeper on AWS infrastructure

App Architecture
Cloud Computing
Software Quality