Design an IOT product

In the previous post, I discussed about the importance of a well designed IOT platform to build a successful IOT product. The architecture of a product is one of the most important success factor for an IOT product. In this post, different aspects of an IOT platform is discussed in addition to IOT standard components. Finally, a simple architecture and its requirements for an IOT product is described.

IOT components

An IOT product may include some of the following component:

  • IOT device
  • IOT gateway & SDK
  • IOT back end services and infrastructure (IOT Cloud platform)
  • Communication protocols
  • Security protocols
  • User interface
  • Analytic tools
  • Decision Center (rule engine)

IOT Device / Thing

Every IOT device may contain one or some of the following components:

  • A user interface to interact with human,
  • Sensors to gather information about environment (considered as input)
  • Actuators which perform an action on its environment.


These sensors and actuators are connected to the internet by an IOT gateway. In the internet of thing, usually a connected thing may sense/detect some event/change about an environment, quantify the event to some data and transmit the data to a decision making center. A sensor is the input door for computer vision. These data generated by a connected thing is processes by an infinite computer power available on the internet. The decision center fires some rules and make a decision about how to react to that event/change and sends a response to the same or another connected thing to perform an action. That action may not be always happening on the same device. An action could be twitting some information in the twitter or an electric motor to start. An electric motor in this example is called actuator.


The data we received from a sensor may be combined with a big data dataset we have available to make very complex decision. For example a data might be a simple blood pressure taken from a patient which is combined with millions of pages of books stored in a datastore to make a decision whether the patient has a disease or not. Another example is a picture taken by a camera to compare with millions of pictures available in a machine learning computer to detect a face in that picture.

IOT Architecture

The following picture shows how an IOT platform is used to manage a connected thing with the existing internet protocols. The necessary components of this platform are not limited to: IOT gateway, IOT SDK, Rule Engine, cloud back end, APIs, IOT analytics, device management and many more. The communication protocols include HTTP, RESTful API, MQTT, Websocket and many more.


As you can see in the above picture, the sensors and actuators are connected to IOT gateway with USB or GPIO, or any other protocol, the IOT Gateway which has rule engine installed on it processes the raw data from sensors and using IOT SDK, the pre-processed data is transmitted to the cloud using HTTP or MQTT protocol. The cloud platform processes the data and uses another rule engine in the cloud to process the incoming data and create action for each change. The action is transmitted to the IOT gateway in order to get the actuator to perform an action. The IOT platform also sends those data for external usage to APIs as well as analytic tools such as watson for analysis of the data. If there exist a mobile application, the mobile/web app is communicating with the cloud using API gateways. In the next section, we will be discussing about each of these components and protocols.

IOT Gateway

IOT gateway is a device including a software and a hardware that connects sensors and actuators to business enterprise solutions. A gateway may include an array of secure connections through a network through which gateway transmits/receives data from/to device to the IOT backend platform. In other words, IOT gateway acts as a broker that transmits data between sensors and actuators and backend platform in both directions through a secure channel in the internet.

Cisco, Ericsson, Intel, eurotech and texas instrument have different solutions for IOT gateways. Two examples of academic gateways are Raspberry PI and Beaglebone with a set of software installed on them. There are also many industrial IOT gateways in the market.


Raspberry PI has a GPIO and USB ports which connect to the sensors and actuators to send/receive data. GPIO port usually needs to be enabled in the operating system to transmit/receive signals from devices. Both raspberry PI and Beaglebone are compatible with regular linux distributions such as debian and ubuntu. Raspberry PI comes with other ports such as audio output, 4 USB ports, HDMI, display port, SD card reader and a GPIO. There is a subset of debian OS called Rasbian to be installed on Raspberry PI. That turns your Raspberry PI into a 50$ small computer with 1 or 2 GB Ram and dual/quad core CPU 1 GHz. Installing node-red on Raspberry PI can turn this device into a real Gateway between hardware and software services.


IOT SDK is a necessary component to develop an IOT product. The SDK helps developers to create applications for IOT gateways. There are couple of different IOT software development kits available for different languages such as java, node.js, C/C++/C#, etc to work with different cloud IOT platforms such as Azure, AWS or Bluemix. An IOT SDK is usually installed on an IOT gateway and runs user applications to communicate between different cloud services and the device.


Node-red is an example of IOT SDK which helps developers to create node.js applications to communicate to different cloud platforms such as azure, AWS and Bluemix. Node-red has a visual UI wires up hardware devices and cloud services with the application developed by the developer.

Rule Engine

Rule engine is a necessary part of IOT product. Rule engine is considered as the brain in the IOT since the decisions are being made by a central mechanism that has a lot of computing power for inference. Computing power includes a lot of knowledge to make right decisions and that is impossible to put that knowledge in a small box not connected to an internet. Connecting to internet makes devices smarter because of connecting to an infinite source of knowledge like Watson.


You can compare human brain with the rule-engine in IOT. The information is received in the rule engine, and some rules are fired to infer an action. The rules are developed by a developer. The rules are developed in one of the rule based programming languages. An example of a rule based programming can be found here:

rule testrule {
  when {
    m1: Message m1.t == 'testsensor/status' && m1.changedTo('open');
  then {
    log('Execute rule Office testlight on');
    execute('command','{"address":"testactor", "command":"ON"}');

The following picture shows how inference engine works based on combination of facts and pre-defined rules.


IOT Cloud platform

Using a cloud platform makes a lot of sense for an IOT product since cloud brings a lot of computing power, and a lot of software services to the table such as text to speech, speech recognition, machine learning algorithm, data analytics, data storage, API management, MQTT service and a huge amount of existing knowledge (Watson health data). In general cloud computing makes development of a complex application a lot more easier, simpler and faster. For example, if you need a speech recognition service in your device, developing a good quality service may take years of development and it makes sense to use an existing services on the cloud because until you develop such a service for your self someone else will produce your product and will take all of the market until you finish your product.


You also can use cloud as a hub of services that connect your complex services together with your mobile applications. Every IOT cloud platform has the following components:

  • Device registration/management service
  • Communication protocols
  • Security
  • Rule engine
  • API management
  • Analytics
  • Other services that you can use in your device

Communication protocols

The most important protocol for communication between devices and IOT platform is Http. Http can be used to invoke remote methods such as REST APIs. There are other protocols built on top of http such as Websocket that use Http behind the scene. However, Http cannot be used for bi-directional communication between two devices. Another protocol designed for IOT platforms is MQTT (MQ Telemetry Transport) which is a light weight messaging protocol built on top of TCP/IP. The protocol works based on publish/subscribe model. MQTT requires a message broker in which different channels being created by publisher and subscriber can subscribe to those channels to receive messages.


MQTT is bi-directional to transport messages in both directions from cloud to gateway or the other way around. For instance, if you application needs to transmit temperature to cloud the IOT gateway publishes the temperature data to MQTT and IOT platform receives the data from the broker by subscribing to the temperature channel. If cloud rule engine decides to open a door, cloud publishes open message to a channel through a secure communication and IOT gateway receives open signal by subscribing to that channel and sends the open signal to the lock.

Security protocols

This is the most important part of IOT product. In the previous post I have discussed why design of an IOT product is important. An IOT device with security breach can end in a catastrophic result in which lives of thousands or millions of people may be affected. There are many different attacks defined such as man in the middle attack which cause wrong information to be delivered to the server and wrong signals being received at the IOT gateways. Hence, every IOT product needs a security expert to certify the product. The first step in securing the device is using secure channels such as SSL/TLS for communication between device and the cloud. MQTT messages has to be encrypted and all of the end points have to use certificate to validate the origin of the sender/receiver is legitimate. Encryption by it self is not sufficient for communication since encryption is also vulnerable to MiTM attack.


Another set of attack is DDoS attack which cause the servers not to be responsive. High availability of the cloud platform is important to avoid DDos attack with smart firewalls to detect such attacks and block them. DDos attack can cause sensor messages not to be processes by server and as a result the actuator doesn’t receives right signal on time. That makes your IOT device to be frozen which also may make lots of hazard to happen. Design for failure is an important rule that a designer of IOT device has to consider. So, whenever the internet got disconnected for any reason, the decisions should make locally and the device should stay safe.

User interface

UI is not always required for every IOT device, however, most of the new products may be controlled by smart phones and tablets which are considered to be UI. Some devices may have embedded UI such as smart refrigerator, smart home, etc. There are many tools in the market that offers nice UI development environment.


Analytic tools

The last but not least is Analytic tools. We have pointed to an infinite computing power in the cloud in the previous sections. This computing power is only useful if we have a good analytic tool to process enormous data generated by billions of devices connected to the internet. Most of the cloud solutions offer analytic tools with Data mining, and machine learning services to analyze data. web-analytics-3

An example of data analytics is in health care and smart wearable devices that gather information about your health data and makes some analytics on that. The analytics is the most important part to determine if you need to do something to avoid a disease. This part can be discussed in another blog later.