At Witekio, we believe in working with the right tools to get the job done. Because of this, we don’t limit ourselves to a particular technology or platform – we’ve worked with a broad range of open source tools, IoT cloud platforms, and hardware so we know how to put the pieces of the puzzle together in a way that best suits the needs of a project.
One of the most common challenges our customers face when coming to us is how exactly to pick an IoT cloud platform based on the needs of their product. Because we’ve worked with such a broad array of these platforms we decided to showcase some of our experience and compare different cloud platforms for IoT.
What are IoT Cloud Platforms?
Before we jump straight into our comparison, let’s make sure we’re on the same page about what we’ll focus on when reviewing different platforms.
There are many tools and technologies that could fit within the nebulous definitions of an “IoT Platform”. In some settings, this might refer to hardware, software, web services, gateway devices, and many other possibilities. But an “IoT Cloud Platform” will specifically refer to the cloud components of a system for interfacing with, managing, updating, and performing other maintenance and administrative operations on a set of IoT devices. Because of this, we won’t be evaluating open source IoT tools that we’ve worked with extensively like ThingsBoard which can be deployed on any cloud.
Instead, we will focus on the more managed IoT Platform offerings from large public cloud providers and other notable software vendors who run platforms that will help manage IoT infrastructure for you.
How do IoT Cloud Platforms Differ from Traditional IoT?
In the past, both for IoT applications and other software generally, creating an application or software system took a lot of overhead. The responsibility of purchasing or renting physical servers, managing that hardware, keeping it connected to the internet, patched, and updated was a struggle.
For organizations trying to focus on custom hardware and software for their IoT devices, the overhead of also having to maintain server infrastructure to interface with those devices was an undue burden that needed a solution.
Generic cloud computing partially solved this problem by allowing the server infrastructure needed for interacting with IoT devices to be hosted remotely within a cloud provider. However, the challenge of maintaining that virtual infrastructure was still cumbersome. Because of this, providers started to create cloud platforms more focused on the needs of IoT developers.
These platforms were tailored to meet the unique requirements of IoT devices and the organizations building, deploying, and maintaining them. At present, these platforms help organizations manage and secure their IoT devices by providing everything from credential and authentication management features to pub/sub messaging workflows, and integrations that allow capturing and processing device data more effectively.
At a higher level, IoT cloud platforms also allow for a degree of scalability that previously would have required more hands-on work from an operations team to scale up the number or size of backend servers to handle new numbers of devices or increased communication.
Using these platforms can help organizations increase the security, development speed, and possible features of their IoT devices.
Creating Criteria for the Best IoT Cloud Platform for Your Project
It’s impossible to have a single set of criteria for every possible IoT project. When selecting the best IoT cloud platform for your project you should ask yourself some questions about the requirements you have and the direction your project will go. It’s possible the requirements you have today may not be the same requirements you’ll have in the future.
Start by asking yourself general questions about the needs of the project in these topic areas:
1/ What requirements do we have for device and cloud platform communication? Are there hardware limitations, usage requirements, or particular protocols we expect to need?
2/ How will we secure our devices? Will we require a specific form of authentication when allowing our devices to connect to the cloud? What potential security risks do we need to mitigate?
3/ How will we manage and troubleshoot our applications? Do we need to provide features for remote device administrators? On-site maintenance technicians? What tools would these folks require to maintain our devices?
4/ What needs will we have to collect, store, process, and act on the data our devices produce?
Asking these questions will help you create your own unique set of project requirements. For a more detailed example of looking at some of these sorts of considerations, you can review our recent article addressing this issue in more detail: Three Considerations when Picking a Public Cloud for IoT Device Management.
IoT with Top Public Cloud Providers
By now, you hopefully have enough context to start comparing different platforms, let’s look at some of the most common platforms we see when working with our clients at Witekio.
We’ll give an overview of some of the core features, add some additional thoughts from our engineering teams, and give you a few points to look out for in the future alongside potential challenges when using the IoT cloud platform we’re comparing.
Microsoft Azure
Microsoft Azure is more than just an IoT Cloud Platform. While it has IoT-specific services that focus on the required elements of securely connecting and managing IoT devices, its broader range of cloud services give it additional flexibility for any other compute and storage needs you might have in all elements of your development process. Let’s start by looking at some of the key IoT-related features and then look at the broader set of supplementary services that play into those.
To begin, Microsoft Azure has Azure IoT Hubs. These are fully managed, cloud-based systems for connecting your IoT devices to the cloud. They allow you to secure your devices with symmetric keys, X-509 certificates, or TPMs and offer methods for easily revoking and renewing your device authentication credentials. The service also provides several utilities for managing communication between the IoT devices and the cloud as well as between different IoT devices. IoT Hub features like Azure device twins allow you to store a cloud-side state of your device which can be interacted with and used to synchronize the settings of a local device. For a more detailed example and hands-on first-look at Azure IoT Hubs, you can review our introductory article on the subject of connecting a device to an IoT Hub for the first time.
In addition to Azure IoT Hubs, a core Azure service called the Device Provisioning Service is used to help you easily and securely manage the provisioning of newly manufactured devices as they connect with Microsoft Azure to one or more IoT Hubs. This process can be especially useful when you need to split up a device fleet between Azure IoT Hubs because of geography, latency, regulatory requirements, or other business requirements. It also provides a single point of contact for all devices to avoid having to make changes to device firmware at a later time depending on the needs of your IoT deployments.
While these two services are often the core of a more customized IoT application within Microsoft Azure, there are also other services within the broader scope of IoT platforms on Azure.
For organizations that fall into common sectors of IoT devices, Azure IoT Central might be an option to jumpstart the development of IoT solutions. This IoT platform provides application templates that may suit some industry use cases. While IoT Central may require sacrificing some flexibility, the feature set and potential time savings on application development make it something to absolutely consider.
If you find yourself developing container-based applications that you want to deploy at scale across a fleet of devices then the IoT Edge features become very useful.
Another critical area to review when evaluating Microsoft Azure IoT Cloud Platforms is the opportunity to leverage the Azure Sphere platform. Azure Sphere is a somewhat unique partnership between Azure and hardware vendors that allows device manufacturers to streamline the device authentication and provisioning process. Because Azure partners with these vendors it can establish a secure trust mechanism between the hardware and the cloud that doesn’t require a device manufacturer to provide certificates or manage public key infrastructure.
Developer Thoughts on Microsoft Azure
Microsoft Azure is one of the most frequent platforms that we’ve worked at Witekio. Across our work with clients, we’ve leveraged the flexibility of services like IoT Hub and DPS in many situations. While tools like IoT Central may be good solutions for niche projects, we’ve found the level of optimization, flexibility, and feature development that our customers require pushes us towards these powerful cloud-based building blocks. We’ve also seen some acceleration within the adoption of Azure Sphere. This is likely driven by the real-time and cost-saving benefits that can be obtained by offloading much of the authentication, credential rotation/revocation process to Azure Sphere.
Below, we’ve highlighted some of the candid thoughts of our cloud and embedded engineering teams on Microsoft Azure.
“ Make sure that prior to working with Microsoft Azure IoT Hubs and the Device Provisioning Service you understand how X509 certificate chains work. This is usually the foundation for how your IoT device applications will authenticate with the cloud and it’s critical to get it right. After you have the X509 signing process settled, the DPS service makes provisioning devices to IoT Hubs a breeze. ”
Witekio Cloud Engineer
“ Working Azure Sphere allowed me to utilize simple interfaces for communicating to the cloud. Command and control of sphere devices were streamlined using IoT Hub and the Microsoft provided APIs. I was able to work with a cloud engineer at the interface level between the cloud and the device with ease. We were able to rapidly develop new functionalities for the device while simultaneously adding associated commands via direct methods and reporting via the device twins with full visibility and clarity to other engineers and more importantly, the customer. ”
Ric Fehr — Embedded Engineer, on Working with Azure Sphere
“ To manage Cloud resources on a daily basis, developers and operators usually execute commands using the official CLI in their terminal. Others may prefer to interact with Cloud Providers through their browser by connecting to their respective portal/console. But here’s the kicker with Azure: as VSCode, a very popular IDE, is also developed by Microsoft, it offers a wide integration with remote services through official extensions. Concretely, it means that in an IoT context where you need to iterate rapidly, you can see which of your test devices are connected, modify their device twin as any regular file and even send them RPC. Similarly, when processing telemetry data with Azure Functions the development cycle of ‘edit → push → run’ is a delight. ”
Bruno Heridet — Software Engineer, on working with Azure
These things, in combination with other small quality of life benefits such as Azure’s built-in support for symmetric keys when prototyping and secondary credentials of all kinds when moving into production make Azure an excellent option for many IoT projects.
What to Watch for with Microsoft Azure
As the Azure Sphere program develops, we might continue to see more partnerships between Azure and silicone manufacturers. These partnerships may lead to even more opportunities for IoT device manufacturers to skip entire portions of previously required development processes the same way that Azure Sphere does for the authentication and credentialing process now.
Additionally, Azure has continued to make significant improvements to its IoT Edge features. Enabling more remote debugging and monitoring utilities out of the box with their IoT Edge container runtime. For organizations seeking to leveraged containerized applications, the development of these features makes it a more and more appealing prospect.
Potential Challenges
With the most popular IoT Cloud Platforms, one of the key drawbacks is simply finding the engineering talent required to develop the robust, secure, and feature-rich applications you want. If you need help with this, reach out to us.
While the set of Azure of IoT services goes head to head with other top contenders, the broader suite of cloud services it offers might be slightly behind the global cloud leader – AWS. This is less of a concern for the IoT engineering process and more a consideration when creating web applications that integrate with it.
Amazon Web Services
Like Azure, Amazon Web Services (or AWS) is not just used by those looking for the best IoT cloud platform. AWS consistently holds the top place in the scale and scope of its cloud service offerings. However, when it comes to IoT use cases specifically, they don’t take the easy win against Azure that might be expected of the cloud services leader. First, let’s look at key IoT features within the AWS ecosystem.
AWS IoT Core is the first stepping stone for AWS-connected IoT devices. Like Azure IoT Hub, IoT Core is the gateway for IoT devices to connect into the AWS Cloud. It manages everything from device registrations and authentication to the bi-directional messaging between devices and the cloud.
While AWS has no direct corollary for the Azure Device Provisioning Service, it offers several methods of connecting IoT devices into the IoT Core. When legitimate devices connect and present their authentication credentials for the first time, you can use provisioning templates to provision the properties they should have within the cloud-based representation of the device (In AWS this is called a device shadow – which is directly analogous to the Azure Device Twins). As an alternative to the provisioning templates, you might also customize the provisioning workflow using AWS Lambda. For example, if you have an internal application recording different shipments of IoT devices to different clients you might provision devices differently based on which devices are associated with a particular client.
To assist with IoT devices in edge computing environments, AWS also offers an open-source edge runtime and corresponding cloud service called AWS IoT Greengrass. The Greengrass service helps to bring messaging, data processing and management, machine learning, and other technologies to the edge. It also makes it easier to connect edge computing environments to the same corresponding AWS cloud services.
Amazon also prominently features FreeRTOS, an open-source microcontroller operating system that is enhanced with SDKs and tools that make integration with the AWS cloud much easier. These devices might connect directly to the AWS cloud or, in edge computing scenarios to AWS IoT Greengrass.
Developer Thoughts on AWS
AWS is the most robust cloud platform in the industry. Our engineers have put together numerous web applications, integrations, and prototypes through the platform.
Below, we’ve included the thoughts of our cloud and embedded engineering teams on AWS:
“ The integration of AWS IoT Core with the entire spectrum of AWS services ranging from computing, data storage, visualization and beyond, make a compelling case for it. During a week-long prototyping session, we were able to get a sensor device connected to AWS, pushing information to the cloud, along with a full-fledged user authentication story to make accessing that information as simple as adding an authorized customer user.”
Witekio Cloud Engineer
“ One major benefit of using AWS during the design and implementation process is that it is almost guaranteed to have the most extensive cloud feature set. When developing all the additional components of cloud applications for IoT this can be incredibly useful. Also, because of its position as the market leader the development edge cases are largely smoothed over and it is likely that there are already notable examples and guidance on the situation you need to work with. ”
Witekio Cloud Architect
What to Watch for with AWS IoT
AWS continues to develop new services targeted towards the needs of different areas of IoT. Tools like IoT SiteWise target industrial manufacturing clients. Depending on the industry your devices serve you may want to keep an eye out for continued new releases that suit your use case.
Overall, we hope to see AWS take the strong ethos of managed services and migrate that more into the IoT realm. Keep an eye out for new integrations and services that streamline the device provisioning and credential rotation processes so that it can catch up to Azure in these regards.
Potential Challenges
When working on your projects you’ll find that some of the most time-intensive and important parts of any IoT application are the ease with which you connect your devices to an IoT cloud platform.
While AWS does largely have feature parity with Microsoft Azure, the customizations required to do more complex provisioning processes do require learning to use additional services like AWS Lambda. Whereas, in the Azure world, you can rely heavily on the Azure Device Provisioning Service to do some heavy lifting. Overall, IoT developers might find the learning curve slightly steeper with AWS than Azure.
A few specific things to look out for is that AWS has no built-in support for symmetric keys. This can be looked at in two ways. Either as a challenge, because the prototyping phase may be slightly complicated by forcing you to prototype your devices with another authentication mechanism like X509 certificates. Or, as a benefit because it forces you to use the better security of X509 certificates.
Google Cloud Platform
Google has not dedicated as much energy to IoT as the other platforms. However, it has its own fully-featured Cloud IoT Core platform which takes care of the critical elements of any IoT application including managing IoT device connections via different protocols and ensuring secure authentication from IoT devices.
Google also offers a decent selection of non-IoT cloud services which, like Azure and AWS, may come into play when developing other portions of your product to support your IoT devices.
One of the unique characteristics of Google Cloud Platform is that it has a more dedicated product for running machine learning inferences at the edge with the Edge TPU. While the training and creation of ML models are typically done in the cloud due to the higher resource requirements for these processes, the application of these models on incoming data can be deployed and used at the edge.
What to Watch for with GCP IoT
We hope to see GCP push towards feature parity with the other platforms. Specifically, we hope to see it add its own tooling for a streamlined onboarding process similar to the options available with Azure DPS.
Given the specialization of Google within the machine learning space, we also anticipate that it continues to offer potentially compelling products for applications that want to use machine learning at the edge.
Potential Challenges
At the moment, Google Cloud Platform is a more minor player in the cloud platform landscape. This means that many of the features you might get from other cloud providers aren’t necessarily included in the large GCP ecosystem. This isn’t meant to discount GCP as an option for IoT projects as its suite of services definitely covers the requirements for building robust, secure IoT applications.
Making the Decision
Ultimately, the best way to make the decision is to take your own specific requirements and compare them to the capabilities of each platform. When you do that, make sure to actually test out the stated capabilities! Sometimes marketing materials can be deceiving and the best way to be sure something will work the way you expect is to engage in a prototyping session.
If you’d like assistance at any step of the process – from picking or integrating with a platform or beyond, reach out to us for help!
If you still need a bit more information on how to pick a platform. Take a look at our more technical guide: Three Considerations when Picking a Public Cloud for IoT Device Management.
Three Considerations when Picking a Public Cloud for IoT Device Management
The most important considerations when selecting an IoT device management platform include Identity and Authentication, Authorization and Permissions and Picking Device to Cloud Communication Protocols.