ThingsBoard is an open-source IoT platform for monitoring, data processing, visualization of data along with device management.

Why Thingsboard?

It supports industry-standard IoT protocols – MQTT, CoAP, and HTTP.  ThingsBoard combines scalability, fault-tolerance, and performance to capture the device data for processing and monitoring. It provides its gateway server that can communicate with the attached devices. 

Build around Netty Framework due to which it provides support for many protocols and applications. New Hardware protocols can be added by just adding Inbound and Outbound channel handlers for new protocols with the netty framework.  

Thingsboard features

1) Security  

Support for provisioning and management of devices with credentials management. Custom security rules for each protocol can be applied.

2) Dashboard and Data Visualization

Built-in support for 100+ widgets components. Collect and visualize data from devices and assets in Dashboard with widgets.

3) Telemetry 

Analyze incoming telemetry and trigger alarms with complex event processing. Support event storage Api to capture Telemetry metrics.  

4) Rest API and RPC Support

Data workflow can be designed using Rest API and RPC Requests.

5) Push Device Data

Support to push Device data to other systems in real-time. 

6) Integration with Different Message Queues

Different connectors are available to connect with different implementations of message queues. The multiple message queue implementations: Kafka, RabbitMQ, AWS SQS, Azure Service Bus, and Google Pub/Sub are supported.

7) Hybrid Database support

Stores all entities in SQL databases and telemetry data in the NoSQL database. 

8) Rule Engine 

In-built rule engine, to configure rules for device state and different notifications or alarms can be generated based on the telemetry of the device. Data processing rules can be changed at runtime based on the device state.

9) Deployment, Standard and Cluster mode

On-premise and cloud deployments are supported along with Standard and Cluster mode are supported

10) Alarms Management

Create and Manage alarms related to devices, assets, and customers, etc. Rule policy can be applied to raise alarms for device state changes.

Use Cases:

Thingsboard IoT platform supports broad use cases specifically in fields of Fleet tracking, Smart Farming, Smart Metering, Smart Energy, Smart City, and Commercial Home Automation Solution. 

1) Smart Farming

Smart farming is a combination of hardware (IoT) and software (SaaS) to capture the data and use data to manage all the operations on the farm, both pre and post-harvest. 

2) Smart Metering

Smart Metering solutions are used to study consumption patterns. 

Alarms are integrated with smart metering with rules to identify any abnormalities or energy offenders

3) Smart Energy

Smart Energy is syncing different energy producers with energy consumers to optimize energy consumption based on data points.

4) Fleet management

Different types of fleet management solutions can be derived

1. Vehicle leasing, financing, maintenance, licensing, tracking, and diagnostics. 
2. Supply chain management.
3. Driver management, Speed management, Fuel management

Workflow :

Conclusion :

Thingsboard is a good choice to develop IoT Solutions. Its source code is available with Apache License. 

MQTT (MQ Telemetry Transport) is a lightweight message protocol that provides telemetry information to clients with network limitations in a simple way. The protocol mainly uses a publish-subscribe communication pattern, which is mainly used for M2M(Machine to machine) communication and plays a crucial role in the Internet of things (IoT). The MQTT protocol is a great choice for wireless networks that may experience different levels of latency due to occasionally unreliable connections or bandwidth constraints.

This protocol was designed by Andy Stanford-Clark and Arlen Nipper in 1999 mainly for connecting sensors on oil pipelines with communications satellites, with an emphasis on minimum bandwidth usage.

Working of MQTT :

In the MQTT protocol, the connected devices are known as “clients,” which communicate with a server known as the “broker.” The broker handles the task of data transmission and communication between clients 

Whenever a client wants to distribute particular information,it publishes that information to a particular topic, then the broker sends the information to any clients that have subscribed to that topic. Any client can be a publisher, or a subscriber, or both.

Advantages of MQTT:

1. Efficient data transmission 
2. Quick to implement as it is a lightweight protocol
3. Low network usage due to minimization of data packets
4. Fast and efficient message delivery
5. Uses very small amounts of power, which is good especially for the wireless devices
6. Reduction of network bandwidth in communication.

Why MQTT over HTTP?

MQTT over HTTP:

MQTT Broker:

It is a server that handles the communication between the clients. A broker can have many clients connected to it, which can publish and subscribe all the time.

Types of MQTT Brokers:

Mosquitto:

Mosquitto is a lightweight MQTT broker written in the C language. It supports TLS and there are plugins for authorization using a database, But it has some disadvantage as:

1. It does not support clustering so it is difficult in terms of scalability.
2. It cannot take advantage of multi-core CPUs.

RabbitMQ:

It is a very popular message broker which is written in ‘Erlang’ that supports MQTT via a plugin. It supports TLS and clustering is also fine. Authorization cannot be done using a database directly but we can create an HTTP REST wrapper over the database and that can be used for authorization. This broker supports the AMQP protocol natively but, the MQTT implementation is missing some important features such as QoS2.

VerneMQ:

It is a distributed, high-performance MQTT message broker built-in Erlang. VerneMQ can scale horizontally and vertically to support a huge number of concurrent publishers and subscribers. These subscribers can connect to any node and can also receive messages from any other node.Also, as VerneMQ is mainly written in Erlang, it is capable of working on a multi-threaded processor and also can take the benefit of multi-core processors. It is also an active community on GitHub and Docker images are also available for installation.

Eclipse Paho:

This is mainly an umbrella project for several MQTT implementations in different programming languages. It is an open-source MQTT client implementation and is also maintained by a huge community. Paho API comes with support with different languages and platforms like C/C++, Android, Arduino, Python, Java, and Rust. To use Paho in our IoT project we just have to import the appropriate library and begin using various functions provided by the library for our requirements. There are also various GUI tools available which include RCP application, Eclipse plugin, and Java Swing application.

Conclusion:

MQTT Protocol is a lightweight and fast protocol for using especially in IoT. In IoT, the main concern is minimum battery and network bandwidth usage as the devices are wireless and run on battery, which can be achieved efficiently using MQTT.

The Internet of Things (IoT) is a collection of devices that are connected to the Internet. Following are the types of ‘things’ connected to the internet:  

1. Things that collect information and send it on the internet – sensors allow machines to make sense of the world.
2. Things that receive information and take action on it. – printers, door locks, electric switches etc
3. Things that do both.

What is IoT security?

Any device that’s connected to the Internet can be vulnerable to cyberattacks. IoT security is the act of securing Internet of Things devices and the networks connecting them. With IoT, data is always on the move. It is being transmitted, stored, and processed. IoT device security must protect systems, networks, and data from a large no of IoT security attacks, which target four types of vulnerabilities:

• Communication attacks, the insecure data transmission between IoT devices and servers.
• Lifecycle attacks put the integrity of the IoT device at risk as control shifts to the malware.
• Attacks on the device software.
• Physical attacks, which target the chip in the device or the device physically

Risks

1. The Rise Of Botnets and Ransomware

Increasing the amount of  botnets among IoT devices causes a security threat to IoT applications. Hackers can remotely control internet-connected devices and use them for illegal purposes using Botnets. Many organisations do not have solutions to track this.

A ransomware can hack an IoT-enabled camera that captures confidential information from home or the work office. The attackers can encrypt the webcam system and consumers will not be able to access any information. 

2. Large number of IoT Devices

Till now the security was for computers and mobile devices, but with IoT a lot many no of devices are connected through on the internet. All these devices are not secure and can be hacked , disabled. They have limited processing capacity, storage and memory which creates a problem for securing these devices. Thus IoT devices mean increased security vulnerabilities across the enterprise, and it is a growing challenge for security professionals.

3. Infrequent Updates for IoT devices

Software updates ensure that computers and mobile devices are as secure as can be. The devices may have outdated hardwares and softwares. Some IoT devices may not have the amount of software updates like other technologies. Some of them may not have even one update. 

These products may be secure at the time of purchase but become vulnerable to attacks when the hackers find some bugs or security issues. When these issues are not fixed by releasing regular updates for hardware and software, the devices remain vulnerable to attacks. 

4. Lack Of Encryption – Unreliable Communication

Though encryption is used to prevent hackers from accessing data while communicating between devices, it is also one of the leading IoT security challenges. The lack of storage and processing capabilities of devices unlike on a traditional computer increases the possibility of attacks. Unless an enterprise secures the data communication over the internet, the data leak or manipulation pose a threat to the system. 

5. Weak Default Passwords

Many IoT devices come with original default weak passwords. It is recommended that you change the passwords regularly, some administrators fail to take this simple step. A weak and  default credentials could leave an IoT device vulnerable to an attack. Hackers can get access to devices easily with username and default passwords.

6. Unreliable Threat Detection Methods

When there is a large scale of IoT devices, it becomes difficult to monitor all of them. Since the number of devices is increasing significantly, the number of things to be managed is increasing even more. Hence, many devices keep on operating without the understanding of the users that they have been hacked. Hackers can breach common devices such as printers and cameras.The apps, services, and protocols used by IoT devices should be monitored for security. 

7. Phishing Attacks

Phishing is already a security concern across all enterprise technologies, and IoT devices are also vulnerable to these attacks. Hackers could send a signal to an IoT device that triggers exposure of important data. Although it is commonly found security attacks, and it can be stopped by giving education to users.

8. Prediction and prevention of attacks

Hackers are proactively finding out new techniques for security threats. Security professionals need to prevent IoT security breaches before they occur. In such a scenario, there is a need for  learning to predict and prevent new threats.  A robust management system should be present to monitor activity and provide insights into potential threats ahead of time.

Some Preventive measures

1. Implement automatic antivirus updates
2. Require strong login credentials
3. Deploy end-to-end encryption
4. Make sure the device and software updates are installed on time
5. Disable the unused features of the devices
6. Be proactive and predict the threats and fix it.

Conclusion

We have experts in handling IoT Devices and Securing them.  Please feel free to connect with us in case of any issues. 

Security of IoT environment is the need of time to identify unauthorized access and reconfiguration of IoT devices. IoT networks required logging to analyze the data flow and allow different tools to do forensic analysis of logs in-case of security breaches.

We are now living in a world of IoT devices. Many IoT Platforms are developed in current years to support different IoT devices. Each IoT platform needs a logging mechanism to inform the user about the state of the system in case of high availability.
We have recently moved one of the customer’s ( IoT platform) sync log4j logging to async log4j logging mechanism.

We have decided on the following points for log4j to analyze the behavior of the system along with performance:

1) System throughput performance
2) Configuration of Log4j
3) Support to add logs in different storage e.g Files, Database asynchronously.
4) Support to add for Custom level. Need to add a new log level Audit.

Log4j supports async mode by the in-built async plugin. To enable it we need to add either existing and new appenders/loggers inside that async tag in log4j.xml
We have created Async appenders and added in appenders list inside log4j2.xml  

<Async name="asyncAppender" level="info">
<AppenderRef ref="fileAppender"/>
</Async>

As an async log4j implementation using lock-free structures, we have seen system performance increased to 25% in async with file appender only.
Testing system running 20 threads simultaneously creating different log level log-events at speed of 400 logs per second. Each log message size is around 4KB.

We have created two async appenders – One for file appender and one for console appender.
As the console is very slow in response, a console logger or appender should be run in an independent async mode without another appender, so that its slowness doesn’t impact other appenders.

No much change needed in the existing configuration of log4j to enable async mode.

We have also added a Custom level “AUDIT” and for enabling custom level in log4j2.xml we have added the following lines in log4j2.

<CustomLevels>
<CustomLevel name="AUDIT" intLevel="150" />
</CustomLevels>

Level of the custom level set’s between error and fatal level.
To add custom ( AUDIT) log in code, we have used the following method
LOGGER.log(Level.getLevel(“AUDIT”), “Audit Message {}”, log);

To add error level logs in the database, we have again added async appender along with JDBC appender with a connection pooling system.
It is also running in different async threads.

Log4j documentation provides a detailed explanation of configuration parameters.  
As the Log4j community added many improvements in recent years to increase the handling of logs, we have used log4j library version 2.13.1, 

Conclusion

By using async mode log4j, we have improved the performance and throughput of an IoT platform.

What is a Mass Notification System?

A Mass Notification System is a platform that protects, alert & sends messages to inform employees and the people when there is an emergency. 

Mass Notification System provides a secure, scalable, and reliable emergency management application, by;-

The Right Message

Concise, accurate, timely, and well-directed messages that communicate what to do in response to a threat or emergency.

To the Right People

Directing live or recorded messages to the entire community or to specific floors of a building.

At the Right Time

Efficiently managing people before, during and after a disaster.

Everbridge Mass Notification System:

Everbridge Mass Notification System is a fully-featured Emergency Notifications Software designed to serve SMEs, Enterprises. Everbridge Mass Notification System provides end-to-end solutions.

Everbridge console :

Giving power to users:

1. Manage settings, limits, and defaults through a user-friendly admin.
2. Define role-based access control to manage users and contacts separately.
3. Customize portals to allow contacts to update and manage their accounts.

Rest API:

REST suggests create an object of the data requested by the client and sending the values of the object in response to the user.

REST is an architectural style as well as an approach for communications purposes that are often used in various web services development.

METHODS OF REST API:

When I say CRUD operations, I mean that we create, read, update and delete a resource. For these actions, you can actually use the HTTP methods, which are nothing but the REST API Methods.

Steps to configure Everbridge:

1)  How to configure an Everbridge Account:

1. Register your company with Everbridge and create a user for API access.
2. Once support activates the user account with API access, you’re ready to create the API key.

2)  How to create an Everbridge API Key:

1. Get the username and password of the API user account
2. Encode and decode the username and password using Base64EncoderDecoder.
3. Make sure the username and password are case correct.

3)  Test the Key:

1.  Use api.everbridge.net to test your API key.
2.  Write a username and password into the “credentials” field.
3.  Write your Organization ID into the “organizationId” field.
4. Select HeartBeats time.
5. Click on the “ok” button.
6. You should get a “successful message”.

API Calls

1) GET Method:

1) Retrieve a specific organization:

 EverbridgeBaseUrl+"/organizations/{organizationId}"

2) Retrieve all incident templates for an organization:

 EverbridgeBaseUrl+"/incidentTemplates/{organizationId}"

Response:

{
"message": "OK",
"data":
{
"id": 393354571204451,
"name": "Test Template",
"templateStatus": "Live"
}
}

3) Retrieve all Variables for an organization:

EverbridgeBaseUrl+"/incidentVariableItems/{organizationId}/?pageNumber="+pageNumber

2) POST Method:

1) Launch an Incident:

 EverbridgeBaseUrl+"/incidents/{organizationId}”

2) Initiate an immediate notification:

EverbridgeBaseUrl+"/notifications/{organizationId}”

Benefits of Everbridge Mass Notification System:

1)  Secure, reliable & scalable platform.

2)  Send consistent and error-free messages quickly.

3)  Communicate and respond more quickly to disruptive events.

4)  The user and contact list are managed by Everbridge.

5)  Facilitates the creation of email templates and variables which can be used for notifications.

Conclusion:

This article explains one of the most important components i.e. Everbridge Mass Notification System, How it works, Integration with benefits of using an Everbridge MNS for business. For any queries regarding the integration of mass notification system do connect with us.