IoT App Development Guide
IoT App Development Guide
Structure
10.0 Introduction
10.1 Objectives
10.2 IoT Application Essential Requirements
10.3 Challenges in IoT Application Development
10.4 IoT Application Development Framework
10.5 Open Source IoT Platforms
10.5.1 Popular Open Source IoT Platforms
10.5.2 Some Tools for Building IoT Prototypes
10.6 IoT Application Testing Strategies
10.6.1 Performance Testing
10.6.2 Security Testing
10.6.3 Compatibility Testing
10.6.4 End-User Application Testing
10.6.5 Device Interoperability Testing
10.7 Security Issues in IoT
10.7.1 Counter Measures
10.8 Summary
10.9 Solutions/Answers
10.10 Further Readings
10.0 INTRODUCTION
In the earlier unit, we had studied various IoT networking and connectivity
technologies. After going through the basics of IoT in previous units, we will
concentrate on IoT Application Development in this unit.
When you are developing some application, Platform is one which allows you
to deploy and run your application. A platform could be a hardware plus
software suite upon which other applications can operate. Platform could
comprise hardware above which Operating system can reside. This Operating
system will allow application to work above it by providing necessary
execution environment to it.
1
Application
Development,
An IoT application platform is a virtual solution, means it resides over cloud.
Fog Computing and
Case Studies Data is the entity that drives business intelligence and every device has
something to talk with other device that is data. By means of cloud
connectivity, IoT application platform translates such devices data into useful
information. So it provides user means to implement business use cases and
enables predictive maintenance, pay-per-use, analytics and real time data
management. Thus, IoT application platforms provide a complete suite for
application development to its deployment and maintenance.
10.1 OBJECTIVES
10.2.1 Adaptability
IoT systems will consist of several nodes, which will be resource constrained
mobile and wirelessly connected to the Internet. Due to the factors such as
poor connectivity and power shortage, nodes can be connected and
disconnected from the system arbitrarily. Furthermore, the state, location and
computing speed of these nodes can change dynamically. All these factors can
2
IoT Application
make IoT systems to be extremely dynamic. In a physical environment that is Development
10.2.2 Intelligence
Intelligent things and system of systems are the building blocks of IoT. IoT
applications will power IoT enabling technologies in transforming everyday
objects into smart objects that can understand and obtain intelligence by
making or enabling context-related decisions, resulting in the execution of
tasks independently without human intervention. Achieving this requires IoT
application to be designed and developed with intelligent decision-making
techniques such as context-aware computing service, predictive analytics,
complex event processing and behavioural analytics.
A number of IoT domains requires the timely delivery of data and services. For
instance, consider IoT in scenarios such as telemedicine, patient care and
vehicle-to-vehicle communications where a delay in seconds can have
dangerous consequences. Environments, where operations are time-critical,
will require IoT applications that provide on-time delivery of data and services.
10.2.4 Security
The data generated from these heterogeneous devices are generally in huge
volume, in various forms, and are generated at different speeds. IoT
applications will often make critical decisions based on the data collected and
processed. Sometimes, these data can be corrupted for various reasons such as
the failure of a sensor, introduction of an invalid data by a malicious user,
delay in data delivery and wrong data format. Consequently, IoT application
developers are faced with the challenge of developing methods that establish
the presence of invalid data and new techniques that capture the relationship
between the data collected and the decision to be made.
4
IoT Application
10.3.4 Application Maintenance Development
Many IoT applications are human-centric applications, i.e. humans and objects
will work in synergy. However, the dependencies and interactions between
humans and objects are yet to be fully harmonized. Humans in the loop have
their advantages. For example, in healthcare, incorporating models of various
human activities and assisted technologies in the homes of the elderly can
improve their medical conditions. However, IoT applications that model
human behavior is a significant challenge, as it requires modeling of complex
behavioral, psychological and physiological aspects of human nature. New
research is necessary to incorporate human behaviors in IoT application design
and to understand the underlying requirements and complex dependencies
between IoT applications and humans.
Since IoT applications are currently being integrated into the daily activities of
our lives and sometimes used in critical situations with little or no tolerance for
errors and failures, it therefore means that the overall system quality is
important and must be thoroughly evaluated to guarantee that it is of high
quality before being deployed. However, evaluating quality attributes such as
performance is a key challenge since it depends on the performance of many
components as well as the performance of the underlying technologies.
6
IoT Application
Development
Device Hardware is the first layer of IoT technology stack that defines the
digital and physical parts of any smart connected product. In this stacked layer,
it is imperative to know the implications of size, deployment, cost, useful
lifetime, reliability and more such. If we talk about small devices like for
example, smartwatches then you may have only one room for such a System
on a Chip (SoC). Here, you will need embedded computer like Raspberry-Pi,
Artik module, and BeagleBone board.
The device software is the component that turns the device hardware into a
“smart device.” Device software is the second layer of the IoT technology
stack. Device software enables the concept of “software-defined hardware,”
meaning that a particular hardware device can serve multiple applications
depending on the embedded software it is running. It allows you to implement
communication with the Cloud or other local devices. You can perform real-
time analytics, data acquisition from your device’s sensors, and even control.
This layer of the IoT technology stack is critical because it serves as the glue
between the real world (hardware) and your Cloud Applications. You can also
use device software to reduce the risks of hardware development. Building
hardware is expensive, and it takes a lot longer than software. Instead of
building your device for a narrow and specific purpose, it is better to use the
generic hardware that can be customized by your device software to give you
more flexibility down the road. This technique is often known as “software-
defined hardware.” This way, you can update your embedded software
remotely via the Cloud, which will update your “hardware” functionality in the
field.
.The device software layer can be distributed into two categories i.e. Device
Operating System and Applications.
The whole complexity of your IoT solution will portray the type of operating
system you are in the need of. There are some top things that you must include
like when your app requires a real-time operating system, I/O support, and
7
Application
Development,
support for the full TCP/IP stack. Some examples of an embedded OS are
Fog Computing and
Case Studies Brill, Linux, Windows Embedded and VxWorks.
Device applications run on top of the Edge OS and provide the specific
functionality for your IoT solution. Here the possibilities are endless. You can
focus on data acquisition and streaming to the Cloud, analytics, local control,
etc.
Communications refer to all the different ways your device will exchange
information with the rest of the world. Communications are the third layer of
the IoT technology stack. Depending on your industry, some people refer to
this layer of the IoT technology stack as connectivity. Communications include
both physical networks and the protocols you will use. It is true that the
implementation of the communications layer is found in the device hardware
and device software. But from a conceptual model, selecting the right
communication mechanisms is a critical part of your IoT product strategy. It
will determine not only how you get data in and out from the Cloud (for
example, using Wi-Fi, WAN, LAN, 4G, 5G, LoRA, etc.), but also, how you
communicate with third-party devices too.
The cloud platform is the backbone of your IoT solution. If you are familiar
with managing SaaS offerings, then you are well aware of the role of this layer
of the IoT technology stack. A cloud platform provides the infrastructure that
supports the critical areas like data collection and management, analytics and
cloud APIs.
8
IoT Application
10.4.4.1 Data Collection Development
This is an important aspect. Your smart devices will stream information to the
Cloud. As you define the requirements of your solution, you need to have a
good idea of the type and amount of data you will be collecting on a daily,
monthly and yearly basis. One of the challenges of IoT applications is that they
can generate an enormous amount of data. You need to make sure you define
your scalability parameters so that your architects can determine the right data
management solution from the very beginning.
10.4.4.2 Analytics
The Internet of Things is all about connecting devices and sharing data, which
you can achieve by exposing APIs at either the Cloud level or the device level.
Cloud APIs allow your customers and partners to either interact with your
devices or to exchange data. Remember that opening an API is not a technical
decision; it’s a business decision.
The fifth layer of the IoT technology stack is the Cloud Applications layer.
Your end-user applications are the part of the system that your customers will
see and interact with. These applications will most likely be web-based, and
depending on your user needs, you might need separate apps for desktop,
mobile, and even wearables. Even though a smart device has its own display,
the user may likely use a cloud application as their main point of interaction
with your solution. This allows them to have access to your smart devices
anytime and anywhere, which is part of the goal of having connected devices.
While designing end-user applications, it is very important to understand who
your user is and what is his/her primary goal of using the product. The other
consideration is that for Industrial IoT (IIoT) applications, you’ll probably
have more than one user.
9
Application
Development,
These internal apps will require a deep understanding of your external and
Fog Computing and
Case Studies internal customers and will require the right prioritization and resourcing.
In the next section let us study open source platforms and some prototype tools
available for IoT Application Development.
(i) Each consumer desires to utilize any IoT device of their preference
without being restricted or bound to a specific product vendor. For
example, some smart devices need to be clubbed with only
smartphones from the same retailer.
(ii) All business companies of IoT devices desire to integrate their
particular devices with ease and diverse ecosystems.
(iii)All application developers desire their apps back multiple IoT devices,
which need not demand to blend the specially developed vendor-
specific codes.
Kaa
Kaa IoT Platform is one the most efficient and rich open-source Internet of
Things cloud platforms where anyone has a free way to materialize their smart
product concepts. On this platform, you can manage an unlimited number of
connected devices with cross-device interoperability.
You can achieve real-time device monitoring with the possibility of remote
device provisioning and configuration. It is one of the most flexible IoT
platforms for your business which is fast, scalable, and modern.
Macchina.io
Zetta
Zetta is a server-oriented platform that has been built around NodeJS, REST,
and a flow-based reactive programming development philosophy linked with
the Siren hypermedia APIs. They are connected with cloud services after being
abstracted as REST APIs. People believe that the Node.js platform is best to
develop IoT frameworks. These cloud services include visualization tools and
support for machine analytics tools like Splunk. It creates a zero-distributed
network by connecting endpoints such as Linux and Arduino hacker boards
with platforms such as Heroku. Key features are:
DeviceHive
DSA is an open-source IoT that unifies the separate devices, services, and
applications in the structured and real-time data model and facilitates
decentralized device inter-communication, logic, and applications. Distributed
service links are a community library that allows protocol translation and data
integration to and from 3rd part data sources. All these modules are lightweight
11
Application
Development,
making them more flexible in use. It implements DSA query DSL and has
Fog Computing and
Case Studies inbuilt hardware integration support.
Developers can code, test and deploy their applications with highly scalable
and reliable infrastructure that is provided by Google and Google itself uses it.
Developers have to just pay attention to the code and Google handles issues
regarding infrastructure, computing power and data storage facility.
Google is one of the popular IoT platform because of: Fast global network,
Google's BigData tool, Pay as you use strategy, Support of various available
services of cloud like RiptideIO, BigQuery, Firebase, PubSub, Telit Wireless
Solutions, Connecting Arduino and Firebase and Cassandra on Google Cloud
Platform and many more.
IoT opened many new horizons for companies and developers working for the
development of IoT systems. Many exceptional products have been developed
due to IoT app development. Companies providing Internet of Things solution
are creating hardware and software designs to help the IoT developers to create
new and remarkable IoT devices and applications. Some of the tools to build
IoT prototypes and applications are discussed below:
Arduino
Raspbian
This IDE is created for Raspberry Pi board. It has more than 35000 packages
and with the help of precompiled software, it allows rapid installation. It was
not created by the parent organization but by the IoT tech enthusiasts. For
working with Raspberry Pi, this is the most suitable IDE available.
Eclipse IoT
This tool or instrument allows the user to develop, adopt and promote open
source IoT technologies. It is best suited to build IoT devices, Cloud platforms,
and gateways. Eclipse supports various projects related to IoT. These projects
include open-source implementations of IoT Protocols, application frameworks
and services, and tools for using Lua programming language which is
promoted as the best-suited programming language for IoT.
12
IoT Application
Development
Tessel 2
It is used to build basic IoT prototypes and applications. It helps through its
numerous modules and sensors. Using Tessel 2 board, a developer can avail
Ethernet connectivity, Wi-Fi connectivity, two USB ports, a micro USB port,
32MB of Flash, 64MB of RAM. Additional modules can also be integrated
like cameras, accelerometers, RFID, GPS, etc.
Tessel 2 can support Node.JS and can use the libraries of Node.JS. It contains
two processors, its hardware uses 48MHz Atmel SAMD21 and 580.
Kinoma
13
Application
Development,
Fog Computing and
Case Studies
The security testing aspect of the IoT framework deals with security elements,
such as the protection of data, as well as encryption and decryption. It is aimed
at providing added security to connected devices, and also to the networks and
cloud services on which the devices are connected.
Some variables that mostly cause security threats in IoT are sensor networks,
applications that work to collect data, and interfaces. Therefore, it is highly
recommended that security testing be done at the device and protocol level,
since problems can easily be detected and solved at this level.
The End-user application testing takes into consideration the user experience,
as well as the usability and functionality of the IoT application.
This type of testing aims to assess the interoperability of protocols and devices,
compared with varying standards and specifications.
This testing is usually done in the Service layer. This is because the service
layer provides the most conducive environment for this testing, that is; a
platform that is communicable, programmable and operable.
The IoT is diverse from traditional computers and computing devices, makes it
more vulnerable to security challenges in different ways:
15
Application
Development,
also clear that many of these devices can establish connections and
Fog Computing and
Case Studies communicate with other devices automatically in an irregular way.
These call for consideration of the accessible tools, techniques, and
tactics which are related to the security of IoT.
Even with the issue of security in the sector of information and technology not
being new, IoT implementation has presented unique challenges that need to
be addressed. The consumers are required to trust the Internet of Things
devices and the services are very secure from weaknesses, particularly as this
technology continues becoming more passive and incorporated in our everyday
lives. With weakly protected IoT gadgets and services, this is one of the very
significant avenues used for cyber attacks as well as the exposure of the data of
users by leaving data streams not protected adequately. The nature of the
interconnection of the IoT devices means if a device is poorly secured and
connected it has the potential of affecting the security and the resilience on the
Internet internationally. This behavior is simply brought about by the challenge
of the vast employment of homogenous devices of IoT. Besides the capability
of some devices to be able to mechanically bond with other devices, it means
that the users and the developers of IoT all have an obligation of ensuring that
they are not exposing the other users as well as the Internet itself to potential
harm. A shared approach required in developing an effective and appropriate
solution to the challenges is currently witnessed in the IoT.
One of the most prevalent attacks in the IoT is the man in the middle, where
the third-party hijack communication channel is aimed at spoofing identities of
the palpable nodes which are involved in network exchange. Man in the middle
attack effectively makes the bank server recognize the transaction being done
as a valid event since the adversary does not have to know the identity of the
supposed victim.
16
IoT Application
Perception layer: The Perception layer is the typical external physical layer, Development
which includes sensors for sensing and gathering information about the
surrounding environment such as temperature, humidity, pressure etc..Table 1
shown below depicts the major threats in the Perception layer:
Table 1:Threats in the Perception Layer
Name of Description
the Threat
Denial of IoT sensing nodes have limited capacity and capabilities thus attackers can
Service use Denial of Service attack to stop the service. Eventually servers and the
Attack devices will be unable to provide its service for users.
Hardware Attacker can damage the node by replacing the parts of the
Jamming node hardware.
Insertion of Attacker can insert a falsified or malicious node between the actual nodes
Forged of the network to get access and get control over the IoT network.
nodes
BruteForce As the sensing nodes contains weaker computational power brute force
Attack attack can easily compromise the access control of the devices.
Cloud layer: The IoT Cloud Layer represents the back- end services required
to set up, manage, operate, and extract business value from an IoT system. It
will deliver the application specific services to the user so they can operate and
monitor the devices. Following are the threats in the Cloud Layer. Table 3
shown below depicts the major threats in the Cloud layer:
17
Application
Development, Table 3: Threats in the Cloud Layer
Fog Computing and
Case Studies
Authentication
Authorization
Confidentiality
Integrity
Non Repudiation
18
IoT Application
Following table 4 will depict what we can do to improve the security in Development
1) Compare and contrast various IoT platforms discussed in this unit with
reference to the parameters like services availability and device
management platform.
…………………………………………………………………………………
…………………………………………………………………………………
…………………………………………………………………………………
2) What are the various factors and concerns those might have an impact on
compromising the efforts to secure the IoT devices?
…………………………………………………………………………………
…………………………………………………………………………………
3) Explore and write various current innovative techniques to mitigate the
security attacks.
…………………………………………………………………………………
…………………………………………………………………………………
19
Application
Development,
Fog Computing and 10.8 SUMMARY
Case Studies
2. Given below are various factors and concerns those might impact on
compromising the efforts to secure the IoT devices:
20
IoT Application
necessary updates remotely. However, hackers could utilize the feature Development
22