3/14/2025
Lecture 6: IoT Application-Layer
              Protocols
         Seyed-Hosein Attarzadeh-Niaki
                        Fundamentals of IoT   1
                       Review
• IoT Networking
  – Network architectures and topologies
  – Wireless network protocols
     • Short-range protocols
     • Long-range protocols
                        Fundamentals of IoT   2
                                                         1
                                                                 3/14/2025
 Introduction to IoT Application Layer
               Protocols
• Definition: Protocols enabling
  communication between IoT applications
  (e.g., data exchange, device
  management).
• Key Characteristics
   • Designed for constrained devices (low power,
     limited memory).
   • Support for publish/subscribe or client-server
     models.
   • Efficient data representation (JSON, CBOR,
     SenML).
• Importance: Enable interoperability and
  scalability in heterogeneous IoT systems.
                            Fundamentals of IoT              3
             Key Characteristics of
           IoT Application Protocols
• Constraints
   • Low bandwidth, high latency, intermittent
     connectivity.
   • Limited computational power (e.g., microcontrollers).
   • Power efficiency (battery-operated devices).
• Design Goals
   • Minimal overhead (e.g., small header size).
   • Support for real-time and event-driven
     communication.
• Scalability: Managing millions of devices.
• Protocols: MQTT, CoAP, HTTP/REST, AMQP.
                            Fundamentals of IoT              4
                                                                        2
                                                         3/14/2025
     Standardization Bodies for IoT
               Protocols
• Key Bodies:
  • IETF: Develops RFCs (e.g., RFC 7252 for CoAP).
  • OASIS: MQTT standardization.
  • OMA: Lightweight M2M (LwM2M).
                      Fundamentals of IoT            5
   Publish-Subscribe Model in IoT
• Concept: Decouples publishers (data sources) and
  subscribers (data consumers).
• Advantages
  • Scalability for many-to-many communication.
  • Dynamic discovery of data topics.
                      Fundamentals of IoT            6
                                                                3
                                                       3/14/2025
       MQTT Protocol Overview
• MQTT (Message Queuing Telemetry
  Transport)
  • Lightweight, publish-subscribe protocol over
    TCP/IP (port 1883/8883 for TLS).
  • Designed for constrained
    networks (e.g., LoRaWAN,
    cellular).
  • Supports three Quality
    of Service (QoS) levels.
                      Fundamentals of IoT          7
           MQTT Components
• Broker: Central hub managing subscriptions
  and routing messages.
• Clients: Devices that publish or subscribe to
  topics.
                      Fundamentals of IoT          8
                                                              4
                                                                                  3/14/2025
        MQTT Message Structure
Message Types                        Type         Flow   Description
                                                         Initiates a connection
• CONNECT, PUBLISH,                  CONNECT      C→S
                                                         with the broker.
  SUBSCRIBE,                                             Acknowledges
                                     CONNACK      S→C
  UNSUBSCRIBE,                                           connection request.
  PINGREQ.                                               Transmits application
                                     PUBLISH      Either data to subscribed
• Fixed header, variable                                 clients.
  header, and payload.               PUBACK       S→C
                                                         Acknowledges QoS 1
                                                         PUBLISH message.
                                     …            ...    …
                                                         Gracefully ends the
                                     DISCONNECT   C→S
                                                         connection.
                           Fundamentals of IoT                             9
 MQTT Quality of Service (QoS) Levels
• Level 0: At most once (no guarantees).
• Level 1: At least once              • Level 2: Exactly once
  (duplicates allowed).                 (guaranteed delivery).
                           Fundamentals of IoT                            10
                                                                                         5
                                                     3/14/2025
               MQTT Use Cases
• Industrial Monitoring:
  Sensors sending
  telemetry to
  dashboards.
• Smart Home:
  Thermostats updating
  cloud services.
• Healthcare: Wearables
  transmitting vital signs.
                        Fundamentals of IoT     11
   MQTT Implementation Example
• Example in Python
client = mqtt.Client()
client.connect("broker.hivemq.com", 1883, 60)
client.publish("temperature", "25°C")
                        Fundamentals of IoT     12
                                                            6
                                                                                                             3/14/2025
            MQTT vs. HTTP Comparison
Aspect                            MQTT                                  HTTP
Model                             Publish/subscribe                     Client-server
Connection                        Persistent (TCP)                      Stateless
Data Flow                         Push-based                            Pull-based
                                             Fundamentals of IoT                                        13
         MQTT-SN (Sensor Networks)
•   MQTT-SN: Optimized for constrained devices (e.g., 8-bit microcontrollers).
•   Features: Short topic IDs instead of strings, UDP-based for low power.
Aspect           MQTT                                  MQTT-SN
Transport        TCP/IP (reliable, higher              UDP (lightweight, suitable for low-power
Layer            overhead)                             networks)
Topic            Full topic strings (e.g.,             Short numeric IDs (1-2 bytes) instead of strings
Identification   sensors/temperature)                  to reduce payload size
Device           moderately constrained                Optimized for ultra-constrained devices (e.g., 8-
Constraints      devices (e.g., MCUs)                  bit MCUs, battery-operated sensors)
Message          Larger headers and topic              Smaller message size (short topic IDs, minimal
Overhead         strings                               headers)
                 Industrial IoT, smart home,           Sensor networks (e.g., agriculture,
Use Cases
                 and general pub/sub                   environmental monitoring)
QoS Support      Three levels (0, 1, 2)                Limited to QoS 0 for ultra-low power savings
Broker           Requires persistent TCP               Supports sleepy clients (devices can disconnect
Interaction      connection                            and reconnect without loss)
                                             Fundamentals of IoT                                        14
                                                                                                                    7
                                                                                 3/14/2025
             Introduction to CoAP
• CoAP (Constrained Application Protocol)
   • RESTful protocol over UDP (port 5683).
   • Confirmable/Non-confirmable messages.
   • Uses JSON or CBOR for payloads.
                          Fundamentals of IoT                               15
             CoAP Message Types
• Methods: GET, POST, PUT,          Field          Description
  DELETE.                           Version        CoAP version
• Response Codes: 2.01
                                    Type           Confirmable (CON)
  (Created), 4.04 (Not Found).
                                                   Non-confirmable (NON),
• Options: URI path, content                       Acknowledgement (ACK)
  format                                           Reset (RST)
                                    Token Length   0–8 Bytes
                                    Code           Req. method/Res code
                                    Message ID     Detects message duplication
                                    Token          Correlates req. & res.
                                    Options        Option num, len, val
                                    Payload        Application data
                          Fundamentals of IoT                               16
                                                                                        8
                                                                                               3/14/2025
              CoAP Query Parameters
• Discovering Resources
    – Path: /.well-known/core
• Pagination: $top, $skip
  (e.g., $top=5&$skip=10).
• Sorting: $orderby.
• Select Properties: $select
  (e.g.,
  /Things?$select=name)
                                   Fundamentals of IoT                                    17
                 CoAP vs. HTTP/REST
Aspect        CoAP                                       HTTP/REST
Transport     UDP (low overhead)                         TCP (higher overhead)
Efficiency    Optimized for constrained devices          Designed for web-scale systems
Scalability   Good for low-power networks                Better for high-bandwidth apps
Aspect        CoAP                                       HTTP/3
Transport     UDP                                        QUIC (HTTP/3)
Overhead      Minimal header (~4 bytes)                  Larger headers
Use Case      Constrained IoT devices                    High-speed web applications
                                   Fundamentals of IoT                                    18
                                                                                                      9
                                                                                               3/14/2025
Platforms for Data-interoperability and
        Device Management
LWM2M                                          CORECONF
• By Open Mobile Alliance                      • Based on binary
  (OMA)                                          representation
• Maintains a repository with                  • YANG data modeling
  object data representation.                    language
• URI/ObjectID/InstanceID
  will identify a specific
  instance on the device
                                    Fundamentals of IoT                                   19
          CoAP vs. MQTT Comparison
Aspect        CoAP                                        MQTT
              UDP (low latency, no guaranteed
Transport                                                 TCP (reliable, higher overhead)
              delivery)
              Ideal for constrained devices (e.g.,        Better for high-volume
Scalability
              sensors)                                    telemetry
QoS           No inherent QoS (reliability via DTLS)      Built-in QoS levels (0, 1, 2)
Payload       JSON/CBOR (compact)                         Arbitrary binary/text data
                                    Fundamentals of IoT                                   20
                                                                                                     10
                                                                                      3/14/2025
   Security in IoT Application Protocols
MQTT Security                               CoAP Security
• TLS encryption (port 8883)                • OSCORE (Object Security for
• Authentication methods:                     CoAP)
       • Username/password                         • End-to-end encryption and
         (plaintext or hashed)                       integrity protection.
       • Client certificates                       • Uses CBOR for payload
                                                     encoding.
• Access control lists (ACLs)
                                                   • Works with constrained
  for topic permissions.                             devices.
                                 Fundamentals of IoT                             21
   Data Representation in IoT Protocols
JSON                                               CBOR
SenML
                                 Fundamentals of IoT                             22
                                                                                            11
                                                                                                             3/14/2025
       Data Representation in IoT Protocols
Format    Description                     Advantage                                 Disadvantage
          Human-readable text
                                    Cross-platform compatibility,    Verbose, higher
JSON      format (JavaScript Object
                                    widely supported, easy to parse. bandwidth usage.
          Notation).
          Concise Binary Object           Compact (smaller size), efficient
                                                                                    Not human-readable
CBOR      Representation (binary          for constrained devices,
                                                                                    without decoding.
          JSON alternative).              supports binary data.
          Sensor Markup Language Compact representation of                          Requires parsing
SenML     for time-series sensor multiple measurements,                             logic, less common
          data.                  supports metadata (e.g., units).                   than JSON/CBOR.
          Markup language for        Enables hypermedia-driven APIs Not optimized for
HTML      linking resources (used in (linked resources), supports   machine-to-machine
          REST APIs for discovery). human-readable content.         data exchange.
                                               Fundamentals of IoT                                      23
                Industry-Grade Protocols
   • Requirements
         • High reliability, real-time control, legacy system compatibility.
         • Used in energy, manufacturing, and smart grids.
  Protocol Transport       Industry             Features                        Security
                                                Hierarchical control for        Optional encryption
             TCP/UDP
  DNP3                     Energy, Utilities    substations, supports polling   (DNP3 v4); vulnerable
             (Layer 2-7)
                                                and event-driven updates.       without TLS.
                                                Legacy protocol for PLCs        No built-in security;
             TCP/Serial    Manufacturing,       (Programmable Logic             requires external TLS
  Modbus
             (Layer 7)     SCADA                Controllers), simple            for modern
                                                ASCII/Binary.                   deployments.
                                                Unified architecture for
                                                                                End-to-end security
             TCP           Manufacturing,       secure industrial data
  OPC-UA                                                                        (TLS, certificates),
             (Layer 7)     Oil/Gas              exchange, supports
                                                                                platform-independent.
                                                encryption and digital twins.
                                               Fundamentals of IoT                                      24
                                                                                                                   12
                                                                                       3/14/2025
                 Other IoT Protocols
Protocol Transport   Use Case       Features                    Example
                              Low-power mesh network,           Smart home
         IPv6      Home/
Thread                        interoperable with Wi-Fi,         devices (e.g.,
         (6LoWPAN) Automation
                              uses AES-128 encryption.          Philips Hue lights).
                                                                Banking
                                    Robust messaging with
                                                                transaction
                     Financial,     queues/exchanges,
AMQP     TCP                                                    systems (e.g.,
                     Enterprise     supports pub/sub and
                                                                message brokers
                                    request-reply.
                                                                like RabbitMQ).
                                    XML-based for chat and IoT Google Talk, IoT
         TCP (XML    Real-Time
XMPP                                signaling (e.g., IoT device device presence
         over TCP)   Comm.
                                    status updates).            detection.
                                    OMA standard for over-      Fleet
                     Device         the-air updates, firmware   management for
LwM2M CoAP/UDP
                     Mgmt.          upgrades, and remote        connected
                                    diagnostics.                vehicles.
                                  Fundamentals of IoT                             25
       Future Trends in IoT Protocols
• 5G Integration: Ultra-low latency for real-time
  applications.
• AI-Driven Protocols: Adaptive QoS based on
  network conditions.
• Blockchain for IoT: Secure data provenance.
                                  Fundamentals of IoT                             26
                                                                                             13
                                                                                                3/14/2025
        Summary: Key Characteristics of IoT
             Application Protocols
Protocol    Transport   Data Format Design goals                 Key features
            Layer
                                      Minimal overhead,          Publish/subscribe model,
                        Arbitrary     real-time                  QoS levels (0, 1, 2),
MQTT        TCP/IP
                        (binary/text) communication,             lightweight for constrained
                                      scalability for pub/sub.   networks.
                                   Low overhead, RESTful         Stateless requests, supports
                        JSON/CBOR/
CoAP        UDP                    design for M2M                GET/POST/PUT/DELETE, runs
                        SenML
                                   communication.                on constrained devices.
                                       Human-readable data,      Client-server model,
HTTP/
            TCP/IP      JSON/XML       interoperability with     stateless, relies on TCP for
REST
                                       web services.             reliability.
                                       Enterprise-grade
                        Binary                               Supports pub/sub and
AMQP        TCP/IP                     messaging middleware,
                        (serialized)                         queues, com
                                       guaranteed delivery.
                                        Fundamentals of IoT                               27
                                Next Lecture
   • IoT Application-Layer Protocols
           – Publish-Subscribe model
           – MQTT
           – CoAP
           – Data representation
           – Other IoT protocols
                                        Fundamentals of IoT                               28
                                                                                                      14
                                                  3/14/2025
     SensorThings API Overview
• Purpose: Geospatial IoT data management
  (e.g., location-aware sensors).
• Entities: Things, Sensors, Observations,
  Locations.
                   Fundamentals of IoT       29
                                                        15