Managing Edge IoT Linux Devices Closely, Remotely, Securely

CNXSoft: This is a guest post by Roy Dalal, Embedded Systems Engineer who looked for IoT device management solutions, and ended up using Upswift.

With the recent shift from Real-Time Operating Systems (RTOS) to Linux-based embedded systems, there has been a boom in the IoT industry in creativity and expandability and opened doors to a whole new level of automation.

Unlike the previous generation of IoT devices which followed the “program once, use forever” concept, with the new developments in the IoT industry, mainly the devices based on Linux operating systems that demand more and more flexibility, accessibility, and control. It has been challenging to address all these points at once when it comes to remote monitoring and control of these devices; especially if one produces thousands of those smart devices to be sold worldwide.

The ability to manage these connected devices (Raspberry Pi, Jetson Nano, or any SOM/SBC that runs a flavor of Linux such as Yocto based, Ubuntu or Debian, etc.) through a single platform, be it just one device, a dozen, or maybe a couple thousand would prove to be immensely productive when considering both the time and cost it’d otherwise take to manage them individually.

The Key Points in Managing Edge IoT Devices

Every IoT deployment, whether based on Linux or not, needs few key, crucial interactions performed by the service providers of those devices throughout their lifetime to ensure that they are functioning properly. There are many IoT device management platforms such as Upswift, BalenaCloud, AWS IoT which offer a plethora of functionalities when it comes to managing IoT devices, with the following key points in mind:

  • OTA Updates

Timed, properly deployed Over-The-Air updates ensure that the edge devices are running the latest software with the latest bug-fixes, reducing vulnerabilities and increasing the optimal performance of those devices.

  • Remote Control and Access

Be it a local or overseas deployment, being able to access the devices remotely at any time without having to worry about connection issues makes troubleshooting a faulty device extremely easy.

  • Remote Monitoring

Making sure that the deployments are running in ideal condition, without any mishaps, and being able to monitor their condition such as internal hardware parameters and sensor readings, acquired data samples, etc…. is also an integral part of remote IoT device management.

  • Security

All the above points are useless if we cannot perform those tasks in a safe and secure manner. From accessing the device(s) remotely through a secure channel to being able to rollback changes if something goes wrong, a good IoT device management platform should be able to roll back the changes without needing physical access to the system.

This is where Upswift.io comes into play

I came across Upswift.io, which looked promising, and I immediately thought of trying out their service.

Upswift focuses on providing an end-to-end Linux IoT device management platform, with the motto “Update, control, monitor and secure remote Linux & IoT devices, at scale, with the click of a button.” They have built a sophisticated platform, where customers can install a tiny software agent on their Linux devices, and start remotely managing them right away.

The dashboard itself is a pretty extensive, elegant looking interface where all the settings and options are designed to be intuitive to use. I found myself getting accustomed to the enrollment process of my devices within minutes of the first use.

The Upswift Agent – the ‘guy’ in the middle

One of the noticeable characteristics of Upswift agent is that its post-installation is less than 2 Megabytes in size, making it suitable for Yocto-based devices with 60MB disk size.

Just for comparison – Amazon’s AWS Greengrass runtime requires a whopping 256MB of disk space and 96MB of RAM along with a boatload of other dependencies to function properly, coupled with a complicated installation process.

The Upswift agent is truly a feather floating in the air. I found it using a little more than 5MB of RAM when idling, which in most cases, is ideal for a resource-limited setup

They have set up the installation process in a way that only requires the execution of just one single line, formatted as follow:

The agent is built targeting specifically Linux based distributions; especially embedded systems oriented flavors such as Yocto, Ubuntu Core, Raspberry Pi OS(formerly Raspbian), Debian flavors, Arch Linux, and many more. Also, the agent supports multiple system architectures such as x86, x86_64, and Armv6, Armv7 & Armv8 32/64 bit.

Upswift Platform Features

The platform dashboard has multiple categories to select from the left navigation pane:

  • Devices – groups of devices with online/offline state and telemetry.
  • OTA Update – Micro Update, Container Update
  • Logs – Fetch any type of file remotely from Upswift platform or by REST-API
  • Control Center – Remote Control (remote SSH), Remote Access (URL forwarding), Remote Commands
  • Monitor – Resources, Data, Processes
  • Security – Authentication attempts, Firewall Rules, CVEs, OS security upgrades
  • Map – a geographical visualization of the locations of the devices enrolled
  • Notifications
  • Account Management – Create and manage team accounts

Two of the most interesting and useful options I liked were the Control Center and Monitor, where Control Center would allow me to connect to the device remotely from anywhere in the world through secure SSH tunnel, forward ports on the device, and running bash commands. This comes exceptionally useful when trying to access an edge residing behind a NAT router or a tight firewall.

The Monitor feature provides the necessary tools to keep an eye on the vital Resources, Processes, and Data and set up alerts to intelligently inform me about any anomaly such as excessive resource usage or the status of a process, according to the rules set.

The Data monitor, which is the invaluable tool to fetch sensor data or any other form of data through secure REST API calls is the other most important tool Upswift provides, to monitor the external and internal events of the device such as sensor readings and communication done through the API call with the dashboard to send data to the cloud.

The OTA Update Tool, featuring Micro Update tool and Container Update Tool came extremely handy when there’s a need to remotely update the file system/directories in the edge device and deploy container updates such as Docker updates. Upswift, as the name suggests it, does all above in a swift manner.

By the time of this post being written, Upswift has also introduced a Security tab, where we can easily monitor and receive alerts on authentication attempts, create firewall rules, and even check what CVEs exist on the device, to ensure that the edges are secure than ever before.

Pricing – Yes, there’s a free version!

Upswift is offering multiple plans ranging from a free tier plan all the way up to a set of production-grade plans which all of them are eligible to scale to accommodate as many devices as we want. They even offer scheduled free demo sessions for the customers who would like a walkthrough of the platform, guided by the engineers who built the platform.

Conclusion

The Internet of Things industry is advancing at a pace like never before. With it, there is going to be more and more involvement of Linux-based operating systems, and the need to manage the edge devices securely and time/cost-effectively is ever-so-important. Upswift has taken IoT device management addresses the common issues usually neglected by other solution providers and they have built one of the most trustworthy, functional, and intuitive platforms to manage all our IoT edge devices from one place.

More details, including documentation & tutorials, can be found on upswift.io website.

Support CNX Software - Donate via PayPal or cryptocurrencies, become a Patron on Patreon, or buy review samples