Cloud-Native IoT Reference Architecture with ARM SystemReady

Cloud-Native IoT Reference Architecture with Arm SystemReady was the result of a master's thesis developed on our premises over the last few months. This is an open-source IoT project to meet the challenges of integrating embedded systems with the cloud. This architecture facilitates the automatic provisioning of a cloud infrastructure and the integration of a fleet of embedded systems during their initial start-up. Designed for use with AWS, it focuses on essential components while taking advantage of Arm processors and Arm SystemReady certifications. The project aims to streamline collaboration between embedded systems engineers and cloud professionals, allowing them to focus on their end products. By following Cloud-Native best practices, the continuous integration and delivery tools ensure a robust, functional architecture on various Arm-based and Arm SystemReady-certified embedded systems.

Why this reference architecture?

Recently, we identified a significant problem relating to collaboration between engineers specialising in embedded systems and those from the cloud domain. There is a growing demand for engineers to establish fast and efficient links between embedded devices and cloud infrastructure. However, there is currently a lack of reference architectures for deploying an infrastructure while directly provisioning a fleet of embedded systems. A reference architecture is a preconceived model for a particular domain. It provides a solid foundation on which other architectures can be built, simplifying the work of software developers in that specific domain.

This problem stems from the time required and the complexity for engineers to establish the connection between hardware and a cloud infrastructure. Because of specialist skills in two distinct areas, a cloud professional will need time to understand and implement an operating system capable of connecting to an infrastructure, while an embedded systems expert will need to acquire knowledge of cloud infrastructure by following Cloud-Native best practice.

The need to find a solution arose when engineers began to approach electronic board manufacturers to design equipment offering services for linking to a cloud infrastructure. However, these manufacturers, who specialise in hardware, are generally not inclined to devote the time to developing such solutions. The main players affected are hardware engineers, who struggle to meet new customer requirements, and cloud engineers, who have to invest time in integrating embedded concepts. This learning phase can quickly become time-consuming.

What were the objectives?

The objectives of this project were as follows:

• Deployment of a cloud infrastructure using an Infrastructure as Code (IaC) tool
• Integration of embedded systems with Arm architecture and Arm SystemReady certification
• IoT network composed of a fleet of embedded systems
• Creation of applications in an open programming language
• Integration of applications in Docker containers
• OTA deployment and updating of applications on the fleet of embedded systems
• Data transmission from embedded systems to the cloud and vice versa
• Securing the architecture
• Use of continuous integration (CI) and continuous deployment (CD) tools
• Easy for users to integrate embedded systems with the cloud
• Open-source project rendered in GitHub
• Using the Cloud-Native approach

Solution : architecture overview

Cloud infrastructure

The entire cloud infrastructure is outlined in orange in the overview. Two infrastructures have been set up to provide a development environment that is separate from the production environment. AWS IoT Core plays a central role by providing the link between embedded systems and AWS services. Other services are used to manage application deployment, security, storage provisioning, compute execution, and role and policy management. Other services can be added.

Embedded systems integration

The embedded systems are outlined in green in the overview. Each device is based on an Arm architecture and is Arm SystemReady IR certified. This certification, dedicated to the IoT sector, guarantees the correct operation of many Linux operating systems. They all share the same operating system, based on a Linux distribution. This OS incorporates AWS IoT Greengrass software, making it easy to connect the device to the cloud. With this software, applications deployed in Docker containers are represented by Greengrass components. AWS IoT Greengrass also monitors the health of the device to identify any problems. Each device is equipped with a unique certificate for authentication with AWS.

Embedded systems used

The first embedded system used for this project was the Raspberry Pi 4 Model B. It's Arm SystemReady IR certified. The OS image used to boot this device is Raspberry Pi OS Lite. This device works fine. The aim was to extend the provisioning capability to other Arm SystemReady certified embedded systems, beyond the Raspberry Pi 4. Unfortunately, this attempt was unsuccessful. Another device tested was the ADLINK I-Pi SMARC IMX8M Plus board, which is Arm SystemReady IR certified. Despite flashing the same OS image as the Raspberry Pi 4 onto the SD card of this new device, booting failed. The problem is that the uboot for this OS is not SystemReady compliant.

Another idea was to test a virtual Raspberry Pi 4 Model B on an Arm development tool called Arm Virtual Hardware (AVH). AVH virtualises IoT development kits, Arm-based processors and cloud-based systems, speeding up the development of IoT software. With this type of tool, it was not possible to integrate the custom OS image. The same OS image was then configured manually. The device was correctly provisioned.

Conclusion

The project was an overall success, achieving the main objective of designing a reference architecture to facilitate the deployment of a cloud infrastructure while automating the provisioning of a fleet of embedded systems. Now available as open-source, this achievement provides a solid foundation for engineers looking for similar solutions. Detailed documentation accompanies the project to make it easier to understand and use. Despite the overall success, challenges have emerged, notably the complexity of compatibility with embedded systems. Creating an OS image compatible with various embedded systems proved to be a major challenge. The lack of time at the end of the project limited the possibility of finding a satisfactory solution. Promising future prospects include extending compatibility with a wider range of embedded systems, integrating new cloud services and improving infrastructure security. To make more devices compatible, an OS containing a SystemReady-compliant uboot needs to be found. The use of PARSEC (Platform AbstRaction for SECurity) could be a good solution for securing the infrastructure by encrypting keys and sensitive data. It's an open source software compatible with AWS IoT Greengrass to interact between the secure storage and cryptography services. Although the project has achieved its objectives, future improvements are needed to enhance the architecture's versatility and efficiency, reflecting continued evolution in the fast-moving field of IoT and cloud computing.

Learn more

• Open source project
• SystemReady Certification Program
• AWS IoT Greengrass

Next step

We strongly encourage you to contribute to the development of this reference architecture to grow the community, enabling engineers to adopt it and apply it more easily to their projects. We would be happy to meet you if there's something you are interested in.