For Internet of Things (IoT) solutions, it is critical you monitor the performance of connected devices, detect abnormal behavior, and respond quickly when devices are compromised. AWS IoT Device Defender provides the capability to collect metrics from your connected devices and cloud infrastructure, and detect deviations from the expected device behavior. Before, to have these metrics added into your data lake for further analysis, you needed to make changes to device firmware and publish the metrics to additional MQTT topics, which could impact your development time and costs, especially when managing it at scale. The new metric export feature of AWS IoT Device Defender provides a convenient and cost-effective way for you to export the device metrics from AWS IoT Device Defender to your data lake. With metric export capability, you can now export metrics with a simple configuration change without needing to make any changes to your device firmware. This capability applies to new workloads as well as to existing workloads.
Paytm, one of the largest payment gateways in India, manages and processes financial transactions for millions of consumers and merchants. Among its most popular IoT solutions are soundbox devices, which provide audio confirmations for merchants accepting payments from Paytm QR codes. Paytm’s QR code service lets enterprises accept contactless in-store payments through the Paytm app. Soundbox comes with an activated 4G cellular SIM card and 50-60 hours of battery backup, so that small merchants, such as street food vendors don’t need to worry about a hardline internet connection. Paytm devices report these metrics to AWS IoT Device Defender which enables Paytm to keep an eye on operational health of soundbox devices.
AWS IoT Device Defender is a key service used in connected product solutions. AWS IoT Device Defender detects anomalous behavior of devices in near real time by collecting metrics from the cloud and from the device and by comparing the reported metric values against the configured expected values. These metrics can be collected from two sources: cloud-side metrics, such as the number of authorization failures, or the number or size of messages a device sends or receives through AWS IoT Core and device-side metrics, such as the ports a device is listening on, the number of bytes or packets sent, or the device’s TCP connections. You can also define custom metrics that are unique to your fleet, such as number of devices connected to wi-fi gateways, charge levels for batteries, or number of power cycles for smart plugs. You can use the metric export feature to export the cloud-side, device-side, and custom metrics. As part of the security profile definition, you can specify the metrics to export and the destination MQTT topic. AWS IoT Device Defender batches the data points and publishes them to the MQTT topic configured in the security profile, thus optimizing the cost of export. There are two options for you to export the metrics:
Export through IoT Core Rules Engine
You can use the capabilities of AWS IoT Core Rules Engine to route the exported metric to the destination of your choice. This option allows you to leverage the Basic Ingest mechanism of AWS IoT Core to reduce the cost of exporting data. The following diagram depicts a reference architecture for this option. In this option, you configure AWS IoT Device Defender to export metric on a Basic Ingest topic and define a rule in AWS IoT Core Rules Engine to route data to the destination of your choice (for example to Amazon Simple Storage Service (Amazon S3) bucket through Amazon Kinesis Data Firehose).
Export through MQTT subscriptions
In this option, you can configure AWS IoT Device Defender to export data to a MQTT topic and consume the data by subscribing to that MQTT topic using AWS IoT Core. The following diagram depicts a reference architecture where you configure AWS IoT Device Defender to export the metric on an MQTT topic. You run an MQTT client (for example, in a container on Amazon Elastic Container Service) that subscribes to the same MQTT topic. Whenever AWS IoT Device Defender publishes the data, the MQTT client receives it and processes it.
Next, you will build a solution to export metrics from AWS IoT Device Defender as depicted in Figure 1 above.