About the Client
The client is a household name, best known for its plumbing products, faucets, sinks and fixtures. Its kitchen and bathroom products are synonymous with luxury, innovation and aesthetic design.
The client also operates in the hospitality space, operating and owning several resorts, hotels and golf clubs around the world.
The client’s kitchen and bathroom products were synonymous with luxury, innovation and aesthetic design. In keeping with its tradition of creating innovative and engaging user experiences, the company embarked on a digital transformation journey to re-imagine their product portfolio as smart and connected products. The client viewed the growth of IoT as a major disrupting force in its business, and wanted to take a “first-mover” advantage by transforming its current product range into a smart, connected portfolio of products.
The first phase in the digital transformation initiative was to create a proprietary IoT platform consisting of a Unified Mobile App that can control multiple products. This will enable the client’s products to connect to a cloud-based service, each other (via IoT) and a voice based service (eg: Amazon Alexa), and create totally new whole-bathroom experiences for end customers.
With core expertise in plumbing, ceramics, mechanical and IC engine design, the client sought expertise in IoT platform design, development and deployment. The client was also looking for complementary expertise in application development, mobile app development, analytics, cloud infrastructure, conversational AI platforms and machine learning.
Bringing digital technology and smart home revolution to kitchens and baths
After evaluating several vendors, the client chose Silicus as its partner based on our high levels of technical expertise in the end to end IoT technology stack, our deep relationship with Microsoft as a Gold Partner, and a proven track record.
Silicus assembled an expert team of Azure IoT solution architects, project managers, business analysts, Azure cloud and IoT engineers, .NET, iOS & Android developers, Alexa and Google Home integration specialists, and a QA team.
The products to be IoT enabled were chosen from the client’s kitchen and bathroom product line – shower panels, bath tubs, toilets and kitchen faucets.
Key Business & Technical Objectives
Following were the key corporate goals for development of the client’s IoT Platform:
- Host new experiences while integrating the platform and device with Amazon Alexa or Google Home voice service
- Design and develop an IoT platform for the client’s product portfolio
- Quickly get started and scale the platform to other business needs
- Integrate data and systems with new data sources to create new insights, new business models, and new ways of staying ahead of competition.
Key Capabilities to be Developed
The client’s IoT platform would need to have the following capabilities:
- Connectivity – Enables the device and Sensor to connect to the platform through a gateway for sending telemetry data.
- Control – Handle different scenarios for control including:
- Controlling a device through an application
- Cloud-to-device communication, or
- Control from the cloud (based on an event, rule or any other pre-determined condition)
- Device Management – Robust and strong device management features to keep devices and sensors up to date and functional.
- Actionable Data – Ability query data in a manner that is clear and meaningful, and helps in real-time business insights for decision making.
- IoT Platform - needs to be secure, maintainable and extendable, scalable build on Microsoft Azure Cloud Services, and powers the various application which connects to or consumes the platform.
- Core client IoT Platform APIs
- IoT Gateway Client
- Administration Portal
- Customer Portal
- Unified Mobile App (Apple iOS, Android)
- Voice Activated Service (Alexa, Google Home)
- Security – GSMA IOT, CSA and OWASP Top 10 Security guidelines were implemented.
Solution Architecture & Design
Azure, the “plumbing” for the IoT Platform
The “plumbing” behind the client’s IoT platform was Microsoft Azure. Silicus assisted the client with evaluation and selection of Microsoft Azure as its preferred cloud platform provider to power the core capabilities of the connected devices. Silicus selected the Azure IoT suite. Azure IoT was chosen for its:
- End to end set of tools and components to jumpstart IoT solution development
- Strong in-built security features
- Ability to easily & reliably connect and manager millions of devices
- Support for integration with existing systems and applications
- Availability of complementary technologies for application development, big data & analytics, and cloud hosting and deployment
The client’s IoT enabled platform was extended from Microsoft’s IoT reference architecture focusing on:
- Device connectivity
- Data processing
- Connected and management apps
Silicus leveraged the Azure IoT hub as the central location for telemetry and data collection from the devices i.e – the client’s products, mobile phones and 3rd party products. Azure IoT hub was designed for web-scale, and could handle several millions of messages, if needed.
Azure IoT Hub acts as a command center to process queues, trigger actions and monitor the health of the system. It is the power of Microsoft Azure that enables the client’s solution to start a shower at a specified temperature, or deliver precisely 3 cups of water through your kitchen sink using smart home devices.
The solution leverages the highly scalable Azure App Service PaaS as its foundation. The remote devices (tubs, toilets, faucets) are connected to Azure using Azure IoT Hub, which provisions, authenticates, and manages devices at scale and in a highly secure manner. Silicus also leveraged open Azure IoT Device SDKs to facilitate the connection of any device. From Azure IoT Hub, data moves through Azure Stream Analytics for both hot-path analytics, i.e., anomaly detection, and simultaneous distribution of data to storage.
Azure stream analytics service was used to process the significant amounts of data flowing through the Azure IoT hub, and take real time actions or move them to a back-end DocumentDB NoSQL database. Push notifications from the platform were implemented through Azure Notifications hub.
Security was one of the most important considerations while designing the client’s IoT platform. The overall design will provide a multi-layered security model to ensure there are multiple controls in place to protect data and application from malicious access. The following layers of security were created as part of the overall application architecture:
- Network / Perimeter security: Azure networking, Network access control, Secure remote access and cross-premises connectivity, DMZ Architecture, Monitoring and Threat detection etc
- Identity Management: Single sign-on, Reverse proxy, Multi-factor authentication, Consumer identity and access management, Identity protection etc
- Data security: Role-Based Access Control, Encryption in transit, Encryption at rest/Storage Service Encryption, Azure Disk Encryption, Azure Key Vault etc
- Application security: Static analysis (SAST), Dynamic analysis (DAST), Software composition analysis, Manual penetration testing, Web application perimeter monitoring etc
- Secure DevOps: Subscription security, Secure development, CI / CD, Alerting & monitoring capabilities, Telemetry dashboards etc
Application access is controlled through Azure API Management, and apps are choreographed as microservices using Azure Service Fabric. Vendor-agnostic voice recognition, e.g., Amazon Alexa, Google Home, or others, is integrated via the APIs for highly secure command and control of the IoT-enabled device(s).
Customer identity management and role-based access control is achieved through implementation of Azure Active Directory B2C and surfaced to a customer portal through the Web Apps feature of the Azure App Service.
Device Provisioning & Management
Device provisioning, configuration and management was handled by the Azure IoT suite. Silicus used OTA updates and Azure Device Provisioning service (DPS) for multi-geo provisioning. The device will communicate with Cloud gateway software using MQTTs and HTTPs protocol. Each device can send the messages to IoT Hub.
Silicus developed mobile applications for iOS & Android with a modern, feature rich UI for consumers to control their products. The application download and set-ups were simplified through a wizard that guided users through the set-up.
The mobile application also helped for controlling and tracking user information. The application will communicate with the cloud gateway software using MQTTs for control messages communication and HTTPs protocol for making the APIs call published over the platform.
|Mobile Application||Implementation||Software Interface|
|Android||Native||Azure IoT Java SDK, Android Application Development Toolkit|
Front-end User Interaction
Customers could interact with the IoT enabled solution in 3 ways:
- Via Smart Phone application: iOS & Android
- Via Alexa / Google Home voice driven controls: Integrated by Silicus into the IoT platform
- Via the client’s hardware box
For Alexa and Google home integration, Silicus designed and developed a “skill” that could be downloaded from the Alexa or Google home app store. The Voice enabled service exposed APIs for processing the skills, it is a web app deployed as part of the solution.
|Amazon Alexa||Azure PaaS||Azure App Services (Web Apps)|
|Google Home||Azure PaaS||Azure App Services (Web Apps)|
Message Routing & Back-end
For application development, Azure Service Fabric was leveraged to build always on, scalable applications. The Azure service fabric supported low-latency, high-throughput workloads a strong customer KRA once the products were commercialized. In keeping with a modern application development approach, Azure functions based serverless architecture was adopted.
Azure functions were leveraged to send control messages to field devices and was perfect for the event driven, scale on demand model expected in the IoT connected platform. JSON was chosen as the default data interchange format. To ensure high speed performance, Redis cache was implemented in Azure for direct retrieval instead of DocumentDB.
Silicus also developed platform APIs as a web app deployed as part of the solution. The platform APIs exposes the various functionality of IoT Platform over a RESTFul interface.
The platform will notify the user using notification interfaces.
|Azure Function App (Web Jobs), Sendgrid Notification|
|2.||Push Notifications||Azure PaaS||Azure Notification Hub, Azure Function App (Web Jobs), Google Firebase, and Apple APNS service|
|Azure Function App (Web Jobs), Plivo Notification|
The solution uses Azure Storage and Azure Cosmos DB to persist all the raw and summarized telemetry data from the devices in the solution. The solution uses a Cosmos DB database to store information about the devices connected to the platform.
IoT telemetry data is stored using a Lambda approach, whereby hot-path data flows into Azure Cosmos DB for internal analytics through Microsoft Power BI, and external visualization via web and mobile apps. Cold-path data is stored in Azure Data Lake Store for future analysis using Azure Machine Learning Studio and Azure Machine Learning services to create new insights.
|Storage||Azure PaaS||Azure Storage Service, Azure Cosmos Database.|
|Cloud Service||Service Category||Provider|
|Azure Key Vault||Security + Identity||Microsoft Azure|
|Azure Application Gateway||Security + Networking||Microsoft Azure|
|Azure Active Directory B2C||Security + Identity||Microsoft Azure|
|Storage (Blob)||Storage||Microsoft Azure|
|Cosmos DB||Databases||Microsoft Azure|
|Redis Cache||Databases||Microsoft Azure|
Data + Analytics
Internet of Things
|Azure Event Hub||
Data + Analytics
Internet of Things
Azure App Service
|Web + Mobile||Microsoft Azure|
|Content Delivery Network||Web + Mobile||Microsoft Azure|
|API Management||Web + Mobile||Microsoft Azure|
|Azure Notification Hubs||
Web + Mobile
Internet of Things
|Azure IoT Hub||Internet of Things||Microsoft Azure|
|Azure Functions||Compute||Microsoft Azure|
|Visual Studio Team Services||Developer Tools||Microsoft Azure|
|Azure Application Insights||
Monitoring + Management
|Google Maps APIs||Location Services||Google Inc.|
|Google Play Store||App Publishing||Google Inc.|
|Google Home||Voice Services||Google Inc.|
|Amazon Alexa||Voice Services||Amazon.com, Inc|
|Accu Weather||Weather Information||AccuWeather Inc|
|Apple Store||App Publishing||Apple Inc.|
|Security Certificate & Code Sign||Security + Identity||Entrust Datacard|
|Cloud Messaging||Push Notifications||Google Inc.|
|Apple Push Notification||Push Notifications||Apple Inc.|
Silicus, the "cloud transformation" partner
Award Winner at CES 2018
Despite the stringent timelines and the challenges around hardware and Azure IoT platform version changes, Silicus could deliver a fully functional solution that was demonstrated at CES 2018. The innovative IoT enabled smart bathroom product was awarded the “2018 CES Innovation Award” honoree in the Smart Home category.
Scalable & Flexible IoT Platform
Silicus architected an IoT platform that could evolve as more products from the client’s product portfolio were being made IoT enabled. The platform also supported integrations with other 3rd party services and products. The client inherited a powerful and robust IoT platform that could serve as the backbone for its IoT driven digital transformation plans.