The Device’s MCU which is the “heart and brain” of the device, is connected to some communication module. In most cases this module is capable of sending and receiving data chunks to and from some remotely located computer. Regardless of the nature of the communication technology, the resulting system consisting of the Device, remote computer and communication technology in between is capable of transmitting “messages” – organised data which is understandable by both Device and remote computer.
In a way MCU is just “asking” communication module to deliver (send or receive) data to/from remote system. Such a setup works perfectly fine in case MCU and remote system are speaking “same language”: both understands each other’s commands. In case the remote system wants some kind of authentication, the communication becomes more and more complicated: MCU needs to know all the authentication protocols added on top of communication level, and to understand all the commands required for the authentication process. It also need to know some “secrets” – credentials needed for the authentication math to work.
In case there is more than one remote system to which MCU would potentially need to communicate, MCU needs to take care of determining right address, the exact type of authentication procedure and, most likely, to present a different set of credentials to each system. Moreover, these credentials needs to be saved inside the Device’s permanent memory during the manufacturing phase.
CONNAX offers a set of tools which resides “aside” of the main communication channel (not to put the core business at high risk) and provides the service of remote provisioning of all the credentials. It also takes care of the communication protocol details (authentication, signing etc).
CONNAX technology consists of two parts:
- The one resides inside the device (as a software library incorporated into the MCU’s firmware or, optionally, as a separate hardware module connected to MCU). The name of this part is UTIM (Universal Thing Identity Module) and it is responsible for negotiating, generating and storing credentials as well as maintaining communication protocol(s) with remote system(s);
- The middleware which resides at the networks side (it’s name is UHOST) is responsible for managing the UTIM’s and directing them to the correct remote systems.
The middleware (UHOST) acts as a proxy during the device’s initialisation: it determines what is this device, which remote system it shall communicate to. Once determined, the UHOST helps UTIM and the remote system to negotiate the unique set of credential specific to this particular device, verifies that direct communication between the two of them works correctly and finally steps aside: it sends the UTIM an instruction “from now on please do communicate to your remote system directly”.
UHOST software could act as a separate system or, optionally, could be incorporated into Mobile application to perform the initial configuration of the nearby devices using some local communication channel (eg. Bluetooth or WiFi).
Value-adds that CONNAX technology brings to its customers:
- IoT device manufacturers tend to have significant amount of customers all around the globe, and the utilities procurement process is lengthy, complicated and varies across countries and companies, it shall be a complex logistics task to predict which devices (eg. electricity meters) are going to which customer while these devices are in manufacturing or planning stage.
- Utilising CONNAX technology could reduce logistics expenses by manufacturing all the devices having a single uniform firmware image (per device type). Once the particular device will go online first time, it will obtain all the individual configuration details and connection credentials from a CONNAX middleware (running as a part of IoT device manufacturer infrastructure).
- Same technology provides the freedom to choose which server-side infrastructure to use: depending on the utility’s preferences it could be fully managed by IoT device manufacturer cloud AIM service, it’s on-premises installation or even a custom service owned and operated by utility: CONNAX technology makes it possible to switch between different endpoints and authentication models without updating the device firmware.