For IoT applications to deliver transformative business value, you need a reliable IoT device management solution that ensures devices are up to date, secure, and always accessible. Pelion provides lifecycle management for any device, managed from the cloud, on-site, or through gateways.
Get to market quickly with a turnkey solution
- Enjoy the freedom to focus on your value-add by using a proven infrastructure with a pre-integrated offering across any OS/client/server. Leverage device hardware and software expertise of the Izuma team.
Future-proof your IoT deployment
- Manage any device connected on any network remotely with Over-the-air secure delta updates, component updates and scale your IoT footprint seamlessly from pilots to production.
Comprehensive chip-to-cloud security
- Ensure complete trust in your deployed devices by combining factory-built security with secure onboarding, over-the-air firmware updates and security fixes throughout their operational life.
Izuma Connect (formerly Pelion Device Management Client) is a proven ANSI-C library which can drop in to most microcontroller RTOS or bare metal builds. Izuma Connect provides secure connectivity to any Izuma Cloud instance.
Connect works together with Izuma Cloud to provide complete lifecycle management of a product.
At manufacturing time…
Using tooling available for Izuma Connect, indivudal certificates can be generated for every device manufactured. The team at Izuma Networks has extensive experience working with major contract manufacturers. This means our tools easily fit into the workflow expected by a major factory operator.
Initial certificates can take two approaches:
- Use a certificate chain which uses Izuma Networks global bootstrap services to associate itself dynamically with a cloud at initial onboarding.
- Use a certificate chain which always requires a device to be associated with a specific cloud instance. (This is a good option for isolated networks.)
At initial onboarding time…
When a new device running Connect is connected to the Internet it will either reach out to the global bootstrap service or to a specific cloud instance. Bootstrapping moves the device from a manufactured state to a live state on the cloud network. During this process the device is provided a new certificate specific to both the cloud it will use and the account in this cloud. For an end-user this might look like a simple step of punching in a code to an App, or scanning a QR code. Izuma Cloud provides APIs which will allow flexibility in how the onboarding experience should operate.
After an initial onboard the device is securely connected to a specific account in a cloud instance, and it cannot be bound to another account unless released by the cloud and / or through a firmware reset. These are options configurable by the developer.
At upgrade time…
Once devices are in the field at some point their firmware will need to be upgraded. Izuma Networks provides very robust APIs and processes for upgrades, which allow for secure firmware updates. For devices on constrained networks networks their are delta update features which send only changes to the firmware, and also gracefully handle network timeouts and restarts.
Upgrades can be performed very granualarly or across many devices at once. Firmware updates can also upgrade specific portions of a firmware image, or specific subsystems as needed. The firmware update APIs are built for flexibility.
Upgraded images are signed for security, using the certificate chain specific to a cloud instance and / or to a manufacturer. Connect provides hooks to use secure boot facilities if available on the hardware, and supports TPM 2.0 along with hooks for other dedicated secure silicon or features such as TrustZone.
When configuring devices & moving data…
Izuma Networks products are data schema agnostic. This means your data path can be entirely seperate from your Izuma Cloud instance if desired. Furthermore, Connect can help manage your own certificate chains for your own data connections.
You can also use our built in LwM2M APIs. Connect includes full LWM2M support over CoAP/UDP with full DTLS support. Once data arrives in your Izuma Cloud instance, you can retrieve it and setup webhooks with our APIs. Data can be browsed through in the Device Directory web interface.
At the firmware level, using the Izuma Connect libraries, different routines can react to changes in LWM2M data paths. Developers can focus on device functionality, not the transports needed to make communication happen.