Community Blog The Building Blocks of an IoT Architecture

The Building Blocks of an IoT Architecture

IoT is the most sought-after technology today. This article talks about the IoT layered architecture and its management mechanisms for a better understanding of the technology.

The smart home industry has been flourishing for the past two years as this branch of IoT closely relates to users' daily lives. However, in addition to smart homes, there are many other important areas in the IoT field, including onboard vehicle logistics, intelligent healthcare, intelligent communities, basic public services, and intelligent agriculture. As many of the first IoT pioneers transitioned from other specific subindustries related to this field, they had many blind spots in their understanding of IoT, and it was difficult to gain a global perspective.

Drawing on the paper published by IoT experts Daniel Karzel, Hannelore Marginean, and Tuan-Si Tran, "A Reference Architecture for the Internet of Things", as well as my work on various IoT projects, this paper describes the IoT field's layered structure. I believe it may help you in a better understanding of the concept of IoT.

What Is IoT?

IoT stands for "Internet of Things," which means using the Internet to connect different things. The Internet solves many problems that prevented people from communicating with each other, so the IoT connects people as well as things.

A "thing" is an abstract concept. It can be a temperature sensor, a switch panel, an air conditioner, an excavator, or even a housing development or entire city. The definition of a thing depends on our present use case.
As I see it, the IoT is an intersection between the physical and virtual worlds. It essentially maps virtual operations onto real interactions.

Basic IoT Objects

By looking at their functional attributes, the basic IoT objects are the actions performed by things:
Thing = n x Action
Actions are important parameters used to measure the capabilities of things. They determine what the thing itself can accomplish, what it can provide to other things, and what it can obtain from the external world.

Action = n x Situation + Goal
Situations are the natural attributes things exhibit in a given environment, while goals describe the meaning of such natural attributes. To give an example, on Tuesday, April 19, 2016, in John's home at No. XXX XXX Street, West Lake, Hangzhou, a temperature sensor displays 25°C. However, the pure fact that a temperature sensor displays 25°C has no reference value.

It is only with the introduction of the concept of action that we can map the virtual world into the real world for the first time.

By looking at their natural attributes, the primary IoT objects are devices that constitute things:
Thing = n x Device
We can divide the devices into five main types: sensors, controllers, calculators, memory, and tags. They can get grouped in various ways to create one complete thing.
Devices are the start and end points of the IoT. They are essential to the performance and completion of all actions, with a situation being the performance of a device under given conditions.

Layered Structure of the IoT

A typical IoT architecture uses a vertically-layered, horizontally-managed IoT structure that is open at two ends. This structure can be used to describe a wide range of diverse business scenarios.

Device access layers, device management layers, and data warehouses are generally implemented on gateways or PaaS servers and mainly used for data acquisition. The action management layer and Internet of Things layer are typically located on SaaS servers and used to implement certain specific data models. The service integration layer is used to convert the data into a functional form, such as an app or O2O service.

To better understand this structure, we can apply this model in the smart home industry, so that we can think the human -> thing process as a single control and the thing -> IoT layer -> thing process as scenario interaction.

Device Access Layer

The device access layer solves underlying access and communication problems and includes three main components: device discovery, device drivers, and device communication:
• We can divide device discovery into two parts. First, active discovery, which accepts device search commands issued by higher layers and searches for nearby devices in the current environment. Second, passive discovery, where a device uses a specific protocol to send a network entry request to the device access layer. Smart home systems generally use a mix of both methods to add new devices. Devices send network entry requests to the system when they are turned on or restarted and then wait for confirmation from the user, while gateways and mobile phones actively or regularly scan for nearby devices.
• Device drivers are responsible for defining specific communication and control protocols to ensure the normal operation of devices. In precise systems that use cloud pass-through technology, device drivers only need to set communication protocols.
• Device communication serves as a bridge between the device access layer and device management layer. At the same time, it requires establishing device interactions to parse the communication content.
For most things, multiple devices use a single interface through internal pre-processing, simplifying the access process.

Device Management Layer

The device management layer is mainly responsible for controlling devices and obtaining device status information and then converting this into standard data.
This layer is made up of three main components: device registration, device communication, and protocol conversion:
• Device registration registers connected devices in the system. It allocates space and adds descriptions and necessary information.
• Device communication issues control commands and obtain device status information.
• Protocol conversion is a critical component. It is responsible for converting device metadata into standard data for the business organization, data analysis, and other operations at higher layers. Protocol conversion must get integrated with the pass-through module. Currently, the most common and lightweight device intelligence solution is to use WiFi or GPRS for interconnection in the PaaS cloud configuration script parsing module.

The device management layer is the most crucial layer in an IoT system and directly determines the robustness of the system. When implementing this layer, we generally face a question: cloud core or gateway core? The answer depends on the specific business we want to create.

In smart home scenarios, users desire greater convenience, so the LAN cluster control, machine learning-based automation, and other features provided by a gateway system will provide a better experience. In onboard vehicle logistics scenarios, the distances between vehicles are quite far, and the vehicles themselves produce limited content. Hence a cloud core solution would provide advantages in costs and performance.

Most of the cloud service vendors on the market solve device management layer problems and provide simple business processing logic to help manufacturers make intelligent improvements.

Data Warehouse

Data warehouses store all data related to things, including device data and action data.

In practice, there can be more than one data warehouse, for example, one warehouse for device data and one for action data. Device data is unique as the primary data of IoT systems, and we may use it to call multiple actions or even services. Action data is diverse, and we can set it based on actual business needs. For example, we can use movement sensor data from a three-in-one sensor as interconnection conditions in "return home" mode or as trigger conditions in security mode.

Action Management Layer

The action management layer defines the system's core business logic. It is made up of rule definitions, situation definitions, a situation pool, action definitions, and an action pool.
• Rule definitions are clear standards for situation and action development. We may also use them to evaluate the possibility of integrating various situations and actions.
• A situation definition creates a specific situation. Situation definitions get stored in a data warehouse and published in the situation pool.
• The situation pool saves developed situations so that they can get integrated with other situations to form actions.
• An action definition creates a specific action. Actions can contain multiple situations but only have one goal. For example, if we set a refrigerator's temperature to 6°, this action must involve the temperature sensor and cooling unit.
• The action pool saves created actions, which IoT can group into specific business logic.

At this layer, we can give a full description of the form, capabilities, and operating modes of a thing. Such information provides the foundation for an IoT system. Rule definitions measure the intelligence of a thing. For simple sensors and switches, rule definitions only need to define their control points and sensing points. For more complex things, such as refrigerators or cars, rule definition is more complicated. For even more advanced things, like robots, rule definitions must involve artificial intelligence, data mining, and other advanced algorithms.

In the smart home industry, actions can include single control and interaction. Whether single control or interaction, actions all describe the inherent capabilities of a thing and are especially prominent in brown and white goods with relatively complex functions.

IoT Layer

The IoT layer solves the problems of discovery and communication between things. Mostly, it is a management dimension. The IoT layer is made up of four main components: thing communication, action matching, discovery mechanism, and tag system.
• Thing communication is responsible for interaction between things and performs protocol conversion.
• Action matching is used to determine the depth of integration between things.
• The discovery mechanism is responsible for finding other things and establishing associations with them.
• The tag system provides multiple dimensions for thing management. You can use custom tags (such as location, time, and function tags) to classify and manage things.

The IoT layer is the layer that genuinely realizes an Internet of Things. From this layer down, we can ultimately implement the concept of an Internet of Things and even meet the needs of simple things and businesses. However, the ultimate goal of an IoT system is to serve people, so we have to convert this system into a format that allows actual interaction between humans and machines.

Service Integration Layer

The service integration layer allows for the intercommunication of people and things. We can divide it into three main components: man-machine interface, physical services, and service models.
• Man-machine interfaces provide a method for user interaction. They can take the form of an app, a public account, or a webpage.
• Physical services are the form of interaction most desired by users. By perceiving and discovering user needs and directly selecting the most suitable physical service, this method avoids the cumbersome user interaction process to satisfy the requirements of users in a single step. For example, such a service might automatically schedule a delivery when it sees you are out of milk.
• Service models define the methods by which things make their content accessible, for example, by providing interfaces to man-machine interfaces or providing data to a particular physical service.

Just like B2C, O2O, D2C, and other advanced business models made possible by the Internet, IoT is, in itself, only a platform. Without actual service models, it is nothing more than an ultimately meaningless concept.

Security Mechanisms

Security mechanisms must extend throughout the entire IoT system, but they are implemented differently in different layers:
Device Access Layer: Security mechanisms get embodied in the processing capabilities of devices themselves. If a device provides inaccurate measurements or does not have the necessary computing power to perform encryption, there is no point in talking about security.
Device Management Layer: Security mechanisms apply to communication security, such as channel encryption, data encryption, keys, heartbeat connection and verification, and authorization process complexity.
Data Warehouse: Security mechanisms apply to data authenticities, such as data synchronization and SQL injection.
Behavior Management Layer: Security mechanisms apply to the situation and action feasibility, such as infinite loop detection, mutually exclusive condition detection, and fuzzy conditions.
IoT Layer: Security mechanisms apply to management effectiveness, such as malicious device access and action interaction depth (unlimited interaction and performance limit triggering for other things).
Service Integration Layer: Security mechanisms apply to the rigor of user behavior and logic services, such as phishing attacks, data blockages, code decompiling, and packet capturing.

Security is the primary factor hampering the development of IoT systems. It is not only crucial for earning the trust of users but also directly affects the cost of development and operation. The configuration of security mechanisms must comprehensively balance feasibility, business value, actual needs, and other considerations.

Management Mechanisms

Management mechanisms aim to increase system performance. In the different layers, management mechanisms are implemented in broadly the same ways:
Using a "Pool" Structure: Using a data pool, connection pool, or another type of pool to cache frequently used data improves the creation and use logic.
Consistent Standards: Using protocol conversion to achieve consistent metadata standards improves data parsing and encapsulation speed, and streamlines the data structure.
Connection Multiplexing: Merging commonly-used interfaces reduce unnecessary data requests. Merging requests in the many short links of a small lifecycle to create one long chain reduces the time required to establish connections.
Cache Mechanisms: These include message caches, image caches, and I/O caches.
A management mechanism is a long-term iterative process, with performance standards continually increasing as systems are updated.


Although the smart home, onboard vehicle logistics, and intelligent healthcare industries are booming, many projects are yet to be implemented, and there are no associations between these different fields. It seems that many manufacturers are only concerned with getting their foot in the door and competing in the area of standards.

The value of IoT systems lies in the use of massive volumes of data to provide services to people. Data sharing is required for IoT to offer higher value. This means the field of competition should be services, rather than standards.

New to Alibaba Cloud? Sign up for an account and get up to $1200 New User Free Credit to try over 40 products and services. Or visit Getting Started with Alibaba Cloud to learn more.

0 0 0
Share on


1 posts | 0 followers

You may also like


1 posts | 0 followers

Related Products

  • Cloud Enterprise Network

    A global network for rapidly building a distributed business system and hybrid cloud to help users create a network with enterprise level-scalability and the communication capabilities of a cloud network

    Learn More
  • OSS(Object Storage Service)

    An encrypted and secure cloud storage service which stores, processes and accesses massive amounts of data from anywhere in the world

    Learn More
  • Server Guard

    An easy to use service that provides real-time monitoring of servers to ensure high availability

    Learn More
  • Table Store

    A fully managed NoSQL cloud database service that enables storage of massive amount of structured and semi-structured data

    Learn More