IoT Gateway Suite Secures Easy Connectivity


You have probably heard the term Internet of Things (IoT) many times in the recent past, but can you say you really know what it means? Do you know what impact it will have on you and on the work you do? In particular, do you know how it will impact you in the process, factory and building automation industries?


Melissa Topp, Global Director of Marketing, ICONICS,

Internet of Things can mean a variety of different things to different people in different industries. Let’s have a look on some opportunities that the Internet of Things brings to the process, factory and building automation industries in general.

ICONICS is taking steps to leverage this new technology to integrate IoT into one of the world’s most advanced HMI/SCADA, Building Automation, Energy Management and Manufacturing Intelligence packages, along with the benefits that can be achieved.

First, IoT brings a vast communications infrastructure to the process, factory and building automation industries; one that is far beyond anything these industries have typically used in the past. With cloud communications services available from several companies, including Microsoft, Amazon and others spread across the planet, it has never been easier and more cost-effective to connect even the smallest and least expensive devices to a network – and not just to a local network, but to one that spans the globe.

Second, IoT carries vast amounts of processing power to the process, factory and building automation industries. This processing power, which can also be found in the cloud, is scalable from a single CPU with limited memory and disk space, to a large array of CPUs or servers. If used effectively, this processing power can be used to monitor and analyse data, to report events and results, and to solve problems that could never have been solved before.

Third, IoT provides off the shelf scalable software applications that enable monitoring, visualization of data, real time analytics and much more. Because of the openness and standardization in emerging communications protocols, many of these applications will be serviceable with minimal configuration and with little or no middleware.

These are just a few of the important benefits that the Internet of Things can bring to process, factory and building automation applications.

Since relatively few devices actually have the capability to connect to the Internet, to achieve these benefits requires the availability of low-cost bridging devices called gateways. In the IoT world, these gateway devices are called IoT gateways.

What is an IoT Gateway?

An IoT gateway provides the bridge between an on premise communications network and a cloud-based communications network. Sometimes referred to as an Edge device, an IoT gateway provides Southbound data connectivity to the end devices, completely on premise. It also has a Northbound communication path that provides data connectivity between itself and the cloud.

In the case of the process, factory and building automation industries, the Southbound communications protocol is typically an industry standard protocol such as OPC UA, BACnet, Modbus, SNMP or Web services, but it can also be a proprietary communications protocol. The Northbound communication path needs to be highly secure and is often based on a publish/subscribe (“pub/sub”) mechanism. Emerging communication protocols being used for this include Advanced Message Queuing Protocol (AMQP) and Message Queuing Telemetry Transport (MQTT).

IoT and Industrie 4.0 represent the advent of connecting devices, or things, with cloud-based systems to harvest hidden information faster than ever before and to drive business value by providing new services. The value to organisations, line of business applications and customers may be attained in the form of cost reduction, new revenue streams, or an improved customer experience.


IoT Gateway Monitoring – Gateway Location and System Status.

Connectivity is key to achieving these business values. Without being able to connect devices from behind firewalls and securely publish their data to cloud-based applications, organisations will not be able to achieve the promises of advanced analytics through computing power in the cloud.

IoT gateways on premise play an important role in this value chain to securely connect things to the cloud. IoT gateways can function in the form of hardware devices and software add-ons to existing installed applications inside a manufacturing site or building.

IoT Gateway Security and Device Management

IoT gateways need to be designed with high security in mind because they serve as a bridge between the data stored on premise and the outside world. Intel has designed an IoT gateway platform that enables Original Design Manufacturers (ODM) to provide sophisticated IoT gateways that come with advanced security. These security features include unique hardware IDs, secure boot, whitelisting, and disabling on board peripherals like USB and com ports.

With Linux, Windows 10 IoT Core and Windows 10 IoT Enterprise LTSB, we are seeing two major operating system platforms emerging as the cornerstone of IoT gateways. In addition to enhanced security features, edge management is also very important, as IoT gateways need to be managed remotely once they come online and register with the cloud.

Remote management and configuration of IoT gateways is imperative to provide efficient and cost effective gateway management. Over-the-air update capabilities will push software updates for the operating system and onboard data communication software.

Target markets for IoT gateways are generally smart buildings or manufacturing applications. Manufacturing applications may require a more robust gateway design for industrial environments. Manufacturing networks are often isolated from the business network and the IoT gateway will require two Ethernet adapters to bridge both networks and securely communicate data to the cloud.

Introduction to the IoT Gateway Suite

The ICONICS IoT Gateway Suite communicates to Microsoft Azure or third-party applications using the most popular transport protocols. Once the IoT Gateway is online, it will register with the IoT Hub so that it can authenticate and send and receive data.

Acting as a secure message broker, the IoT Hub will allow for remote device management, provisioning and configuration. Configuration of the IoT Gateway Suite includes onboard energy, building and industrial protocol point managers (BACnet, OPC UA, Modbus and Web services).

Security is inherently built in and provided through the Azure subscription. Relying on Azure security makes ICONICS’ IoT Gateway Suite one of the most secure in the market and, as a result, can be safely configured from anywhere in the world.

Communication between the IoT Gateway Suite and the Azure IoT Hub is accomplished via a publish/subscribe method using the bi-directional AMQP transport protocol supported by Microsoft. The IoT Gateway Suite publishes its messages to the IoT Hub independently from the subscribers that will ingest the data.


ICONICS IoT Gateway Suite System Architecture.

This decouples the gateway from the consuming applications and services in the cloud. The Azure IoT Hub acts a message broker between the gateway and the connected subscribers, which are the consuming applications.

These consuming applications will be ICONICS GENESIS64, Hyper Historian, AnalytiX and MobileHMI, which are ready to subscribe to the IoT Hub and ingest data provided by the IoT Gateway Suite. This makes the IoT Gateway Suite a perfect fit for edge-to-cloud applications taking advantage of Microsoft’s Azure IoT Suite services.

The IoT Gateway Suite is also capable of delivering data to third-party applications such as ERP, MES and other enterprise applications running in private or in public clouds other than Azure. The IoT Gateway Suite will provide data to third-party applications using Representational State Transfer (REST) and MQTT as established IoT transport protocols. This allows ICONICS to provide the most flexible cloud and IoT solutions in the marketplace.

While the IoT Gateway Suite can be implemented as a software layer on top of an existing PC or workstation application, the real power of an IoT gateway is in the implementation of low-cost hardware devices that can be placed in remote locations or just about anywhere there is information to be collected.

There are a number of vendors that offer a low-cost communications gateway platform, off the shelf. ICONICS’ IoT Gateway Suite will operate on devices running Intel’s Atom processor and Windows 10 IoT Enterprise LTSB (Long Term Service Branch). Hardware manufacturers typically offer several communications options that can include Ethernet, Wireless Ethernet (Wi-Fi), 3G or 4G wireless, ZigBee, Bluetooth, USB ports, and either RS232 or RS485 serial ports.

The following image shows the overall system architecture of the IoT Gateway Suite and depicts how data is ingested by ICONICS software, running in Azure, to provide mobile and analytics solutions for remote monitoring. It also demonstrates the concept of providing data to third-party business applications via REST and MQTT.

Establishing Secure Cloud Connectivity 

IoT gateways are cost-effective and easy to deploy with secure communication to the cloud. Facility Directors and Energy Managers now have a great tool at their disposal to quickly deploy proof of concept and production grade applications. The IoT Gateway Suite is provisioned and communicates data securely via the Microsoft Azure IoT Hub, taking advantage of the inherent security features that come with an Azure subscription.

The IoT Gateway securely publishes on premise data to the Azure IoT Hub. The ICONICS IoT solutions do not stop at simply providing data to the cloud and leaving it up to the customer to custom write value-added mobile and analytics applications. The off-the-shelf visualization, analytics and mobile products, running in the Azure cloud, subscribe to the IoT Hub and readily ingest the data from the Azure IoT Hub, enabling customers to easily create SCADA, Smart Building, Historian, and mobile applications.

Deployment of the IoT Gateway Suite is quick and easy. Once connected to the onsite network, the IoT Gateway will self-register with a Web service and let ICONICS know that it is alive and ready to communicate. Through secure communications via the Azure IoT Hub, an ICONICS provision and configuration Web site will display the IoT Gateway’s location on the map and provide system health monitoring information for the operating system’s important processes.

The IoT Gateway’s onboard communications, including BACnet, SNMP, Modbus, OPC and more, can be configured remotely from a Web interface. For example, the ICONICS IoT Gateway Suite will be able to discover a building’s BAS controllers on the BACnet network and publish data to the IoT Hub.