IOT Systems Management

1. Need for IOT Systems Management

2. Simple Network Management Protocol (SNMP)
3. Limitations of SNMP
4. Network Operator Requirements
5. NETCONF
6. YANG
7. IOT Systems management with NETCONF-YANG
Need for IOT Systems Management
IoT systems are normally distributed systems consisting of heterogeneous h/w, s/w,
network resources, interfaces, protocols, data collection & analysis services.
Managing such systems require advanced management capabilities.

• Automating Configuration
• Devices can be configured automatically through system
management interfaces.
• This can ensure that all devices have the same configuration, and
thereby one can avoid variations & errors due to manual
configuration.
• Monitoring Operational & Statistical Data
• Operational data refers to system’s operating parameters collected
at runtime.
• Statistical data describes the system performance (CPU/memory
usage)
• Such data need to be monitored for fault diagnosis and prognosis.
Contd..
• Improved Reliability
• By having a management system one can validate the system
configuration before it is applied.
• This will enhance system reliability.

• System Wide Configurations

• Ensuring the desired system configuration across multiple
devices is a challenging task.
• When devices are configured separately, it may lead to
system faults or undesirable outcomes.
• This may be due to some devices running on old
configuration settings and others running on new settings.
• This can be avoided by implementing system-wide
configuration where all devices are configured in a single
atomic transactions. (“either all are or none” are configured).
• In case of any failure while configuring, devices can roll-back
to old settings.
Contd..
• Multiple System Configurations
• When different devices require different configuration based
on certain conditions or timings, this can only be done easily
through a proper system management tool.
• Without this it will be difficult to configure devices.

• Retrieving & Reusing Configurations

• Using a suitable IoT management system it is possible to
retrieve the configuration settings of an existing device and
reuse the configuration in other devices of the same type.
• Thus, new devices can be configured in less time.
 Simple Network Management
Protocol (SNMP)

• SNMP is a well-known and widely used network

management protocol that allows monitoring
and configuring network devices such as
routers, switches, servers, printers, etc.
• SNMP is an application layer protocol that uses
User Datagram Protocol (UDP) as the transport
protocol.
• Components of the SNMP are:
• Network Management Station (NMS)
• Managed Device
• Management Information Base (MIB)
• SNMP Agent that runs on the device
Working of SNMP
• Network Management Station (NMS) gives SNMP
commands to monitor & configure the Managed devices.
• Each managed device has a Management Information Base
(MIB) which stores the device attributes to be managed.
• The SNMP agent serves as the interface.
• MIB uses the Structure of Management Information (SMI)
notation to manage data which are essentially variables
identified by Object Identifiers (OIDs).
• Management applications can get or set the values of these
variables by referring to their OIDs.
Limitations of SNMP
• SNMP is stateless in nature and each SNMP request contains all
the information to process the request. The application needs to
be intelligent to manage the device.
• SNMP is a connectionless protocol which uses UDP as the
transport protocol, making it unreliable as there is no support for
acknowledgement of requests.
• MIBs often lack writable objects without which device
configuration is not possible using SNMP.
• It is difficult to differentiate between configuration and state data
in MIBs.
• Retrieving the current configuration from a device can be difficult
with SNMP.
• Earlier versions of SNMP did not have strong security features.
Network Operator Requirements
Internet Engineering Task Force (IETF) has specified the following
operator requirements for efficient management of networks.
• Ease of use
• Operators should find it easy to manage the network functions.
• Distinction between configuration and state data
• Configuration data are writable data required to transform the
system from an initial state to the current state.
• State data (includes operational & statistical data)
• Fetch configuration and state data separately
• Both the types of data should be fetched separately in order to
compare different devices on the basis of performance & other
criteria.
• Configuration of the network as a whole
• Operators should be able to configure devices as a whole rather
than individually to ensure correct operation.
• Configuration transactions across devices
• Should be possible to configure all devices as a
transaction (“either all or none”).
• Configuration deltas
• Should be possible to move from one configuration state
to another with minimum state changes.
• Dump and restore configurations
• Should be possible to dump configurations from devices
and restore in other devices.
• Configuration validation
• Validate configuration before applying.
• Configuration database schemas
• Need for standard configuration schemes across
operators
• Comparing configurations
• Should be possible to compare configuration settings of
devices.
• Role-based access control
• Access to devices should be controlled for limited operations.
(get/set parameter)
• Consistency of access control lists
• Should be possible to do consistency checks.
• Multiple configuration sets
• Support for multiple configuration settings
• Support for both data-oriented and task-oriented
access control
• SNMP access control is data-oriented
• CLI (Command Line Input/Interface) access control is task-
oriented
• There should be support for both.
NETCONF
• Network Configuration Protocol (NETCONF) is a session-based network
management protocol. It is a connection-oriented protocol.
• NETCONF allows retrieving state or configuration data and manipulating
configuration data on network devices.

Layered Architecture
 NETCONF
• NETCONF works on SSH (Secure Shell) transport protocol. SSH is a
cryptographic network protocol used to access the network devices and
servers over the internet. One could use Transport Layer Security (TLS)
protocol also.
• Transport layer provides end-to-end connectivity and ensures reliable
delivery of messages.
• NETCONF uses XML-encoded Remote Procedure Calls (RPCs) for framing
request and response messages.
• The RPC layer provides mechanism for encoding of RPC calls and
notifications.
• NETCONF provides various operations to retrieve and edit configuration
data from network devices.
• The Operations layer provides various operations to retrieve and edit
configuration data from network devices.
• The Content Layer consists of configuration and
state data which is XML-encoded.
• The schema of the configuration and state data is
defined in a data modeling language called YANG.
• NETCONF provides a clear separation of the
configuration and state data.
Ex: <get-config> retrieves only configuration data.
<get> can retrieve both configuration & state data.
• The configuration data resides within a NETCONF
configuration datastore on the server.
• The NETCONF server resides on the network
device.
Commonly used NETCONF operations
Working of NETCONF

• In order to manage a network device, the client establishes

a NETCONF session with the server (device).
• Once the connection is established the client & device
exchange “Hello” messages which contain their capabilities.
• Next the Client can send requests to retrieve/edit
configuration data.
• Since NETCONF is connection oriented, the connection
persists between operations.
• NETCONF overcomes the limitations of SNMP and is suitable
for monitoring state information as well as for configuration
management.
YANG
• YANG ( Yet Another Next Generation )is a data modeling language used to
model configuration and state data that are manipulated by the NETCONF
protocol
• YANG modules contain the definitions of the configuration data, state data,
RPC calls that can be issued and the format of the notifications.
• YANG modules defines the data exchanged between the NETCONF client
and server.
• A module comprises of a number of 'leaf' nodes which are organized into a
hierarchical tree structure.
• The 'leaf' nodes are specified using the 'leaf' or 'leaf-list' constructs.
• Leaf nodes are organized using 'container' or 'list' constructs.
• A YANG module can import definitions from other modules.
• Constraints can be defined on the data nodes, e.g. allowed values.
• YANG can model both configuration data and state data using the 'config'
statement.
IOT Systems management with NETCONF-YANG

• Management System
• Management API
• Transaction Manager
• Rollback Manager
• Data Model Manager
• Configuration Validator
• Configuration Database
• Configuration API
• Data Provider API
• Management System (MS)
• An operator uses the MS to send NETCONF messages to configure
IoT devices and also receives state information & notifications from
the devices.
• Management API
• The API allows management applications to start NETCONF
sessions, read & write config data, read state data, retrieve
configurations, and call RPCs.
• Transaction Manager
• It executes all NETCONF transactions ensuring the ACID properties.
• Atomicity: ensures that transactions are executed either completely
or not at all.
• Consistency: ensures that a transaction brings the device
configuration from one valid state to another.
• Isolation: ensures that concurrent execution of transactions result
in the same device configuration as if transactions were executed
serially in order.
• Durability: ensures that once a transaction is committed the
resulting state will persist.
• Rollback Manager
• Responsible for rolling back to a previous configuration, if necessary
• Data Model Manager
• Keeps track of all the YANG data models and the
corresponding managed objects.
• Keeps track of the applications which provide data for the
data models.
• Configuration Validator
• Checks if the resulting configuration after applying a
transaction would be a valid configuration.
• Configuration Database
• Contains both configuration & operational data.
• Configuration API
• Through the APIs the IoT applications can read configuration
data from the configuration datastore and write operational
data to the operational datastore.
• Data Provider API
• Through this API, applications can report statistical &
operational data. Applications register for callbacks for
various events to receive data using this API.
• Why does the IoT system have to be self-adapting and self-configuring?

• Ans. Dynamic & self-adapting: IOT devices and systems may have the
capability to dynamically adopt with the changing context and take
actions based on the operating conditions, user’s context , or sensed
environment.

• Self-Configuring: Iot devices may have self-configuring capability,

allowing a large number of devices to work together to provide certain
functionality such as weather monitoring. These devices have the ability
configure themselves , setup the networking , and fetch latest software
upgrades with minimal or user intervention.
• What is the role of things and Internet in IOT ?

• Ans. The Internet of Things (IoT) is the internetworking of

physical devices, vehicles (also referred to as "connected devices"
and "smart devices"), buildings and other items—embedded with
electronics, software, sensors, actuators, and network connectivity
that enable these objects to collect and exchange data.

• What is the role of a coordinator in wireless sensor network ?

• Ans. A Wireless Sensor Network (WSN) consists of a number of

end-nodes and routers and a coordinator. Routers are responsible
for routing the data packets from end-nodes to the coordinator.
The coordinator collects the data from all the nodes. Coordinator
also acts as a gateway that connects the WSN to the Internet.
• What is the function of communication functional block in an IOT
system?

• Ans. The Internet of Things (IoT) system consists of number of

functional blocks that provide the system the capabilities for
identification, sensing, actuation, communication, and management. The
communication block handles the communication for the IOT system.

• What are the architectural constraints of REST?

• Ans. REST ( Representational State Transfer ) APIs follow the request-

response communication model. The REST architectural constraints
apply to the components , connectors, and data elements within a
distributed hypermedia system. The REST architectural constraints are:
Client-Server, Stateless, Cache-able, Layered system, Uniform interface,
and Code on demand.
• What is the role of a controller service in an IoT system?

• Ans. Controller service is a native service that runs on the device and
interacts with the web services. Controller service sends data from the
device to the web service and receives commands from the application
via web services for controlling the device.

• Which communication protocols are used for M2M local area

networks?

• Ans. M2M uses proprietary or non-proprietary based communication

protocols for communication within the M2M area network. Commonly
uses M2M protocols use ZigBee, Bluetooth, Modbus, M-bus, Wirless
M-bus, Power Line Communication (PLC), 6LoWPAN, IEEE 802.15.4,
Z-Wave etc.
• How do data collection and analysis approaches differ in M2M and IoT ?

• Ans. M2M data are collected in point solution and often in on-premises
storage infrastructure. The data in IoT are collected in the cloud and can
be public, private or hybrid cloud.

• What are the differences between SDN and NFV.

• Ans. Software Defined Networking (SDN) is a networking architecture

that separates the control plane from the data plane and centralizes the
network controller. Key elements of SDN include centralized network
controller, programmable open APIs and a standard communication
interface. Network Function Virtualization (NFV) is complementary to
SDN and leverage virtualization to consolidate the heterogeneous
network devices onto industry standard high volume servers, switches
and storage.
• What is the function of a centralized network controller in SDN ?

• Ans. With decoupled control and data planes and centralized network
controller, the network administrators can rapidly configure the network.
SDN applications can be deployed through programmable open APIs.

• What is the difference between configuration and state data ?

• Ans. Configuration data is the set of writable data that is required to

transform the system from its initial state to its current state. State data is
the data which is not configurable. State data includes operational data
which is collected by the system at run time and statistical data which
describes the system performance.
• What is the role of a NETCONF server ?

• Ans. The NETCONF server resides on the network device. The

management application plays the role of a NETCONF client. For
managing a network device the client establishes a NETCONF session
with the server. When a session is established the client and server
exchange messages which contain information on their capabilities.

• What is the function of a data model manager ?

• Ans. The data model manager keeps track of all the YANG data models
and the corresponding managed objects. The Data Model manager also
keeps track of the applications which provide data for each part of a data
model .