@@ -254,7 +254,7 @@ The main focus of an IoT network can be, but is not limited to, data collection.
The NMS in this use case usually visualises the collected data metrics and provides them to the end-user and provides a way to make actions based on the data.
The NMS analysis of the collected metrics can be automated, including triggering warnings, alarms, or even taking actions based on discovered abnormal events.
The NMS controls the configuration of the connected devices, and has a two minimum functions:
The NMS controls the configuration of the connected devices, and has often two minimum functions:
1. Establishes trust between the system and the devices.
2. Maintain an inventory of devices that are part of the managed network.
@@ -262,13 +262,13 @@ The NMS controls the configuration of the connected devices, and has a two minim
##### Trust initialisation
To initialize a trust between actors in this type of NMS and connected devices multiple different methods can be used like: stored credentials, usually in the form of pre-installed keys, identity confirming certificates, or unique serial numbers for example.
These credentials are used during initialisation to create the trust between the NMS, the devices and, if present, with the IoT device business logic.
These credentials can be used during initialisation to create the trust between the NMS, the devices and, if present, with the IoT device business logic.
Credential or key initialisation, and key enrollement or establishment limit the NMS's ability to establish a trust between the intended devices, an ability is further limited if these methods require physical access or close proximity to the IoT device.
For example, an IoT device user can pair the IoT device and establish a trust with the NMS through Bluetooth (tm) pairing mechanisms or with a physical cable connection.
Alternatively to preconfigured devices, the manufacturer may install only a single DNS address, that is queried for configuration on the device startup launching a chain of events, that registers the device to a correct network.
How this new device enrolment is excuted, maintained and how the system responds to changes, is a key aspect of the the product.
How this new device enrolment is excuted, maintained and how the system responds to changes, is one of the key aspect of the the product.
Once the trust has been established, the NMS can provide cryptographically protected configuration and update services to the devices at the runtime.
Depending on the NMS architectural design and managed element configurations, the device can either request its configuration from the NMS, or the NMS can push the configuration to the device.
@@ -280,11 +280,14 @@ Independent of any of the host system's capabilities, the NMS can also be remote
##### Inventory management
The second function of an IoT network NMS is to generate, keep, and maintain the inventory of the network.
The secondary function of an IoT network NMS can be to generate, keep, and maintain the inventory of the network.
This inventory holds information about the connectivity capabilities for each networked device.
When new devices are added and a trust is established, the new device extends the network and the inventory is amended.
Similar care needs to be administered, when a device needs to be taken out of the network.
Managing an accurate inventory is not always needed.
Depending on the business logic, and the purpose of the network, the inventory can be for example a list of devices communicated within 24 hour rolling window.
Care needs to be administered, when a device needs to be taken out of the network.
When a rogue device is identified, it is important to be able to isolate the device, and mitigate the potential impact of its actions.
