Introduction
Together, Torizon, a modular Linux platform for embedded devices, and Azure IoT, Microsoft's cloud platform for IoT solutions, offer a compelling combination for developers seeking to build robust and scalable edge computing applications.
By leveraging the strengths of both platforms, developers can efficiently deploy, manage, and monitor IoT devices while ensuring secure and reliable communication with the cloud.
In this blog post, we will explore how Torizon and Azure IoT complement each other, providing a seamless and powerful solution for a wide range of edge computing use cases.
What is Torizon?
Torizon by Toradex is a comprehensive software platform designed specifically for connected embedded systems. Common use cases include Medical Systems, Industrial Controls, and Internet of Things (IoT). It is supported across the entire selection of modern Toradex System on Modules, as well as 3rd party hardware with Torizon support, giving developers flexibility in choosing the hardware that meets their price and performance needs.
Torizon is easily customizable to a wide array of use cases, making it painless for hardware and systems designers to add new devices necessary for their particular application.
When paired with the Torizon Cloud, developers have access to a powerful set of tools to help develop and deploy secure applications while maintaining the ability to monitor, troubleshoot, and update the devices in the field. Torizon also includes development tools, including a VS Code IDE plugin, to allow for rapid application development without needing to be an expert on the entire system.
This streamlined development environment enables efficient prototyping and deployment of IoT solutions across various industries.
What is Azure IoT?
Azure IoT by Microsoft is a cloud-based platform that enables businesses to build, deploy, and manage IoT solutions at scale. It offers tools such as device management, data ingestion, analytics, and machine learning.
Azure IoT provides a scalable infrastructure suitable for a wide range of devices, including sensors and actuators running on MCU parts such as the ESP32 to industrial machinery running on high-end parts with application cores running Linux and/or Windows.
Taking into account the entire Azure ecosystem, Azure IoT can easily connect to other cloud services, such as storage, compute, and AI, making it a powerful platform for building comprehensive IoT solutions.
Torizon Details
The Torizon Ecosystem is a collection of:
- A Toradex Module (or supported 3rd party hardware)
- The Torizon OS
- OS customization tools
- Application development tools and templates
- Ready-to-use containers for embedded system
- Torizon Cloud
Toradex provides prebuilt Operating System (OS) images that can be customized by developers, without the need to learn all the complexities of Yocto. That tooling allows customizations to be applied at the binary level, requiring much less expertise, time, and development system resources.
Once application developers have completed their efforts, the applications can be easily bundled into images that can be flashed with the Toradex Easy Installer.
The Torizon OS is available for Toradex hardware and for supported 3rd party hardware as part of the Common Torizon project.
The Torizon Cloud is an update system based on the Uptane standard, designed to provide a secure and robust system, resilient against nation-state attacks, including many that are unique to update systems. That system can protect against attack scenarios that simple public-private key signing cannot, such as:
- Arbitrary software attack: a malicious actor provides update artifacts that are not legitimate.
That is the common fear and is protected against by simple key signing. - Freeze attack: a malicious actor convinces a device that there are no updates, so known exploits will not be fixed.
- Rollback attack: a malicious actor convinces a device to install an obsolete version of a package that has a known exploit.
- Slow retrieval: a malicious actor delays the installation of updates to continue exploiting a known vulnerability.
- Mix and Match, Partial Bundle, and Partial Freeze attacks: Those types of attacks are possible when multiple packages are needed to make up a complete system, and the malicious actor can convince a device to install an incorrect or untested combination of packages.
During production, the Torizon cloud provides both Over-The-Air and secure offline updates for all components of the system, including the base OS, applications, and the bootloader.
Additionally, a system designer can provide arbitrary payloads to be updated by developing a custom plugin called an action handler. That allows the system to update components, such as locally-attached MCUs running an RTOS image, calibration data, or even marketing and branding assets, allowing fine-grained management of all the artifacts that are used with a production design.
A remote access tool is provided, allowing simple SSH connections to your remotely deployed boards. That connection is tunneled through the Torizon Remote Access server and does not require any open ports on the device. In addition to the standard key-based SSH authentication, additional protection is provided due to the Uptane standard.
A device monitoring system is provided, allowing monitoring of device-side metrics from the central Torizon Cloud dashboard. Those metrics do allow for monitoring device health; keeping track of metrics such as CPU temperature and use, and memory usage.
Additionally, designers can easily add custom metrics for monitoring. Watching trends, both within a device and across a fleet of devices, can allow your operations staff to proactively spot and resolve issues with your deployed devices.
Finally, all of this feature set is protected by Secure Boot, which uses hardware cryptography to verify that all the components of the system (i.e., the file system, kernel, bootloader, etc.) are authentic (i.e., from a known provider and trusted) and unmodified since original installation.
That additional protection provides a great deal of security against attack scenarios that happen outside the scope of the Uptane update system.
Azure IoT Details
The Azure IoT ecosystem consists of the following core components:
- IoT Hub: This is the central hub for connecting and managing IoT devices. It provides features such as device provisioning, telemetry ingestion, device twin management, and cloud-to-device communication. That is the most relevant component of Azure IoT when working with Toradex modules and Torizon.
- IoT Edge: This is the Azure-specific container runtime for deploying models through Azure IoT Hub. This runs on the device and controls container lifecycles that are managed by Azure IoT.
- IoT Central: This is the application delivery platform. That includes application templates implemented as containers that can be used as an alternative to those provided by Torizon. Azure IoT applications are called “modules” but these are essentially Docker containers with included libraries for accessing Azure functionality.
- Device Provisioning Service (DPS): This service provides secure and scalable device provisioning.
- Event Hubs: This data ingestion service can handle millions of events per second, making it ideal for collecting and processing IoT telemetry data.
- Azure Stream Analytics: This real-time analytics engine processes and analyzes streaming data from IoT devices, enabling you to extract valuable insights and trigger actions.
- Azure Sphere: This is a set of firmware images for both MCU and Linux-based hardware running a MediaTek SoC. Using this feature, application developers provide App updates, while Microsoft provides OS updates. That can be used as an alternative to Toradex Hardware and the Torizon OS.
Additionally, Azure provides many other components such as Machine Learning, analytics, serverless computing, and AI services that can be leveraged by application developers.
Combining Torizon and Azure IoT
While some overlap exists between the features offered by Torizon and Azure IoT, developers can selectively choose components from each to address their specific requirements. By incorporating a Toradex System on Module and the Torizon OS, developers can establish a robust and reliable foundation for their industrial applications.
This well-tested, maintained, and supported combination ensures long-term product viability of 10+ years. Toradex guarantees hardware availability for an extended period, and Torizon OS benefits from long-term support based on LTS versions of the Yocto project and the Linux kernel, making it an attractive option for system developers.
Furthermore, the Torizon Cloud empowers operations teams to proactively monitor device fleets for issues, deploy updates to devices, and maintain fleet health throughout the product lifecycle. Integrating Azure IoT Hub enables developers to capitalize on its advanced features. Powerful data analytics and visualization tools can significantly enhance the utility of applications.
The increasing prevalence of applications utilizing machine learning and artificial intelligence functionality underscores the value of leveraging Azure IoT services to accelerate development cycles and expedite market entry.
Developers use Torizon and Azure IoT together in two main ways.
The first approach is to use Torizon to provide the Operating System and updates, while relying on Azure IoT models (containers) for all domain-specific functions, including data capture and modeling. This strategy proves effective when the application templates offered by Azure IoT align precisely with the developer's requirements.
The second approach is to use Torizon for both Operating System and application development and updates. The application templates provided by the Torizon IDE extension encompass general-purpose languages and application frameworks, making them suitable for virtually any application need. In this scenario, Azure IoT serves as the platform for domain-specific data capture, visualization, and modeling.
Both models allow developers to augment applications with additional functionalities provided by Azure IoT, such as machine learning, artificial intelligence, and serverless computing.
One of our clients, Blueshift, employs the first approach described above and has validated its effectiveness. Pitágoras Bandeira, Head of IoT and Partner at Blueshift Brasil, stated:
"We chose Toradex and Torizon based on their reputation as a provider of high-quality hardware with well-supported, maintained, and tested software. Using the Torizon Cloud gives us visibility into device health and allows us to monitor and maintain our devices in the field. Adding Azure IoT gives us telemetry for our application and provides many visualization and analytics features to improve our application greatly."Pitágoras Bandeira,
Head of IoT and Partner,
Blueshift Brasil
Torizon and Azure IoT provide APIs that serve as a programmatic interface for interacting with and controlling either system. These APIs can take advantage of functionalities offered by each system from a command line or other context, meaning that users do not only need to use the Web UIs provided.
This is useful for combining actions in interesting ways that may not be provided as a standard feature, as well as allowing custom UIs or other platforms to take advantage of the features provided by either Torizon or Azure IoT. As a final advantage, these APIs can be used to integrate features into command-line build environments such as your CI/CD setups for automation.
Finally, for organizations already using Azure IoT solutions and investigating hardware and operating systems, Toradex's hardware platforms and Torizon provide a robust and reliable option. Additionally, for designers using third-party hardware, Torizon is a good choice to support their designs throughout the entire product lifecycle. The combined capabilities of hardware and software offer a well-suited foundation for IoT applications.
To explore how Torizon can support your next project, please contact your local account representative or get in touch with us.