
Azure IoT Edge: Microsoft’s 60k LOC open source Rust code base - avalleytank
https://github.com/Azure/iotedge/tree/master/edgelet
======
atinchandel
With my experience of working on +300 IoT projects - In majority IoT
application edge computing is not required, devices generate very less data
and perform simple computing or no computimg at all.In embedded usually it's
better to keep things simple so that cost and bugs can be reduced. Most IoT
application or solutions are usually not adopted due to hardware cost (capex)
so keeping devices processing, memory and development cost low is important.
Few measures can keep IoT deployment secure and you don't need a complex
framework - TPM, Secure Boot, Secure Update and SSL/TLS are enough. I still
see that such IoT framework will only be used in small % of IoT applications.
With public networks getting more reliable and cost effective edge computing
would become more of a maintenance nightmare than benefit.So keeping IoT
devices thin and doing most of the processing on cloud is better. Though I do
agree that in some application IoT endge analytics and computing has value. I
believe we are living in a work of political and technology hype :).

~~~
anonymousDan
What if you have poor/intermittent backend connectivity, low latency
requirements, or are handling sensitive data and don't want to ship it to a
cloud backend? I think there can be a place for this model. Perhaps something
like GDPR can make it more attractive? In the projects you have worked on, was
the primary motivation maintainability or a business need to gather all data
centrally in order to perform some kind of global cross device
analysis/aggregation?

~~~
atinchandel
Dan I agree there is place for this model especially when you want to make
local decisions or produce lot of data (e.g. video). In most of the projects
we handled data required central aggregation.

~~~
veyalla
Using IoT Edge as a gateway is a popular and supported scenario:
[https://docs.microsoft.com/en-us/azure/iot-edge/iot-edge-
as-...](https://docs.microsoft.com/en-us/azure/iot-edge/iot-edge-as-
gateway#patterns)

------
atonse
Update: Oops! confused it with Azure Sphere: [https://www.microsoft.com/en-
us/azure-sphere/](https://www.microsoft.com/en-us/azure-sphere/)

IoT Edge came out of a program in MS research where they determined that for
an IoT device to be truly secure, it has to have a bunch of attributes,
including layers of security from hardware to OS, automatic and
cryptographically signed updates, etc.

And then they set out to build it (and it runs a stripped down Linux kernel).
I think it’s awesome but have no idea how much it’s supposed to cost. The dev
board is $85.

This looks to be some of the low level code for it.

I find it very exciting from what I’ve read.

~~~
walterbell
Azure Sphere looks promising but the Microsoft $85 _Linux_ dev board SDK
requires a _Windows 10_ device with Visual Studio for development. Hopefully
this is not another "Apple does it, so we can too" posture.

If Sphere succeeds, many people will be happy to buy a network router that
comes with 10 years of Microsoft Linux security updates.

MS demo of BASIC on the Sphere cpu in an Altair:
[https://www.theregister.co.uk/AMP/2018/05/21/azure_sphere_go...](https://www.theregister.co.uk/AMP/2018/05/21/azure_sphere_goes_retro_in_its_43_year_old_altair_basic_boots/)

~~~
darzu
Azure Sphere dev here. Like any early project, we had to make many strategic
choices on where to invest limited development time in. There are an endless
number of features and platforms we'd love to support, but Visual Studio is an
obvious first environment to target. I can't give you a timeline, but we're
definitely investing in cross-platform tools.

I must admit I'm disappointed Seeed set such a high price for the dev kit, but
there will be more boards in the future.

~~~
atonse
Thanks for the response. This makes more sense now. I’m very excited about
your project because the #1 reason I am apprehensive of IoT for my clients is
because of its dismal security. It’s also the reason I only use HomeKit for my
House.

Keep it up! This level of multi level security is much needed.

I hope a whole ecosystem springs around it given it’ll be built on a solid
foundation.

As a software person, this gives me more options even though it’s hardware.

~~~
darzu
Out of curiosity, what are the features of HomeKit that give you confidence in
its security? I ask so I can have another data point in my mind.

It's definitely our goal to have a large ecosystem, of both hardware and
software.

~~~
atonse
From day one, HomeKit had hardware PKI (and strong crypto with a hardware
security module on all their devices). All their authentication and messaging
was fully end-to-end encrypted, but again, all _in hardware_. [1]

But the beauty of it was, you never felt that complexity in software as a
customer. It's the proverbial Apple product. The tradeoff is, because you need
this special hardware HomeKit chip, the ecosystem is pretty dull, or too
expensive. And that's held back HomeKit adoption.

After playing chicken with the industry for years, Apple finally gave in and
is allowing software HomeKit devices to get certified now. That actually does
away with some of the security IMO. But that's ok, it bothers me slightly less
to have HomeKit software based lights. Whereas, I wouldn't compromise on that
when it comes to security (like locks on my doors, or the garage door).

Hope that helps.

While I've had aspirations to get more into home automation from the business
side, most of my experience is as a consumer, so weigh my input that way. :-)

[1] HomeKit Accessory Protocol: [https://developer.apple.com/support/homekit-
accessory-protoc...](https://developer.apple.com/support/homekit-accessory-
protocol/)

[2] NodeJS Implementation of it to emulate things:
[https://github.com/KhaosT/HAP-NodeJS](https://github.com/KhaosT/HAP-NodeJS)

------
thedevilherself
Here’s more about the project:
[https://www.google.com/amp/s/www.forbes.com/sites/janakiramm...](https://www.google.com/amp/s/www.forbes.com/sites/janakirammsv/2018/06/30/5-reasons-
why-azure-iot-edge-is-industrys-most-promising-edge-computing-platform/amp/)

The Edge security daemon is the portion that is written in Rust.

~~~
fulafel
Link:
[https://github.com/Azure/iotedge/tree/master/edgelet](https://github.com/Azure/iotedge/tree/master/edgelet)

------
gt640k
I feel this needs more of a description

~~~
outside1234
Its Microsoft! And they wrote a platform in Rust!

~~~
wenc
And only one of the components at that, the rest of the code is in C#.

~~~
systems
that one component seem to be 32.8 percent of the code anyway, this seem like
a none trivial part of this project

------
yellowapple
Sooooo... what exactly is it? All I'm seeing is an endless barrage of
buzzwords.

~~~
david-cako
microsoft trying to get young people working for them.

It just seems to be a containerization/messaging platform. Like all things in
the MS world, it doesn't exist unless it adds 10 new menus and a new
configuration file to existing technology

------
mtgx
Kudos to Microsoft for using Rust. It's a shame Google is attempting to write
a new operating system (Fuchsia) almost from scratch right now, but is
completely missing the opportunity to use Rust so it doesn't have to deal with
_decades_ of memory corruption bugs and other security-related bugs in the
future.

~~~
pjmlp
At least some system parts are written in Go, like TCP/IP stack, file system
mounting utilities and a few other drivers.

Also thankfully they are at least making use of modern C++ instead of C.

While not as safe as Rust, definitely better than plain C.

~~~
josteink
> Also thankfully they are at least making use of modern C++ instead of C.
> While not as safe as Rust, definitely better than plain C.

I see you're pointing a shotgun against your feet. Here, have this AR-15 with
a safety-switch instead.

~~~
pjmlp
Agreed, but I also came to accept these things change quite slowly, when
taking into account existing code, habits and beliefs.

------
mastrsushi
>Iot and Rust

Good God, let's make everything as trendy as possible.

