Go Down

Topic: Ideas and interest survey for Modbus REST IoT Arduino Platform (Read 613 times) previous topic - next topic


Hi there,

At AgroMe Inc. (Toronto, Canada http://www.agrome.com) We have developed a POC of an IoT platform for the Arduino that implements Modbus over REST. It is meant to be very light weight so it can be implemented from the smallest of boards like the Uno and Micro, using for example a WiFi board based on the ESP8266 or similar. The platform is meant as an alternative to MQTT based on Modbus.

We are thinking about open sourcing the code and dual-licensing to create a community edition and would like to get a feel on how much interest there is around this idea and see if there is any interest in collaboration for open development of the platform. One of the ideas would be to host a server of the community edition so that people could sign-up and play around with Modbus based IoT w/o having to do any server code themselves. This would allow us to test the scalability and security of the platform, and at the same time provide a free simple IoT option for your everyday Arduino hacker, but doesn't want to set-up or develop the IoT server part.

First question is: which of the communities and/or forums is best to present and discuss this idea and where it is likely to gain more traction?

About the platform:

It's built with the Mojolicious Web Framework (http://mojolicious.org) and PostgreSQL as the backend database. It uses Mojo::Pg for non-blocking I/O, and it's completely stateless REST (really RESTful) so it should scale pretty well. In terms of security we are planning several levels:

Level 0: First and foremost, all requests from the Arduino are outbound from the client network. This is a bit of a twist on Modbus since the Arduino will POST it's status periodically to a server upon startup. Thereafter it will fetch commands that are queued on the server. This scheme provides auto-discovery and avoids the need to open any in-bound ports on the client's network. Yes, it's poll/response but at the same time it's very light weight REST. Perhaps in future versions we can leverage some publish-subscribe mechanism over HTTP, but the whole point of the platform is KISS.

Level 1: Simple symmetric encryption of the Modbus data over plain HTTP with a set of keys that are flashed into the Arduino Eprom at factory, offering end-to-end encryption along with other cryptograms to help in the authentication of the request and payload. The HTTP auth-level protocol we are designing is a light-weight version of Digest with one time use (client and server) nonce values. The whole idea is to avoid the overhead of HTTPS and offer simple and secure entry-level IoT with just a few lines of code.

Level 2: Provide an HTTPS proxy. By means of a proxy, you could easily transport over HTTPS and even use mutual SSL authentication, etc. Boards like the Yún could serve as proxies for Level 2. The vision here is a distributed control system where you could have hundreds or thousands of small Arduino boards on a WiFi LAN(s) proxying trough on or more HTTPS proxies to the outside world.

Level 3: Tor.

Anyway these are some of the ideas and vision for the platform.

Let us know your comments and interest (or not) in such a project.

Alejandro Imass (Alex)
Founder, AgroMe Inc.

Go Up