This project is co‐ funded by the European Union Page 1 of 6 Part of the FI‐PPP Grant Agreement no. 632838 FINODEX ‘Future INternet Open Data Expansion’ COMBINATION OF COLLABORATIVE PROJECT & COORDINATION AND SUPPORT ACTION Information and Communication Technologies Deliverable 3.1 v2 FI‐PPP Technologies training materials Due date of deliverable: 31/05/2015 Actual submission date: 26/05/2015 Start date of project: 01/06/2014 Duration: 27 Months Contact person responsible for this deliverable: Mr Stefano de Panfilis Organisation name responsible for this deliverable: Engineering – Ingegneria Informatica S.p.A. Project co‐funded by European Commission within the Seventh Framework Programme Dissemination level PU Public X PP Restricted to other programme participants (including the Commission Services) RE Restricted to a group specified by the consortium (including the Commission Services) CO Confidential, only for members of the consortium (including the Commission Services)
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
This project is co‐funded by the European Union
Page 1 of 6 Part of the FI‐PPP
Grant Agreement no. 632838
FINODEX ‘Future INternet Open Data Expansion’
COMBINATION OF COLLABORATIVE PROJECT & COORDINATION AND SUPPORT ACTION
Information and Communication Technologies
Deliverable 3.1 v2 FI‐PPP Technologies training materials
Due date of deliverable: 31/05/2015 Actual submission date: 26/05/2015 Start date of project: 01/06/2014 Duration: 27 Months Contact person responsible for this deliverable: Mr Stefano de Panfilis Organisation name responsible for this deliverable: Engineering – Ingegneria Informatica S.p.A.
Project co‐funded by European Commission within the Seventh Framework Programme
Dissemination level
PU Public X
PP Restricted to other programme participants (including the Commission Services)
RE Restricted to a group specified by the consortium (including the Commission Services)
CO Confidential, only for members of the consortium (including the Commission Services)
Deliverable 3.1. v2 FIWARE Technologies training materials
Deliverable 3.1v2 FI‐PPP Technologies training materials
This project is co‐funded by the European Union
Page 3 of 6 Part of the FI‐PPP
SUMMARY This is a compilation of materials related to the FIWARE training of the potential proposers. The training materials on FIWARE technologies are divided into:
‐ YouTube Channel videos at www.youtube.com/user/finodexproject where during the project lifetime different materials will be generated and playlists related to FIWARE training (adding contents from third parties) in order to have an organised pool of videos to help proposers.
‐ Annex1 Summary of FIWARE technologies ‐ Annex2 Presentations on FIWARE technologies (done at different events)
Deliverable 3.1v2 FI‐PPP Technologies training materials
This project is co‐funded by the European Union
Part of the FI‐PPP
ANNEX 1. SUMMARY ON FIWARE TECHNOLOGIES INCLUDING A PRESENTATION ON FIWARE TECHNOLOGY SEMINARY.
Deliverable 3.1v2 FI‐PPP Technologies training materials
This project is co‐funded by the European Union
Part of the FI‐PPP
ANNEX 2. PRESENTATIONS ON FIWARE TECHNOLOGIES Including presentations on the basic FIWARE features, namely:
1. FIWARE Introduction
2. FIWARE LAB Cloud Portal
3. FIWARE Context Broker
4. FIWARE Overview of GEs
5. FIWARE IoT
6. FIWARE CEP
7. FIWARE IdM
8. FIWARE GE Architecture - samples
All these presentations are mainly intended to developers (SMEs, Entrepreneurs) to understand and improve their knowledge on FIWARE Platform (the slideshows were presented during the info days events).
1. FIWARE Introduction FIWARE Introduction presentation is the starting point to introduce interested users to the FIWARE Platform. The presentation contains the definition of "FIWARE Platform", what it is and how to use the FIWARE Technologies.
2. FIWARE LAB Cloud Portal FIWARE LAB Cloud Portal presentation introduces the cloud portal of FIWARE. It contains the steps to be followed to create virtual machines and how to connect to them via SSH.
3. FIWARE Overview of GEs FIWARE Overview Generic Enablers presentation defines a list and a short description of the Generic Enablers available in the FIWARE Catalogue.
4. FIWARE Context Broker This is maybe the most important FIWARE Generic Enabler. This presentation provides an overview of Orion Context Broker, how to work and how to use it in order to create the context information. The last sections are dedicated to advanced functionalities.
5. FIWARE IoT FIWARE Internet of Things presentation explains how to use the devices/sensors to transform the information of physical world in to data.
6. FIWARE CEP FIWARE Complex Event Processing presentation defines the patterns and rules about the context information for the Context Broker GE.
Deliverable 3.1v2 FI‐PPP Technologies training materials
This project is co‐funded by the European Union
Part of the FI‐PPP
7. FIWARE IdM FIWARE Identity Management presentation shows the aspects related to authentication and authorization based on the OAuth 2.0, how to manage the identities and the organizations.
8. FIWARE GE Architecture - samples FIWARE Generic Enabler Architecture is a presentation that shows how can be realized some architectures by using FIWARE technologies starting from some practical examples..
This project is co‐funded by the European Union
Page 1 of 9 Part of the FI‐PPP
FINODEX INTRODUCES
TECHNOLOGIES
Deliverable 3.1v2 FI‐PPP Technologies training materials
TECHNOLOGIES TRAINING MATERIALS The Technologies training materials is divided in seven macro area:
1. Cloud Hosting 2. Data/Context Management 3. Advanced middleware and interfaces to Network and Devices (I2ND) 4. Advanced Web‐based User Interface 5. Security 6. Internet of Things Services Enablement 7. Applications/Services and Data Delivery
The figure shows the chapters and for each chapters the Generic Enablers.
1. CLOUD HOSTING The Generic Enablers for Cloud Hosting chapter are:
1.1. IaaS Resource Management GE ‐ FIWARE Implementation This GE provides the facilities to provision virtual machines, as well as to associated compute, storage and network resources. The implementation is based on OpenStack ‐ the rapidly emerging open source project providing cloud infrastructure middleware, being adopted by the wide ecosystem of organizations across the various industry sectors.
Deliverable 3.1v2 FI‐PPP Technologies training materials
1.2. Monitoring GE ‐ FIWARE Implementation Monitoring GE ‐ TID Implementation is the key component to allow incorporating monitoring and metering mechanisms in order be able to constantly check the performance of the system, but the architecture should be easily extended to collect data for other required needs. Monitoring involves gathering operational data in a running system.
1.3. Object Storage GE ‐ FIWARE Implementation This Generic Enabler Implementation provides robust, scalable object storage functionality based on OpenStack Swift. The OpenStack Swift API provides a standardised mechanism to manipulate both the binary objects that are stored, and the hierarchy of containers in which they are organised. This RESTful API can be accessed from any client technology that can communicate over HTTP. By leveraging OpenStack Swift, all the benefits of this rapidly maturing open‐source cloud storage solution can be realised. The highly‐available, distributed, and scalable features of swift can be exposed using commodity hardware.
1.4. PaaS Manager ‐ Pegasus Pegasus orchestrates the provisioning of the required virtual resources at IaaS level and the installation and configuration of the whole software stack of the application, taking into account the underlying virtual infrastructure. It provides a flexible mechanism to perform the deployment, enabling multiple deployment architectures: everything in a single server, several servers, or elastic architectures based on load balancers and different software tiers. Pegasus is a easy way to deploy your applications in the FIWARE Cloud.
1.5. Policy Manager ‐ Bosun The Policy Manager GE provides the basic management of cloud resources based on rules, as well as management of the corresponding resources within the FIWARE Cloud Instance like actions based on physical monitoring or infrastructure, security monitoring of resources and services or whatever that could be defined by a facts, actions and rules. Policy Manager is a easy rule engine designed to be used in the OpenStack ecosystem and of course inside the FIWARE Cloud.
1.6. Self‐Service Interfaces ‐ Cloud Portal The Self Service Interfaces provide a support for the users of the cloud infrastructure and platform to manage their services and resources deployed in cloud. For the moment it consist of open source implementation of a User Portal and Scripts.
1.7. Software Deployment & Configuration ‐ Sagitta Sagitta (the Software Deployment and Configuration ‐ SDC ‐ GE), which is the key enabler used to support automated deployment (installation and configuration) of software on running virtual machines. As part of the complete process of deployment of applications, the aim of Sagitta is to deploy software product instances upon request of the user using the API or through the Cloud Portal.
2. DATA/CONTEXT MANAGEMENT The Generic Enablers for Data/Context Management chapter are:
2.1. BigData Analysis ‐ Cosmos Cosmos is an implementation of the Big Data GE, allowing the deployment of private computing clusters based on Hadoop ecosystem. Current version of Cosmos allows users to:
• I/O operations regarding Infinity, a persistent storage cluster based on HDFS.
• Creation, usage and deletion of private computing clusters based on MapReduce and SQL‐like querying systems such as Hive or Pig.
• Manage the platform, in many aspects such as services, users, clusters, etc, from the Cosmos API or the Cosmos CLI
Deliverable 3.1v2 FI‐PPP Technologies training materials
2.2. Complex Event Processing (CEP) ‐ Proactive Technology Online The CEP GE analyses event data in real‐time, generates immediate insight and enables instant response to changing conditions. While standard reactive applications are based on reactions to single events, the CEP GE reacts to situations rather than to single events. A situation is a condition that is based on a series of events that have occurred within a dynamic time window called processing context. Situations include composite events (e.g., sequence), counting operators on events (e.g., aggregation) and absence operators. The Proactive Technology Online is an implementation of the FIWARE CEP (Complex Event Processing) GE.
2.3. Publish/Subscribe Context Broker ‐ Orion Context Broker The Orion Context Broker is an implementation of the Publish/Subscribe Context Broker GE, providing the NGSI9 and NGSI10 interfaces. Using these interfaces, clients can do several operations:
• Register context producer applications, e.g. a temperature sensor within a room
• Update context information, e.g. send updates of temperature
• Being notified when changes on context information take place (e.g. the temperature has changed) or with a given frequency (e.g. get the temperature each minute)
• Query context information. The Orion Context Broker stores context information updated from applications, so queries are resolved based on that information.
2.4. Stream‐oriented ‐ Kurento The Stream Oriented GE is a development framework that provides an abstraction layer for multimedia capabilities, allowing non‐expert developers to include interactive media components to their applications. At the heart of this enabler there is the Open API. A REST‐like API, based on JSON RPC 2.0, exposing a toolbox of Media Elements that can be chained to create complex media processing pipelines. The Stream Oriented GE provides several client implementations of the Open API. The Java client allows developers to include media capabilities to Java or JEE applications. There is also a Javascript client ready to be used with NodeJS or directly in browser applications. Thanks to these, the Stream Oriented GE provides developers with a set of robust end‐to‐end interoperable multimedia communication capabilities to deal with the complexity of transport, encoding/decoding, processing and rendering tasks in an easy and efficient way.
3. ADVANCED MIDDLEWARE AND INTERFACES TO NETWORK AND DEVICES The Generic Enablers for I2ND chapter are:
3.1. Network Information and Control ‐ OFNIC OFNIC is a reliable and distributed Software Defined Network (SDN) controller for enterprises’ OpenFlow‐enabled network. It enables the abstraction and virtualization of network resources and functionalities. OFNIC also monitors the status of the network and provides near real‐time data about network statistics with different levels of granularity (flow, node, port).
4. ADVANCED WEB‐BASED USER INTERFACE The Generic Enablers for Advanced Web‐based UI chapter are:
4.1. 2D‐UI A JavaScript library that handles generic web user interface input events like keyboard and mouse. This GE provides means to dynamically add existing input devices input events such as touch pads and gamepad, and input event abstraction to handle keyboard key and mouse button combinations. The goal is to provide support for advanced, Web‐based, highly dynamic, and potential 3D user interfaces.
4.2. 2D/3D Capture 2D 3D Capturing is capture contextual information related a 2D 3D scene of the surrounding so that the data can be used to provided to or as services. Location information, lighting information, device orientation, heading direction
Deliverable 3.1v2 FI‐PPP Technologies training materials
are the necessary contextual information and based on the service these other information available to the browser can be used.
4.3. 3D‐UI‐XML3D XML3D is an extension to HTML5 for declarative 3D content represented as a scene graph like structure inside the DOM. All nodes within this graph are also nodes in the web sites DOM tree representation and can be accessed and changed via JavaScript like any other common DOM elements as well. On these DOM nodes, HTML events can be registered similar to known HTML elements.
4.4. 3DUI ‐ WebTundra WebTundra is the Web client for taking realXtend 3D virtual worlds into modern web browsers. The provided TundraSDK and TundraClient can connect to a realXtend Tundra server. Implementing the Tundra network protocol via WebSocket and rendering with WebGL. For networked multiuser usage requires a Tundra server (Synchronization GE server side).
4.5. Augmented Reality Augmented Reality Generic Enabler is a high‐level application programming interface for HTML5 Augmented Reality applications. Required run‐time environment is the JavaScript support of a suitable web browser. No plug‐ins are required. These applications may rely on the functionality of the other GEs, like XML3D Technology, POI Data Provider, etc.
4.6. Cloud Rendering The goal of this GE is to provide a generic way to request, receive and control a video stream of a remote 3D application. The complexity and usual heavy performance requirements for a 3D application can be offloaded to a server, from a low end device that could not handle the rendering otherwise. Cloud Rendering GE provides a web service that can be used to implement your own 3D application rendering and interactions with the web client. Also provided are accompanying web client that shows how to talk to the web service and a renderer for the realXtend Tundra 3D application SDK and the end user Meshmoon Rocket client.
4.7. GIS Data Provider ‐ Geoserver/3D This GE is able to host geographical data and serve it in 3D form (where applicable) to both mobile and web clients. The GE implementation is based on open source Geoserver project (GPL licensed) and W3DS extension.
4.8. Interface Designer The goal is to provide an easy‐to‐use full manipulator / editor of 3D objects within a scene. An in‐browser world editor that allows users to easily create, remove, and manipulate scene objects through variety of tools. This editor in particular utilizes Scene and EC model, in other words, manipulates entities, components and attributes. Manipulations can be done through GUI that consist of three parts: scene tree, EC editor, and additional toolbar, or directly into the scene via 3D manipulation helper objects such as transform gizmo / axis tripods, and grids. The GUI provides extensive editing of entities that cannot be otherwise done via a 3D manipulation helper, and also in most of the cases serves for fine‐tuning of values.
4.9. POI Data Provider POI (Points of interest) Generic Enabler is a web server kit that supports
• storing information related to locations
• serving queries by location and other criteria
• can be configured to meet your data needs POI Generic Enabler makes it relatively easy to
• Relate any information to places, e.g.
Deliverable 3.1v2 FI‐PPP Technologies training materials
o Tourist attractions / services o Photos, videos, 3D content o Special location data of your business o Imaginary items of an outdoor game o ...
• Search information by location and other criteria
• Store information by location
• Develop an application that utilizes those capabilities
4.10. Real Virtual Interaction A key aspect of Augmented Reality is that virtual content is not just presented embedded within the context of the real world, but that it should also allow users to interact actively with real objects and the objects to provide input to the user. Real Virtual Interaction generic enabler (GE) provides means for connecting real world devices consisting of sensors and actuators in to augmented or virtual reality applications. Since the real world sensors and actuators are not complex enough to contain necessary logic to publish themselves outside their immediate domain there needs to be a external service that is able to access these devices and to be able to share the access to other services and also directly to end‐users. This service provides security, data base for storing history and offline data, scalability and other cloud‐like features that make it easier for application and service developers to make use of the devices in various purposes. This GE also provides a practical prototype for publishing sensor and actuator information application developers derived from NGSI 9/10 format developed earlier in FIWARE.
4.11. Synchronization The Synchronization Generic Enabler presents a lightweight and generic network‐synchronized dynamic scene data model, and two communication protocols to interact with the model: SceneAPI, a RESTful HTTP API for non‐realtime querying and modification of the scene, and a WebSocket‐based bidirectional protocol for connected Web clients to receive continuous real‐time scene updates, and to post their real‐time changes to the scene. It includes a server reference implementation based on the realXtend Tundra SDK, and a JavaScript client library. The scene data model is based on a hierarchy of Entities, Components and Attributes. A typical use case would be the implementation of a dynamic multi‐user virtual world, but as the data model is completely generic, it is by no means limited to that use case.
4.12. Virtual Characters This GE consists of an open standard and reference implementation for virtual characters on the Web. Web applications will be able to create, display and animate virtual characters. The characters can be composed of multiple mesh parts, to eg. allow easily swappable parts like upper or lower bodies, and attached objects such as clothing. The virtual character functionality is implemented as a JavaScript library, and is part of the WebTundra codebase, which also contains the 3D‐UI and Synchronization (client part) GE's. The 3D‐UI GE (which in turn uses the WebGL API through the three.js rendering library) is utilized for the Entity‐Component‐Attribute based scene model, the hierarchical transformation graph and implementing the actual rendering: a virtual character becomes part of the scene hierarchy and can be manipulated using the scene model's functions.
5. SECURITY The Generic Enablers for Security chapter are:
5.1. Authorization PDP ‐ AuthZForce You get the reference implementation of the Authorization PDP Generic Enabler (formerly called Access Control GE). Indeed, as mandated by the GE specification, this implementation provides an API to get authorization decisions based on authorization policies, and authorization requests from PEPs. The API follows the REST architecture style, and complies with XACML v3.0. XACML (eXtensible Access Control Markup Language) is a OASIS standard for authorization policy format and evaluation logic, as well as for the authorization decision request/response format.
Deliverable 3.1v2 FI‐PPP Technologies training materials
The PDP (Policy Decision Point) and the PEP (Policy Enforcement Point) terms are defined in the XACML standard. This GEri plays the role of a PDP. To fulfill the XACML architecture, you may need a PEP (Policy Enforcement Point) to protect your application, which is not provided here. However, the PEP Proxy by UPM ‐ soon to be found on this catalogue ‐ provides such a component for protecting RESTful APIs in particular.
5.2. Identity Management ‐ KeyRock Identity Management covers a number of aspects involving users' access to networks, services and applications, including secure and private authentication from users to devices, networks and services, authorization & trust management, user profile management, privacy‐preserving disposition of personal data, Single Sign‐On (SSO) to service domains and Identity Federation towards applications. The Identity Manager is the central component that provides a bridge between IdM systems at connectivity‐level and application‐level. Furthermore, Identity Management is used for authorising foreign services to access personal data stored in a secure environment. Hereby usually the owner of the data must give consent to access the data; the consent‐giving procedure also implies certain user authentication.
5.3. PEP Proxy ‐ Wilma You get the reference implementation of PEP Proxy Generic Enabler. Thanks to this component and together with Identity Management and Authorization PDP GEs, you will add authentication and authorization security to your backend applications. Thus, only FIWARE users will be able to access your GEs or REST services. But you will be able also to manage specific permissions and policies to your resources allowing different access levels to your users.
5.4. Security Monitoring The Security Monitoring GE is part of the overall Security Management System in FIWARE and as such is part of each and every FIWARE instance. The Security Monitoring GE was designed to be offered as a services suite. The services provided, even if they can be used in isolation offer their most when used conjointly to cover the whole & primary usage pattern. Hereafter is the list of services offered by the Security Monitoring
• MulVAL Attack Paths Engine
• Scored Attack Paths
• Remediation
6. INTERNET OF THINGS SERVICES ENABLEMENT The Generic Enablers for IoT chapter are:
6.1. Backend Device Management ‐ IDAS IDAS is an implementation of the BE Device Management GE, providing:
• an ADMIN REST API for M2M application developers.
• a DEVICE COMMUNICATION API for devices (sensor/actuators/gateways) communication. Currently it implements the following protocols: SensorML, Lightweight SensorML.
• an NGSI9/NGSI10 interface towards NGSI enabled brokers, implemented by the "IoT Agent" component.
• an opensource Reference Gateway for RaspberryPI and Z‐wave devices, called "FIGWAY". IoT integrators may port this software to their own gateway/devices hardware in order to easily interact with FIWARE IoT Backend.
6.2. Configuration Manager ‐ IoT Discovery IoT Discovery is an implementation of the Configuration Management GE, which focuses on semantically‐annotated IoT descriptions. The API provides two main modules:
• Sense2Web Linked‐data platform
• NGSI‐9 Server
Deliverable 3.1v2 FI‐PPP Technologies training materials
6.3. Configuration Manager ‐ Orion Context Broker The Orion Context Broker is an implementation of the Configuration Manager GE, providing the NGSI9 interfaces. Within the IoT chapter, it is aimed to be used in combination with IoT Broker GE (so the IoTBroker deals with NGSI10 in a stateless fashion, relying in Orion as persistent storage for NGSI9 registrations) although it can be also used as a stand alone component. Using the NGSI9 interface, clients can do several operations:
• Register context producer applications, e.g. a temperature sensor within a room
• Discover context producers information, e.g. which sensors are providing temperature for a given entity
• Being notified when changes on context information availability
6.4. Gateway Data Handling GE ‐ EspR4FastData The Data Handling GE addresses the need to process data in real time. Frequently implemented features include filtering, aggregating and merging real‐time data from different sources. Thanks to Complex Event Processing (CEP), it is easy for applications to only subscribe to value‐added data which is relevant to them. CEP technology is sometimes also referred to as event stream analysis, or real time event correlation. EspR4FastData is a simple deployable servlet application. It features a dedicated REST management API, and a partial implementation of the standardized NGSI API.
6.5. IoT Broker The IoT Broker Generic Enabler is specified as a lightweight and scalable middleware component that separates IoT applications from the underlying device installations. The IoT Broker implementation available through the FIWARE Catalogue is the reference implementation of this Generic Enabler by NEC.
6.6. Protocol Adapter ‐ MR CoAP The MR CoaP Protocol Adapter allows you to plug devices using on CoaP over 6LowPan protocol within the IoT Architecture of FIWARE. The protocol adapter is designed to work with IBMs Moterunner platform and communicates via 6LoWPAN and uses CoAP as application layer protocol. The MR CoAP adapter is designed to use IBMs Mote Runner operating system. Moterunner is a run‐time platform running on the mote hardware that provides a virtual machine to execute device independent code.
7. APPLICATIONS/SERVICES AND DATA DELIVERY The Generic Enablers for Applications/Services and Data Delivery Framework chapter are:
7.1. Application Mashup ‐ Wirecloud Wirecloud builds on cutting‐edge end‐user development, RIA (Rich Internet Application) and semantic technologies to offer a next‐generation end‐user centred web application mashup platform aimed at leveraging the long tail of the Internet of Services. Web application mashups integrate heterogeneous data, application logic, and UI components (widgets/gadgets) sourced from the Web to create new coherent and value‐adding composite applications.
7.2. Marketplace ‐ WMarket The Marketplace provides functionality necessary for bringing together offering and demand for making business. These functions include basic services for registering business entities, publishing and retrieving offerings and demands, search and discover offerings according to specific consumer requirements as well as lateral functions like review, rating and recommendation.
7.3. Repository ‐ Repository RI The Repository is a core enabler of the FIWARE Business Framework. The repository provides a consistent uniform API to USDL service descriptions and associated media files for applications of the business framework. A service provider can use the Repository to publish the description of various aspects of the service according to a uniform description language.
Deliverable 3.1v2 FI‐PPP Technologies training materials
7.4. Revenue Settlement and Sharing System ‐ RSS RI The Revenue Sharing System (RSS) GE is in charge of distributing the revenues originated by the usage of a given service among the involved stakeholders. In particular, it focuses on distributing part of the revenue generated by a service between the Marketplace Provider and the Service Provider(s) responsible for the service. With the term "service" we refer to both final applications and backend application services (typically exposed through an API). Note that, in the case of composite services, more than one service provider may have to receive a share of the revenues.
7.5. Store ‐ WStore Store is the GE for selling services to both consumers and developers of Future Internet applications and services and for end‐to‐end managing of offerings and sales. While a marketplace is a platform for many stores to place their offerings to a broader audience and consumers to search and compare services and find the store where to buy, a store is owned by a store owner who has full control over a specific service/app portfolio and offerings. The final business transaction (buying) is done at the store and the whole back office process (end‐to‐end managing of offerings and sales) is handled by the store. Service Business Frameworks (SBFs) represent one of the cornerstones of service ecosystems. The key objective of a SBF is to build and support an ecosystem of applications and services that is sustainable and fosters innovation as well as cross‐fertilization. In particular, it consists of a number of interrelated components that support managing services in the business framework across the whole service lifecycle: from creation and composition of services to monetization and revenue sharing.
Pasquale VitaleEngineering Ingegneria Informatica
Overview of Generic Enablers
Introduction
The FIWARE Platform comprises a set of technological “Generic Enablers” which are considered general purpose and independent from any “usage area”
Generic Enablers provide open interfaces:
to Application Developers (APIs)
to support interoperability with other GEs
FIWARE Reference Architecture
Build with other Generic Enablers
Introduction
FIWARE assembles a set of building blocks that ease creation of smart Internet Applications
These blocks are called Generic Enablers
They offer reusable and common shared functions serving multiple use cases in various sectors
FIWARE GE Specifications are open (public and royalty free)
FIWARE GE Implementation (FIWARE GEi)
platform product that implements a given GE Open Spec
there might be multiple compliant GEis of each GE Open Spec
available FIWARE GEis published on the FIWARE Catalogue
The 7 Technical Chapters
FIWARE GEs are divided into 7 technical chapters:
1. Cloud Hosting
2. Data/Context Management
3. Interfaces to Network and Devices (I2ND)
4. Advanced Web-based User Interface
5. Security
6. Internet of Things
7. Applications/Services and Data Delivery
1. Cloud Hosting
IaaS Resource Management - to provision VMs (associate compute, storage and network resources)
Monitoring - to allow incorporating monitoring and metering mechanisms
Object Storage - to provide robust, scalable object storage functionality
PaaS Manager - to enable multiple deployment architectures (tiers)
Policy Manager - to provide the basic management of cloud resources based on rules
Self-Service Interfaces - to support for the users of cloud to manage their services and resources
Software Deployment & Configuration - to support automated deployment of software
2. Data/Context Management
BigData Analysis - to allow the deployment of private computing clusters based on Hadoop ecosystem
Complex Event Processing - to analyze event data in real-time, generate immediate insight and enable instant response to changing conditions
Publish/Subscribe Context Broker - to manage the context information
Stream-oriented - to provide an abstraction layer for multimedia capabilities, allowing non-expert developers to include interactive media components to their applications
Network Information and Control – to enable the abstraction and virtualization of network resources and functionalities
3. Interfaces to Network and Devices
4. Advanced Web-based User Interface (1 of 2)
2D-UI - handles generic web user interface
2D/3D Capture - capture contextual information related a 2D 3D scene
3D-UI-XML3D - an extension to HTML5 for declarative 3D content represented as a scene graph
3DUI-WebTundra - Web client for taking realXtend 3D virtual worlds into modern web browsers
Augmented Reality - a high-level API for HTML5 Augmented Reality applications
Cloud Rendering - to provide a generic way to request, receive and control a video stream of a remote 3D application
4. Advanced Web-based User Interface (2 of 2)
GIS Data Provider - to host geographical data and serve it in 3D
POI Data Provider - to make easy the search, the store by location
Interface Designer - to provide an easy-to-use full manipulator / editor of 3D objects within a scene
Real Virtual Interaction - to provide means for connecting real world devices consisting of sensors and actuators in to augmented or virtual reality applications
Synchronization - presents a lightweight and generic network-synchronized dynamic scene data model
Virtual Characters - consists of an open standard and reference implementation for virtual characters on the Web (to create, display and animate virtual characters)
5. Security
Authorization PDP - provides an API to get authorization decisions based on authorization policies, and authorization requests from PEPs
Identity Management - covers a number of aspects involving users' access to networks, services and applications, including secure and private authentication from users to devices, networks and services, authorization & trust management, user profile management, privacy-preserving disposition of personal data, Single Sign-On (SSO) to service domains and Identity Federation towards applications
PEP Proxy - together with Identity Management and Authorization PDP GEs, add authentication and authorization security to your backend applications
Security Monitoring - to manage the Security Management System
6. Internet of Things
Backend Device Management - IDAS - to provide API for M2M application
Configuration Manager - IoT Discovery - to register the availability of Things and Sensor devices
Configuration Manager - Orion Context Broker - to provide the NGSI9 interfaces
Gateway Data Handling GE - EspR4FastData - to process data in real time
Protocol Adapter - MR CoAP - to allow to plug devices
IoT Broker - lightweight and scalable middleware component that separates IoT applications from the underlying device installations
7. Applications/Services and Data Delivery
Application Mashup - Wirecloud - to build on cutting-edge end-user development, RIA
Marketplace - to provide functionality necessary for bringing together offering and demand for making business
Repository - to provide a consistent uniform API to USDL service descriptions
Revenue Settlement and Sharing System - is in charge of distributing the revenues originated by the usage of a given service among the involved stakeholders
Store - WStore - to sell services to both consumers and developers of Future Internet applications and services and for end-to-end managing of offerings and sales
Specific Enablers (SEs)
A Specific Enabler (SE) is a component similar to a GE which offers functions relevant to domainsspecific, for example manufacturing, media, eHealth, energy and agrifood.
FIWARE GEs
Domain specific enablers
SMART CityApps
SMART Factory Apps
SMART Agrifood Apps
Thanks!Thanks!
Pasquale VitaleEngineering Ingegneria Informatica
FIWARE LAB Cloud Portal
Summary
FIWARE LAB Cloud Hosting
Deploying your first VM
Deploying components for your application
Object Storage API
Reference Information
OpenStack: The Open Source Cloud Operating System
OpenStack is open source software to build private and public clouds
FIWARE LAB Cloud Portal is IaaS based on OpenStack
Provision and manage large networks of virtual machines
Object storage and Block storage for use with servers and applicationsPluggable, scalable, API-driven system
for managing networks and IP addresses
Cloud Portal
FIWARE LAB Cloud Hosting
Steps:
Create your account in lab.fi-ware.org
Enter in the Cloud Portal
Create your keypair (private key)
Deploy your instance
Add a public IP
Open ports to the VM
FIWARE LAB Cloud Hosting Create your account in lab.fi-ware.org
If you forgot it, request the new password
Enter your email and password to access to the FIWARE LAB
Redirect to account.lab.fi-ware.org/users/sign_in
If you do not have an account, sign up
FIWARE LAB Cloud Hosting Enter in the Cloud Portal
Context Consumers can subscribe to receive context information that satisfy certain conditions using the subscribeContext. Such subscriptions may have a duration.
The Context Broker notifies updates on context information to subscribed Context Consumers by invoking the notifyContext operation they export
Now there are 322 entities, we can keep querying the broker for them:POST <orion_host>:1026/v1/queryContext?offset=100&limit=100POST <orion_host>:1026/v1/queryContext?offset=200&limit=100POST <orion_host>:1026/v1/queryContext?offset=300&limit=100
Compound attribute values
An attribute can have a structured value. Vectors and key-value maps are supported
It maps directly to JSON's objects and arrays
Example:
we have a car whose four wheels' pressure
we want to represent as a compound attribute for a car entity
},"statusCode": {"code": "200","details": "Redirected to context provider http://contextprovider.com/Cars","reasonPhrase": "OK"
}}
]}
Registration & Context Providers
It includes details in the response
POST <cb_host>:1026/v1/queryContext... {"entities": [{"type": "Car","isPattern": "false","id": "Car1"
}]
}
queryContext(id)
data
Multitenancy
Context Broker implements a simple multitenant/multiservice model based and logical database separation
Make easer service/tenant based authorization policies provided by other FI-WARE components or third party software
Orion uses the "Fiware-Service" HTTP header in the request to identify the service/tenant
Example:Fiware-Service: Tenant1
Context BrokerContext Broker
Tenant1
Tenant2
…
entities1/attributes1/subscripitions1
entities2/attributes2/subscripitions2
Entity Service Paths
Orion Context Broker supports hierarchical scopes
Entities can be assigned to a scope at creation time with updateContext
queryContext can be also scoped to locate entities in the corresponding scopes
For example, consider the following scopes in the figure:
- Madrid, as first level scope
- Gardens and Districts, as second-level scope (children of Madrid)
- ParqueNorte, ParqueOeste and ParqueSur (children of Gardens)
and Fuencarral and Latina (children of Districts)
- Parterre1 and Parterre2 (children of ParqueNorte)
Entity Service Paths
In order to use a service path we put in a new HTTP header called “Fiware-ServicePath". For example:Fiware-ServicePath: Madrid/Gardens/ParqueNorte/Parterre1
ParqueNorte
Parterre2Parterre1
Entity Service Paths
Properties:1. A query on a service path will look only into the specified node2. Use ParentNode/# to include all child nodes3. Queries without Fiware-ServicePath resolve to /#4. Entities will fall in the "/" node by default5. You can OR a query using a comma (,) operator in the header
For example, to query all street lights that are either in ParqueSur or in ParqueOeste you would use:
ServicePath: Madrid/Gardens/ParqueSur, Madrid/Gardens/ParqueOesteYou can OR up to 10 different scopes
- Maximum scope levels: 10Scope1/Scope2/.../Scope10
1. You can have the same element IDs in different scopes (be careful with this!)2. You can't change scope once the element is created3. One entity can belong to only one scope
A B
A or B
ParqueNorte
Parterre1light1
light1
Thanks!Thanks!
Pasquale VitaleEngineering Ingegneria Informatica
FIWARE Technology
The ICT world is changing
The nature of ICT applications is changing …
development of new and emerging ICT technologies
next-generation networks (NGNs)
convergence in devices
rise of social networks
… and changing needs of consumers
ICTs is now fully integrated into modern lives
Towards the Future Internet
Many people (users, developers, SME, WE) need:
a platform (cloud-based) to deploy for their applications
to connect to IoT
to able to analyze big data into large-scale
to handle data context
to monetize applications and services
can help them
What is FIWARE?
In 2011 the EC and major European ICT companies launched an ambitious FI-PPP programme in order to define a platform that would be an open option for the development of applications in the Future Internet
The result was a new platform, called FIWARE
FIWARE is:
a new infrastructure to create services and applications on the Internet
serve the needs of developers in multiple domains
Target of FIWARE
to help the development and implementation of new services
providing a set of APIs for rapid application development in many areas
facilitating reuse and introducing standards
eHealth
Tourism
Transport, Mobility and
Logistics
e-government
Smart Energy Grid …
FIWARE Platform
Advanced OpenStack-based Cloud + rich library of services named Generic Enablers (GEs)
GEs cover common functionalities in many application fields like:
security
storage
cloud
data context
IoT
What are the Generic Enablers?
FIWARE GEs are a set of general-purpose functions available through well-defined standard APIs
GEs are useful to make easier to:
connect to the Internet of Things, perform Big Data analysis,
handle Data/Media in real time at large scale,
create augmented reality applications and 3D user interfaces,
and manage the security aspects.
GEs are published in the FIWARE Catalogue and divided into 7 Technical Chapters
GEs Technical ChaptersA
dvan
ced
Web
-bas
ed U
I
Inte
rnet
of T
hing
s
Dat
a/M
edia
Con
text
M
anag
emen
t
Arc
hite
ctur
e of
App
/ Se
rvic
es E
cosy
stem
and
D
eliv
ery
Fram
ewor
k
Secu
rity
Clo
ud H
ostin
g
Inte
rfac
e to
Net
wor
k an
d D
evic
es
FIWARE GEs for Advanced Web-based UI
Rich web-based User Experience:
3D graphics for the web (HTML 5) without any experiences
Real-time collaborative 3D applications
Design of 3D environments
Virtual Characters on the web
Infrastructure for interaction with real world objects
GIS 3D presentations
FIWARE GEs for Internet of Things
Connect apps to the physical world:
Interface & Discovery of Sensors/Devices
Configuration Manager
Gateway Data Handling
FIWARE GEs for Data/Context Management
Manage data at large scale and transform it into knowledge:
Big Data Analysis
Management of communication among different entities
Massive message events handling and processing
Media Streaming and Processing
Reach target users, to monetize apps and services:
Combine existing widgets for web application front-ends
Business management of applications and services:
Marketplace
Repository
Revenue Sharing System (RSS)
Store
FIWARE GEs for Apps/Services Ecosystem and Delivery Framework
FIWARE GEs for Security
Ensuring Privacy, Security and Trust:
Identity Management
Access Control
Security Monitoring and Analysis
FIWARE GEs for Cloud Hosting
Take the most of infrastructures while keeping costs lower and under control:
IaaS/PaaS Management
Monitoring
Policy Management Portal and tools for cloud services
FIWARE GEs for Interface to Network and Devices
Access from everywhere by using network interfaces, adapt to devices:
Controller for software defined networking
How to make available FIWARE technologies
You need a “meeting point” where users (developers, SME, WE) can:
test and showcase the applications with real data and users
catch attention of potential customers and investors
meet each other to create innovationThe place where you can developyour applications
FIWARE Lab is:
accessible from a dedicate website
a free cloud hosting to create, build and test apps
FIWARE Lab (https://cloud.lab.fi-ware.org)
FIWARE Lab is a portal accessible via web browser
IaaS: you can install your VMs with GEs
PaaS: through a precompiled templateyou can instantiate your infrastructure
with software components(FIWARE GEs, Tomcat, MySQL, etc...)
FIWARE Lab Node (Regions)
The FIWARE Lab cloud platform is based on a federation of interconnected nodes across EuropeNew nodes are in Zurigo, Poznan, Crete, Gent, Stockholm …
Where to find GEs
GEs are described in the Catalogue (http://catalogue.fi-ware.org/)
FIWARE Catalogue
You can provide a feedback
FIWARE Catalogue
Download sources
Where to find tutorials and guides
In Mediawiki of FIWARE forge (http://wiki.fiware.org)
FIWARE Academy (http://edu.fi-ware.org)
FIWARE Academy is an e-Learning Platform where you can find:
webinars
courses
videos
The navigation is divided in Chapters
Conclusion
FIWARE allows you to easily build and manage in newer apps and services by making complex process simple, cost-effective, high-quality and secure.
Middleware
Infrastructure
3rd parties build and manageApps & Services
Thanks!Thanks!
Pasquale VitaleEngineering Ingegneria Informatica
FIWARE Internet of Things
Connection to the Internet of Things
“Things” mean sensors/actuators
it collects all observations and translates them in data
IoT manages the context information from:
external systems
end users interacting with your application using some web portal
IDAS is an implementation of FIWARE IoT Backend Device Management GE
to connect to Context Broker GE
it translates observations into NGSI events
FIWARE IoT Backend Device Management
FIWARE Context Broker
IoT Agent-1
IoTAgent-2
IoT Agent-n
IoT AgentManager
create/monitor
FIWARE Backend IoTDevice Management
OMA NGSI API (northbound interface)
(southbound interfaces)
MQTTETSI M2M IETF CoAPEach IoT Agent handles interaction with a given set of devices
Connect any thing
Three way to connect to Context Broker
ContextBroker
Your IoTIoT
Backend
Gateway GEs Backend GEs
NGSI9/10
B) IoT Backend (IDAS/SBC)
SML, UL2.0, MQTT, ETSIM2M, CoAP/OMA‐LW
NGSI
ProprietaryZigbeeZwave
CoAP/MTRunnerETSIM2M
CoAP/LWM2M
OAuth2.0
How to read measures captured from IoT devices
IDAS translates information into NGSI and sends to a Context Broker.
Example - connection of device using UltraLight 2.0 protocol:
Step 1 - know the details of the IDAS (IoT Agent)
Step 2 - create a model for your IoT device
Step 3 - create (register) an asset/device for your IoT device
Step 4 - send observations related to your IoT device
Step 5 - reading measurements sent by your IoT device
Connection to the Internet of Things – Step 1
know the details of the IDAS (IoT Agent) you will be sending the measurements to
IP Address (<idas_host>): in this case 130.206.80.47
REST Admin Port (<idas_admin_port>): the port used to access the administrative API of IDAS, 5073
REST Devices Port (<idas_ul20_port>): the port used by your IoT devices to send observations or request commands, in this case 8002
Service (<service>): IDAS is able to manage different tenants, for instance for different cities or smartspaces. You can always use our “OpenIoT” service for testing, as we actually do in this example
APIKEY (<apikey>): This is a shared secret your IoT devices need to know prior to communicate to IDAS regarding a specific Service. Each service/tenant has its own APIKEY, in the case of the testing service “OpenIoT” it is the string “4jggokgpepnvsb2uv4s40d59ov”
Connection to the Internet of Things – Step 2
Create a Model for your IoT device
In the OpenIoT model there are:
SENSOR_TEMP: for a generic Temperature sensor
SENSOR_HUM: for a generic Humidity sensor
SENSOR_LUM: for a generic Illuminance sensor
SENSOR_MOV: for a generic Presence sensor
SENSOR_ZWAVE_4IN1: for the specific Everspring Zwave 4IN1 (Temperature, Humidity, Light, Presence) sensor
Connection to the Internet of Things – Step 2
Create an own Model is pretty simple (use REST ADMIN API)
Payload JSON Format:
Check IDAS doc in the Catalogue
TOKEN = FIWARE Oauth Token
Measurements have an “alias”
e.g: Temperature = t
POST <idas_host>:<idas_admin_port>/m2m/v2/services/<service>/models/(Example: POST: http://130.206.80.47:5073/m2m/v2/services/OpenIoT/models/)
GET <idas_host>:<idas_admin_port>/m2m/v2/services/<service>/assets/ (Example: GET: http://130.206.80.47:5371/m2m/v2/services/OpenIoT/assets/[ASSET_ID])
How to act upon IoT devices
Send commands to device:
register command URL (PUSH)
command = true to know what attribute is related
get commands from device (POOLING)
HTTP POST body can be empty or containing a measure
To perform some processing on available context information you need a Complex Event Processing
The CEP allows you to detect patterns above contexts (triggering some action or raising some alarm)
The CEP receives contexts information as input events and generates observations (or situations) as output events
Applications role
Applications connected to the CEP GE (external applications or some other GE like Context Broker GE) can play two different role:
the role of Event Producer
the role of Event Consumer
Note: A given application can play both roles
Event Producer
Event Producer sources can be:
an external applications reporting events
a sensor reporting a measurement
Event Producers can be provide events in two modes:
Push mode - the Event Producers push events into the CEP by means of invoking a REST API
Pull mode - the Event Producer exports a REST API that the CEP can invoke to retrieve events
Event Consumer
Event Consumers are the destination point of events. For example:
Dashboard: a type of event consumer that displays alarms defined when certain conditions hold on events related to some entities user community or produced by a number of devices
Handling process: a type of event consumer that consumes meaningful events (such as opportunities or threats) and performs a concrete action
The Context Broker GE which can connect as an event consumer to the CEP and forward the events it consumes to all interested applications based on a subscription model
Pattern
The CEP allows you to define patterns over selected events occurring in event processing contexts (such as a time window or segmentation) with optional additional conditions
Those patterns can be defined using Web based authoring tool (without to write any code)
Event Processing Agent (EPA) - Pattern
Patterns supported are:
Basic type, meaning a basic event
a lamp battery charge is below 15 percent
Aggregate type, compute some aggregation functions on a set of incoming events
the percentage of failed measurements is higher than 10 percent in the last 5 minutes
Absent type, meaning no event holding some condition arrived within the time window for the pattern to match
no sensor events arrived in the last 10 minutes
Sequence type, meaning events need to occur in a specified order for the pattern to be detected
detect if the sensor status was “fixed” and later was “failed” within 24 hours
All type, meaning that all the events specified should arrive for the pattern to match
alert if the total reservations number arriving from 4 branches is higher than some threshold
From Event-Condition-Action to Pattern-Condition-Action
In certain scenarios, single events are insignificant, a CEP engine can detect combinations of events, and generate derived events situations, which are meaningful
Use CEP when there is a need to detect patterns over incoming events
Other tools can be used when there is a need to respond to single events with some condition (e.g., Context Broker GE)
Event Processing Context definition
Every EPA (event processing agent - pattern) is associated with an event processing context
Event processing context can be a:
temporal processing context (time window)
segmentation processing context
composite context (group of several contexts) +
Event processing context groups event instances can be processed in a related way
Working with the CEP
The FI-WARE CEP instance: IBM Proactive Technology Online - PROTON
Proton (CEP GE Instance) – Build Time Web User Interface
Definition type (or build block) of CEP:
Event types - events that are expected to be received as input or to be sent as output
EPAs - responsible to detect patterns: Basic, Aggregate, Absent, Sequence, All
After introducing user/password to login and clicking the “Accept” button (needed only once), the browser redirect us back to the web page of our application:
KEEP IN MIND this uses fixed password credentials for FIWARE Proxy to generate the admin token, but in a future a registry of users and passwords will be maintained.
Please note X-Auth-Token header in this request is the admin token, while the access-token being validated is part of the resource path in URL.
This could return the following status codes if something is wrong:404 Access_token not valid 401 X-Auth-Token not valid (unauthorized)403 X-Auth-Token not valid (expired)
Level 2: Basic Authorization
BackendApps
IdM
Requ
est +
access‐token
Web App
OA
uth
Libr
ary
Proxy
6) access‐token + verb + path
7) OK + user info
Oauth2 flows
access‐token
AC GE
Access token + verb + path (step 6)
In this case you should call the API with the following information: