Versions Compared

Old Version 17

changes.mady.by.user Jim White

Saved on

compared with

New Version 18

changes.mady.by.user Jim White

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Implement device service SDKs in Go Lang and C.
    The device service SDKs and resulting device services will allow the EdgeX community to retire the last of the Java micro services and complete the dramatic performance improvement of EdgeX.  

  • A stretch goal includes providing the existing device services in Modbus, BACNet, BLE, etc. in either Go or C.  

    Many of the original device services where created with driver stacks that are suit for purpose on all platforms, are no longer supported, are not homogeneous in their make up (i.e. having some parts Java while other elements in Python), or are using stacks that are not consider the best option for the protocol today.  The BLE and BACnet device services fall under this categorization.

    Several of the device services were created to prove, conceptually, how to connect to a device using that protocol, but it may not be a full implementation of the protocol API.  For example, the SNMP device service implements enough to drive a Patlite and a few other devices, but does not understand all of SNMP.

  • Implement security & system management API hooks

    Depending on the implementation needs of security and system management, there may be a need to make changes to the SDKs and existing micro service code in support of these facets.  It is likely that each micro service will implement some sort of base service to provide data and system management functionality to the system management agent.  As device services are typically created from an SDK, the same boilerplate code for the base service needs to be added to the SDK(s).  Access control to the service APIs will also be managed by the security services and code added to the service to require authentication before accessing the services will be needed.

Security Tasks and Notes

  • California release was focused on initially securing the EdgeX “gateway” and remains the priority
    • This work will be extended / augmented in this release (looking at alternative authentication, adding MQTT and other protocol reverse proxy, etc.)
  • Code signing – how to certify integrity of the system
  • The release will start to explore, potentially, securing EdgeX’s devices
    • Explore potential use of hyperledger
  • To be determined by the Security Working Group but likely includes access control lists, JWT token based authorization, and securing the bootstrapping

System Management Tasks and Notes

...