Azure IoT Hub
The Azure IoT Hub sample shows the communication of an Internet-connected device with an Azure IoT Hub instance. This sample uses the Azure IoT Hub library to communicate with the IoT hub and the Azure FOTA library to provide firmware over-the-air (FOTA) functionality.
Cellular connectivity is supported on the nRF91 Series SiPs, while Wi-Fi® connectivity is supported on the nRF52 or nRF53 Series SoCs hosting the nRF70 Series Wi-Fi companion ICs.
The sample uses the connection manager that provides a common connectivity API for LTE and Wi-Fi stacks.
Requirements
The sample supports the following development kits:
Hardware platforms |
PCA |
Board name |
Build target |
---|---|---|---|
PCA10153 |
|
||
PCA10090 |
|
||
nRF9151 DK |
PCA10171 |
|
|
PCA10143 |
|
When built for an _ns
build target, the sample is configured to compile and run as a non-secure application with Cortex-M Security Extensions enabled.
Therefore, it automatically includes Trusted Firmware-M that prepares the required peripherals and secure services to be available for the application.
Overview
The sample supports the direct connection of an IoT device that is already registered to an Azure IoT Hub instance. Alternatively, it supports the provisioning of the device using Azure IoT Hub Device Provisioning Service (DPS) to an IoT hub. See the documentation on Azure IoT Hub library for more information.
The sample periodically publishes telemetry messages (events) to the connected Azure IoT Hub instance.
By default, telemetry messages are sent every 20 seconds.
To configure the default interval, set the device twin property desired.telemetryInterval
, which will be interpreted by the sample as seconds.
Here is an example of a telemetry message:
{
"temperature": 25.2,
"timestamp": 151325
}
In a telemetry message, temperature
is a value between 25.0
and 25.9
, and timestamp
is the uptime of the device in milliseconds.
The sample has implemented the handling of Azure IoT Hub direct method with the name led
.
If the device receives a direct method invocation with the name led
and payload 1
or 0
, LED 1 on the device is turned on or off, depending on the payload.
On Thingy:91, the LED turns red if the payload is 1
.
Firmware update
The sample subscribes to incoming Azure IOT Hub device twin messages that contain the firmware update information. By default, the device twin document is requested upon connecting to the IoT hub. Thus, any existing firmware information in the desired property will be parsed. See Azure FOTA for more details on the content of the firmware information in the device twin.
Note
This sample requires a file server instance that hosts the new firmware image. The Azure FOTA library does not require a specific host, but it has been tested using Azure Blob Storage.
Configuration
See Configuring and building an application for information about how to permanently or temporarily change the configuration.
Setup
For the sample to work as intended, you must set up and configure an Azure IoT Hub instance.
See Setup and configuration for information on creating an Azure IoT Hub instance and Additional configuration for additional information on the configuration options that are available.
Also, for a successful TLS connection to the Azure IoT Hub instance, the device needs to have credentials provisioned.
If you want to test FOTA, ensure that also the required credentials for the file server are provisioned and the CONFIG_AZURE_FOTA_SEC_TAG
Kconfig option is set accordingly.
See Setup and configuration for information on provisioning the credentials.
Configuring Wi-Fi access point credentials
This sample uses the Wi-Fi credentials library to manage Wi-Fi credentials. Before the sample can connect to a Wi-Fi network, you must configure at least one credential set.
Once you have flashed your device with this sample, connect to your device’s UART interface and add credentials using the following command:
wifi_cred add NetworkSSID SecurityMode (OPEN, WPA2-PSK, WPA2-PSK-SHA256, WPA3-SAE) NetworkPassword
Where NetworkSSID is replaced with the SSID of the Wi-Fi access point you want your device to connect to, and NetworkPassword is its password.
If you are not sure which security mode to use, enable the CONFIG_NET_L2_WIFI_SHELL
Kconfig option and use the wifi scan
command to display a list of all accessible networks along with their corresponding security modes.
Then either reboot the device or use the wifi_cred auto_connect
command to manually trigger a connection attempt.
From now on, these credentials will be automatically used when the configured network is reachable.
When building as firmware image for a non-secure build target, the Wi-Fi credentials backend will be set to PSA using TF-M.
See the Wi-Fi: Shell sample document for more details on the wifi_cred
command.
Wi-Fi static credential options
If you want to configure the credentials statically, set the CONFIG_WIFI_CREDENTIALS_STATIC
Kconfig option to y
.
Important
Do not use static credentials in production environments.
Other options for statically configuring your Wi-Fi credentials:
CONFIG_WIFI_CREDENTIALS_STATIC
- This option enables static Wi-Fi configuration.CONFIG_WIFI_CREDENTIALS_STATIC_SSID
- Wi-Fi SSID.CONFIG_WIFI_CREDENTIALS_STATIC_PASSWORD
- Wi-Fi password.CONFIG_WIFI_CREDENTIALS_STATIC_TYPE_OPEN
- Wi-Fi network uses no password.CONFIG_WIFI_CREDENTIALS_STATIC_TYPE_PSK
- Wi-Fi network uses a password and PSK security (default).CONFIG_WIFI_CREDENTIALS_STATIC_TYPE_PSK_SHA256
- Wi-Fi network uses a password and PSK-256 security.CONFIG_WIFI_CREDENTIALS_STATIC_TYPE_SAE
- Wi-Fi network uses a password and SAE security.
Additional configuration
Check and configure the following library options that are used by the sample:
CONFIG_AZURE_IOT_HUB_DEVICE_ID
- Sets the Azure IoT Hub device ID. Alternatively, the device ID can be provided at run time.CONFIG_AZURE_IOT_HUB_HOSTNAME
- Sets the Azure IoT Hub host name. If DPS is used, the sample assumes that the IoT hub host name is unknown, and the configuration is ignored. The configuration can also be omitted and the hostname provided at run time.
If DPS is used, use the Kconfig fragment found in the overlay-dps.conf
file and change the desired configurations there.
As an example, the following compiles with DPS for the nRF9160 DK:
west build -p -b nrf9160dk_nrf9160_ns -- -DOVERLAY_CONFIG=overlay-dps.conf
CONFIG_AZURE_IOT_HUB_DPS
- Enables Azure IoT Hub DPS.CONFIG_AZURE_IOT_HUB_DPS_REG_ID
- Sets the Azure IoT Hub DPS registration ID. It can be provided at run time. By default, the sample uses the device ID as the registration ID and sets it at run time.CONFIG_AZURE_IOT_HUB_DPS_ID_SCOPE
- Sets the DPS ID scope of the Azure IoT Hub. This can be provided at run time.
For FOTA, check and configure the following library Kconfig options:
CONFIG_AZURE_FOTA_APP_VERSION
- Defines the application version string. Indicates the current firmware version on the development kit.CONFIG_AZURE_FOTA_APP_VERSION_AUTO
- Automatically generates the application version. If enabled,CONFIG_AZURE_FOTA_APP_VERSION
is ignored.CONFIG_AZURE_FOTA_TLS
- Enables HTTPS for downloads. By default, TLS is enabled and currently, the transport protocol must be configured at compile time.CONFIG_AZURE_FOTA_SEC_TAG
- Sets the security tag for TLS credentials when using HTTPS as the transport layer. See Setup and configuration for more details.CONFIG_AZURE_IOT_HUB_HOSTNAME
- Sets the Azure IoT Hub host name. If DPS is used, the sample assumes that the IoT hub host name is unknown, and the configuration is ignored.CONFIG_AZURE_IOT_HUB_DEVICE_ID
- Specifies the device ID, which is used when connecting to Azure IoT Hub.CONFIG_AZURE_IOT_HUB_DPS_REG_ID
- Specifies the device registration ID used for DPS.
Note
The sample sets the option CONFIG_MQTT_KEEPALIVE
to the maximum allowed value, 1767 seconds (29.45 minutes) as specified by Azure IoT Hub.
This is to limit the IP traffic between the device and the Azure IoT Hub message broker for supporting a low power sample.
In certain LTE networks, the NAT timeout can be considerably lower than 1767 seconds.
As a recommendation, and to prevent the likelihood of getting disconnected unexpectedly, set the option CONFIG_MQTT_KEEPALIVE
to the lowest timeout limit (Maximum allowed MQTT keepalive and NAT timeout).
Sending traces over UART on an nRF91 Series DK
To send modem traces over UART on an nRF91 Series DK, configuration must be added for the UART device in the devicetree and Kconfig. This is done by adding the modem trace UART snippet when building and programming.
Use the Cellular Monitor app for capturing and analyzing modem traces.
TF-M logging must use the same UART as the application. For more details, see shared TF-M logging.
Building and running
This sample can be found under samples/net/azure_iot_hub
in the nRF Connect SDK folder structure.
When built as firmware image for the _ns
build target, the sample has Cortex-M Security Extensions (CMSE) enabled and separates the firmware between Non-Secure Processing Environment (NSPE) and Secure Processing Environment (SPE).
Because of this, it automatically includes the Trusted Firmware-M (TF-M).
To read more about CMSE, see Processing environments.
To build the sample with Visual Studio Code, follow the steps listed on the How to build an application page in the nRF Connect for VS Code extension documentation. See Configuring and building an application for other building scenarios, Programming an application for programming steps, and Testing and optimization for general information about testing and debugging in the nRF Connect SDK.
Testing
Microsoft has created Azure IoT Explorer to interact and test devices connected to an Azure IoT Hub instance. Optionally, follow the instructions at Azure IoT Explorer to install and configure the tool and use it as mentioned in the below instructions.
After programming the sample to your development kit, complete the following steps to test it:
Connect the kit to the computer using a USB cable. The kit is assigned a COM port (Windows) or ttyACM device (Linux), which is visible in the Device Manager.
Connect to the kit with a terminal emulator (for example, nRF Connect Serial Terminal). See Testing and optimization for the required settings and steps.
Reset the development kit.
Observe the log output and verify that it is similar to the Sample output.
Use the Azure IoT Explorer, or log in to the Azure Portal.
Select the connected IoT hub and then your device.
Change the device twin’s desired property
telemetryInterval
to a new value, for instance60
, and save the updated device twin. If it does not exist, you can add the desired property.Observe that the device receives the updated
telemetryInterval
value, applies it, and starts sending new telemetry events every 10 seconds.Verify that the
reported
object in the device twin now has atelemetryInterval
property with the correct value reported back from the device.In the Azure IoT Explorer or device page in Azure Portal, navigate to the Direct method tab.
Enter
led
as the method name. In the payload field, enter the value1
(or0
) and click Invoke method.Observe that LED 1 on the development kit lights up (or switches off if
0
is entered as the payload). If you are using Azure IoT Explorer, you can observe a notification in the top right corner stating if the direct method was successfully invoked based on the report received from the device.In the Azure IoT Explorer, navigate to the Telemetry tab and click start.
Observe that the event messages from the device are displayed in the terminal within the specified telemetry interval.
To test FOTA update:
Navigate to the view where you can update the device twin using the Azure IoT Explorer or Azure Portal.
Create a
firmware
JSON object inside the desired object of the device twin document, containing information about the binary to download:{ "firmware": { "fwVersion": "v0.0.2-dev", "jobId": "ca186d4b-4171-4209-a49d-700c35567d1d", "fwLocation": { "host": "example.com", "path": "firmware/my-app-update.bin" }, "fwFragmentSize": 1800 } }
Click Save to apply the changes to the device twin. Updating the device twin causes a message to be sent to the device, containing the updates to the desired object.
In the terminal emulator, observe that the new firmware image is downloaded and installed as shown in Sample output.
Observe that the sample displays the logs from the new application when the development kit reboots.
Confirm that the device twin contains the updated application version in the
reported.firmware.fwVersion
field in Azure IoT Explorer or Azure Portal.
Sample output
When the sample runs, the device boots, and the sample displays the following output in the terminal over UART:
*** Booting Zephyr OS build v2.3.0-rc1-ncs1-1453-gf41496cd30d5 ***
<inf> azure_iot_hub_sample: Azure IoT Hub sample started
<inf> azure_iot_hub_sample: Bringing network interface up and connecting to the network
<inf> azure_iot_hub_sample: Device ID: my-device
<inf> azure_iot_hub_sample: Connecting...
<inf> azure_iot_hub_sample: Network connectivity established and IP address assigned
<inf> azure_fota: Current firmware version: 0.0.1-dev
<inf> azure_iot_hub_sample: Azure IoT Hub library initialized
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTING
<inf> azure_iot_hub_sample: Connection request sent to IoT Hub
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_CONNECTED
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_READY
<inf> azure_iot_hub_sample: Sending event:
<inf> azure_iot_hub_sample: {"temperature":25.9,"timestamp":16849}
<inf> azure_iot_hub_sample: Event was successfully sent
<inf> azure_iot_hub_sample: Next event will be sent in 60 seconds
If a new telemetry interval is set in the device twin, the console output is like this:
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_DESIRED_RECEIVED
<inf> azure_iot_hub_sample: New telemetry interval has been applied: 60
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_RESULT_SUCCESS, ID: 42740
<inf> azure_iot_hub_sample: Sending event:
<inf> azure_iot_hub_sample: {"temperature":25.5,"timestamp":47585}
<inf> azure_iot_hub_sample: Event was successfully sent
<inf> azure_iot_hub_sample: Next event will be sent in 60 seconds
If a new FOTA update is initiated, the console output is like this:
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_RESULT_SUCCESS, ID: 140
<inf> azure_fota: Attempting to download firmware (version 'v0.0.2-dev') from example.com/firmware/app_update.bin
<inf> download_client: Downloading: firmware/app_update.bin [0]
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_FOTA_START
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_DESIRED_RECEIVED
<inf> download_client: Setting up TLS credentials, sec tag count 1
<inf> download_client: Connecting to example.com
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_RESULT_SUCCESS, ID: 190
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_RESULT_SUCCESS, ID: 190
<inf> download_client: Downloaded 1800/674416 bytes (0%)
...
<inf> download_client: Downloaded 674416/674416 bytes (100%)
<inf> download_client: Download complete
<inf> dfu_target_mcuboot: MCUBoot image-0 upgrade scheduled. Reset device to apply
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_FOTA_DONE
<inf> azure_iot_hub_sample: The device will reboot in 5 seconds to apply update
<inf> azure_iot_hub_sample: AZURE_IOT_HUB_EVT_TWIN_RESULT_SUCCESS, ID: 109
Dependencies
The sample uses the following nRF Connect SDK and Zephyr libraries:
It uses the following libraries and secure firmware component for nRF91 Series builds:
It uses the following libraries for nRF7 Series builds: