Highly resilient Platform as a Service supporting a complex ecosystem of Internet of Things across the globe, in a multi-tenant environment.
For the past decade, with the rise of remote connectivity capabilities, fast paced changes in technologies, and exploding demand for Internet of Things, a global OEM was required to furiously build and release features and services to stay competitive. While such efforts provided the much needed stop-gaps to sustain themselves through a number of important milestones, they also resulted in multiple, disparate systems and services that proved to be inefficient, inflexible, and redundant.
The immediate needs of our client were to survey the existing systems, make the necessary triage, and lay a solid foundation for the future by consolidating and unifying the disparate and ineffective application development framework at the enterprise level.
Under the new initiative, the company aimed to:
- Improve customer experience and minimize confusions in usability
- Accelerate delivery and time to market
- Enhance the efficacy of data and system integrations
- Enable extensions and scalability beyond North America – out to other regions, businesses, and systems
- Maintain security, privacy and control to connectivity, access, and administration
- Reduce the exponentially growing operational costs
Dimiour was selected by our client to partner in this urgent challenge. The effort involved finding the best in industry technologies and tools, and implementing a best practices driven framework to customize a platform that would help them lead the future.
Minimum Viable Product Release
- Brought multiple mobiles apps in the market (each with limited and overlapping functions) under one, unified brand experience for its customers
- Organized and enforced API management
- Improved interoperability and streamline integrations with dependent upstream/downstream end points that provide or require data and functions
- Built a microservices framework and CI/CD workflow to accelerate development through deployments
- Implemented a serverless architecture, enabling scaling and load balancing on demand and by geography
- Secured connectivity with an identity provider, certificate management and TLS/mTLS.
- Consolidated service providers and established new enterprise contracts to gain purchase power and reduced the overall operational costs
The initially launched platform helped the organization with more time to focus on business strategies and technical innovations in their manufactured products.
In parallel, platform modernization and optimization continued to expand, serving all IoT devices, mobile apps, web apps, and B2B applications, resulting in a complex ecosystem of components, as shown in the below diagram.
Platform modernization efforts continued to support global rollouts with a highly resilient architecture. All rollouts were duly evaluated through behavior driven test scenarios along with the other non-functional mandates, which allowed the platform to provide a strong footing for other innovations.
- The multi-tenancy supporting design of applications, infrastructure and data, provided the solution with abilities to extend out beyond the organization’s boundaries and onto other OEMs
- Over-the-air updates to edge devices and canary based rollouts of clients and server softwares helped business with targeting, A/B testing, and other user experience optimization studies
Data and intelligence enhancements grew with event based processing of data streaming, consolidation, analysis, cleansing and correlations to provide actionable insights.
- Various models and algorithms applied to generate analytics and gain intelligences
- DataOps with weighted measures for easy decision making
- Necessary controls to help with all regulatory data security and compliance rules, such as GDPR or CCPA
- Machine Learning algorithms used to anticipate the user needs to offer hyper personalization
- Artificial Intelligence functions implemented leveraging Natural Language Processing (NLP), conversational Virtual Assistance (VA), etc., to seamlessly elevate the user experience at relevant touchpoints
Connectivity & Access Control options were extended to provide all applicable means of connectivity, including connectivity between devices through BLE, 4G, etc.
- In-vehicle wifi services and the ability for cloud to push notifications to edge devices or apps on those devices
- A zero trust security solution approach implemented to provide the services safely with the optimal user experience
The application workloads came in various types, such as a simple microservice, mobile, or progressive web app to edge compute on devices. In order to be able to support any of the aforementioned, the platform (on polyglot environments) was engineered with service mesh on kubernetes based container orchestration. This platform engineering design helped application developers with the ability to choose runtime they need, allowing for infrastructure democratization.
The platform could not be considered “complete” without the implementation of an efficient ingress mechanisms supporting Google Remote Procedure Call (gRPC), Representational state transfer (REST), MQ Telemetry Transport (MQTT) or any alternate application layer protocols. These were made possible with highly secure gateways and supporting various security measures, such as Mutual Transport Layer Security(mTLS), Online Certificate Status Protocol (OCSP) stapling, etc.
Cloud platform services such as load balancers or gateways had constraints in supporting end to end bidirectional gRPC streams between the IoT devices and server application. Hence, Dimiour went ahead and designed gateways from the ground up, leveraging and customizing befitting technologies in the market to supports the needs, eventuating in IoT data streams traveling back and forth in an optimal fashion over an end to end HTTP2 based connection.
Benefits in Action
A highly secure and automated global enterprise platform as a service that has:
- 7+ million users on the new unified mobile app worldwide with a user base growing by 1 million per year
- More than 200 services are deployed and in operation
- More than 30% infrastructure compute cost reduction at any time by adopting spot instances and capacity reservation strategies
- Integration with over 100 data and services endpoints around the world
- Weekly feature level releases in multiple regions including North America, Europe, Australia, India, and Japan
- Multiple instances of replicated, then reconfigured platforms stood up and running in Europe, Australia, India, and Japan
- Continuous system monitoring and diagnostics maintaining platform health and service quality
- Anomaly detection triggering alerts and notifications
- Highly scalable gateway supporting millions of transactions and data transfers in daily operations