This section gives you an overview of connecting hardware to Xively as well as links to tutorials for specific hardware connections.
Xively platform device management overview
Follow our detailed tutorials for development kits and products. Development kits are for building and prototyping applications, and products do not need any toolchain installation or programming to connect to Xively.
Raspberry Pi 3 board
Silicon Labs Thunderboard dev kit
ESP32 Wi-Fi and Bluetooth device
STM32F4xx NUCLEO dev kit
Ethernet board: FreeRTOS, Wi-Fi board: no-OS
STM32F746G-DISCO board - external tutorial on developer.microej.com
TI CC3220SF dev kit
No-OS, in the course of the tutorial TI RTOS is build
Any OS with command-line interface
Xively with Seeed Studio Grove on MSP432 - external tutorial on hackster.io
ESP8266 Wi-Fi module, compatible with Arduino
To connect an IoT device gateway, see the Define Instruments Zen IoT Gateway tutorial.
Devices communicate with Xively through an MQTT broker. To simplify establishing a connection, Xively provides an embedded C client library that manages the communication between devices and Xively. The library is free and open-source. To get connected, embed the Xively C Client (libXively) library in your client application on the device.
Xively also offers libraries in other languages. If you prefer Python or Ruby, see the repositories in Device and server-side libraries. You can also write your own library or use any compatible one available on the Internet.
For a software development kit to connect your mobile application, see the mobile SDKs section.
Xively requires that its clients construct secure TCP/IP connections using Transport Layer Security (TLS) version 1.2. Before a TLS connection is established, Xively presents a certificate signed by a Root Certificate Authority to identify itself, and the client verifies this certificate's authenticity and validity.
Xively delivers two clients that quickly facilitate these requirements: Xively Python Client and Xively C Client. The Xively Python Client (xiPy) makes use of your Python environment's TLS implementation. For embedded systems, the Xively C Client supports two leading 3rd party TLS libraries out of the box: wolfSSL or mbedTLS, and further options to support on-chip TLS implementations for the TI CC32XX, and the STM32F4 Nucleo Wi-Fi Boards.
A TLS implementation for an environment other than Python or C is also possible. You can add support for your board by implementing a few functions in the Xively C Client TLS Board Support Package (BSP), a layer of code abstracted to aid in porting to new platforms and libraries. Full details on porting the Xively C Client BSP can be found in the Xively C Client Porting Guide.
Aside form TLS, we suggest including the following security measures for platforms connecting to Xively:
- A hardware random number generator (cryptographic nonce)
- Accurate real-time clock for certificate validation checks
- Fallback Root CA certificates stored on the client to verify alternative Server Certificates, in case the current server certificate becomes compromised
- Back-off connection logic to prevent accidental self-inflicted DDoS attacks
- Online Certificate Status Protocol (OCSP) and OCSP Stapling for certificate validation checks
- Flash File Systems and dual stage boot loaders for firmware updates to patch software security features
On the server side, Xively provides the following additional securities:
- A secure messaging broker (MQTT)
- An identity management service (IDM) that provisions and validates MQTT credentials, including username and shared secret credentials
- The Xively Blueprint service with its two significant security features:
- Control over end-users and devices communication that ensures your data is secure and private
- Validation of MQTT publications for every message, on every topic, that allows for immediate temporary access or the immediate revocation of a device or end-user's credentials if required
Xively offers secure file transfer and remote updates of device firmware to keep the device secure and up-to-date in terms of its certificates (in case a device-side Root CA Certificate expires), protocol implementations (in case of a fault), or even cryptographic algorithms. Remote firmware updates ensure that both server and client are running the same security mechanisms. For more information about this feature, see Firmware updates.
The Xively Professional Services team (XPS) can work with you to develop a firmware update strategy if you currently do not have one.