6. 6
Power
BI
PowerApps Web Apps
Mobile Apps
Manage
View and manage solutions
Azure Sphere
Secured MCU Secured OS Cloud Security
Business Integration
Connect to business apps & services
Office 365
Dynamics 365
Edge Modules:
• Protocol Adaptation
• Functions
• Stream Analytics
• Machine Learning
• AI
Azure
IoT Edge
• Integrated view for CISO & SecOps personas to review enterprise security posture, including IoT solutions.
• Holistic view of IoT solution security posture for DevOps and IoT solution managers to review and manage day to day security status
Azure Security
Center for IoT
3rd Party applications
Azure IoT Device SDK
3rd Party Industry specific sensors & devices
(RTOS, Linux, Windows, Android, iOS)
IoT Hub
Container
Registry
Kubernetes
Service
Compute
(VMs)
Content
Delivery
Network
Data
Explorer
Front Door
Resourc
e
Manager
(ARM)
Storage
Domain
Name
System
Microsoft
Flow
Key Vault
Service
Bus
Application
Insights
Functions
SQL Azure
Cosmos DB
Web
Apps
Azure Stream
Analytics
Event Hub
Device
Provisioning
Service Time Series
Insights
Maps
26. Azure IoT Security
Azure Sphere
Comprehensive IoT security
solution—including hardware,
OS, and cloud components
Azure Sentinel
Intelligent security analytics
for your entire enterprise with
industry’s first cloud-native
SIEM/SOAR
Azure Defender for IoT
Discover & continuously
monitor all your managed and
unmanaged IoT/OT devices.
Azure IoT Hub
Enable highly secure and
reliable communication
between your IoT application
and the devices it manages
Azure IoT Central
Reduce risk by using security
posture management, and
threat monitoring and
remediation
Azure IoT Edge
Ensure devices have the right
software and that only
authorized edge devices can
communicate with one
another
Azure Sphere Guardian
Increase brownfield security
posture paired with existing
equipment to enable secured
connectivity
27. Protect IoT assets from threats
Security by design in IoT Central
Secure device to cloud connectivity
Secure data protection in the cloud
Secure integration with other applications
28. Rapid deployment with
no device changes or
performance impact
Agentless security monitoring for all your IoT/OT devices — greenfield & brownfield
Unified IT/OT security
& governance via rich
Azure Sentinel
integration
IoT/OT-aware
behavioral analytics with
deep understanding of
industrial protocols
End-to-end protection
from the device to your
IoT cloud workloads
(containers, SQL, etc.)
29. Challenges we address for clients
IoT/OT Asset Discovery
What devices do we have & how are they
communicating?
Risk & Vulnerability Management
What are risks & mitigations impacting
our crown jewel assets?
Continuous IoT/OT Threat Monitoring,
Incident Response & Threat Intelligence
How do we detect & respond to IoT/OT threats in
our network?
Operational Efficiency
How do we identify the root cause of malfunctioning
or misconfigured equipment?
Unified IT/OT Security Monitoring
& Governance
How do we break down IT/OT silos?
How do we leverage existing workflows & tools to
centralize IT/OT security in our SOC?
How do we demonstrate to auditors that we have a
safety- and security-first environment?
30. Rapid deployment with zero performance impact
Also: Splunk, IBM
QRadar, ServiceNow,
etc.
SPAN port
30
• Assets
• Vulnerabilities
• Threats
Alerts
OT
Network
OT
NetworkNetwork switch
Azure Defender for IoT
On-premises or
cloud-connected
Deep Packet Inspection (DPI) with
patented, OT-aware
behavioral analytics
Passive
Monitoring (NTA)
Sensor (virtual or
physical appliance)
32. Correlating OT Alerts in Azure Sentinel
Microsoft Ignite demo
“Learn how Azure Defender for IoT incorporates CyberX technology to
deliver agentless security for unmanaged industrial IoT devices in
Operational Technology (OT) networks, including asset discovery,
vulnerability management, and continuous threat monitoring. We’ll show
how integration with Azure Sentinel and OT-specific SOAR playbooks
enable faster detection and response to multistage attacks that cross IT/OT
boundaries, using the TRITON attack on a petrochemical facility as an
example.”
33. Unified, end-to-end protection for greenfield & brownfield environments
AD for IoT
micro-agents
Azure Sphere
“By 2025, 50% of industrial enterprises will use IIoT platforms to
improve factory operations, up from 10% in 2020.” GARTNER
Azure Sphere
Guardian
(secure cloud
connectivity)
Network
Switch
or TAPs
40. “Plug and Play” で解決
Peripherals Windows OS
Capability
Model
Device
Metadata
Devices published their capability models and adhered to them
Windows used the capability model to know how to interact with them
43. Azure IoT Device SDK
Generated Device Agent
Easy to model
device
capabilities, easy
to generate
device software
skeleton
Easy to certify
plug and play
devices
Easy for
customers and
partners to find
plug and play
devices that just
work
Devices that just
work out of the
box with no code
required
Easy to develop
device software
and ensure it just
works with IoT
solutions
IoT Plug and Play
Device
Capability
Model
JSON-LD
Schema
49. Azure IoT Central でビデオ分析 (物体とモーションの検出)
アプリケーションを作成する (YOLO v3)
• LVA on Edge を IoT Central で利用するサンプル
• https://docs.microsoft.com/ja-jp/azure/iot-central/retail/tutorial-video-analytics-create-app-yolo-v3
50. Live Video Analytics on Edge
https://docs.microsoft.com/azure/media-services/live-video-analytics-edge/overview
Support CPU Arch:
• x86-64
• ARM64
Logics and media graph can be
configured by remotely
エッジとクラウドにまたがるインテリジェントなビデオ
アプリケーションを構築するためのプラットフォーム
• Live Video キャプチャ
• 録画・分析
• Azure サービス等に発行
76. Open Modeling
Language
Live Execution
Environment
Input from IoT &
Business Systems
Output to TSI,
Storage & Analytics
{
"@id": “dtmi:example:Station;1",
"@type": "Interface",
"extends": “dtmi:example:Room;1",
"contents": [
{
"@type": "Property",
"name": “isOccupied",
"schema": "boolean“
},
{
"@type": “Property",
"name": “hasAVSystem",
"schema": “boolean“
},
{
"@type": "Property",
"name": “capacity",
"schema": “integer“
}
],
"@context": "dtmi:dtdl:context;2"
}
Azure Digital Twins
あらゆる環境をモデル化し、センサーとビジネスシステムをモデルに接続します。
現在を制御し、過去を追跡し、未来を予測する
「Digital Twins Definition Language」(DTDL)を使用してカスタムドメインモデルを作成す
る
モデルは、以下のような情報等の仮想モデルを表現する。
テレメトリー
プロパティ
コマンド
関係
部品
仮想モデルは、現実の環境等からの情報をグラフ等で表示し、現実の環境等との意味や関係
を仮想上にて可視化する。
現実の環境等から情報を用いて、仮想モデルを生み出す
Digital Twins Definition Language は以下と協調する。
IoT Plug and Play
Time Series Insights data model
77. Open Modeling
Language
Live Execution
Environment
Input from IoT &
Business Systems
Output to TSI,
Storage & Analytics
Azure Digital Twins
あらゆる環境をモデル化し、センサーとビジネスシステムをモデルに接続します。
現在を制御し、過去を追跡し、未来を予測する
Azure Digital TwinsのDTDLモデルからライブ実行環境を作成する
Twinのインスタンスと関係は、実環境のライブグラフ表現するこ
とから成り立ちます
リッチイベントシステムを使用して、ビジネスロジックとデータ
処理を推進します。 Azure Functionsなどの外部コンピューティン
グを使用する
強力なクエリAPIを使用してライブ実行環境から洞察を抽出する
プロパティ値、関係、関係プロパティ、タイプ情報などを含む豊
富な検索条件を使用したクエリ
DTDL
Azure Digital Twins
Azure Digital Twins Graph
Zone 1
Track 1 Track 2 Track 3
Station 1
Region 1
Train 1
Switch 1
Access
Gate 1
Access
Gate 2
78. Open Modeling
Language
Live Execution
Environment
Input from IoT &
Business Systems
Output to TSI,
Storage & Analytics
Azure Digital Twins
あらゆる環境をモデル化し、センサーとビジネスシステムをモデルに接続します。
現在を制御し、過去を追跡し、未来を予測する
IoT Hubを使用してIoTおよびIoT Edgeデバイスに接続し、ライブ実
行環境を最新に保つ
新規または既存のIoT Hubを使用します(IoT HubはAzure Digital
Twinsの内部ではなくなりました)
REST APIを使用して他のデータソースからADTを駆動するか、Logic
Appsコネクタを作成します
Azure Digital Twins
Azure Digital Twins Graph
Zone 1
Track 1 Track 2 Track 3
Station 1
Region 1
Train 1
Switch 1
Access
Gate 1
Access
Gate 2
REST
API
79. Open Modeling
Language
Live Execution
Environment
Input from IoT &
Business Systems
Output to TSI,
Storage & Analytics
Cold Storage
Historical
Actions
Analytics
Azure Digital Twins
あらゆる環境をモデル化し、センサーとビジネスシステムをモデルに接続します。
現在を制御し、過去を追跡し、未来を予測する
イベントルートを使用して、Event Hub、Event
Grid、またはService Busを介してダウンストリーム
サービスにデータを送信します
Azure Data Lakeにデータを保存し、Azure Synapseや
その他の分析用Microsoftデータツールでデータを分
析し、ワークフローをLogic Appsと統合します
Azure Digital TwinsをTime Series Insightsに接続し
て、各ノードの時系列履歴を追跡します
Azure Digital Twinsから習得したAzure Time Series
Insightsの整合した時系列モデル
Azure Digital Twins
Azure Digital Twins Graph
Zone 1
Track 1 Track 2 Track 3
Station 1
Region 1
Train 1
Switch 1
Access
Gate 1
Access
Gate 2
REST
API
80. Azure Digital Twins Platform as a Service (PaaS)
Digital Twinsは、開発者が現実の世界をモデル化するためのプラットフォームを提供します
豊富なREST APIセットを使用して制御
パブリックプレビューで利用可能なC#SDK
今後,各種言語用のSDKが追加
DTDLでの有効化と“反映”するためのパーサーライブラリ
// Initialize twin metadata
var meta = new Dictionary<string, object>
{
{ "$model", "urn:example:Simple:1" },
};
// Initialize the twin properties
var initData = new Dictionary<string, object>
{
{ "$metadata", meta },
{ "data", "Hello World!" }
};
await client.CreateDigitalTwinAsync($“myTwin", JsonSerializer.Serialize(initData));
Console.WriteLine($"Created twin: {prefix}{i}");
} catch(RequestFailedException rex) {
Console.WriteLine($"Create twin error: {rex.Status}:{rex.Message}");
}
}
public async static Task ListRelationships(DigitalTwinsClient client, string srcId)
{
try {
AsyncPageable<string> results = client.GetEdgesAsync(srcId);
Console.WriteLine($"Twin {srcId} is connected to:");
await foreach (string rel in results)
{
var edge = JsonSerializer.Deserialize<BasicEdge>(rel);
Console.WriteLine($" -{edge.Relationship}->{edge.TargetId}");
}
} catch (RequestFailedException rex) {
Console.WriteLine($"Relationship retrieval error: {rex.Status}:{rex.Message}");
}
}
99. 豊富なサンプル
250以上のサンプル!
• Azure Maps Web SDK Samples (azuremapscodesamples.azurewebsites.net)
• Azure-Samples/AzureMapsCodeSamples: A set of code samples for the
Azure Maps web control. (github.com)
是非、お試しを!