=Paper=
{{Paper
|id=Vol-2066/seerts2018paper03
|storemode=property
|title=Combining Eclipse IoT Technologies for a RPI3-Rover along with Eclipse Kuksa
|pdfUrl=https://ceur-ws.org/Vol-2066/seerts2018paper03.pdf
|volume=Vol-2066
|authors=Robert Höttger,Mustafa Ozcelikors,Philipp Heisig,Lukas Krawczyk,Pedro Cuadra,Carsten Wolff
|dblpUrl=https://dblp.org/rec/conf/se/HottgerOHKCW18
}}
==Combining Eclipse IoT Technologies for a RPI3-Rover along with Eclipse Kuksa==
https://ceur-ws.org/Vol-2066/seerts2018paper03.pdf
Combining Eclipse IoT Technologies for a RPI3-Rover along with
Eclipse Kuksa*
Robert Höttger1 , Mustafa Özcelikörs1 , Philipp Heisig1 , Lukas Krawczyk1 , Pedro Cuadra1 , and Carsten Wolff1
Abstract— Developing open source software has proven to II. ECLIPSE KUKSA
provide benefits to customers and OEMs vise versa [1]. IoT
Eclipse Kuksa [4] has its origin in the publicly funded
and Cloud development activities have already been around
for decades and huge communities have grown among an APPSTACLE project [5] that started in early 2017. Various
immense variety of applications. However, the vehicle domain companies, suppliers, and research institutes therefore inves-
just recently approaches the connected era and still faces many tigate appropriate ways to introduce adaptable cloud and IoT
challenges stemming from security, safety, reliability, real-time, technologies to the vehicle domain and avoid proprietary and
or more demands. Such demands are also the reason for
commercial solutions.
mandatory adaptations of existing technologies. Hence, Kuksa,
i.e. an open-source platform, addresses such specific demands of Figure 1 presents the initial Kuksa architecture that shows
the connected vehicle era and further uses and extends existing a threefold structure consisting of (a) the in-vehicle platform
technologies to ease development, analysis, and activities for IoT based on automotive grade linux (AGL) [6], (b) the cloud
and Cloud-based approaches for vehicles and provide a basis front- and back-end with several technology utilization, and
for new application fields. This paper presents a comprehensive
(c) the developer-IDE that is capable to adapt and extend
description of technologies and their specifics towards secure
data transmission and device management services. both (a) and (b) towards the developer’s specific needs.
App Store
I. INTRODUCTION
Platform
Cloud
IoT and Cloud platforms are estimated to count more
than 1000 worldwide [2]. Many platforms comprise huge
communities and continuously advance existing or add new
technologies to cope with increasing demands of the respec-
tive domain. The vehicle industry is one of the domains that
In-Vehicle
Plug-Ins, WS,
Platform
just recently enters the open source IoT and Cloud market.
App IDE
Layers & Deployment
Bindings
Eclipse
Eclipse IoT [3] is one of the biggest communities that hosts
a huge variety of protocol implementations (REST, MQTT, Ecosystem
etc.), cloud back-& front-ends, m2m management, device
Central Gateway / Backbone
Ethernet
management, OTA update methodologies, security and au-
Motion ADAS Body
Control Control Head Unit Control
thentication approaches among others. Eclipse Kuksa [4] is
CAN
a recent project to fill the missing gaps in order to introduce
respective applications and technologies to vehicles. Fig. 1. Kuksa Abstract Architecture
The remainder of this paper is organized as follows.
Section II describes the Eclipse Kuksa technologies briefly Figure 2 shows the repository structure of Eclipse Kuksa
upon their utilization, adaption, or extension as well as their in order to either build AGL adapted Kuksa images, Spring
interaction with each other. Section III then presents the IoT Boot applications applicable to the cloud, or integrate tech-
stack of Eclipse Kuksa in more detail. Afterwards, Section IV nologies across the connected vehicle domain. The shown
outlines specifics about the RPI3 Rover, its hardware, main repositories are yet under development and may change in
components, and applications. Finally, Section V concludes the course of upcoming Eclipse Kuksa releases. Figure 2
the current status of the implementations and provides in- groups repositories to (i) in-vehicle technologies; (ii) cloud
sights into results that could be obtained from applications technologies; (iii) in-vehicle application development; and
across a use-case with three Rovers. Furthermore, the section (iv) cloud application development respectively. Having this
presents issues and topics to be addressed in upcoming work. structure provides a modular design, adaptable continuous in-
tegration possibilities, comprehensive bug and issue tracking,
*This work was been supported by the German BMBF under funding.No. sophisticated library usage, and a holistic approach towards
01—S16047D the dynamic nature of application evolution of connectivity
1 All authors are with IDiAL Institute, Dortmund University of Ap-
plied Sciences and Arts, Otto-Hahn-Str. 23, 44227 Dortmund, Germany approaches and vehicle development activities. Developers
robert.hoettger@fh-dortmund.de can therewith address either the used technologies themselves
SEERTS 2018: Workshop on Software Engineering for Applied Embedded RealTime Systems @ SE18, Ulm, Germany 101
�in isolated repositories or design and implement applications
for an arbitrary technology stack within the single Che-based
Kuksa IDE. Nevertheless, Eclipse Kuksa has to continuously
Key Challenges I - In-V
adequate technologies to address respective requirements.
Furthermore, the Secure APP Runtime contains several appli-
cations for OTA management or IoT connectivity but also the
check and test versions and updates on the repositories in applications themselves as well as a corresponding intrusion
order to guarantee stable development and build processes. detection application.
Cloud-Technology
Special Apps: Applicatio
Eclipse Keti
OTA downloader App
App 1 - IoT Con
In-Vehicle Technology
OTA manager App 1 Application
Eclipse Leshan
IDS - Secure
IoT Connector
Eclipse Paho /
Mosquitto…
MQTT AGL
bindings / lib
Eclipse Ditto
Secure App Runtime - Applica
Eclipse HawkBit
Authentication & Encryption
Kuksa.meta-dev Hono AGL
meta-kuksa-dev
Tools debugging, tracing,
bindings / lib APPSTACLE API Middlewa
logging
E.g. Kuksa.meta-
Eclipse Hono
Communication Services - APPSTA
Middleware
QoS Monitoring
rover
Kuksa.meta
meta-kuksa
rover tools (yocto recipes)
Cloud Service Network IDS - Networ
(e.g. raw data
tooling recipes
Ex-Vehicle In-Vehicle
AGL E.g. Rover API consumer)
- Flexible
SOME/IP
LWM2M
AGL layer subset
MQTT
eSOC
Protocols Protocols
AGL-Kuksa
yocto image and
Kuksa.AGL-wrapper
scripts, separate builds
dep. on licenses E.g. Rover App Che Kuksa IDE - Commu
… …
SDK (Yocto & Bitbake)
build
project
Eclipse Che access
Cloud-Application Dev Vehicle2Cloud In-Vehicle OS layer:
Ethernet
Rover App Instance
OS
CAN
In-Vehicle Application Dev
Interface Interface
- Hardwa
…
LTE
5G
…
Phy/MAC Phy/MAC
Fig. 2. Development Repositories and Technologies - Drivers
Figure 3 outlines the Grafana dashboard as a typical cloud
Secure Boot Platform Update interfac
Loader Manager - Secure
front-end visualization tool to access data stored along with
the cloud back-end storage database and visualize data via
a variety of charts and diagrams configurable by the user. Fig. 4. AGL-based In-Vehicle Architecture
While Grafana is nothing automotive specific, it provides a 15.01.18 Robert Höttger, Johanne
brief variety of visualization tools for metrics in form of III. R ELEVANT I OT S TACK
time, series, histogram, bar charts, line charts, stacks, and
The following subsections outline the Eclipse Kuksa
further customization possibilities.
relevant open source technologies and the cloud platform
architecture.
A. Eclipse Ditto
Within the IoT, classical embedded software develop-
ment and web development come together. However, both
disciplines have a very different culture: While embedded
software development focus often on reliability and safety,
developing web application development requires speed and
feature richness. Thus, integrating both worlds introduces
Fig. 3. Grafana Cloud Visualization Front-End
several problems. In order to cope with them, the digital
twin metaphor has been proposed. A digital twin allows to
Finally, Figure 4 gives an overview of the layers necessary have a digital representation of all capabilities and aspects
for the Kuksa in-vehicle platform. The four layers Boot that each physical device connected to the internet consists
Loader, Operating System, Middleware, and Secure App of. This offers the possibility to access and alter the state of
Runtime are accompanied by Quality of Service Monitoring a device in a controlled manner. Eclipse Ditto [7] provides a
and Authentication and Encryption methodologies. Since platform to realize the digital twin metaphor. More precisely,
the operating systems has been defined by AGL, several it provides functionality to address the following aspects:
drivers and interfaces are required to implement connectivity • Device as a Service: Higher level API to access devices
standards like 5G, LTE as well as in-vehicle inferfaces • State management for digital twins including notifica-
such as CAN, LIN, automotive ethernet among others. The tion of state changes
middleware layer further consists of in-vehicle and ex- • Digital Twin Management: Provides meta-data based
vehicle protocol implementations such as MQTT, AMQP, support to search and select digital twins
LWM2M, or eSOC, SOME/IP and others. In addition, net- The API of Eclipse Ditto is realized as REST-API, which
work IDS, communication services and the APPSTACLE allows to have a backend-less realization of IoT applications.
API are mandatory functionalities to guarantee automotive- In this way, software developers for IoT application can
SEERTS 2018: Workshop on Software Engineering for Applied Embedded RealTime Systems @ SE18, Ulm, Germany 102
�concentrate on the business logic and user experience without endpoints, Hono provides APIs that represent four common
the hassle to integrate different protocols and device types. communication scenarios of devices in the IoT:
• Registration
B. Eclipse HawkBit • Telemetry
Eclipse hawkBit [8] is a backend framework released • Event
under the EPL to roll out software updates to constrained • Command & Control
edge devices. With the challenge of a safe and reliable Eclipse Hono consists of different building blocks. The
remote software update process in mind, the project aims first are the protocol adapters, which are required to connect
to provide an uniform update process. This allows to avoid devices that do not speak AMQP natively. Currently, Hono
duplicate work for implementing mechanisms separately in comes with two protocol adapters: One for MQTT and the
each software component. Therefore, hawkBit provides a other for HTTP-based REST messages. Custom protocol
backend server that can be deployed in any cloud infrastruc- adapters can be provided by using Hono’s API. Dispatch
ture. It helps managing roll out campaigns, e.g. by defining router handles the proper routing of AMQP messages within
deployment groups, cascading deployments, emergency stop Hono between producing and consuming endpoints. The
of rollouts, and progress monitoring. Further, it offers sev- dispatch router in Hono is based on the Apache Qpid project
eral device management interfaces on which management and designed with scalability in mind so that it can handle
messages and updates can be exchanged. However, hawkBit potentially connections from millions of devices. As such it
does not provide a client for edge devices by default. do not takes ownership of messages, but rather passes AMQP
To connect certain devices, an adapter implementation that packets between different endpoints. This allows a horizontal
understands the protocols is needed. Those protocols in the scaling to achieve reliability and responsiveness. Event and
Device Management Federation (DMF) API are AMQP, commands messages, which need a delivery guarantee, can
ODA-DM, and LWM2M. Also software can be delivered be routed through a broker queue. The broker dispatches
to edge devices through a REST API. At the cloud side, messages that need some delivery guarantees. Typically, such
hawkBit ships a web-based UI for management purposes. messages are mainly from the command & control API.
Within the UI, all management functionalities are ready to The broker is based on the Apache ActiveMQ Artemis
use with a few clicks. In regard of the rising IoT cloud project. While devices are connecting to the Hono server
service infrastructure also interfaces for integrating hawkBit component, back-end services connecting via subscribing to
into other applications are accessible. Currently, a REST API specific topics at the Qpid server [10].
exposes the functionality of the backend server towards other Among the routing of messages, Hono consists of a device
applications. For a more convenient use, hawkBit also helps registry for the registration and activation of devices and the
managing roll out campaigns, e. g. by defining deployment provision of credentials as well as an Auth Server to handle
groups, cascading deployments, emergency stop of rollouts, authentication and authorization of devices. By using an
and progress monitoring. One of the features on the roadmap InfluxDB and a Grafana dashboard, Hono comes also along
is the integration of Eclipse Hono (cf. Section III-D) as DMF with some monitoring infrastructure. Due to its modular
provider. design, also other AMQP 1.0-compatible message broker
than the Apache ActiveMQ Artemis can be used.
C. Eclipse Leshan E. Eclipse Keti
Eclipse Leshan [9] is an implementation of the LWM2M Eclipse Keti is an application that allows to authorize the
protocol in Java. It provides implementations for the client as access of users to resources by applying the attribute based
well as for the server side. Leshan uses Eclipse Californium access control principle. In general, it is used to secure the
to communicate via CoAP and relies on Eclipse Scandium communication of RESTful APIs. Whether a user can access
for establishing a datagram transport layer security. Fur- a resource is decided based on evaluating rules with attribute
thermore, there are libraries available that help people to values as input. An attribute either refers to a user, resource,
implement their own LWM2M server and client side. or environment variable. Multiple rules can be combined
into a policy that comprises (i) a target that matches a
D. Eclipse Hono given request to corresponding policy; (ii) a condition that
The Eclipse Hono project provides a platform for the contains the specific authorization logic; and (iii) an effect
scalable messaging in the IoT by introducing a middleware that specifies the impact an authorization decision.
layer between back-end services and devices. Thereby, the Eclipse Keti is realied as a Spring Boot application and
communication to back-end services takes place via the consists of three major components:
AMQP protocol. If devices can speak this protocol directly, • Policy evaluation: Conducts the evaluation of every
they can transparently connect to the middleware. Otherwise, authorization request.
Hono provides so called protocol adapters, which translate • Policy management: Allows to update and maintain the
messages from the according device protocol to AMQP. set of policies.
In this way, Hono’s core services are decoupled from the • Attribute store: Maintains the user and resource permis-
protocols that certain applications are using. Via AMQP 1.0 sions captured using attributes.
SEERTS 2018: Workshop on Software Engineering for Applied Embedded RealTime Systems @ SE18, Ulm, Germany 103
�In addition, Eclipse Keti relies on spring-security-oauth to recipes for rover-app [12], rover-web [13], and their
secure its own endpoints. dependencies in [14].
Furthermore, the Kuksa.AGL-wrapper [17] is an EPL
F. Keycloak
licensed repository that holds the scripts to integrate Kuksa-
Keycloak is an application that allows to manage the specific layers with the building system already provided by
identity of users (authentication) and their access to resources AGL.
(authorization). When building an application, Keycloak al-
lows to delegate the user authentication process to substan- H. Eclipse Che
tially reduces the related implementation overhead for the Eclipse Che is an open source EPL licensed multi-
application. It provides an user with single sign on to access user cloud Integrated Development Environment (IDE) and
all applications registered at a particular Keycloak instance. workspace server. Typically, it can either be utilized by its
In addition to serving as an identity provider, Keycloak is Browser IDE (Frontend, cf. Fig. 5), or by directly connecting
also capable of incorporating existing providers, e. g. social to the resp. workspaces that are realized as customized
networks. Keycloack supports authentication processes that docker containers, which bring their complete runtime envi-
rely on the protocols OpenID Connect and version 2.0 ronment, e.g. an Ubuntu based installation with Java, Maven,
of the security assertion markup language. Authorization and/or a C/C++ tool chain. In contrast to typical IDEs, the
is conducted using version 2.0 of the Open Authorization concept of having workspaces with runtime stacks allows
(OAuth) protocol. By using Keberos, Keycloak allows to link to skip the setup time for end-developers by sharing proper
user information from other identity management systems, configurations, e.g. with example projects and tutorials. In
such as LDAP or Active Directory servers. Authentication Kuksa, Eclipse Che has proven to be a valuable asset for
and authorization is organized within Keycloack via so-called developing a variety of applications and projects, such as
realms. A realm comprises a set of registered users as well AGL (services, drivers, or applications such as ACC) for
as applications. The authentication within a realm is either different hardware platforms, or Spring Boot.
realized by supplying a separate identity service or enabling
the access to a set of existing identity providers. Users that
are part of the realm may be federated with other data
by attaching additional identity management systems. The
access to resources is steered by defining roles and assigning
them to users. An admin console provides means to modify
the realm settings, while users can manage their accounts
by using a separate interface. There are a set of Keycloak
client adapters that enable the communication employing the
protocols mentioned above. Depending on the protocol, also
implementations in various programming languages exists,
such as Java and JavaScript. Some of them provide tight
integration with specific platforms, for example Spring Boot
and WildFly.
G. AGL
AGL (Automotive Grade Linux) is a Linux Foundation
Workgroup dedicated to creating open-source software solu- Fig. 5. Eclipse Che development environment
tions for automotive applications. The initial target for AGL
is to provide an IVI (In-Vehicle-Infotainment) system [15].
For providing this kind of systems, AGL uses Yocto Project’s IV. RPI3 ROVER
building system. Thereby, being able to produce a Linux To investigate, demonstrate, and evaluate the aforemen-
System image and a Cross-Developement toolchain [16]. tioned open-source technologies along with the standards
However, in order to integrate Kuksa-specific tools, soft- and cloud infrastructure proposed with the Eclipse Kuksa
ware, and functionalities, AGL’s building system was ex- project, an open-source test platform is developed in form
tended by including three layers on top of AGL: of a Raspberry Pi 3 based Rover that is shown in Figure 6
• meta-kuksa: contains Kuksa’s code base and all its and described in the following.
dependencies that are not included in AGL, e.g. MQTT The RPI3-Rover [14] is a mobile robot that has several
libraries. features addressing various tasks such as actuation, sensing,
• meta-kuksa-dev: contains extra packages that are useful communication, and visualization. The Rover’s Raspberry Pi
for the development- and testing-only, e.g. Valgrind, 3 features AGL as the operating system, while sensing is
gtest. accomplished by getting input from several sensors, such as
• meta-rover: contains all packages needed to enable the infrared proximity sensors, ultrasonic proximity sensors, a
RPI3 Rover’s runtime software. Basically, it provides compass, accelerometer, temperature sensor, and a camera.
SEERTS 2018: Workshop on Software Engineering for Applied Embedded RealTime Systems @ SE18, Ulm, Germany 104
� Rover using Rover’s API and relevant open-source cloud-
related technologies. Rover API utilizes Eclipse Paho MQTT
client implementations in an object oriented manner for
MQTT-based cloud communication. Using this implemen-
tation Rover is able to connect to topics on a cloud instance
that is running Eclipse Hono. Similarly, Rover’s telemetry
interface (shown in Figure 7), a visual MQTT client imple-
mentation that is based on node.js and socket.io, also makes
use of Eclipse Paho MQTT client implementations in order to
connect, publish, and subscribe to the Eclipse Hono instance.
This communication allows multiple Rovers and telemetry
Fig. 6. RPI3-Rover interfaces talk with each other, drive rovers, and visualize
sensor and core utilization information.
The Rover also consists of two brushless DC motors for
actuation and an OLED display for visualization. With the
developed software, i.e. the rover-app, the Rover is able
to achieve several tasks such as following another robot in
adaptive cruise control mode, being controlled via a cloud
platform, a wifi-based client, or a bluetooth-based client,
camera streaming, image and sensor processing, sensor
information visualization etc. in a multi-threaded manner.
Additionally, the Rover’s application programming interface
(Rover API) [11] provides developers with a comprehensive
library for user application development such as the already
Fig. 8. Technologies and communication infrastructure for the Rover
developed aforementioned applications.
In the cloud server side, one of many available applications
is data statistics visualization. Eclipse Hono takes care of
this by storing information that is sent to the ”telemetry”
topic in an InfluxDB database. Although Grafana’s focus
is to visualize cloud data statistics rather than data itself,
a Grafana dashboard is created to filter the raw data itself
for visualization. Thus, Grafana is able to grab that infor-
mation from the InfluxDB and display the results in JSON-
configurable dashboard. The dashboard configured for the
Rover is given as an example in the Figure 9, which involves
the sensor data visualization over time.
Fig. 7. Rover Telemetry User Interface
The Rover has been developed with a complete open-
source work-flow in parallel with Eclipse Kuksa develop-
ments. For its release, the AGL software development kit
(SDK) has been adapted using embedded Linux tools Yocto
build system and BitBake build engine. By using these
tools, necessary dependencies for the Rover are built and
installed for AGL from custom recipes. Thus, the Rover’s
compatibility with AGL and other embedded Linux distri- Fig. 9. Grafana dashboard showing Rover sensor data
butions is significantly achieved. Furthermore, Eclipse Che
allows to configure Rover’s AGL SDK for easy open-source
development activities. V. CONCLUSIONS
Rover is developed especially for developers who want to The Eclipse Kuksa initial public contribution is expected
address cloud-based communication in cyber-physical scene- during Q1 2018. Local tests and use case implementations
rios. Figure 8 shows the test environment setup prepared for along with the Rover have shown that...
SEERTS 2018: Workshop on Software Engineering for Applied Embedded RealTime Systems @ SE18, Ulm, Germany 105
� • ...the Rover image is extensively smaller (250MB for R EFERENCES
Kuksa-AGL compared with 4GB using the Raspbian
OS) [1] The advantages of open source tools, Kayla Matthews,
• ...new technologies can be integrated easily without jaxenter 21.11.2017, https://jaxenter.com/
advantages-open-source-tools-139026.html, access
adjusting the meta-kuksa layer too much February 2018
• ...soft real-time applications can be deployed [2] Create Your Own Internet of Things: A survey of IoT platforms, Kiran
• ...versioning, issue tracking, and configuration can be Jot Singh and Divneet Singh Kapoor, IEEE Consumer Electronics
Magazine (Volume: 6, Issue: 2, April 2017)
achieved on a modular and fine grained level [3] Open Source Software for Industry 4.0, An Eclipse IoT Working Group
• ...browser-based development activities significantly collaboration, October 2017, The Eclipse Foundation, Inc., Made
ease teamwork and leverage the use of required con- available under the Eclipse Public License 2.0 (EPL-2.0), Online:
https://iot.eclipse.org/resources/white-papers/
figurations Eclipse%20IoT%20White%20Paper%20-%20Open%
• ...the utilization of Eclipse open source IoT technolo- 20Source%20Software%20for%20Industry%204.0.pdf,
gies is highly beneficial and allows concentrating on access February 2018
specifics and innovative constructs [4] Eclipse Kuksa: https://projects.eclipse.org/
proposals/eclipse-kuksa, access February 2018
In the later course of the project, a holistic API will be [5] ITEA3 APPSTACLE Project: https://itea3.org/project/
added to the kuksa-dev layer in order to provide easy appstacle.html, access February 2018
[6] Automotive Grade Linux: https://www.automotivelinux.
access to the various existing and upcoming technologies. org, access February 2018
The authors are looking forward to leverage synergies with [7] Eclipse Ditto Project Proposal: https://projects.eclipse.
established communities as well as technologies in order to org/proposals/eclipse-ditto
bring automotive based application development activities to [8] Eclipse hawkBit: https://projects.eclipse.org/
proposals/hawkbit, access February 2018
the next level. Therefore, cloud concepts and Spring Boot [9] Eclipse Leshan: https://www.eclipse.org/leshan/, access
applications can perform complex analyses and simulations February 2018
as well as upgrade and update applications for vehicles and [11] Rover API: https://app4mc-rover.github.io/
rover-app, access February 2018
therewith make future driving more beneficial for end-users, [12] Rover APP: https://app4mc-rover.github.io/
developers, tool suppliers, or even OEMs via a common easy rover-app, access February 2018
to use architecture. [13] Rover Web: https://app4mc-rover.github.io/
rover-web, access February 2018
ACKNOWLEDGMENT [14] Rover Documentation: https://app4mc-rover.github.io/
rover-docs, access February 2018
The authors would like to express their appreciation to the [15] Automotive Grade Linux Requirements Specifications: http:
APPSTACLE consortium for sharing experience, expertise, //docs.automotivelinux.org/docs/architecture/
and knowledge. Special thanks to Johannes Kristan and en/dev/reference/AGL_Specifications/agl_spec_
v1.0_final.pdf, access February 2018
Tobias Rawald from Bosch Software Innovations for their [16] Yocto Project Software Development Kit (SDK) Developer’s
industrial insights into the various Eclipse IoT projects used Guide: http://www.yoctoproject.org/docs/2.1/
in Eclipse Kuksa. sdk-manual/sdk-manual.html
[10] Eclipse Hono: https://www.eclipse.org/hono/, access [17] AGL-kuksa: https://gitlab.idial.institute/
February 2018 appstacle/agl-kuksa
SEERTS 2018: Workshop on Software Engineering for Applied Embedded RealTime Systems @ SE18, Ulm, Germany 106
�