In the IoTAC project, we are looking at different IoT architectures to identify best practices, potential weaknesses and to understand the difference between the various approaches. Below we give a short summary of four architectures we have analyzed.


ISO/IEC Internet of Things (IoT) Reference Architecture

ISO/IEC 30141 is an internationally standardized generic IoT Reference Architecture. It specifies core IoT system characteristics, a conceptual model, a reference model, and four architectural views. The ISO/IEC IoT RA domain view, known as the Six-Domain Model, is an innovative structure extending a conventional layered reference architecture traditionally applied for the design of IT systems. Each domain contains a set of functions, which can be selected depending on a specific application case.

User domain contains UI functions and APIs for providing access to the capabilities of an IoT system to both human users and external software systems.

Operations & Management Domain (OMD) facilitates operational management focusing on collecting functions such as monitoring, reporting, device management, and optimization of systems’ real-time performance.

Resource Access & Interchange Domain (RAID) interacts with external entities and provides mechanisms for exposing IoT system resources. The resources of an IoT system are exposed via one or more service interfaces with a controlled access policy.

Sensing and Controlling Domain (SCD) provides sensing and actuation functions. The sensing function reads data from sensors, while the actuation function controls physical objects. Besides, SCD offers various control services for controlling the dynamic behaviour of the PED entities to ensure the safety and correct operation of the IoT system.

Physical Entity Domain (PED) represents all physical objects subject to sensing or controlling in the IoT system.

The standard also describes three cross-domain vertical functions, namely network connectivity, dynamic composition, and trustworthiness. The trustworthiness dimension focuses on ensuring high security, safety, privacy, reliability, and resilience against various attacks, system faults, and human errors. ISO/IEC 30141 IoT RA is not discussing technical details or concrete solutions. However, it is the first harmonizing reference architecture that provides common ground and framework for many applicable standards produced by the ISO/IEC JTC1/SC 41[1] committee, whose well-rounded scope covers interoperability, safety, and security.

Microsoft Azure

Azure is Microsoft’s cloud platform that provides services for virtually any use case, including the Internet of Things. Azure IoT is a collection of managed cloud services that can connect, monitor, and control billions of IoT assets worldwide.

There are two possible approaches that can be selected according to the requirements.

One offering is the IoT Central which is a managed Application Platform where one can get a complete turnkey solution that can be customized to the user’s needs by adding branding and adapting device properties and telemetry. The main benefits of this approach are the short time required to configure and launch the solution and the predictable pricing structure.

In case if more control is required then the Azure IoT Platform Services provide the building blocks to develop a secure and scalable IoT backend system. It allows managing a huge number of IoT devices and ingest telemetry with the frequency of millions of messages per second.

Regardless of which approach is implemented the solution can be easily integrated with other services of the Microsoft ecosystem for example to provide real-time analytics and dashboards, automation with the Power Platform or visualizations using Power BI. This ecosystem and integration possibilities make Azure IoT a very powerful platform for any Internet of Things solution.



OneM2M is an IoT architecture developed with the focus on a common service layer.

The common service layer connects the service layer with the connectivity/network layer and as such the architecture can provide services and functions which are needed by IoT applications between different IoT solutions and domains.

Services included in the common service layer are Security, Communication Management, Registration and more.

The common service layer offers great flexibility for the user. Almost any service one can think of can be developed and integrated into the OneM2M solution, Independent from Cloud providers, hardware and software OneM2M can be used in a large variety of areas. Furthermore, the architecture of OneM2M allows it to be connected and integrated with other IoT solutions and environment.

To protect data handled by OneM2M there is also the Security architecture. The Security architecture consists of 3 layers which are the Security functions layer, the Security Environment Abstraction Layer and the Secure Environment layer.

The Security Functions layer consists of the 6 categories Identification, Authentication, Authorization, Security Association, Sensitive Data Handling and Security Administration;

The Security Environment Abstraction Layer provides different security mechanisms like encryption, credentials and verification services.

At last the Secure Environment layer stores or handles sensitive data or functions.

OneM2M wants to provide a simple solution that is extensible and secure, focuses on common services and interworking, can be deployed in various areas as well as customized to the needs of the environment and users.


OPC UA is the advancement of the original OPC architecture OPC Classic.

OPC UA stands for Open Platform Communications United Architecture. It was developed to face the new challenges in the IoT world by providing an open platform architecture that is well-equipped for the future, expendable and adaptable.

The functional architecture consists of 2 layers, the Infrastructure layer and the Information Models layer.

The infrastructure layer forms the basis and consists of Discovery, Transport, Information Access and Security and Robustness.

The Information Models Layer consist of the different levels of Information Models. The Information Models provide the services and functions. These are adaptable to the use cases and needs of the customer. The different levels describe whether the concerned problem is general, industry-focused or customer-specific.

Information models with services and functions are continuously developed, published and shared.

The security of OPC UA is based on the X.509 certificate standard and a stack of further protocols, it has a basic security concept included.

OPC UA focuses on the communication between the sensors and control systems in the industry sector. It is an interface that supports two types of communication between the server and the client. One is a request-response type client to server communication the other one is the publisher-subscriber communication where the client subscribes to the publisher and receives information on an event or interval basis.

OPC UA is widely used in the industry sector, offering a variety of services for monitoring and controlling industrial processes.


Leave a Reply

3 + three =