← Back to Architecture Cloud · Microsoft Azure

Azure IoT Hub

Managed cloud gateway that authenticates each on-board Pod, routes the telemetry to Azure Data Explorer and maintains the digital twin of every vehicle in the fleet.

What it is

Azure IoT Hub is a managed PaaS (Platform as a Service) from Microsoft Azure that acts as a bidirectional concentration point between IoT devices distributed in the field and the cloud analytics infrastructure. It can manage millions of concurrent connections with end-to-end latencies below 60 ms.

Unlike a generic MQTT broker, IoT Hub adds a per-device identity and security layer (Device Identity Registry), the Device Twin abstraction for state synchronisation, and native routing to other Azure services such as Event Hub, Storage, Service Bus or Azure Data Explorer.

Role in IN-SIGHT

Azure IoT Hub is the transport layer that connects the on-board CM4 Pods with the cloud analytics engine:

  • Per-device authentication: Each Pod registers with a unique X.509 certificate. There are no shared credentials: revoking one device does not affect the rest of the fleet.
  • Message routing: IoT Hub rules direct vibration telemetry to Azure Data Explorer via Event Hub, and high-severity alerts to a Service Bus queue that feeds the portal notifications.
  • Device Twin: Each Pod maintains a digital twin in the cloud with its reported state (firmware version, active thresholds, last Golden Run) and the desired state configured by the operator (new firmware version, updated thresholds).
  • OTA (Over-The-Air): Firmware updates and Kalman filter parameters are distributed through the Device Twin without physical intervention on the vehicle.
  • Fleet monitoring: The IN-SIGHT portal queries the real-time connectivity status of all pods to detect disconnected or low-battery pods.
Device Twin in practice: When the maintenance team updates the vibration alert threshold for a specific bogie type, the change propagates to all affected pods at the next synchronisation, without sending technicians to the depot.

Data flow

  1. Connection: The CM4 establishes an MQTT/TLS 1.3 session with IoT Hub, authenticating with its X.509 certificate.
  2. Publishing: The Pod publishes telemetry to the topic devices/{device-id}/messages/events/ with routing properties (signal type, alert level).
  3. Routing: The rules evaluate the message properties and forward it to Event Hub (normal telemetry) or Service Bus (alerts).
  4. ADX ingestion: The native IoT Hub → ADX connector writes the messages to the telemetry table with latency < 30 s.
  5. Twin sync: Every 60 s the Pod reports its state to the Device Twin. Desired configuration changes are applied at the next synchronisation.