AWS IoT ExpressLink powers a range of hardware modules developed and offered by AWS Partners, such as Espressif, Infineon, and u-blox. The connectivity modules include software implementing AWS-mandated security requirements, making it faster and easier for you to securely connect devices to the cloud and seamlessly integrate with a range of AWS services. AWS IoT ExpressLink modules come pre-provisioned with security credentials set by qualified AWS Partners. This enables you to offload the complex work of integrating the networking and cryptography layers to the hardware modules, and develop secure IoT products in a fraction of the time.
AWS IoT ExpressLink helps quickly transform products into IoT devices so you can collect, store, and analyze device data across your applications. Each AWS Partner module includes software implementing AWS-mandated security requirements, enabling a secure and direct connection to the cloud without the need for specialized knowledge in networking or cryptography.
Easy integration with AWS IoT services
Partner modules with AWS IoT ExpressLink provide seamless integration with a range of AWS IoT services. Offload the heavy lifting to the connectivity modules so you can slash development times from years to weeks, reduce development costs, and accelerate time to market.
AWS IoT Core messaging
Devices with AWS IoT ExpressLink establish a two-way connection with AWS IoT Core through native support of the MQTT (publish/subscribe) communication mechanism. MQTT is a lightweight protocol with a small footprint and minimal network bandwidth, enabling efficient communication for resource-constrained microcontroller-based devices. Send AWS IoT ExpressLink commands as simple as “connect,” “send,” and “subscribe” and your device will immediately start communicating with the cloud.
AWS IoT Device Shadow
Partner modules with AWS IoT ExpressLink can create and update AWS IoT Device Shadow documents. Device shadows communicate a device’s state to apps and other services regardless of whether that device is currently connected, so you can see and modify the device’s state at any point in time. Modules supporting technical specification v1.1 can use newer command sets to simplify access to a named or un-named shadow, retrieve or update the entire document, or receive automatic notifications when any part of it is updated.
AWS IoT Device Defender
Partner modules with AWS IoT ExpressLink can connect to the AWS IoT Device Defender service to report a number of device metrics that can help detect anomalies and generate alerts. Modules supporting Technical Specification v1.1 can simply set a time period parameter to ensure a number of module metrics are collected at the desired rate and sent automatically to the AWS IoT Device Defender service.
Over 200 AWS services
Easily connect your device to AWS services such as Amazon Simple Storage Service (Amazon S3), Amazon Elastic Compute Cloud (Amazon EC2), AWS IoT Core, AWS IoT SiteWise, and Amazon SageMaker to easily implement an end to end cloud connected solution.
AWS IoT ExpressLink modules feature best practices for device to cloud connectivity and security as manufacturing partners incorporate AWS-mandated security requirements designed to help protect devices from remote attacks and to help achieve a secure connection to the AWS cloud. These include the following provisioning and security procedures:
- Cryptographically signed certificate with unique device ID.
- Cryptographically secured boot based in a hardware root of trust.
- Cryptographically secured over-the-air firmware updates.
- Transport Layer Security (TLS v1.2 or higher) encryption of wireless network connections.
- Encryption of all sensitive data stored on the module, both in transit and at rest.
- Hardware root of trust for secrets storage and application code segregation.
- Compliance with security regression test suite.
Device fleet management at scale
Manage OTA updates
With AWS IoT ExpressLink, it’s easy to make over-the-air (OTA) updates to both the module and host processor from the AWS IoT Device Management console. You can then remotely deploy security updates, bug fixes, and new firmware updates to add features and keep your device fleet always up to date.
The onboarding-by-claim process makes it easier and more flexible for customers, such as Original Equipment Manufacturers (OEMs), to associate a physical device to a thing in their AWS IoT accounts. With the onboarding-by-claim feature, each module powered by AWS IoT ExpressLink automatically connects to an intermediate AWS staging account endpoint. At a later stage, when the end-user registers the finished product, it is moved automatically to the OEM’s endpoint. This allows for greater flexibility in the endpoint selection, and can help streamline the manufacturing process for IoT devices. This implementation also removes the need for the OEM to share secrets (credentials) with any other party in the supply chain, such as a device contract manufacturer, thus helping them to reduce exposure to third party security breaches.
Select the module with AWS IoT ExpressLink that suits your needs.
Read our FAQ to learn more about AWS IoT ExpressLink.
Ask in-depth questions and get live support.