Skip to main content

AWS Solutions Library

Guidance for Connected Vehicles on AWS

Use real-time connected vehicle updates to transform vehicle support and roadside assistance

Overview

This Guidance helps you modernize your broker to gather, collect, and distribute data with your connected vehicle workloads using AWS IoT Core and Message Queuing Telemetry Transport (MQTT) 5. Most connected vehicle workloads require the vehicle to be connected to a cellular connection; otherwise, the vehicle would lack connectivity to receive commands from the cloud. With AWS IoT Core and the MQTT protocol, original equipment manufacturers (OEMs) can scale connected vehicles to meet demands during peak usage and right-size their workloads.

This Guidance is composed of five architecture diagrams that address the following using Internet of Things (IoT) services: modernizing connected vehicle workloads, gathering and processing vehicle data, setting up operational certificate lifecycles, encryption and monitoring security, and connecting a companion application.

How it works

Modernized Connected Vehicles

This architecture diagram shows you how to modernize your connected vehicle workloads.

Download the architecture diagram
Architecture diagram showing an AWS-based connected vehicle solution, including data flows between a connected car, AWS IoT Core, PrivateLink, Lambda, DynamoDB, S3, Timestream, Amazon ECS, Amazon MSK, API Gateway, Amplify, and data visualization components. The diagram illustrates remote command handling, telemetry data ingest, routing, and visualization for vehicle and companion applications.

Data Gathering and Processing

This architecture diagram shows you how to gather, process, analyze, and act on connected vehicle data.

Download the architecture diagram
Architecture diagram illustrating how AWS services are used to enable connected car data gathering, vehicle onboarding, device management, advanced data collection, OTA (over-the-air) management, and analytics for connected vehicles. Includes components such as AWS IoT Core, FleetWise, Lambda, DynamoDB, Amazon S3, Timestream, SageMaker, CloudFront, Cognito, AppSync, Amplify, QuickSight, and shows integration from in-vehicle sensors to cloud-based analytics and user management.

Operational Certificate Lifecycle

This architecture diagram shows an operational certificate lifecycle.

Download the architecture diagram
Architecture diagram illustrating the operational certificate lifecycle for AWS connected vehicles. The diagram covers the process from in-vehicle certificate requests to private CA operations in the AWS Cloud, including registration, certificate rotation, audit findings, and integration with AWS IoT Core, Device Defender, Security Hub, Step Functions, Lambda, and Amazon DynamoDB.

Encryption and Monitoring Security

This architecture diagram shows you how to secure connected vehicles through encryption and monitoring.

Download the architecture diagram
Architecture diagram illustrating AWS Connected Vehicles solution for encryption and monitoring. The diagram shows how in-vehicle devices and gateways leverage AWS IoT Device SDK, AWS Encryption SDK, and certificates to securely send telemetry over a private cellular network to AWS IoT Core. Additional AWS services including API Gateway, Lambda, KMS, DynamoDB, Step Functions, IoT Device Defender, and AWS Security Hub are used for monitoring, audit, response, and vehicle security center integration.

Companion Application

This architecture diagram shows you how to build a connected vehicle companion application.

Download the architecture diagram
Architecture diagram illustrating the AWS solution for a connected vehicles companion application. The diagram shows how connected vehicles communicate securely through AWS IoT Core, Amazon SNS, Amazon SQS, AWS Lambda, Amazon AppSync, Amazon CloudFront, S3, and DynamoDB to enable features such as driver door lock requests, state synchronization, and data integration with companion apps and vehicle management platforms.

Well-Architected Pillars

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

In this Guidance, we chose AWS IoT Core, Amazon ECS, DynamoDB, AWS IoT Device Management, AWS KMS, Amazon Cognito, API Gateway, and AWS IoT Device Defender to support operational excellence, because these services collectively address key challenges in connected vehicle and IoT systems. They optimize data transfer, processing, and storage, help ensure data security, and proactively manage device health and security. For example, AWS IoT Device Defender proactively identifies and mitigates security threats.

Read the Operational Excellence whitepaper 

AWS IoT Core provides secure communication and authentication for IoT devices, preventing unauthorized access. AWS Private CA manages certificates for device authentication, so only trusted devices can connect. AWS KMS manages encryption keys for data in transit and at rest, protecting sensitive information from unauthorized access. Amazon Cognito manages user access and authentication for secure and controlled access to vehicle-related data and functionalities. AWS IoT Device Defender monitors device behavior for security threats, proactively identifying and mitigating abnormal activities and reducing the risk of security breaches.

By using these services, you can mitigate security risks, protect sensitive data, and maintain the integrity and confidentiality of information, which is crucial for building trust and helping ensure compliance in IoT deployments.

Read the Security whitepaper 

The services in this Guidance help you reduce the risk of system failures, downtime, and data loss, ultimately enhancing user satisfaction and operational efficiency in their IoT deployments. AWS IoT Core helps ensure reliable and secure data transfer between devices and the cloud, reducing the risk of data loss or communication failures. Amazon ECS provides scalability to handle varying workloads, preventing performance bottlenecks and ensuring consistent system performance. AWS IoT Device Management enables OTA device management, reducing downtime by allowing remote updates and configuration changes. AWS IoT Device Defender monitors device behavior and security, proactively identifying and mitigating issues that could impact device reliability and system performance.

Read the Reliability whitepaper 

AWS IoT Device Management enables OTA device management, allowing for remote updates and configuration changes without disrupting device performance. OTA updates through AWS IoT Device Management reduce the need for manual interventions and system downtime, allowing devices to maintain peak performance while staying up-to-date. AWS IoT Core offers features such as shared subscriptions, topic aliasing, and payload size reduction, which optimize data transfer and reduce latency, enhancing overall system performance and contributing to faster data processing.

Additionally, Amazon ECS provides scalability and efficient resource allocation for processing telemetry data so that system performance remains optimal, even during periods of high data processing.

Read the Performance Efficiency whitepaper 

Amazon ECS provides scalability to efficiently handle varying workloads, optimize resource usage, and reduce infrastructure costs. By facilitating OTA updates, AWS IoT Device Management reduces the need for expensive physical interventions and recalls, saving time and resources. AWS IoT Core optimizes data transfer and communication, reducing data transmission costs and improving overall efficiency, which directly contributes to cost savings. These services can help you strike a balance between maintaining high-quality services and controlling costs, leading to more efficient and cost-effective IoT operations.

Read the Cost Optimization whitepaper 

AWS IoT services in this Guidance reduce the need for on-premises infrastructure and its associated energy consumption. AWS IoT services also enable efficient data processing and transmission that can lead to energy savings, support OTA updates that reduce the need for physical recalls or manual updates, and incorporate monitoring and analytics tools that identify inefficiencies and anomalies. This helps you optimize resource utilization and reduce environmental impact.

Read the Sustainability whitepaper 

Disclaimer

The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.