AWS IoT SiteWise integrates with Amazon CloudWatch logs and metrics and AWS CloudTrail auditing. This enables users to monitor their industrial assets and their data collection, processing, and storage at the edge and in the cloud. Additionally, by using the metadata bulk operations capability of AWS IoT SiteWise, users can change their information model to adapt to changing plant operations. Further, users can take advantage of the component-based architecture of AWS IoT Greengrass to seamlessly extend their edge applications.

This Guidance uses AWS Identity and Access Management (IAM) policies scoped for the minimum required permissions for users, adhering to the principle of least privilege. AWS IoT Core and AWS IoT Greengrass policies allow only authorized smart industrial assets to connect and publish data to AWS. Additionally, by using AWS IoT SiteWise and Amazon Simple Storage Service (Amazon S3), this Guidance encrypts all data at rest. For example, edge processing for AWS IoT SiteWise relies on file-system encryption for the security of credentials. Exposed APIs (hosted within AWS IoT SiteWise Edge gateways and accessible over the local network) use a TLS connection backed by a server-certificate private key and use an access-control password for client authentication.

AWS IoT Greengrass and AWS IoT SiteWise operate across multiple Availability Zones within the AWS global infrastructure to maintain low-latency, high-throughput, and highly redundant networking. AWS IoT Greengrass can handle intermittent internet connectivity and supports data resiliency and backup needs. Users can store and process data at the edge, reducing their dependence on cloud connectivity and facilitating smooth plant operations. Additionally, AWS IoT SiteWise provides throttling limits for cloud data ingress and egress. By buffering data at the edge before sending it to the AWS Cloud, it reduces the risk of data loss during connection outages. It also enables users to back up asset metadata and telemetry data in an Amazon S3 cold storage tier.

This Guidance uses fully managed services that automatically scale up or down for optimal performance without risking over- or underprovisioning. It includes services purpose built for industrial settings—for example, it uses AWS IoT SiteWise, AWS IoT Events, and AWS IoT TwinMaker. AWS IoT SiteWise provides flexible options for ingesting telemetry data into the AWS Cloud. For example, users can choose real-time data ingestion for operations monitoring or buffered ingestion for advanced analytics. This service also offers three storage tiers (hot, warm, and cold) to optimize data storage based on performance requirements. Further, AWS IoT SiteWise Edge enables users to store and process data locally, facilitating low-latency data access for edge applications.

AWS IoT SiteWise provides cost-optimized ingestion methods and different storage tiers (hot, warm, and cold) so users can optimize storage costs based on data access patterns. It also lets users buffer data at the edge before ingesting it to the cloud, helping to reduce ingestion costs by up to 90 percent for analytics data. Additionally, AWS IoT SiteWise Edge enables users to collect, store, and process data on local devices. Likewise, AWS IoT Greengrass lets users filter, aggregate, and process data at the edge before sending it to the cloud. Both services reduce the amount of data that users need to store and process in the cloud, helping users lower data transfer costs.

This Guidance uses fully managed services, which support sustainability by optimizing resource usage and avoiding the need for overprovisioning. These services reduce the need for on-premises infrastructure, instead using energy-efficient AWS data centers that are increasingly powered by renewable energy. Additionally, AWS IoT SiteWise Edge enables users to filter incoming data at the edge, and AWS IoT Core rules let users filter data in the cloud. This helps reduce the storage and processing resources needed in the cloud, effectively minimizing a workload’s environmental impact. Finally, by configuring the retention-period setting, users can remove unneeded data from the hot and warm storage tiers to further optimize energy use.