About The Client
Scante systems help manufacturers and suppliers provide IoT driven apps to their customers. Apps on the platform integrate IoT data from connected products with support content, parts, services, and interactions that are the day to day activities of almost every business.
Customers range from manufacturers of industrial and commercial equipment to services companies, and everything in-between. Though many are small and medium-sized companies, large global companies have also chosen Scante for our rapidly deployable, configurable, and extremely cost-effective systems. They all share a need to provide IoT driven apps to their customers and haven’t found good solutions from the IoT mainstream.
Scante has been building complex customer interaction and support applications for Internet-connected products since before IoT was a thing.
Our partnership with Osian has enabled Scant Evidence to serve its customers and allow their IoT hardware connected to cloud and controllable by the web and mobile apps in an easy and simple manner, enabling us to provide features and capabilities that our customers demand which helps us expand our business.
- Tom Dichiaro, CTO, Scante Evidence LLC
Osian was involved in the execution of the project at a very early stage. Osian was tasked with creating the software architecture for the end user facing interfaces, including desktop, mobile web and admin dashboard that powers the overall IoT stack. The Scante stack involves onboarding industrial equipment which transmit data onto the Scante data collector framework and then have the end user monitor data for analytics or even control the IoT device by issuing commands to the equipment via a two way command communication protocol.
Creating a software architecture that would allow for white labelling was crucial right from the onset since the direct clients of Scante were industrial equipment manufacturers who would ultimately be selling to other end users in return. This required a robust information architecture that would allow for the flexibility of code reuse without compromising on security.
The system architecture also needed to be scalable given the requirements of the IoT framework.
Osian came up with a list of mature front-end software architecture choices that complied with the requirements and created a comparison matrix of features that allowed Scante to reach a decision. Since some of the services were already in place, this required an understanding of the existing architecture and then make the choice for the same.
The primary selection criteria was based on a few key factors, including :
One of the prime considerations while selecting the technology stack for the project was to enable white labelling. This was not restricted to small changes in branding but to also allow support for theme rollers and font selection.
Modularity and Maintainability
The nature of the project required that the solution architecture provided for creating each piece of the puzzle as a lego block that allowed for incorporation of new features as a new module. It was also important for each module to have their own code structure to allow for long term maintainability of the feature without having to resort to a large-scale monolith.
One of the exciting things in the long list of features was the ability to control the IoT device via a control panel view rendered on the web. This would require a command - control messaging system that would ensure that any commands sent over the wire were executed on the opposite side of the link in an expected manner.
Since these were actual devices that were to be controlled and information about critical components were to be exposed to the outside world, a safe and secure communication protocol was needed for the same.
It was important to keep the running cost of the system low during the inception of the project. Running the entire infrastructure on AWS seemed like the most natural thing to do right from the start as it would allow the entire system to scale based on the requirements.
Ease of use
The white labelled application was to be used by end users on both the mobile web and desktop platforms. Hence, it was important to keep usability in mind while constructing the modular pieces of the application.
The front end framework chosen for the solution was Angular which satisfied most of the discussion points centered around the proposed solution. The back end framework in this particular case was a mix of multiple technologies not limited to .NET, AWS serverless amongst others. Sections of the code that were required to be scalable, specifically the ones that were required to process a huge number of IoT messages were written as modular components. Amazon SQS is used to ensure that all messages are processed accordingly.
Osian’s solution included leveraging the AWS cloud platform to host the various components of the IoT project, allowing for enhanced cybersecurity features and management that AWS provides. This involved implementing the best practices at multiple levels including infrastructure, application servers and other components in the system architecture. Some of the key components enhancing the security were AWS Web Application Firewall, static website served using AWS CloudFront, enhanced security at the web server level, application firewall for Level 7 attacks, linux file and directory level access control & handling permissions at IAM level on the used machine. Two Factor Authentication has also been implemented along with network security for safe login to the network area.
Architecture & Security
Osian helped us arrive at a decision by creating a comparison matrix of features that each of the CMS have to offer. Their insight and ability to explain the pros and the cons of each CMS was instrumental in the quick turnaround of the overall project.
- Jon Prescott, Founder - Scant Evidence LLC
The Application components can be categorized as below as per the functions.
AWS Web application Firewall is the first level of defence, when it comes to layer 7 attacks, known URLs, Rate Limiting & Bot detection is blocked at the WAF level itself.
Application Load balancer The SSL request termination happens at ALB level, all traffic is limited to the VPC.
VPC Endpoints: All communications required by components to exchange data happens within the VPC via VPC Endpoints
Amazon CloudFront The entire site is served statically via Amazon CloudFront, all images are served directly via Amazon S3.
Amazon S3 Components that grow over a period of time when it comes to a CMS Application are logs, database & assets. Logs & assets are pushed to S3 from the application server.
Load Balancing & Autoscaling with CloudWatch: To handle peak loads compute services scale in a Multi AZ cluster, marshalling is handled via the Elastic Load balancer.
Whitelabelled Solution : The seamless framework and software architecture allows for the application to be converted into a platform that allows for multiple clients to be on-boarded into the system faster.
App for Distributors and Sales Representatives : In addition to the end-user client facing application, the platform has built in support for Distributor and Sales Representative logins that enable monitoring of devices into logical groups.
Remote Control Panel : Generic and Custom Panel modules enable remote monitoring of IoT devices and also operating the device from the web based control panel. This meant that the complex IoT devices could share feedback and respond to user actions.
Below are some metrics that showcase the success of this project.
Omni channel data integration
The solution is able to get the data integrated from any IOT platform into a single dashboard. Scant Evidence currently supports platforms like AWS IOT, EWOM & Netbiter.
Time to launch / onboard new clients
At the time of launch we achieved over 60% reduction in Infrastructure cost and 90% reduction in license costs.