Managing (embedded) Linux Devices

Managing (embedded) Linux Devices

RationalizationUnlock sales potentialPlug and Play
All features of the solution saved more than a man-year in development.

The problem

A smart building solution provider had to manage sensor gateways with high SLA

Competition and cost pressure are very tough in the field of smart buildings. The customer needed to operate a fleet of wireless sensor gateways in several office buildings with high SLAs, but without the ability to send technicians to the site. Since the project required early deployment of the gateways on site, a solution had to be found to add value so quickly. 

The solution

A solution that enables secure remote access to the smart living sensor gateways and manages updates and configurations very granularly

The solution allowed the customer to resolve multiple issues without the need for development by introducing secure remote access to the Smart Living Sensor Gateways with updates and configurations. At the same time, this included embedded device management, remote access and security analysis. 


  • Some companies still work with manual updates or do all through OTA. 


  • The solution can clearly save customers a lot of time and money. For very large projects like automotive or set-top boxes with hundreds of thousands of devices it might still make sense to develop the same functionality in house, but for smaller projects it can soon bind resources for years that could have been allocated differently.
  • The solution can help to get secure remote access, update and configure very granularly and take care of a lot of the security related issues. 
  • The customer in addition gets insights into metrics and system behaviour.


Stumbling blocks

Devices went offline every once in a while. This was due to the fact that GSM modems connected through the USB bus sometimes lost connectivity and the Linux did not understand this. Therefore, the watchdog was introducedfor to the platform in this project. Now all future projects can profit from the general watchdog functionality.

What had the customer tried before?

Before manual configuration was used. This will not scale, and it is very error prone as well as difficult to do if firewalls need to be opened or mobile VPNs need to be configured.

Additional challenges at the customer

  • Remote access through firewalls and mobile networks
  • Automated and staged roll-out of software updates
  • Watchdog for the 4G modem connectivity
  • Security hardening 
  • Configuration and templating of MQTT

What criteria were important to him?

An out-of-the box solution with quick time to value that helped both during the proof of concept as well as in production. This saved many man-months development work and the associated costs. In addition, these non-core development activities and supporting systems should be operated by the solution provider, allowing the customer to focus on his core value creation in the smart building space.



  • All features of the solution saved more than a man-year in development and that the infrastructure is operated by the provider is saving even more.
  • No dynamic DNS was needed and in some case company networks could be reused.
  • The solution is able to pull securely through firewalls and NATs.
  • Software development in Python started from day one with devices already on premise at final customer.
  • This allowed a very quick PoC and time to market.
  • In production the solution still plays out new versions of the software.
  • The 4G modems had problems with connectivity drop-outs which were fixed by the qbee watchdog.
  • Libraries with CVE annotations are closely monitored and updated if necessary.
  • The MQTT endpoints and all port and login information are handled by the solution providers templating engine allowing to serve multiple customers with one operational tool.

The project schedule

  • Customer approaches the provider with a problem statement. 
  • The solution provider creates a comprehensive solution and can price this quickly and cost efficiently. 
  • Within a very quick initial PoC the customer was convinced to roll out our solution.

Project maturity level

Used company-wide

Project duration

One week implementation, support and adjustments Overall project 6 month and then regular operation in production.

Project cost


Running costs
(per month, digits)



Skills required by the customer

The solution provider supports the customers in providing their specific value add to the project and showing this to their customers. This can be an application software or setting together a system. Managing the device fleet and creating secure and smart remote access or update scenarios through firewalls usually is necessary plumbing that does not give visible value to the project. So, customers can do all this with only basic Linux skills. Doing this by themselves would mandate advanced system administration and Linux skills as well as know-how how to scale and operate high availability cloud solutions, load balancers and databases. So, customers do not need the full skill set anymore which is very hard to find these days.

The project schedule

Device agent that can run on the embedded Linux devices is provided. In this case it was a standard Debian Linux and a supported agent could be immediately provided. Then the user installs this when provisioning the device image and runs a bootstrap script. After that all management and package updates are done in the providers platform.

Technical facts

Project is in production with very quick deployment and release
A wireless mesh networks collects sensor data and provides this via MQTT to the IoT platform


There is a complete REST API and there are agent packages for many different Linux distributions as well as YOCTO available. If new Linux flavours are encountered the agent can be cross-compiled.

Where is the data located?

The platform is hosted in the Amazon cloud. Most of the customers are currently hosted in Ireland but it is flexible as to where to host. Access and security are according to secure industry standards.


Carsten Lehbrink (Project Manager)

"If a customer designs consumer products for both the mass market and the automotive industry, and has the strategy and resources to do it internally, we can't help, but when it comes to quickly empowering small and medium businesses to deploy and operate embedded Linux edge devices, we are the best."

Carsten Lehbrink

The information may of course vary in individual cases. Please contact the provider for an assessment of your project.