Introduction to Pelion Device Management Client Lite
Device Management Client Lite is Arm's solution for constrained Device Management devices.
With Device Management Client Lite you can make your product work with minimal resources, typically a board with:
64 kilobytes of RAM (of which max. 36 kilobytes used by Mbed OS and Device Management Client Lite, excluding the network stack).
Assuming eXecute in Place (XiP) is in use.
512 kilobytes of ROM (of which max. 180 kilobytes used by Mbed OS and Device Management Client Lite).
- Firmware update needs space for the entire update package.
The high-level APIs allow developers to create applications with LwM2M features as described in the Lightweight Machine to Machine Technical Specification.
The feature set is very similar to the full Device Management Client.
- PSK-based bootstrapping.
- IP-based connectivity (TCP or UDP) over TLS/DTLS.
- Matching LwM2M feature set.
- GET/PUT/POST/DELETE operations.
Using this library you can:
- Connect and provision your devices on Device Management .
- Securely communicate with Device Management over the industry standard TLS/DTLS.
- Fully control the device and application logic.
- Update your device's firmware.
Client Lite has a high-level API written in C++ to allow quick application development.
The API provides full control of the endpoint and application logic, including:
- Provisioning and registration of devices to Device Management .
- Deregistering of devices from Device Management .
- Pre-shared Key (PSK)-based device authentication to Device Management using Mbed TLS.
- Low memory footprint (both Flash and RAM) on the device, allowing constrained devices connectivity to Device Management .
- Firmware update capability.
- Notifications of resource value changes to Device Management .
- LwM2M-based device management and service enablement.
- LwM2M-based object management.
- Data format support for plain text and OMA TLV.
Differences between Device Management Client and Client Lite
Device Management Client uses X.509 based certificates for device identity and connectivity, whereas Device Management Client Lite uses device-specific PSKs. Device PSKs are much lighter, so the code size and peak RAM consumption are less.
Device Management Client Lite does not support First-to-Claim, as the PSK would have to be known to both owners, which breaks the secrecy.
The device's original bootstrap PSK is injected to Device Management using a REST API. That same device-specific bootstrap PSK must also be injected to the device. The PSK is identified using a Pre-shared Key ID (PSK ID). Please ensure the PSK ID is globally unique. Please follow OMA LwM2M specifications. Chapter 6.3.1 Endpoint Client Name specifies guidelines for that.
For a full comparison of Device Management Client and Client Lite, please see the table below:
|Features||Device Management Client||Device Management Client Lite|
|Repository||Public, mbed-cloud-client-example||Restricted, mbed-client-lite-example-restricted|
|Block storage||Yes, for SOTP.
Secure time is stored to SOTP.
PSK/PSK ID stored to NVStore.
|Block storage with filesystem||Yes, for X.509 certificates.
Examples use SD card.
|Security||X.509 certificates||Pre-Shared Keys|
|Licensing||Apache 2.0||Apache 2.0|
|OS Support||Mbed OS, Linux.
Adaptation Layer for other ports.
|Mbed OS only.|