Mistake on this page? Email us

Introduction to Pelion Device Management Client Lite

Device Management Client Lite is Arm's solution for constrained Device Management devices.

With Device Management Client Lite you can make your product work with minimal resources, typically a board with:

  • 64 kilobytes of RAM (of which max. 36 kilobytes used by Mbed OS and Device Management Client Lite, excluding the network stack).

    Assuming eXecute in Place (XiP) is in use.

  • 512 kilobytes of ROM (of which max. 180 kilobytes used by Mbed OS and Device Management Client Lite).

    • Firmware update needs space for the entire update package.

The high-level APIs allow developers to create applications with LwM2M features as described in the Lightweight Machine to Machine Technical Specification.

Tip: For Device Management Client Lite, you need access to the restricted GitHub repository referenced in this section. If you cannot access it or other repositories, please contact us.


The feature set is very similar to the full Device Management Client.

  • PSK-based bootstrapping.
  • IP-based connectivity (TCP or UDP) over TLS/DTLS.
  • Matching LwM2M feature set.
    • GET/PUT/POST/DELETE operations.
    • Observations.

Using this library you can:

  • Connect and provision your devices on Device Management .
  • Securely communicate with Device Management over the industry standard TLS/DTLS.
  • Fully control the device and application logic.
  • Update your device's firmware.

Client Lite has a high-level API written in C++ to allow quick application development.

The API provides full control of the endpoint and application logic, including:

  • Provisioning and registration of devices to Device Management .
  • Deregistering of devices from Device Management .
  • Pre-shared Key (PSK)-based device authentication to Device Management using Mbed TLS.
  • Low memory footprint (both Flash and RAM) on the device, allowing constrained devices connectivity to Device Management .
  • Firmware update capability.
  • Notifications of resource value changes to Device Management .
  • LwM2M-based device management and service enablement.
  • LwM2M-based object management.
  • Data format support for plain text and OMA TLV.

Differences between Device Management Client and Client Lite

Device Management Client uses X.509 based certificates for device identity and connectivity, whereas Device Management Client Lite uses device-specific PSKs. Device PSKs are much lighter, so the code size and peak RAM consumption are less.

Device Management Client Lite does not support First-to-Claim, as the PSK would have to be known to both owners, which breaks the secrecy.

The device's original bootstrap PSK is injected to Device Management using a REST API. That same device-specific bootstrap PSK must also be injected to the device. The PSK is identified using a Pre-shared Key ID (PSK ID). Please ensure the PSK ID is globally unique. Please follow OMA LwM2M specifications. Chapter 6.3.1 Endpoint Client Name specifies guidelines for that.

For a full comparison of Device Management Client and Client Lite, please see the table below:

Features Device Management Client Device Management Client Lite
Repository Public, mbed-cloud-client-example Restricted, mbed-client-lite-example-restricted
Block storage Yes, for SOTP.
Secure time is stored to SOTP.
PSK/PSK ID stored to NVStore.
Block storage with filesystem Yes, for X.509 certificates.
Examples use SD card.
Not needed.
Security X.509 certificates Pre-Shared Keys
(D)TLS Yes Yes
Bootstrapping Yes Yes
First-to-Claim Yes No
Firmware Update Yes Yes
LwM2M Yes Yes
Licensing Apache 2.0 Apache 2.0
OS Support Mbed OS, Linux.
Adaptation Layer for other ports.
Mbed OS only.