3/14/2025

Lecture 6: IoT Application-Layer

Protocols
Seyed-Hosein Attarzadeh-Niaki

Fundamentals of IoT 1

Review
• IoT Networking
– Network architectures and topologies
– Wireless network protocols
• Short-range protocols
• Long-range protocols

Fundamentals of IoT 2

1
 3/14/2025

Introduction to IoT Application Layer

Protocols
• Definition: Protocols enabling
communication between IoT applications
(e.g., data exchange, device
management).
• Key Characteristics
• Designed for constrained devices (low power,
limited memory).
• Support for publish/subscribe or client-server
models.
• Efficient data representation (JSON, CBOR,
SenML).
• Importance: Enable interoperability and
scalability in heterogeneous IoT systems.

Fundamentals of IoT 3

Key Characteristics of
IoT Application Protocols
• Constraints
• Low bandwidth, high latency, intermittent
connectivity.
• Limited computational power (e.g., microcontrollers).
• Power efficiency (battery-operated devices).
• Design Goals
• Minimal overhead (e.g., small header size).
• Support for real-time and event-driven
communication.
• Scalability: Managing millions of devices.
• Protocols: MQTT, CoAP, HTTP/REST, AMQP.
Fundamentals of IoT 4

2
 3/14/2025

Standardization Bodies for IoT

Protocols
• Key Bodies:
• IETF: Develops RFCs (e.g., RFC 7252 for CoAP).
• OASIS: MQTT standardization.
• OMA: Lightweight M2M (LwM2M).

Fundamentals of IoT 5

Publish-Subscribe Model in IoT

• Concept: Decouples publishers (data sources) and
subscribers (data consumers).
• Advantages
• Scalability for many-to-many communication.
• Dynamic discovery of data topics.

Fundamentals of IoT 6

3
 3/14/2025

MQTT Protocol Overview

• MQTT (Message Queuing Telemetry
Transport)
• Lightweight, publish-subscribe protocol over
TCP/IP (port 1883/8883 for TLS).
• Designed for constrained
networks (e.g., LoRaWAN,
cellular).
• Supports three Quality
of Service (QoS) levels.

Fundamentals of IoT 7

MQTT Components
• Broker: Central hub managing subscriptions
and routing messages.
• Clients: Devices that publish or subscribe to
topics.

Fundamentals of IoT 8

4
 3/14/2025

MQTT Message Structure

Message Types Type Flow Description
Initiates a connection
• CONNECT, PUBLISH, CONNECT C→S
with the broker.
SUBSCRIBE, Acknowledges
CONNACK S→C
UNSUBSCRIBE, connection request.
PINGREQ. Transmits application
PUBLISH Either data to subscribed
• Fixed header, variable clients.
header, and payload. PUBACK S→C
Acknowledges QoS 1
PUBLISH message.
… ... …
Gracefully ends the
DISCONNECT C→S
connection.

Fundamentals of IoT 9

MQTT Quality of Service (QoS) Levels

• Level 0: At most once (no guarantees).

• Level 1: At least once • Level 2: Exactly once

(duplicates allowed). (guaranteed delivery).

Fundamentals of IoT 10

5
 3/14/2025

MQTT Use Cases

• Industrial Monitoring:
Sensors sending
telemetry to
dashboards.
• Smart Home:
Thermostats updating
cloud services.
• Healthcare: Wearables
transmitting vital signs.

Fundamentals of IoT 11

MQTT Implementation Example

• Example in Python

client = mqtt.Client()
client.connect("broker.hivemq.com", 1883, 60)
client.publish("temperature", "25°C")

Fundamentals of IoT 12

6
 3/14/2025

MQTT vs. HTTP Comparison

Aspect MQTT HTTP

Model Publish/subscribe Client-server
Connection Persistent (TCP) Stateless
Data Flow Push-based Pull-based

Fundamentals of IoT 13

MQTT-SN (Sensor Networks)

• MQTT-SN: Optimized for constrained devices (e.g., 8-bit microcontrollers).
• Features: Short topic IDs instead of strings, UDP-based for low power.

Aspect MQTT MQTT-SN

Transport TCP/IP (reliable, higher UDP (lightweight, suitable for low-power
Layer overhead) networks)
Topic Full topic strings (e.g., Short numeric IDs (1-2 bytes) instead of strings
Identification sensors/temperature) to reduce payload size
Device moderately constrained Optimized for ultra-constrained devices (e.g., 8-
Constraints devices (e.g., MCUs) bit MCUs, battery-operated sensors)
Message Larger headers and topic Smaller message size (short topic IDs, minimal
Overhead strings headers)
Industrial IoT, smart home, Sensor networks (e.g., agriculture,
Use Cases
and general pub/sub environmental monitoring)
QoS Support Three levels (0, 1, 2) Limited to QoS 0 for ultra-low power savings
Broker Requires persistent TCP Supports sleepy clients (devices can disconnect
Interaction connection and reconnect without loss)
Fundamentals of IoT 14

7
 3/14/2025

Introduction to CoAP
• CoAP (Constrained Application Protocol)
• RESTful protocol over UDP (port 5683).
• Confirmable/Non-confirmable messages.
• Uses JSON or CBOR for payloads.

Fundamentals of IoT 15

CoAP Message Types

• Methods: GET, POST, PUT, Field Description
DELETE. Version CoAP version
• Response Codes: 2.01
Type Confirmable (CON)
(Created), 4.04 (Not Found).
Non-confirmable (NON),
• Options: URI path, content Acknowledgement (ACK)
format Reset (RST)
Token Length 0–8 Bytes
Code Req. method/Res code
Message ID Detects message duplication
Token Correlates req. & res.
Options Option num, len, val
Payload Application data

Fundamentals of IoT 16

8
 3/14/2025

CoAP Query Parameters

• Discovering Resources
– Path: /.well-known/core

• Pagination: $top, $skip

(e.g., $top=5&$skip=10).

• Sorting: $orderby.

• Select Properties: $select

(e.g.,
/Things?$select=name)

Fundamentals of IoT 17

CoAP vs. HTTP/REST

Aspect CoAP HTTP/REST
Transport UDP (low overhead) TCP (higher overhead)
Efficiency Optimized for constrained devices Designed for web-scale systems
Scalability Good for low-power networks Better for high-bandwidth apps

Aspect CoAP HTTP/3

Transport UDP QUIC (HTTP/3)
Overhead Minimal header (~4 bytes) Larger headers
Use Case Constrained IoT devices High-speed web applications

Fundamentals of IoT 18

9
 3/14/2025

Platforms for Data-interoperability and

Device Management
LWM2M CORECONF
• By Open Mobile Alliance • Based on binary
(OMA) representation
• Maintains a repository with • YANG data modeling
object data representation. language
• URI/ObjectID/InstanceID
will identify a specific
instance on the device

Fundamentals of IoT 19

CoAP vs. MQTT Comparison

Aspect CoAP MQTT
UDP (low latency, no guaranteed
Transport TCP (reliable, higher overhead)
delivery)
Ideal for constrained devices (e.g., Better for high-volume
Scalability
sensors) telemetry
QoS No inherent QoS (reliability via DTLS) Built-in QoS levels (0, 1, 2)
Payload JSON/CBOR (compact) Arbitrary binary/text data

Fundamentals of IoT 20

10
 3/14/2025

Security in IoT Application Protocols

MQTT Security CoAP Security

• TLS encryption (port 8883) • OSCORE (Object Security for
• Authentication methods: CoAP)
• Username/password • End-to-end encryption and
(plaintext or hashed) integrity protection.
• Client certificates • Uses CBOR for payload
encoding.
• Access control lists (ACLs)
• Works with constrained
for topic permissions. devices.

Fundamentals of IoT 21

Data Representation in IoT Protocols

JSON CBOR

SenML

Fundamentals of IoT 22

11
 3/14/2025

Data Representation in IoT Protocols

Format Description Advantage Disadvantage
Human-readable text
Cross-platform compatibility, Verbose, higher
JSON format (JavaScript Object
widely supported, easy to parse. bandwidth usage.
Notation).
Concise Binary Object Compact (smaller size), efficient
Not human-readable
CBOR Representation (binary for constrained devices,
without decoding.
JSON alternative). supports binary data.
Sensor Markup Language Compact representation of Requires parsing
SenML for time-series sensor multiple measurements, logic, less common
data. supports metadata (e.g., units). than JSON/CBOR.
Markup language for Enables hypermedia-driven APIs Not optimized for
HTML linking resources (used in (linked resources), supports machine-to-machine
REST APIs for discovery). human-readable content. data exchange.

Fundamentals of IoT 23

Industry-Grade Protocols
• Requirements
• High reliability, real-time control, legacy system compatibility.
• Used in energy, manufacturing, and smart grids.

Protocol Transport Industry Features Security

Hierarchical control for Optional encryption
TCP/UDP
DNP3 Energy, Utilities substations, supports polling (DNP3 v4); vulnerable
(Layer 2-7)
and event-driven updates. without TLS.
Legacy protocol for PLCs No built-in security;
TCP/Serial Manufacturing, (Programmable Logic requires external TLS
Modbus
(Layer 7) SCADA Controllers), simple for modern
ASCII/Binary. deployments.
Unified architecture for
End-to-end security
TCP Manufacturing, secure industrial data
OPC-UA (TLS, certificates),
(Layer 7) Oil/Gas exchange, supports
platform-independent.
encryption and digital twins.
Fundamentals of IoT 24

12
 3/14/2025

Other IoT Protocols

Protocol Transport Use Case Features Example
Low-power mesh network, Smart home
IPv6 Home/
Thread interoperable with Wi-Fi, devices (e.g.,
(6LoWPAN) Automation
uses AES-128 encryption. Philips Hue lights).
Banking
Robust messaging with
transaction
Financial, queues/exchanges,
AMQP TCP systems (e.g.,
Enterprise supports pub/sub and
message brokers
request-reply.
like RabbitMQ).
XML-based for chat and IoT Google Talk, IoT
TCP (XML Real-Time
XMPP signaling (e.g., IoT device device presence
over TCP) Comm.
status updates). detection.
OMA standard for over- Fleet
Device the-air updates, firmware management for
LwM2M CoAP/UDP
Mgmt. upgrades, and remote connected
diagnostics. vehicles.
Fundamentals of IoT 25

Future Trends in IoT Protocols

• 5G Integration: Ultra-low latency for real-time
applications.
• AI-Driven Protocols: Adaptive QoS based on
network conditions.
• Blockchain for IoT: Secure data provenance.

Fundamentals of IoT 26

13
 3/14/2025

Summary: Key Characteristics of IoT

Application Protocols
Protocol Transport Data Format Design goals Key features
Layer
Minimal overhead, Publish/subscribe model,
Arbitrary real-time QoS levels (0, 1, 2),
MQTT TCP/IP
(binary/text) communication, lightweight for constrained
scalability for pub/sub. networks.
Low overhead, RESTful Stateless requests, supports
JSON/CBOR/
CoAP UDP design for M2M GET/POST/PUT/DELETE, runs
SenML
communication. on constrained devices.
Human-readable data, Client-server model,
HTTP/
TCP/IP JSON/XML interoperability with stateless, relies on TCP for
REST
web services. reliability.
Enterprise-grade
Binary Supports pub/sub and
AMQP TCP/IP messaging middleware,
(serialized) queues, com
guaranteed delivery.

Fundamentals of IoT 27

Next Lecture
• IoT Application-Layer Protocols
– Publish-Subscribe model
– MQTT
– CoAP
– Data representation
– Other IoT protocols

Fundamentals of IoT 28

14
 3/14/2025

SensorThings API Overview

• Purpose: Geospatial IoT data management
(e.g., location-aware sensors).
• Entities: Things, Sensors, Observations,
Locations.

Fundamentals of IoT 29

15