The Cognite Driver provides connectivity between IOTA and Cognite Data Fusion (CDF). The driver provides seamless integration between these two systems, enabling access to industrial data stored in Cognite's cloud platform. The driver is stateless, i.e., it doesn't maintain persistent connections or data caches. A single Cognite Driver service can connect to multiple Cognite projects via separate connection instances.
The driver supports the following object types:
| IOTA Type | Supported? | Source Type |
|---|---|---|
| Tag | 🟢 | Time Series |
| Asset | 🟢 | Asset (via Data Models) |
| Timeframe | ⚫ | Not supported |
Diagram
Technical Specification
| Description | Value |
|---|---|
| Development Language | GoLang |
| Processor Architecture | 64-bit |
| Supported Operating Systems | Windows/Linux/macOS |
| Data Modes | Read |
| Request/Response Pattern | Asynchronous |
| Source Communication | Cognite REST API |
| Back-end Communication | NATs message bus |
| Message Bus Driver Type | cognite |
| Near Real-Time Data Updates | Yes |
| Multiple Cognite Projects | Yes |
Key Features
Asset Hierarchy Browsing
Navigate the complete asset hierarchy using Cognite Data Models. The driver automatically discovers views that implement the CogniteAsset interface from your configured data models.
Time Series Data
Query time series data with support for:
- Snapshot (Latest): Retrieve the most recent datapoint for real-time monitoring
- Historical (Plotted): Query historical data ranges with optional aggregation
- Aggregations: Support for average, min, max, sum, and count aggregates
Data Models Integration
The driver integrates with Cognite Data Models via Location Filters:
- Automatic discovery of asset and time series views
- Support for custom views implementing
CogniteAssetandCogniteTimeSeries - Caching of view definitions for efficient template lookups
OAuth2 Authentication
Secure authentication using OAuth2 client credentials flow via Azure AD:
- Automatic token acquisition and refresh
- Configurable token URL, scopes, and tenant
- Support for multiple Cognite clusters
Dependencies
The Cognite Driver is installed alongside the main IOTA Vue service within a containerized environment such as Kubernetes, Docker, or Podman.
Security
Source Security
The Cognite Driver authenticates with Cognite Data Fusion using OAuth2 client credentials flow via Azure Active Directory. All API communication uses HTTPS with TLS encryption.
Key security features:
- Azure AD service principal authentication
- Automatic token refresh before expiration
- TLS certificate validation (configurable for development)
- No storage of sensitive credentials in logs
IOTA API (Back-end) Security
The Cognite Driver uses NATs message bus to communicate with the IOTA Vue Cluster. The two-way data traffic is encrypted using Transport Layer Security (TLS) on port 443. In addition, the message bus communication security model uses a public-key signature system based on Ed25519 called NKeys. With NKeys, the server can verify identities without ever storing or seeing private keys. The authentication system works by requiring a connecting client to provide its public key and digitally sign a challenge with its private key.
The server generates a random challenge with every connection request, making it immune to playback attacks. The generated signature is validated against the provided public key, thus proving the client's identity. If the public key is known to the server, authentication succeeds.
Supported Operations
| Operation | Description |
|---|---|
| AssetSearch | Search and browse asset hierarchy |
| TagSearch | Search for time series by name |
| Snapshot | Retrieve latest datapoints |
| Plotted | Retrieve historical time series data with aggregation |
| GetDataSources | List available data sources (datasets) |
| UpdateSettings | Update connection settings |
| GetVersion | Return driver version information |