Platform Architecture

EmberNet uses a layered architecture designed for reliability, security, and scalability in industrial edge environments. This document provides a high-level overview of the platform's architectural design.

Architectural Layers

┌─────────────────────────────────────────────┐
│              Cloud Control Plane            │
│    Fleet Management · Tenant Orchestration  │
├─────────────────────────────────────────────┤
│             Secure Mesh Network             │
│    Zero-Trust · Encrypted · Identity-Based  │
├─────────────────────────────────────────────┤
│              Edge Runtime Layer             │
│  Container Orchestration · Service Mesh     │
├─────────────────────────────────────────────┤
│           Data & Telemetry Layer            │
│  Time-Series Storage · Protocol Adapters    │
├─────────────────────────────────────────────┤
│           Industrial Device Layer           │
│  OPC UA · MQTT · Modbus · SNMP · BACnet    │
└─────────────────────────────────────────────┘

Edge Runtime

Each EmberNet edge node runs a lightweight runtime environment optimized for industrial hardware. The runtime includes:

• Container Orchestration — Workloads are deployed as containers managed by an automated cluster orchestrator. This ensures consistent deployments, automatic recovery, and efficient resource utilization.
• Service Discovery — Services within the edge cluster automatically discover and communicate with each other through internal DNS and service registration.
• Health Monitoring — Continuous health checks ensure that failed services are automatically restarted and rescheduled.

Cluster Architecture

EmberNet edge clusters can be configured in several topologies:

• Single-node — Suitable for small sites with a single industrial computer
• Multi-node — High-availability configurations with automatic failover
• Distributed — Geographically distributed nodes operating as a unified cluster

Data Pipeline

Ingestion

Data flows from industrial devices through protocol adapters into the EmberNet data pipeline:

1. Protocol Adapters collect data from devices using native industrial protocols
2. Data Normalization standardizes readings into a common format
3. Edge Processing applies local rules, filtering, and aggregation
4. Time-Series Storage persists data in high-performance time-series databases
5. Cloud Sync selectively forwards data to the cloud control plane

Storage

EmberNet uses a tiered storage approach:

Tier	Location	Retention	Purpose
Hot	Edge node	7–30 days	Real-time dashboards, alerting
Warm	Edge cluster	30–90 days	Historical analysis, trending
Cold	Cloud storage	1+ years	Compliance, long-term analytics

Networking

Zero-Trust Mesh

All node-to-node and node-to-cloud communications use an encrypted mesh network. Key characteristics:

• No exposed ports — Nodes initiate outbound connections only
• Mutual TLS — All connections are mutually authenticated
• Identity-based routing — Traffic is routed based on cryptographic identity, not IP addresses
• Automatic mesh formation — New nodes join the mesh automatically upon enrollment

Protocol Support

EmberNet supports a wide range of industrial and IT protocols:

• OPC UA — Unified Architecture for industrial data exchange
• MQTT — Lightweight pub/sub messaging for IoT devices
• Modbus TCP/RTU — Legacy PLC and RTU communication
• SNMP — Network device monitoring and management
• BACnet — Building automation and control
• REST/HTTP — Modern API-based integrations

Deployment Models

On-Premises

EmberNet runs entirely on customer-owned infrastructure. The edge runtime is installed on industrial-grade hardware, and all data stays within the customer's network.

Hybrid

Combines on-premises edge nodes with cloud-hosted management and analytics. Edge processing happens locally while fleet management and long-term storage are cloud-hosted.

Managed

Fireball Industries operates the entire platform as a managed service, including hardware provisioning, software updates, and 24/7 monitoring.

High Availability

EmberNet is designed for industrial-grade availability:

• Automatic failover — Workloads are rescheduled to healthy nodes within seconds
• Data replication — Time-series data is replicated across cluster nodes
• Offline resilience — Edge nodes continue operating during network outages
• Rolling updates — Software updates are applied without downtime

Next Steps

• Multi-Tenancy — How tenant isolation works
• System Requirements — Hardware and software prerequisites
• Zero-Trust Networking — Deep dive into the security model