The WoT Profile Specification defines a Profiling Mechanism and a WoT Core Profile,
which enables out of the box interoperability
among things and devices. Out of the box interoperability implies,
that devices can be integrated into various application scenarios without
deep level adaptations. Typically only minor configuration operations are
necessary (such as entering a network key, or IP address)
to use the device in a certain scenario.
These actions can be done by anyone without specific training.
The WoT Core Profile defines a set of constraints
and rules, which compliant thing descriptions have to adopt
to guarantee interoperability.
These rules are prescriptive, to ensure that
compliant implementations satisfy the semantic guarantees
implied by them. We call this set of rules a Profile.
The WoT Profile Specification as defined in
this document serves two purposes:
It defines a generic Profiling
Mechanism which provides a mechanism to describe a
profile in an unambiguous way. This mechanism can be
used to define additional profiles.
In addition, it defines a WoT Core
Profile of the Thing Description, which
consists of a core data model and protocol
binding rules. The WoT Core
Profile formalizes the results of several PlugFests
that were conducted by the WoT Interest Group and of
tests that were conducted as part of the development.
This document incudes a binding of the core data model to
HTTP(S) and selected notification sub-protocols.
The core data model can be bound to other protocols -
it is expected that bindings to other protocols (e.g. MQTT, CoAP)
will be defined in the near future.
A TD that is compliant to the core profile MUST adhere to
both the constraints on the data model and the protocol binding.
Devices that constrain their use of the Thing Description to
the WoT Core Profile can interoperate with each other
out-of-the-box.
Note that the core profile is not exclusive. Device implementers are free to adopt
other features of the thing description that go beyond the constraints
of the core profile, however the interoperability guarantees of the core profile
hold only for the WoT Core Profile subset.
The name WoT Core Profile is still under discussion in the group and is used as a working title.
It is subject to change after the profile specification has reached a certain level of maturity.
Motivation for a Profile
The W3C WoT Thing Architecture [[wot-architecture]] and
WoT Thing Description [[wot-thing-description]] define a
powerful description mechanism and a format to describe
myriads of very different devices, which may be connected
over various protocols.
The format is very flexible and open
and puts very few normative requirements on devices that
implement it.
However, this flexibility de-facto prevents
interoperability, since, without additional rules,
it allows implementers to make many choices that do not
provide guarantees of common behavior
between implementations.
Introduction
The W3C WoT Architecture [[wot-architecture]] and the WoT
Thing Description [[wot-thing-description]]
have been developed as a versatile format, that allows
describing the interactions between multiple devices and
protocols.
This flexibility permits an easy integration of new device
types and protocols, however it risks interoperability,
since there are no guarantees that two devices
which are formally spec-compliant, will be able to
communicate.
To increase adoption of the WoT specifications,
interoperability between on premise devices, edge devices
and the cloud is essential. Even if every manufacturer is
implementing the current Thing Description specification in
full flexibility, there is no interoperability guarantee;
many choices are still left to the implementations and there
are very few normative requirements that a device has to
fulfill.
Deployment Scenarios
A Thing Description can be used in two fundamentally
different deployment scenarios:
a "brown-field" scenario, where it is created
to describe the interactions with existing systems.
a "green-field" scenario, where a device model
and a thing description are developed together.
For green field deployments, where the implementations
are being carried out and corresponding thing
descriptions are being created, it is easier to achieve
full interoperability by using a small, extensible Core
Profile.
In the brown field area, due to the nature of
existing deployments and protocols, a broad spectrum of
variations and potentially high complexity of thing
descriptions inhibits interoperability and will most
likely lead to additional profiles of the WoT Thing Description
and domain-specific thing consumer implementations.
The WoT Core Profile can be used by green field
deployments and gives guidance to new implementers of
the WoT specifications. It has already proved in
brown-field scenarios in the PlugFests, where existing
devices, that already existed as products, prototypes or
demonstrators, were described with Thing Descriptions
that are constrained to the Core Profile.
During the recent WoT PlugFests there were many
de-facto agreements on the use of a small constrained
subset of interaction patterns and protocol choices.
These de-facto agreements select a common subset of the
WoT Thing Description, based on
proven interoperability among manufacturers.
The aim of this specification is to formalize these
agreements by defining a WoT Core
Profile based on the choices that were made by
the implementers of PlugFest devices.
The WoT Core Profile contains additional
normative requirements that MUST be satisfied by devices
to be compliant to the profile.
WoT Core Profile - A Subset of Affordances
Adoption of the WoT Core Profile will
significantly limit the implementation burden of device
and cloud implementors.
guarantee interoperability among all
implementations of the profile.
limit the implementation complexity for
resource constrained devices.
ensure that a thing description is also useful
for a human reader.
It makes choices on the required metadata fields as
well as the supported interactions and protocol
endpoints. It introduces some constraints on data
schemas for properties and actions which are required
for resource constrained devices in real-world
deployments. The format does not forbid the use of
additional elements of the WoT Thing Description for vendor specific
extensions, however this will impact interoperability.
Out-of-the-box
interoperability
Devices, which implement the Core Profile, are out-of-the-box
interoperable with other Core Profile
compliant devices. Furthermore, the Core Profile
simplifies device validation and compliance testing
since a corresponding conformance test suite can be
defined.
It is also a goal of the WoT Core Profile to
ensure that compliant files can be understood by humans
- therefore descriptions, dates, and author fields are
either mandatory or highly recommended.
Structure of this document
to be added.
A device or consumer implementation complies with this specification if it follows
the normative statements in the present document.
A JSON Schema [[?JSON-SCHEMA]] to validate the compliance of a Thing Description
with the core profile is provided in Appendix .
Terminology
This specification uses the same terminology as the WoT
Architecture and Thing Description specifications.
For convenience of the reader, we use the terms keyword
and field for the linguistic notion vocabulary term
as defined in the Thing Description Specification.
We use the terms device and thing in an
interchangeable manner.
Additional Definitions:
Profile
A set of prescriptive rules, to ensure that
compliant implementations satisfy the semantic
guarantees that are implied by them.
WoT Core Profile
The subset of the Thing Description
defined by the present document.
The Web of Things Thing Description as defined in [[wot-thing-description]].
Profiling Mechanism
In order to conform with a profile, a
Web Thing
MUST conform with all the normative statements in the profile's specification.
In order to denote that a given
Web Thing
conforms to one or more profiles, its Thing Description MUST include a
profile member [[wot-thing-description]]. The value of
the profile member MUST be set to either a valid URI
[[RFC3986]] identifying a single profile, or an array of valid URIs
identifying multiple profiles.
{
"@context": "https://www.w3.org/2019/wot/td/v1",
"id": "urn:dev:ops:32473-WoTLamp-1234",
"profile": "https://www.w3.org/2021/wot/profile/core",
"title": "My Lamp",
"description": "A web connected lamp",
...
}
{
"@context": "https://www.w3.org/2019/wot/td/v1",
"id": "urn:dev:ops:32473-WoTLamp-1234",
"profile": [
"https://www.w3.org/2021/wot/profile/core",
"https://www.w3.org/2021/wot/profile/constrained"
],
"title": "My Lamp",
"description": "A web connected lamp",
...
}
The core data model incorporates the data model defined by chapter 5 of
the Thing Description specification.
The normative rules defined by that data model
are the baseline for the definition of the core data model
and are normative for the core data model.
A core profile compliant implementation MUST additionally satisfy the
requirements of this chapter.
General
The following rules are applicable to multiple
classes of the WoT Thing Description Specification, as they
provide clearer semantics, improved readability and
simplified processing on resource constrained
devices.
Mandatory fields
One of the primary benefits of the WoT Thing
Description over a typical IoT format is the
additional documentation for a human reader.
Therefore, the fields
title
and
description
are MANDATORY for Things, Property Affordances,
Action Affordances, Event Affordances and Data
Schemas.
It is possible to have empty values for these
fields, if, for specific purposes it is not
desired to provide documentation, however this
is NOT RECOMMENDED and the conscious decision is
obvious from the TD.
Length and Value Limits
The length of
id
,
description
and
descriptions
values is limited to 512 characters.
The length of
title
and
titles
values is limited to 64 characters.
Where a type permits using an
array of string
or a
string
, an
array of string
MUST be used.
TODO: decide if multiple types and contexts are required.
In this case the following section could be added:
The only exception to this rule are @context and @type annotations,
where both string or array of string MAY be used.
Where a type permits using an
array of DataSchema
or a
DataSchema
, an
array of DataSchema
MUST be used.
All elements of an
enum
MUST be either
string
or
number
.
Different types in a single
enum
are NOT PERMITTED.
Thing
The Core Data Model applies the following
constraints and rules to the Thing class of section
5.3.1.1 of the WoT Thing Description specification.
Mandatory fields
To provide minimum interoperability, the
following metadata fields of a Thing MUST
be contained in a compliant Thing Description:
keyword
type
remarks
title
string
human readable documentation
id
urn_type
a globally unique urn of the
thing
description
string
human readable documentation
created
date
human readable documentation
modified
date
human readable documentation
support
urn_type
human readable documentation
security
array of string
simplified handling
version
VersionInfo
clear versioning, easy to
compare different TDs
Recommended
practice
It is RECOMMENDED to use the value
"" for strings, where the
value cannot be determined.
If a Thing Description is used solely within
a company, the email address of the developer
SHOULD be used in the support field,
if the Thing Description is provided externally, a support email
address SHOULD be used.
It will be evaluated whether the profile also recommends some new TD terms that may be
introduced in TD 1.1.
Currently the following terms are discussed: serialNumber,
hardwareRevision, softwareRevision, loc_latitude, loc_longitude
loc_altitude, loc_height, and loc_depth.
If these, or some of them, are defined in the TD
1.1 model, they may be recommended here in one of the next draft updates.
Data Schema
Data Schemas are used for the values of Properties,
Action input and output parameters and Event message
payloads. The value of a Data Schema can be
a simple type (boolean, integer, number, string) or
an instance of a structured type (array and object).
The Core Data Model applies the following
constraints and rules to the
DataSchema
class of section 5.3.2.1 of the WoT Thing Description
Specification.
This section defines a subset of the class
DataSchema
that can be processed on resource-constrained
devices.
Data
Schema Constraints
The Core Data Model restricts the use of
arrays and objects to the top level
of Data Schemas, i.e. only a one-level hierarchy is
permitted.
The members of a top level
object
or
array
MUST NOT be array or object types.
This may appear as a severe limitation,
however it is motivated by integrating with
multiple cloud services.
Many enterprise services and applications are based on
(relational) databases, where individual
property values are stored. Of course databases
can also store objects (e.g. encoded as a JSON
string), however this will prevent processing by
other enterprise applications.
If a property conceptually has a deeper
structure, such as grid of lamps with RGB
colors, the structure can be represented in the
keyword of the property, i.e. lamp1_color_r,
lamp1_color_g and lamp1_color_b. A similar
mapping can be done for arrays and hierarchical
objects. This constraint leads to simpler Thing
Descriptions that can be handled by very
limited devices.
The following fields MUST be contained in a
DataSchema:
keyword
type
constraints
description
human readable description
type
string
one of boolean, integer, number,
string, array or object
The values
object
,
array MAY only be used at the top level of a Data Schema.
The type value MUST NOT be null .
Property Affordance
The Core Data Model applies the following
constraints and rules to the
PropertyAffordance
class of section 5.3.1.3 of the WoT Thing Description Specification.
Mandatory fields
The following property fields MUST be contained
in the
properties
element of a Profile compliant TD:
keyword
type
constraints
title
string
unique name among all
properties
description
string
human readable description
type
string
one of boolean ,
string ,
number , integer
, object or
array . The type value
null MUST NOT be used.
Additional Constraints
The Thing Description permits arbitrary
object depths for properties. Parsing of a
deeply nested structure is not possible on
resource constrained devices.
Therefore each
property MUST NOT exceed a maximum depth
of 5 levels of nested
array
or
object
elements. It is RECOMMENDED to keep the nesting
of these elements below 4.
The following additional constraints MUST be
applied to the Property Affordances of a Thing
Description conforming to the Core
Profile:
keyword
type
constraint
const
anyType
MUST NOT be used
enum
array of simple type
Values of enums MAY
only be simple types. Handling of any
type is too complex to implement
on resource constrained devices
forms
array of Forms
The Array of Form
of each property MUST contain only a
single endpoint for each
operation readproperty
, writeproperty , observeproperty
, unobserveproperty.
format
string
If the field format
is used, only formats defined in
section 7.3.1-7.3.6 of
[[JSON-SCHEMA]] MAY be used.
oneOf
string
The DataSchema field oneOf
does not make sense for properties
and MUST NOT be used.
uriVariables
Map of DataSchema
uriVariables MUST
NOT be used.
Recommended Practice
It is highly RECOMMENDED to always specify a
unit
, if a value has a metric.
Authors of Thing Descriptions should be aware, that units
that are common in their geographic region are
not globally applicable and may lead to
misinterpretation with drastic consequences.
The field
unit
could be used for non-decimal numeric types as
well, e.g. a string value with binary or hex
data (
0xCAFEBABE
,
0b01000010
), where the unit is
hex
or
bin
,
to indicate how the value should be
interpreted. It is strongly RECOMMENDED to use
the values
hex
,
oct
or
bin
in this case to achieve interoperability.
Action Affordances
The Core Data Model applies the following
constraints and rules to the
ActionAffordance
class of section 5.3.1.4 of the WoT Thing Description Specification.
Mandatory fields
The following fields MUST be contained in an
action element of an Core Profile compliant TD:
keyword
type
constraints
title
string
unique name among all actions
input
array of DataSchema
all elements of the subclasses
objectSchema and dataSchema MUST
only contain simple types.
output
array of DataSchema
all elements of the subclasses
objectSchema and dataSchema MUST
only contain simple types.
Additional Constraints
The elements of the DataSchema subclasses
ArraySchema and ObjectSchema for the fields
input
and
output
are restricted to simple types in a Thing
Description conforming to the Core
Data Model. Without this limitation a higher
implementation burden would be put on resource
constrained devices (arbitrary cascaded arrays
and multi-level objects) which cannot be
satisfied by all consuming devices.
The following additional constraints MUST be
applied to the Interaction Affordances of a Thing
Description conforming to the Core
Data Model:
keyword
type
constraint
forms
array of Forms
The Array of Form
of each action MUST contain only a single
endpoint.
format
string
If the field format
is used, only formats defined in
section 7.3.1-7.3.6 of
[[JSON-SCHEMA]] MAY be used.
oneOf
string
The DataSchema field oneOf
does not make sense for properties
and MUST NOT be used.
uriVariables
Map of DataSchema
uriVariables MUST
NOT be used.
TODO:
- no optional parameters
- timeout
Recommended Practice
Event Affordance
The Core Data Model applies the following
constraints and rules to the
EventAffordance
class of section 5.3.1.5 of the WoT Thing Description Specification.
A Thing may provide more than one event
mechanism to enable a variety of consumers.
TODO:
The events section needs to be signifcantly extended and define addtional constraints to ensure OOTBI.
LongPoll, WebSockets and WebHooks can be considered as initial candidates for supported protocols for the
event mechanism
to identify appropriate data model constraints.
The individual protocol constraints need to be defined in a respective
protocol binding chapter after they have been identified/evaluated in plugfests.
Mandatory fields
The following fields MUST be present in an event
element of a Core TD:
keyword
type
constraints
title
string
unique name among all events
description
string
human readable description
data
set of DataSchema instances in
a JSON object
only the DataSchema subclasses
booleanSchema, IntegerSchema,
NumberSchema, StringSchema are
permitted
Additional Constraints
The following additional constraints MUST be
applied to the Event Affordances of a WoT Thing
Description conforming to the profile:
keyword
type
constraint
forms
array of Forms
The Array of Form
of each event MUST contain only a single
endpoint.
uriVariables
Map of DataSchema
uriVariables MUST
NOT be used.
Forms
A Thing may provide more than one event
mechanism to enable a variety of consumers.
Mandatory fields
The following fields MUST be present in a form
element of a Core TD:
keyword
type
constraints
title
string
unique name among all events
description
string
human readable description
data
set of DataSchema instances in
a JSON object
only the DataSchema subclasses
booleanSchema, IntegerSchema,
NumberSchema, StringSchema are
permitted
Additional Constraints
The following additional constraints MUST be
applied to the Form elements of a WoT Thing
Description conforming to the Core
profile:
keyword
type
constraint
security
string or Array of string
security at form
level MUST NOT be used.
scopes
string or Array of string
scopes MUST NOT be
used.
Links
TODO: Consider
selecting a defined set from [[RFC8288]].
The "type" relationship as defined in chapter 6 of
[[RFC6903]] is reserved for indicating an instance
relationship between a thing and a thing template.
The Core Data Model does not put additional
constraints or requirements on links. The
interpretation of a link is out of scope.
Security
The Core Data Model defines a subset of the
security schemes that MAY be implemented on resource
constrained devices.
A security scheme MUST be
defined at the thing level.
The security scheme is
applied to the thing as a whole, a thing may adopt
multiple security schemes.
The set of security schemes supported in the Core
Data Model is based on the PlugFest results.
To ensure interoperability, a TD consumer, which
compliant with the Core Data Model MUST
support all of the following security schemes:
no security
Basic Auth
Digest
Bearer Token
Oauth2
Recommended Practice
When using the "no security" or "Basic Auth"
security schemes it is strongly recommended to
use transport layer encryption.
Protocol Binding
This section defines a protocol binding which describes how a
Consumer
communicates with a
Web Thing
[[wot-architecture]] using JSON [[JSON]] payloads over
the HTTP [[HTTP11]] protocol.
A Consumer or Web Thing conforming to the WoT Core Profile
MUST implement this protocol binding.
Properties
readproperty
The URL of a Property resource to be used when reading
the value of a property MUST be obtained from a Canonical TD by
locating a
Form inside the corresponding
PropertyAffordance
for which the value of its op member is
readproperty and the
URI
scheme [[RFC3986]] of the value of its href member
is http or https.
In order to read the value of a property, a Consumer MUST send
an HTTP request to a Web Thing with:
Method set to GET
URL set to the URL of the Property resource
Accept header set to application/json
GET /things/lamp/properties/on HTTP/1.1
Host: mythingserver.com
Accept: application/json
If a Web Thing receives an HTTP request following the format
above and the Consumer has permission to read the corresponding
property, then upon successfully reading the value of the property
it MUST send an HTTP response with:
Status code set to 200
Content-Type header set to application/json
A body with the value of the property serialized in JSON
HTTP/1.1 200 OK
Content-Type: application/json
false
writeproperty
The URL of a Property resource to be used when writing
the value of a property MUST be obtained from a Canonical TD by
locating a
Form inside the corresponding
PropertyAffordance
for which the value of its op member is
writeproperty and the
URI
scheme [[RFC3986]] of the value of its href member
is http or https.
In order to write the value of a property, a Consumer MUST send
an HTTP request to a Web Thing with:
Method set to PUT
URL set to the URL of the Property resource
Accept header set to application/json
Content-Type header set to application/json
A body with a requested new value for the property serialized
in JSON
PUT /things/lamp/properties/on HTTP/1.1
Host: mythingserver.com
Content-Type: application/json
Accept: application/json
true
If a Web Thing receives an HTTP request following the format
above and the Consumer has permission to write the corresponding
property, then upon successfully writing the value of the
property it MUST send an HTTP response with:
Status code set to 204
HTTP/1.1 204 No Content
readallproperties
The URL of a Properties resource to be used when
reading the value of all properties at once MUST be obtained from a
Canonical TD by locating a
Form inside the top level
forms member
for which the value of its op member is
readallproperties and the
URI
scheme [[RFC3986]] of the value of its href member
is http or https.
In order to read the value of all properties, a Consumer MUST send
an HTTP request to a Web Thing with:
Method set to GET
URL set to the URL of the Properties resource
Accept header set to application/json
GET /things/lamp/properties HTTP/1.1
Host: mythingserver.com
Accept: application/json
If a Web Thing receives an HTTP request following the format
above, then upon successfully reading the values of all the
readable properties to which the Consumer has permission to
access, it MUST send an HTTP response with:
Status code set to 200
Content-Type header set to application/json
A body with the values of all readable properties serialized
in JSON, as an object keyed by property name
The URL of a Properties resource to be used when
writing the value of multiple properties at once MUST be obtained
from a Canonical TD by locating a
Form inside the top level
forms member
for which the value of its op member is
writemultipleproperties and the
URI
scheme [[RFC3986]] of the value of its href member
is http or https.
In order to write the value of multiple properties at once, a
Consumer MUST send an HTTP request to a Web Thing with:
Method set to PUT
URL set to the URL of the Properties resource
Content-Type header set to application/json
Accept header set to application/json
A body with requested new values for the writable properties
serialized in JSON, as an object keyed by property name
If a Web Thing receives an HTTP request following the format
above, then upon successfully writing the values of the requested
writable properties it MUST send an HTTP response with:
Status code set to 204
HTTP/1.1 204 No Content
Other operations under consideration include
observeproperty, unobserveproperty,
observeallproperties and
unobserveallproperties.
These operations would require consesus on a default observe
mechanism for HTTP (e.g. Server Sent Events or WebSockets).
readmultipleproperties is currently excluded due to
the complexities of the request payload format and because it
doesn't add much functionality over readproperty and
readallproperties.
writeallproperties is currently excluded because it
is just a special case of writemultipleproperties.
Actions
invokeaction
The URL of an Action resource to be used when invoking
an action MUST be obtained from a Canonical TD by locating a
Form inside the corresponding
ActionAffordance
for which the value of its op member is
invokeaction and the
URI
scheme [[RFC3986]] of the value of its href member
is http or https.
In order to invoke an action on a Web Thing, a Consumer MUST send
an HTTP request to the Web Thing with:
Method set to POST
URL set to the URL of the Action resource
Accept header set to application/json
Content-Type header set to application/json
A body with an input to the action, if any, serialized in
JSON
If a Web Thing receives an HTTP request following the format
above and the Consumer has permission to invoke the corresponding
action, then upon successfully invoking the action it MUST send an
HTTP response with:
The response to invoking an action needs to be defined.
Given not all actions can be completed within the
timeout period of an HTTP response, this may need to include a
reference to an action request resource in an action queue (see
#302).
Other operations under consideration include
queryaction, updateaction and
cancelaction. These operations do not yet exist in
the WoT Thing Description specification (see
#302
).
Events
Other operations under consideration include
subscribeevent, unsubscribeevent,
subscribeallevents, unsubscribeallevents,
readpastevents and readallpastevents.
subscribeevent, unsubscribeevent,
subscribeallevents and
unsubscribeallevents would require consensus on a
default event subscription mechanism for HTTP (e.g. Server Sent
Events or WebSockets).
subscribeallevents and
unsubscribeallevents do not yet exist in the WoT Thing
Description specification (see
#1082
).
readpastevents and readallpastevents do
not yet exist in the WoT Thing Description specification (see
#892
).
Error Responses
If any of the operations defined above are unsuccessful then
the Web Thing MUST send an HTTP response with an HTTP error code which
describes the reason for the failure. It is RECOMMENDED that error
responses use one of the following HTTP error codes:
400 Bad Request
401 Unauthorized
403 Forbidden
404 Not Found
500 Internal Server Error
Web Things MAY respond with other valid HTTP error codes
(e.g. 418 I'm a teapot),
but Consumers MAY interpret those error codes as a generic 4xx or 5xx
error with no special defined behaviour.
If we define the finite set of error responses as above then we
should also define what a Consumer should do if it receives a 3xx
redirect type response.
If an HTTP error response contains a body, the content of that body
MUST conform with with the Problem Details format [[RFC7807]].
External TD
representations
The default representation is JSON. Semantic
annotations based on JSON-LD MAY be present but are not
required to perform all interactions with the thing
instance.
Canonical TD
representation
A canonical representation serves multiple purposes.
It is simplifying the parsing process, enables to identify
equivalent TDs by simple string comparisons.
Furthermore it allows the use of a simple signing mechanism,
such as Linked Data Proofs or JSON Web Signatures [[RFC7515]] and enables
identity checks on encrypted TDs.
The canonical JSON representation format of a TD adopts the JSON Canonicalization Scheme (JCS) defined by
6292.
Open Issues
define action semantics
define subscription mechanism
Examples
JSON Schema of the Core Profile
A Thing Description can be syntactically validated with the JSON Schema [[?JSON-SCHEMA]] for compliance with
the core profile.
