Beyond the Broker

Matthew_Johnson · March 25, 2026, 3:27pm

Designing for AIoT Scale with MQTT

MQTT was originally designed to solve a relatively simple problem: reliably collecting data from remote devices and delivering it into backend systems. Early deployments typically involved a roughly symmetrical model, with a comparable number of devices publishing data and applications consuming it. In this environment, a standalone MQTT broker was sufficient. It connected devices, routed messages, and integrated cleanly with enterprise messaging systems.

As IoT deployments have grown in scale and complexity, this model has started to break down. Modern AIoT systems are no longer just collecting telemetry. They are feeding analytics pipelines, triggering automation, supporting machine learning inference, and have feedback loops that operate across cloud, edge, and enterprise systems. This shift places demands on the architecture around MQTT that go far beyond basic message delivery.

AIoT at scale needs an architecture designed for millions of devices, unpredictable networks, constrained edge compute compared to compute in the platform, and intelligent applications growing faster than infrastructure budgets. MQTT is just an entry point into a broader messaging and processing platform, rather than a standalone solution.

From Symmetrical Messaging to IoT Reality

Traditional enterprise messaging systems assume a relatively balanced environment. Applications and endpoints are treated as peers, typically running in controlled, centralised infrastructure with predictable connectivity.

Traditional ESB brokers treat applications and endpoints equally.

IoT violates these assumptions in several ways:

Millions of devices publish data upward, while relatively few systems consume it
Devices are often deployed in untrusted or physically insecure environments
Connectivity is intermittent and unpredictable
Devices rarely communicate directly with one another

IoT messaging flips the model: many devices, few consuming systems, asymmetric traffic patterns.

This results in a highly asymmetrical traffic pattern: many publishers, few consumers, and a strong bias toward device-to-cloud communication. Architectures designed for symmetrical messaging struggle under these conditions.

Supporting this reality requires treating device-to-cloud and cloud-to-device communication differently, and isolating devices so that failures or compromises at the edge do not propagate through the system.

Designing for Fan-In at Planetary Scale

Large-scale IoT systems are dominated by fan-in traffic patterns. In practice, this means:

The majority of messages flow from devices into the platform
Cloud-to-device communication is comparatively rare
Devices may connect, disconnect, and reconnect many times over their lifetime
Overall load grows with the number of devices, not the number of consuming applications

To support this reliably, MQTT must be embedded within an architecture that distributes load beyond a single broker instance. There are two key features to support this:

Logical data partitioning
Incoming device traffic should not be treated as a single homogeneous stream. Instead, messages are partitioned across multiple processing paths based on logical criteria such as tenant, device group, or workload characteristics.
From the device perspective, nothing changes. Devices publish to the same topics using the same protocol. Internally, however, the system ensures that no single node or topic tree becomes a bottleneck.
Independent consumer scaling
Each of those paths is serviced by its own application instance. As message rates increase, new instances can be added to handle the load without affecting devices already in the field.
This separation allows systems to scale horizontally in the data processing layer rather than vertically at the broker endpoint, which is essential when supporting millions of long-lived device connections.

Beyond MQTT: Thinking in Platforms, not Protocols

While MQTT provides a flexible and lightweight mechanism for device connectivity, scalability is ultimately determined by the platform that consumes the data behind the broker.

Historically, many IoT platforms treated MQTT as format-agnostic only at the transport layer. Devices were free to connect using MQTT, but once connected, they were required to conform to a tightly prescribed data model or payload structure imposed by the platform. This pushed complexity to the edge, forcing devices to encode data in platform-specific formats and coupling device firmware directly to backend implementation details.

At scale, this approach becomes a constraint rather than a convenience.

AIoT systems must support a wide variety of device types, protocols, and data representations, often evolving independently over long deployment lifetimes. Requiring uniformity at the device level limits flexibility, increases operational risk, and makes large fleets difficult to evolve.

A scalable architecture instead treats MQTT and other device protocols as ingress mechanisms into a platform that is designed to handle heterogeneity. Key characteristics of such a platform include:

Uniform ingestion across protocols
Data arriving via MQTT, LwM2M, or other device protocols is handled consistently once inside the platform, without privileging one connection mechanism over another.
Payload and format agnosticism at the edge
Devices are free to publish data in formats appropriate to their constraints and use cases, whether JSON, CBOR, protobuf, or binary telemetry, without embedding platform-specific schemas.
Decoupled mapping and normalisation
Translation from device-specific formats into application-facing representations occurs within the platform, where compute resources are available and changes can be managed centrally.

By shifting format normalisation and interpretation away from devices and into the platform, systems gain the ability to evolve data models, analytics pipelines, and intelligence independently of deployed hardware. The platform ensures that applications consuming the data operate over consistent, normalised streams, regardless of how that data was originally produced.

This platform-centric approach is what enables AIoT systems to scale across diverse device fleets while still supporting sophisticated processing, replay, routing, and analytics without repeatedly revisiting device firmware.

Securing Millions of Devices, One at a Time

As the number of connected devices grows, so does the probability that one will eventually be compromised. At AIoT scale, security must be designed around containment rather than prevention alone. MQTT at scale requires:

Device isolation
Each device sees its own topic space. A compromised device cannot impersonate, observe, or interfere with others. All cross-device communication must be mediated by the platform, to prevent abuse by compromised devices.

Device and tenant isolation prevents cross-device compromise.

Multi-tenant identity enforcement
Any identity mechanism in a cloud world must cope with multiple isolated tenants in a single environment and enforce isolation between the tenants.
Certificate-bound authentication
Certificate-based authentication binds device identity at production or deployment time for mass-produced devices, without the mess of configuring and deploying individual passwords, or worse, shared passwords. Preventing compromise of one device from impersonating another is essential in a ‘zero-trust’ environment where you expect compromise of individual devices to be expected.
Support for internal or external PKI systems
Provision of a PKI system, or integration with a customer-provided PKI, is essential for managing device landscapes securely at scale.

These measures reflect the realities of AIoT deployments, where devices may be installed in public spaces, industrial environments, or locations with no physical security controls.

Supporting Intelligent Workloads

Treating the platform as the primary unit of scale enables a shift in how intelligence is applied within AIoT systems.
Once data has been ingested in a uniform way, regardless of device protocol or payload format, higher-level processing no longer needs to account for device-specific concerns. Applications can operate over consistent data streams, while the platform absorbs the complexity of heterogeneity at the edge.
In practice, intelligent AIoT workloads are driven less by raw telemetry volume and more by how data is filtered, interpreted, and acted upon. Common patterns include:

Filtered or aggregated streams produced by edge compute
Event-driven bursts from cameras or condition-based sensors
Outputs from machine learning inference rather than raw measurements
Over-the-air delivery of updated models, rules, or processing logic

Supporting these patterns requires that the platform decouple device communication from application logic. Devices publish data in whatever form fits their constraints and operational context, while the platform provides the mechanisms to transform, enrich, and route that data for downstream use.

This decoupling enables several important capabilities:

Independent evolution of devices and applications
Device firmware can remain stable over long lifetimes, while analytics models, mappings, and processing pipelines evolve continuously within the platform.
Consistent application semantics
Applications consume normalised data streams without needing awareness of how data was originally produced or transported.
Flexible data handling
Payload formats, topic structures, and data models can change without requiring coordinated updates across device fleets.

The result is an architecture where intelligence is applied where compute is plentiful and change is cheap, rather than being pushed into constrained and difficult-to-update devices. This is a prerequisite for AIoT systems that must scale across both device count and analytical sophistication.

Conclusion

MQTT remains a critical and widely adopted protocol for connecting devices, but at AIoT scale it represents only the outermost layer of the system. The protocol solves connectivity; it does not solve heterogeneity, scale, security, or intelligence on its own.

Real-world AIoT deployments must account for long-lived devices, evolving data models, and a growing diversity of protocols and payload formats. Pushing those concerns onto devices creates tight coupling and limits the ability of platforms and applications to evolve independently. Scaling instead requires a platform that can ingest data uniformly, regardless of how it is produced, and present it consistently to applications that provide analytics and intelligence.

The messages flowing through AIoT systems may connect using the ubiquitous MQTT protocol, and while the MQTT broker enables that connection, the value sits in the architecture surrounding it:

device isolation for safety
message backbones for resilience
partitioning and routing for scale
protocol independence for longevity
mapping and orchestration for intelligence

AIoT scale means treating MQTT not as a destination, but as a starting point: the entry layer to a distributed, resilient, and intelligent platform that can grow from early prototypes to millions of devices without architectural redesign.

Talk to an Expert

Have questions or want to dive deeper? Our experts are ready to help you find the best solution for your needs. Speak with an expert now.

Topic	Replies	Views
Scaling IoT with MQTT Blog mqtt , mqtt-basics , device-connectivity , mqtt-service	9	March 30, 2026
Scaling Intelligence Blog mqtt , mqtt-basics , device-connectivity , mqtt-service	51	March 18, 2026
Evolved MQTT for the AIoT Era from Cumulocity — Simple, Secure, and Scalable Events mqtt , device-connectivity , mqtt-service , webinar	15	March 30, 2026
Secure. Scalable. Developer-Friendly Blog mqtt , mqtt-basics , device-connectivity , mqtt-service	92	March 16, 2026
Securing IoT Messaging with MQTT Blog mqtt , mqtt-basics , device-connectivity , mqtt-service	33	March 23, 2026