*3.2. WAVE and WAVEMQ*

WAVE is "an authorization framework offering decentralized trust: no central services can modify or see permissions and any participant can delegate a portion of their permissions autonomously" [67]. WAVEMQ is a tiered publish-subscribe message bus that all drivers and applications on XBOS use to transmit messages [68]. WAVE-based keys and permissions authorize drivers and applications to communicate with one another. The tiered nature of WAVEMQ is implemented in the form of a single "designated router" that is deployed on reliable hardware, typically located in the cloud, and additional message routers at each site, called "site routers", as illustrated in Figure 2. The services, which can be drivers or applications that have been granted the required WAVE permissions, can publish (i.e., write) on or subscribe (i.e., read) to a particular topic (i.e., sensor measurements or actuation commands) on the bus.

**Figure 2.** WAVEMQ: A tiered publish-subscribe message bus [68].

During network outages and loss of connectivity between the site routers and the designated router, this tiered architecture of WAVEMQ enables the site router to continue message delivery across the services hosted locally. By buffering messages that have not ye<sup>t</sup> been delivered to the designated router since the loss of Internet connectivity, and by re-attempting to publish these messages once the connectivity has been restored, WAVEMQ also mitigates the risk of data loss. Messages in XBOS are defined using Google's Protocol Buffers or protobufs [69] and the native functions and services are implemented as remote procedural calls using the gRPC framework [70]. These technologies support platform and language independent development, which means drivers and applications can be developed in any programming language and they can use the auto-generated language specific bindings for functions calls and message transmission.
