This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 780139.
Internet of Things (IoT) was given birth in the late 10’s, when the threshold of connecting more objects than people to the Internet, was crossed. Having its roots in a globally interconnected continuum of RFID (Radio Frequency Identification and Detection)-based technology, the IoT concept has been considerably extended to the current vision that envisages of billions of physical things or objects, outfitted with different kinds of sensors and actuators, being connected to the Internet via heterogeneous access networks enabled by technologies.
Currently, IoT is emerging as the next big thing introducing the next wave of innovation with rather endless possibilities. For instance, IoT opens a huge window of opportunity for the development creation of applications (e.g. automation, sensing, and machine-to-machine communication, etc.), promises to improve and to optimize our daily life, and forms the infrastructure that allows intelligent sensors and smart objects to communicate and work together.
Contrary to the World Wide Web (i.e. the application layer) that was developed upon the infrastructure of the Internet (i.e. the physical layer or network made up of switches, routers, and other equipment), IoT becomes immensely important because it is the first real evolution of the Internet – a leap that will lead to revolutionary applications that have the potential to dramatically improve the way people live, learn, work, and entertain themselves.
Today, that IoT is well under way, changing people’s lives for the better, it has created new application domains or has already infiltrated and dominated in a wide range of existing ones (e.g. Consumer Automotive, telecommunications, Home and Building Automation, Data Center and Cloud, Consumer Devices, Industrial, Medical, Commercial Transportation). So, as Personal Computers (PCs) start to show revenue declines, the Internet of Things (IoT) is rising as the next big wave after PCs, networking, and mobile systems. Moreover, based on the “cloud” trend that indicates “everything to be connected”, we can also refer to the so-called Internet of Everything (IoE), which represents the open access to data from one or more monitoring and control systems by third-party applications to provide unique, additional value to stakeholders.
In this framework, it is a common place in the research community and the IoT related industry that there the challenges in future IoT and IoE will affect issues, such as the lack of a shared infrastructure and common standards, the management of the (big) data, including control and sharing, the security, the flexibility, adaptability and scalability, and of course the maintenance and update of the IoT network. While analysts agree on the fact that security concerns and the effective management of produced data need to be worked out before the IoT can be fully developed, there is little doubt the long-range impact will be substantial.
With its arrival EU industry, homes and society will be catapulted into the huge arena of security risks that accompany an untested yet already universal technology that directly manages our cyber-physical reality on a daily, and indeed second by second, basis. Attacks on the content and quality of service of the IoT platforms can have economic, energetic and physical security consequences that go way beyond the traditional Internet’s lack of security, and way beyond the threats posed by attacks to mobile telephony. Yet, these threats to the IoT ,are also a great opportunity for those who will know how to harness security science and technology in order to counter the threats in a cost effective manner and market products that can support the development of a thriving business that assures the safety and security of the IoT.
While today security technologies play a role in mitigating risks connected to IoT security, we foresee problems and potential threats. It is not enough to include what has been developed until now. In currently developed systems, the data is not delivered using uniform, consistent technology, often conflicting protocols, with unverified designs. Moreover, we think of the maintenance cycle in a very short term span, which makes updates of IoT systems not compliant. Lack of standards for authentication and authorization, as well as the security standards, and platform configurations means that every vendor creates their own ecosystem. On top of that comes prevention from attack all the way from information stealing, physical tempering to problems we have not encountered in pre-IoT world, like denial-of-sleep attacks. As today the infrastructure is centralized and focused on a client/server model, all communication needs to go through the internet even when the devices are physically next to each other. The authentication relies on the central server that can be easily compromised. The model works well for small scale IoT but does not provide sufficient mechanisms for future, large scale IoT projects, and even if – it would incur very high costs. In order to overcome these issues we will seek to provide a decentralized approach with peer to peer communication, distributed file sharing and autonomous device coordination, using the latest breakthrough technology: Blockchain. Blockchain is a distributed ledger that allows to information about data transfers between parties in a secure, publically verifiable, efficient, trustless way. The properties the technology brings to the system come from the features of the method: by design a blockchain is distributed in an anonymous peer to peer network. All transactions (or data transfers) are public, auditable and recorded in blocks that are added to the top of the chain. There is no way to remove anything from a blockchain, one can only add a modified version of a block. As it is decentralized there is no authority that can be easily compromised. We plan to use the properties offered by blockchain technology to help improve the shortcomings of IoT: keep immutable record of the history of smart devices, as well as improve the security and trust of messaging by leveraging smart contracts and Bitcoin transactions. This cutting edge technology has been already introduced by some companies in the field of IoT, but we plan to seek how to improve some of its shortcomings and explore how we can bring it to the standardization bodies.
SerIoT will optimize the information security in IoT platforms and networks in a holistic, cross-layered manner (i.e. IoT platforms & devices, honeypots, SDN routers and operator’s controller) in order to offer a secure SerIoT platform that can be used to implement secure IoT platforms and networks anywhere and everywhere.
The SerIoT project will address all the aforementioned challenges under a common framework that will be developed based on the cooperative efforts and prior expertise of a strong interdisciplinary consortium, including the most important European key players in the IoT domain. Bringing together star European technology companies such as DT/T-Sys. and ATOS together with highly competent SMEs such as HIS, HOPU, GRUVENTA, HIT and ATECH and world-leading European research organisations such as CERTH, JRC, TUB, ICCS, IITIS-PAN and TECNALIA and universities like UESSEX and TUB with savvy users such as OASA, Austria Tech and DT/T-Sys. The SerIoT project will develop, implement and test a generic IoT framework based on a specific adaptation of the concept of smart Software Defined Networks, augmented with secure routers, advanced analytics and user friendly visual analytics. The SerIoT project will create a unique and portable software-based SerIoT network that can spearhead Europe’s success in the Int ernet of Things. These advances will be evaluated on both individual lab test-beds and an integrated EU wide testbed interconnected through UEssex and demonstrated via significant use cases by industry partners.