All the presented projects have received funding from the European Union s Horizon 2020 research and innovation programme

Transcription

1 Overview and Accomplishment of the H2020 IoT Security/Privacy Cluster Projects John Soldatos, Athens Information Technology All the presented projects have received funding from the European Union s Horizon 2020 research and innovation programme ETSI, IoT Week, Nice, France,

2 H2020 IoT Security & Privacy Cluster Projects Brain-IoT ENACT CHARIOT IoTCrawler SecureIoT SemIoTics SerIoT SOFIE Eight (8) EC Funded Projects Successful in the H2020 IoT Call for Proposals R&I on IoT integration and platforms Timeframe: 01/01/ /12/2020 (36 months) Focal Area: Solutions for Federation, Interoperability, Security and Privacy Total Budget ~ EUR (IoT Call Budget)

3 Common Innovation Drivers & Motivation "Third Generation" of IoT Systems From Distributed Sensing & Massive IoT/Cloud Systems to Smart Objects with (Semi)Autonomous Behavior From Passive Data Analytics to Field Actuation and Cyber- Physical Systems (CPS) IoT Platforms Interoperability (incl. Security Interoperability) Cross-Platform Interoperability Scenarios (e.g., Supply Chain Management) Alignment to On-Going Evolution and Regulatory Compliance Artificial Intelligence, Distributed Ledger Technologies (DLT) GDPR into force as of May 2018 Foundation for Dynamic Massively Scalable & Autonomous IoT Systems Supporting Industry 4.0 Leveraging AI and Blockchain Technologies

4 Brain-IoT: Model-Based Framework for Dependable Sensing & Actuation in Intelligent Decentralized IoT Systems Objectives, Scope, Validation Interoperability & Dynamic Platforms Federations (Shared Semantic Models linked dynamically to IoT devices) Smart Cooperative Behaviours based on AI features Dynamic AAA Embedded Privacy & Privacy Control Dynamic Commissioning & Reconfiguration (edge/cloud deployment & balancing) Validation Settings: Robotics, Critical Water Infrastructures, H2020 LSP Projects (Smart Cities, Healthcare, Wearables..)

5 ENACT: Development, Operation, and Quality Assurance of Trustworthy Smart IoT Systems Objectives, Scope, Validation Enablers for continuous development and operation of trustworthy IoT systems Risk-driven and agile development and delivery Continuous evolution to keep the smart IoT system trustworthy despite internal threats Address security, privacy, safety, resilience, and reliability. Deal with software updates, new security strategies, new user profiles, policies changes. Validation: Rail, Healthcare, Smart Building Secure and contextaware orchestration of sensors, actuators and software services. Actuation conflict identification Language to specify Devices behavior & security behavior CODE BUILD Simulation and Test environment for Smart IoT applications. Simulate and test security mechanisms. Risk-Driven Design Planning TEST Automated deployment of Smart IoT systems and security mechanisms RELEASE & DEPLOY OPERATE Dynamic adaptation in open contexts & actuation conflicts handling Security, robustness and context monitoring and root-cause analysis

6 CHARIOT: Cognitive Heterogeneous Architecture for Industrial IoT Objectives, Scope, Validation Methodological Framework for the Design and Operation of Safety Critical Systems (safety as cross-cutting concern) Open Cognitive IoT Architecture and Platform for safety critical systems and IoT systems interaction in a secure manner Runtime IoT Privacy, Security and Safety Supervision Engine (IPSE) Privacy Engine based on PKI and Blockchain technologies Firmware Security integrity checking IoT Safety Supervision Engine (ISSE) Analytics Prediction and Dashboard Validation: Trenitalia (Italy) & Athens International Airport (Greece), IBM Campus (Ireland)

7 IoTCrawler: Search Engine for the Internet of Things Objectives, Scope, Validation Search engines that support crawling, discovery and integration of IoT data. Adaptive and dynamic solutions for resource ranking and selection. Distributed crawling and indexing mechanisms to enable near real-time discovery and search of massive real world (IoT) data streams in a secure and privacy- and trust-aware framework. Enablers for security-, privacy and trustaware discovery and access to IoT resources in constrained IoT environments New applications and services that rely on ad-hoc and dynamic data/service query and access. Validation: Smart City, Social IoT, Smart Energy, Industry 4.0 Security, Privacy & Trust Smart city Use cases Machine initiated semantic sear ch Context management Monitoring & fault r ecovery Search Edge broker Social IoT IoT discovery Multi-criteria ranking Adaptive indexing Cloud broker API Smart energy Dynamic crawling Edge broker Distributed IoT framework IoT Resources: sensors and actuators Industry 4.0 Data analysis Edge broker

8 SecureIoT: Predictive Security for IoT Platforms and Networks of Smart Objects Objectives, Scope, Validation End-to-End Security Monitoring for Predictive (AI-based Security) Security Interoperability across IoT Platforms Cross-Platform & Cross- Vertical Validation: Socially Assistive Robots, Smart Manufacturing, Connected Car & Self-Driving IoT Systems (Platforms & Devices) App Cloud Edge Field Device Field Network WP3 Intelligent (Context- Aware) Data Collection Actuation & Automation WP4 IoT Security Template Extraction (Analytics) Global Storage (Cloud) SecureIoT Database + Assets Registry Contextualization Engine Security Policy Enforcement Point Templates IoT Security Templates Database Template Execution Engine (e.g., Rule Engine) IoT Security Knowledge Base Open APIs WP5 Risk Assessment Compliance Auditing Developers Support Developers Support Open APIs

9 SemIoTics: Smart End-to-end Massive IoT Interoperability, Connectivity and Security Objectives, Scope, Validation Patterns for security, privacy, dependability and interoperability Semantic interoperability mechanisms Dynamically and self-adaptable monitoring Embedded intelligence and adaptation Programmable networking with SDN/NFV SEMIoTICS open architecture prototype Promote the adoption of EU technology offerings internationally Validation: Wind Energy, Healthcare, Smart Sensing Field Network Backend/Cloud Industrial Private Cloud Cloud App1 Cloud AppN SDN/NFV based industrial networks Sensor / Actuator SDN Controller 1 SDN switch IIoT Backend instance SDN switch SDN Controller N IIoT Edge instance IoT/IIoT Gateway Sensor / Actuator Deployment View Public Cloud Cloud App1 SDN switch Sensor / Actuator Cloud AppN IIoT Applications IIoT Application & Smart Object Management Discovery and Semantic Interoperability Monitoring Management and Analytics Open IoT Plarforms (FIWARE) Smart Objects Manager IoT Platforms IIoT Enhanced SDN & NFV Networks Logical View Control and Adaptation Learning and Evolution Local. IIoT Application & Smart Object Management Local Analytics Control and Adaptation IIoT Components (Smart Objects) IoT/IIoT Gateway Semi-autonomous IoT devices Sensors Things Events IIoT SPDI Patterns Domain Specific IoT Platforms (e.g. MindSphere) Actuators End-to-end Security Mechanisms

10 SerIoT: Secure & Safe Internet of Things Objectives, Scope, Validation Design a Cognitive Packet Network that interconnects distributed IoT subsystems based on SDN technology Use Smart Packets (SP) to search for secure multi-hop routes having good quality of service & energy efficiency. Use Random Neural Networks for routing decisions and overall network performance improvements Security Aware routing Validation: ITS & Smart Cities, Surveillance, Flexible Manufacturing, Food Chain

11 Federation Adapter Federation Federation Adapter Adapter SOFIE: Secure Open Federation for Internet Everywhere Legacy IoT Application Hybrid IoT Application SOFIE IoT Application Hybrid IoT Application SOFIE Federation Framework Services/API Services/API Services/API Abstraction Abstraction Abstraction Stored Stored Data Stored Data Data IoT IoT Network IoT Network Network Existing open IoT Platforms (e.g. FIWARE) Semantic Representation Inter-ledger transactions Layer Guardtime KSI Ethereum Hyper-Ledger Fabric Objectives & Scope Federation Adapter Existing closed IoT Platforms Secure open federation to enable interoperability between existing IoT platforms Utilizes multiple distributed ledger technologies (DLTs) in parallel Creation of IoT business platforms Enables open data markets... Secure Actuation... SOFIE Component Existing DLT Existing IoT Platform Validation Energy - Electrical vehicle charging, allows optimizing electricity generation and grid load Energy - laboratory pilot with smart meter data Food chain - from field to fork, precise tracking of the whole agricultural supply chain Mixed-reality mobile gaming, allows gamers to interact with real-world

12 Cross Cutting Activities & Joint Results Joint Standardization Efforts Specify/Standardize Common Tools for risk assessment and threat analysis Explore existing standards in lifecycle management for security and trust Knowledge & Experience Sharing Blockchain & DLT Deployment, Operation and Use Joint Thematic workshops on Blockchain IoT Platforms Interoperability and Integration Emphasis on Data-Driven Security Monitoring Streamlining with other EU Efforts (e.g., IoT-EPI) Joint Dissemination and Policy Contributions Common workshops and conferences Joint participation in exhibitions Collaborative contributions to policies (e.g., GDPR compliance, inputs to ECSO)

13 Tentative Release Roadmap & Outlook Mar 19 Initial Platform Releases June 19 First Results of Joint Standardization & Dissemination Efforts Dec 19 Results Validated (Technical Validation) Planning of Business Validation Sep 18 Architectures & Use Cases Detailed

14 Thank you