IEEE Globecom San Diego 2015

Elias Tragos (FORTH) and Vangelis Angelakis (LiU) co-organised a workshop at the prestigious IEEE Globecom conference held in San Diego in December 2015. The workshop was entitled “Networking and Collaboration Issues for the Internet of Everything” and was organised together with the projects TRILLION and SOrBet. The workshop attracted a large number of submissions (24) and after a strict peer-review process only 11 papers were accepted for presentation at the workshop. The workshop was organised in three sessions, complemented by a panel discussion by experts from the organising projects and by a keynote speech. The keynote speaker was Prof. David Elbert (IEEE Fellow, 2015 IEEE CS 2nd Vice President and Treasurer, 2016 IEEE CS 1st Vice President and Vice President of Publications). The workshop attracted a large number of participants, which indeed shows the importance of the topic of security and privacy for the IoT world.

More info regarding the event here

http://globecom2015.ieee-globecom.org/program/technical-program/workshops#TW-17

RERUM with Zolertia team @ Barcelona Smart City Expo and World Congress

From 17th to 19th of November, Zolertia was present in the new edition of the Barcelona Smart City Expo and World Congress (SCEWC) in Barcelona. The SCEWC is the worldwide leading event for the smart city industry presenting companies and speakers from all over the World in its format between expo and congress.

The profile of the expositors include tech companies, big corporations, cities from around the world, all them presenting their smart cities’ applications, show cases and research works.

IMG-20151117-WA0012

In this edition RERUM was present inside Zolertia’s booth at the 4YFN Plaza, right in the center of the Expo zone.

During the three days of the expo more than 400 people came to Zolertia booth to see and touch the new RE-Mote, know how we are using it and learn more about RERUM project.

From these 400 assistants more than 150 showed interest in RERUM project in order to learn more about secure networks for the Smart Cities; most of them were really committed with the incoming importance about security in IoT networks.

IMG_5225

The most common profile interested in RERUM were CTOs from companies suppling technology to the cities and integrators of existing technologies to create Smart Cities solutions, including some big corporations such as Philips, IBM or Cisco (some of them had also booth in the Expo). Visitors who asked for RERUM include also in less percentage academics, entrepreneurs, researchers and CEOs & engineers from Smart City solutions providers.

And the most common comment about RERUM was that now is not a priority but it will be soon. 3 visitors where actually looking for a technology to improve the security on the communications and would buy the RERUM outcomes if they were ready to deploy.

IMG_5221

RERUM @ TRONSHOW 2015

RERUM is constantly striving to achieve an impact going beyond Europe. Upon an invitation Adam Kapovits, RERUM project co-ordinator presented RERUM achievements at the 2015 TRONSHOW in Tokyo, Japan, as part of a European Smart City session, exploring potential co-operation possibilities.

Adam Kapovits, RERUM co-ordinator presenting RERUM achievements at the 2015 TRONSHOW in Tokyo, Japan

Adam Kapovits, RERUM co-ordinator presenting RERUM achievements at the 2015 TRONSHOW in Tokyo, Japan

RERUM @ Meet-IoT 2015 in Turin

RERUM participated at the Meet-IoT 2015 event that took place during 1-2 of October in Turin.
As part of the exhibition, Mr. Pavlos Charalampidis from FORTH demonstrated two demos related to the two out of totally four use cases of the project:
1) A remote live demo of the smart transportation application that included presentation of the privacy-preserving traffic sensing Android app along with traffic results of a pilot deployment at Heraklion. Special emphasis was put on the privacy-enhancing novelties of the solution.
2) Sensor data and network statistics monitoring implemented on RERUM Devices (Zolertia RE-Mote) as part of the environmental monitoring application, ensuring security and energy-efficiency through the use of Compressive sensing.

More than 60 visitors stopped at RERUM’s booth and showed special interest in the activities of the project, raising questions regarding the RE-Mote hardware platform and recognizing the importance of security and privacy on the edge IoT devices.

P1060016

RERUM meets POA#digital from the Brazilian SmartCity of Porto Alegre

Henrich C. Pöhls met Thiago Ribeiro the co-ordinator of POA#digital on his trip through Brazil. POA#digital is the coordinating and technical expert group behind Porto Alegre’s SmartCity initiative.

Mr. Thiago Ribeiro is the coordenador do POA Digital na PrefeitRERUM_Poehls_POADIGITAL_Ribeiroura Municipal de Porto Alegre and thus he is involved in all SmartCity projects of Porto Alegre. Among the technology they mentioned are roadside cameras, participatory sensing apps. For example Mr. Ribeiro mentioned a service called waze for road congestion detection also used in Porto Alegre.

 

Porto Alegre is the capital of the large southern Brazilian state Grande do Azul. Mr. Thiago said that Porto Alegre supports to release information again as open data. It is actively making themselves heard and it is one of the few south american cities that are part of connectedsmartcities.eu. Porto Alegre is actively taking concepts and ideas from leading SmartCities, Mr. Ribeiro mentioned San Francisco, and adept them to suit the southern environment. He explicitly mentioned the climate as a distinguishing factor, e.g. heat and moisture levels are higher than in European Cities.

“Smartcities are not the owners of the citizen-supplied data but the data guardians”

For the city wide deployed cameras Mr. Ribeiro also mentioned that Porto Alegre has a very large fiberoptical network backbone. When we discussed the topic of privacy, Thiago Ribeiro said that “POA#digital sees themselves not as owners of the citizen-supplied data but as data guardians.” Porto Alegre is taking the protection of data at their servers very seriously and the protection of data when it is on their servers is on their agenda.

“SmartCities have a clear need for protection of the integrity of the data sensed and at the same time privacy”

As example of the privacy mechanisms he explained that if security cameras are able (because of viewing angle or because of pan/tilt/zoom functionality) to monitor private spaces, e.g. the windows of a house, than the system is configured and deployed such that those areas are digitally masked from the image feed that is visible to the operator. So the camera operator cannot see into citizens’ private areas. He further explained that openly shared data, the example was health related data the city has, i.e. data that is released as open data, shall not allow identifying individual citizen’s health status. The discussion evolved further and finally centered around the mutual agreement that SmartCities have a clear need for protection of the integrity of the data se2015-07-14 18.43.05nsed and at the same time privacy.
Henrich C. Pöhls from UNI PASSAU will continue to stay in contact with POA#digital.
RERUMs deliverables on privacy —soon to be released— will help to highlight RERUM’s strength. RERUM will investigate if in the future the discussion can be intensified.
We would like to thank Mr. Ribeiro and the team from POA#digital for the time and the insights into Porto Alegre — a Brazilian SmartCity.

Security and privacy in IoT workshop at the IoT week Lisbon

The workshop had a double focus and was split in two parts.

Preserving security as IoT matures and consolidates from the current fragmentation

The contribution by Leonard Ciprian Pitu from Siemens highlighted that the number of attacks increased dramatically recently. Thus, hacking has become a major concern for manufacturers. It was stressed that security should start on device level, and on the hardware level. Life cycle risks: The impact of a large scale call back of for example white goods and the associated costs could be immense.

The contribution of Alexandros Fragkiadakis from FORTH highlighted that as IoT consists of highly heterogeneous networked entities and networks, a number of challenges have emerged including security, trust and privacy, scalability, legislation, and standardisation issues. The vast majority of the security challenges focus on authentication, access control, confidentiality, integrity, availability, and non-repudiation. A number of traditional security attacks (e.g. jamming), as well as novel attacks (e.g primary user emulation attacks in cognitive radio systems), are difficult to be detected and mitigated in the IoT, for reasons related to the vague ownership of the IoT devices, the resource constrained nature of these devices, standardisation issues, and legislation shortcomings.

The final contribution to the security topic from Antonio Jara (HOP UBIQUITOUS S.L.) discussed that in order to successfully break the traditional silos multi purpose and generic solutions, generic enablers, commodity like solutions and re-use of components are needed. Naturally, this process is expected to further increase complexity and heterogeneity, however integration should handle and manage the resulting heterogeneity. Further to heterogeneity scale is also an issue. Bootstrapping and registration of devices should be automated to scale. Connectivity should be global.

Levels of security – a layered approach is envisioned. Basic security should be present, to which increased levels can be added.

 

Innovation and privacy − approaches and best practices that support the innovation process and lead to actual privacy solutions that sell on the market

Klaus Moessner from the University of Surrey emphasised that we should not forget that ultimately the goal of IoT is to support people – technology solutions are only the means but not the end themselves. This means that users need to be involved. In the project SOCIOTAL a co-creation process is adopted to generate applications and uses that are responding to actual user needs and demands. However, the process needs to be transparent for bootstrap and to gain trust. Example given is measuring use and mileage of elevators to schedule service and maintenance in large block of flats – the Novi Sad case.

Data ownership –in most cases the situation is not black and white. Following the bubble principle, privacy circle / sphere, sensors of my smart phone, or other device might collect data for someone else, upon the initiative of that person. In case of a decision later by that someone else, actual data collected must be removed, but the fact / event that some data was collected cannot be erased.

Also, SOCIOTAL does not directly focus on preventing passing on the data to third parties that was made available. However, there were other research efforts that focused exactly on that − the “sticky policy” approach investigated in iCore was provided as an example.

Open data – principle is that data collected using public money should be of public good and serve the purpose of the community. However, as the presentation from Smart Aarhus by Jesper Algren revealed privacy needs to be observed, which sometimes means that geographic accuracy / precision of data needs to be reduced, or only cumulative data (for example from a certain geographic area) needs to be stored to prevent traceability back to individuals. Furthermore, economic impact and interest should be of concern, as certain data generated might have severe negative impact on property valuation, etc.

Another observation made was that health data / records are immensely sensitive.

Open Data Aarhus, being a small player with administration backing can not afford mistakes similar to the XBOX case, when user data was leaked on a very large scale. Any such or similar incident would have a devastating effect on reputation of the initiative, and would mean the end of the project, political support would stop.

Suggestion from floor – Ivan Meseguer, Institut Mines-Télécom – that a more active international dialogue might be helpful, as the problems the different European countries are facing are similar in this relatively unchartered territory. Admittedly though there are historical and cultural differences also embedded in the various jurisdiction frames and practices. Still, a more active dialogue and sharing of best practices would support and ease the way forward, as opposed to acting in isolation.

IoT edge, the primary attack surface

One of the main messages that emerges from the IoT week discussions in Lisbon concerning security is that the edge including the devices themselves represents the primary attack surface due to the resource constraints of the devices and the associated difficulty to adequately protect them, exacerbated by their physical exposure, being deployed in uncontrolled, or difficult to control environments. This situation is expected to prevail even on the long term as the exposure and resource constrained nature are intrinsic characteristics of the edge. Admittedly, technology advancement is expected to make edge devices somewhat more resourceful and less constrained, but this will not change their position as remaining the weakest point in the IoT − the same level of sophistication and protection that is available in more controlled environments and closer to the core of the system will not become feasible. So the edge is expected to remain the main battlefield with a continued arms race between defence and attack or intrusion, with the defence being in a disadvantaged position.

This message came across clearly, both from the discussions within the IERC constituency and also as part of the dialogue with the CHIST-ERA initiative which has Security and Privacy in the IoT as one of its two focus areas in its 2015 Call for projects looking for long term issues in ICT.

RERUM @ VTC Spring

RERUM co-organised the VTC Spring 2015 workshop for Heterogeneous Networking for the Internet of Things together with the EU FP7 MC-IAPP MESH-WISE project. The workshop included a poster session, where the RERUM architecture was presented (as seen in the photo).
Elias Tragos presented a paper on Rate-adaptive compressive sensing for IoT applications, which was well accepted by the audience, raising a nice discussion.
Stefanos Papadakis presented a paper on Empowering the IoT Heterogeneous Wireless Networking with Software Defined Radio, describing the way RERUM uses SDRs at the gateway to handle with one hardware interface multiple networking technologies.
Vangelis Angelakis presented at the demo session the smart traffic monitoring solution developed by Linkoping University as part of the RERUM use cases for ensuring the privacy of the location of the users.

Furthermore, Septimu Nechifor and Elias Tragos participated at a panel entitled “Networking and data in smart city IoT use cases: challenges and opportunities”, which attracted the interest of the participants, raising triggering questions for the challenges of big data and data analytics in the IoT and how future networks can help for the reliable delivery of the data in IoT use cases.

Approximately 40 participants attended the workshop.

image7 IMG_20150511_110552 IMG_20150511_104905

RESI 2015 conference

 

Promotional snippet from the organisers’ program.

Promotional snippet from the organisers’ program.

Dr Tryfonas was invited in the above event to discuss the role of smart connected objects, and their security and resilience on the built environment (Photo). RESI is the largest annual industry showcase of the residential housing sector in the UK and features a range of demonstrations, exhibitions and talks that address aspects of housing. Theo represented RERUM and discussed the potential impact of relevant technologies when deployed in the built environment.

RERUM @ Net Futures 2015 event

RERUM participated at the Net Futures 2015 conference that was held 25-26th of March in Brussels.
RERUM had an exhibition booth at the event, demonstrating two very interesting showcases of the technologies that are being developed within the project.
What was demonstrated was:
1) on device signature scheme, where ECDSA was used to sign json messages on the very constrained Zolertia Z1 platform (see here for a video showing this example)
2) Software Defined Radio (SDR) based IoT gateway, which used SDR devices in order to implement entirely in software the protocols for IEEE 802.11 and IEEE 802.15.4. (see here for a video showing this example)
3) Compressive sensing based encryption on temperature and RSSI measurements (see here for the video)
4) a first draft of the RERUM middleware

The booth attracted a lot of visitors who were very interested on the RERUM activities and asked various questions (i.e. how secure are the people’s data right now and what we can do more).

RERUM plans to showcase more advanced examples of its technologies at the IoT week — stay tuned!

DSC01125 DSC01122 DSC01140 DSC01192