The new IoTAC security model for IoT architecture will be validated. Validation will comprise assessment of operational performance, security compliance measured by the SSD platform and the IoTAC SAM platform, as well as the measurement of security improvements over the legacy systems. Four demonstrations will be organized with different IoT use cases, i.e. Consumer, Industrial/Commercial, Airborne, Automotive.
Consumer use case
The CERTH/ITI nZEB Smart House is the first Smart near-Zero Energy Building in Greece. It combines a rapid prototyping & novel technologies demonstration infrastructure resembling a real domestic building where occupants can experience actual living scenarios while exploring various innovating smart IoT-based technologies with provided Energy, Health, Big Data, Robotics, and Artificial Intelligence (AI) services. The PragmaIoT platform, which provides access to all services, will be used as a small-scale testbed to evaluate the proposed Software Security by Design (SSD) platform. The security level of the PragmaIoT applications and services will be improved by fixing the identified security issues and by applying the recommendations provided by the SSD platform. The run-time security monitoring features of the IoTAC framework (e.g., Honeypots) along with techniques like threat modelling and simulated attacks will be used to evaluate how much the utilization of the SSD platform improved the security level of the overall IoT platform.
Industrial/Commercial use case
An unmanned vending machine of ATOS will be monitored and managed with the IoTAC technology.
Telemetry will be used to monitor the operation specifics of the terminal and to use the data for preventive maintenance, as well as to monitor stock level, to optimize logistics and replenishment of the terminal – these functions will require different credentials and will primarily be performed in static M2M scenarios.
Credentials will be issued to a smart card, connected to the monitoring system.
Mechanics and the merchandise uploader will also need credentials, though these credentials will be ad hoc (temporary) and they need to be delivered over-the-air to the users’ secure elements. For this purpose we will use the TEE in the mobile phone and/or chip cards in the cloud based card farm.
The commands will be validated using SDKs and the secure gateway module integrated into the terminal checking the integrity of the commands, and the overall operation will be monitored with the IoTAC runtime modules. As there are a large number of terminals already deployed and the software applications of these devices cannot be easily modified the integration of this extra module is the most effective way to increase the protection of the terminals. The operation will demonstrate how the security protection of a legacy system can be increased with minimal changes using the IoTAC architecture.
Airborne use case
The operation will focus on the vulnerability of Unmanned Air Systems and the vulnerability of fixed sensors that are in remote locations without human protection. Such systems are used for civil protection against large disasters (e.g. firestorms), while they can also be extended to monitoring of critical infrastructures such as roads or railways. A model of the system will be established with the user workstations, a ground control station (GCS) for UAVs, access points, and nodes. The system will be built around a hybrid communication network that combines fixed lines and wireless segments. The mobile sensors, UAVs, satellites will also be complex systems with their own protection systems.
The demonstration aims to test the solutions developed in the project to protect large distributed systems against attacks. The challenge is to detect intrusions in the system and the resulting attacks. The pilot will consist of testing the runtime monitoring features implemented by the project and solutions to counter the possible attacks on the system.
Automated Driving use case
The Automated Driving (AD) use case will be validated, in which V2x data is exchanged to enable cooperative manoeuvres within its own test track and AD resources in the geographical environment of a real urban environment.
This scenario integrates decision-making algorithms at different SAE levels (2-4) of automation and avails information exchange between the vehicles, pedestrians and the network. The exchanged information conforms to a dataset that ranges from road and weather conditions to data that enables cooperative decision making, such as road status (obstacles) or traffic information for generation of the optimal route.
A virtual environment with virtual vehicles and real automated driving implementation is going to be used to demonstrate IOTAC´s technologies/modules developed, at different project stages, targeting interdomain connectivity and self-management, and configuration capabilities.