Demystifying Internet of Things Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Intel has both CPU and Isolated Security Engine capabilities to simplify it. This book explores the challenges to secure these devices to make them immune to different threats originating from within and outside the network. The requirements and robustness rules to protect the assets vary greatly and there is no single blanket solution approach to implement security. Demystifying Internet of Things Security provides clarity to industry professionals and provides and overview of different security solutions What You'll Learn Secure devices, immunizing them against different threats originating from inside and outside the network Gather an overview of the different security building blocks available in Intel Architecture (IA) based IoT platforms Understand the threat pyramid, secure boot, chain of trust, and the software stack leading up to defense-in-depth Who This Book Is For Strategists, developers, architects, and managers in the embedded and Internet of Things (IoT) space trying to understand and implement the security in the IoT devices/platforms

Prototyping and Evaluation of Sensor Data Integration in Cloud Platforms

The SFI Smart Ocean centre has initiated a long-running project which consists of developing a wireless and autonomous marine observation system for monitoring of underwater environments and structures. The increasing popularity of integrating the Internet of Things (IoT) with Cloud Computing has led to promising infrastructures that could realize Smart Ocean's goals. The project will utilize underwater wireless sensor networks (UWSNs) for collecting data in the marine environments and develop a cloud-based platform for retrieving, processing, and storing all the sensor data. Currently, the project is in its early stages and the collaborating partners are researching approaches and technologies that can potentially be utilized. This thesis contributes to the centre's ongoing research, focusing on the aspect of how sensor data can be integrated into three different cloud platforms: Microsoft Azure, Amazon Web Services, and the Google Cloud Platform. The goals were to develop prototypes that could successfully send data to the chosen cloud platforms and evaluate their applicability in context of the Smart Ocean project. In order to determine the most suitable option, each platform was evaluated based on set of defined criteria, focusing on their sensor data integration capabilities. The thesis has also investigated the cloud platforms' supported protocol bindings, as well as several candidate technologies for metadata standards and compared them in surveys. Our evaluation results shows that all three cloud platforms handle sensor data integration in very similar ways, offering a set of cloud services relevant for creating diverse IoT solutions. However, the Google Cloud Platform ranks at the bottom due to the lack of IoT focus on their platform, with less service options, features, and capabilities compared to the other two. Both Microsoft Azure and Amazon Web Services rank very close to each other, as they provide many of the same sensor data integration capabilities, making them the most applicable options.Masteroppgave i Programutvikling samarbeid med HVLPROG399MAMN-PRO

Plant-wide interoperability and decoupled, data-driven process control with message bus communication

Conventional industrial communication systems suffer from rigidness, inflexibility and lack of scalability. The environment is heterogeneous as the systems exchange data with a variety communication protocols, some of which are proprietary. This makes it laborious and expensive to reconfigure or upgrade the systems. As the solution, this article proposes a message-bus-based communication architecture to enable information exchange between systems regardless of their geographical location and position within the functional hierarchy of the plant. The architecture not only enables communication to cross the conventional physical borders but also provides scalability to growing data volumes and network sizes. As proofs of concept, the article presents a prototype in three environments: a copper smelter, a steel plant and a distillation column. The results suggest that the message-bus-based approach has potential to renew industrial communications, a core part of the fourth industrial revolution.H2020, 723661, COCO

A proposal for secured, efficient and scalable layer 2 network virtualisation mechanism

El contenidos de los capítulos 3 y 4 está sujeto a confidencialidad. 291 p.La Internet del Futuro ha emergido como un esfuerzo investigador para superar estas limitaciones identificadas en la actual Internet. Para ello es necesario investigar en arquitecturas y soluciones novedosas (evolutivas o rompedoras), y las plataformas de experimentación surgen para proporcionar un entorno realista para validar estas nuevas propuestas a gran escala.Debido a la necesidad de compartir la misma infraestructura y recursos para testear simultáneamente diversas propuestas de red, la virtualización de red es la clave del éxito. Se propone una nueva taxonomía para poder analizar y comparar las diferentes propuestas. Se identifican tres tipos: el Nodo Virtual (vNode), la Virtualización posibilitada por SDN (SDNeV) y el overlay.Además, se presentan las plataformas experimentales más relevantes, con un foco especial en la forma en la que cada una de ellas permite la investigación en propuestas de red, las cuales no cumplen todos estos requisitos impuestos: aislamiento, seguridad, flexibilidad, escalabilidad, estabilidad, transparencia, soporte para la investigación en propuestas de red. Por lo tanto, una nueva plataforma de experimentación ortogonal a la experimentación es necesaria.Las principales contribuciones de esta tesis, sustentadas sobre tecnología SDN y NFV, son también los elementos clave para construir la plataforma de experimentación: la Virtualización de Red basada en Prefijos de Nivel 2 (Layer 2 Prefix-based Network Virtualisation, L2PNV), un Protocolo para la Configuración de Direcciones MAC (MAC Address Configuration Protocol, MACP), y un sistema de Control de Acceso a Red basado en Flujos (Flow-based Network Access Control, FlowNAC).Como resultado, se ha desplegado en la Universidad del Pais Vasco (UPV/EHU) una nueva plataforma experimental, la Plataforma Activada por OpenFlow de EHU (EHU OpenFlow Enabled Facility, EHU-OEF), para experimentar y validar estas propuestas realizadas

A Survey on the Web of Things

The Web of Things (WoT) paradigm was proposed first in the late 2000s, with the idea of leveraging Web standards to interconnect all types of embedded devices. More than ten years later, the fragmentation of the IoT landscape has dramatically increased as a consequence of the exponential growth of connected devices, making interoperability one of the key issues for most IoT deployments. Contextually, many studies have demonstrated the applicability of Web technologies on IoT scenarios, while the joint efforts from the academia and the industry have led to the proposals of standard specifications for developing WoT systems. Through a systematic review of the literature, we provide a detailed illustration of the WoT paradigm for both researchers and newcomers, by reconstructing the temporal evolution of key concepts and the historical trends, providing an in-depth taxonomy of software architectures and enabling technologies of WoT deployments and, finally, discussing the maturity of WoT vertical markets. Moreover, we identify some future research directions that may open the way to further innovation on WoT systems

Internet of Things From Hype to Reality

The Internet of Things (IoT) has gained significant mindshare, let alone attention, in academia and the industry especially over the past few years. The reasons behind this interest are the potential capabilities that IoT promises to offer. On the personal level, it paints a picture of a future world where all the things in our ambient environment are connected to the Internet and seamlessly communicate with each other to operate intelligently. The ultimate goal is to enable objects around us to efficiently sense our surroundings, inexpensively communicate, and ultimately create a better environment for us: one where everyday objects act based on what we need and like without explicit instructions

A proposal for secured, efficient and scalable layer 2 network virtualisation mechanism

El contenidos de los capítulos 3 y 4 está sujeto a confidencialidad. 291 p.La Internet del Futuro ha emergido como un esfuerzo investigador para superar estas limitaciones identificadas en la actual Internet. Para ello es necesario investigar en arquitecturas y soluciones novedosas (evolutivas o rompedoras), y las plataformas de experimentación surgen para proporcionar un entorno realista para validar estas nuevas propuestas a gran escala.Debido a la necesidad de compartir la misma infraestructura y recursos para testear simultáneamente diversas propuestas de red, la virtualización de red es la clave del éxito. Se propone una nueva taxonomía para poder analizar y comparar las diferentes propuestas. Se identifican tres tipos: el Nodo Virtual (vNode), la Virtualización posibilitada por SDN (SDNeV) y el overlay.Además, se presentan las plataformas experimentales más relevantes, con un foco especial en la forma en la que cada una de ellas permite la investigación en propuestas de red, las cuales no cumplen todos estos requisitos impuestos: aislamiento, seguridad, flexibilidad, escalabilidad, estabilidad, transparencia, soporte para la investigación en propuestas de red. Por lo tanto, una nueva plataforma de experimentación ortogonal a la experimentación es necesaria.Las principales contribuciones de esta tesis, sustentadas sobre tecnología SDN y NFV, son también los elementos clave para construir la plataforma de experimentación: la Virtualización de Red basada en Prefijos de Nivel 2 (Layer 2 Prefix-based Network Virtualisation, L2PNV), un Protocolo para la Configuración de Direcciones MAC (MAC Address Configuration Protocol, MACP), y un sistema de Control de Acceso a Red basado en Flujos (Flow-based Network Access Control, FlowNAC).Como resultado, se ha desplegado en la Universidad del Pais Vasco (UPV/EHU) una nueva plataforma experimental, la Plataforma Activada por OpenFlow de EHU (EHU OpenFlow Enabled Facility, EHU-OEF), para experimentar y validar estas propuestas realizadas

Managing Device and Platform Heterogeneity through the Web of Things

The chaotic growth of the IoT determined a fragmented landscape with a huge number of devices, technologies, and platforms available on the market, and consequential issues of interoperability on many system deployments. The Web of Things (WoT) architecture recently proposed by the W3C consortium constitutes a novel solution to enable interoperability across IoT Platforms and application domains. At the same time, in order to see an effective improvement, a wide adoption of the W3C WoT solutions from the academic and industrial communities is required; this translates into the need of accurate and complete support tools to ease the deployment of W3C WoT applications, as well as reference guidelines about how to enable the WoT on top of existing IoT scenarios and how to deploy WoT scenarios from scratch. In this thesis, we bring three main contributions for filling such gap: (1) we introduce the WoT Store, a novel platform for managing and easing the deployment of Things and applications on the W3C WoT, and additional strategies for bringing old legacy IoT systems into the WoT. The WoT Store allows the dynamic discovery of the resources available in the environment, i.e. the Things, and to interact with each of them through a dashboard by visualizing their properties, executing commands, or observing the notifications produced. (2) We map three different IoT scenarios to WoT scenarios: a generic heterogeneous environmental monitoring scenario, a structural health monitoring scenario and an Industry4.0 scenario. (3) We make proposals to improve both the W3C standard and the node-wot software stack design: in the first case, new vocabularies are needed in order to handle particular protocols employed in industrial scenarios, while in the second case we present some contributions required for the dynamic instantiation and the migration of Web Things and WoT services in a cloud-to-edge continuum environment