Opendata, web and dolomites
  1. home
  2. trasparenza
  3. open h2020
  4. seriot
  5. reports

Report

Teaser, summary, work performed and final results

Periodic Reporting for period 1 - SerIoT (Secure and Safe Internet of Things)

Teaser

When the Internet of Things (IoT) was confined to RFID, security was assured by encrypted identity and passive characteristics with “intelligence” concentrated in the active transceiver. Now however, IoT devices have local computational and communication capabilities...

Summary

When the Internet of Things (IoT) was confined to RFID, security was assured by encrypted identity and passive characteristics with “intelligence” concentrated in the active transceiver. Now however, IoT devices have local computational and communication capabilities which make them vulnerable to all the attacks that can be directed against any computer-communication system. Cyberattacks, even when they are detected and mitigated, can inflict damage by creating system and network congestion, quality of service (QoS) degradation, degradation of the commercial image or trust in a service system, and substantial increase in energy consumption during the attack detection and mitigation phases. In addition, the interaction of the IoT with devices that participate in the control of critical physical, chemical, and industrial processes, and even human beings (as with health monitoring or fitness sensing devices), and the role of IoT devices as actuators in critical applications such as industrial control or vehicle and traffic control, brings curity of the IoT to the forefront of research. The cyber-threats that we have outlined are the key motivation for the SerIoT project, whose goal is to optimize information and data security in IoT platforms and networks in a holistic, cross-layered manner (i.e. IoT platforms & devices, honeypots, SDN routers and operator’s controller) while also offering Quality of Service (QoS) and insuring energy savings. The results can be used to implement secure IoT ecosystems and networks anywhere and everywhere, while respecting important QoS metrics for end-users, and limiting energy consumption in the system. The SerIoT project finds its origins in earlier work on Distributed Denial of Service (DDoS) Attacks and network storms in successful EU Projects such as FP7 NEMESYS and FP6 CASCADAS. Bringing together star European technology companies DT/T-Sys. and ATOS, with highly competent SMEs such as HIS, HOPU, GRUVENTA, and HIT, world-leading European research organizations IITIS, CERTH, JRC, ICCS, and TECNALIA, and universities UESSEX and TUB with savvy users AustriaTech, DT/T-Sys and OASA, the SerIoT Project develops, implements and tests a generic IoT framework based on the concept of Cognitively Enhanced smart Software Defined Networks using mathematically rigorous Random Neural Networks, augmented with secure routers. The SerIoT system incorporates attack detection and mitigation, QoS and Energy-Aware Routing, advanced analytics and user-friendly data analytics with visual monitoring.

Work performed

\"In the First 18 months, SerIoT has created a unique portable software-based SerIoT network that aims to spearhead Europe’s success in the IoT. We have also been evaluating some of these advances on both individual lab test-beds and in an integrated EU wide testbed with significant use cases with industry partners. SerIoT’s work is composed of Phase 1: Framework Design & Preparation, Phase 2: Technical Development & Innovation, Phase 3: Integration & Validation, Phase 4: Demonstration & Evaluation. The horizontal activities of Project Management, Dissemination/Exploitation & Standardization also proceed. The SerIoT project is currently half-way in its progression. The first year’s effort was focused on the Phase 1 “Framework Design & Preparation”, and we also performed extensive analysis of the use case scenarios and formulated requirements for the system (as presented in D1.2 and D1.3). Risks and threats for IoT systems have been defined, both at the general level and in relation to realistic operational scenarios (D1.1). Extensive SoA analyses have also been carried out, related to the development of Anomaly Detection components, honeypots, PBF solutions (D4.1, D5.1). The overall architecture of the SerIoT framework was defined (D2.1), and formal and functional specification of SerIoT components was carried out (D2.1, D2.2) allowing us to develop the verification and testing methodologies (D2.3). At its eighteen month, the project is currently in the Phase 2 \"\"Technical Development & Innovation\"\" and some of our work has also been related to the Phase 3 \"\"Integration & Validation\"\". These include technologies and the core architectural elements specifications forming the high-level functionality. In particular the SerIoT SDN core network has been designed and the SDN router has been implemented (D3.1), creating the basis for the SerIoT implementation and realization in a real-world environment (D7.1, D7.2, D7.3). A number of implementation tasks (related to different SerIoT components and tools, e.g. secure router & controller, cross-layer anomaly detection framework, virtualized honeypot) have been undertaken and the technical development is at an advanced stage (D3.3, D3.4, D4.2, D5.2). We have started integration in a SerIoT Test Laboratory (TL) environment defined in WP7, is the basis for the deployment of Use Cases (UC) and demonstrations, including WP8 activities that have already started. Indeed, we are now demonstrating the functionality of selected, crucial components, showing that we fulfil the needs of dedicated industry UC scenarios.\"

Final results

The SerIoT Project will deliver an integrated system comprised of generic SDN forwarding engines and routers that react to security alerts, QoS and energy data, to provide the best security levels together with acceptable QoS and energy consumption, and to optimize QoS and energy consumption of the network when security breaches are not present. These beyond-state-of-the-art advances will be achieved with the help of Cognitive Routing based and Random Neural Networks that make the required decisions under the direction of user settings for the different IoT connections. Specific tools for creating and interpreting security alerts, such as smart honeypots and neural network based attack detectors, will be included. Analytics techniques will be included both as part of the automatic detection and mitigation schemes, and for reporting of system level conditions. The system will be complemented with attack and traffic generators for testing and training purposes, together with UC scenarios in real environments to help illustrate the operation and capabilities of the Integrated SerIoT System.

Website & more info

More info: https://seriot-project.eu/.