Thermokon
The living environment in the Bremen Ambient Assisted Living Lab (BAALL) of the DFKI research department Cyber-Physical Systems is equipped with intelligent, networked technologies.

The living environment in the Bremen Ambient Assisted Living Lab (BAALL) of the DFKI research department Cyber-Physical Systems is equipped with intelligent, networked technologies. ©DFKI, Annemarie Popp

Hardware testing in the laboratory of TÜV Informationstechnik GmbH

Hardware testing in the laboratory of TÜV Informationstechnik GmbH ©TÜV Informationstechnik GmbH

To detect and prevent side channel attacks, the electromagnetic radiation of a chip is measured.

To detect and prevent side channel attacks, the electromagnetic radiation of a chip is measured. ©TÜV Informationstechnik GmbH

Press –

More security in the network: joint project develops open and certifiable sensor platform for IoT applications

Digitization is increasingly permeating all aspects of our lives. Thanks to the "Internet of Things" (IoT), objects can now be connected in ways that simplify our daily routines in many ways. However, there are significant risks associated with handling private data and devices used in sensitive settings. In the SASPIT project, a consortium led by the German Research Center for Artificial Intelligence (DFKI) aims to develop a certifiable IoT sensor platform with comprehensive security guarantees. For broad and flexible application, the partners rely on open-source hardware and software standards.

A growing number of people are equipping their home or work environment with IoT components such as smart meters, temperature sensors or cameras. This has many advantages: smart meters allow for cost-effective electricity tariffs optimized to the actual consumption; electricity, and CO₂ can be saved thanks to intelligent control of heating or air conditioning; surveillance cameras and fire detectors provide additional security. However, there are significant security concerns. For one thing, the use of IoT technologies usually involves private and sensitive data. For another, the devices are sometimes installed in security-critical locations (e.g., intelligent door locks). At the same time, there is a lack of adequate security standards. This circumstance is due not only to the tremendous cost pressures but also the absence of standardization in this field. Incidents such as the leak of private live videos at an American security technology manufacturer underscore the urgency of this issue.

Collaboration partners aim for standardized IoT security architecture

This is where the SASPIT project (Safe and Secure Sensor Platform for IoT), funded by the German Federal Ministry of Education and Research (BMBF) with approximately 3.3 million euros, comes into play. In this project, a consortium of industry and research partners, coordinated by the DFKI research department Cyber-Physical Systems, is working on an open and standardized IoT sensor platform. In addition to DFKI, the consortium includes Thermokon Sensortechnik GmbH, Infosim GmbH & Co KG, TÜV Informationstechnik GmbH, Mixed Mode GmbH, Ingenics Digital GmbH, PHYSEC GmbH, RheinMain University of Applied Sciences and Ruhr University Bochum with its chairs for Security Engineering and for Digital Communication Systems. The project's results will be illustrated through demonstrators in the field of home or office automation.

"The planned sensor platform is intended to serve as the basis for a standardized security architecture for IoT systems. To this end, we are looking at all levels of system design and investigating measures at various stages of the value chain to increase trustworthiness all the way to a certifiable system. We are looking forward to an interesting project with competent partners that will help people to enjoy the benefits of smart devices with a good conscience," says project manager Prof. Dr. Christoph Lüth from DFKI's Cyber-Physical Systems research department.

Project harnesses the advantages of open source systems

During the development of the platform, the SASPIT partners will release as many results as possible as open source (both hardware and software) to ensure reusability for other market participants. This also brings a high level of flexibility for end users who are not restricted to a specific manufacturer when choosing devices. The design of the processors specialized for the Smart Home context is based on the RISC-V architecture. This open hardware architecture offers an independent and cost-effective alternative to the major chip manufacturers and is seen as a key to Germany's and Europe’s digital sovereignty, especially in times of semiconductor supply bottlenecks. For the RISC-V processors, which are enhanced with sensors and actuators, the partners are developing a generic, open-source software architecture. This way, a complete system of intelligent IoT sensors is created, which can be combined as platform nodes into networks to intelligently and securely connect, for example, entire rental apartment complexes. For this purpose, a suitable management infrastructure will be implemented to ensure the confidentiality of data on individual nodes.

Guaranteed data security in design and after delivery

To protect personal data, the partners implement specialized cryptographic components and encryption techniques and devise measures to harden them against physical attacks. The fundamental objective is to consider successful verification and certification in both software and hardware development and to create the necessary prerequisites. This contrasts with existing IoT solutions for the home sector, which do not currently require certification and thus may be potentially insecure. Furthermore, the partners employ innovative radiation analyses to ensure the security of the sensors even after manufacturing, during the delivery process, and in operation. In this process, a distinctive radiation signature, applied directly to the circuit board, detects any alterations made to a device after delivery.

Pioneering Sensor Technology from Germany

Thermokon Sensortechnik GmbH, an innovative sensor technology company, has earned an excellent reputation in the development and manufacturing of sensor technology for HVAC and building automation. Since its foundation in 1987, the company has experienced continuous growth based on the visionary integration of new and innovative technologies. Thermokon has developed an expertise in both wireless technologies like EnOcean and LoRaWAN as well as the commonly used BUS systems in building automation such as Modbus, BACnet, KNX and LON. The entire product portfolio is specifically engineered to contribute to energy-efficient buildings. As an active member of the consortium, Thermokon takes the responsibility for the development of all sensors, which will be integrated into the demonstrator for building automation.

More information:
SASPIT-Website: http://saspit.cs.hs-rm.de/

DFKI-Contact:
Prof. Dr. Christoph Lüth
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI)
Cyber-Physical Systems
E-Mail: Christoph.Lueth@dfki.de 
Tel.: 0421 218 59830

DFKI Press contact:
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI)
Communications & Media
E-Mail: communications-hb@dfki.de
Tel.: 0421 178 45 4180

Images:
SASPIT_DFKI_BAALL, Copyright: DFKI, Annemarie Popp
SASPIT_Hardwarepruefung, Copyright: TÜV Informationstechnik GmbH
SASPIT_Seitenkanalanalyse, Copyright: TÜV Informationstechnik GmbH

Top