More security in the network: joint project develops open and certifiable sensor platform for IoT applications
A growing number of people are equipping their home or work environment with IoT components such as smart meters, temperature sensors or cameras. This has many advantages: smart meters allow for cost-effective electricity tariffs optimized to the actual consumption; electricity, and CO₂ can be saved thanks to intelligent control of heating or air conditioning; surveillance cameras and fire detectors provide additional security. However, there are significant security concerns. For one thing, the use of IoT technologies usually involves private and sensitive data. For another, the devices are sometimes installed in security-critical locations (e.g., intelligent door locks). At the same time, there is a lack of adequate security standards. This circumstance is due not only to the tremendous cost pressures but also the absence of standardization in this field. Incidents such as the leak of private live videos at an American security technology manufacturer underscore the urgency of this issue.
Collaboration partners aim for standardized IoT security architecture
This is where the SASPIT project (Safe and Secure Sensor Platform for IoT), funded by the German Federal Ministry of Education and Research (BMBF) with approximately 3.3 million euros, comes into play. In this project, a consortium of industry and research partners, coordinated by the DFKI research department Cyber-Physical Systems, is working on an open and standardized IoT sensor platform. In addition to DFKI, the consortium includes Thermokon Sensortechnik GmbH, Infosim GmbH & Co KG, TÜV Informationstechnik GmbH, Mixed Mode GmbH, Ingenics Digital GmbH, PHYSEC GmbH, RheinMain University of Applied Sciences and Ruhr University Bochum with its chairs for Security Engineering and for Digital Communication Systems. The project's results will be illustrated through demonstrators in the field of home or office automation.
"The planned sensor platform is intended to serve as the basis for a standardized security architecture for IoT systems. To this end, we are looking at all levels of system design and investigating measures at various stages of the value chain to increase trustworthiness all the way to a certifiable system. We are looking forward to an interesting project with competent partners that will help people to enjoy the benefits of smart devices with a good conscience," says project manager Prof. Dr. Christoph Lüth from DFKI's Cyber-Physical Systems research department.
Project harnesses the advantages of open source systems
During the development of the platform, the SASPIT partners will release as many results as possible as open source (both hardware and software) to ensure reusability for other market participants. This also brings a high level of flexibility for end users who are not restricted to a specific manufacturer when choosing devices. The design of the processors specialized for the Smart Home context is based on the RISC-V architecture. This open hardware architecture offers an independent and cost-effective alternative to the major chip manufacturers and is seen as a key to Germany's and Europe’s digital sovereignty, especially in times of semiconductor supply bottlenecks. For the RISC-V processors, which are enhanced with sensors and actuators, the partners are developing a generic, open-source software architecture. This way, a complete system of intelligent IoT sensors is created, which can be combined as platform nodes into networks to intelligently and securely connect, for example, entire rental apartment complexes. For this purpose, a suitable management infrastructure will be implemented to ensure the confidentiality of data on individual nodes.
Guaranteed data security in design and after delivery
To protect personal data, the partners implement specialized cryptographic components and encryption techniques and devise measures to harden them against physical attacks. The fundamental objective is to consider successful verification and certification in both software and hardware development and to create the necessary prerequisites. This contrasts with existing IoT solutions for the home sector, which do not currently require certification and thus may be potentially insecure. Furthermore, the partners employ innovative radiation analyses to ensure the security of the sensors even after manufacturing, during the delivery process, and in operation. In this process, a distinctive radiation signature, applied directly to the circuit board, detects any alterations made to a device after delivery.
Pioneering Sensor Technology from Germany
Thermokon Sensortechnik GmbH, an innovative sensor technology company, has earned an excellent reputation in the development and manufacturing of sensor technology for HVAC and building automation. Since its foundation in 1987, the company has experienced continuous growth based on the visionary integration of new and innovative technologies. Thermokon has developed an expertise in both wireless technologies like EnOcean and LoRaWAN as well as the commonly used BUS systems in building automation such as Modbus, BACnet, KNX and LON. The entire product portfolio is specifically engineered to contribute to energy-efficient buildings. As an active member of the consortium, Thermokon takes the responsibility for the development of all sensors, which will be integrated into the demonstrator for building automation.
More information:
SASPIT-Website: http://saspit.cs.hs-rm.de/
DFKI-Contact:
Prof. Dr. Christoph Lüth
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI)
Cyber-Physical Systems
E-Mail: Christoph.Lueth@dfki.de
Tel.: 0421 218 59830
DFKI Press contact:
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI)
Communications & Media
E-Mail: communications-hb@dfki.de
Tel.: 0421 178 45 4180
Images:
SASPIT_DFKI_BAALL, Copyright: DFKI, Annemarie Popp
SASPIT_Hardwarepruefung, Copyright: TÜV Informationstechnik GmbH
SASPIT_Seitenkanalanalyse, Copyright: TÜV Informationstechnik GmbH