October is the #CyberSecMonth under the EU's cybersecurity awareness campaign. The last week of this Cyber Security Month 2018 was dedicated to emerging technologies and ePrivacy. Konstantinos Loupos, member of the recently established European IoT security and privacy cluster, presents the Horizon 2020 funded projects of this cluster and explains how these projects will strengthen cybersecurity and ePrivacy of IoT products and services.

Cyberscurity month has increased attention on security and e-privacy when producing and developing IoT tools

Internet of Things (IoT) and Cloud Computing technologies are the foundations for a human-centric Internet. An increasing number of industrial (Health, Energy, Transport etc) and societal (Smart Homes, IoT/Smart Devices etc) sectors are developing and implementing new IoT devices and systems. At the same time, due to the rise in adoption of cross-industry devices (LED lighting, HVAC systems and physical security systems), the amount of expected connected devices is growing steadily - around 80 billion of connected devices expected by 2025 -, raising the level of attention towards Secure IoT.

A distribution of the IoT connected devices by 2025, that raise questions of cybersecurity

To address the critical security, safety and privacy risks of these devices while retaining open connectivity options, scalability (due to high number of devices), interoperability and application independence (different devices and purposes), we require new solutions. Nowadays, securing data, objects, networks, infrastructure, systems and people under IoT is increasingly relying on Cognitive Systems, Machine Learning, Artificial Intelligence and Distributed Ledger technologies (DLT) and new decentralised approaches.

The idea of the CHARIOT project (IoT-03-2017 - R&I on IoT integration and platforms) was born from a team effort of eleven partners from seven EU countries. The main aim was to  implement a next generation cognitive IoT platform that can enable the creation of intelligent IoT applications with intelligent shielding/supervision of privacy, cyber-security and safety threats, and to complement existing IoT systems in non-intrusive ways and help guarantee robust security.

CHARIOT uses blockchain technologies to record and affirm/approve IoT physical, operational and functional changes through a cognitive engine and private keys to prevent malicious changes. A Fog decentralised infrastructure guarantees Firmware Security integrity by using blockchain to enhance physical, operational and functional security of IoT systems. An IoT Safety Supervision Engine provides a novel solution to the challenges of securing IoT data, devices and functionality in new and existing industry-specific safety critical systems.

Eight more projects, including CHARIOT compose a European IoT security and privacy cluster, coordinated by DG CNECT. The purpose of clustering activities has been to join forces towards an integrated approach on IoT security, knowledge exchange and capacity building. The cluster follows the same Industrial IoT (IIOT) security aim: Safer, More Secure and Private IoT:

  • IOTCRAWLER uses technologies like blockchain, tailored to large-scale and dynamic IoT paradigms, creating a search engine for IoT devices;
  • SERIOT references security frameworks and technological validation to optimise IoT platforms and networks information security in a holistic and cross-layered approach;
  • BRAIN-IOT works on a dynamic federation of IoT heterogeneous platforms and mechanisms to improve data ownership and privacy supported by semantic technologies for interoperable operations and data exchanges;
  • SEMIoTICS develops a pattern-driven framework around existing IoT platforms to support secure/dependable actuation and IoT/IIOT semi-autonomic behaviour that support cross-layer and intelligent dynamic adaptation in renewable energy, healthcare, and smart sensing;
  • ENACT enables continuous delivery of IoT smart-systems, implementing toolkits for IoT systems into agile operations to facilitate trustworthiness and robustness that can be easily integrated into existing IoT services;
  • SECUREIoT works on predictive, spanned IoT security services to be used as building blocks, security data collection and monitoring by IoT developers;
  • SOFIE implments IoT platforms and autonomous devices to respond to challenges of vertical/closed systems, architectures and applications and move towards a secure, open federation based on existing IoT platforms and DLT.

Internet of Things design and development faces increasing expectations to ensure data security, safety and privacy is respected. Projects like CHARIOT and the ones funded under the IoT Horizon 2020 calls, as well as initiatives like the EU Cybersecurity month help raise awareness and improve the knowledge of system designers, developers and users (from research and industry), to improve secure and data protected IoT systems development.