SEMIoTICS aims to develop a pattern-driven framework, built upon existing IoT platforms, to enable and guarantee secure and dependable actuation and semi-autonomic behaviour in IoT/IIoT applications. Patterns will encode the requirements for the IoT deployment by stating the goals with respect to the security, privacy, dependability and interoperability (SPDI) needs of individual smart objects. Correspondingly, the properties will be carried forward to the orchestration involving them. The SEMIoTICS framework will support cross-layer intelligent dynamic adaptation, including heterogeneous smart objects, networks and clouds, addressing effective adaptation and autonomic behaviour at field (edge) and infrastructure (backend) layers based on intelligent analysis and learning. To address the complexity and scalability needs within horizontal and vertical domains, SEMIoTICS will develop and integrate smart programmable networking and semantic interoperability mechanisms. The practicality of the above approach will be validated using three diverse usage scenarios in the areas of renewable energy (addressing Industrial IoT, or IIoT), healthcare (focusing on human-centric IoT), and smart sensing (covering both IIoT and IoT); which will be offered through an open API.
SEMIoTICS consortium consists of strong European industry (Siemens, Engineering, STMicroelectronics), innovative SMEs (Sphynx, Iquadrat, BlueSoft) and academic partners (FORTH, Uni Passau, CTTC) covering the whole value chain of IoT, local embedded analytics and their programmable connectivity to the cloud IoT platforms with associated security and privacy. The consortium is striving for a common vision of creating EU’s technological capability of innovative IoT landscape at both European and international Level.
The role of the University of Passau's research team, consisting of Dr. Juan David Parra, Dr. Henrich C. Pöhls, Korbinian Spielvogel, Felix Klement and Prof. Joachim Posegga, was to develop the primary security-controlling component with key-responsibility for identity and key management including authentication and authorisation, known as the SEMIoTICS security manager. This component, acting as a policy decision point and Oauth compatible server, is involved in all policy decisions for security and privacy-critical access control decisions in SEMIoTICS, allowing to decide who can access what data from sensors or administer the software-defined networking infrastructure (SDN). The underlying idea is to have this functionality de-centralised:
Running near the actual sensing and actuating components at the gateway, so at the edge, as well as centrally in the backend, e.g. in the cloud. It allows to update policies dynamically and thus enables one of SEMIoTICS key functionalities:
Allow the framework to react to changes and adapt the security and privacy goals, e.g. in case of a medical emergency, the otherwise private location data of patients is gathered and its release can only be authorised by authenticated medical personnel and only during the state of medical emergency.
More holistically, the team at the chair of IT-Security was deeply involved in the security-/ and privacy-by-design decisions when devising SEMIoTICS's architecture. In its aim to make the results influence the IT-Security and privacy positively, even after the projects ending the appointed expert Henrich C. Pöhls for standardisation continues to monitor and contribute the appropriate SEMIoTICS's results to ISO SC27 standards in the area of secure and privacy-preserving IoT and domotics. Finally, the University of Passau implemented and added key management functionality to enable attribute-based encryption on the attributes inside the identity management system.