Consolidated Slides
Transcript of Consolidated Slides
![Page 1: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/1.jpg)
T2TRG: Thing-to-Thing Research Group
IETF #96 summary meeting July 19th 2016, Berlin, Germany
Chairs: Carsten Bormann & Ari Keränen
![Page 2: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/2.jpg)
Note Well
• You may be recorded
• The IPR guidelines of the IETF apply: see http://irtf.org/ipr for details.
2
![Page 3: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/3.jpg)
Administrivia (I)• Pink Sheet
• Note-Takers
• Off-site (Jabber, Hangout?)
• xmpp:[email protected]?join
• Mailing List: [email protected] — subscribe at:https://www.ietf.org/mailman/listinfo/t2trg
• Repo: https://github.com/t2trg/2016-ietf96
3
![Page 4: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/4.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
4
![Page 5: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/5.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
5
![Page 6: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/6.jpg)
T2TRG scope & goals• Open research issues in turning a true "Internet of Things" into
reality
• Internet where low-resource nodes ("things", "constrained nodes") can communicate among themselves and with the wider Internet
• Focus on issues with opportunities for IETF standardization
• Start at the IP adaptation layer
• End at the application layer with architectures and APIs for communicating and making data and management functions, including security
![Page 7: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/7.jpg)
Done so far• Chartered in December 2015. Multiple meetings before
official chartering co-located with IETF meetings and with W3C Web of Things (WoT) group
• 2016: RG meeting at Nice co-located with W3C WoT, at San Jose co-located with IAB IoTSI WS, at Buenos Aires with the IETF meeting; participated in Dublin IAB IoTSU WS
• Three RG deliverable documents in progress on REST and security; multiple new documents on REST interaction ➔ later today
• Outreach (e.g., organizations like OCF and Bluetooth SIG)
![Page 8: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/8.jpg)
Where are we going• Work on RG deliverables and outreach continues
• Future meetings co-located with good research venues (2017)
• Meetings co-located with open source activity
• RIOT summit right before this meeting
• Eclipse IoT meeting (October in Southern Germany? TBD)
• Benchmark/reference scenarios
• Initial discussion in various drafts and slides
• More elaborate documentation by end of 2016
![Page 9: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/9.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
9
![Page 10: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/10.jpg)
bringing together RIOTers, beginners & experts
gathering people interested in the IoT in general
plenary talks, hands-on tutorials & demos
http://summit.riot.org
In Berlin, days before IETF96
![Page 11: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/11.jpg)
RIOT Summit 2016• ~ 135 developers and researchers met in Berlin • RIOT = Research operating system for IoT
(microkernel-based, full-fledged network stack)Addressing “M-class” platforms (microcontrollers)Can make good use of modern CPUs (32 bit) Has 6LoWPAN, CoAP, CBOR, …
• Half a day for breakout groups T2TRG: “The Web & the IoT: Design, Hacking, and Discussions” • Learning about implementation approaches and
experience with relevant protocols
![Page 12: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/12.jpg)
General issues• What should be part of a “starter pack” for IoT
developers?(potential for I-D about basic setup of an IoT node)
• What have we learned about memory management in constrained devices (≠ malloc())? • Constant tension between
• optimizing for constrained devices • code-reuse for “A-class” platforms (Linux etc.) • ability to merge in open-source contributions
![Page 13: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/13.jpg)
CoAP implementation• One size does not fit all
• from pure protocol parsers to highly flexible libraries
• discussed microcoap, libcoap, and new gcoap
• Also: Cloud-/Hub-side (e.g., aiocoap)
• Limited experience with resource-directory implementations
![Page 14: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/14.jpg)
Hypermedia Controls, W3C Web of Things
• New JavaScript engine JerryScript, fits upper M-class (using 1024 KiB/128 KiB as a reference platform)
• One target for mobile code (but don’t ignore Lua)
• Discussion of the different roles different classes of devices can take in the W3C Thing Description approach
![Page 15: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/15.jpg)
Data formats
• Floating point is still costly (SenML!)
• JSON libraries are larger than one thinks (printf!)
• Several “M-class” CBOR libraries now available (RIOT’s CBOR, cn-cbor, tinycbor)
• Implementation experience with SenML (feedback mostly a need for clarifications)
![Page 16: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/16.jpg)
Security• TinyDTLS (Eclipse) as a reference platform
• Good experience with focused set of cipher suites (PSK)
• Somewhat chaotic advances in crypto providers, moving target
• Complement DTLS with object security (COSE) • random number generators: entropy pools • Discussion of OTA needs to address OS-specific as
well as security-related issues
![Page 17: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/17.jpg)
Next Steps
• Session was generally regarded as useful
• Follow-up:
• Join in via the periodic online meetups
• Transfer information between RIOT and IETF/IRTF lists
![Page 18: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/18.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
18
![Page 19: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/19.jpg)
Prof.CarstenBormann,[email protected]
SOLACE:SmartObjectLifecycleArchitecture
! Processesforusablysecurelifecycle(changesofownership,authorizaDon,privacy,…)
_Manufactured _SW update _Decommissioned / / / | _Installed | _ Application | _Removed & | / | / reconfigured | / replaced | | _Commissioned | | | | | | / | | | | _Reownership & | | | _Application | | _Application | | / recommissioned | | | / running | | / running | | | | | | | | | | | | | \\ +##+##+###+#############+##+##+#############+##+##+##############>>> \/ \______________/ \/ \_____________/ \___/ time // / / \ \ \ Bootstrapping / Maintenance & \ Maintenance & / re-bootstrapping \ re-bootstrapping Operational Operational
The lifecycle of a thing in the Internet of Things
[draft-garcia-core-security]
19
![Page 20: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/20.jpg)
Dublin,2016-06-13/-14
![Page 21: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/21.jpg)
[Plonka]
![Page 22: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/22.jpg)
![Page 23: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/23.jpg)
![Page 24: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/24.jpg)
![Page 25: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/25.jpg)
![Page 26: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/26.jpg)
InternetofThingsSoftwareUpdateWorkshop(IoTSU)
SessionI-experiences
![Page 27: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/27.jpg)
Overview“CortexMClass”TypeofDevice
• Hardwareoffersbasicisolationfeatures(e.g.,MPU)
• Oftendonotrunanoperatingsystem(baremetal).
• MayrunaRTOS• Singlefirmwareimage/MCU• FirmwareimagecomesfromOEM
(butmaycontainlibraries• ProductmaycontainmultipleMCU
“CortexAClass”TypeofDevice
• Hardwareoffershardwareisolationfeatures(e.g.,MMU,virtualizationcapabilities)
• RunstandardOS(e.g.,Linux)• Softwareupdatesusesophisticated
packagemanagers• Softwarecomesfromvarious
sources.• Hardwaremaycomewithatrusted
executionenvironment(TEE).
RFC7228:(Class-0)Class-1Class-2
![Page 28: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/28.jpg)
http://6lowapp.net core@IETF80, 2011-03-28
10/100 vs. 50/250! There is not just a single class of “constrained node”
! Class 0: too small to securely run on the Internet " “too constrained”
! Class 1: ~10 KiB data, ~100 KiB code " “quite constrained”, “10/100”
! Class 2: ~50 KiB data, ~250 KiB code " “not so constrained”, “50/250”
! These classes are not clear-cut, but may structure the discussion and help avoid talking at cross-purposes
Constrained nodes: orders of magnitude
RFC 7228
28
![Page 29: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/29.jpg)
Movingtheboundaries
• EnableInternetTechnologiesformass-marketapplicaDons
Acceptable complexity, Energy/Power needs, Cost
Can use Internet TechnologiesCannot use
Internet Technologies
Can use Internet Technologies unchanged
Can use Linux
29
![Page 30: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/30.jpg)
Movingtheboundaries
• EnableInternetTechnologiesformass-marketapplicaDons
Acceptable complexity, Energy/Power needs, Cost
Can use Internet TechnologiesCannot use
Internet Technologies
Can use Internet Technologies unchanged
Can use Linux
30
![Page 31: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/31.jpg)
TrustZoneforARMv8-AandARMv8-MSecureWorldNormalWorld SecureWorldNormalWorld
TrustZoneforARMv8-M
SecureApp/Libs
SecureOSNon-secure
OS
Non-secureApp
SecureApp/Libs
SecureOS
RichOS,e.g.Linux
SecureMonitor
TrustZoneforARMv8-A
Twoseparatesoftwareupdatemechanisms;onefornormalworldandoneforthesecureworld.
Singlesoftwareupdatemechanism?Maybedifferentdeveloperexperience.
![Page 32: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/32.jpg)
Whyarethesefeaturesthere?
• Becausesecurityisgood?Nah.• DeviceswithDRM(set-topboxes)• ➔Featuresthatgoagainstthewishesofthedeviceowners!
![Page 33: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/33.jpg)
Intel IoT SoCs
Ned SmithIoTSU WorkshopJune 2016
![Page 34: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/34.jpg)
Intel Quark and Atom for IoT
• Quark D2000 SoC– MCU
• 32-bit x86• 32 MHz (settable to 4/8/16 MHz)• APIC w/ 1 32-bit core timer
– Memory• 32K Flash (4 protection ranges)• 8K SRAM (4 protection ranges)• 8K OTP RAM (code)• 4K OTP RAM (data)• MMU
– Other• 2 32-bit timers / PWM• Always on counter• Always on timer w/ wake• Watchdog timer• <3.5uA - <30mA
– Future• EPID
• Atom E3800 SoC– CPU
• 64/32-bit x86 (1,2,4 cores)• 1.3 – 1.9 GHz• 32K L1, 1M L2 cache
– Memory• DDR3 X 2• MMU
– Security• DRNG• VT-x• AESNI• 128-bit carryless mult• Secure boot
– Other• Timers• <100mW – (3 – 10 W)
– Future• EPID
![Page 35: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/35.jpg)
Updatable Components
35
• Quark D2000 SoC– uCode– BIOS– Option ROMs(?)– Protection ranges (4)
• System image(s), Secure storage, BIOS
– OTP RAM• First use
• Atom E3800 SoC– uCode– BIOS– Option ROMs– Hypervisor– Guest OS(s)– Frameworks– Apps– Secure boot
• First use
![Page 36: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/36.jpg)
Quark D2000 SoC Layout
36
![Page 37: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/37.jpg)
RelevantPapers
• Paper01:Housley,PositionPaperforInternetofThingsSoftwareUpdateWorkshop(IoTSU)
• Paper10:Thomas,Incentivisingsoftwareupdates• Paper15:Zappaterra,SoftwareUpdatesforWireless
ConnectedLightingSystems:requirements,challengesandrecommendations
• Paper21:Zugenmaier,UpdatesinIoTaremorethanjustoneiota
• Paper25:Plonka,TheInternetofThingsOldandUnmanaged• Paper:Tschofenig,SoftwareandFirmwareUpdateswiththe
OMALWM2MProtocol• JimenezandOcak,SoftwareUpdateExperiencesforIoT
![Page 38: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/38.jpg)
Incentives
• Paper10:Thomas,Incentivisingsoftwareupdates
• Paper25:Plonka,TheInternetofThingsOldandUnmanaged
• Companiesoftenfailtoshipsoftwareupdates.Why?Canwesosomethingaboutit?
• Question:Canwemonitortheperformanceofdifferentcompaniesatsupplyingsoftwareupdatestotheircustomers?
![Page 39: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/39.jpg)
TypesofDevices
• “Jellybean”vs.regulated(e.g.,healthcare)• Securityimpact(doorlock)• Safetyimpact(e.g.,Nest!)• Petvs.cattle
![Page 40: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/40.jpg)
Theroleoftheuser
• Usersdon’twantupgrades• “Itworkswellenoughasitis”• EvilDevicecomightbedeletingfeaturesIrelyupon• orbugsIrelyupon(!)• ➔rollback!?
• Asingleupgradegoingbadcanbeclosingthewindowforalongtime
![Page 41: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/41.jpg)
iOSupgradestatistics
• Looksgreat• Butthen:
• highdevicechurn• lotsofnaggingbyiOS• “pet”status• dependencyofnewappsonOSupgrades
Last Updated: Jun 21, 2016 07:30:54https://david-smith.org/iosversionstats/
![Page 42: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/42.jpg)
Security
• Paper01:Housley,PositionPaperforInternetofThingsSoftwareUpdateWorkshop(IoTSU)
• Isaboutsecuringfirmwarepackages.• Russ:FeaturesofRFC4108anddesignrational.• Question:Whatfeaturescouldbeadded(MerkleTreeSignatures)?
![Page 43: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/43.jpg)
InternetofThingsSoftwareUpdateWorkshop
SessionII-RequirementsandConstraints
SessionLeader:RussHousley
![Page 44: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/44.jpg)
TopicsfromthePositionPapers
• DeviceRequirements• InfrastructureRequirements• ManufacturingRequirements
• Questionsthatwereraisedthatmightrevealsomeotherrequirements
![Page 45: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/45.jpg)
DeviceRequirements
• Notlimitedtofullfirmwareupdate• Providecompatiblefirmwareforvariouscomponentswithin
thedevice• Supportdeviceswithmultipleowners• Differentauthoritiesmayupdatesoftwarefordifferentpartsof
thedevice• Identifydependenciesamongvarioussoftwareupdates• Digitalsignatureandencryptionontheupdate• Allowmultiplesignaturesontheupdate• Minimizedevicedowntimeduetoupdateprocessing• Recoveryprocedurewhenthedevicegetshacked• Supportover-the-airsoftwareupdate,probablyrequires
polling
![Page 46: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/46.jpg)
InfrastructureRequirements
• Supportmanydifferentapproachestodigitalsignatures• Oneinfrastructurecansupportopen-andclosed-source• Onedevicecanactalocalserverforneighbors• Performsomedigitalsignaturechecksonbehalfoftheserved
devices,suchasrevocationchecking• Multicastthesameupdatestomanysimilardevices• HidecomplexityassociatedwithNATsandFirewallsfromthe
devices
![Page 47: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/47.jpg)
ManufacturingRequirements
• Fastandsecurekeygeneration
![Page 48: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/48.jpg)
QuestionsfromthePositionPapers
• Canthedeviceownerdecidetoaccept/rejectanupdate?• Canwedeterminewhethertheupdateimpactsotherdevices
intheIoT?• Canwehandleend-of-service,end-of-feature,and
end-of-device-support?• Canacommunitytakeoversupportafterthevendordecides
toend-of-lifeadevice?• Cantheuserpickamongupdateswhenthereismorethanone
available?• Canwedeterminewhenadeviceisnotactivetoapplythe
update?• Canwedoabetterjobpreservingtheprivacyofthedevice
owner?
![Page 49: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/49.jpg)
Authentication(1)
• Canthefirmwarebetrusted?• Canthesourcebetrusted?
• Isitreallyforme?• AmItherightdeviceforthisFW?(HWrevision!)• DoIhavetheotherprerequisites(libraries,FPGAcode,…)ordotheyneedtobeupgradedinsync?
• IstheFWtherightoneformyusagesituation?(Authorization!)
![Page 50: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/50.jpg)
Authentication(2):Freshness
• IstheFWfresh?• downgradeattacks(revocation?)
• versionnumbercomparison?• (butalsopreventsoperationaldowngrades!)
• weakupgradeattacks• sidegradeattacks?
![Page 51: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/51.jpg)
InternetofThingsSoftwareUpdateWorkshop(IoTSU)
SessionV:FutureSolutions
![Page 52: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/52.jpg)
Transport• Lightingindustrywithmeshnetworks(basedonIEEE802.15.4)
– Paper15:Zappaterra,SoftwareUpdatesforWirelessConnectedLightingSystems:requirements,challengesandrecommendations
• LowPowerWANs– Paper21:Zugenmaier,UpdatesinIoTaremorethanjustoneiota
• LWM2M– Tschofenig,SoftwareandFirmwareUpdateswiththeOMALWM2MProtocol
• CommunicationPatterns:– JimenezandOcak,SoftwareUpdateExperiencesforIoT
• Questions:– Howtodistributedfirmwareupdatesefficiently?Howtoreducethe
amountofflashmemory?Whatistheimplicationforsecurityofimageitself?Howtoavoiddrainingthebattery?
![Page 53: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/53.jpg)
PapersinthisSlot
• Paper03:RobertBisewski,ComparativeAnalysisofDistributedRepositoryUpdateMethodologyandHowCoAP-like...
• Paper05:Smith,TowardACommonModelingStandardforSoftwareUpdateandIoTObjects
• Paper13:Schmidt,SecureFirmwareUpdateOvertheAirintheInternetofThingsFocusingonFlexibilityandFeasibility
• Paper16:Adomnicai,HowcarefulshouldwebewhenimplementingcryptographyforsoftwareupdatemechanismsintheIoT?
• Paper20:Prevelakis,ControllingChangeviaPolicyContracts• Paper23:Birkholz,IoTSoftwareUpdatesneedSecurityAutomation• (butalsoseePaper08,11,…)
![Page 54: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/54.jpg)
Updatingaseaofdevices
• WhatdoIhave• Devicedescription(models,components—e.g.,SWIDs)?• andcanItrustwhatIbelieve(Attestation)?
• Push/Pull• Push:MPLandothermulticast/flooding• (Pull:Doingpropercongestioncontrol)
• LimitingDamage• AreweinCriticalOperationalState?• Evenbetter:HitlessUpgrades• Identifyingdudupgrades,rollback
![Page 55: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/55.jpg)
55
DM2
IM,DM,andSerialization
SWID
SWIDCBORData
DefinitionDM1
IM
DM3 DMn
Serialization1.1 Serialization3.1
…
…Serialization2.1 Serializationn.1SWIDCBORInstance
SWIDXMLInstance
SWIDXMLSchema
SoftwareInstance
IETF95- April2016 10
COSWID: Software-ID tags for constrained devices
• Devicedescribesitself• Canusehashesondevice• Comparewithsource-basedvalues
• Basisforautomation
#23
![Page 56: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/56.jpg)
TUDA: Time-based unidirectional attestation
• Remote Attestation: attempt to describe the integrity and trustworthiness of a host or device
• Measurements of components (e.g., hash values)
• Protocols for RA typically bidirectional
• Challenge for freshness
• TUDA: Time-based unidirectional attestation
![Page 57: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/57.jpg)
DeploymentExperiences&Issues
http://jaimejim.github.io/drafts/draft-jimenez-iotsu-soft-exp.txt
• DealingwithSleepyendpoints:Cachingisneeded• DeviceInitiatedCommunication:thecommonpatternwesee
fromdevices.• ManagerInitiatedCommunication:NATsmakethatverytricky
--COAPProxycanbeused• Delegationonothernodes(GW):Veryusefulforsome
usecases• UsingMultipleStacks:Wehavealsoseenthatitisvery
commontohavetwostacksondevices,onefordailyuseandanotherforfirmwareupgrades,whichisunrealisticontheconstrainedspace.
• RuntimeDiscovery:Aproposalonhowsoftwareupdatescouldbedonewithsmallupgrades-notonce
#L2
![Page 58: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/58.jpg)
2
Admission
z new software component “arrives”z need to determine whether:
¾ the new component is suitable for our system¾ the system can accommodate the new component
� need to consider aspects such as:Q servicesQ load (memory, CPU)Q interconnections (internal, platform, outside)Q behavior
#20
![Page 59: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/59.jpg)
3
Who do you trust?
Original (Software)
Component
Subsystem Subsystem
Product
CustomisedProduct
Original (Software)
Component
Original (Software)
Component
Original (Software)
ComponentOEM
Integrator
Vendor
Service Provider
User
#20
![Page 60: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/60.jpg)
4
Policy Contracts
z credentials¾ X-509 certs with extensions¾ from one key to another key¾ attribute-based access control (ABACS)
z essentially say¾ this component can do this, this and this¾ and needs this, this and this resource/library/comm-channel etc.
z can enforce customization¾ e.g. integrator limits connectivity of component
z policy language can be “run” to determine access
#20
![Page 61: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/61.jpg)
UsingRFC2704Keynote#20
![Page 62: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/62.jpg)
Component-basedapproaches
• Componentsareimportantfor• WhatdoIhave• Hitlessupgrades• Anecosystemofupgradesources
• Modelthebuildprocess• Pre-built(possiblyforaspecificdevice)• Linkingondevice
![Page 63: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/63.jpg)
#05
![Page 64: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/64.jpg)
#05
![Page 65: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/65.jpg)
Mapping Data/Information Models
IOTSI Workshop, 2016-03-17
![Page 66: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/66.jpg)
n2 – n
![Page 67: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/67.jpg)
2n
![Page 68: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/68.jpg)
What is that hub? Data loss?
2n
![Page 69: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/69.jpg)
Translating data between data models
vs. Translating data
models
![Page 70: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/70.jpg)
Data/Information Models vs.
Interaction Models
![Page 71: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/71.jpg)
Information Model Data Model Serialization
Ontology
Abstract SyntaxConcrete Syntax
Marshaling Scheme
Message Transport Format
Encoding
Taxonomy
Vocabulary
Semantic Level
Meaning
![Page 72: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/72.jpg)
How far can we get?
Limits to translation (e.g., security?)
![Page 73: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/73.jpg)
Whatisholdingbackcomponents?
• doweknowhowtokeepfirmwarecomponentizedinclass-2orevenclass-1devices,oristhisonlyforA-classdevices?
• whataresafeupdateprocedures,inparticularforclass-2/class-1?• howcanwehandletheissuesthatwillpropupwhenvariousversionsofvariouscomponentsmeeteachotheraswellasvarioushardwarerevisions?Howcanweusemodelingtoassessthesecurity/safetyissuesofthesecombinations?
• whatarethenon-technicalissues(disclosureofvendorrelationships[Ted]andof"secretsauce"ingeneral,liabilityconsiderationsthroughamorecomplexsetofcombinationsdeployedand/orincreasedhackabilityofcomponents,...),andhowcantheybemitigated?
![Page 74: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/74.jpg)
Butthen…
• TherearesystemsthatsplitROM/flash• (Problemhere:FlashpartgetsbiggereachupdateasROMcodegrowsinvalid)
• Somesystemsthatprovidehitlessupgradeevenupgradeconfigdataandoperationalstate
![Page 75: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/75.jpg)
Evolvingfrom…#08
![Page 76: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/76.jpg)
ContinuousDeployment?
![Page 77: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/77.jpg)
IoT Software: Towards Hardware Independence
• Need to evolve towards a state where 90% of the IoT software is hardware independent
• Else, we head to an Internet of buggy Things
• This is achievable with an efficient, open-source IoT software platform, e.g. RIOT
![Page 78: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/78.jpg)
IoT Software: Components vs Full Firmware• Open-source platform model for IoT software:
• community maintains basic OS + network stack
• vendors focus on small part of the software, e.g. application software, or low-level driver
• Bottom-line: different entity will update different parts of the software.
• Advantages: smaller software updates, end of vendor support does not necessarily imply end of security, vendor independent security maintenance…
![Page 79: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/79.jpg)
bringing together RIOTers, beginners & experts
gathering people interested in the IoT in general
plenary talks, hands-on tutorials & demos
http://summit.riot.org
In Berlin, days before IETF96
![Page 80: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/80.jpg)
Übungsblatt! Aufgabe 1, 5 Punkte, Gruppe ! Welche Internet-verbundenen (oder sonst vernetzten)
Geräte besitzt/verantwortet Ihr? Findet jeweils heraus, ! ob es Firmware-/Software-Updates dafür gibt ! wo man die (autoritativ!) findet ! welche Sicherheitsprobleme das Gerät hat und welche
durch Updates gelöst wurden ! evtl., wie gesichert der Update-Prozess ist ! evtl., wie automatische Updates funktionieren ! was eine guter Zeitpunkt für ein Update wäre, und wie
das Gerät das evtl. herausfinden könnte ! …
! Abgabe: Donnerstag, 30.06.2016 25:59 UTC
80
![Page 81: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/81.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
81
![Page 82: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/82.jpg)
T2TRGSummaryIETF96,Berlin,Germany,2016
![Page 83: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/83.jpg)
INTERESTGROUPRE-CHARTERhttp://w3c.github.io/wot/charters/wot-ig-2016.html
![Page 84: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/84.jpg)
WoTInterestGroup
• ACReviewfinished15July2016– 34supportthisCharterasis– 1suggestschanges,butsupportstheproposal
• IGScope– SupportproposedWG– OrganizeandrunPlugFests– CollaboratewithotherSDOs,organizations,etc.– Investigateideasforlong-termgoals
![Page 85: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/85.jpg)
WORKINGGROUPCHARTERhttp://w3c.github.io/wot/charters/wot-wg-2016.html
![Page 86: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/86.jpg)
ProposedWoTWorkingGroup
• Roadmap– Integratefeedbackfrombilateraloutreach– Resolutiontosubmiton27July2016– StartW3MReviewperiodon3August2016– StartACReviewperiodon24August2016– BeabletostartWGaroundOctober2016
• Pleasehavealookandsendfeedback– http://w3c.github.io/wot/charters/wot-wg-2016.html– MailinglistorGitHubIssues
![Page 87: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/87.jpg)
MAINPROGRESSTOPICS
![Page 88: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/88.jpg)
ThingDescription(TD)TypeSystem
• TDallowstoplugindifferentsystems• EvaluationofpopulartypesystemsinWebapps
– Schema.orgsystemhassomelimitations– XML-basedschemasaretooimplementationspecific– JSONSchemafornowusedinPlugFesttoexplorefurther
• Openissues– Semanticannotationsalongsidedatastructuredefinitions– Existingtoolsupportforautomaticvalidation
![Page 89: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/89.jpg)
WithoutScriptingAPI
• Applicationlogicoftenimplementednatively
WoTServient
ProtocolBindings
ApplicationLogic
C/C++/Java/…
ResourceModel
WoTInterface···
![Page 90: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/90.jpg)
ScriptingAPI
• Web-likedevelopmentanddeployment
WoTServient
RuntimeEnvironment
AppScript
ProtocolBindings
ResourceModel
ClientAPI
Server API
Disc. API
WoTInterface···
![Page 91: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/91.jpg)
• Commonruntimeenablesportableapps
WoTServientVendorB
RuntimeEnvironment
WoTServientVendorA
RuntimeEnvironment
ScriptingAPI
ResourceModel ResourceModel
AppScript
ClientAPI
Server API
Disc. API
ClientAPI
Server API
Disc. API
WoTInterface···
WoTInterface···
ProtocolBindings ProtocolBindings
![Page 92: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/92.jpg)
ScriptExample(ExposeThing)//createsoftwareobjecttorepresentlocalThingWoT.newThing("counter").then(function(thing){thing//programmaticallyaddinteractions.addProperty("count",{"type":"integer"}).addAction("increment").onInvokeAction("increment",function(){console.log("incrementingcounter");//persistentstateismanagedbyruntimeenvironmentvarvalue=thing.getProperty("count")+1;thing.setProperty("count",value);returnvalue;})//initializestate(nobuilderpatternanymore)thing.setProperty("count",0);})._catch(console.err);
![Page 93: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/93.jpg)
ScriptExample(ConsumeThing)//createsoftwareobjecttorepresentremoteThingbasedonTDURIWoT.consumeDescriptionUri("http://servient.example.com/things/counter")//usepromisetohandleasynchronouscreation.then(function(counter){counter//invokeanActionwithoutarguments.invokeAction("increment",{})//whichisanasynchronouscall->promise.then(function(){console.log("incremented");counter//readProperty(async.)toconfirmincrement.getProperty("count").then(function(count){console.log("newcountstateis"+count);});})._catch(console.error);})._catch(console.error);
![Page 94: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/94.jpg)
F2FMEETINGANDPLUGFESTW3CWoTF2FBeijing2016
![Page 95: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/95.jpg)
F2FMeeting
• 11–14July2016• HostedbyCETCinBeijing
– ColocatedwithlocalIoTevent– ExchangewithCETCandlocalcompanies
• PlugFestandtechnicaldemos• Plenaryandbreakoutdiscussions
![Page 96: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/96.jpg)
Scenario1:HelloWoT
TDWebUIforhumaninteraction
/voteTooHot /on
Servientplatformwithscriptedapps
Servientconnected tolegacydevices
OpenSource
![Page 97: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/97.jpg)
Scenario2:FullWoTWoTServientproviding
voterscriptandvotingServientWebBrowserScriptingAPI
/voteTooHot /on
TDRepositorySearchforAction@type=“tooHot“
/voteTooHot
WoTServientsearchingforavotingServient
WoTServientconnected tolegacydevices
![Page 98: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/98.jpg)
Scenario3:Rule-basedAutomation
Consumebrightnesssensortocontrolcurtain
![Page 99: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/99.jpg)
PlugFestOnlineResources• CurrentPractices(BeijingRelease)
– http://w3c.github.io/wot/current-practices/wot-practices-beijing-2016.html• OrganizationWiki
– https://www.w3.org/WoT/IG/wiki/F2F_meeting,_July_2016,_China,_Beijing#PlugFest• TestCases
– https://github.com/w3c/wot/blob/master/plugfest/2016-beijing/plugfest-test-cases-beijing-2016.md
• ReportTemplate– https://github.com/w3c/wot/blob/master/plugfest/2016-beijing/TestCaseCoverage.xlsx
(t.b.d.)
![Page 100: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/100.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
100
![Page 101: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/101.jpg)
RESTful(Design(for(Internet(of(Things(Systems(
dra89keranen9t2trg9rest9iot(Ari(Keränen(<[email protected]>((with(MaFhias(Kovatsch(&(Klaus(Hartke(
(T2TRG(@(IETF96(
![Page 102: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/102.jpg)
Dra8(goals(
• "Guidance(for(designing(IoT(systems(that(follow(the(principles(of(the(REST(architectural(style"(
• CollecQon(of("basic"(informaQon(and(terminology(that(has(been(found(useful(
2(
![Page 103: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/103.jpg)
Next(steps(
• ApplicaQon(state(• Discovery(mechanisms(• Resource(design(guidance(• Intro(to(hypermedia9driven(apps(
• But(not(much(more.(Publish.(– Future(docs(on(hyper9media(aspects(
3(
![Page 104: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/104.jpg)
SecurityconsiderationfortheIoT
IETF96
Mohit(Ericsson)Oliver(Siemens)
Sandeep,Oscar(Philips)
![Page 105: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/105.jpg)
Contentsinolddraft-garcia-core-security-06
– Thinglifecycle– Architecturalconsiderations– Stateoftheart– Challenges
• Constraints• Bootstrapping• Operation
– Securityprofiles
![Page 106: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/106.jpg)
Proposedwayforward
– Thinglifecycle– Architecturalconsiderations<-Update– Stateoftheart<-Update– Challenges
• Constraints• Bootstrapping# refertobootstrappingdraft• Operation• Newchallenges(seenextslides)
– (new)Solutions# bootstrappingsolutionsinbootstrappingdraft
– Securityprofiles
![Page 107: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/107.jpg)
Specificresearchtopicstobeadded(1)
• Topicsfrom:https://mailarchive.ietf.org/arch/msg/ace/Bgc3Mq3vxvOLi19fVR0ckbLOkuw– Firmwareupdates– Transparencyandattestationofcommunications– Avoiddevicefingerprinting– Authorizationhandover(vendor)– Penetrationtesting
![Page 108: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/108.jpg)
Specificresearchtopicstobeadded(2)
• Furthertopicsfromhttps://github.com/t2trg/2015-ietf94/blob/master/t2trg-b.mkd– Handingoverdeviceownership– Lawfulaccess– Forensicreadiness– Regulationsandcompliance– Cross-domainoperation– …
• Others– Longtermsecurity
![Page 109: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/109.jpg)
Proposedwayforward
– Thinglifecycle– Architecturalconsiderations<-Update– Stateoftheart<-Update– Challenges
• Constrains• Bootstrapping# refertobootstrappingdraft• Operation• Newchallenges(seenextslides)
– (new)Solutions# exceptbootstrappingsolutions,thosewillbeinbootstrappingdraft
– Securityprofiles
• Sandeep• Oscar
• Mohit
• Oliver
![Page 110: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/110.jpg)
Q&A
![Page 111: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/111.jpg)
Fromhttps://github.com/t2trg/2015-ietf94/blob/master/99-t2trg-94-summary.pdf
![Page 112: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/112.jpg)
Fromhttps://github.com/t2trg/2015-ietf94/blob/master/99-t2trg-94-summary.pdf
![Page 113: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/113.jpg)
SecureIoTBootstrapping:ASurvey
draft-sarikaya-t2trg-sbootstrapping-01
Behcet Sarikaya and Mohit Sethi
![Page 114: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/114.jpg)
SecureBootstrapping• Whatisbootstrappingandwhatissecurebootstrapping?<-Updated
-Whatisonboarding-Whatisidentityandidentifier-Whatisuseranddeviceidentityandidentifier
• Possiblegoalsofsecurebootstrapping:-Identity:authenticationofapre-establishedidentityvs.creationofanewidentity-Authorizationfornetworkaccess,incl.configurationofcommunicationparameters-Registrationorjoiningadomainorgroup-Pairingwithaspecificnode,orconnectingtoacloudservice
• Someexampleofbootstrapping:-pairingofphonesoverbluetoothtoexchangefiles,and-securelyconnectingIEEE802.15.4sensorsfactorytothebackendbothrequiresomeformofsecurebootstrapping
![Page 115: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/115.jpg)
Managedmethods• Pre-establishedtrustrelationsandauthenticationcredentials
• Centralizedorfederated• Examples:
– AAA/ExtensibleAuthenticationProtocol(EAP)– GenericBootstrappingArchitecture(GBA)withSIM– OpenMobileAlliance(OMA)Light-weightM2M:
• FactoryBootstrap,BootstrapfromSmartcard,ClientInitiatedBootstrap,ServerInitiatedBootstrap
– Kerberos– ANIMA<-Updated– Vendorcertificates
![Page 116: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/116.jpg)
P2P / ad-hoc methods
• Nopre-establishedcredentials• Out-of-bandchannelusedfordistributingorconfirmingkeys– TypicallyDiffie-Hellmanexchange+MitMpreventedwithOOBcommunication
• Examples:<-Updated– Bluetoothsimplepairing– Wi-Fiprotectedsetup– EAP-NOOB(out-of-bandauthenticationforEAP)– Magicwand,e.g.commissioningtoolinI-D.kumar-6lo-selective-bootstrap
![Page 117: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/117.jpg)
Opportunistic/leap-of-faithmethods
• Continuityofidentityorconnection,ratherthaninitialauthentication
• Somemethodsassumethattheattackerisnotpresentattheinititialsetup
• Examples:<-Updated– SENDandCGA– WPSpushbutton– SSH,gmail,Facebook
![Page 118: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/118.jpg)
Hybridmethods
• Mostdeployedmethodsarehybrid:• Componentsfrombothmanagedandad-hocmethods• E.g.centralmanagementafterad-hocregistration
• Categorizationisnotalwayseasyorclear
• Choiceofbootstrappingmethoddependsheavilyonthebusinesscase:– Whatthirdpartiesavailable?– Whowantstoretaincontroloravoidwork?– Manufacturer/vendor,systemadmin,user,fullyad-hoc
![Page 119: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/119.jpg)
Secure Bootstrapping
• Nextsteps:– Hiddengemsandbestpractices?– Textonownershiptransferandhowdoesitaffectbootstrapping:https://www.iab.org/wp-content/IAB-uploads/2016/03/draft-farrell-iotsi-00.txt
![Page 120: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/120.jpg)
CoRALandHSML
MediaTypesforMachineInteractionKlausHartkeandMichaelKoster
![Page 121: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/121.jpg)
Comparison• Similarities
– Collectionsoflinksanditems– Formstodriveresourcestateupdates– Interoperabledatamodels
• Differences– CoRALusesadatamodelderivedfromHAL– HSMLusesCoRELink-FormatandSenML– CoRALusesmediatypestodefineapplicationsemanticvocabularyanddataserialization
– HSMLuseslinkannotationtoembedapplicationsemantics
![Page 122: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/122.jpg)
NextSteps• Createacommonusecaseprototypetoevaluatebothapproaches– Cross-domaininteroperability– Howdoesthedifferenceinsemanticannotationimpactapplicationdesign?
– Discovery,resourceconstruction,applicationinteraction
• Convergetoasinglerepresentationformatandinteractionmodelovertime
![Page 123: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/123.jpg)
The$BLE$(Bluetooth$Low$Energy)$URI$Scheme$and$Media$Types$
dra?@bormann@t2trg@ble@uri@00$Carsten$Bormann$&$Ari$Keränen$
T2TRG$@$IETF96$
![Page 124: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/124.jpg)
Background$
• Bluetooth$Low@Energy$(BLE):$popular$technology$for$constrained$devices$
• Resources$of$BLE$devices$can$be$accessed$over$IP$(RFC7668)$or$via$gateways$
• How$about$locally$connected$devices$and$web$technologies?$
• Straw$man$proposal$of$BLE$URI$scheme$and$media$types$
2$
![Page 125: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/125.jpg)
Example$
• Passive$scan$for$nodes:$
• ..results$in$node$list;$used$for$query$services$
• ..returning$"applica\on/ble@ga^@servicelist"$
3$
GET ble:/gap/nodes/passive
GET {node}/services
servicelist = [* service] service = { href: text, uuid: uuid, } uuid = bytes .size 16
![Page 126: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/126.jpg)
Next$steps$
• Adding$(much)$details$• Align$with$Web$Bluetooth$• Reviews$from$Bluetooth$experts$
4$
![Page 127: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/127.jpg)
IoT Platform Architecture and Data Model
! 1!
h$ps://www.ie-.org/id/dra34liu4t2trg4architecture4data4model400.txt
Dapeng Liu Alibaba Group
![Page 128: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/128.jpg)
The$Smart$Home$Ecosystem$
2
Internet $IoT$Pla3orm$
$
Other$Pla3orm$
Connecting with multiple device vendors
1. Multiple APPs can use same way to locally control devices
2. Cloud and APPs should understand the local device control information from different vendors so that they can control in an unified way, so the device data types, data format should have a standard
3. Interface between the cloud platform and the device needs standard for common function like device registration, device login, etc.
4. Multiple APPs can use same way to remotely control devices
5. Interface standard to guarantee inter-platform interconnectivity
![Page 129: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/129.jpg)
Data Model Design for IoT Platform
• The data model can be applied to various kinds of IoT service platform scenarios, example smart home
! 3!
![Page 130: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/130.jpg)
Data Model
• Can be used in the communication between service platform and user APP, between service platform and other platform, between service platform and IoT devices, and between service platform and gateway device
• Default encoding schema for this data model is JSON
! 4!
![Page 131: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/131.jpg)
Fields in Data Model Name Format Length Description
version String 0-255 Data model version signature String 32-255 Signature value timestamp String 0-255 Timestamp deviceID String 0-255 Optional, required when data is sent by device account String 0-255 Optional, required when data is sent by user application, or server, or
other vendor's platform token String 0-255 Optional, required when data is sent to server. The token is assigned by
server to device, user, or vendor platform target String 0-255 Optional, required when data is sent to server, indicating target destination rspID String 0-255 Optional, required when data is a response to last remote control
command data. The value is set to last command data's id filed value method String 0-255 Indicate the method params String 0-1023 Attribute set id String 0-255 message ID ! 5!
![Page 132: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/132.jpg)
Examples
One example that device posts data to server
! 6!
![Page 133: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/133.jpg)
Examples
One example that user APP requests server to get device status
! 7!
![Page 134: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/134.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
134
![Page 135: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/135.jpg)
Decentralized, peer-to-peer IoTMANAGE IOT DEVICES WITH BLOCKCHAIN BASED, PEER-TO-PEER, DECENTRALIZED SYSTEMS
![Page 136: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/136.jpg)
Who we are?• Group of open source developers• We do blockchain and decentralized, P2P application development• We develop Streembit http://streembit.github.io/• We participate in the W3C standardization process
![Page 137: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/137.jpg)
The ProblemProblems with proprietary, closed source client-server systems
• Security and Privacy, mitigate the risk of inside job hacking• Economy• Politics - Incoming communication legislation such as the UK Investigatory Powers Bill
![Page 138: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/138.jpg)
The solutionUse decentralized, peer-to-peer systems to move away from the cloud.Blockchain technologies: • Confirming data origin and accuracy• Tracking updates
• Establishing true data authority for millions of different data fields• Smart contract management
![Page 139: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/139.jpg)
Device Discovery
![Page 140: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/140.jpg)
Control Internet of Things devices
• Via peer to peer manner• End to end encrypted between the human users and IoT devices • Using W3C WoT standards
![Page 141: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/141.jpg)
Control Internet of Things devices
![Page 142: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/142.jpg)
Upgrade and manage IoT devices• Hardware and software providers upgrade Internet of Things devices on the always up and running on decentralized networks.• Internet of Things device manufacturers and software designers publish firmware and software updates via the decentralized network.• Ensure via strong PPKI security that the origin and data integrity of the updates by verifying the public key of the publisher.
![Page 143: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/143.jpg)
Upgrade and manage IoT devices
![Page 144: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/144.jpg)
Strong security
• Based on PPKI, ECC cryptography
• Each actor of the system must generate a public/private key pair. (Typically keys are generated prior to configuring the device and will be burned into the devices’ firmware).
• The devices and users publishes the public key to other users of the system.
• The data integrity and authenticity of the messages is guaranteed with PPK signatures.
• Each session between users is secured with strong 256-bit AES symmetric symmetriccryptography keys.
• Uses ECC Diffie Hellman (ECDH) key exchange
![Page 145: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/145.jpg)
Working on standardsWe try to create an IETF standard for decentralized, peer-to-peer IoT.
Github protocol repository
![Page 147: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/147.jpg)
Agenda• 16:20 (Chairs) RG status update • 16:30 (Chairs) Summary from RIOT Summit • 16:45 Hannes, Stephen, Carsten:
Summary from IOTSU IAB Workshop • 17:15 Matthias Kovatsch:
Update from W3C WoT IG and WG • 17:35 (Authors) T2TRG documents • 17:50 Tibor Pardi:
Secure, decentralized, blockchain based IoT (talk) • 18:10 (Chairs) Future activities
147
![Page 148: Consolidated Slides](https://reader033.fdocuments.in/reader033/viewer/2022042723/5867705e1a28abe7408baacd/html5/thumbnails/148.jpg)
Next meetings• SDOs: Co-locate with W3C WoT meeting @ TPAC
in Lisbon (Thu/Fri Sep 22/23): Sat/Sun Sep 24/25
• Open-Source: October Eclipse?
• Full meeting in Seoul before IETF97 (Sat/Sun Nov 12/13)?
• Academic: February @EWSN?
148