Eurostars SecureIoT: Certificate-based Security for Resource-constrain

Aim and goal

IoT technologies are preparing to transform the way we work and live; if there is one problem that hinder this transition, it will be lack of well-integrated security/privacy mechanisms. Without “in-house” capabilities, individual countries will rely on International providers for cyber security services. In some sectors this may not be acceptable. It is beneficial for Sweden and Korea to have a full set of cybersecurity capabilities, plus its own CA that can speak IoT protocols for its users. SecureIoT aims to equip IoT devices with capabilities that will enable them to obtain digital certificate(s) in a secure and automated way and by using the communication protocols that these devices speak.

Challenge

IoT security is hard NOT because there exist no cryptographic protocols that meet communication security requirements, BUT because management of secure identities/credentials (symmetric keys, passwords, PINs, certificates) using available solutions is simply not suitable for billions of heterogeneous devices.

Solution

We will deliver IoT security solutions for low-power IoT devices as below. 

• Protocols for auto-enrolment of initial Certification Authority (CA) certificate
• Lightweight certificate revocation protocols
• Specification and standardisation of lightweight digital certificates
• IoT gateway supporting IoT security and legacy protocols
• Apply protocols in existing/new products and open source implementations in Contiki OS
• Two IoT deployments with proposed protocols: Smart metering and smart factory

Effect

IoT market is growing at a fast speed. We are confident that the technologies we will develop will be part of Nexus Protocol Gateway and Certificate Manager even before the end of the project, bringing the Technology Readiness Level (TRL) 7/8. This is also true for the industrial partners in Korea as well. Specifically, APROS and LilyS&C are startup companies but are already active in the Korean IoT market and plan to use the outcomes from the projects directly as part of their current product lines. Furthermore, we plan to validate the productization of the project outcomes in a number of real-world application scenarios through a series of pilot deployments. For technology stabilization we expect the pilot studies to continue beyond the end of the project, but plan to test our outcomes at a ready-to-sell quality.

Based on the current queries and demand of secure IoT solutions, we hope that we will have large customers of our new technologies within a year.

Contiki-based IoT solutions are already offered by Swedish companies such as Yanzi networks. Our open source implementations of IoT enrollment protocols can become part of these IoT startups within 6 months after the end of the project. The two Korean startup partners of this project are also intending to use Contiki as part of their products.