More security in the network

Hardware testing in the laboratory of TÜV Informationstechnik GmbH
© TÜV Informationstechnik GmbH

Joint project develops open and certifiable sensor platform for IoT applications.

Digitization is increasingly permeating all aspects of our lives. Thanks to the “Internet of Things” (IoT), objects can now be connected in ways that simplify our daily routines in many ways. However, there are significant risks associated with handling private data and devices used in sensitive settings. In the SASPIT project, a consortium led by the German Research Center for Artificial Intelligence (DFKI) aims to develop a certifiable IoT sensor platform with comprehensive security guarantees. For broad and flexible application, the partners rely on open-source hardware and software standards.

A growing number of people are equipping their home or work environment with IoT components such as smart meters, temperature sensors or cameras. This has many advantages: smart meters allow for cost-effective electricity tariffs optimized to the actual consumption; electricity, and CO₂ can be saved thanks to intelligent control of heating or air conditioning; surveillance cameras and fire detectors provide additional security. However, there are significant security concerns. For one thing, the use of IoT technologies usually involves private and sensitive data. For another, the devices are sometimes installed in security-critical locations (e.g., intelligent door locks). At the same time, there is a lack of adequate security standards. This circumstance is due not only to the tremendous cost pressures but also the absence of standardization in this field. Incidents such as the leak of private live videos at an American security technology manufacturer underscore the urgency of this issue.

Collaboration partners aim for standardized IoT security architecture

This is where the SASPIT project (Safe and Secure Sensor Platform for IoT), funded by the German Federal Ministry of Education and Research (BMBF) with approximately 3.3 million euros, comes into play. In this project, a consortium of industry and research partners, coordinated by the DFKI research department Cyber-Physical Systems, is working on an open and standardized IoT sensor platform. In addition to DFKI, the consortium includes Thermokon Sensortechnik GmbH, Infosim GmbH & Co KG, TÜV Informationstechnik GmbH, Mixed Mode GmbH, Ingenics Digital GmbH, PHYSEC GmbH, RheinMain University of Applied Sciences and Ruhr University Bochum with its chairs for Security Engineering and for Digital Communication Systems. The project’s results will be illustrated through demonstrators in the field of home or office automation.

“The planned sensor platform is intended to serve as the basis for a standardized security architecture for IoT systems. To this end, we are looking at all levels of system design and investigating measures at various stages of the value chain to increase trustworthiness all the way to a certifiable system. We are looking forward to an interesting project with competent partners that will help people to enjoy the benefits of smart devices with a good conscience,” says project manager Prof. Dr. Christoph Lüth from DFKI’s Cyber-Physical Systems research department.

Project harnesses the advantages of open source systems

During the development of the platform, the SASPIT partners will release as many results as possible as open source (both hardware and software) to ensure reusability for other market participants. This also brings a high level of flexibility for end users who are not restricted to a specific manufacturer when choosing devices. The design of the processors specialized for the Smart Home context is based on the RISC-V architecture. This open hardware architecture offers an independent and cost-effective alternative to the major chip manufacturers and is seen as a key to Germany’s and Europe’s digital sovereignty, especially in times of semiconductor supply bottlenecks. For the RISC-V processors, which are enhanced with sensors and actuators, the partners are developing a generic, open-source software architecture. This way, a complete system of intelligent IoT sensors is created, which can be combined as platform nodes into networks to intelligently and securely connect, for example, entire rental apartment complexes. For this purpose, a suitable management infrastructure will be implemented to ensure the confidentiality of data on individual nodes.

Guaranteed data security in design and after delivery

To protect personal data, the partners implement specialized cryptographic components and encryption techniques and devise measures to harden them against physical attacks. The fundamental objective is to consider successful verification and certification in both software and hardware development and to create the necessary prerequisites. This contrasts with existing IoT solutions for the home sector, which do not currently require certification and thus may be potentially insecure. Furthermore, the partners employ innovative radiation analyses to ensure the security of the sensors even after manufacturing, during the delivery process, and in operation. In this process, a distinctive radiation signature, applied directly to the circuit board, detects any alterations made to a device after delivery.

DFKI performs verification using virtual RISC-V prototype

The DFKI research department Cyber-Physical Systems, headed by Prof. Dr. Rolf Drechsler, contributes to SASPIT its extensive expertise in the field of system design with a focus on security, correct function, and reliability, particularly for RISC-V based systems. In addition to project coordination, DFKI is responsible for end-to-end verification of the sensor platform to ensure its functional correctness and resilience against attacks. For this purpose, a virtual prototype developed by the researchers and adapted to the platform is employed, allowing for easy implementation of test cases and verification of the system prior to its physical implementation. To achieve this, the prototype can be enhanced with virtual peripheral devices such as sensors or actuators. It is also possible to directly connect real existing hardware.

SASPIT is funded from May 1, 2023, until April 30, 2026, by the German Federal Ministry of Education and Research (BMBF) in the research framework program on IT security “Digital. Sicher. Souverän.” under grant number 16KIS1852K.

DFKI press contact:
German Research Center for Artificial Intelligence (DFKI)
Communications & Media
E-mail: communications-hb@dfki.de
Tel.: 0421 178 45 4180

Wissenschaftliche Ansprechpartner:

DFKI contact:
Prof. Dr. Christoph Lüth
German Research Center for Artificial Intelligence (DFKI)
Cyber-Physical Systems
E-mail: Christoph.Lueth@dfki.de
Tel.: 0421 218 59830

Weitere Informationen:

https://cloud.dfki.de/owncloud/index.php/s/GzAdJKsiYGTjZCQ Image material – always indicate the copyright when using the photos!

https://www.dfki.de/en/web/news/projekt-saspit-gestartet

Media Contact

Andrea Fink DFKI Bremen
Deutsches Forschungszentrum für Künstliche Intelligenz GmbH, DFKI

All latest news from the category: Information Technology

Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.

This area covers topics such as IT services, IT architectures, IT management and telecommunications.

Back to home

Comments (0)

Write a comment

Newest articles

Innovative 3D printed scaffolds offer new hope for bone healing

Researchers at the Institute for Bioengineering of Catalonia have developed novel 3D printed PLA-CaP scaffolds that promote blood vessel formation, ensuring better healing and regeneration of bone tissue. Bone is…

The surprising role of gut infection in Alzheimer’s disease

ASU- and Banner Alzheimer’s Institute-led study implicates link between a common virus and the disease, which travels from the gut to the brain and may be a target for antiviral…

Molecular gardening: New enzymes discovered for protein modification pruning

How deubiquitinases USP53 and USP54 cleave long polyubiquitin chains and how the former is linked to liver disease in children. Deubiquitinases (DUBs) are enzymes used by cells to trim protein…