CHARIOT is an Horizon2020 project started in 2018 that has 11 Partners at European level that joined to study and advance state of the art in IOT security and safety, by providing a design method and cognitive computing platform supporting a unified approach towards Privacy, Security and Safety (PSS) of IoT Systems, that places devices and hardware at the root of trust, in turn contributing to high security and integrity of industrial IoT.
Different IoT systems are designed and implemented according to the IoT domain requirements, typically not taking into consideration issues of openness, scalability, interoperability, and use case independence. This leads to a variety of new potential risks concerning information security and privacy, data protection and especially safety.
Consequently, securing data, objects, networks, infrastructure, systems and people in IoT will have a prominent role in the research and standardization activities over the next several years.
However, critical systems of all types were typically devised prior to wide-spread adoption of IoT and have not been designed (or redesigned) to cope with the unique safety issues that arise with the integration with high volumes and varieties of IoT devices and platforms.
Therefore, there is an urgent need for next generation cognitive IoT platforms that can enable the creation of intelligent IoT applications with intelligent shielding and supervision of privacy, cyber-security and safety threats, as well as complement existing IoT systems in non-intrusive ways and yet help guarantee robust security by placing devices and hardware as the root of trust.
The goal of CHARIOT project
CHARIOT aims to advance the state of the art in this area providing a design method and cognitive computing platform supporting a unified approach towards Privacy, Security and Safety (PSS) of IoT Systems, that places devices and hardware at the root of trust, in turn contributing to high security and integrity of industrial IoT.
The above will be achieved by developing a Public Key Infrastructure to enable coupling of a pre-programmed private key deployed to IoT devices with a corresponding private key on Blockchain.
More specifically, for each of the PSS ‘imperatives’, a highly innovative approach has been created, using solutions to create a Privacy and Security Protection method building on concepts from state-of-the-art Public Key Infrastructure (PKI) technologies, to enable the coupling of a pre-programmed private key deployed to IoT devices with a corresponding private key on Blockchain system for the purposes of affirming and approving valid transactions.
A Blockchain ledger will be build in which categories of IoT physical, operational and functional changes are both recorded and affirmed/approved through a combination of coupling a cognitive engine and private key hashing between the cognitive engine and IoT devices to authorise change and, likewise, invalidating any and all other changes whether malicious or otherwise.
Such a ledger provides a compelling journal and audit log from which, through machine learning, past patterns can be used as a basis to highlight present anomalies and inconsistencies and, in turn, halting execution in situations where transactions and workflows deviate from established patterns of behavior.
On top of the above a fog-based decentralised infrastructure for Firmware and Operational Security integrity checking that leverages a Blockchain ledger to enhance physical, operational and functional security of IoT systems, such as actuation, deactivation, transactions of all types including business process workflows and their associated business logic.
Blockchain Technologies for Data Security, Safety and Privacy in Industrial IoT environments
Blockchain technologies support and provide distributed ledgers that keep data immutable via advanced data security and cryptography ensuring that stored data cannot be altered by any accidental or in purpose (malicious or not) activity and actor. The most popular examples of blockchain implementations are Bitcoin and other cryptocurrencies, however, blockchain has already found its way in modern Internet of Things (IoT) implementations and industrial applications, opening a new way in the way that data are managed, stored and processed.
The advantageous character and offering of such technologies is highlighted though in applications where data trust is of primal importance. This is largely extrapolated via the recent increase of IoT devices and networks demanding higher levels of data and devices communications.
CHARIOT takes advantage of the capabilities of this technology and applies it in the IoT domain over IoT devices and networks lifecycle management. In this direction, blockchain is applied towards seamless and proactive management including device acknowledgment (commissioning, managing, tracking, securing and maintaining network devices). Such a managed approach is expected to increase productivity through improved asset utilization as well as reduce downtime through device management that supports real-time sensor and security monitoring. Reaction to alerts steaming from security issues in the network is also of primal importance in modern IoT networks together with increased data and information trust in monitoring systems is a further important point of the CHARIOT scoping. This technology also supports CHARIOT’s contribution over end-to-end affirmed network components offering extended trust on the actual devices and conveyed information.
The CHARIOT solution includes an authentication solution of blockchain with PKI (Public Key Infrastructure) technologies in the network devices (sensors and gateways), Blockchain-aided encryption between all IoT network endpoints (sensor/gateway/FOG), a mobile application for sensor provisioning in the IoT network utilizing the four-eye principle and a Blockchain-based state management for sensors (decommissioned, faulty, compromised etc.).