Cyber Security of the Internet of Things

Lead Research Organisation: University of Southampton
Department Name: Electronics and Computer Science


Today we use many objects not normally associated with computers or the internet. These include gas meters and lights in our homes, healthcare devices, water distribution systems and cars. Increasingly, such objects are digitally connected and some are transitioning from cellular network connections (M2M) to using the internet: e.g. smart meters and cars - ultimately self-driving cars may revolutionise transport. This trend is driven by numerous forces. The connection of objects and use of their data can cut costs (e.g. allowing remote control of processes) creates new business opportunities (e.g. tailored consumer offerings), and can lead to new services (e.g. keeping older people safe in their homes).

This vision of interconnected physical objects is commonly referred to as the Internet of Things. The examples above not only illustrate the vast potential of such technology for economic and societal benefit, they also hint that such a vision comes with serious challenges and threats. For example, information from a smart meter can be used to infer when people are at home, and an autonomous car must make quick decisions of moral dimensions when faced with a child running across on a busy road. This means the Internet of Things needs to evolve in a trustworthy manner that individuals can understand and be comfortable with. It also suggests that the Internet of Things needs to be resilient against active attacks from organised crime, terror organisations or state-sponsored aggressors.

Therefore, this project creates a Hub for research, development, and translation for the Internet of Things, focussing on privacy, ethics, trust, reliability, acceptability, and security/safety: PETRAS, (also suggesting rock-solid foundations) for the Internet of Things. The Hub will be designed and run as a 'social and technological platform'. It will bring together UK academic institutions that are recognised international research leaders in this area, with users and partners from various industrial sectors, government agencies, and NGOs such as charities, to get a thorough understanding of these issues in terms of the potentially conflicting interests of private individuals, companies, and political institutions; and to become a world-leading centre for research, development, and innovation in this problem space.

Central to the Hub approach is the flexibility during the research programme to create projects that explore issues through impactful co-design with technical and social science experts and stakeholders, and to engage more widely with centres of excellence in the UK and overseas. Research themes will cut across all projects: Privacy and Trust; Safety and Security; Adoption and Acceptability; Standards, Governance, and Policy; and Harnessing Economic Value. Properly understanding the interaction of these themes is vital, and a great social, moral, and economic responsibility of the Hub in influencing tomorrow's Internet of Things. For example, a secure system that does not adequately respect privacy, or where there is the mere hint of such inadequacy, is unlikely to prove acceptable. Demonstrators, like wearable sensors in health care, will be used to explore and evaluate these research themes and their tension. New solutions are expected to come out of the majority of projects and demonstrators, many solutions will be generalisable to problems in other sectors, and all projects will produce valuable insights. A robust governance and management structure will ensure good management of the research portfolio, excellent user engagement and focussed coordination of impact from deliverables.

The Hub will further draw on the expertise, networks, and on-going projects of its members to create a cross-disciplinary language for sharing problems and solutions across research domains, industrial sectors, and government departments. This common language will enhance the outreach, development, and training activities of the Hub.


10 25 50
Description The IoT Observatory is being developed as a core platform and set of technologies to support observation, analysis, and visualization of different IoT applications/devices within integrated IoT ecosystems such as smart cities, critical infrastructure support. Drawing on emerging standards for metadata such as HyperCat, big data technologies (such as storm), IoT data stream protocol formats such as MQTT, CoAP are some of the core features of the observatory platform. At the core of the IoT Observatory ecosystem is a platform that orchestrates device discovery, data integration across sensor streams, data aggregation, statistical analyses and sharing among different stakeholders. A critical feature provided by the IoT Observatory fine-grained access control to ensure data authentication and authorization policies to address the concerns of sensitive information. For this, we are in process of enriching the metadata associated with datasets, streams, data statistics, visualizations and applications to enable user consent for sharing the sensitive sensor data to certain degree. An authentication service for legitimate sharing and re-use of resources on the observatory is being developed to address the concerns of localized authorization decision making in IoT applications.
Exploitation Route We expect a widespread impact in terms of providing an infrastructural support for secure and legitimate sharing of IoT resources across different research themes and application areas within the PETRAS community and the IoT community at large.
Sectors Agriculture, Food and Drink,Communities and Social Services/Policy,Creative Economy,Digital/Communication/Information Technologies (including Software),Education,Energy,Environment,Financial Services, and Management Consultancy,Healthcare,Government, Democracy and Justice,Manufacturing, including Industrial Biotechology,Culture, Heritage, Museums and Collections,Retail,Transport

Description The IoT Observatory is envisaged as a core platform for both the academic and user-partners at the PETRAS hub for IoT data-sharing and re-use across different themes of research. The capabilities of the observatory to support sharing of both historical and real-time sensor data streams complaint with the HyperCat metadata vocabulary can direct impact the standardization, and building IoT data-ecosystems critical for IoT research. We expect to run user-engagement workshops, analyzing user's privacy and trust concerns and understanding their interactions with other stakeholders for a variety of data processing and analytic applications. This is critical for real-world implementation of the platform for sharing and re-using IoT resources. We expect a widespread impact in terms of providing an infrastructural support for secure and legitimate sharing of IoT resources across different research themes and application areas within the PETRAS community and the IoT community at large.
First Year Of Impact 2016
Impact Types Cultural,Societal,Economic,Policy & public services

Title IoT Observatory 
Description The development of the IoT Observatory is key towards a core platform and a set of associated technologies in order to support the observation, analysis, and visualisation of interactions and activities in IoT ecosystems. Integration with existing IoT Metadata standards such as the HyperCat make the observatory a robust tool for inter-domain research analyses. Inspired by the Web Observatory platform the IoT Observatory provides infrastructure support for sharing of IoT datasets and analytical applications contributed by various academic and user-partners of the PETRAS for critical research and implementation analyses. The IoT Observatory platform orchestrates several components for data ingestion, integration, storage, and streaming to support data re-use and sharing critical for IoT application domains such as smart cities. To address the privacy concerns of the stakeholders in any IoT ecosystems the observatory platform provides legal and ethical frameworks along with technological support for authentication and authorization. 
Type Of Material Improvements to research infrastructure 
Provided To Others? No  
Impact The IoT Observatory infrastructure is expected to provide critical support for the PETRAS academic and user-partners for sharing research outputs, datasets, and statistics for larger challenges such as tools for detecting data authenticity, verification, and engagement with the IoT user communities in a variety of application domains including Smart cities and healthcare among others. 
Description Hybrid Engagement Architecture Layer for Trusted Human-centric IoT 
Organisation Southampton City Council
Country United Kingdom of Great Britain & Northern Ireland (UK) 
Sector Public 
PI Contribution We are engaging with the Southampton City Council as user partner to collaborate on the behavioural and data sharing components of our proposed research work on modeling human factors in IoT and for cybersecurity over distributed stores. It will especially focus on developing distributed personal data stores and crowdsourcing methods and human computation methods to enable the local citizens to actively participate in the smart city IoT ecosystem to improve trust, privacy, security, and data sharing within critical IoT infrastructure.
Collaborator Contribution At the initial stage, the Southampton city council is expected to facilitate the research by providing research datasets on citizen behavior and data sharing activities within different agencies in a smart city. It would also provide the user test beds for testing the human computation models developed as part of research work by the project
Impact -With the initial support of the Southampton City council as user-partners, funding has been requested through the PETRAS internal strategic funds call. With the support from the PETRAS hub we expect to do a comparative study on user behavior and adoption of smart devices and technologies across different cities in the UK
Start Year 2017
Description SOLIT: Solidifying IoT 
Organisation Ordnance Survey
Country United Kingdom of Great Britain & Northern Ireland (UK) 
Sector Public 
PI Contribution Integrating inputs and research datasets obtained from the Ordnance Survey, the project will support the user-partners with agency/application specific datastores. These datastores will be made available through a data-sharing and mapping framework capable of mapping and integrating the sensor and spatio-temporal in a secure way while addressing the privacy concerns. Secure services will be delivered for data mapping and sharing that will be directly implementable in real-world settings of Ordnance Survey and its partners.
Collaborator Contribution Partnering with Ordnance Survey we expect to obtain rich topographic datasets for a variety of contexts such as critical infrastructure design, urban planning, insurance risk and environment management. This is dataset will be critical to our project implementation and testing phase for making services ready for real-world settings.
Impact With the support and engagement of through initial discussions with the Ordnance Survey a research proposal for first internal strategic funds call with the PETRAS hub has been submitted. Obtaining the same we wish to support engagement activities between PETRAS hub partners and the Ordnance survey at large.
Start Year 2017