\"The connected objects are becoming omnipresent in our everyday lives, which is shown by the rapidly raising number of Internet-connected devices predicted to billions by the year 2020. The intrinsic feature of high dimension poses problems and challenges in terms of security...
\"The connected objects are becoming omnipresent in our everyday lives, which is shown by the rapidly raising number of Internet-connected devices predicted to billions by the year 2020. The intrinsic feature of high dimension poses problems and challenges in terms of security, privacy and trust. These three pillars are critical to the IoT (Internet of things) as they impact all dimensions of the IoT.
Inadequate safety, security or privacy is a barrier to large-scale deployment of IoT systems and to broad and trusty adoption of the IoT applications. Nevertheless, today the IoT struggles for duly tested/certified mechanisms and features that scale its extremely large and rapidly evolving dimension.
The project’s grand objective is to provide duly tested, benchmarked and certified Security & Trust solutions for large-scale IoT using upgraded FIRE large-scale IoT/Cloud testbeds properly-equipped for Security & Trust experimentations.
A set of 3 (three) direct, very clear, measurable, realistic and achievable specific objectives has been defined that altogether make the realisation of the abovementioned grand objective possible:
#1 Upgrade FIRE testbeds for supporting large-scale IoT Security & Trust experiments, which are world-class Internet-of-Things testbeds, provided by the European Commission FIRE initiative that make possible large-scale experimentally-driven research.
#2 Provide experimented solutions for Secure & Trusted large-scale IoT environments addressing the four segments of the IoT deployment:
• devices and data;
• (wireless) connectivity,
• platforms,
• applications and services
#3 Benchmarks, framework and novel certification scheme for Secure & trusted large-scale IoT, which support the development of Security and Trusted IoT applications and setting confidence in their deployment.
\"
\"On the half way of the project’s timeline, ARMOUR partners pave the way towards reaching Objective#1 with tight and strong collaboration. ARMOUR partners have achieved to build a first version of the Large-Scale testing framework, an IoT toolbox for conformance and pattern-based testing. The toolbox integrates with the FIRE experimental infrastructure, FIT IoT Lab, to run the automatically generated test cases. Its deployment has started on the ARMOUR experiments.
The seven experiments cover different IoT segments. Towards reaching the Objective #2, each experiment identified a set of security requirements (for instance vulnerabilities of interest) and experiment requirements related to the FIRE infrastructures to deliver reproducible experiments by the community. The IoT toolbox provided facilities for integration and reproduction of the experiments within the testbeds, which allowed the deployment of some the experiments.
With respect to the project’s Objective #3, an initial definition of the benchmarking methodology and labelling scheme, based on the Common criteria. A methodology has been proposed connecting the benchmarking and the labelling to the testing framework, providing thus an end-to-end formal methodology based on security test patterns and models.\"
The project responds to the technological impact on creating large-scale solutions for security & trust assessment of IoT systems, as identified through the close-to-market solutions (defining the seven ARMOUR experiments). The project proposes the ARMOUR security framework, which is driven by the ARMOUR experiment representative needs and most known IoT security frameworks and guidelines in the IoT domain, for example oneM2M, OWASP IoT, GSMA.
Based on this new ARMOUR security framework, the project proposes a new general ARMOUR security testing methodology, which in a unique way integrates three different Model-Based Testing (MBT) approaches to ensure security & trust of IoT systems and services: standard/compliance testing, pattern driven and behavioural fuzzing. This highly impacts the existing state of the market and state of the art in the world research community, as IoT testing solutions are limited to providing test management and execution tools, and very little concentrated on automated security test cases conception.
The ARMOUR MBT approach has made a proof on concept and has shown its benefices on the conception on functional and security test suites in TPLan and respectively TTCN-3 based on MBT models for the oneM2 standard. This pave the way towards the European innovation and competitiveness expected impact, which will directly and indirectly lead to an environmental and social impact.
More info: http://armour-project.eu/.