ECSEL-prosjekt SCOTT - Secure Connected and Trustable Things

Creating trust in wireless solutions and increasing their social acceptance are major challenges to achieve the full potential of the Internet of Things (IoT). Therefore, SCOTT (Secure COnnected Trustable Things), a pan-European effort with 57 partners from 12 countries joined effort to work on trustworthy connectivity and interoperability. The 8 partners from Norway being Telenor, EyeNetworks, TellU, Wolffia, Movation, Smart Innovation Norway, OsloMet and UiO have joined their complementary expertise to - Answer the IoT need for a new and more advanced security paradigm through measurable security, security classification and proactive safeguarding, - Create a Convincing privacy assessment through privacy labelling, seen as a market opportunity for companies and a response for the consumers need, and - Establish a clear link between security and safety in the various domains. Tellu, as a provider of services in the e-health domain, has developed a diabetes monitoring sub-system, with mobile app serving as a gateway between medical measurement devices and cloud systems. EyeNetworks presented a managed wireless concept in order to improve performance, security and trustability of wireless networks and services in smart infrastructure. The managed wireless platform as a cloud service is able to monitor and manage Wi-Fi access points and Internet gateways in homes and buildings remotely. Telenor, together with OsloMet and Wolffia are able to enhance the smart home experience by providing network slicing in 5G networks. For instance, in the smart home for elderly people, they have a fall detection system, a smart lock in the main door and a gateway to allow these devices to connect to the cellular network. In order to provide network slicing, they have succeeded in deploying one of the smallest 5G networks, using off the shelf and consumer-available products and open-source software, which is located in OsloMet?s Secure 5G4IoT test lab. UiO has developed a security classification method for IoT systems to help and guide developers into building their systems secure from the start. The Security Classification methodology is a way to measure security, building on the standard from the French national agency ANSSI. The methodology moves away from a classical attack-centric approach, into an approach focusing on connectivity UiO has built a tool and tested it with end-user to be easy-to-use in a standard DevSecOps tool-chain. The tool was tested in some IoT systems of the project partners and external SMEs in terms of hackathons with positive feedbacks. UiO has worked on combining Attribute-Based Access Control with semantic technologies, which is called semantic attribute-based access control (S-ABAC). It is backward compatible with the XACML standard (extensible access control markup language) as described by NIST, and widely used in healthcare systems especially in US. The final S-ABAC engine is accessible as a cloud service, deployed in cloud infrastructure of the University of Oslo. In addition, UiO has established concepts for privacy labeling. For people concerned about privacy when choosing an IoT product, Privacy Labels make it easy to do truly well-informed choices.

Creating trust in wireless solutions is a major challenge to achieve the full potential of IoT solutions. Eye Networks extended their EyeSaaS Cloud for managed WiFi, providing better wireless experience and the capability of identifying malicious devices in the home. OsloMet has established the 5G4IoT test lab together with Telenor and Wolffia, proving novel aspects such as network slicing. Through the lab, the students and collaboration partners will be able to simulate and test novel network functionality. Smart Innovation Norway, starting from an energy base, extended their knowledge to IoT-driven smart energy systems, smart homes and smart cities. Tellu achieved yet another demonstration of the applicability of their TelluCloud for IoT devices. UiO developed the security classification method for IoT systems, besides implementation of semantic attribute-based access control (S-ABAC) and privacy labels (A-F).

Creating trust in wireless solutions and increasing their social acceptance are major challenges to achieve the full potential of the Internet of Things (IoT). Therefore, SCOTT "Secure COnnected Trustable Things", a pan-European effort with 57 partners from 12 countries (EU and Brazil), will provide comprehensive cost-efficient solutions of wireless, end-to-end secure, trustworthy connectivity and interoperability (Technology Readiness Level 6-7) to bridge the last mile to market implementation. SCOTT will not just deal with 'things that are connected', but with 'trustable things that securely communicate', i.e. things interconnected by dependable wireless technology and valuing the end-users' privacy rules. The 8 partners from Norway being Telenor, EyeNetworks, TellU, Wolffia, Movation, Smart Innovation Norway, HiOA and UiO have joined their complementary expertise to - Answer the IoT need for a new and more advanced security paradigm through measurable security, security classification and proactive safeguarding, - Create a Convincing privacy assessment through privacy labelling, seen as a market opportunity for companies and a response for the consumers need, and - Establish a clear link between security and safety in the various domains.