Thank you. Thank you very much.
Well, with this introductions in the next minute, I am going to talk about how to develop, operate and make quality assurance of trustworthy IOT systems. I want to start with some, the definitions of the internet things. The first one is from Anisa and defines the IOT as a cyber physical ecosystem of interconnected sensor source and activators, which enable intelligent making.
Right.
The second one is more, is very complete.
And I like it very much because it says that the internet of things is the network of physicals that contain embedded technology to communicate and sense or internet with their internal states or the external environment. And this external environment can be anything that we can't find outside us. It can be another things. It can be another, it can be a road, it can be a structure. It can be either another smart TV or whatever we can think about.
If we say, for instance, if we think about a PLA information of cars, this is an IOT system in which each car interacts with the rest of the cars in the formation. And the first one interacts with the intelligent infrastructure like red road and the traffic signs. We have a look to one of the car. The car is a complete system of systems in the cells, but we are going to focus on just a, the car as a complete system.
Eh, the car, the car is performing fancy, like sensing the reality, analyzing the data inferring, deciding what to do based on the, the data that has been obtained by the sensors and performing some kind of action or actions like either accelerating, breaking, or informing the other cars about going out of the formation
And in the PLA information, all the cars are doing more or less the same loop interacting with each other, seeing data. And they are also seeing data with the surrounding infrastructure in order to make the PLA information work.
This is just an example of what is can be found or, or, or what can be thought of the internet of things. But we can think in other terms, we can think about, eh, the smart grid, which is another kind of internet things.
And we can say that IOT is a very broad and trans topic as it goes for, from the technologies that allow things to communicate in order to change data taken by sensor with other things or systems, but can also store those data process, then take decisions and even secure those decisions through the appropriate to this implies an autonomy and distribution of the decision that allows to conceptualize different systems and can be applied in many different application domains. This communication capacity means that it is possible to connect things among them.
And in reality, billions of thought yet could be connected. As in the case of the business to consume applications, we can find or apply IOT in industry.
In fact, industry and internet things or industry for those zero is, and internet of things. We can find it in smart cities, in our homes with our smart TV, with our Smartsheets and so on. And we could say that we can find it in any, any domain.
In this case, we are talking about system or systems and in this systems of systems, the potential attack or phase increase sometimes in unpredictable ways. And this is a, a characteristic of the internet of things.
If we have a look to the different business models that we can find with, find with the internet things, we can find that IOT products can take part in different business models like the IOT mass market, which is business to consumer, in which, in which things are ly produced. And they are used by private users with little technical or security, know how in this case, privacy and confidentiality of the data, the users plays a crucial role and usually discovered by the GDPR and the privacy regulation.
But we must not forget about, about cyber security because these devices that we have have are at home or that we use in our fun time can be used.
The device is using an critical application, can create problems in companies. We just need to think about an, an attack like the immediate one at the end of 2016, in which smart consumer goods used as an army of bots producing it, denial service in an important internet service provider. And this brought downsides like Twitter, Netflix already CNN and many others in Europe and the us, but we can find another business model.
And this is the one in which things are used in sectors like industry energy, health. We are talking about business to business business model. And in this case, users are companies and secure. We must warrant is how that the security of the production process and also of the products that are being manufactured, eh, is warranted.
So is we want to build trust in the IOT. We must make people aware the cybersecurity is an issue, and we must make it then aware mainly in the industrial context that this is a real issue. And it is an issue when we develop products.
And it is an issue when we make installations or when we are monitoring something. And that survey security by design and by the default, that is so easy to say, it's usually not so easy to, to implement a cyber security by this sign. And by the default means taking into account cyber security in the whole software development process and taking into account cyber security along the supply chain. I want to add one recommendation. It is better not to use business to consumer devices and business, to business applications that we want to avoid cybersecurity.
And in case we do this, at least we must be aware of the potential vulnerabilities risk that we are going have with this kind of devices. Sun lines have been generated to help in the development and use of IOT devices, but this is not enough. Developers need new methods and tools to facilitate cyber security by design and by default,
Because next generation of smart IOT systems need to manage the close loop.
For instance, into the look that we have seen before within safe operational boundaries, eh, this systems will also be distributed across, eh, different kind of infrastructure like T H it cloud making systems, very complex systems with, of devices or systems and of connectivities and potential failures. And they are going to operate in an unpredictable physical world. We all know how it's the physical world. They are going to, to have to face situations that have not been fully understood or anticipated in the software development process.
And this is an important issue and doing this in it as working a way, which means with security, privacy, and robustness.
So how can we tackle the complexity of developing and operating smart IOT systems, which involves sensors and activators and need to be trustworthy?
The approach in the net project has been to evolve a DevOps methods and techniques to address this DevOps has been widely adapted in the software industry, and it consists on a set of software engineering, best practice and tools to ensure quality of service while while evolving the system, fostering agility, rapid innovation cycles, and is of use. We can say that currently there is no support for the development of trustworthy IOT systems.
For example, there are no mechanisms to ensure any to end security and privacy or mechanisms able to take into consideration open contest and S not to the necessary continuous deployment E IOT systems.
In this sense, the Objectif of the project is to provide a re framework for a smart IOT systems to support the continuous delivery of trustworthy, smart I IOT systems to support the AI operation, to support the continuous quality assurance, to reinforce the trustworthiness of the smart IOT systems, to leverage the capabilities, sustain IOT platforms like ware and Sophia, and to fully exploit legacy prop proprietary, and of the sales software, because the system need to be integrated with many, they put a kind of devices and infrastructure, so, and final.
And the final point is trying to demonstrate the applicability or the integrated app DevOps framework or trustworthy smart IOT systems.
Let's have a look to the AI development phases. We go out to the planning phase, and that will support the planning of I IOT systems development cycles, as well as the smooth transition towards the code stage, introducing a new enable for risk driving and contested where selection of the most relevant and trustworthy devices and services to be used in the future is we go to the code phase and not use the model driving engineering approach.
And in particular able will evolve for ING advances of the thing and a language and generators to support modeling system behavior and automation across RYS and distributed devices at the T. And HN.
If we have a look to the build and the deploy phase faces, and we provide new deployment model in language to specify trustworthy and secure orchestration of sensors and Twitters and software components, along with the mechanisms to identify and handle potential and conflicts at the model level, the deployment engineer automatically collects the requires software components and integrate evolution of system into the runtime environment across the whole T eight and cloud space.
If we have a look to the testing phase, and that allows the continuing testing testing of the smart IOT systems in an environment capable of simulating and simulating IOT, and it infrastructures, the system is able to simulate some basic attacks or security threats related to the use cases. And in the operating case phase and allows the automatic adaptation of station systems based on the run, trying contents reinforced by online learning in the monitoring phase, we provide mechanisms to observe the status and the behavior of the running IOT systems for quality assurance and analysis.
And we support the testing of the systems around time. But in addition to the commented DevOps relating innovation, and that provides specific cross cutting innovation related to trustworthiness related to resilience and robust net by allowing different I IOT service implementations and deployment, for instance, implying that an instance of the service can have a different implementation and operate differently, still ensuring consistent and predictable global behavior.
This will lower, lower the risk for privacy and for security reaches and significantly reduce the impact in case of cyber attack. In the case of cyber attack, of course, it will also support security, privacy, and identity management, providing support to ensure end to end security of trustworthy, smart internet systems. This will not only include smart prevented security mechanisms, but also the continuous monitoring or security metrics and contest with the to three to try reactive security measures.
In this picture, we can have a complete view of the enough DevOps assistance and the different enables that we are having in the different faces. So here you can see the delivery and operation of the smart I IOT system using the type of framework, the top blue, eh, box illustrates how the app continues delivery toolkit will support the development activities in an ideal way. In the case of the orient or Sal box shows how the operation Toki will support the different operation activities.
Eh, we must say that integrates DevOps framework. I integrated DevOps framework is composed of set enables that can be still integrated with the system IOT platform via ING MES. And this is important. This enables our categorize in free groups, the toolkit for the continuous delivery of the smart IOT systems that is another toolkit for the agile operation or this IOT systems. And finally, the third, eh, toolkit is the facilities that we offer for trustworthiness of the port system.
This set of enables can be seamless combined, and they can easily integrate with assisting IOT platforms and enables
The in app DevOps studio has been applied in different use cases like for instance, in transport, but in the case of Lia, we have been involved in the use case of a smart building for elderly care. Eh, in this use case, the objective, eh, has been the, of the people inside the building, taking into account energy efficiency aspects of the building and of the different route inside in this picture, you can see the building that we have used for this testing purposes.
It is called cubic, and it is a building in which it is possible not only to test the different materials that can be used in a building, but also the complete it OT infrastructure that can be found. I found in a building dis composed of different rooms rooms with different characteristics that you can find in, for instance, in, in a residence or in an apartment. And it is with the central, with the building management system and so on. So it is very, very close to, to reality experimentation facilities that we have used in the case of this, of this project.
And, well, this is all from my part. I hope that you have enjoy this presentation and well, in case you wanted to ask any question, please feel free to, to do it. Thank you very much for your attention.
