Digitalization over the entire product lifecycle accelerates the development, validation, instrumentation and deployment of complex industrial products while increasing product quality. The digitalization and increasing connectivity of (critical) cyber-physical objects enables development of new applications but also leads to new safety & security related requirements in the design, testing, production and operation of these systems. Realising in a cost-effective way, the full potential of trustworthy and secure cyber-physical systems and applications in Automated Driving and Industry 4.0, will require a holistic approach that combines operational aspects as well as the technology. The objective is to integrate security levels across all dimensions in order to a) ensure trusted interaction across devices, machines and networks; b) maintain integrity, authenticity and confidentiality of information; and c) sufficiently protect production data and intellectual property. The integration of appropriate security levels should provide ease of deployment and it should neither be detrimental to performance nor compromise user experience. Tailored security functionality should be provided in order to optimise performance and cost. IoT4CPS will develop guidelines, methods and tools to enable safe and secure IoT-based applications for automated driving and for smart production. The project will address safety and security aspects in a holistic approach both along the specific value chains and the product life cycles. To ensure the outreach of the project activities and results, the relevant stakeholders will be involved throughout the project and results will be disseminated to expert groups and standardization bodies. The main focus of IoT4CPS will be on developing, producing and operating, highly trustable components and applications for Connected and Automated Driving. As the design and production of these components requires a high degree of integration and information exchange along the life cycle, the methods and tools investigated are also highly relevant for the Smart Production use case. In this second use case, however, rather than considering the full bandwidth of Industry 4.0 applications, we focus our scope on the subset of the value chain that is linked to the main use-case. IoT4CPS will follow the ubiquitous security paradigm and address the entire technology stack from semi-conductors (sub-component level), via control systems (component level), to applications (system level). Additionally, specific aspects of accessing the surrounding infrastructures will be considered, as well. Orthogonal to the system integration level, IoT4CPS will address the product life cycle from development, via production to operational use. Thus, IoT4CPS will support digitalization along the entire product lifecycle, leading to a timeto- market acceleration for connected and autonomous vehicles. IoT4CPS will provide innovative components, leading to efficiency increases for the deployment of level 3 and level 4 autonomous driving functions, which will be validated in a vehicle demonstrator. The convergence of industry 4.0 and autonomous driving as promoted by IoT4CPS shall result in a competitive advantage for the Austrian region with respect to the development, validation and instrumentation of innovative components and solutions for connected and autonomous vehicles and smart production environments. 

Objective 1: Provide a framework library for trustworthy IoT tools and solutions supporting the entire IoT lifecycle and acting as technology bricks to develop trusted connected industrial applications

Most of the technical work in WP3 in the last period was related to further development of our tools and their features, as well as their exploitation w.r.t project use-cases. Major effort took place in T3.3. where cryptographic libraries were finalized and in T3.1 where we implemented features for our security tools and deployed them successfully.

We have successfully completed our deliverables D3.7 in a timely manner. In addition, we have successfully published our cryptographic library, as a part of our deliverable D3.6.2. The library and the user manual is available on IoT4CPS portal (https://iot4cps.at/results/repository/ ).Therefore, we can verify that from the WP3 point of view the milestone MS6: Final laboratory prototypes and security concepts was reached in 06/20. There has been an intensive collaboration between AIT and industrial partners, who showed interest in our set of tools for cybersecurity. A tool developed by AIT, called ThreatGet was successfully applied to analyze the security of mixed-criticality platform. This platform is the foundation of IoT4CPS autonomous driving demonstrator developed in WP6. As a part of another collaboration between partners, XNET integrated a C Library for Forward-Secret Key Exchange which was developed as a part of our T3.3. of WP3 into their platform for the demo.

Finally, we have conducted the feasibility of integrating cryptographic features from the library developed by TUG/AIT with the autonomous driving platform used in WP6. Unfortunately, due to challenges caused by the pandemic in 2020 and the related safety measures which we were unable to finalize the library integration and program the FPGA Device and test it on the board in our laboratory.

Also, a Watermark-based sensor security was evaluated and tested on a LORA platform demonstrating applicability for protecting highly distributed industrial application with extremely low-power and low-bandwidth wireless connectivity.

In WP4 all the developments planned for were completed during this final period and planned integrations into the use case demonstrators or the creation of own laboratory demonstrators were carried out. The deliverable D4.2 Functional and formal checks outlines the approaches that were undertaken in IoT4CPS at the area of Strategic Security Assurance covering hardware, protocols, system architecture and human aspects. Deliverable D4.3.2 Analytical Toolbox (final release) describes the refined methods for anomaly detection for IoT4CPS and its implementation as an Analytical Toolbox by analyzing data from hardware, from operating systems, and from the network traffic. The final version of automated test case generator was developed and verified by means of a demonstrator (D4.4.2). Deliverable D4.5 Laboratory demonstrator of reliable IoT discovery and classification describes the developed discovery tool and setup of the demonstrator. In D4.6 Laboratory demonstrator of IoT anomaly detection and threat intelligence two laboratory demonstrators illustrate novel anomaly detection approaches, even when state-of-the-art security measures fail and communication-based threat detection approaches.

The achievements of WP4 are well in line with the needs of the industrial partners and applied to the main industrial case demonstrator, AVL’s Device.CONNECT.

In WP5, the report D5.3 - “Report and Specification: Cross-Platform interoperation model” investigates the IoT platform interoperability standards and data models, and their relevance to the Automotive industry. The connected cars and their applications bring along both unique opportunities and risks. For example, sharing data with many parties in the vehicle ecosystem can improve a variety of driving features, e.g. it can increase driving comfort and safety, improve driving experience, optimize lifecycle processes related to manufacturing and the use of vehicles, contribute to societal targets related to sustainable manufacturing, reduction of fuel consumption, road safety, and more. At the same time, sharing vehicle data can compromise privacy of various stakeholders, e.g. by revealing behavioral patterns. Thus, the objective of this report is to raise awareness of good data practices in the Automotive industry and identify challenges and possible solutions for ensuring the quality of data interoperation among vehicle infrastructures.

In addition, the report D5.4.2 – “Identity, Security and Safety in Product Lifecycle Data Management” that is a successor of the D5.4.1 report, further captures identity and security aspects based on two automotive driving scenarios and extends the model created in D5.2 “Product Lifecycle Data Management (PLCDM) Stakeholder Perspectives” by adding a set of security threats, as defined in WP4 “Security Verification and Analysis” of IoT4CPS. The extended model ensures the inclusion of both multi-stakeholder and IoT-/ CPS-based assets (and their services) along lifecycle phases of connected car scenarios and adds the cybersecurity perspective to it. In this report, an additional safety and privacy analysis of Connected and Automotive Mobility (CAM) use cases (defined in D5.4.1) is provided. D5.4.2 also includes the localization techniques for safety and addresses trust and ethics in CAM applications.

The prototype is available from GitLab:

https://git-service.ait.ac.at/im-IoT4CPS/WP5-lifecycle-mgmt

Verification:

evaluation and feedback from industry partners

integration into industrial applications in WP6, WP7

8 refereed conference or journal publications

project deliverables D3.6b, D3.7, D4.3.2, D4.4, D4.5, D4.6, D5.4.3

Application, framework and libraries have been successfully integrated into both demonstrators (see also objective 2 and 3). All deliverables, as well as over 20 publications have been published with respect to objective 1 (see also chapter 3).

Objective 1 is fully achieved.

Objective 2: Provide innovative components, leading to efficiency increase by 10% for the deployment of connected vehicles and level 3 and level 4 autonomous driving functions

In WP6, the contributions to this objective were computation and communication platforms for connected and automated vehicles. On the long run, this replies to the market pull for higher automation, connectivity up to “autonomy”, also stemming from cyber-physical systems (CPS). CPS exploit a variety of different capabilities allocated within the cyber space and at the same time combine them with processes from our tangible world surrounding us. The need for higher digitization also pushes next generation vehicles and mobility towards becoming gadgets that satisfy many tasks not just mobility such as high-performance computing and connectivity. These features result in the need for complex computational algorithms and multi-discipline skills and abilities like sensor fusion for Advanced Driver Assistance Systems (ADAS) supported by newest AI technology. Such basis for a suitable Safety-Platform was developed successfully within WP 3 and was deployed for demonstration in WP 6. Besides following strict safety concepts, the platform replaces the uncontrolled growth of ECUs, each of them dedicated to only one specific function which does not scale well. It also satisfies the demand for an abstraction of the application from the data communication and computing system. It also provides a smooth integration firmware handling all the complex tasks of virtualization, multicore and hypervisor handling and memory and time management.

In support of WP 7, WP 6 successfully deployed the safety platform architecture from WP 3 and developed the Safety Platform (see Figure 1).