Markdown Version | Session Recording

Session Date/Time: 12 Dec 2022 15:30

T2TRG - Summer Meeting Minutes

Summary

The T2TRG summer meeting covered updates on existing research group documents, introduced new security research topics, and featured several presentations on semantic interoperability, including updates on the One Data Model (1DM) initiative, the Semantic Definition Format (SDF), W3C Web of Things (WoT), and a novel approach to knowledge graphs for IoT digital twins based on SDF. Key discussions focused on refining terminology for IoT security setup, addressing amplification attacks, and developing a taxonomy for manufacturing-installed keys. A sense of the room indicated strong support for proceeding with research group adoption for two drafts.

Key Discussion Points

• Research Group Document Status:

  • The "H and IoT" document has passed research group last call and is undergoing IRTF review.
  • The "Restful Design for IoT" document is awaiting further pull requests and is expected to proceed to research group last call soon.
  • The "Semantic Landscape" / "Nutrition Labels for IoT" document is seeking additional input and feedback from the community.

• "Terminology and Processes for Initial Security Setup of IoT Devices" Draft (formerly "Security Bootstrapping"):

  • A co-author presented updates on the draft, which now uses new terminology (entities, players, processes like bootstrapping, provisioning, onboarding) and analyzes their usage across different proposals and standards.
  • A participant noted the industry's shift towards terms like "onboarding" and "provisioning," emphasizing the need for the document to clearly define and differentiate these terms, reflecting current industry understanding rather than older, potentially ambiguous terms.
  • The chairs agreed on the importance of precisely defining terminology, acknowledging that while industry terms are valuable, the document should clarify any ambiguities.
  • The authors welcomed feedback via the mailing list or pull requests to refine the terminology.

• SecOR Initiative (Security for Constrained RESTful Environments):

  • A new activity was introduced to foster research in security for constrained environments.
  • Initial topics of interest include:
    • Amplification attacks (currently being explored in a separate draft).
    • Efficient software updates using CoAP group communication (e.g., multicast).
    • Delegation of rights in OAuth settings, extending beyond existing ACE work.
  • The initiative is seeking "pen holders" to drive these topics forward, with future meetings anticipated to align with IETF cadences or be held more frequently if warranted by participant engagement.

• "Amplification Attacks Using CoAP" Draft:

  • The author provided an update on the 02 version, which incorporated feedback on editorial aspects, references, and the calculation of amplification factors.
  • Key open questions for the research group regarding the document's scope were presented:
    • Should it primarily raise awareness of IoT amplification attacks generally, and discuss mitigations?
    • Should it discuss known amplification Denial of Service (DoS) attacks (the author suggested leaning against this due to involvement of device hacking and the IRTF's focus on protocols)?
    • Should it include concrete information about actual attacks, given limited new data and potentially confusing media reports (the author suggested this part might be removed or made less CoAP-focused)?
  • A poll of the room indicated that 6 participants had read a version of the document. Subsequently, 8 participants raised their hands in favor of adopting the document as a research group item, with one explicit non-vote. The chairs noted strong support and would confirm the call on the mailing list.

• "Taxonomy of Operational Security Considerations for Manufacturing Install Keys and Trust Anchors" Draft:

  • The author presented the history and motivation for the draft, which arose from observed skepticism regarding manufacturers securely installing "birth certificates" (e.g., 802.1AR IDevID keys), despite existing industry practice. The document aims to provide a public reference to overcome secrecy imposed by Non-Disclosure Agreements (NDAs).
  • Non-goals for the document include:
    • It is not an auditing or evaluation process (e.g., ISO 27000-ish).
    • It does not dictate what is "more secure," but rather describes "what is," analogous to energy efficiency labels. The goal is to allow recognition of security levels, not prescribe them.
  • The document outlines methods for counting PKI levels, key generation, and handling business continuity for secret sharing (e.g., N-K schemes).
  • A participant poll indicated 6 people had read a version of the document. Following this, 6 participants raised their hands in favor of research group adoption. The chairs noted strong support and would issue a call for adoption on the mailing list.

• One Data Model (1DM) and IoT Schema Update:

  • The 1DM initiative has shifted its focus from driving model convergence to enabling contributions and establishing common practices using SDF (Semantic Definition Format) for existing industry models.
  • The goal is to facilitate practical interoperability through semantic proxies, mappings, and bindings, rather than immediate model harmonization.
  • Models from OMA, OCF, and Bluetooth are being integrated, and engagement with CSA/Matter (Dotdot) is ongoing.
  • 1DM is also exploring broadening its scope to digital twin models, particularly focusing on relations and links, with current work on Azure DTDL interworking and potential OPC UA integration.
  • IoT Schema.org, an RDF framework for device affordances, remains available for use as an example for semantic annotation and W3C Thing Descriptions, but is not actively developed or governed. Its future may involve becoming a W3C Community Group.

• SDF Update and Status:

  • SDF continues to evolve as a Semantic Definition Format for describing the digital interactions (properties, actions, events) of IoT things.
  • The IETF ASDF Working Group is progressing on the base specification (dash-12), with ongoing work on open issues and future extensions (SDF Next).
  • Tools for converting between SDF and other formats (Yang, OMA, OCF, DTDL, WoT) are being developed and used to populate the 1DM playground.
  • SDF Next areas include an alternate YAML syntax, an SDF Mapping document (for augmenting models with "qualities"), and a comprehensive approach to defining links both at the model level (SDF-ref) and as data types for interactions (RFC 8288-based).
  • The architecture is being extended to address cross-ecosystem protocol bindings and class-level information. Research group input on examples and validation is welcomed.

• WoT Update and SDF-WoT Conversion:

  • An update on W3C Web of Things (WoT) indicated that Thing Description 1.1, Architecture 1.1, and Discovery specifications are progressing towards W3C Recommendation status by mid-2023. A new charter starting in May will focus on profiles, TD 2.0, and protocol bindings.
  • Research work was presented on a conversion between SDF and WoT data models (Thing Descriptions and Thing Models).
  • Similarities (JSON, affordances, JSON schema-inspired terminology) make conversion relatively straightforward, but differences (WoT's JSON-LD context, instance-specific security/forms information) pose challenges.
  • The proposed solution uses "mapping files" to augment SDF with WoT-specific vocabulary and leverages WoT Thing Models as intermediaries to represent abstract SDF models without instance-specific constraints.
  • Challenges include mapping nested models (WoT's linking vs. SDF's SDFThing class), round-tripping fidelity, and resolving external references.
  • A Python-based converter library, CLI tool, and web application have been implemented, demonstrating feasibility and serving as input for potential standardization.

• Knowledge Graphs for IoT Platform Digital Twins Based on SDF:

  • A project at Ericsson Research presented a novel approach to building digital twins for IoT platforms using knowledge graphs.
  • The system uses TypeDB as an open-source knowledge graph, with a domain-adapted ontology, to store, query, and reason about IoT device data.
  • The main contribution is an algorithm for integrating new, unknown IoT devices into the knowledge graph. This involves:
    • Describing device classes semantically using SDF.
    • Automatically generating TypeQL queries from SDF descriptions to define new device classes in the KG schema.
    • Identifying new device instances ("floating devices").
    • Measuring similarity (both class-level based on SDF and instance-level based on time-series behavior) to existing devices using NLP and sliding window comparisons.
    • Replicating relationships from closest similar devices, or integrating new devices from scratch if no close match is found.
  • The work aims to move from emulated data to real IoT platform data, and to optimize the similarity computation for performance.
  • Participants discussed the assumption of vocabulary standardization, with the presenters clarifying that their approach focuses on distance calculation between SDF-annotated terms rather than strict adherence to a single harmonized vocabulary.

Decisions and Action Items

• Decision: Proceed with research group adoption for the "Amplification Attacks Using CoAP" document.
  • Action Item: Chairs to issue a formal call for adoption on the T2TRG mailing list, soliciting further reviews and feedback.
• Decision: Proceed with research group adoption for the "Taxonomy of Operational Security Considerations for Manufacturing Install Keys and Trust Anchors" document.
  • Action Item: Chairs to issue a formal call for adoption on the T2TRG mailing list, soliciting further reviews and feedback.
• Action Item: Authors of "Terminology and Processes for Initial Security Setup of IoT Devices" are encouraged to incorporate feedback received during the meeting via mailing list discussions or pull requests, particularly regarding clear definitions and distinctions between terms like "provisioning" and "onboarding."
• Action Item: Jan to share details on the availability of his bachelor's thesis on SDF-WoT conversion with the research group.
• Action Item: Michael Koster to investigate translating models from iot.schema.org into SDF for potential inclusion in the 1DM playground.

Next Steps

• General: Continue discussions on the T2TRG mailing list.
• SecOR: Monitor the mailing list for updates on interim meetings and opportunities to contribute as "pen holders" for security topics.
• 1DM/SDF: Participants interested in semantic interoperability are encouraged to join the bi-weekly 1DM calls and upcoming SDF interim meetings.
• Knowledge Graphs for Digital Twins: The research on knowledge graphs for IoT digital twins will continue, focusing on optimizing similarity computation, handling integration of truly novel devices, and testing with real-world IoT data. A demonstration may be organized at a future 1DM or ASDF session.
• Future Meetings: The T2TRG plans to hold more interim meetings on specific topics and further summer meetings before or after upcoming IETF sessions. A physical workshop is being discussed for 2023, potentially before IETF Prague.