Cliquez pour modifier le style du titre

Transcription

CEA-Tech developments for
safe and secure IoT ecosystems
Marc Duranton
[email protected]
www.cea.fr
&
February 20th, 2015
Introduction to CEA Tech
&
CEA global organization
Military
Applications
Division (DAM)
Nuclear Energy
Division (DEN)
Technological
Research Division
(CEA Tech)
Materials Sciences Division
Life Sciences Division
Mission DAM : France’s national security independence
Mission DEN : France’s energy independence
Mission DRT : French business’ economic competitiveness
&
© CEA. All rights reserved
February 2015
|3
CEA Tech: Key figures
• Annual operating budget > 600 M€
• More than 50 HIGH-TECH START-UP VENTURES over the past 10 years
• 600 PRIORITY PATENTS applications / year
A strong growth based on corporate funding
• 4,500 EMPLOYEES
External funding
CEA funding
External funding
+ 15% / year
• 500+ CUSTOMERS :
CAC 40 and SBF 120 (40%)

SMBS and START-UP (45%)

INTERNATIONAL (15%)
External funding
+ 13% / year
Amounts in M€

Annual Budget
&
February 2015
|4
CEA Tech: Mission Statement
Create innovation and transfer it to industry
-
Main goal: working with and for industry
-
CEA: state-owned research organization
>80% of our budget comes from R&D contracts
Looking for long-term partnerships
Results-oriented : best effort to address partners issues
Project-oriented : reactive and flexible
Making our technology reach the market is our priority
-
Our concern: seeking fair solutions for both parties
&
February 2015
|5
CEA Tech Research Institutes
Laboratory of Electronics and
Information Technologies
Staff: 1800, Budget: €280 M
Laboratory of Integrated
Systems and Technologies
Laboratoty of Innovation for new
Technologies for Energy and
Nanomaterial
Solar
&
February 2015
|6
CEA Tech and IoT
&
IoT : Many application domains
Smart Cities
Smart healthcare
Smart Transport
Smart Utilities
Smart Spaces
Smart Shopping
© iStockphoto & J.Gallon.
Many opportunities
&
February 2015
|8
IoT: some figures
Cisco predicts 50B of connected object by 2020
X-as-a-service
New business models
Estimated market value $2 trillion by 2020
Up-to 1 trillion sensors deployed
Traffic grows by 25% per year
2020
2010
2003
50 billions
Humans
&
Source: CISCO, AT&T
2015
Connected objects
February 2015
|9
•
•
•
•
The 4 challenges of IoT:
Data deluge
Energy consumption
Dependability
Interoperability
&
•
•
•
•
Data deluge
Energy consumption
Dependability
Interoperability
&
IoT Challenge #1: Data Deluge
Source: Paolo Faraboschi, HP
&
February 2015
| 12
IoT Challenge #1: Data Deluge
Solutions for Data Deluge
New communication protocols
Sporadic traffic, asynchronous, decentralized, low power
Local based services
Indoor ranging, positioning, anchor based/distributed
Spectrum harvesting
Spectrum scavenging, new bands (millimeter wave,
white spaces), coexistence and sharing
New Sensors
Smart sensors, smart imagers, ultra low power sensor node
&
February 2015
| 13
New Communication Protocol
Remote Management
Security, Protocols,
Software update…
Security within
the WSN & for
connectivity
Enterprise
Cloud & Services
Smart Buidling
IP backbone
Smart Home
(e.g. Internet)
Smart Grid
Multi-access support
& Mobility of WSN
Low footprint
networking and
services stacks
Industrial Networks
In-vehicle WSN
sensors &
actuators
Low-power radio
802.15.4, …
IPv6 protocols for low power, robust & efficient
networking in multi-hop and constrained WSN
Others…
WiSePRoM components
WiSePRoM Software Platform by
CEA Tech
Make wireless sensor networks
easy to deploy, secure and manage Wireless IP Sensor Network Protocols and
&
Remote Management
February 2015
| 14
Cliquez
Power & Bandwidth
Efficiency
Remote & Simultaneous Software Update
for groupsle
of style
sensors du
/ actuators
pour modifier
titre
Reliability
Runtime, seamless and modular software
upgrade framework
Software Upgrade Server
(Linux / Android)
IPv6
WiFi
Internet/WSN
Gateway
Internet/WSN
Gateway (Linux)
WSN
(6LowPAN)
Reliable multicast
WSN
(6LowPAN)
Complement &
Integrated with
ETSI M2M
platform
(OMA-DM)
&
Unicast
WSN node
Control server
(software update
+ application server)
Application
Application
Software update
management
WiSePRoM
Internet/WSN Gateway
Software update
management
Reliable Multicast
Reliable Multicast
Unicast
UDP
Unicast UDP
IPv6 / 6LowPAN
IPv6 / 6LowPAN
IPv6
IPv6
802.15.4 MAC + PHY
802.15.4 MAC + PHY
L1+L2
L1+L2
February 2015
| 15
Local based services : IR-UWB for localization
Track items or individuals within a
few centimeters… over long ranges
SpoonPhone
RF IC solution for consumer market
• Frequency Band 3.2 à 8.8 GHz : 8 channels
• BW : 500MHz to 1GHz, Data rate up to 5 Mbps
• Range : up to 2000m, Ranging accuracy <4cm
• Low Power
&
February 2015
| 16
Sigfox : Utra Narrow band radio
Provides a unique global cellular
connectivity solution, from the customers’
devices to their software applications
• ISM band 433/868/915 MHz
• 100 bps to 1kbps
• Sensitivity -140dBm
• Global cellular connectivity at low
power
• Can support millions of connected
devices
&
February 2015
| 17
Spectrum harvesting : High data rate NFC
Solution to share and experience
content locally with a mobile device
Nokia World ’ 11
10s required to download 1 Gigabit of
content from battery-less memory tags
• Coupling RFID and IR UWB
• Data rate from 54 to 125 Mbps @ 30cm
• Power consumption : 5mW
• Low cost
&
February 2015
| 18
New sensors
Characterization of RFID chips (impedance, sensitivity) at 800-1000 MHz
Characterization of specific materials
Design and test of custom tag antennas
Simulation and characterization of read/write range performances at 8001000 MHz
&
February 2015
| 19
•
•
•
•
Data deluge
Energy consumption
Dependability
Interoperability
&
IoT Challenge #2: Energy consumption
Solutions for energy
Energy efficient technology: FDSOI
ULP IC design, ULP memories, resistive
memories, power management, 3D integration,
sense & react, optical interposer
Energy Efficient server
ARM 64 bit, FDSOI, Interposers, …
Low Power Cyber Physical Systems
Low power mixed IC design, adaptive matching
technologies, low to zero power devices
&
February 2015
| 21
Energy
efficientle
technology:
Cliquez pour
modifier
style du FDSOI
titre
 Demonstrated by CEA Tech and
STMicroelectronics
 ISSCC 2014
 Ultra-Wide Voltage Range (UWVR)
operations: VDD=[0.39V – 1.3V]
 High-frequency:
Fclk > 2.6GHz @ 1.3V
Fclk > 450MHz @ 0.39V
Fully Depleted – Silicon on
Insulator
Improved performance
Improved performance-per-watt
Adaption to variability of loads
&
February 2015
Prototype chip from Beigné, ISSCC ‘14
UTBB-FDSOI performance gain versus conventional Bulk
CMOS technology.
Blue: no body biasing, Green: FBB = +1V.
| 22
Silicon
enablement
platform
CliquezThe
pour
modifier
le style
dumodel
titre
Design Center
Industrial needs
FOUNDRIES
DKs
Silicon
Manufacturing
SHOP
ECO
SYSTEM
IC DESIGN PLATFORM
ACCESS TO ADVANCED IPs
EMULATOR & TEST PLATFORMS
INDUSTRIAL MPW SHUTTLE
EXPERTISE & SERVICES
ONE STOP
IPs
Services
Academics





Innovative products
Ideas
Testchips
Production
CHAIN VALUE
Pre-series line
A single partner along product maturation
&
February 2015
| 23
Energy
efficient
compute
Cliquez
pour
modifier
lenodes
stylefor
duservers
titre
Technology
•
•
•
FD-SOI
3D silicon integration
64-bit ARM Cores
Interposer
•
•
•
•
•
Passive or active
Mature technology
node
Application specific
Medium volume
Cost effective
assembly
Scalable approach: form micro-servers to HPC
&
February 2015
| 24
Power Cyber
Systems
Cliquez pour modifier
le Physical
style du
titre
Responsive
Power-Management Unit (PMU)
Battery / Energy Leakage
Harvester
management
Configuration Management Unit (CMU)
Responsiveness
Wake-up
Radio
Wake-up
Sensors
Wake-up
Imager
Wake-up
Timers
Energy
control
Wake-up
Controller
Advanced Programmable
Wake-Up features
Ultra Low Power
Lightweight crypto
Authent
/Securit
y
Event/Energydriven
Always-Responsive Sub-system
&
February 2015
| 25
L-iotpour
: a flexible
architecture
for IoT
Cliquez
modifier
le style
du nodes
titre
Battery / Energy Harvester
Wake-up
Radio
Wake-up
Sensors
Wake-up
Imager
Wake-up
Timers
Energy
control
Wake-up
Controller
Authent
/Securit
y
Always-Responsive Sub-system
CPU
(Register)
Memory
(SRAM &
eNVM)
MCU
Co-processing
(RF, crypto, data
fusion, imager)
Radios
Sensors
Imager
On-Demand Sub-system
 Adaptive Always-Responsive/On-Demand according to energy levels
&
February 2015
| 26
/OnleDemand
platform
CliquezFlexible
pourWake-up
modifier
style du
titre
Applicative
Harvester
management
Application-driven
CPU
(Register)
Processing/Communication
power
Memory
(SRAM &
eNVM)
Integrity/Confidentiality
MCU
Co-processing
(RF, crypto, data
fusion, imager)
Responsiveness
Radios
Sensors
Imager
On-Demand Sub-system
&
February 2015
| 27
/OnleDemand
platform
CliquezFlexible
pourWake-up
modifier
style du
titre
Adaptive
Harvester
management
Responsiveness
Advanced Power
Management Unit
Gain:
POWER/100
Configuration for
adaptivity
Energy Harvesting
&
February 2015
| 28
•
•
•
•
Data deluge
Energy consumption
Dependability
Interoperability
&
IoT Challenge #3: Dependability
IoT: thele
Internet
style ofduThreats
titre
Today security / privacy issues make the newspaper
headlines
Massive adoption of IoT by citizens relies on
confidence in terms of security and privacy
&
February 2015
| 30
Most
of thepour
IoT nodes
are accessible
attackers
Cliquez
modifier
le styletodu
titre
Implementations must be secured-by-design
Memory dump , reverse engineering, side channel analysis, bus
probing…
“Trustworthy computing (with software) cannot
exist until we have trustworthy hardware to build it
on”
Dr. Dean Collins, Deputy Director, DARPA
&
February 2015
| 31
Solutions for Dependability
Reliability
Reliable communication systems for M2M,
Privacy and trust.
Criticity
Real-time OS, dynamic compilation, critical cloud
data processing, distributed computing,
resource agnostic sensor networks
Security
Privacy and trust, authentication, scalable secure
networks, lightweight crypto, homomorphic
cryptocomputing
&
February 2015
| 32
CEA Tech solutions
security
le stylefordu
titre
1.
Security assessment and certification
2.
Hardware security for IoT nodes
3.
Secure middleware solutions from sensors to
gateways
4.
Reliable and secure wired/wireless network
technologies
5.
Design of large scale deployment secured schemes
&
February 2015
| 33
Security
evaluation
certification
Cliquez pour
modifier
le and
style
du titre
Certification ITSEF: licensed laboratory
Common Criteria security evaluations up to
the highest Evaluation Assurance Level (EAL7)
on electronic components and embedded SW
French certification scheme
International banking schemes
Security evaluation of embedded systems
Software attacks
Physical attacks
Domains
SmartCard
 Banking, Pay TV, e-Identity
Automotive
 ECUs, body control, motor control
&
February 2015
| 34
Network
security analysis
Cliquez pour
modifier
le styleand
dutesting
titre
Analyze threats on industrial protocols
Information
system
Detailed analysis of protocol specifications
Implement attacks on wired / wireless
multi-protocols industrial sensor networks
Develop dedicated tools (SW + HW) to
perform security tests
Aggregator /
Concentrator /
Gateway
Build security test-beds
Analyze the criticality of attacks
Propose security solutions
Adapt existing solutions to match the
industrial network context
Develop new solutions
&
Sensors
February 2015
| 35
integration
security
Cliquez pourHardware
modifier
le styleofdu
titre
Secure design of components and systems
Tradeoff
Hardware implementation constraints
Resistance to attacks
Power consumption
Size / volume
Cost
IoT dedicated cryptography
Cost effective solution
Tamper resistant chip design
&
Ultra low cost
pairing
February 2015
| 36
Reliable
communication
for titre
M2M
Cliquez
pour
modifier lesystems
style du
Strong network security in resources-constrained
wireless sensor networks (WSN) interconnected to
larger infrastructures
•
•
•
•
Lightweight IP security protocols adapted to the limited
resources of WSN (power, CPU, memory…)
Network access control
Key Management
Remote & adaptive management of WSN security
•
•
•
•
•
•
Protect the data transmitted
Protect the network infrastructure
Authentication & network access control
Dynamic key establishment
Threat /Intrusion detection mechanisms in WSN
Dynamic security adaptation to react to threats
Trust management system for WSN
Adaptive Security
Management
Secure software update for WSN
•
&
Secure, reliable and resource-efficient sensor software update
from a remote server
February 2015
| 37
hardened
Cloud
Cliquez pourSecurity
modifier
le style
dusystem
titre
Secure cloud server end-to-end
infrastructure prototype.
USIM-based authentication and key
establishment.
HW-assisted on-the-fly memory encryption.
By construction: hypervisor out of the TCB.
 Code & data confidentiality & integrity.
 A unique encryption key per VM.
 HW-assisted task switching.
HSM: Hardware Security Module
&
CEA. All rights Computing
reserved
TCB:©Trusted
Base
February 2015
| 38
enforcement
Cliquez pour modifierCriticity
le style
du titre
Anaxagoros Hypervisor for
mixed criticality apps.
Spatial and temporal security.
Resource lending as a design
principle.
« Day one » use of formal
verification (Frama-C).
Ability to virtualize Linux, OSEK
and PharOS.
&
February 2015
| 39
Secure Execution
with Innovative
Security
Cliquez
pour modifier
le style
duTradeoff
titre
How to be sure that the remote
computing platform will not
misuse your data?
Current idea: a (micro-)processor processes
only clear data
What if a processor could work directly on
encrypted data without having to disclose
any secret?
This is where the potential of
homomorphic encryption emerges
&
February 2015
| 40
Homomorphic
le styleencryption
du titre
An homomorphic encryption system is a cryptosystem which,
on top of allowing to encrypt and decrypt data, allows to
perform (any) calculations in the encrypted domain.
In essence, the « cryptocomputer »:
Keeps its algorithm private.
Can insert any (cleartext domain) data into the calculation.
Has access to neither intermediate nor final calculations results.
Such (secure) cryptosystems have
been shown to exists in 2009.
Although theoretically efficient, the first
systems were totally impractical.
But now, we are tackling the first real apps!
&
February 2015
| 41
•
•
•
•
Data deluge
Energy consumption
Dependability
Interoperability
&
IoT Challenge #4: Interoperability
Solutions for Interoperability
Overcome the fragmentation of verticallyoriented closed systems
Move towards open systems and
platforms that support multiple
applications.
&
February 2015
| 43
Today:
Domain-centric,
solutions
Cliquez
pour
modifier levertical
style du
titre
SmartHome
SmartHealth
SmartTransport
- Monitoring medicine
intake
- Personalized
diabetes assistance
- Providing training
tips
-…
SmartCity
SmartShopping
- Managing parking
space
- Lighting up a city
efficiently
- Monitoring Air
Quality
-…
- Promoting
carpooling
- Minimizing taxi
delays
- Avoiding traffic
jams
-…
- Monitoring and
controlling
- Saving energy
comfortably
- Interacting with
appliances
-…
&
Illustrations from the EU FP7 BUTLER project
- Managing
sparkdeals
- Getting advice on
buying goods
- Retrieving
discount
-…
!
February 2015
| 44
Tomorrow:
Horizontal
smartdu
solutions
Cliquez pour
modifier
le style
titre
HW/SW platforms
&
Illustrations from the EU FP7 BUTLER project
February 2015
| 45
Holistic
virtualization
platforms of
physical
world
Cliquez
pour modifier
lethe
style
du titre
IoT is about managing
resources:
Network Heterogeneity and
variability management
Distributed resources (Linc)
Device as a Service (SensiNact)
Rapid prototyping and
deployment:
LINC
•
•
Lightweight & distributed
CEA Tech developed solution
&
Management of the unexpected
Virtual sensors or resources
Continuous integration
•
•
SensiNact
Everything-as-a-service approach
Fully OSGi compliant
February 2015
| 46
Cliquez pour modifier le sensiNact
style duStudio
titre
sensiNact Studio: tool for IoT application development and deployment
Deployment View
Navigator View
Properties View
&
DSL editor
Graphical Editor
February 2015
| 47
CEA-Tech contribution to
EU-Japan projects
&
EU-Japan
ICTmodifier
Cooperation
Cliquez
pour
le style du titre
Japan and the European Union are two key players in the ICT field
IoT will require interoperability
Scale of today’s global challenges requires that we work together more
closely and effectively
In conformity with the mutual interests and the research orientation of the
EU and Japan


Specific actions dedicated to EU-Japan partnership
Specific calls for cooperative projects in H2020
&
February 2015
| 49
Cliquez
ClouT: Cloud of Things for empowering
the citizen
in smart
cities
pour modifier
le clout
style
du titre
AT A GLANCE
Project coordinator :
Clout-EU: Levent Gürgen, CEA, France
ClouT-JP: Yoshio Saito, NTT East,
Japan
Partners:
ClouT-EU
Engineering, Italy
Universidad de Cantabria, Spain
ST Microelectronics SRL, Italy
Ayuntamiento de Santander, Spain
Comune di Genova, Italy
ClouT-JP
NTT East
NTT R&D
Keio University
Panasonic System Solution
National Institute of Informatics
Duration: 36 months
Total cost: €2,32M for ClouT-EU
€1 ,5M for ClouT-JP, funded by NICT
Programme: FP7-ICT-2013- EUJapan
Further information:
http://clout-project.eu
Dr Levent Gürgen
CEA-LETI
[email protected]
+33 4 38 78 97 57
&
February 2015
| 50
Introduction to ClouT (Video)
&
February 2015
| 51
Cliquez pour
First reference architecture and its
implementation
Main achievements at mid-term
the project
modifier le styleof du
titre
10 use cases from 10 application domains
Development of field trials in 4 pilot cities
&
February 2015
| 52
Interactive city Fujisawa Regular Mode
Public
City Database
• Map
• Tourism
•
Citizen Participation
Private
City Related
Sensor Info.
Company Database • Camera
• NPO HP
• Camera
• Event Info.
Database
Public API
・Restrant Info.
SNS
• Local SNS
• Twitter
Store Info.
• Coupon
• Time Sales
Sensor Info..
・Interactive Street・Santander
・Illumination Sensor
・Train Info.
Input Data from Sensor or Database
Storage
Daytime
DB
Nighttime
▼
▼
Provide appropriate
lighting for food and
drink
Enoshima
Station
×
CautionMode
RegularMode
× Like！
Info. From Sensor
And Citizens
Restaurant
Day will sink in an hour.
Next Departure
Ofuna 15:15
Fujisawa 15:20
・Shop/Tourism Info.
・Info. From Citizens
・Train/Station Info.
&
Anonymity
▼
▼
Project the description
of real time info. on the
wall
Project the production
on the table
Tourist Info. Center
Street
【RegularMode】
Analysis
▼
▼
▼
▼
Station
Delivery
▼
▼
Data Format
Conversion
of real time info. on the
wall
Day will sink in an hour.
February 2015
| 53
Interactive city Fujisawa Emergency Mode
Public
City Database
• Map
• Tourism
•
Citizen Participation
Private
City Related
Sensor Info.
Company Database • Camera
• NPO HP
• Camera
• Event Info.
Database
Public API
・Restrant Info.
SNS
• Local SNS
• Twitter
Store Info.
• Coupon
• Time Sales
Sensor Info..
・Interactive Street・Santander
・Illumination Sensor
・Train Info.
Input Data from Sensor or Database
DB
▼
▼
▼
▼
Station
Delivery
Daytime
Nighttime
Provide appropriate
lighting for food and
drink
Enoshima
Station
×
CautionMode
RegularMode
× Like！
Info. From Sensor
And Citizens
Restaurant
Disaster prevention
Weather information
Out of Service
Hill
Anonimity
▼
▼
of Emergency info. on
the wall
Project the production
on the table
Tourist Info.Center
Street
【EmergencyMode】
&
Analysis
▼
▼
Storage
▼
▼
Data Format
Conversion
of Emergency info.
on the wall
Disaster prevention
Evacuation Site
Hill
February 2015
| 54
Fujisawa Dashboard
ClouT Architecture
Virtualized City Resources
Recommended View
Fuji Mt. and Sunset
In 30 min,
&
February 2015
| 55
ClouT: use case
&
February 2015
| 56
Mitaka Field Trial Scenario
 Elderly people get information on the application (called “Paw Collection”) ,
will go out if they get motivated by the information and write comments for
the other users to motivate to go to the place.
 The other users read comments of the facilities on Paw Collection ,that
motivates them to go out.
Going out support
（Health promotion)
Community
Creation
Revitalization
Of City Environment
New Paw
Arrived
Beautiful cherry！
Paw readers
Paw Users
［STEP1］
Write comments Paw)
Registration
Information
（Paw）
One
reaction
Reaction
（Reaction Paw）
［STEP4］
Watch the “Reaction Paw”
&
［STEP2］
Notice a paw to user
who meets
conditions.
I visited
I took
photos too.
［STEP3］
Registered reaction of Paw(user action)
as a “Reaction Paw”
February 2015
| 57
Paw Collection in Mitaka
 We inspect how elderly people get motivated to go out by using Paw
Collection.
(IC-tags installed in 31 facilities in Mitaka City for this trial)
 We expect the effect such as health promotion , revitalization of the cities
by going out.
牟礼コミュニティセンタ
&
February 2015
| 58
Brand new H2020 project!
Santander
FEderated interoperable SmarT ICT services
deVelopment And testing pLatforms
October 2014-September 2017
&
February 2015
| 59
Real-life testbeds, field trials - Japan
Large scale experimentation in real-life environments: Osaka train station
Smart city, smart building
Smaller scale, experimental platform at Osaka and Kansai area
Smart POS, smart energy, smart health, smart transport, Osaka Osampo service(ISID)
&
February 2015
| 60
Conclusion
&
Teaming
EU-JP pour
IoT du
projets
Cliquez
pour modifier
le style
titre
CEA Tech is developing innovative solutions covering most
aspects of IoT
Special focus on low energy and security
CEA Tech allows its partners to access new technologies
Design center supporting FDSOI technolgy
Ultra low power IPs in sensing, computing and communicating
Scalable middleware for networks of IoT nodes
Secure and trusted solutions including homomorphic encryption
Real-Time hypervisor and virtualization for mixed real-time criticality loads
CEA Tech is a key player in EU-JAP cooperative projects on
5G, IoT and cloud technologies
We wish to reinforce the current cooperation between CEA
Tech and Japan with dedicated programs
&
February 2015
| 62
Thank you for your attention
[email protected]
Centre de Grenoble
17 rue des Martyrs
38054 Grenoble Cedex
Centre de Saclay
Nano-Innov PC 172
91191 Gif sur Yvette Cedex

Cliquez pour modifier le style du titre

Transcription

Documents pareils

Diapositive 1 - SPE Automotive Division

Internet of Things (IoT) - Formation Continue UNIL-EPFL

SOMEONE TO WATCH OVER ME

Proxy for air freight / Mandat pour fret aérien

Pour en savoir plus

access map - CEA SACLAY international office

Appendix O: INTERMACS Profiles of Advanced Heart Failure

winning the job

Le gadget Calendrier dans le volet Windows est

Design and Implementation of a GALS Adapter for ANoC based