Skip to content
Menu
Technical University of Munich
Technical University of Munich

Future-proofing the Internet of Things

The Focus Group Embedded Systems and Internet of Things was founded in November 2016 when Sebastian Steinhorst joined TUM as a Rudolf Mößbauer Tenure Track Assistant Professor and became a Fellow of the TUM-IAS. He received tenure in January 2020 and became an Alumnus Fellow.

Prof. Sebastian Steinhorst

Focus Group Embedded Systems and Internet of Things

Prof. Sebastian Steinhorst (TUM), Alumnus Rudolf Mößbauer Tenure Track Professor | Ege Korkan, Jan Lauinger, Laurin Prenzel, Emanuel Regnath, Philipp Weiss, (TUM), Doctoral Candidates | Dr. Mohammad Hamad, Dr. Luxi Zhao, (TUM), Postdoctoral Researchers | Host: Embedded Systems and Internet of Things, TUM

The overarching research goal of our Focus Group is to enable resilient, efficient, interoperable, safe and secure system architectures for the Internet of Things (IoT).

In the past years, we have looked into decentralization methodologies for large-scale IoT environments, which cover a wide range of future applications in areas including the smart home, energy grids, and efficient traffic management. Within this domain, our research was focused on distributed consensus, blockchain-based data verification, and authentication schemes to achieve security. Our latest research regarding authentication schemes was investigating hash-based signatures (HBS), which are promising candidates to enhance IoT security in the foreseeable future. HBS are resistant against quantum computers, use fast integer math, are well understood, and produce small public keys. However, HBS can only sign a limited amount of messages and produce – like most quantum-resistant schemes – large signatures of several kilobytes. In [1], we proposed improvements that lower the size of the signature by 17.3% for the sender without sacrificing security or performance compared to related approaches. Figure 1 illustrates one of the ideas, which utilizes the gateway architecture that appears in many IoT scenarios.

Figure 1

Figure 1, Reducing signature size for the sender. An IoT sender creates several Winternitz One-Time Signatures (WOTS) from a private key and offloads the non-sensitive authentication path – which connects the WOTS to the public key – to a gateway. Afterwards, the IoT sender only needs to recreate the WOTS to sign a message, and when it is sent, the gateway will append the missing authentication path to complete the signature.

From another perspective, within the EU H2020 project nIoVe, we developed an authentication protocol in the context of decentralized identity management. More specifically, the focus lies on anonymous and self-sovereign credential management based on group signatures. To issue anonymous credentials, credential issuers must reference a credential schema (defines attributes of the credential) and register a credential definition (contains public keys of a group signature scheme and revocation mechanism) on a distributed ledger. To solve the problem of undefined schema access control, our protocol, called Anonymous Proof of Authorization (A-PoA), enables root authorities to authorize credential-issuing authorities to access credential schemas. This allows credential issuers to prove legitimate authority and to issue credentials based the schema of the root authority while remaining anonymous [2].

Considering the trend toward connected and automated driving, an important application domain for IoT is automotive. Fail-operational behavior of safety-critical software for autonomous driving is essential, as no driver will be available anymore as a backup solution. Here, we have developed a methodology using agent-based graceful degradation to efficiently redistribute system resources at runtime [3]. In a failure scenario, safety-critical tasks are restarted on other available hardware resources, while, in return, non-critical tasks are shut down. To achieve system predictability, we have published an approach to analytically derive the worst-case failover time at runtime [4]. Additionally, in the domain of automotive security, we have proposed SPPS, a secure policy-based Pub/Sub model for V2C communication, which allows encryption and control of access to messages published by vehicles [5].

With our BMBF-funded cooperation project ReMiX, we are applying our expertise in IoT system architecture decentralization to improve the resilience of mixed-criticality industrial measurement and control systems. A major goal is the self-organization of hierarchical multi-agent systems through dynamic reconfiguration. This allows decentralized systems to react to unexpected events, such as failures, and recover their system performance as illustrated in Figure 2. The decentralized aspects can be realized through consensus algorithms, to allow the synchronization between agents without relying on a central server [6].

Our activity in the industrial IoT context is further extended with our involvement in the standardization activities in the World Wide Web Consortium (W3C), which aim to tackle the interoperability problem arising from an ever-increasing diversity of devices in industrial environments, as well as smart homes and cities. After contributing to the core of the W3C Thing Description standard, we have developed simple but powerful extensions that allow more complex devices to be described and to be simulated. With our recent contributions, we are enabling systematic ways to build systems by analyzing the timing behavior of Things [7] and to describe such systems to allow better inspection and verification [8].

Figure 2

Figure 2, Resilience is a post-event mechanism to recover system performance after an unexpected event. We see resilience as a major contributor to autonomy in IoT, since many disturbances cannot be known in advance.

[1]
E. Regnath and S. Steinhorst, “AMSA: Adaptive Merkle Signature Architecture”, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2020, pp. 1532-1537.

[2]
J. Lauinger, J. Ernstberger, E. Regnath, M. Hamad and S. Steinhorst. “A-PoA: Anonymous Proof of Authorization for Decentralized Identity Management”, presented at the  IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2021), Sydney, May 3-6, 2021.

[3]
P. Weiss, A. Weichslgartner, F. Reimann and S. Steinhorst, “Fail-Operational Automotive Software Design Using Agent-Based Graceful Degradation”, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2020, pp. 1169-1174.

[4]
P. Weiss, S. Elsabbahy, A. Weichslgartner and S. Steinhorst, “Worst-Case Failover Timing Analysis of Distributed Fail-Operational Automotive Applications”, presented at the Conference on Design, Automation and Test in Europe (DATE 2021), virtual conference and exhibition, February 1-5, 2021.

[5]
M. Hamad, E. Regnath, J. Lauinger, V. Prevelakis and S. Steinhorst, “SPPS: Secure Policy-based Publish/Subscribe System for V2C Communication”, presented at the Conference on Design, Automation and Test in Europe (DATE 2021), virtual conference and exhibition, February 1-5, 2021.

[6]
L. Prenzel and S. Steinhorst, “Decentralized Autonomous Architecture for Resilient Cyber-Physical Production Systems”, presented at the Conference on Design, Automation and Test in Europe (DATE 2021), virtual conference and exhibition, February 1-5, 2021.

[7]
V. E. Schlott, E. Korkan, S. Kaebisch and S. Steinhorst, “W-ADE: Timing Performance Benchmarking in Web of Things”. In, Web Engineering, ICWE 2020, M. Bielikova, T. Mikkonen and C. Pautasso, Eds., Lecture Notes in Computer Science, vol. 12128, Cham, Germany: Springer, pp. 70-86, 2020.

[8]
A. Kast, E. Korkan, S. Käbisch and S. Steinhorst, “Web of Things System Description for Representation of Mashups”, 2020 International Conference on Omni-layer Intelligent Systems (COINS), 2020, pp. 1-8.

To top