KONERU LAKSHMAIAH EDUCATION FOUNDATION

(Deemed to be University estd, u/s, 3 of the UGC Act, 1956)

Department of Electronics and Communication Engineering
III ECE B.Tech
A.Y.2019-20, Semester-II
17EC3614 - IoT Applications for Smart Cities
CO4 Material
References:
1. Ovidiu Vermesan, Peter Friess, Internet of Things: Converging Technologies for Smart
Environments and Integrated Ecosystems, River Publishers, 2013.
2. Jan Holler, Vlasios Tsiatsis, Catherine Mulligan, Stefan Avesand, Stamatis Karnouskos
and David Boyle, From Machine-to-Machine to the Internet of Things, Introduction to a
New Age of Intelligence, Elsevier, 2014.
3. Web References

Security, Privacy & Trust

There are a number of specific security, privacy and trust challenges in the IoT, they all share a
number of transverse non-functional requirements:
• Lightweight and symmetric solutions, Support for resource constrained devices
• Scalable to billions of devices/transactions
Solutions will need to address federation/administrative co-operation
• Heterogeneity and multiplicity of devices and platforms
• Intuitively usable solutions, seamlessly integrated into the real World
Security for IoT
As the IoT becomes a key element of the Future Internet and a critical national/international
infrastructure, the need to provide adequate security for the IoT infrastructure becomes ever
more important. Large-scale applications and services based on the IoT are increasingly
vulnerable to disruption from attack or information theft. Advances are required in several areas
to make the IoT secure from those with malicious intent, including.
• DoS/DDOS attacks are already well understood for the current Internet, but the IoT is
also susceptible to such attacks and will require specific techniques and mechanisms to ensure

1
that transport, energy, city infrastructures cannot be disabled or subverted.
• General attack detection and recovery/resilience to cope with IoT specific threats, such
as compromised nodes, malicious code hacking attacks.
• Cyber situation awareness tools/techniques will need to be developed to enable IoT-
based infrastructures to be monitored. Advances are required to enable operators to adapt the
protection of the IoT during the lifecycle of the system and assist operators to take the most
appropriate protective action during attacks.
• The IoT requires a variety of access control and associated accounting schemes to
support the various authorization and usage models that are required by users. The heterogeneity
and diversity of the devices/gateways that require access control will require new lightweight
schemes to be developed.
• The IoT needs to handle virtually all modes of operation by itself without relying on
human control. New techniques and approaches e.g. from machine learning, are required to lead
to a self-managed IoT.

Privacy for IoT

As much of the information in an IoT system may be personal data, there is a requirement to
support anonymity and restrictive handling of personal information.
There are a number of areas where advances are required:
• Cryptographic techniques that enable protected data to be stored processed and shared,
without the information content being accessible to other parties. Technologies such as
homomorphic and searchable encryption are potential candidates for developing such
approaches.
• Techniques to support Privacy by Design concepts, including data minimisation,
identification, authentication and anonymity.
• Fine-grain and self-configuring access control mechanism emulating the real world.
There are a number of privacy implications arising from the ubiquity and pervasiveness of IoT
devices where further research is required, including:
• Preserving location privacy, where location can be inferred from things associated with
people.

2
 • Prevention of personal information inference, that individuals would wish to keep
private, through the observation of IoT-related exchanges.
• Keeping information as local as possible using decentralized computing and key
management.
• Use of soft identities, where the real identity of the user can be used to generate various
soft identities for specific applications. Each soft identity can be designed for a specific context
or application without revealing unnecessary information, which can lead to privacy breaches.

Trust for IoT

As IoT-scale applications and services will scale over multiple administrative domains and
involve multiple ownership regimes, there is a need for a trust framework to enable the users of
the system to have confidence that the information and services being exchanged can indeed be
relied upon. The trust framework needs to be able to deal with humans and machines as users,
i.e. it needs to convey trust to humans and needs to be robust enough to be used by machines
without denial of service. The development of trust frameworks that address this requirement
will require advances in areas such as:
• Lightweight Public Key Infrastructures (PKI) as a basis for trust management.
Advances are expected in hierarchical and cross certification concepts to enable solutions to
address the scalability requirements.
• Lightweight key management systems to enable trust relationships to be established and
the distribution of encryption materials using minimum communications and processing
resources, as is consistent with the resource constrained nature of many IoT devices.
• Quality of Information is a requirement for many IoT-based systems where metadata
can be used to provide an assessment of the reliability of IoT data.
• Decentralised and self-configuring systems as alternatives to PKI for establishing trust
e.g. identity federation, peer to peer.
• Novel methods for assessing trust in people, devices and data, beyond reputation
systems. One example is Trust Negotiation. Trust Negotiation is a mechanism that allows two
parties to automatically negotiate, on the basis of a chain of trust policies, the minimum level of
trust required to grant access to a service or to a piece of information.
• Assurance methods for trusted platforms including hardware, software, protocols, etc.

3
 • Access Control to prevent data breaches. One example is Usage Control, which is the
process of ensuring the correct usage of certain information according to a predefined policy
after the access to information is granted.

Security and Privacy Challenge in Data Aggregation for the IoT in Smart
Cities
The Internet of the Future will be an essential part of the knowledge society and will provide
new information-based business. The usage of the Internet of Things for large-scale, partially
mission-critical systems creates the need to address trust and security functions adequately.
The vision of SMARTIE1 (Secure and sMArter ciTIEs data management) is to create a
distributed framework for IoT based applications sharing large volumes of heterogeneous
information. This framework is envisioned to enable end-to-end security and trust in information
delivery for decision-making purposes following data owner’s privacy requirements. New
challenges identified for privacy, trust and reliability are:
• Providing trust and quality-of-information in shared information models to enable re-
use across many applications.
• Providing secure exchange of data between IoT devices and consumers of their
information.
• Providing protection mechanisms for vulnerable devices.
SMARTIE will address these challenges within the context of Smart Cities. The dissemination of
collected data and use of information must be protected to prevent harm to the control and
management of the smart city infrastructure and to the citizen. Privacy-protection and access
control to the data is necessary to convince data owners to share information in order to allow
better services in the city. SMARTIE envisions a data-centric paradigm, which will offer highly
scalable and secure information for smart city applications. The heart of this paradigm will be the
“information management and services” plane as a unifying umbrella, which will operate above
heterogeneous network devices and data sources and will provide advanced secure information
services enabling powerful higher-layer applications.

4
Security, Privacy and Trust in Iot-Data-Platforms for Smart Cities
One of the main aims of Smart City technologies is to provide different optimization
mechanisms for different aspects of data management. Data is gathered from various sources
owned by different administrative domains. Noteworthy parts are data from public and private
transportation providers, data from mobile users, captured for instance with their smart phones,
surveillance data and videos from private and public organizations and a vast amount of sensors
and meters, attached to machines and infrastructures, distributed throughout the city. All this
information is stored in a variety of different places, for instance it can remain locally in the
sensors or company internal databases, in social networks, in data storage located in private data
centres or even in a public cloud storage service.
Figure shows the components of a typical smart city information system. From this picture it

Architectural Components
is clearly visible that information needs to cross multiple administrative boundaries and can be
used for multiple purposes — in fact it could be used for, at the time of gathering, unknown
purposes. Also actuation decisions can be taken in a coordinated way between multiple control
centres or data providers. Hence it is clear that there is a need of an information sharing platform
in which data flows from various sources and from different administrative boundaries need to
be treated in a secure and privacy preserving way. To ensure this, security and privacy need to be
part of the platform by design and may not be added later on. The design goal and challenge is
allowing user/service control of the data accessible and at the same time providing solution for
easily configured management of the process.

5
All parties involved in the overall systems such as sensors and actuators, end users, data owners
but also service providers need strong mechanisms for reliability and trust. Users and residents of
the system will require fine grained access and data privacy policies they want to enforce. For
instance, a user might be willing to share location information with family and friends and make
the information available in aggregated form for improvement of the public transport. But the
same user might not want the information to be used by other 3rd-party service providers. New
applications and synergies are possible if the data is shared between multiple domains. However,
several challenges need to be overcome to make this possible. Creating a platform for sharing
IoT-type of data is per se a huge challenge.
Risks to a Smart City IoT Platform
We predict that smart city data will eventually be stored in the cloud and employ cloud
computing techniques, due to the high scalability of resources and computing performance and
reduced cost in maintenance and operation. In this case, the smart city management system
inherits also the security and privacy risks of cloud computing, for instance the compromise of
cloud servers or data abuse by insider attacks. Additionally the Smart Cities infrastructure is also
interacting with sensors and actuators in order to gather data and control critical infrastructure
functions. This clearly requires to authenticate and authorize the access and to provide trusted
information in a secure and privacy-preserving way.
These examples and developments show the importance of security, privacy and trust in smart
city applications. The actual damages caused by possible threats can range from small
interferences in the system to personal losses/exposure of private information. With more
information and management and control the smart city assets being available over ICT
networks, the risk and impact of security or privacy threats is foreseen to be increasing and can
have profound and serious consequences for the community.
An attacker can simultaneously attack on multiple layers:
• Manipulate the sensor measurements to infiltrate the system with wrong data, e.g. to
cause certain actuations
• Attack the sensors and actuators physically to obtain credentials
• Attack or impersonate network components to act as a man-in-the middle
• Obtain sensitive data or cause actuation by attacking the sharing platform with forged or
malicious requests

6
Standard network security tools such as firewalls, monitoring or typically access control will not
suffice to prevent such sophisticated attacks due to the distributed nature of the IoT and the
problem of defining/finding trusted parties. It is essential that security is built into the
infrastructure rather than being added as an extra plug-ins. An effective protection approach is to
have security in depth, where data and services are protected by several independent systems.
The challenge will be to design solutions where no single server has significant power to control
the infrastructure or to access significant amounts of data.

First Steps Towards a Secure Platform

Certain components, which can be used as building blocks, but also components that need further
development to be suitable for the type of platform SMARTIE aims are:
1. Trust and Quality-of-Information in an Open Heterogeneous Network
It is an entity composed of independent systems that are combined together in order to interact
and provide a given service, which cannot be provided by the individual systems when not
cooperating. The major properties of SoS especially for application fields as those intended in
the SMARTIE project are dependability, security and privacy. Dependability comprises the
following attributes:
• Availability— readiness for correct service
• Reliability— continuity of correct service
• Safety—absence of catastrophic consequences on the system user and its environment
• Integrity— lack of inappropriate system alternations
• Maintainability—ability to undergo updates and repairs
The main aspects of security are confidentiality (absence of unauthorized disclosure of
information), integrity,(the prevention of unauthorized modification or deletion of information)
and availability for authorized actions.
2. Privacy-preserving Sharing of IoT Data
To the large extent, the IoT data may be of personal nature and therefore it is important to protect
it from unauthorized entities accessing it. Privacy is one of the most sensitive subjects in any
discussion of IoT protection. Therefore, data privacy is one of the crucial aspects of IoT. The
amount of data generated by IoT will be huge. Single pieces of information, i.e., single
measurements, in most cases do not represent a significant threat for the owners of IoT devices

7
(temperature at a location, even heart rate of a person at a given moment). However, given that
the devices are generating data continuously, it is obvious that unauthorized access to such
wealth of data can cause significant problems and can be used to harm the owners of the data
(and possibly others, depending on the context of the data). Therefore, it is of paramount
importance to protect access to IoT data. On the other hand, the power of IoT lies in the ability to
share data, combine different inputs, process it and create additional value. Hence, it is equally
important to enable access to data generated by other IoT devices, while preventing the use of
data in un-authorized or undesired ways.
The issue of privacy is concerned with authorization and authentication mechanisms. This
includes a policy language to define which attributes (roles, identity, etc.) and credentials are
requested to grant access to resources. It includes a (data handling) policy language that defines
how the requested data (attributes and credentials) is handled and to whom it is passed on.
Finally, it includes the means to release and verify such attributes and credentials. It is also
important to consider the mechanisms enabling the protection of information based on
encryption algorithms within the secure storage. In terms of the privacy policy implementation,
one of the viable solutions is privacy by design, in which users would have the tools they need to
manage their own data.
The fundamental privacy mechanisms lie in the intelligent data management so that only the
required data is collected. Detecting the redundancy, data is anonymised at the earliest possible
stage and then deleted at the earliest convenience. Furthermore, the processing of collected data
will have to be minimized according to a strict set of rules so that it cannot be re-used. The
proposed approach will define such methodology together with the mechanisms for the secure
storage based on efficient cryptographic algorithms suited for the resource constrained
environments.
Information disclosure access control must be aware of metrics drawn from data analysis to
assess the true risks of privacy breaches. In order to do that, concepts like K-Anonymity and
Differential Privacy will be used.
3. Minimal Disclosure
Individuals wish to control their personal information in the online domain, especially as more
and more sensors are available that could be linked to the user in order to generate data.
Organizations that are responsible for handling the information of individuals, seem to be

8
minimally concerned with this wish, as can be seen from the large number of severe data leaks
during the past years.
One guiding principle, data minimization, is hardly ever practiced and almost never enforced,
which leads to very limited user empowerment with respect to privacy. On the other hand, the
service providers which rely on the personal preferably authenticated by a trusted party such as
the government.
Three features of privacy-friendly credentials are informally described in NSTIC documents:
(1) Issuance of a credential cannot be linked to a use, or “show,” of the credential even if the
issuer and the relying party share information, except as permitted by the attributes certified by
the issuer and shown to the relying party.
(2) Two shows of the same credential to the same or different relying parties cannot be linked
together, even if the relying parties share information.
(3) The user agent can disclose partial information about the attributes asserted by a credential.
4. Secure Authentication and Access Control in Constrained Devices
Embedded systems and especially wireless sensor nodes can be easily attacked. This is due to the
fact that they are normally unprotected by cryptographic means. This is due to the fact that both
types of devices suffer from severe resource constraints e.g. energy resources and processing
power so that standard cryptographic approaches cannot be applied. Thus there is a necessity of
development of the lightweight cryptographic solutions, which take the above mentioned
constraints into consideration and are able to ensure the needed level of the security.

M2M communication
M2M refers to those solutions that allow communication between devices of the same type and a
specific application, all via wired or wireless communication networks. M2M solutions allow
end-users to capture data about events from assets, such as temperature or inventory levels.
Typically, M2M is deployed to achieve productivity gains, reduce costs, and increase safety or
security. M2M has been applied in many different scenarios, including the remote monitoring
and control of enterprise assets, or to provide connectivity of remote machine-type devices.
Remote monitoring and control has generally provided the incentive for industrial applications,
whereas connectivity has been the focus in other enterprise scenarios such as connected vending
machines or point-of-sales terminals for online credit card transactions. M2M solutions,

9
however, do not generally allow for the broad sharing of data or connection of the devices in
question directly to the Internet.
1. A typical M2M solution overview
A typical M2M system solution consists of M2M devices, communication networks that provide
remote connectivity for the devices, service enablement and application logic, and integration of
the M2M application into the business processes provided by an Information Technology (IT)
system of the enterprise, as illustrated below in Figure.

A Generic M2M System Solution

The M2M system solution is used to remotely monitor and control enterprise assets of various
kinds, and to integrate those assets into the business processes of the enterprise in question. The
asset can be of a wide range of types (e.g. vehicle, freight container, building, or smart electricity
meter), all depending on the enterprise.
The system components of an M2M solution are as follows:
• M2M Device. This is the M2M device attached to the asset of interest, and provides sensing
and actuation capabilities. The M2M device is here generalized, as there are a number of
different realizations of these devices, ranging from low-end sensor nodes to high-end complex
devices with multimodal sensing capabilities.
• Network. The purpose of the network is to provide remote connectivity between the M2M
device and the application-side servers. Many different network types can be used, and include
both Wide Area Networks (WANs) and Local Area Networks (LANs), sometimes also referred
to as Capillary Networks or M2M Area Networks. Examples of WANs are public cellular mobile
networks, fixed private networks, or even satellite links.
• M2M Service Enablement. Within the generalized system solution outlined above, the
concept of a separate service enablement component is also introduced. This component
provides generic functionality that is common across a number of different applications. Its

10
primary purpose is to reduce cost for implementation and ease of application development. As
we will see later and in Chapter 6, the emergence of service enablement as a separate system
component is a clear trend.
• M2M Application. The application component of the solution is a realization of the highly
specific monitor and control process. The application is further integrated into the overall
business process system of the enterprise. The process of remotely monitoring and controlling
assets can be of many different types, for instance, remote car diagnostics or electricity meter
data management.
2. Key application areas
Existing M2M solutions cover numerous industry sectors and application scenarios. A selected
summary of main cellular M2M application markets is provided in Figure, and the figures are
estimates of deployed numbers of corresponding M2M devices in the years 2012 and 2016,
respectively.

Key Application Areas

 The largest segment is currently Telematics for cars and vehicles. Typical applications
include navigation, remote vehicle diagnostics, pay-as-you-drive insurance schemes, road
charging, and stolen vehicle recovery.

11
  Metering applications, meanwhile, include primarily remote meter management and data
collection for energy consumption in the electricity utility sector, but also for gas and
water consumption.
 Remote monitoring is more generalized monitoring of assets, and includes remote patient
monitoring as one prime example.
 Fleet management includes a number of different applications, like data logging, goods
and vehicle positioning, and security of valuable or hazardous goods.
 Security applications are mainly those related to home alarms and small business
surveillance solutions.
 The final market segment is Automated Teller Machines (ATM) and Point of Sales
(POS) terminals.
M2M value chains
The significant majority of M2M applications have and will be in the near future developed for
some form of business process optimization. As a result, the majority of organizations will first
take an inward-looking approach to business drivers and the reasoning behind why they will
implement such solutions. Reasons for using M2M vary from project to project and company to
company, but can include things such as cost reductions through streamlined business processes,
product quality improvements, and increased health and safety protection for employees. These
solutions are generally all internal to a company’s business processes and do not included
extensive interactions with other parties.

A simplified global value chain

Referring above figure, let’s take a look at the inputs and outputs of an M2M value chain.
Inputs: Inputs are the base raw ingredients that are turned into a product. Examples could be
cocoa beans for the manufacture of chocolate or data from an M2M device that will be turned
into a piece of information.
Production/Manufacture: Production/Manufacture refers to the process that the raw inputs are
put through to become part of a value chain. For example, cocoa beans may be dried and

12
separated before being transported to overseas markets. Data from an M2M solution, meanwhile,
needs to be verified and tagged for provenance.
Processing: Processing refers to the process whereby a product is prepared for sale. For
example, cocoa beans may now be made into cocoa powder, ready for use in chocolate bars. For
an M2M solution, this refers to the aggregation of multiple data sources to create an information
component something that is ready to be combined with other data sets to make it useful for
corporate decision-making.
Packaging: Packaging refers to the process whereby a product can be branded as would be
recognizable to end-user consumers. For example, a chocolate bar would now be ready to eat and
have a red wrapper with the words “KitKatt” on it. For M2M solutions, the data will have to be
combined with other information from internal corporate databases, for example, to see whether
the data received requires any action. This data would be recognizable to the end-users that need
to use the information, either in the form of visualizations or an Excel spreadsheet.
Distribution/Marketing: This process refers to the channels to market for products. For
example, a chocolate bar may be sold at a supermarket, a kiosk, or even online. An M2M
solution, however, will have produced an Information Product that can be used to create new
knowledge within a corporate environment _ examples include more detailed scheduling of
maintenance based on real-world information or improved product design due to feedback from
the M2M solution.
M2M value chains are internal to one company and cover one solution. IoT Value Chains,
meanwhile, are about the use and reuse of data across value chains and across solutions.

IoT value chains

Meanwhile, the move towards IoT from a value creation perspective comes with the desire to
make some of the data from sensors publicly available as part of an “information marketplace”
or other data exchange that allows the data to be used by a broader range of actors rather than
just the company that the system was originally designed for. It should be noted that such a
marketplace could still be internal to a company or strictly protected between the value chains of
several companies. Another alternative is a public marketplace, where data may be treated as a
derivative, but such public trading of data is probably a long way from real world market
realization in 2013.

13
IoT value chains based on data are to some extent enabled by Open APIs and the other open
web-based technologies.
Open APIs allow for the knowledge contained within different technical systems to become un-
embedded, creating the possibility for many different economic entities to combine and share
their data as long as they have a well-defined interface and description of how the data is
formatted.

An Information-Driven Value Chain for IoT

Inputs: The first thing that is apparent for an IoT value chain is that there are significantly more
inputs than for an M2M solution. As shown in above figure, four are illustrated:
• Devices/Sensors: These are very similar to the M2M solution devices and sensors, and may in
fact be built on the same technology. As we will see later, however, the manner in which the data
from these devices and sensors is used provides a different and much broader marketplace than
M2M does.

14
• Open Data: Open data is an increasingly important input to Information Value Chains. A
broad definition of open data defines it as: “A piece of data is open if anyone is free to use, reuse,
and redistribute it _ subjectonly, at most, to the requirement to attribute and/or share-alike”
(Open Definition 2013). Examples include city maps, provided by organizations such as
Ordinance Survey in the United Kingdom. Open data requires a license stating that it is open
data.
• OSS/BSS: The Operational Support Systems and Business Support Systems of mobile operator
networks are also important inputs to information value chains, and are being used increasingly
in tightly closed information marketplaces that allow operators to deliver services to enterprises
for example, where phone usage data is already owned by the company in question.
• Corporate Databases: Companies of a certain size generally have multiple corporate
databases covering various functions, including supply chain management, payroll, accounting,
etc. Over the last decades, many of these databases within corporations have been increasingly
interconnected using Internet Protocol (IP) technologies. As the use of devices and sensors
increases, these databases will be connected to this data to create new information sources and
new knowledge.
Production/Manufacture: In the production and manufacturing processes for data in an IoT
solution, the raw inputs described above will undergo initial development into information
components and products. Irrespective of input type described above, this process will need to
include tagging and linking of relevant data items in order to provide provenance and traceability
across the information value chain.
• Asset Information: Asset information may include data such as temperature over time of
container during transit or air quality during a particular month. Essentially, this relates to
whatever the sensor/device has been developed to monitor.
• Open Data Sets: Open data sets may include maps, rail timetables, or demographics about a
certain area in a country or city.
• Network Information: Network information relates to information such as GPS data, services
accessed via the mobile network, etc.
• Corporate Information: Corporate information may be, for example, the current state of
demand for a particular product in the supply chain at a particular moment in time.

15
Processing: During the processing stage, data from various sources is mixed together. At this
point, the data from the various inputs from the production and manufacture stage are combined
together to create information. This process involves the extensive use of data analytics for M2M
and IoT solutions.
Packaging: After the data from various inputs has been combined together, the packaging
section of the information value chain creates information components. These components could
be produced as charts or other traditional methods of communicating information to end-users.
Distribution/Marketing: The final stage of the Information Value Chain is the creation of an
Information Product. A broad variety of such products may exist, but they fall into two main
categories:
• Information products for improving internal decision-making: These information products
are the result of either detailed information analysis that allows better decisions to be made
during various internal corporate processes, or they enable the creation of previously unavailable
knowledge about a company’s products, strategy, or internal processes.
• Information products for resale to other economic actors: These information products have
high value for other economic actors and can be sold to them. For example, through an IoT
solution, a company may have market information about a certain area of town that another
entity might pay for (e.g. a real-estate company).

M2M to IoT - An Architectural Overview

Main design principles and needed capabilities:
 The overall design objective of IoT architecture shall be to target a horizontal system of
real-world services that are open, service-oriented, secure, and offer trust.
 A set of supporting design principles that target different means to fulfill the overall
architecture objective are needed.
 These design principles have a set of interpretations and further expectations on needed
technology solutions.
1. Design for reuse of deployed IoT resources across application domains. Deployed
IoT resources shall be able to be used in a vast range of different applications. This
implies that devices shall be made application independent and that the basic and atomic
services they expose in terms of sensing and actuation shall be done in a (to the greatest

16
 extent possible) uniform way. A system design will benefit from providing an abstracted
view of these basic underlying services that also are decoupled from the devices that
provide the services.
2. Design for a set of support services that provide open service-oriented capabilities
and can be used for application development and execution. These support services
shall in general cater to the typical environment of a stakeholder where IoT applications
are to be built, such as an open environment, and shall in particular provide support for a
few key service capabilities that are central from an IoT perspective. The open
environment of IoT will, for instance, require mechanisms for authorized usage of
services and resources, authentication, and associated identity management. The key
support services that are required from an IoT perspective include the means to access
IoT resources, how to publish and discover resources, tools for modeling contextual
information and information related to the real world entities that are of interest, and
capabilities that provide different levels of abstracted and complex services. The latter
can include data and event filtering and analytics, as well as dynamic service composition
and resolution of mixed sensing and actuation. Furthermore, well-defined service
interfaces and application programming interfaces (APIs) are required to facilitate
application development, as are the appropriate Software Development Kits (SDK).
3. Design for different abstraction levels that hide underlying complexities and
heterogeneities. Typical IoT solutions can involve a large number of different devices
and associated sensor modalities, and involve a large set of different actors providing
services and information that need to be composed and accessed with different levels of
aggregation. A system design will greatly benefit from providing the necessary
abstractions both of underlying technologies, data and service representation, as well as
granularity of information and services. This will ease the burden of both system
integrators and application developers. Again, hiding device-side technologies and
providing simple abstractions of the sensing and actuation services is one aspect. Another
is the means to perform aggregation of information or knowledge representation. A third,
is the requirement to have appropriate knowledge management tools and a means to
compose complex services as well as decomposition of complex queries and tasks down
to individual and atomic actuation tasks.

17
4. Design for sensing and actors taking on different roles of providing and using
services across different business domains and value chains. There are different levels
of openness of the business context in which IoT solutions are deployed and running. IoT
solutions can be run across a set of departments within an enterprise, or across a set of
enterprises in a value system, or even be provided in a truly open environment. The
business contexts can then be viewed as no market, as closed markets, or as open
markets. In these different setups there are varying degrees of needed capabilities that
address the multi-stakeholder perspective.
 The first thing that needs to be provided is a set of mechanisms that ensure
security and trust.
 Authentication and authorization of access to use services as well as to be able to
provide services is then a second requirement.
 The third requirement is the capability to be able to do auditing and to provide
accountability so that stakeholders can enforce liability if the need occurs.
 The next fundamental requirement is to ensure interoperability.
 The third fundamental requirement is related to the market perspective, whether
the markets are closed or fully open. Mechanisms that provide compensation for
used services or data between service users and service providers are needed. As
an IoT market can involve everything from trading individual sensor data to
aggregated insights and knowledge, compensation and billing mechanisms are
needed that can operate on the micro level as well as on more traditional macro
levels. An open market environment also calls for means to publish or advertise
services, as well as a means for finding services.
5. Design for ensuring trust, security, and privacy.
 Trust within IoT often implies reliability, which can be both ensuring the
availability of services as well as how dependable the services are, and that data is
only used for the purposes the end-user has agreed to.
 One important aspect of dependability is the accuracy of data or information, as
you can have multiple sources of IoT data.
 Security and privacy are potential barriers for IoT adoption and represent key
areas to address when building solutions.

18
  Privacy needs to be ensured by, for example, anonymization of data, seeing that
profiling of individuals is not easily done or even made undoable.
 Still, it is foreseen that authorities and agencies will require support to get access
to data and information for the purpose of national security or public safety.
6. Design for scalability, performance, and effectiveness. IoT deployments will happen
on a global scale and are foreseen to involve billions of deployed nodes. Sensor data will
be provided with a wide range of different characteristics. Data may be very infrequent
(e.g. alarms or detected abnormal events), or may be coming as real-time data streams, all
dependent on the type of data needed or based on application needs. Scalability aspects of
importance include the large number of devices and amounts of data produced that needs
to be processed or stored. Performance includes consideration of mission-critical
applications such as Supervisory Control And Data Acquisition (SCADA) systems with
extreme requirements on latency, for example.
7. Design for evolvability, heterogeneity, and simplicity of integration. Technology is
constantly changing, and given the nature of IoT deployments where devices and sensor
nodes are expected to be operational and in the field for many years, sometimes with
lifecycles of over 15 years (e.g. smart meters), IoT solutions must be able to withstand
and cater to introduction and use of new technologies as well as handling of legacy
deployments. Handling heterogeneity is also important since especially device-oriented
technologies used across industries are very different.
8. Design for simplicity of management. Again going back to one of the potential barriers
for IoT adaptation, simplicity of management is an important capability that needs to be
properly taken care of when designing IoT solutions. Auto-configuration and auto-
provisioning are key and well-known means that can ease deployment of IoT devices,
and are also very important to lower operating expenditures (OPEX).
9. Design for different service delivery models. We already know about the clear trends to
move from product offerings to a more combined product and service offering in a
number of industries, for instance, connected vehicles, and Software as a Service (SaaS)
as a delivery model. IoT with the wide span of possible applications clearly benefit from
elasticity in deployment of solutions, all to meet the long-tail aspect. Cloud and
virtualization technologies play a key enabler role in delivering future IoT services.

19
 10. Design for lifecycle support. The lifecycle phases are: planning, development,
deployment, and execution. Management aspects include deployment efficiency, design
time tools, and run-time management.

Internet Protocols (IP) in IoT

• IoT Protocols and Standards
• Types of IoT Protocols
• IoT Network Protocols
• HTTP (HyperText Transfer Protocol)
• LoRaWan (Long Range Wide Area Network)
• Bluetooth
• ZigBee
• IoT Data Protocols
• Message Queue Telemetry Transport (MQTT)
• Constrained Application Protocol (CoAP)
• Advanced Message Queuing Protocol (AMQP)
• Machine-to-Machine (M2M) Communication Protocol
• Extensible Messaging and Presence Protocol (XMPP)
IP Protection
• Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and
encrypts the packets of data.
• Provides secures encrypted communication between two computers over an Internet
Protocol network.
• It is used in virtual private networks (VPNs).
Uses of IP Security
• Encryption
• Security among public internet
• Provides authentication
• Protect network data
Components of IP Security
• Encapsulating Security Payload (ESP)

20
 • Authentication Header (AH)
• Internet Key Exchange (IKE)
Scaling issues in IoT
Overview of IPsec/IKE
• IPsec protocol suite is a set of protocols
• Provide security services at the network layer
• Uses tunnels between security gateways or individual hosts
Scalability
• Packet level models of IPsec/IKE protocols and the tools to easily build large scale
models of VPN scenarios.
• Enable relative performance characterizations of the impact of the variables above on
end-to-end applications.
VPN Topology
• Asymmetric Hosts (asymmhost)
• Asymmetric Networks (asymmnet)
• Fully Symmetric (fullsymm)
Security Policies
• security services are required for specific inbound/outbound IP flows
• To explore the impact these policy decisions have on the overall performance of VPN
applications
• Bypass results in no IPsec/IKE operations
• and is the equivalent of operating in an open network, without any IPsec VPN services

Design Considerations
Connecting products to the Internet of Things (IoT) is essential to manufacturers looking to stay
competitive within their industry. Adding IoT capabilities gives consumers more features. It also
allows the manufacturer to stay connected with their customer while discovering new product use
cases and applications that open them up to new revenue streams. When designing your first IoT
device, there are 10 things to keep in mind:
1.Cost
“Smart” or IoT products help consumers and manufacturers alike, but they cost more. Both

21
Ethernet and wireless technologies have come down below $10, so consider networking in your
next product.
2.Network
The network technology you chose for your IoT product has distance and gateway/router issues. If
you need to get to the Internet then you need Ethernet/Wi-Fi; if you are self-contained in a room or
building then ZigBee, Z-Wave, and Bluetooth are available. Remember all wireless technologies
need FCC certification.
3.Features
With an IoT connected product, companies can now add features to their products that were not
possible or imagined. These features can get you direct access to the customer for updates,
maintenance, and new revenue opportunities.
4.User interface
How the user interfaces with a product is important. Are you going to use buttons, LEDs, or a
display on the product? Also what web and app interfaces are you going to provide?
5.Power
One of the first decisions should be the power source. If the device will be powered by batteries
then all design decisions must consider how to preserve power. Many networking technologies will
not be a good fit with battery power. Frequency of communication does have an influence on
power selection, too.
6.Size
Size matters. Consider how the network will impact the size of the device. Connectors and
antennas required by some networks will add to the size.

22
7.Antenna
All wireless networks use an antenna, internal or external to the product. The trend is to move the
internal
antenna inside the enclosure if it is plastic. All metal enclosures would require external antennas.
8.Cloud
Cloud applications provide products a user interface to the product and the data. There are private
and public clouds. Most clouds have a standard API for developing your application.
9.Interoperability
Does your product need to communicate with other vendors’ products? If so, then you need to
Apple’s HomeKit, to communicate with other products.
adopt a standard set of protocols, such as Apple’s
10.Security
Security is becoming a major issue, so you need to design in as many layers of security as feasible.
SSL and password are the minimum.

23
 Economics
The cutting edge technological innovations which make smart cities what they are require
sizeable economic investments on behalf of the city, region or country. As with all investments,
if smart city initiatives do not return any tangible value, they represent money going down the
drain. With the way economies work, technological development or benefits to citizens might
not be enough to sustain the continuous advancement of smart cities if they come at a great
financial loss. Fortunately, the successful implementation of smart city initiatives comes with
many economic benefits.
1. Automation brings cost savings, with AI-based and IoT technologies automating city resources
such as water and electricity, and saving significant amounts of money by doing so.
2. Ensuring Proper Efficiency. Smart city sensors are making sure that resources are used without
losses, increasing efficiency and saving money.
3. Mitigating Risks and Reducing Damages in case of a disaster is another way in which a smart
city can cut down expenses, as well as increase safety.
4. Quality of Life also has economic benefits, as happier citizens care more about the city and
work to further improve and develop it.
5. Connectivity, the smart city feature of having every device connected to each other, improves
the city’s performance and this is strongly connected to its economy.
6. More Inflow of Talent, attracted by the safer, happier environment of the smart city, leads to a
rise in the GDP and overall economy of the city.
7. A Sustainable Ecosystem, with reduced emissions and cleaner cities, greatly increases the
standards of living, happiness and leads to economic growth.
8. Smart Transportation, reducing congestion and pollution, can have great benefits in terms of
money and time saved.
9. Smart Buildings, connected with each other, saving resources, and even generating their own
electricity and heating, can help sustainability and add to the economy on a daily basis.
10. Big Data, finally, are extremely valuable both to city authorities and –especially- to companies,
who find them very important for commerce, although strict ethical and legal standards have to
be maintained with regard to these uses.

24
In short, smart cities are expected to see an overall economic development of 5% annually,
which translates to almost $20 trillion in a decade, proving that smart cities are a great
investment that can impact the economy in a positive way.

Web References:
• https://www.urenio.org/2019/02/13/10-economic-benefits-of-smart-cities/ (accessed om
21st March, 2020)
• https://b-ok.cc/book/2838042/ffda62 (accessed on 21st March, 2020) (Section 1.55 and
Section 1.56)
• https://www.embedded-computing.com/embedded-computing-design/10-internet-of-
things-design-considerations (accessed on 21st March, 2020)
• https://www.researchgate.net/publication/228978017_Behavioral_and_performance_char
acteristics_of_IPsecIKE_in_large
scale_VPNs/link/0912f5061c3c99eb5e000000/download (accessed on 21st March, 2020)
• https://www.kelltontech.com/kellton-tech-blog/internet-of-things-protocols-standards
(accessed on 21st March, 2020)
• https://www.geeksforgeeks.org/ip-security-ipsec/ (accessed on 21st March, 2020)

25