The SPOTS project is part of H2020 F-Interop. SPOTS aims at integrating three Internet of Things (IoT) security protocols developed by Internet Engineering Task Force (IETF) into the F-Interop platform. These protocols complement each other in their functionality to provide a fully secure stack. They have been developed by IETF 6TiSCH, IETF CORE and IETF ACE working groups and moreover adopted in the IETF 6TiSCH architecture as the security foundation blocks. Each of these protocols is tailored to a different technical challenge as they provide (1) secure network access, (2) protection of message exchanges, and (3) key agreement.
The three protocols targeted by SPOTS are:
- Secure network access in 6TiSCH networks, led by SPOTS team member Mališa Vučinić, is a protocol that allows a freshly unboxed IoT device to become a meaningful network node in a secure manner. As an official IETF working group document, this specification is on its way to becoming an Internet Standard (RFC). It has already been implemented in major IoT open-source projects such as Contiki and OpenWSN.
- Object Security for Constrained RESTful Environments (OSCORE), formerly known as Object Security of CoAP (OSCOAP), a new protocol in the IETF CORE family that upgrades Constrained Application Protocol (CoAP) to provide application layer end-to-end encryption, integrity and replay protection of CoAP messages leveraging the concept of object security. Adopted by IETF CORE, OSCORE is on its way to becoming an RFC.
- Ephemeral Diffie-Hellman Over COSE (EDHOC), a key agreement protocol that runs over CoAP and provides shared keying material for OSCORE. It is a missing piece towards autonomic operation of OSCORE. EDHOC is developed in the scope of IETF ACE working group with ongoing implementation effort.
F-Interop platform adopts the security-by-design concept and its architecture and tools provide well-grounded security features. Its core functionality does not include the testing of any security protocol. SPOTS fills this gap.