CEBOT - Certificate Enrollment for Billions of Things

Purpose and goal

The aim of this project was to equip IoT devices and Certification Authorities (CAs) with capabilities that brings the state-of-the-art Internet certificate enrolment into the IoT, but using the protocols that IoT devices can speak; ultimately, making IoT devices the first-class citizens of the Internet. This goal is achieved through the design, implementation, and evaluation of enrolment protocols for IoT and their support in both the official Nexus CM and the Contiki OS. The solution is now being standardised in the IETF for wider acceptance and use.

Expected results and effects

Today, Nexus can provide certificate based security to IoT providers. Here is a link to the Nexus´s blog that shows the achievements: "Swedish research project CEBOT has solved one of the toughest IoT security problems" (https://www.nexusgroup.com/blog/cebot-solved-iot-security-problems/). - The Contiki OS is equipped with the certificate-based security. - Exploiting CEBOT, SICS and Nexus have secured 3-years Eurostars funding. - With CEVT/Volvo Car, we have applied for an ESCEL project (first stage passed), where we plan to bring the CEBOT results to the automotive industry.

Planned approach and implementation

- New certificate enrolment protocols for IoT are implemented and added to the Nexus Certificate Manager (CA) software. - Open source and open license implementations of the enrolment protocols are added to the Contiki OS. - End-to-end performance evaluation of new enrolment protocol between Nexus´s CM and SICS´s Contiki is performed. The CEBOT project is in true terms a seminal project for building lightweight PKI for IoT. It resulted in 3-years Eurostars funding, 6-months direct assignment from Volvo, and two submitted projects.

External links

Project Page at www.SICS.se