M-Sec was born in July 2018, as an EU&JP R&D Project made by twelve partners (six European and six Japanese). The main motivational factor arises from the fact that many data sources in the IoT and Smart City domain may contain sensitive information that raises issues on privacy and data protection. The main objective sought by M-Sec is to develop a framework that provides security and integrity of data traffic, end to end, from the device to the Cloud and to the application in a secure and transparent way.
The project length is 3 years, however, due to the effects of Covid-19 and therefore the delay caused on the pilot’s implementations, the consortium decided last July 2020 to request an extension of three months.
The M-Sec project spoke with Vanessa Clemente, M-Sec Coordinator, to better understand the main challenges and achievements of the past 2 years and what is expected for the project’s last year of activities.
What has the consortium achieved during the past two years since the project started?
The consortium initiated the project focusing on describing in full detail the five different use cases and their associated pilots’ implementation, which would validate, at the end, the M-Sec secured framework in two iterative phases. Technical and non-technical requirements were identified to serve as the basis for the definition of the architecture and the development of the secured components expected to be part of the core system of M-Sec. In addition, stakeholders were identified as well as the infrastructure to be deployed, the recruitment and the engagement plans. The metrics to evaluate the results were also defined.
In terms of the core components of M-Sec, preparatory work was done analyzing the state of the art of the different technologies (IoT, Cloud, Big Data, Blockchain) and researching on techniques, methods and mechanisms to reduce vulnerabilities. Risks and threats on current IoT Smart City solutions were also considered for the development and enhancing of the core system. As a result, by March 2020, the first M-Sec framework prototype was available to be used for the integration with the different use cases defined.
M-Sec framework introduces tools for designing and validating secure applications and providing device-level security that protects IoT devices from malware through intrusion detection mechanisms and vulnerability detection systems, including a secure element to handle the integrity of the device during the boot process and the authentication and encryption for external communication channels. It entails data security where sensitive data is encrypted together with a hash. Thanks to the M-Sec Blockchain and Middleware, the synergy between on-chain and off-chain data and access control becomes possible. Finally, M-Sec expands this security support to end-to-end (as it can be seen in the figure below).
Last September, most of the pilots that were defined to validate the M-Sec system initiated the first phase of the trials for evaluation purposes. Lessons learnt are being analyzed and transferred to the technical partners for the iterative approach of the M-Sec core system involvement.
In terms of exploitation, the consortium conducted an extensive competitors’ analysis focased mainly in Small Medium Enterprises and Open Source Platforms as the main competitors for M-Sec. Additionally, a Stakeholder’s analysis was performed, identifying two main groups of stakeholders that should be monitored closely due to its high level of influence and interest: Governments and Smart Cities and IoT Providers (from cloud to IoT devices including SMEs, large companies and integrators). Furthermore, the value proposition and business model canvas for M-Sec as a whole was defined.
In parallel, and since the beginning of the project, dissemination activities have taken place by assisting to a high number of relevant public events, conducting workshops and webinars and transferring M-Sec achievements via social media platforms and its website.
What work remains to be done until the end of the project?
The consortium is now focused on providing a second prototype version of the M-Sec framework, taking into account all the feedback collected through the pilots’ implementations (1st phase) but also adapting the system to the new needs and threats detected specially due to the Pandemic situation.
The final prototype of M-Sec is expected to be released by June 2021. At that stage, all pilots will initiate the second phase of evaluation to gather the final results that will demonstrate the achievements and outcomes of the security IoT framework for smart cities developed by the consortium.
Regarding exploitation, it is expected to have the final financial plan that will be the basis to ensure the sustainability and operation of the M-Sec outcomes after the project’s conclusion, as well as the final revenue model approach. In addition, all the feedback gathered from the point of view of users and stakeholders during pilot trials will be considered for the redefinition of the exploitation plan of M-Sec and the sustainability of the M-Sec framework.
In the end, it can be concluded that 2021 will be an exciting and decisive year for the M-Sec project and the partners could not be more excited to deliver the expected outcomes and overcome any challenge that still lays ahead!