Research and Development

Standards Contribution:

These two SBOM related projects are part of our commitment to technology community development.

• SPDX Hardware Team Lead

• Object Management Group - Enterprise Resource Metadata Attribution (ERMA) Standard Contributor

• Additional communication, architecture and related standards are being planned.

Ongoing Research & Development Projects:

Pioneering research over the last 9 years is producing industry changing results including but not limited to: 

• A networking operating system is needed to integrate network and computing resources so that access management and control of services and devices are streamlined.

• A secure network protocol is needed to verify, attest and manage connections between resources. The path between all resources is known along with capabilities and policy preferences to optimize operations between containers.

• Data centric security must be natively included as part of data creation, transport and management. Knowledge of all resources (devices, data, users, relationships, and policy) is required.

• A flexible architecture must support policy defined operations on a network, access, operations, and management on all levels. Policy can be defined as agreement between any two resources. Policy control rests with resource owners.

• No Trust security implementation must exceed 99.999999% reliability. The core is released under a restrictive open source licence. Application programmable interfaces for policy, security, access control and network operations are included in the core.

• Governance is defined as policy of policy to support the needs of multiple interest groups such as individuals, business, and government.

Academic Research:

Sept 2020 - Feb, 2021 - AI Agent Validation for Smart Beacon Network

The objective of this project is to design a technique to validate an API for AI agents. Validation will be based on (1) analysis of the typical capabilities of AI agents, and (2) testing the adequacy of the API for a representative set of AI agents. At a minimum, the representative agents will include ones for monitoring, diagnosing, and predicting the behaviors of devices in the Internet of Things, using the Smart Talk Beacon API. Managing an IoT network is a task that can quickly become difficult as the size of the network increases. The proposed API should provide the tools for AI agents to acquire all the relevant information from the network. To validate this API, both proactive and reactive AI agents will be created.

Sept 2020 - April 2022 - Perform end-to-end vulnerability analysis of Smart Beacon

The objective of the proposed research project is to perform end-to-end vulnerability analysis of Smart Talk Beacon’s IoT security architecture. The end-to-end vulnerability analysis will be performed by developing a realistic model of the IoT security architecture and then identifying how the system would respond to certain cyber-attacks. The architecture includes 1) the interactions between devices in a mesh network, 2) devices and gateway, 3) gateway and servers, and 4) inter-server  interactions. Smart Talk Beacon’s architecture is based on a no-trust security framework where devices rely on authentication and encryption to securely communicate with each other.

 No-trust security framework in such systems is challenging and can pose certain vulnerabilities because of the heterogenous nature of the end-to-end architecture. The vulnerability analysis will be performed by classifying Smart Talk Beacon’s IoT architecture into three levels, namely, perception, transportation, and application levels. This classification will help in understanding the impact of specific cyber-attacks (such as Distributed Denial of Service (DDoS) attacks) on the ecosystem. The first step would be to develop a theoretical model to understand the architecture of Smart Talk Beacon’s security system. The next step would be to model and simulate the end-to-end system architecture and finally perform performance analysis and benchmarking of the results.

Sept 2021 - Ongoing - Analyze the effects of the Smart Talk Beacon IoT security architecture 

Internet of things (IoT) systems require significant management related to external intrusions, internal threats, device failures, access management, and performance monitoring. In addition to network management issues, quality of service (QoS) must be maintained to predict changes and determine device and network performance. A good IoT system should be able to identify, track, and mitigate problems while dynamically adjusting its operation. 

The main objective of this project is to analyze the effects of the above issues on the performance of the Smart Talk Beacon’s IoT security architecture. The architecture includes; 1) the interactions between devices in a mesh network, 2) devices and gateway, 3) gateway and servers, and 4) inter-server interactions. 

Smart Talk Beacon’s architecture is based on a no-trust security framework where devices rely on authentication and encryption to securely communicate with each other. No-trust security framework in such systems is challenging and can pose vulnerabilities because of the heterogeneous nature of the end-to-end architecture. The Beacon architecture provides a framework for security and information management and device interaction. In this project, analysis tools for the Smart Talk Beacon system will be developed for data access, function management, and QoS analysis. Then, the QoS metrics will be identified, and the best approaches for interacting with network management components will be established. Finally, a QoS algorithm will be developed to achieve interactive analysis used for different types of implementations.

Publications and Presentations:

• SRP designs presented in IEEE Presentation for GlobalComm 2021, Started design of SRP in May of 2020 “Failures of TCP/IP: We need security, privacy, control and accountability! A new secure internet protocol is needed before the revolutionary merger of devices, data and users can be realized.”

• Dec. 2022 at IEEE GlobalComm 2022 a presentation was made related to “Bill of Materials (xBOMs): A Prerequisite Solution for Next Generation Networks” 

• April 2022 started IIC Secure Communication Infrastructure by Design security tiger team. Alfred Strauch is the Chair and Michael Abramson is the Co-Chair

• Aug 18, 2022, IIC xBOM paper of  “Secure Communications & Infrastructure by Design - Implementation of xBOMS for Security and Network Management”. 

Affiliations:

• 2021 Industrial Internet Consortium (IIC)

  • 2022 Time Sensitive Networks Testbed (TSN) - IIC TSN Testbed now Digital Twin Testbed

• 2022 Object Management Group (OMG) - developing new standard for ERMAs

  • 2022 Member of Middleware and Related Services part of Platform Committee 

• 2020 Institute of Electrical and Electronics Engineers (IEEE)

• 2022 SBOM Forum - Leaders in the use and development of SBOMs

• 2022 System Package Data Exchange (SPDX) - SBOM software and use of SBOMS

  • 2024 Contributor to hardware BOM (HBOM) profile

• 2022 Linux Foundation 

  • 2024 Elisa - Safety and Security Computing 

  • 2024 Functional Safety applied to SBOMs

• 2022 Artificial Intelligence and Internet of Things (AIOT Canada)

• 2023 Open Web Application Security Project (OWASP)

  • 2022 SBOM Forum - Discussions and solutions related to SBOMs

To learn more email info@smarttalkbeacon.com