Periodic Reporting for period 2 - SerIoT (Secure and Safe Internet of Things) Reporting period: 2019-07-01 to 2021-04-30 Summary of the context and overall objectives of the project When the Internet of Things (IoT) limited to RFID, security was assured by encrypted identity and passive characteristics with “intelligence” concentrated in the active transceiver. Now however, IoT devices have local computational and communication capabilities which make them vulnerable to all the attacks that can be directed against any computer-communication system. In addition, the applications that use the IoT can themselves be compromised by the IoT, as well as all the other sources of malicious attacks in the Internet. Cyberattacks to the IoT, even when they are detected, can inflict major damage by blocking the access for legitimate traffic and impairing the work of sensors, robots and actuators, with major consequences for components such as robots, actuators, smart vehicles, and supply chains. Indeed, malicious attacks create system and network congestion, quality of service (QoS) degradation, degradation of the commercial image or trust in a service system, substantial increase in energy consumption during the attack detection and mitigation phases, and especially impair the role of IoT devices that participate in the control of critical physical, chemical, and industrial processes, and human beings (in health monitoring, fitness sensing, and esp. drug delivery devices), as actuators in critical applications such as industrial control or vehicle and traffic control. This brings security of the IoT to the forefront of research. The cyber-threats that we have outlined are the motivation for the SerIoT project, whose goal is to optimize information and data security in IoT platforms and networks in a holistic, cross-layered manner (i.e. IoT platforms & devices, honeypots, Access Control, Attack Detecton, SDN routers and operator’s controller) while offering Quality of Service (QoS) and insuring energy savings. The results obtained by the project are implemented in software and demonstrated used to achieve secure IoT ecosystems and networks anywhere and everywhere, while respecting important QoS metrics for end-users, and limiting energy consumption in the system. The SerIoT project finds its origins in earlier work on Distributed Denial of Service (DDoS) Attacks and network storms in successful EU Projects FP7 NEMESYS and FP6 CASCADAS. Bringing together star European technology companies DT/T-Sys. and ATOS, with highly competent SMEs such as HIS, HOPU, and HIT, world-leading European research organizations IITIS, CERTH, JRC, and TECNALIA, and universities UESSEX, Technical University of thens (ICCS) and TUB with savvy users AustriaTech and OASA, the SerIoT Project develops, implements and tests a generic IoT framework based on Cognitively Enhanced smart Software Defined Networks using rigorous Random Neural Networks, augmented with secure routers. The SerIoT system incorporates attack detection and mitigation, QoS and Energy-Aware Routing, advanced analytics and user-friendly data analytics with visual monitoring. Work performed from the beginning of the project to the end of the period covered by the report and main results achieved so far SerIoT has created a unique portable software-based SerIoT system that spearheads Europe’s success in the IoT. Its results are already being exploited in industry (through HOPU), and also beta-tested in industry (through DT and ATOS) and demonstrated by DT, OASA, Tecnalia and HOPU with significant use cases. The first year’s effort was focused on the Phase 1 “Framework Design & Preparation”, and we also performed extensive analysis of the use case scenarios and formulated requirements for the system (as presented in D1.2 and D1.3). Risks and threats for IoT systems have been defined, both at the general level and in relation to realistic operational scenarios (D1.1). Extensive SoA analyses have also been carried out, related to the development of Anomaly Detection components, honeypots, PBF solutions (D4.1 D5.1). The overall architecture of the SerIoT framework was defined (D2.1) and formal and functional specification of SerIoT components was carried out (D2.1 D2.2) allowing us to develop the verification and testing methodologies (D2.3). In a second phase, the SerIoT SDN core network was designed and the SDN router implemented (D3.1) creating the basis for the SerIoT deployment in real-world Use Cases. In addition, modules for attack detection, cross-layer anomaly detection framework, virtualized honeypot, among others are also now fully available and tested. Now, after 40 months of hard work in challenging circumstances, the project has submitted al of its deliverables, and demonstrated all of its planned use cases successfully. Some of its outputs are already being integrated into commercial deployments. Progress beyond the state of the art and expected potential impact (including the socio-economic impact and the wider societal implications of the project so far) The SerIoT Project delivers some 10 individually exploitable system components, as well as an integrated system comprised of generic SDN forwarding engines and routers that react to security alerts, QoS and energy data, to provide the best security levels together with acceptable QoS and energy consumption, and to optimize QoS and energy consumption of the network when security breaches are not present. The project's beyond-state-of-the-art advances are achieved with the help of Cognitive Routing based and Random Neural Networks that make the required decisions under the direction of user settings for the different IoT connections. Specific tools created also include smart honeypots and neural network based attack detectors, and analytics techniques both as part of the automatic detection and mitigation schemes, and for reporting of system level conditions. The system is complemented with attack and traffic generators for testing and training purposes, together with UC scenarios in real environments to help illustrate and test the operation and capabilities of the Integrated SerIoT System.Standardization activities through ETSI have also been undertaken and have made good progress with inputs through several partners, such as CERTH, HOPU, JRC and IITIS.The project has generated over 63 world leading publications with over 20 in top journals, all of which have enjoyed an impressive number of 170,000 downloads and some 500 citations in the international literature. SerIoT organized a workshop on IoT Day in April 2021 with several other EU projects in our innovation area, presented numerous international seminars and keynotes, and organized and held a highly successful International Conference published by Springer: EuroCybersec 2018 whose proceedings have enjoyed 140,000 downloads. The results of SerIoT are also currently being exploited in the new EU project IoTAC.