Engineering von der anforderung bis zum betrieb

Internet of Things
Technology, Communications and Computing

Series Editors

More information about this series at

Maryam Farsi • Alireza Daneshkhah •

123

Editors
Maryam Farsi
Through-life Engineering Services Institute Cranfield University
Cranfield, Bedfordshire, UK

© Springer Nature Switzerland AG 2020
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed.

The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.

One key oversight over the use of emerging and advanced technologies is underestimating or neglecting the downside risks and potential harms that could arise for the adoption or implementation because of biased focus on the promises or upside benefits. The optimal position is naturally a balanced and equitable approach to identification and assessment of the so-called potential risks and rewards to ensure benefits are accrued whilst harms and risks are also taken into account and controlled at an acceptable level to the key stakeholders.

The other major oversight in the adoption of new innovations and technologies is the conventional focus on the price, cost, quality, reliability and performance at the expense of recognition of the social impact and potentially undermining human values and ethical norms. This is a more contextual concern for deployment of products, services and systems that is gaining prominence, especially in the web-based environments and services.

London, UK Prof. A. G. Hessami January 2019

Preface

vii

viii Preface

1. To gather remarkable and fundamental concepts with regards to different applications of DT technologies in smart cities.

2. To discuss the DT applications in smart cities for asset management, and the use of Internet of things and artificial intelligence.

Contents

Part I Digital Twins and Smart Cities
The Convergence of Digital Twin, IoT, and Machine Learning:
Transforming Data into Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Maninder Jeet Kaur, Ved P. Mishra and Piyush Maheshwari
A Novel Approach Toward Enhancing the Quality of Life in Smart
19 Cities Using Clouds and IoT-Based Technologies . . . . . . . . . . . . . . . . . .

ix

x Contents

Hany F. Atlam School of Electronics and Computer Science, University of Southampton, Southampton, UK;
Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University, Menoufia, Egypt

Ebad Banissi Division of Computer Science and Informatics, School of Engineering, London South Bank University, London, UK

Omid Chatrabgoun Department of Statistics, Faculty of Mathematical Sciences and Statistics, Malayer University, Malayer, Iran

Alireza Daneshkhah Faculty of Engineering, Environment and Computing, Coventry University, Coventry, UK

Maninder Jeet Kaur Department of Engineering, Dubai International Academic City, Amity University Dubai, Dubai, UAE

Stefan Kendzierskyj Northumbria University, London, UK

Research Center for Information Science and Technology, Tsinghua University, Beijing, China

Part I Digital Twins and Smart Cities

Keywords Digital twins · Internet of things (IoT) · Artificial intelligence (AI) ·Machine learning · Big data · Cyber-physical systems (CPS)

1 Introduction

© Springer Nature Switzerland AG 2020 3 M. Farsi et al. (eds.), Digital Twin Technologies and Smart Cities,
Internet of Things,

4 M. J. Kaur et al.

The growth of advanced technologies is paving way for the smart cities, where all the physical objects will have embedded computing and communication capabilities so that they can sense the environment and communicate with each other to provide the services. These intelligent interconnections and interoperability are also termed as IoT or machine-to-machine (M2M) communications [14]. Some of the important domains of a smart city are the smart energy, smart home, smart transport system, and smart manufacturing. Because of the affordability and availability of the sensors and actuators, data acquisition has become relatively easier. Monitoring and diag-nosing the manufacturing machines through the Internet is a challenging task. The convergence of the physical and virtual worlds of manufacturing is still one of the

The Convergence of Digital Twin, IoT … 5

2.1 Architecture

The basic architecture of digital twin consists of the sensor and measurement tech-nologies, Internet of Things, and machine learning. From the computational perspec-tive, the key technology to propel a digital twin is the data and information fusion that facilitates the flow of information from raw sensory data to high-level understand-ing and insights [23]. The key functionality of digital twin implementation through physics-based models and data-driven analytics is to provide accurate operational pictures of the assets [24]. This helps the digital twin mirror the activities of its cor-responding physical twin with the capabilities of early warning, anomaly detection, prediction, and optimization. The IoT system carries out real-time data acquisition through its smart gateway and edge computing devices. The preprocessed online sensory data is fused to feed the digital twin model. The offline data, after processing with text/data mining algorithms and then inputted to the digital twin as well. The offline computing resources utilized to train deep learning models. The digital twin combines modeling and analytics techniques to create a model of a specific target, e.g., flight critical component, etc. Hence, digital twin use is specified as predictive

– Performance Optimization—Digital twin helps to determine the optimal set of parameters and actions that can help maximize some of the key performance met-rics and provide forecasts for long-term planning. For example, NASA proposed and adopted for monitoring and optimization on safety and reliability optimiza-tions of spacecraft [26, 27].

– Healthcare—Digital twin can be used for capturing and visualize a hospital system in order to create a safe environment and test the impact of potential changes on system performances. Not just operations, it also helps to improve the quality of health services delivered to the patients. For example, a surgeon can use it for a digital visualization of the heart, before opening it.

2.3 Challenges of Digital Twin

Some of the challenges to build and implement digital twins are as follows:

3 Machine Learning, Artificial Intelligence, and IoT to Construct Digital Twins

Digital twin consists of the sensors and measurement technologies, IoT, simula-tion, and modeling and machine learning technologies. IoT devices are expected to generate a significant amount of data as their use becomes ubiquitous. IoT-cloud communication models and big data generated by devices results in increased latency and incremental data of cloud services and upstream data on behalf of IoT services.

– Data from the manufacturing systems, e.g., MES, PDM, SCM, ERP, etc., and from other computer-aided systems like CAD/CAM, CAE, etc.

– Data from Internet/users, e.g., from e-commerce—Amazon, Walmart, Facebook, twitter, etc.

and simulated annealing. Introduction of knowledge-based/expert systems efficiently in computer integrated manufacturing (CIM) components but intelligent, manufac-turing system (IMS) in industry were mainly in large companies [50]. The most famous IMS research was the international scheme of joint research called Intelli-gent Manufacturing System found in 1995 that influenced from dated back to 1989 from Japan [51]. In 90’s, agent-based systems for intelligent manufacturing were developed followed by the web service-based systems for manufacturing and crowd-sourcing [52–55]. The agent-method seemed to be the potential solution as it offered a proper paradigm for the intelligent CIM components and IMS [56–58]. Intelligent agents are used in distributed AI and such an agent-based approach can handle the issues of the present software applications, specifically those working conditions that are highly dynamic and uncertain [59]. However, most agent-based systems are still at a research and prototype stage in labs and not widely adopted in manufacturing.

4 Intelligent and Smart Manufacturing with AI Evolution

10 M. J. Kaur et al.

behaviors, rules, dynamics, and many other factors [64]. The virtual model of prod-uct is created to establish the product digital twin. The product digital twin would always keep in company with the product to provide the value-added services [65].

Based on the predictions for health condition, remaining life and faults, the proac-tive maintenance is carried out to avoid the sudden downtime. In addition, when the faults occur with the high fidelity virtual model of the product, the fault would be visually diagnosed and analyzed, so that the position of the faulty part and the root cause of fault displayed to the users [67]. These operations–maintenance and repair operations (MRO) which include disassembly sequence, spare parts, etc. provide sustainability. Before starting the actual MRO, the walkthrough about MRO strate-gies executed in the virtual world based in the virtual reality and augmented reality to impose predictive analysis. As the virtual models faithfully reflect the mechanical structure of the parts and the coupling between each other, it can identify whether the MRO strategies are effective, executable and optimal. The data from the dif-ferent stage of product lifecycle are accumulated and inherited to contribute to the innovation of the next generation product.

Moreover, in the design phase, product innovation relies on the accurate interpre-tation of market preferences and customer demands, in accordance with the optimal planning. Besides, once the design changes, the manufacturing process can be eas-ily updated, including updating the bill of materials, processes, and assigning new resources. As a result, the convergence of digital twin, big data and service, enables the production, planning, optimizing and manufacturing process in real-time. In the daily operation and MRO of the product, the virtual models of physical products syn-chronize with the real state of the product through sensors. The operation status of the product and the health status of the components generated in real-time. In addition to the sensors data, digital twin also integrates the historical data, e.g., maintenance records, energy consumption, etc. and through the analysis of this data, product dig-ital twin can continuously predict the state of the product and remaining life of the product and probability of faults. It can also analyze the unknown problems by com-paring the actual product response and anticipating the product response in specific scenarios. Hence, it improves product life and maintenance efficiency and reduces the maintenance cost. Big data analytics is responsible for all the data acquired and analyzed by the smart manufacturing. Therefore, the convergence of the digital twin and the big data is very important for smart manufacturing [13].

– Semantic Reasoning—Semantic web-based methods have been used to map pro-prietary relational datasets, environment monitoring data streams and participatory sensing data and this data then is combined (with match filters) with user prefer-ences to form a dynamic social structure of things.

– Tensor Decomposition—The tensor-based methods exploit existing approaches for data fusion that can detect hidden information. This method is generally to analyze the behavior similarity of users. Group-centric data fusion is performed based on the approximate tensor, with each element in the approximate tensor representing the prevalence of the corresponding behavior in the group [72].– Cross-space data fusion through correlation—Cross-space data fusion has taken the form of statistical methods, to calculate correlation between numerical data streams derived from the physical and social space. These include utilizing the data generated by citizens in social networking platforms in conjunction with data from sensor installations to build a model of the city’s dynamics.

3. Supervisory Level—This level manages various manufacturing cells, each per- forming a different manufacturing process.

4. Cell Control Level—At this level, processes perform different actions.

– Encryption of the data—Highly confidential data must be encrypted to ensure that only authorized users have access by deploying anti-malware and harden-ing software on all IT and OT systems. In addition, use of symmetric encryption algorithms, hybrid encryption schemes, cryptographic hash functions, digital sig-natures, key agreement and distribution protocols are widely used to ensure only

The Convergence of Digital Twin, IoT … 13

5 Conclusion

Digital Twin has been recognized by many developed companies like GE, IBM, and Cisco as next-generation core infrastructure and are focusing more on developing CPS-related technologies and utilization of platforms. IoT and Artificial Intelligence in smart manufacturing was the initial step to recognize the sensors prerequisite into the machine parts from where the real-time analytics will get the data. Fusion of human, data and smart/intelligent algorithms has far-reaching effects on manufac-turing efficiency. However, the intensive communication and high amounts of data involved also bring in new challenges. In this chapter, we discussed the architecture of the CPS, applications, and challenges involved in the implementation of Digital Twins. It also discusses the related work in the area of machine learning, artifi-cial intelligence in the field of smart manufacturing. Furthermore, the key research areas—Fusion of Big Data, Cloud and Cyber-physical systems, Information and Data

1. Tao, F. and Qi, Q.: New IT driven service-oriented smart manufacturing: framework and char- acteristics. IEEE Trans. Syst., Man, Cybern. Syst. (2017)
2. Mourtzis, D., Vlachou, E., Milas, N.: Industrial Big Data as a result of IoT adoption in manu- facturing. Procedia CIRP. 55, 290–295 (2016)
3. Gantz, J. and Reinsel, D.: The digital universe in 2020: Big data, bigger digital shadows, and biggest growth in the Far East. IDC iView: IDC Analyze the future. 1–16 (2012)
4. Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A., Khan, S.U.: The rise of big data on cloud computing: Review and open research issues. Inf. Syst. 47, 98–115 (2015) 5. Yi, S., Li, C. Li, Q.: A survey of fog computing: concepts, applications and issues. In: Pro- ceedings of the 2015 workshop on mobile big data, ACM, pp. 37–42 (2015)
6. Leng, J., Jiang, P.: Dynamic scheduling in RFID-driven discrete manufacturing system by using multi-layer network metrics as heuristic information. J. Intell. Manuf. 1–16 (2017)
7. Wang, S., Wan, J., Zhang, D., Li, D., Zhang, C.: Towards smart factory for industry 4.0: a self-organized multi-agent system with big data-based feedback and coordination. Comput.

Netw. 101, 158–168 (2016)
8. Wang, S., Wan, J., Li, D., Zhang, C.: Implementing smart factory of industry 4.0: an outlook.

26. Grieves, M.: Digital twin: manufacturing excellence through virtual factory replication. White Pap. (2014)
27. Glaessgen, E., Stargel, D.: The digital twin paradigm for future NASA and US Air Force vehi- cles. In: 53rd AIAA/ASME/ASCE/AHS/ASC Structures, Structural Dynamics and Materials Conference 20th AIAA/ASME/AHS Adaptive Structures Conference 14th AIAA 1818 (2012) 28. Lee, J., Ardakani, H.D., Yang, S., Bagheri, B.: Industrial big data analytics and cyber-physical systems for future maintenance & service innovation. Procedia CIRP 38, 3–7 (2015) 29. Lee, J., Bagheri,B., Kao, H.A.: A cyber-physical systems architecture for industry 4.0-based manufacturing system. Manuf. Lett. 3:18–23 (2015)
30. Wang, X.V., Wang, L.: A cloud-based production system for information and service integra- tion: an internet of things case study on waste electronics. Enterp. Inf. Syst. 11(7), 952–968 (2017)
31. Barnaghi, P., Sheth, A., Singh, V., Hauswirth, M.: Physical-cyber-social computing: looking back: looking forward. IEEE Internet Comput. 3, 7–11 (2015)
32. Hussein, D., Park, S., Han, S.N., Crespi, N.: Dynamic social structure of things: a contextual approach in CPSS. IEEE Internet Comput. 19(3), 12–20 (2015)
33. Uhlemann, T.H.J., Lehmann, C., Steinhilper, R.: The digital twin: realizing the cyber-physical production system for industry 4.0. Procedia Cirp. 61:335–340 (2017)
34. Schleich, B., Anwer, N., Mathieu, L., Wartzack, S.: Shaping the digital twin for design and production engineering. CIRP Ann. 66(1), 141–144 (2017)
35. Lynch, C.: Big data: How do your data grow? Nature 455(7209):28 (2008)
36. Bandaru, S., Ng, A.H., Deb, K.: Data mining methods for knowledge discovery in multi- objective optimization: Part A-Survey. Expert Syst. Appl. 70, 139–159 (2017)
37. Bandaru, S., Ng, A.H., Deb, K.: Data mining methods for knowledge discovery in multi- objective optimization: Part B-New developments and applications. Expert Syst. Appl. 70, 119–138 (2017)
38. Feldmann, S., Vogel-Heuser, B.: Änderungsszenarien in der Automatisierungstechnik–Heraus- forderungen und interdisziplinäre Auswirkungen. Engineering von der Anforderung bis zum Betrieb 3:95 (2013)

16 M. J. Kaur et al.

71, 151–166 (2016)
48. Wright, P., Bourne, D.A.: Manufacturing Intelligence. Addison-Wesley, Boston, MA (1988) 49. Teti, R., Kumara, S.R.T.: Intelligent computing methods for manufacturing systems. CIRP Ann. 46(2), 629–652 (1997)
50. Kopacek, P.: Intelligent manufacturing: present state and future trends. J. Intell. Rob. Syst.

26(3–4), 217–229 (1999)
51. Setoya, H.: History and review of the IMS (Intelligent Manufacturing System). In: 2011 Inter- national Conference on Mechatronics and Automation (ICMA), pp. 30–33 (2011)
52. Shen, W., Norrie, D.H.: Agent-based systems for intelligent manufacturing: a state-of-the-art survey. Knowl. Inf. Syst. 1(2):129–156 (1999)
53. Mostafaeipour, A., Roy, N.: Implementation of web based technique into the intelligent man- ufacturing system. Int. J. Comput. Appl. 17(6), 38–43 (2011)
54. McAfee, A.P.: Enterprise 2.0: the dawn of emergent collaboration. MIT Sloan Manag. Rev.

The Convergence of Digital Twin, IoT … 17

65. Zhuang, C., Liu, J., Xiong, H., Ding, X., Liu, S., Weng, G.: Connotation, architecture and trends of product digital twin. Comput. Integr. Manuf. Syst. 23(4), 753–768 (2017)
66. Tuegel, E.J., Ingraffea, A.R., Eason, T.G., Spottswood, S.M.: Reengineering aircraft structural life prediction using a digital twin. Int. J. Aerosp. Eng. (2011)
67. Gockel, B., Tudor, A., Brandyberry, M., Penmetsa, R., Tuegel, E.: Challenges with struc- tural life forecasting using realistic mission profiles. In: 53rd AIAA/ASME/ASCE/AHS/ASC Structures, Structural Dynamics and Materials Conference 20th AIAA/ASME/AHS Adaptive Structures Conference 14th AIAA, p. 1813 (2012)
68. Liggins II, M., Hall, D. and Llinas, J. eds.: Handbook of Multisensor Data Fusion: Theory and Practice. CRC press (2017)
69. Boström, H., Andler, S.F., Brohede, M., Johansson, R., Karlsson, A., Van Laere, J., Niklasson, L., Nilsson, M., Persson, A., Ziemke, T.: On the definition of information fusion as a field of research (2007)
70. Stevens, S.S.: On the theory of scales of measurement. Science 1946(103), 677–680 (1946) 71. De, S., Zhou, Y., Larizgoitia Abad, I., Moessner, K.: Cyber–physical–social frameworks for urban big data systems: a survey. Appl. Sci. 7(10):1017 (2017)
72. Zhang, Y.: GroRec: a group-centric intelligent recommender system integrating social, mobile and big data technologies. IEEE Trans. Serv. Comput. 9(5), 786–795 (2016)
73. Tuptuk, N., Hailes, S.: Security of smart manufacturing systems. J. Manuf. Syst. 47, 93–106 (2018)
74. Last accessed
75. Piètre-Cambacédès, L., Sitbon, P.: Cryptographic key management for SCADA systems-issues and perspectives. In: 2008 International Conference on Information Security and Assurance, pp. 156–161 (2008). IEEE
76. Pal, O., Saiwan, S., Jain, P., Saquib, Z., Patel, D.: Cryptographic key management for SCADA system: An architectural framework. In: 2009 International Conference on Advances in Com- puting, Control, & Telecommunication Technologies, pp. 169–174 (2009). IEEE
77. Roosta, T., Nilsson, D.K., Lindqvist, U., Valdes, A.: An intrusion detection system for wireless process control systems. In: 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, pp. 866–872 (2008). IEEE
78. Carcano, A., Coletta, A., Guglielmi, M., Masera, M., Fovino, I.N., Trombetta, A.: A multi- dimensional critical state analysis for detecting intrusions in SCADA systems. IEEE Trans.

Abstract The smart city means using information technologies as per the needs of citizens in order to improve their day-to-day activities with high efficiency and decrease the living cost. The development of the smart city is the process of urban-ization which can further improve the efficiency, reliability, and security of a city. The integration of communication and information technologies with the Internet of Things (IoT) and artificial intelligence (AI) techniques will be helpful for the urban/metro city areas in the overall management of schools, colleges, universities, libraries, power plants, transportation systems, waste management, hospitals, water supply, law enforcement, and other community services. The information and digital technologies will be used by end users and office administrations for the overall man-agement of the things related to urban/metro city areas. The information and commu-nication technologies (ICT) will allow officials of the city to interact/communicate directly with social communities and the infrastructure of the city will be available to the city officials on their fingertips. This chapter describes the economic bene-fits, implementation costs, and challenges toward the development of a smart city and its integration with cloud computing, IoT, and AI technologies. In this research work, we have tried to study the existing technologies, and we have proposed a novel architecture of a smart city which incorporates IoT, AI, and distributed cloud comput-ing technologies and the smart city will have its own independent self-management system for managing almost everything related to the needs of our daily life. The proposed work will be helpful in maintaining the ecological system of the earth and the use of clean solar energy is making it friendly to the environment.

K. N. Mishra
Department of Computer Science and Engineering, Birla Institute of Technology, Ranchi 814142, Jharkhand, India
e-mail:

1 Introduction

The integration of information and communication technology with the Internet of Things (IoT) will be helpful for the urban/metro city areas in the overall management of schools, colleges, universities, libraries, power plants, transportation systems, waste management, hospitals, water supply, law enforcement, and other community services. The information and digital technologies will be used by end users and office administrations for the overall management of the things related to urban/metro city areas. The ICT will permit city officials to interact/communicate directly with social communities and the infrastructure of the city will be available to the city officials on their fingertips. Further, different events and happenings of the city will be monitored with the help of ICT and IoT. The data and information will be collected from citizens by using the sensors integrated with real-time monitoring systems. The analysis of collected data will be helpful in maintaining the law and order situation of the city [1, 2].

This chapter describes the economic benefits, implementation costs and chal-lenges toward the development of a smart city and its integration with cloud com-puting, IoT and artificial intelligence (AI) technologies. In this research work, the authors have presented the study of existing smart city technologies. In this chapter, the authors have proposed a novel architecture of a smart city which incorporates IoT, AI, and distributed cloud computing technologies. The proposed architecture of the smart city will have its own independent self-management system for managing almost everything related to the needs of our daily life. The proposed work will be helpful in maintaining the ecological system of the earth and the use of clean solar energy is making it friendly to the environment.

The whole chapter is organized into six sections, namely introduction (Sect. 1), literature review (Sect. 2), proposed cloud-based framework (Sect. 3), proposed the architecture for improving the quality of life in Smart cities (Sect. 4), discussions (Sect. 5), and the concluding remarks presented in Sect. 6.

Now, with the help of the internet, it is becoming possible for everyone to study whenever and wherever he/she want, and it does not require the viewer’s presence at any particular time. Hence, the IoT helps both the consumer and the producer. Today, there is a requirement for a long-term method of developing sustainable cities by managing the life cycles of cities through improving economic performance over the entire life cycle. It provides opportunities by introducing healthy competition in terms of online services like waste management, education, healthcare, safety, and transportation systems, etc. [12, 13].

Further, the next-generation Internet potential with the help of IoT and information as a service (IoS) for generating forthcoming actual life applications and services is very vast in the context of smart city projects. The initial success of IoT deployments in smart city applications is jeopardized because of the unavailability of test beds of the desired scale and its suitability for the validation of most recent research outcomes. Many of the accessible test beds just offer limited testing environment up to a small domain of specific cases of deployments [14, 15].

managed/maintained by others (Amazon, Google, etc.). The integration of cloud computing with the concept “pay-as-much-as-you-use” method provides the appli-cation service provider to condense the investment in infrastructure services, and it enables the IoT-based cloud computing system to focus on providing further better services to the clients. In addition to it, there are also security issues with the SaaS model of cloud computing which needs to be recognized, identified and fixed before they are used as a service [19].

ThePaaSisacompilationoflinkedservicesforcreatinganddeployingsoftwareon cloud computing systems. Hence, it is not a singleton set-based technology. The PaaS has the capability to manage/control user subscriptions, security, resource metering, and distribution of other services. The PaaS plays a key role in cloud computing systems because it brings custom software development to the clouds. The NIST defined PaaS as “The capability provided to the consumer to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider” [20]. Some of the well-known PaaS-based cloud systems are Google App Engine (GAE), Microsoft Windows Azure (MWA), and Ground Operating Systems (GOS) [21].

4 Proposed Architecture for Quality of Life Improvement in Smart City

With the invention of sensor networks and artificial intelligence-based modern tech-nologies, the future of smart city systems is predicted very bright. Therefore, the people in every part of the world are moving from rural to urban city areas and from urban areas to smart cities. The author has proposed smart city architecture, as shown in Fig. 1 where cloud computing technologies and sensor networks are integrated with artificial intelligence technologies to achieve the goals of high-level customized services in the real-time eco-friendly environment [26, 27].

/ Parking

Resource and Infrastructure Management

User Data Collec�on and Provider Services Management

The proposed architecture of Fig. 1 will help the citizens of smart cities in their daily activities by sending time-to-time alerts and warnings to recall and remember day-to-day life-related things. The proposed system will act as an intelligent platform equipped with artificial intelligence techniques for people living in smart society. By combiningdatafromdifferentdomains,thisarchitecturewillhelpinassistingcitizens of smart cities in an intelligent manner, such as by sending alerts and warnings for their household items like for buying food items via a smart fridge.

The proposed architecture will help the drivers to take another route in case of traffic jam situations, automatically alert the heart patients if their heart bit rate crosses significantly over a threshold value while performing day-to-day activities. In this proposed smart city architecture, the raw data will be collected and processed to make it Internet-friendly, and then only it will be forwarded for uncertainty and usefulness checking. The new rules designed and implemented at this stage will be useful in describing the knowledge of the proposed model. The similar technique can also be used in describing the customized services, which will further provide 24 × 7 feedback to the citizens in the form of different types of alerts and specific warnings.

There are various types of architecture that exists and describe smart city systems.

Figure 2 illustrates the energy management of the smart city as demonstrated by the Toshiba Group of Japan [34]. Some other groups like the Hitachi group in Japan have been actively working in the area of human care where environment-friendly smart cities will have low carbon emission.

Changing Stations

Fig. 2 Community energy management system of smart cities, drawn from data provided in [34]

The information and communication technologies encourage and help the citizens to participate in the decision-making process of the country much more than before and it has become much more difficult for the authorities of different offices and organizations to keep their work behind closed doors. The people are able to directly interact with the government officials and elected representatives of our societies without any hesitation because of the easy accessibility of IoT and ICT. This inter-action of people with officials in a smart city is presented in Fig. 4. Despite Sevier challenge of the digital divide, the availability and integration of ICT with the general public have brought a huge increase in the power of citizens. Hence, the meaning of remote geographical location is changing. Now, we can act globally and locally

28 K. N. Mishra and C. Chakraborty

The smart city projects require trillions of dollars of investments and these projects will provide excellent business opportunities for technology providers, investors, and the general public. Therefore, a new era of business with the development of smart

A Novel Approach Toward Enhancing the Quality … 29

The independent and error proof communication medium may play an important role in achieving the goals of the smart city concept in an actual sense. The existing communication services which are currently being utilized in a smart city are not sufficient [43, 44].

Hence, we need to further upgrade the currently being used for services with the help of artificial intelligence and soft computing techniques. The primary objective which can further improve the quality of life in the smart city is to connect all things related communication and information technologies (sensors and IoTs) that may help in increasing the comfort and safety levels of the life of citizens. An important example of this category is to provide a communication facility in the home domain for integrating the telephone and other communication systems including personal computers through the internet of things in a smart city. The need for the integration of a smart city with IoT and cloud computing is also conceptualized and discussed in [45], please see Fig. 4.

The significant pressure is regularly increasing on all of us to decrease the environ-mental impact. The sustainable transformation of cities is the only possible choice if it is done in a smart way where nature and environment-based things are untouched

32 K. N. Mishra and C. Chakraborty

Manag. 8(5), 83–95 (2004)
3. Caragliu, A., del BoC, Nijkamp P.: Smart cities in Europe. J. Urban Technol. 18(2), 65–82 (2011)
4. Chourabi, H., Nam, T., Walker, S., Gil-Garcia, J.R., Mellouli, S., Nahon, K., Scholl, H.J.: Understanding smart cities: an integrative framework in system science. In: 45th Hawaii Inter- national Conference, HICSS 2012, pp. 2289–2297. IEEE (2012)
5. Cocchia, A.: Smart and digital city: a systematic literature review. In: Dameri, R.P., Sabroux, C. (eds.) Smart City: How to Create Public and Economic Value with High Technology in Urban Space. pp. 13–43. Springer International Publishing, Switzerland (2014)
6. Marinova, D., Philimore, J.: Models of innovation. In: Shavinina, L.V. (ed) The International Handbook on Innovation, pp. 44–53. Elsevier (2003)
7. Schuler, D.: Digital cities and digital citizens. In: Tanabe, M., van den Besselaar, P., Ishida, T. (eds.) Digital Cities II: Computational and Sociological Approaches, pp. 71–85. Springer, Heidelberg (2002)
8. Harrison, C., Eckman, B., Hamilton, R., Hartswick, P., Kalagnanam, J., Paraszczak, J., Williams, P.: Foundations for smarter cities. IBM J. Res. Dev. 54(4), 350–365 (2010) 9. Yoshihito, Y., Sato, Y., Hirasawa, A., Takahashi, S., Yamamoto, M.: Hitachi’s vision of the smart city. Hitachi Rev. 61(3), 111–118 (2012)
10. Faisal, R.: Spamming the internet of things: a possibility and it’s probable solution. In: The 9th International Conference on Mobile Web Information Systems. Procedia Computer Science, vol. 10, pp. 658–665 (2012)
11. Anthopoulos, L., Fitsilis, P.: From online to ubiquitous cities: the technical transformation of virtual communities. In: Sideridis, A.B., Patrikakis, C.Z. (eds.) Next Generation Society: Tech- nological and Legal Issues. Proceedings of the Third International Conference, eDemocracy, Athens, Greece, vol. 26, pp. 360–372 (2009)
12. Borja, J.: Counterpoint: intelligent cities and innovative cities. Universitat Oberta de Catalunya (UOC) Papers. E-J. Knowl. Soc. 5, 1–12 (2007)

A Novel Approach Toward Enhancing the Quality … 33

In: IEEE 10th International Conference on Wireless and Mobile Computing, Networking, and Communications (WiMob), Larnaca, pp. 181–186 (2014)
28. Ribas, M., Sampaio, L.A., Neuman de Souza, J., Rubens de Carvalho Sousa, F., Oliveira, M.L.: A platform as a service billing model for cloud computing management approaches. IEEE Lat.

Am. Trans. 14(1), 267–280 (2016)
29. Hong, L.T., Schahram, D., Georgiana, C., Alessio, G., Waldemar, H., Duc, H.L., Daniel, M.: CoMoT—a platform-as-a-service for elasticity in the cloud. In: IEEE International Conference on Cloud Engineering (IC2E), Boston, MA, pp. 619–622 (2014)
30. Sami, Y., Pradeep, R., Ons, B., Roch, H.G., Monique, J.M., Paul, A.P.: A platform as-a-service for hybrid cloud/fog environments. In: IEEE International Symposium on Local and Metropoli- tan Area Networks (LANMAN), Rome, Italy, pp. 1–7 (2016)
31. Graubner, P., Baumgärtner, L., Heckmann, P., Müller, M., Freisleben, B.: Dynalize: Dynamic analysis of mobile apps in a platform-as-a-service cloud. In: IEEE 8th International Conference on Cloud Computing, New York City, NY, pp. 925–932 (2015)
32. Dhuldhule, P.A., Lakshmi, J., Nandy, S.K.: High-performance computing cloud—a platform- as-a-service perspective. In: International Conference on Cloud Computing and Big Data (CCBD), Shanghai, pp. 21–28 (2015)
33. Vanhove, T., Vandensteen, J., Seghbroeck, J.V., Wauters, T., De Turck, F.: Kameleo: design of a new platform-as-a-service for flexible data management. In: IEEE Network Operations and Management Symposium (NOMS), Krakow, pp. 1–4 (2014)

A Novel Approach Toward Enhancing the Quality … 35

of Communication & IT, Government of India) Noida, Uttar Pradesh. Before joining CDAC, Dr. Mishra worked as a lec-turer in CS&E Department at Krishna Institute of Engineering & Technology (KIET), Ghaziabad, India, from July 1998 to August 2000. Dr. Mishra has published more than 30 research papers in journals and conferences of international repute. His research interest includes Biometric Systems, Image Processing, Analy-sis of Algorithms and Distributed Cloud Computing. Dr. Mishra is a professional member of IEEE Biometric Society USA, and ACM, USA.

The Future of Mobility with Connected and Autonomous Vehicles in Smart Cities

For the majority part of the twentieth century, the concept of a smart city was only science fiction pictured by the popular media. But very recently with considerable progress achieved in the development of computing and electronic devices, the vision thatanentirecitycouldbetransformedintoasmarttownisbecomingareality[1].The idea of the smart city captured most people attention during the last decade as a blend

P. Seuwou (B) · E. Banissi · G. Ubakanma Division of Computer Science and Informatics, School of Engineering, London South Bank University, London, UK
e-mail:

of beliefs on how technology, in general, could be used to transform how cities around the world work, while improving their competitiveness, offering new ways of solving problems linked to poverty, social deprivation, pollution and poor environmental issues [2]. Smart cities are often seen as collections of intelligent devices installed across the city able to communicate with each other while providing constant data on the movement of people and objects. Over 50% of the world population now live in cities and it is expected that by 2050, cities will be home for about two-thirds of the world inhabitant [3]. As the population in cities continue to rise, the need for mobility as well as its burdens on the environment, social stability and the economy will grow rapidly [4]. People are attracted to cities mainly because of all the great opportunities they offer. In cities, people are able to live and work, companies are able to settle, grow and recruit competitive staffs, young people able to go to schools and universities. However, cities are also places for diseases mainly because in cities there are high volumes of cars, traffic, CO2 emission, high cost of living where waste production and pollution are worse. The possible applications of smart vehicles such as connected vehicles (Car2X technologies), autonomous vehicles (AVs) as well as connected and autonomous vehicles (CAVs) are wide-ranging, spanning on a variety of different sectors. CAVs appear to be a possible answer to contemporary transportation problems. Mass adoption of this emerging technology as a mode of transportation will reduce issues linked to emissions and energy consumption, while improving traffic flow, accessibility and efficiency of transportation systems, road safety and city efficiency among other benefits [5–8]. The deployment of CAVs will provide a time and space for other activities to take place from catching up on emails to watching TV. This chapter defines the concept of smart cities, it analyses connected autonomous vehicles (CAVs) as a prospective future mobility solution for smart and sustainable development. We will also identify challenges and security threats of CAVs as critical risks to the expansion of smart and sustainable cities around the world.

Typical CAVs are equipped with technologies such as Lidar, video camera, posi-tioning estimator, distance sensors. These vehicles can “talk” to each other exchang-ing information such as vehicle size, position, speed, heading and turn signal status. Generally, video cameras are mounted near the rear-view mirror, the camera detects traffic lights and any moving objects, the Lidar positioned on the roof of the car as a rotating sensor scans the area in a radius of 60 m for the creation of a dynamic, three-dimensional map of the environment. A position estimator, which is a sen-sor mounted on the left rear wheel measures lateral movements and determines the car’s position on the map. Distance sensors are made up of four radars, three in the front bumper and one in the rear bumper, measure distances to various obstacles and allow the system to reduce the speed of the car. CAVs will also be equipped with an event data recorder or EDR also referred to as an automotive black box, recording information related to vehicle crashes or accidents.

2 Smart City Concept and Challenges

In the early 1990s, the expression “smart city” was coined to indicate a city that has been transformed to a modern urban landscape with the effect of globalisation, extensive usage of technology and innovation [9]. In the past few years, this con-cept has attracted significant attention in the context of urban development policies and from various governments interested in collecting more and more data about their population. In this setting, security agencies, law enforcement organisations, secret services and other relevant bodies will be able to monitor, collect and analyse data about the movement of people going to school, work, libraries, hospital and other community services, goods, traffic information, power plants activities, waste management, water supply networks, energy facilities in real time [10]. It is very important to recognise that infrastructure is a vital element for smart cities. Technol-ogy is one of the tools that make it possible but fundamental for the city to be truly smart, there should be a connection, combination and integration of all parts of the puzzle. For cities to gradually assume a critical role of leaders in innovation in sectors such as business, transportation, health in the digital economy, e-services enabled by Internet and broadband, network technologies are very important. Around the world, as cities continue to grow, more and more people are pursuing better lifestyle, challenges related to economic development, population growth and social progress seriously need to be considered carefully. In the reviewed literature, challenges have been identified and classified into six main city dimensions: Governance, Economy, Mobility, Environment, People and Living [11]. They represent the specific aspects of a city upon which smart initiatives impact to achieve the expected goals of a smart city strategy (sustainability, efficiency and high quality of life). Addressing the prob-lems and development priorities of cities in a global and innovation-led world is the most important challenge of smart cities. The section below shows a possible classification of challenges in European cities:

• Environment (Energy saving, shrinking cities, holistic approach to environmental and energy issues, urban ecosystems under pressure, climate change effects, urban sprawl).

• People (Unemployment, social cohesion, poverty, ageing population, diversity as source of innovation).

Mobility, as we know it today, must be carefully evaluated, considered and rein-vented. At this moment in our development, we are at a junction for a paradigm shift that will encourage the increased use of smart mobility services with ultra-efficient

The Future of Mobility with Connected and Autonomous Vehicles … 41

42 P. Seuwou et al.

economic opportunities for individuals, businesses or even countries. Autonomous vehicles equipped with communication facilities will have the ability to monitor and collect valuable data about their surroundings and provide important information to other road users and infrastructure systems. The IoT and IoE will make communica-tion between all pieces of the puzzle possible by enabling a whole range of service automation and optimization. As part of the solutions proposed in existing smart mobility literature, it appears that concepts such as car sharing may become very popular. It is expected that CAVs will be electric. Car sharing is a service that allows you to use a car reservation, picking it up and bringing it back to a parking lot and paying due to the use made. It allows reduction of urban congestion, reduction of polluting emissions (gas and noise), reduction in employment of public space and in general, a new push towards the use of public transport [18]. TESLA company with their new business model is one of the leading car manufacturers developing Electric Vehicles (EVs) equipped with powerful, high performing, reliable and cost-effective batteries. These initiatives are part of the movement to combat climate change. Eventually, new vehicles producers will innovate and promote green and sustainable mobility. As a strategy to gradually migrate from conventional vehicles running on gasoline or diesel, car manufacturers may develop hybrid vehicles at the beginning and progressively move to electric vehicles powered with batteries. This move will ultimately disrupt several sectors and have a huge impact on the oil industry. On one hand, authorities should put in place infrastructure and policies supporting sustainable mobility such as the creation of bicycle lanes or interventions aimed at changing mobility as the creation of restricted traffic zones. The expan-sion or creation of bicycle lanes is an intervention that is closely linked to the use of the bicycle as a mean of private transport and could have positive effects on the spread of bike sharing; on the other hand, a series of integrated policies that can be implemented to change the mobility system, in particular by the public decision maker (for example, incentives for the use of less polluting fuels, tax incentives or measures such as higher taxation on polluting fuels). One efficient way to achieve lower greenhouse gas emissions is by Intelligent Transport Systems and Services (ITS) that utilises information and communications technologies. ITS helps achieve transport policy goals by shifting the focus from expensive transport infrastructure construction towards efficiency and fluency of mobility and logistics while creating and enabling new business. It must be noted that the introduction of ITS technolo-gies will also significantly contribute to improved efficiency, safety, environmental impact and overall productivity of the transportation system.

While being driven by autonomous technologies, people will be able to read, watch movies, play games, sleep or work and be more productive. As part of the pro-cess to realise the truly sustainable smart city, vision technologies around the world should focus their energy in developing applications and devices with IoT capabili-ties. Enabling things and objects such as street cameras, traffic jam control systems, sensors for transportation times to be smarter. This will then give access to appli-cations’ developers access to these devices data through Application Programming Interface (API) technologies.

In most advanced European cities, transportation is regarded as one of the main activities for daily living. Most commuters spend on average an hour or more per day travelling [20]. London is a multicultural city and many people work in London but live outside the city mainly because of the high prices of accommodation. The city aims at providing various modes of transportation (e.g., buses, trains, boat, trams, metros, “rentable” bikes and flying car in the future) while considering the environ-mental effects given that 12% of global CO2 emissions are caused by transportation means [21]. In a sustainable global system, the three pillars of sustainable develop-ment are Environmental, Economic and Social [22]. According to a study of UK air quality [23], road pollution is more than twice as deadly as traffic accidents, while car pollution causes severe heath damage and risks in premature deaths [24]. On the other hand, one needs to take into consideration the emerging landscape: cities going digital by deploying various sensors and additional information is provided by individuals through their mobile devices. In this context, IoT as an underlying technology aims at creating smart environments/spaces for energy and mobility (as described by the European Research Cluster on the Internet of Things [25].

• Road safety: It is believed that 90% of all accidents are caused by driver error, therefore, by handing driving duties over to computers and technologies, it is believed that the number of crashes will significantly decrease. And where colli-sions do occur, their severity rate is expected to be reduced as CAVs will be able to react quicker than the average human driver, thus mitigating the severity of the collision.

• Safety of the most vulnerable road users: CAVs will be developed with advanced technology devices such as Lidar, sensors, camera and several processors able to predict vulnerable road users’ actions, therefore it will improve safety of the most vulnerable road users (children, disables, elderly people…)
• Ensuring the road network supports economic growth potential: By reducing congestion on the road network and improving journey time reliability, the road

• An accessible and integrated road network that provides equal opportunity for use: CAVs will open up the road network for equal opportunity use. This will increase mobility options and travel horizons for large sections of the population, resulting in increased economic, social and well-being opportunities.

• Freight optimisation: From connected platooning to automated and predictable last mile deliveries, CAVs will have a role to play in optimising and streamlin-ing logistic movements. This, in turn, will help to improve the ability to both schedule and meet reduced delivery times, helping improve customer loyalty and satisfaction.

Although CAVs offer considerable benefits, applications and opportunities in trans-portation, it is undeniable that their implementation will also present huge challenges to governments, car manufacturers and other related industries around who will have to face and work together to overcome the challenges. The speed and the nature of CAVs mass adoption are far from guaranteed. This will depend largely on how the technology is introduced to the market, their cost, the transportation laws and regulations put in place to preserve the safety and privacy of their users. The fol-lowing sections outline some of the barriers to CAVs implementation. CAVs and AVs technologies are being tested in several cities across the world, global agreed standards and regulations are required and for the UK government to express their full confidence on the technology, the following challenges must be addressed.

6.1 Consumer Acceptance

Reference [35] highlights that the cost of most autonomous car technologies appli-cations for military and civilians is about $100,000. This is almost inaccessible for most people in the UK. Today, the high-end automotive Lidar systems mounted on the roof of these cars is estimated to about $75,000. The hope is that with mass production and notions related to Moore’s Law may also apply here to allow the prices of this technology to come closer to the conventional vehicles’ prices. J.D. Power and Associates’ survey [36] found that 37% of persons would “definitely”or “probably” purchase a vehicle equipped with autonomous driving capabilities in their next vehicle. Nevertheless, costs remain high and is, therefore, a key implemen-tation challenge, due to the current unaffordability of even some of the more basic technologies.

6.3 Legislation Liability and Litigation

Autonomous cars raise several kinds of ethical issues

(a) Is it possible to configure and programme a CAV to react to every single imag-inable situation on the road? For example, not obeying traffic light signals or speed limits when driving someone in an emergency to the hospital (A&E) or dangerous driving in order to escape from a life-threatening circumstance.

The Future of Mobility with Connected and Autonomous Vehicles … 49

weapons including firearms to remote locations without being caught. It is clear that conventional cars are being used for some of the crimes listed above, but it is also obvious that with CAVs they will be achieved a lot more easily [29]. All countries face the same dilemma of how to fight cybercrime and how to effectively promote security to their citizens and organisations. Cybercrime, unlike traditional crime which is committed in one geographic location, is committed online and it is often not clearly linked to any geographic location [38]. Large scale cybersecurity attacks by hostile nations, disgruntled employees, terrorist organisations can be mounted on the whole city transportation system, disrupting traffic and creating collisions and all kind of accidents. For example, a computer virus could be designed to first infect virtually the entire UK CAV fleet as a dormant programme and later become active and create all kind of disaster on the road. Therefore, a coordinated global response to the problem of cybercrime is required. According to [39], the vice president of software security firmVínsula,currentcyberattacksaregenerallyactsofespionage;mostattackersgain unauthorised access to systems to gather information about their opponents rather than actual sabotage. Disrupting the vehicle electronic systems and sensors will require a more complex form of attack than the one used for data gathering which is generallyharder.Regardless,thethreatisreal,andasecuritybreachcouldhavelasting repercussions [40]. Therefore, CAVs manufacturers, transportationpolicymakers and governments around the world should set security measures to handle these types of concerns. As CAV become mainstream and adopted around the world, privacy concerns will raise several questions: Who should own or control the vehicle’s data? What types of data will be stored? With whom will these data sets be shared? In what ways will such data be made available? And, for what ends will they be used? In the UK, particularly in London, there are literally thousands of cameras watching us, some call London a “big brother state”. From the moment you leave your home to the moment you get to work or school, you have an average of 300 cameras recording your movements. Our smart phones are equipped with location services. The reality is that privacy is almost a myth and these concepts are more likely to be transferred to CAV application. Someone involved in a car crash may not want his vehicles data to be shared with third parties, particularly if the person is at fault. Law enforcement could also benefit from such data. Risks such as losing privacy and/or integrity in the public cloud may prevent many decision makers to authorise the implementation of digital services using cloud computing in a smart city [41]. In this situation, sharing traveller data may be balanced with privacy concerns.

7 Conclusion and Future Research

In this article, CAVs was explored as a potential solution to several issues faced by large cities around the world including excessive traffic jams, road accidents, CO2 emissions and public health deterioration. It is undeniable that transportation has a massive impact on social welfare, urban sustainability. It can influence the growth of digital economies in large cities and CAVs offer potentially transformative benefits that can alleviate some of these concerns and lead the way to a greater level of sus-tainability. Transportation has immense implications for social welfare, economic development, and environmental sustainability. Congestion, environmental degrada-tion, social inequity, and public health issues are problems that sustainable transport policies urgently need to resolve. Some of the challenges mainly related to secu-rity, privacy, cybersecurity, ethical, legal and infrastructure have also been explored. Amidst the growth of ICTs and the sharing economy, the protection of personal data and the security of communication networks are vital to ensure society capitalises on the gains from increased connectivity. This study serves to inform policymakers, scholars, and various stakeholders in the automotive industry of privacy and cyber-security challenges of CAVs for achieving smart and sustainable cities. There are several smart city projects all over the world. These projects must be multidimen-sional and integrate the different action fields of the city, interacting with human and social capital. Technological solutions must be understood as the tool to achieve the smart city goals and to tackle the challenges these cities will face. The main objec-tives of these Smart City projects must be to solve urban problems in an efficient way to improve the sustainability of the city and quality of life of its inhabitants. Furthermore, governments around the world should have strategies to deal with pri-vacy and cybersecurity concerns. Possible future research on Autonomous vehicles and connected autonomous vehicles could be to develop a model to measure people behavioural intention to use AVs and CAVs.

4. Lim, H.S.M., Taeihagh, A.: Autonomous vehicles for smart and sustainable cities: an in-depth

5.

52 P. Seuwou et al.

28.
29. and technology select committee (2017)

A Digital Twin Model for Enhancing Performance Measurement in Assembly Lines

Christos I. Papanagnou

C. I. Papanagnou (B)
Salford Business School, University of Salford, Manchester M5 4WT, UK e-mail:

© Springer Nature Switzerland AG 2020 53 M. Farsi et al. (eds.), Digital Twin Technologies and Smart Cities,
Internet of Things,

Production and manufacturing systems are characterized by a number of different performance measures including flexibility, resource and output measurement [5]. The goals of each of these three measures are different, and therefore, at least one individual goal type that corresponds with the organizations’ strategic goals from the three listed measures must be present in a supply chain performance measure-ment system. According to Simpson et al. [27], a flexibility level system reacts to uncertainty issues when performance measurement is carried out at each node of an extended enterprise. Firms should have key performance indicators in the areas of cost, time, innovation, quality and precision corresponding with the mission and strategy according to stakeholders’ perception.

Output measurements are often associated with throughput and average up-times. Thus, most of the manufacturers in order to increase the productivity tend to minimize the unavailability of the lines. As a result, reconfiguration of the manufacturing sys-tems occurs (erroneously) only when essential work has to be done although upgrades of the system are desirable to increase quality, increase throughput or reduce energy consumption. Assessing real-time manufacturing environment involves understand-ing the dynamics affecting the performance. In a manufacturing environment, a

In the last 5 years, technology and knowledge transfer within an industrial organiza-tion or between manufacturing plants have been reinforced by digital transformation and Internet of Things. The Fourth industrial revolution has started to reshape many organizations while digitalization has enabled companies to transform operational effectiveness, improve safety and increase production. However, as both complex-ity and uncertainty are always present in production lines, industrial organizations should make a further step beyond digitalization and consider a more granular virtual model approach to monitoring, diagnosing and correcting process flaws. This model approach constitutes a form of a digital twin.

Digital twins (DT) have been introduced initially as virtual clones to physical products, in order to improve geometry assurance in early product design phases or to observe and study certain aspects of the products without having to interfere or taking the product out of service [27, 31]. Tuegel et al. [29], propose a DT for predicting the life of aircraft structure and assuring its structural integrity while the system dynamics of a product were reinforced by DT for better interpretation of customers’ needs [29].

2 The Digital Twin Modelling Platform

Manufacturing systems require deeper analysis of various data from machine centres and processes. Although manufacturing companies take advantage of state-of-the-art modelling techniques and advanced systems, increasing complexity due to the large data arrival can be only addressed using appropriate distributed, interoperable, and high-performance ICT solutions. For that reason, DT technology, which is applied in dynamic manufacturing processes, should self-optimize, by capturing data from production and potentially, ambient data from various sensors, as well as data from operators and managers involved in the production process. The data feeds back into the DT, creating a closed loop that enables manufacturers to interface with an actual plant as if it was an Internet-based software.

Digital Twin Platform

Visualisation Analysis/KPI

The DT platform can manipulate large amounts of shop floor data accrued from the physical system. The proposed DT platform may work as an enabler to manipulate big data and optimize the physical system by automatic control based on scenario testing of different variables in real time towards optimization. It can run in par-allel with the manufacturing processes whilst constantly analysing, modelling and visualizing relevant data in real time. As a result, the DT platform may uncover and leverage data that is hidden or unappreciated so as to deliver information capable of transforming processes.

With the aid of big data analytics, the proposed DT platform provides also an integrated approach for advanced modelling, analysis, feedback and visualization techniques, which are helping manufacturing companies to eliminate waste and cre-ate value through the design and production of the products. Datasets are analysed against essential KPIs, while with the aid of a cloud this information is propagated to other departments and core activities of the company including marketing and finance. Thus, the DT platform depicted in Fig.1 constitutes an inextricable “busi-ness as usual” strategic business module that offers further opportunities including product development acceleration, design methods that minimize production costs and a plethora of products that can be bought at better prices from customers. More-over, DT platform harnesses consumer insights to reduce development costs through innovative approaches and customized products, which can mark the dawning of the Manufacturing as a Service innovation [9]. Things are already starting to move in that direction with companies such as Adidas with its innovative SpeedFactory facility, which produces semi-custom shoes and Nike, which just acquired computer vision firm Invertex [30].

The occurrence of machine breakdown is very common and uncertain in assem-bly production plants and repair times depend on the condition of the machine at each breakdown event. In this study, the overall time of machine breakdowns for all machine centres and for each 8h shift in a single day is calculated. As the deter-mination of the exact time of machine breakdown and the duration of the repairs is quite difficult, manufacturing companies fail in achieving an optimal plan of produc-tivity or even due to order deliveries of end products under the given time horizon by the client. There are different reasons for machine breakdown varying from poor maintenance, machine deterioration and overruns to weather conditions and operator mistakes. However, there is a limited number of studies on the breakdown events. For example, changeovers may last longer than the work schedule due to operators’own volition or because machines’ stoppage times can be elicited manually by oper-ators for no certain reasons. Some studies suggest that preventive maintenance may lessen the likelihood of machine breakdown [10], however, the emphasis is given more on the reduction of maintenance cost rather than on operational performance and breakdown events [15]. Thus, a DT platform with the aid of an automated data collection system and actuators may restore machines’ operation to the desired work levels.

A Digital Twin Model for Enhancing Performance Measurement … 59

Different raw shop floor annual data (365days) was gathered and aggregated. This data includes (a) the “flag” event data every time a breakdown arises accompanied by information of the date and the ID of the machine centre the breakdown occurred, and two timestamps signifying the start and end of the breakdown; (b) the temperature data from the machines centres, collected every second; and (c) the number and duration of jobs each machine performs in an hour. Due to the fact that all this information comes in raw format, validation helps to confirm the source of data in terms of origin and contain.

Curation of raw data from the shop floor is important in light of the fact that every company has its own methods of data collection. This data is extremely instrumental on the grounds that it helps in comprehending the company’s machines behaviour under certain ambient conditions. The accumulation of raw semi-structured data poses the challenge of complexity in terms of analytics given the huge amount of data generated by the shop floor. Thus, this step provides a sustained and consistent form of systematic data curation and error prevention, which can eliminate bias in analysis and misinterpretation of machines behaviour. Validation and curation stage was processed by means of a numerical computing environment and proprietary programming languages.

The production plant’s performance for each shift is measured by throughput rate (TR), which provides the number of finished products at a given time. In a traditional manufacturing, environment throughput is often subject to machines’breakdown times and production yield; which is expressed by the number of non-defective products divided with the total number of manufactured products [28]. By introducing a DT platform, data from compressing sensors measuring temperature changes in all machine centres is also considered to investigate whether temperature levels in addition to key shop floor data are associated with throughput rates. It should be also noted that data curation and validation of such data with the aid of visualization tools—provided a new set of variables, which constitute a “clean”format of manufacturing ambient data.

The aggregated breakdown times (BT) in seconds, production yield (PY) and average temperature values (TV) in◦C for all 56 machine centres in a single day are used as independent variables in a two-step hierarchical multiple regression model, in order to investigate their effect on the throughput rates. Two-tailed correlations among the variables adopted in the analysis are shown in Table1. In this study, Shift 1 is the night shift (22:00–06:00), Shift 2 the early shift (06:00–14:00) and Shift 3 is the late shift (14:00–22:00). It should be noted that almost all same types of shop floor data differ among the three shifts, with breakdown times between Shift 2 and Shift 3 the only exception. Also, the night shift has the lowest production yield, throughput rate and the longest breakdown times. This signifies that night shift has the worst performance, which may lead to long cycle times and an increase of control costs in factories [17].

62 C. I. Papanagnou

†significant at 0.01 level, ⋄significant at 0.05 level, ∗significant at 0.1 level

for the Shift 2 by utilizing the DT platform. In contrast, the results for Shift 3 show that production yield is not significant to the throughput rates. This means that production yield numbers derived for Shift 3 do not provide a clear picture of the production performance. However, Model A3 and Model B3 suggest that the breakdown have a negative impact on throughput rates (β = -0.002, p <0.01. The inclusion of a DT platform in our analysis resulted to a highly significant model (Model B3) with R2= 0.542, as more than 50% of the variation in throughput rates can be explained by breakdown times and temperature levels. The analyses reveal that the insertion of a DT platform has a statistically significant positive relationship with the performance of the production plant. Note that temperature levels variable has the largest and highly significant coefficient in all six models, indicating that it is the most important factor, statistically, that could affect the performance by the means of throughput rates.

As the vast majority of manufacturing companies rely on key performance indi-cators to assess the production performance versus operational costs and compliance (e.g., strict environmental laws and regulations) the interconnection of objects and processes via open virtual platforms becomes essential. The integration of computa-tion with physical processes is not new as cyber-physical, sociotechnical systems and symbiotic simulation offer a plethora of advantages, however, manufacturers should be also able to monitor the behaviour of the physical asset in real life and embed technology seamlessly into core business processes. Thus, as throughput rates relate also with ambient data derived from machinery, DT platforms can enhance machine-to-machine communication to save energy and prevent machines precocious dete-rioration, and thus, minimize breakdown times and occurrences. The evaluation of data and information provides also the benefit of improving human–machine interac-tion (e.g., by introducing new technologies that promote the use of immersive data), which cultivates personnel’ skills, performance and working conditions.

Managers from manufacturing companies should recognize that DT platforms are very important in order to simulate operations under different performances and predict key performance indicators with the actual behaviour of existing machinery. Visualization techniques can help also managers to understand whether a particular machine is reliable and switch from preventive maintenance to predictive mainte-nance. The findings of this study suggest that DT platforms give prominence to powerful simulation models that increase the accuracy and reliability of machines and controls within assembly production facilities. This is very important as the dependability on planned production sequence in assembly lines is very high [13].

This study derives results from an automotive assembly line without investigat-ing how the proposed DT platform may also reinforce machine-to-machine (M2M) communication by allowing cloud connectivity and integration resulting to speed-ing up manufacturing processes and optimal productivity. M2M technology helps to cope with the challenges of distributed devices and high data capacity by leveraging cloud infrastructures to enable assets spread across distributed manufacturing plants, which would be very helpful in complex assembly lines.

Last, the proposed DT platform should be tested in terms of supporting trans-mission status and exception information being processed on the fly by persistency engines and rendered on workstations through dedicated protocols. A further data analytics could reveal useful insights on how DT technology can provide state-of-the-art solutions for energy-efficient product life cycles and ECO usage for multi-modal visualization and interaction technologies. In addition, it should be investigated in the future how the proposed DT platform can facilitate better automation/self-assembly technologies for conventional workforce tasks (e.g., joining processes in a vehicle assembly line or mechanical fastening).

A Digital Twin Model for Enhancing Performance Measurement … 65

analysis throughout three different manufacturing shifts did not reveal initially safe deductions. Then, the results from the adoption of a DT platform and the inclusion of machines’ temperature levels indicated that digital twins’ technologies provide a better understanding on the relationships between shop floor data and production performance by the means of throughput levels.

Springer (2016)
7. Brenner,B.,Hummel,V.:Digitaltwinasenablerforaninnovativedigitalshopfloormanagement system in the esb logistics learning factory at reutlingen-university. Procedia Manuf. 9, 198–205 (2017)
8. Bunse, K., Vodicka, M., Schönsleben, P., Brülhart, M., Ernst, F.O.: Integrating energy efficiency performance in production management-gap analysis between industrial needs and scientific literature. J. Clean. Prod. 19(6–7), 667–679 (2011)
9. Coullon, H., Noyé, J.: Reconsidering the Relationship Between Cloud Computing and Cloud Manufacturing, pp. 217–228. Springer International Publishing, Cham (2018)
10. Daneshkhah, A., Hosseinian-Far, A., Chatrabgoun, O.: Sustainable Maintenance Strategy Under Uncertainty in the Lifetime Distribution of Deteriorating Assets, pp. 29–50. Springer International Publishing, Cham (2017)
11. Ding, S.H., Kamaruddin, S.: Maintenance policy optimization–literature review and directions.

Int. J. Adv. Manuf. Technol. 76(5), 1263–1283 (2014)
12. Fujimoto, R., Lunceford, D., Page, E., Uhrmacher, A.M.: Grand challenges for modeling and simulation. Schloss Dagstuhl (350) (2002)
13. Golinska, P., Pawlewski, P., Fertsch, M.: Monitoring the operations management performance in automotive industry. In: Automation Congress, 2006. WAC’06. World, pp. 1–6. IEEE (2006) 14. Humphrey, J.: Globalization and supply chain networks: the auto industry in brazil and india.

Strateg. Manag. J. 35(4), 617–627 (2014)
25. Sanchez, A.M., Perez, M.P.: Supply chain flexibility and firm performance: a conceptual model andempiricalstudyintheautomotiveindustry.Int.J.Oper.Prod.Manag.25(7),681–700(2005) 26. Simpson, D., Power, D., Samson, D.: Greening the automotive supply chain: a relationship perspective. Int. J. Oper. Prod. Manag. 27(1), 28–48 (2007)
27. Tao, F., Cheng, J., Qi, Q., Zhang, M., Zhang, H., Sui, F.: Digital twin-driven product design, manufacturing and service with big data. Int. J. Adv. Manuf. Technol. 94(9–12), 3563–3576 (2018)
28. Trzcielinski, S., Karwowski, W.: Advances in the ergonomics in manufacturing: managing the enterprise of the future. In: AHFE Conference (2014)
29. Tuegel, E.J., Ingraffea, A.R., Eason, T.G., Spottswood, S.M.: Reengineering aircraft structural life prediction using a digital twin. Int. J. Aerosp. Eng. 2011 (2011)
30. Wang, L., Wang, X.V.: Latest Advancement in Cloud Technologies, pp. 3–31. Springer Inter- national Publishing, Cham (2018)
31. Wärmefjord, K., Söderberg, R., Lindkvist, L., Lindau, B., Carlson, J.S.: Inspection data to support a digital twin for geometry assurance. In: ASME 2017 International Mechanical Engi- neering Congress and Exposition, pp. V002T02A101–V002T02A101. American Society of Mechanical Engineers (2017)
32. Wen, K., Lin, Z.: The strategic evolution of foreign R&D investment in china. In: Proceedings of 2005 IEEE International Engineering Management Conference, 2005, vol. 1, pp. 119–123 (2005)
33. Yun, S., Park, J.H., Kim, W.T.: Data-centric middleware based digital twin platform for depend- able cyber-physical systems. In: Ubiquitous and Future Networks (ICUFN), 2017 Ninth Inter- national Conference on, pp. 922–926. IEEE (2017)

1 Introduction

A lack of information and understanding of transportation has a major role in smart cities. Improving such information is important for information sharing in sustainable value chain network (SVCN) of transportation in the smart cities. The phenomenon of information sharing is one of the key subjects to be enabled by effective informa-tion and communications technology (ICT) such as Internet of things (IoT) [1–3]. Optimizing the transportation activities with innovative ICT is considering smart solutions to support freight flow in urban areas due to the complexity of the processes taking place in transport systems and often conflicting expectations of stakeholders [4].

great variety of information but also thousands of other systems using data to make intelligent transport-related decisions [7]. IoT technologies guarantee economic ben-efits as chain actors will be able to share valuable information and make decisions that are more reasonable. This is to reduce transportation time and transportation expenditures and the impact of transportation on the society and environment [8].

With visions from a multidisciplinary perspective, the IoT has become the com-mon paradigm of modern ICT area by enabling innovative applications in nearly all sectors of the economy [8]. However, relatively little attention has been paid to the information sharing between actors enabled by IoT for smart transportation along the SVCN [3, 7]. Thus, this research aims to explore the high-order themes to infor-mation sharing in SVCN with a focus on the applications of IoT as a key enabling ICT innovative technology from the perception of the expert community.

2 Theoretical Background

SVCN has been affected by the digital revolution where the actor’s strategy is sur-rounded by this digital era that created a hub where everything will be connected to everything via the internet [8, 9]. SVCN is considered as the theoretical base of the information sharing phenomenon. SVCN should present a framework to researchers for solving information issues such as sharing, visibility, environment, sources, tech-nology, and types [5, 8, 10]. The SVCN is an approach where delivery and trans-portation businesses are integrated with the growth of e-commerce in the EU. Hence, a roadmap for completing the market for transportation has identified the need for increased transparency and information to all chain network actors as a key objective for improving delivery operations and boosting e-commerce. European Commission Information Society [10] and Pang et al. [11] have identified that the revolution of

Researchers argue that the SVCN concept allows the focus on moving from a transaction to a relational perspective that considers the environment around actors orfirmsorobjects[4].Thisconceptisagreatinterestinapplyingtheperspectiveofthe network to analyze information sharing within a value chain of smart transportation for freight flow in cities [3, 7]. Thus, when analyzing the association between IoT applications and information sharing, a lens should be highlighted on the cone-shaped concept map of the business network information ecological chain (BNIEC) illustrated by [13].

In SVCN, the first stage of value added is to create benefits and minimize chal-lenges for the actors involving in smart transportation for freight flow [10, 11]. This focuses on various issues associated with information problems, improves informa-tion value, and enhances performance for all actors [13]. This adds value for type 1 of stakeholders such as citizens, drivers, public transportation managers, and local city administration [17].

In fact, there are a great number of initiatives which are very close as for their objectives and tasks but they do not have a common basis like standards, conceptions, and strategies [5]. Reviewing the milestones have been reached in Europe, for exam-ple, the first research programmes for cooperative smart transportation date back to the 1980s; the European project PROMETHEUS (1987–1994) by using inter-vehicle communication in the 57 GHz frequency band [6]. By 2000, a new technology was initiated worldwide, triggered by the availability of GPS, embedded systems, and Wi-Fi. In Europe, more than 40 different projects on cooperative smart transporta-tion have been initiated since 2000 [5, 6]: initial feasibility studies (i.e., FleetNet and NoW), technology state and standardization (i.e., SAFESPOT, GeoNet, SEVECOM, CoVeL, and COMeSafety), field operation tests on safety and traffic efficiency (i.e., DRIVE C2X, SIM-TD, SCORE@F, etc.), and cooperative automated driving (i.e., AutoNet2030 project). Actually, by means of information sharing among vehicles, as well as between vehicles and the roadside infrastructure, vehicles transform from

Information Sharing in Sustainable Value Chain Network (SVCN) … 71

Each SVCN is formed of a set of stakeholders: type 1 of citizens, drivers, pub-lic transportation managers and local city administration; type 2 of data experts, database designers, transportation experts, traffic experts, logistic experts, commu-nication engineers, network engineers, system designers and sustainability experts; type 3 of data source providers, local services, data management and communication

72 L. Jraisat

Source The author’s own work

Information Sharing in Sustainable Value Chain Network (SVCN) … 73

This analysis resulted in 14 first-order themes for IoT applications, which were then coded as 5 second-order themes that turned into 4 aggregate dimensions. These aggregate dimensions are associated with one overarching theme, information shar-ing for SVCN, in order to establish the theoretical association for the current study.

Researchers have proposed key findings to carry out development in SVCN for smart transportation in cities [4, 5, 8]. However, a wider body of knowledge about SVCN associated with IoT is needed to overcome overlapping concepts in order to generate consistent findings [5, 6, 13]. Thus, the intention of the current research is to contribute to the body of knowledge by providing a new conceptual framework for information sharing in SVCN attached to IoT as an innovative technology in smart transportation. The framework in Fig. 1 illustrates key themes effectively linked to information sharing in SVCN and thus, in order to improve value chain performance in practice. Amongst these, information sharing has become the central theme, which is formed by themes of IoT applications as antecedences for information sharing.

The present research provides brief explanations for each part of the proposed frame-work. First, the IoT application [13]. IoT as an innovative technology is proposed from the application used by various projects in smart transportation in the five cities undertaken in this study. The key findings highlight the importance of the four stages of IoT application to create information sharing in SVCN. The experts indicated that nine themes, namely identify information problems, enhance performance, identify information, information technology, transportation analytic, transportation control, transportation system, increasing more benefits, and decreasing existing challenges, are the highest important concepts and activities that should be included in IoT applications. The experts also indicated that five themes, namely improve informa-tion value, information subjects, information environment, vehicle connectivity, and data hub are the lowest important activities that can be included in IoT applications. The proposed framework indicates a set of recommendations for policymakers and projects’ management.

In total, 14 themes linked to the four stages of IoT applications have an impact on creating information sharing in SVCN for smart transportation in cities. This, in turn, can bring improved value chain performance with a focus on sustainability aspects of economic, social, and environmental issues. The experts in all cases have illustrated the importance of these sustainability issues that have the potential to improve an efficient and effective transportation system for smart cities.

This research responds to calls for a holistic perspective on an understanding of how information sharing contributes towards improving SVCN through focusing on innovative technology [7, 23]. A holistic perspective is a need for increased transparency and shared information for all actors as a key objective in SVCN for improving smart transportation operations by IoT.

With multiple visions from different viewpoints, the IoT has become the common paradigm of modern ICT area [24]. It offers immense potential to consumers, compa-nies, and public sectors by enabling innovative applications. This focus is attracting increasing attention from both policymakers and academics where prior research has suggested that this focus exhibits many unclear characteristics [25, 26]. There is a lack of how IoT applications can improve businesses in a sustainable way. Thus, this research aims to explore the high-order themes to information sharing in SVCN with a focus on the applications of IoT in transportation operations as a key enabling ICT technology from the perspective of the expert community along the value chain. In this research, a conceptual framework for information sharing in SVCN associated with IoT for transportation operations is then proposed.

28(8), 1055–1085 (2017)

Information Sharing in Sustainable Value Chain Network (SVCN) … 77

Adv. Manuf. Technol. 83(5–8), 689–710 (2016)
17. European Commission, ‘Intelligent Transport Systems in action’ (2011)
18. Małecki, K., Stanisław, I., Kijewska, K.: Influence of intelligent transportation systems on reduction of the environmental negative impact of urban freight transport based on Szczecin example. Procedia Soc. Behav. Sci. 151, 215–229 (2014)
19. Eisenhardt, K.M.: Building theories from case study research. Acad. Manag. Rev. 14(4), 532 (1989)
20. Miles, M.B., Huberman, A.M., Saldaña, J.: Qualitative data analysis: a methods sourcebook.

Arizona State University, USA (1994)
21. Caragliu, A., Del Bo, C., Nijkamp, P.: Smart Cities in Europe. J. Urban Technol. 18(2), 65–82 (2011)
22. Pilbeam,C.,Alvarez,G.,Wilson,H.:Thegovernanceofsupplynetworks:asystematicliterature review. Supply Chain Manag. An Int. J. 17(4), 358–376 (2012)
23. Taniguchi, E., Thompson, R.G., Yamada, T.: Emerging techniques for enhancing the practical application of city logistics models. Procedia Soc. Behav. Sci. 39, 3–18 (2012)
24. Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Networks 54(15), 2787–2805 (2010)
25. Porter, M.E., Millar, V.E.: How information gives you competitive advantage harvard business review. Harv. Bus. Rev. 63(4), 149–160 (1985)
26. Browne, M., Gomez, M.: The impact on urban distribution operations of upstream supply chain constraints. Int. J. Phys. Distrib. Logist. Manag. 41(9), 896–912 (2011)

Keywords Digital twin · Medical Cyber-Physical system · Internet of things ·Wireless body area networks · Biohacking · Personal health information · MCPS ·WBAN · VM · Hypervisor

1 Introduction

© Springer Nature Switzerland AG 2020 79 M. Farsi et al. (eds.), Digital Twin Technologies and Smart Cities,
Internet of Things,

80 J. I. Jimenez et al.

2.1 Medical Cyber-Physical Systems

MCPSs can be defined as intelligent systems related to medical devices [1] regardless of where they are being used (within hospitals, clinics or via wearable devices (see Sect. 3 regarding WBAN)). MCPSs are interconnected in the cyberspace using dif-ferent networking protocols, frameworks and standards and are being considered in some countries such as Australia and UK as part of their Critical National Infrastruc-ture (CNI). In addition, they are processed and manipulated via embedded software applications and monitored by caregivers. CPSs, which have been implemented in

The values measured by sensors are triggered to transmit data in the following scenarios: (1) Within hospitals, communications can be triggered through Wireless Sensor Networks (WSN). (2) Using wearable devices, sensors send relevant informa-tion to applications installed in mobile devices through other wireless technologies (i.e., Bluetooth, ZigBee and radio frequency). Both cases offer a real-time moni-toring while doctors can immediately evaluate any threats that can compromise a patient’s health status [2]. The information can be available at Electronic Health Records (EHR) by accessing any administrative entity such as hospitals or clinics, pharmaceutical stores or private entities. These data are generally allocated in cloud computing systems and thanks to this technology, patients have faster access and better access rights to their health information compared to caregivers. One curi-ous feature of MCPSs is the implementation of decision support devices formed by electronic and instrumented circuits which can trigger an alarm when an abnormal behaviour is observed with the patient health status. The support layer allows care-givers to make decisions in order to enhance the patient status [1]. In this architecture, the devices can be divided into two categories: monitoring devices used as sensors and delivery devices such as actuators which get modified according to the caregiver decisions (please see Fig. 1).

In addition, the research from Kocabas et al. [3] provides a general MCPS archi-tecture divided into four layers, which are illustrated in Fig. 2.

Considered normally a Wireless Body Area Network (WBAN) using wireless pro-tocols [4] in order to acquire interaction with the Internet using technologies such as ZigBee, WSNs, Bluetooth, Wireless Local Area Networks (WLAN), Wireless Per-sonal Area Networks (WPAN), video surveillance systems and mobile networks [2, 4]. In the healthcare context, a WBAN uses biomedical sensors placed in different parts of the body and can be either wearable or implanted under the skin [5], allowing a real-time monitoring of the patient’s health status such as blood pressure or body temperature, for instance.

2.1.2 Layer 2—Data Preprocessing

2.1.4 Layer 4—Action

The two main objectives of this layer are to provide either ‘active’ or ‘passive’ actions. In the active action, an actuator is used to elaborate changes within the MCPS. For instance, a doctor sends an order to elevate the dose of medicine in the serum or the usage of robotic arms for surgery assistance [13]. Meanwhile, the passive action provides the opportunity of a better visualisation of the current state of the patient, allowing caregivers decision support.

3 Impact of WBAN in Health Care

WBANs provide an extensive range of monitoring applications for different contexts such as health care, military, sports and video gaming, among others [18]. The health-

3.2 Body Temperature

Body temperature is one of the most common physiological features measured through human activity monitoring [20]. It allows caregivers to detect medical stress that may lead to diverse health conditions based on the variation of corporal tem-perature. Such conditions include stroke, heart attacks and shock. Measuring body temperature is valuable to deter the physiological condition of a patient as well as for other care such as activity pattern monitoring [21, 22] and corporal heat harvesting [23].

3.4 Stress Monitoring

Stress leads to numerous diseases. It can lead to negative psychological illnesses such as anxiety, decreased patient satisfaction and depression [26]. Accelerated lifestyles in industrialised countries such as United States and Great Britain have increased stress levels among the population leading to negative consequences such as alco-holism and addictive smoking [27]. WBANs provide real-time monitoring of stress levels in individuals supporting physicians for appropriate treatments [28]. Modern smartphones can provide this service and the same platform can authenticate the users’ fingerprints for privacy and security purposes.

Software deployment is playing an increasingly important role when developing new MCPSs. Actually, the functionality of modern devices are software based and com-paring with some years ago, when some functions were traditionally implemented in hardware have been replaced by software solutions. Thus, the higher demand for developing software offers confidentiality, integrity, reliability and ease of use to deploy safe and effective MCPSs and digital twins in the future. It is required to balance effectiveness in software engineering along with secure coding to avoid disruptions in healthcare organisations due to time consumption given by software patching.

These technologies provide interoperability capabilities, allowing to connect and transfer information through multiple platforms, acquiring functionalities that pre-viously were never possible to appreciate; however, they also open new concerns

Health Care in the Cyberspace: Medical Cyber-Physical System … 87

Recent years have been a great issue for medical devices in terms of security addressed to several devices such as wearable, implantable [36, 38] or interoperable devices [37]. Nonetheless, in most of the cases, the focus is addressed to specific features of MCPS security like encrypted communication and effective access con-trols. In addition, the main challenge of deploying secure MCPS involves flexible and open solutions while mitigating the following issues: (1) heterogeneity of sys-tems, (2) improving usability (even transparency) of security solutions developed and (3) considering safety implications of security solutions and decisions including the mitigation of human error and insider threats.

4.4 Challenges in Involved Systems

External cloud communications are similar to any other communications over the Internet (i.e., traditional data centres). Therefore, the challenges faced by the cloud are the same as conventional IT solutions [41], including denial of service, Man-In-The-Middle (MITM), eavesdropping, IP-spoofing and masquerading attacks [42, 43]. Traditionally, these challenges are solved as the common ones such as imple-mentation of Secure Socket Layer (SSL), IPSec, cryptographic algorithms, intrusion detection and prevention systems and digital certificates [42, 44].

Users and system administrators must be aware that cloud computing systems result in the sharing of computational, storage and network infrastructure resources [45], leading it to third-party risks. Shared network components allow attackers the possibility to perform horizontal privilege escalation techniques and the exploitation of other systems prior to the main target [46]. Commonly, users on cloud environ-ments are granted with superuser privileges for the main purpose of managing their Virtual Machines (VMs) [47], and therefore attackers are motivated to acquire essen-tial components from the system like IP and MAC addresses and perform malicious actions such as sniffing and spoofing over the real network.

of scalability because of its high acquisition, along with the required compatibility with known network protocols. Medical devices are connected through several wire-less protocols such as Zigbee, WiFi, GSM, WiMax, 6LowPAN, 3G/4G and soon 5G networks. The requirement of having a cross-platform system allowing IoT devices communicate with IP networks and making it part of known systems is a challenge as well, and another important aspect is the capability of producing tamper-resistant packets [54]. In-transit and stored health information can be eavesdropped or manip-ulated by an attacker. Some attacks include DoS attacks causing interruption, data breaches affecting the patient’s privacy, data tampering and modifying the behaviour of sensing and delivering devices [55, 56].

5 Conclusion and Further Research

3. Kocabas, O., Soyata, T., Aktas, M.K.: Emerging security mechanisms for medical cyber phys- ical systems. IEEE/ACM Trans. Comput. Biol. Bioinform. 13(3), 401–416 (2016)
4. Cavallari, R., Martelli, F., Rosini, R., Buratti, C., Verdone, R.: A survey on wireless body area networks: technologies and design challenges. IEEE Commun. Surv. Tutor. 16(3), 1635–1657 (2014)
5. Anwar, M., Abdullah, A.H., Qureshi, K.N., Majid, A.H.: Wireless body area networks for healthcare applications: an overview. Telkomnika 15(3), 1088–1095 (2017)
6. Babu, S., Chandini, M., Lavanya, P., Ganapathy, K., Vaidehi, V.: Cloud-enabled remote health monitoring system. In: 2013 International Conference on Recent Trends in Information Tech- nology (ICRTIT), pp. 702–707. IEEE (2013)
7. Soyata, T., Muraleedharan, R., Funai, C., Kwon, M., Heinzelman, W.: Cloud-vision: real- time face recognition using a mobile-cloudlet-cloud acceleration architecture. In: 2012 IEEE Symposium on Computers and Communications (ISCC), pp. 000059–000066. IEEE (2012) 8. Powers, N., Alling, A., Osolinsky, K., Soyata, T., Zhu, M., Wang, H., Ba, H., Heinzelman, W., Shi, J., Kwon, M.: The cloudlet accelerator: bringing mobile-cloud face recognition into real-time. In: 2015 IEEE Globecom Workshops (GC Wkshps), pp. 1–7. IEEE (2015) 9. Mao, Y., Chen, Y., Hackmann, G., Chen, M., Lu, C., Kollef, M., Bailey, T.C.: Medical data min- ing for early deterioration warning in general hospital wards. In: 2011 IEEE 11th International Conference on Data Mining Workshops (ICDMW), pp. 1042–1049. IEEE (2011)
10. Kocaba¸s, Ö., Soyata, T.: Medical data analytics in the cloud using homomorphic encryption.

In: Handbook of Research on Cloud Infrastructures for Big Data Analytics, pp. 471–488. IGI Global (2014)
11. Nalinipriya, G., Kumar, R.A.: Extensive medical data storage with prominent symmetric algo- rithms on cloud-a protected framework. In: 2013 IEEE International Conference on Smart Structures and Systems (ICSSS), pp. 171–177. IEEE (2013)
12. Hani, A.F.M., Paputungan, I.V., Hassan, M.F., Asirvadam, V.S., Daharus, M.: Development of private cloud storage for medical image research data. In: 2014 International Conference on Computer and Information Sciences (ICCOINS), pp. 1–6. IEEE (2014)
13. Barbash, G.I., Glied, S.A.: New technology and health care costs—the case of robot-assisted surgery. N. Engl. J. Med. 363(8), 701–704 (2010)
14. Brenner, B., Hummel, V.: Digital twin as enabler for an innovative digital shopfloor manage- ment system in the ESB logistics learning factory at Reutlingen-university. Procedia Manuf.

Health Care in the Cyberspace: Medical Cyber-Physical System … 91

24. W H Organization. Global report on diabetes (2016)
25. Schwiebert, L., Gupta, S.K., Weinmann, J.: Research challenges in wireless networks of biomedical sensors. In: Proceedings of the 7th Annual International Conference on Mobile Computing and Networking, pp. 151–165. ACM (2001)
26. Regehr, C., Glancy, D., Pitts, A., LeBlanc, V.R.: Interventions to reduce the consequences of stress in physicians: a review and meta-analysis. J. Nerv. Ment. Dis. 202(5), 353–359 (2014) 27. Cassel, J.: Physical illness in response to stress. In: Social Stress, pp. 189–209. Routledge (2017)
28. Milenkovi´c, A., Otto, C., Jovanov, E.: Wireless sensor networks for personal health monitoring: issues and an implementation. Comput. Commun. 29(13–14), 2521–2533 (2006)
29. Hadjidj, A., Souil, M., Bouabdallah, A., Challal, Y., Owen, H.: Wireless sensor networks for rehabilitation applications: challenges and opportunities. J. Netw. Comput. Appl. 36(1), 1–15 (2013)
30. Zhou, H., Hu, H.: Human motion tracking for rehabilitation—A survey. Biomed. Signal Pro- cess. Control 3(1), 1–18 (2008)
31. High Confidence Software and Systems Coordinating Group, B High-confidence medical devices: Cyber-physical systems for 21st century health care. A research and development needs report, NCO/NITRD (2009)
32. Goodman, C.: Food and Drug Administration Center for Devices and Radiological Health (1988)
33. Alexander, K., Clarkson, P.J.: Good design practice for medical devices and equipment, Part II: design for validation. J. Med. Eng. Technol. 24(2), 53–62 (2000)
34. Ackerman, M.J., Filart, R., Burgess, L.P., Lee, I., Poropatich, R.K.: Developing next-generation telehealth tools and technologies: patients, systems, and data perspectives. Telemed. e-Health 16(1), 93–95 (2010)
35. Halperin, D., Heydt-Benjamin, T.S., Fu, K., Kohno, T., Maisel, W.H.: Security and privacy for implantable medical devices. IEEE Pervasive Comput. 1, 30–39 (2008)
36. Arney, D., Venkatasubramanian, K.K., Sokolsky, O., Lee, I.: Biomedical devices and systems security. In: 2011 Annual International Conference of the Engineering in Medicine and Biology Society, EMBC, pp. 2376–2379. IEEE (2011)
37. Venkatasubramanian, K.K., Gupta, S.K.S., Jetley, R.P., Jones, P.L.: Interoperable medical devices. IEEE Pulse 1(2), 16–27 (2010)
38. Denning, T., Fu, K., Kohno, T.: Absence makes the heart grow fonder: new directions for implantable medical device security. In: HotSec (2008)
39. Kifayat, K., Merabti, M., Younis, Y.A.: Secure Cloud Computing for Critical Infrastructure: A Survey (2012)
40. Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)
41. Ficco, M., Rak, M.: Stealthy denial of service strategy in cloud computing. IEEE Trans. Cloud Comput. 3(1), 80–94 (2015)
42. Sankar, K., Kannan, S., Jennifer, P.: On-demand security architecture for cloud computing.

92 J. I. Jimenez et al.

49. Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Näslund, M., Pourzandi, M.: A quantitative analysis of current security concerns and solutions for cloud computing. J.

Aniruddha Bhattacharjya, Xiaofeng Zhong, Jing Wang and Xing Li

Abstract To explore IoT’s hidden prospective and to address many global com-plications, the International Telecommunication Union (ITU) is working. They are making the IoT standardized for several years in the Telecommunication Standard-ization Sector (ITU-T). ITU-T Study Group 20 was formed in recent times, to further endorse coordinated advancement of global IoT technologies, services, and applica-tions. Some of the important IoT projects, their security pitfalls and their applications domains are discussed here. We need some secure architecture. Case by case, we need multi-layer architectures for secure IoT, such as in the smart city environs; we have numerous protocols, access technologies, functions and several types of nodes. Uni-versally, future focuses in the security issues of the Internet of Things would typically quintessence on the following features, related laws for the security of the Internet of Things, the open security system, terminal security function, individual privacy protection mode, etc. We have developed a Secure Hybrid RSA (SHRSA) messaging system for End to End encrypted messaging, with solutions to many bottlenecks of RSA and Instant messaging schemes. Our scheme has much more decryption effi-ciency. Presently we have used our Secure Hybrid RSA (SHRSA) cipher for secure and efficient messaging scheme. We have found in real-time testing results analysis that, our scheme is much more authentic, efficient and secure system. So as a cipher Secure Hybrid RSA (SHRSA) cipher can be used in present IoT communications and in near future in Future Internet of everything (IoE) communications.

X. Li
e-mail:

© Springer Nature Switzerland AG 2020 95 M. Farsi et al. (eds.), Digital Twin Technologies and Smart Cities,
Internet of Things,

In this chapter, Sect. 1’s subsections have highlighted some of the significant important projects, which have some security pitfalls and some have good security (Sect. 1.1). Then another subsection of Sect. 1 has highlighted very important IoT projects around the world with some sort of structural analysis. The Sect. 2 has highlighted different practical implementations [31–46] domains of IoT projects nowadays. Section 3’s subsections have highlighted two things-

1. Securities of existing IoT projects.
2. Privacy and trust ‘techniques in IoT.

1.1.1 European Union Projects

The European Union is working on a project called as Butler (European Union FP7 project) [21]. This project facilitates the expansion of secure and smart life assistant applications, along with the security and privacy necessities. Also this work has developed a mobile framework. The smart applications which are targeted, are like smart-home/smart office, smart-mobility/smart transport, smart-health, smart-shopping, and smart-cities.

1.1.2 DARPA and NSF Projects

Now very well-known Defense Advanced Research Projects Agency (DARPA) project is HACMS [27]. It stands for High Assurance Cyber Military Systems. This project actually has tried to have patch of the security vulnerabilities of IoT. This project takes account of drones, medical equipment, and military vehicles. HACMS [27] provides the seeds for future security protocols, achieves sufficient standardiza-tion and security.

The EU, China and Korea are working together in a project called FIRE [29, 30]. It stands for Future Internet Research and Experimentation. The FIRE [29, 30] works for discovering resolutions, for the setting out of IoT technologies in numerous application areas, like medical and health service, urban management, social secu-rity, people livelihood, public safety. They are also trying to give proper focus on intellectual property right, privacy and information security.

Another EU and Japan collaborative project is EU Japan ICT Cooperation project [22]. They have already made the common global standards, to make sure, about seamless communications and shared ways to accumulate and have right to use the information. They are also trying to confirm the of highest security and energy efficiency standards.

Some of the well-known existing research projects are: Internet of Things at Work (IoT@Work) [11], Building the environment for the Things as a Service (BeTaaS) [23], Open source cloud solution for the Internet of Things (OpenIoT) and Internet of Things Architecture (IoT-A) [11]. These are some important case studies also [7, 11–19, 21–30]. Let’s discuss one by one.

1.2.1 IoT-A

The advantages of this kind of generation scheme for IoT architectures [1–30], are like it gives the automatism of this process, and as a result saving the R&D efforts. The created architecture will offer intrinsic interoperability of the resulting IoT systems. Another aspect is that, if we are using the above system-generation tools, totally modelled on the IoT-A ARM, then we have one outcome. Outcome fact is that, any variances in the derived architectures can be attributed to the discrimination of the

100 A. Bhattacharjya et al.

In our daily life, we have a requirement for a detailed architecture process that recognizes single tasks inside the development process. This gives the actual insight in the dependencies of the mentioned tasks, and that offers a dynamic model of the development process step by step. The Architecture Reference Model (ARM) devel-opment process comprises of one key process that is the ARM derivation. There

Practices

Business

are two actions models, inside the ARM derivation, the domain modelling and the functional modelling. The domain modelling is responsible for forming the IoT Ref-erence Model. The functional modelling is the key provider to the IoT Reference Architecture. This procedure accepts input from the requisite-collection procedure, which in sequence obtains input from external stakeholders and the state-of-the-art surveys executed for the period of the initial stages of IoT-A. In order to improve the impact of the architectural reference model in a best way, we have to recognize the circumstances, where IoT technologies have an exact importance. Here we already considered that, these scenarios regularly share the same users, stakeholders, sensors, and applications. In fact, the IoT Reference Model gives us the super vision, for the explanation of the IoT Reference Architecture as shown in Fig. 1.

Now let’s consider some of the scenarios.

The privacy issue is managed by Pseudonymisation (PN). It uses the pseudonymization for services, users, and devices. Pseudonyms substitute real identities, which are obtained from KEM, but still retain pairing of identities and pseudonyms to guarantee accountability. Pseudonyms can additionally deliver unlinkability, given a new pseudonym for each and every action is used. But the Pseudonymisation (PN) does not deal with complete anonymity and data privacy. However, AuthZ offers some way to have the right to use the granularity that may resolve data privacy to a definite level.

The module Trust & Reputation (TRA) manages the trust obligation for entity and device trust. In specific, the module describes the gathering of the user reputation for doing the calculation of the service trust. IoT-A (Internet of Things Architecture) defines the fault handling model, or functional group correspondingly. Necessities and measures of this model comprises repairing the system, spotting existing fail-ures, decrease of effects of failures and forecasting possible failures. Therefore, the first method deals with avoidance, while the latter three deal with a life-cycle for mitigation.

If we think about Network Security, the Key Management component work with that by associating entities, by executing authentication, managing user sessions, and offers encrypted communication. Meanwhile the BeTaaS [7] instances comprise of various gateways. The BeTaaS makes use of the public key infrastructure (PKI) along with a Certificate Authority (CA) to accomplish keys and guarantee integrity, authen-ticity and confidentiality through the secure communication channels. BeTaaS also can work with circumstances, where several involved organizations, e.g., external entities that are not administered by the internal CA. This kind of cross-organization key management is managed by the BeTaaS directory service. Moreover, BeTaaS deals with resourced constrained devices by making use of the computationally more efficient cryptographic schemes for instance Elliptic Curve Cryptography (ECC).

For Identity Management, BeTaaS [7] offers authentication by making use of a dedicated architectural component. For this purpose, the dedicated architectural component separates two circumstances: gateway level authentication and service level authentication. In case of the gateway level authentication, the gateway joins a BeTaaS instance, and in case of application or service level authentication, a user uses an application. In case of the first circumstances, the authentication module makes use of the key management, while for the latter case; OAuth can be taken into consideration for authentication and authorization. Authorization is protected by a dedicated component as well. But one disadvantage is that the accountability obligation still unclear.

OpenIoT [23] depends on the HTTP along with the TLS protocol, for ensuring secure and encrypted messaging. OpenIoT uses a centralized security and privacy module for identity management, which offers authentication and authorization with the help of OAuth. Here for managing the authorization, the role-based access control (RBAC) model is being used. One point to make clear is that, the trust module is an independent module in OpenIoT. The trust module works for the provisions of trust for both, data and device. To attain the device trust, spatial correlation of sensors is used by the OpenIoT. One of the examples can be, close sensors in alike environs always must yield alike sensor readings. At the time when the device trust is established, data records can be marked up with the trust labels.

1.2.4 IoT@Work

The IoT@Work architecture has been advanced through an agile process, as depicted in the Fig. 2, which can be considered as the model-driven architecture development method.

The initial point for the architecture design is nothing but with making use of scenario-driven requirements. These scenarios used to form the system model. This system model presents that how the Internet of Things is anticipated to affect the factory and automation systems precisely in a generic way. These necessities are also nothing but displays of the specificities and constraints of current systems. Here along with that top-down architecture design methodology, an early technology testing activity has also been started for the purpose of the deeper considerations of the available methods and techniques and the higher-level abstractions, these can upkeep. The technology testing activity is a bottom-up design methodology. This methodology permits testing the present technologies with regards of satisfaction of IoT@Work architecture [23] necessities or of outlining the desirable extensions.

application requirements. Another function group works for handling application layer actions created by things and it’s as per the logic of the application.

The architecture which is the outcomes from this is comprises of numerous func-tions, which are applied by numerous constituents. Here the cross-cutting issues are organized into planes and they are orthogonal to the layers. The layers are well-defined as abstractions and function groups. Hence, it is well understood that, these layers are responsible for overall management for handling the IoT infrastructure from the lowermost layer to the top most layer where, IoT applications run. Further-more, another focusing point is that, among these two, the function groups comprise management and orchestration functions. These functions work for the formation and also works for application’s constant running, on uppermost part of the resources and services existing in the IoT infrastructure. The functional grouping projected with three functional layers as follows:

3. The third layer of abstraction provisions straightway the application with the use of particular middleware facilities, which are for IoT setups. As this architecture is exclusively for the automation field, so these functions comprise a messaging bus, application resource explanations (e.g., ask for trustworthy communication or security setting is interpreted here). The application logic is interpreted at formation or runtime. Also, the interfaces to the dissimilar IoT management constituents are well-defined here. Semantic reasoning functions, along with other supportive functions can be also put here.

The IoT-centered architecture is well-defined inside the area of automation sys-tems. Hence, there is a concentration on those functional parts that should offer trustworthy and communication with security, which is obligatory by some automa-tion applications. The IoT tactic to the embedded systems is depend on the model, that virtual and physical are interlinked and reinforced by self-managing features of the Internet protocols. Numerous functions and resources obtainable by embedded devices (subset of smart objects or things), can be encapsulated into virtual objects. These are invoked or made accessible to a range of applications and services, which contended to have the right to use and use the things, for example, their physical and virtual resources. An IoT architecture in point of fact has to afford trustworthy communication and assured security, as per the automation systems requisite it.

4. Another main focusing area is Path manipulations; it is another way for accom-plishing the traffic engineering objectives. Here the customer of the network takes his/her own path selection judgments.

2.3 Smart City

In a generic way, we understand that, the smart city highlighting area [13] will be living, governance, environment, economy, mobility and off-course people. Strong human along with social capital and ICT set-up a boost for all these smart city highlights. If we consider an example of a city of 1 million people, in next stages, a first business scrutiny determines that, numerous sectors/industries will get direct advantage from more and more digitalized and intelligent cities like as follows-

2.4 Retail

The customer requirements and business prerequisites are both the matters, IoT has to realize. One of the examples can be Price evaluation and identifying the differences of a product. Another example can be, finding for further goods of the same class but much cheaper. Therefore, it’s well understood that, having this information in real time, benefits enterprises for advancing their business and to fulfil the customer requisites. It’s well understood that, the existing big retail chains will try their best to take benefit of their leading position with the intention of enforcing the future IoT retail market. The same thing happened in that past like, as it occurred with RFID acceptance, which was applied by WalMart in 2004. Mainly, companies with governing spots, for instance Metro AG, WalMart, Carrefour, etc. are capable to push the acceptance of IoT technology due to their considerable market power.

1. The smart meters with an efficient network, empowers faster outage detection and re-establishment of service. A simple example can be, abilities rebound to the benefit of consumers.

2. All consumers always want to have lower bill and controlling of energy or water etc. So IoT platform in smart metering offers consumers, with greater power to controlling their energy or water consumption. Furthermore, it can offer them more selections for handling their bills.

Present Scenarios of IoT Projects with Security Aspects Focused 111

work. The combinatorics-based KMS protocols have some issues, like connectivity and scalability, along with these authentications also.

a common secret key [19, 54] referred as group key. It decreases overhead, network traffic. The highlighting points are, the Protocol can be applied in (1) secure data aggregation in IoT and (2) Vehicle-to-Vehicle (V2V) communications in Vehicular Ad hoc Networks (VANETs).

3.2 Privacy and Trust in IoT

Present Scenarios of IoT Projects with Security Aspects Focused 113

and enforcement mechanisms. Another idea is the Hierarchical Policy Language, for Distributed System (HiPoLDS). It shows us, policy enforcement in distributed ref-erence monitors and how it can manage the flow of info. Another approach can be the enforcement of privacy issues in E-commerce applications. In these paradigms, the approach defends user anonymity, user trustworthiness and customer privacy. Another idea is a formal and modular framework. This framework can have lots of good features, like it permits to enforce security strategy on concurrent system, generates fault negative and positive. Another idea can be use of algebra for Commu-nication Process (ACP) and Basic Process Algebra (BPA) language. This idea is able to monitor the requests. Moreover, it can show the satisfaction of correlated rules with an enforcement operator. Another idea is Access control framework and Policy Machine (PM). This idea is nothing but integration of enforces policy objectives, expresses and secure framework. But it can be attacked by Trojan attacks.

114 A. Bhattacharjya et al.

are working with new kind of communication protocols with features like trusted data, trusted models, integrity and authentication. They are also trying to resolve issues like use of network assets on mobile environs, technical challenges, and the trade-offs of among mobility and scalability.

1. Exploitation of multiplicative property and exploitation of Homomorphic prop- erty.

2. Difficulty of the integer factorization problem and Computational modular expo- nentiation complexity problem.

Present Scenarios of IoT Projects with Security Aspects Focused 115

variants and insert them in our SHRSA encryption and decryption [46–51], with some other algorithms, to resolve some of the major problems with main RSA, as shown in Fig. 3. As an outcome, we have developed a SHRSA messaging scheme with SHRSA End to End Encryption and SHRSA Decryption.

Instant Messaging (IMs) schemes nowadays have many backlogs. Some of the Instant Messaging (IMs) schemes’ backlogs are-

6. Insecure default settings on Instant Messaging (IMs) schemes for clients are a big problem.

7. Sharing Instant Messaging (IMs) features with other applications introduce significant security risks.

12. The use of unpublished, non-standard proprietary protocols and non-centralized peer-to-peer file transfer makes it difficult to monitor IM traffic.

116 A. Bhattacharjya et al.

3. SHRSA encryption is much more complex between each peer.

4. PH (Pohlig-Hellman) key exchange and Diffie-Hellman Exchange key ensure three-way authentications peer to peer.

9. No need of any third-party security, so cost saving.

10. It’s more reliable, more efficient and stronger due to variants of RSA integration. 11. No need to install IMSecure.

(b) The exploitation of homomorphic property (meet-in-the-middle attack). (c) Difficulty of the integer factorization problem of RSA.

(d) The very high computationally costly exponentiation modulo N problem.

Fig. 4 Our SHRSA nine-layer protocol stack

is countered by randomly altering the keys in synchronous time slot with 1024 Bit value.

Cost estimation comparisons of variants of RSA, CRT-RSA and our SHRSA system’s decryption is here Fig. 4. (where k = 3(no. of primes)). We have found that SHRSA scheme’s decryption time is near about 290 ms (average running of decryption class 5 times of RSA, CRT-RSA and SHRSA APIs for decryption during messaging), whereas CRT-RSA decryption has taken time near about 652 ms and RSA decryption has taken 2611 ms. But all cipher’s encryption time is same (Fig. 5).

Hence, it iss a complex secure, efficient and lightweight system for use it in present IoT and in near future in Future Internet of everything (IoE), though we have used our SHRSA cipher for secure and efficient messaging scheme as on time [46–51]. It’s a distributed system, so no chance of central failure without depending upon third party for authentication and security. As it’s implemented in Java, so it’s interoperable also.

To have a proper secure and privacy protected proliferation of IoT services, we need architectures with ciphers or other security approaches to entail customized security and privacy levels. In this paper we have discussed several existing models of IoT, it has given us a wide-range overview of many open issues with future directions in the IoT security field. We have discussed various issues here like, trust, privacy and securityrulesinthemiddlewareenvironsandformobiledevices,diversetechnologies and communication standards, the security and privacy necessities and appropriate security resolutions. In precise, the secured IoT necessitate compliance with well-defined security and privacy strategies, privacy for users and things, confidentiality, access control, and trustworthiness among devices and users. We also have described our SHRSA messaging scheme with 9-layered protocol stack, which has many real-time applications and it is ready for use as our system is installable software now. Our SHRSA messaging scheme’s encryption and decryption have not only replaced many bottlenecks of popular cipher RSA but also has resolved many problems of existing Instant Messaging (IM) schemes. In the real-time testing results, we have found that SHRSA scheme’s decryption time is near about 290 ms (average running of decryption class 5 times of RSA, CRT-RSA and SHRSA APIs for decryption during messaging), whereas CRT-RSA decryption has taken time near about 652 ms and RSA decryption has taken 2611 ms. Here we have gained practically 9 times in decryption by our SHRSA than RSA. But RSA, CRT-RSA and SHRSA’s encryption time is same. Due to multiple cipher integration it has already strong security, authentication and privacy. Our implementation has allowed ubiquitous and automatic encryption available to all users without any need of understanding

Present Scenarios of IoT Projects with Security Aspects Focused 119

2–Specification of the extended capabilities of the platform, pp. 1–61 (2014)

Netw. Comput. Appl. 42, 120–134 (2014)
17. Piro, G., Boggia, G., Grieco, L.A.: A standard compliant security framework for IEEE 802.15.4 networks. In: Proceedings of IEEE World Forum on Internet of Things (WF-IoT), Seoul, South Korea, pp. 27–30 (2014)
18. Lee, J.-Y., Lin, W.-C., Huang, Y.-H.: A lightweight authentication protocol for internet of things. In: 2014 International Symposium on Next-Generation Electronics, ISNE 2014, Kwei- Shan, pp. 1–2 (2014)
19. Turkanovi, M., Brumen, B., Hlbl, M.: A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw. 20, 96–112 (2014)
20. Ye, N., Zhu, Y., Wang, R.-C.B., Malekian, R., Lin, Q.-M.: An efficient authentication and access control scheme for perception layer of internet of things. Appl. Math. Inf. Sci. 8(4), 1617–1624 (2014)
21. BUTLER Project.
22. EU-Japan Project.
23. European FP7 IoT
24. HYDRA Project.
25. Usable Trust in th
26. iCORE Project.
27. HACMS Projec
28. National Science
29. FIRE EU-China Project. /
30. FIRE EU-Korea Project. /
31. Gu, L., Wang, J., Sun, B.mechanism for internet of things. China Com- mun. 11(2), 148–156 (2014)
32. Liu, Y.-B., Gong, X.-H., Feng, Y.-F.: Trust systembased on node behavior detection in internet of things. Tongxin Xuebao/J Commun. 35(5), 8–15 (2014)
33. Singh, J., Bacon, J., Eyers, D.: Policy enforcement within emerging distributed, event-based systems.In:DEBS2014—Proceedingsofthe8thACMInternationalConferenceonDistributed Event-Based Systems, pp. 246–255 (2014)
34. Neisse, R., Steri, G., Baldini, G.: Enforcement of security policy rules for the internet of things.

In: Proceedings of IEEE WiMob, Larnaca, Cyprus, pp. 120–127 (2014)
35. Gòmez-Goiri, A., Orduna, P., Diego, J., de Ipina, D.L.: Otsopack: lightweight framework for interoperable ambient intelligence applications. Comput. Hum. Behav. 30, 460–467 (2014) 36. Wang, Y., Qiao, M., Tang, H., Pei, H.: Middleware development method for internet of things.

42. Daubert, J., Wiesmaier, A., Kikiras, P.: A view on privacy & trust in IoT. In: IOT/CPS-Security Workshop, IEEE International Conference on Communications, ICC 2015, London, GB, June 08–12, 2015, page to appear. IEEE (2015)
43. Sadeghi, A.R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Annual Design Automation Conference, p. 54. ACM, New York (2015) 44. Sicari, S., Rizzardi, A., Grieco, L.A., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2015)
45. Zhang, Z.-K., Cheng, M., Cho, Y., Shieh, S.: Emerging security threats and countermeasures in IoT. In: ACM Symposium on Information, Computer and Communications Security, pp. 1–6.

ACM, New York (2015)
46. Bhattacharjya, A., Zhong, X., Wang, J.: Strong, efficient and reliable personal messaging peer to peer architecture based on Hybrid RSA. In: Proceedings of the International Conference on Internet of Things and Cloud Computing (ICC 2016) ISBN 978-1-4503-4063-2/16/03.

122 A. Bhattacharjya et al.

Aniruddha Bhattacharjya is with the Department of Electronic Engineering, Tsinghua Univer-sity, Beijing, China, as a Chinese Government Ph.D. scholar. His research interests are cryptogra-phy, Network security, RFID-based architectures and middleware, security in fixed and wireless Networks, applications of cryptography, and IoT security. He has received the ICDCN 2010, Ph.D. Forum Fellowship. He achieved the best paper award in ACM ICC 2016, in Cambridge Univer-sity, UK. Since 2012, he has been working as an IEEE mentor and ACM faculty sponsor. He is a member of 34 IEEE societies and various IEEE technical committees. He has published 35 papers as well as three pending US patents and one Chinese innovation patent.

IoT Security, Privacy, Safety and Ethics

Hany F. Atlam and Gary B. Wills

H. F. Atlam
Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University, Menoufia, Egypt

© Springer Nature Switzerland AG 2020 123 M. Farsi et al. (eds.), Digital Twin Technologies and Smart Cities,
Internet of Things,

The main objective of this chapter is to provide an overview of IoT security, pri-vacy, safety and ethics. It starts by discussing the architecture and essential character-istics of the IoT system. This is followed by investigating IoT security by highlighting security requirements, security by design, security attacks and security challenges of the IoT system. IoT privacy with investigating privacy threats and suggested solu-tions are also discussed. Also, IoT safety and ethics are investigated by highlighting the need for ethical design and ethics challenges in the IoT system. In the end, a case study of the smart city is introduced to discuss security threats and suggested solutions in the smart city context.

The rest of this chapter is structured as follows: Sect. 2 provides an overview of the IoT system; Sect. 3 discusses IoT security; Privacy issues and suggested solutions are discussed in Sect. 4; Sect. 5 discusses IoT safety; the need for ethical design and ethics challenges in the IoT are presented in Sect. 6; Sect. 7 discusses security issues and suggested solution in the smart city context; Sect. 8 is the conclusion.

The IoT system has evolved to involve the perception of realizing a global infrastruc-ture of interconnected networks of physical and virtual objects. These objects/things are interconnected using either wired or wireless networks to share information between various IoT devices to create novel applications and services [5].

Originally, the notion of the IoT was initially presented by Kevin Ashton, who is the originator of MIT auto-identification centre in 1999 [6]. Ashton has said, ‘The Internet of Things has the potential to change the world, just as the Internet did. Maybe even more so’ [6]. Later, the IoT was officially presented by the International Telecommunication Union (ITU) in 2005 [7]. The IoT has been defined by many organizations and researchers. However, the definition provided by ITU in 2012 is the most common. It stated: ‘a global infrastructure for the information society, enabling advanced services by interconnecting (physical and virtual) things based on, existing and evolving, interoperable information and communication technologies’ [8].

• Intelligence: Combining sophisticated software algorithms with hardware allow IoT devices to become smart. These intelligence abilities allow IoT devices to

126 H. F. Atlam and G. B. Wills

• Complex System: The IoT system consists of billions of heterogamous objects with different hardware and software capabilities that make the management pro-cess a very difficult task to accomplish especially with constraints associated with memory, energy and time.

• Dynamic Environment: The IoT has the ability to connect almost all objects of our environment without having to determine the IoT network boundaries which make it a dynamic system in nature. Also, IoT devices can operate and be adjusted dynamically based on changing conditions and situations.

• Self-configuring: Devices are configured to perform a certain operation. But for IoT devices, they have the capability of self-configuring that enable them to operate without human intervention. IoT devices could configure themselves to the up-to-date software in association with the device manufacturer without user involve-ment.

• Unique Identity: Within the IoT network, each IoT object is identified and recog-nized using a unique identifier such as the IP address. These identities are provided by IoT manufactures to use it to upgrade devices to the appropriate platforms. In addition, these devices have interfaces that enable users to collect the required information from the devices, record their status and manage them remotely. their surroundings, collect and store the required information, these sensors may• Context awareness: In the IoT environment, there are multiple sensors that sense take decisions based on collected data which make it a context aware.

Fig. 2 The IoT reference model according to IWF, drawn from data provided in [13]

storage to be accessible by higher levels. Different types of data in various formats and from heterogeneous processors may come up from the edge-computing layer for storage. The data abstraction layer aggregates and formats stored data in a way that make them accessible by applications in a more manageable and efficient way. Layer 6 is the application layer. This layer is concerned with the information interpretation of various IoT applications. This layer encompasses a variety of applications that use IoT input data or control IoT devices [10]. The collaboration and processes are in layer 7. This layer identifies individuals who can communicate and collaborate to make the IoT system more useful. It also involves various applications to exchange data and control information over the Internet.

Since the IoT is a dynamic system in nature in which every poorly secured object can disturb the security and resilience of the entire system as they are connected like a chain. The ease of connection and access of IoT devices open doors for severe security issues especially with the large-scale distribution of heterogamous devices, their ability to connect to other devices without requesting permissions or even notifying their owners and probability of flooding these devices with severe security threats [12].

Handling security challenges in the IoT context should be a fundamental priority to increase adoption of IoT applications. Users need to be fully confident about the security of their IoT devices and related applications. They need to ensure that their devices are totally secured from various known threats as they become more integrated into people daily life’s activities [13].

For the connectivity or network layer, communication security measures are needed as well as identity authentication to prevent illegal nodes. Also, Distributed Denial of Service (DDoS) attack is common at this level, so there is a need to protect against DDOS attack in defenceless nodes in this layer, especially it is more severe in the IoT context [18]. For data abstraction, accumulation and edge-computing level,

130 H. F. Atlam and G. B. Wills

Security by design is a novel approach suggested by several organizations to imple-ment required security measures in the software and hardware development life cycle and not after detecting a security breach. The necessity to adopt security by design becomes essential to protect billions of IoT devices that are poorly secured against common security attacks. Since these devices are connected to the Internet, they become a weak point that can be exploited by any security attacker to steal sen-

IoT Security, Privacy, Safety and Ethics 131

Security concerns associated with IoT devices create potential risks in our life. Before the IoT, a security breach can lead to losing your money, but with IoT, security attack can literally result in losing your life. Securing IoT devices requires taking a set of best practices that include the following:

• Hardware Tamper Resistant: Keeping IoT devices isolated and only certain people have physical access to it are the major steps to make your IoT devices tamper proof or tamper evident. Also, IoT device hardening with physical security such as blocking unused ports and covering camera are good points to prevent potential attackers from reaching your data [21].

spoofing since setting and handling unique identities have been difficult for IoT devices due to their small and lightweight size.

• Dynamic Testing: It is critical for IoT devices to go through testing and create the least standard measures for security. To test the security of IoT devices, there are two types; static and dynamic. In contrast to static testing that is concerned with discovering threats in software, dynamic testing can explore threats and vulnera-bilities in both hardware and software [21].

These types of attacks are concerned with the hardware elements of the IoT system in which the attacker requires to be physically near to the IoT system to run the attack. These attacks are relatively difficult to achieve because they require expen-sive substances [25]. Physical attacks can have different forms which include the following:

• Node Tampering: This attack targets the sensor node by physically damaging it or even replaces the entire node or part of its hardware to gain the access to sensitive information [26].

• Malicious Node Injection: The attacker gains the access to sensitive information by physically operating a new malicious node between communicating nodes of the IoT system, which allows the attacker to control all data flow between various nodes.

• Malicious Code Injection: This type of attack focuses on physically injecting the IoT node with malicious code that helps to gain access to the IoT system.• Physical Damage: This type of attack is similar to node tampering in which the attacker physically damages IoT devices. This type of attack is difficult to achieve as it requires the attacker to reach area or building containing IoT devices to destroy it. The major difference between this attack and node tampering attack is that the attacker attempts to harm the IoT system directly to affect system availability and quality of service [26].

• Malicious Scripts: Since the IoT system is linked to the Internet, the attacker uses this facility to create malicious scripts that aim to gain access to sensitive data or disturb system availability. These malicious scripts are executed through system users by wrong [28].

• Phishing Attacks: It is a kind of social engineering attack which targets user login credentials and other sensitive information through infected emails or phishing websites.

• Traffic Analysis Attacks: This type of attack is concerned with sniffing out sen-sitive data and other types of data due to their wireless features. Moreover, in most attacks, it is necessary for the attacker to collect some network information before operating any attacks, and this is achieved by using a traffic analysis attack [29].• RFID Spoofing: This type of attack is concerned with spoofing RFID signals to obtain data stored on an RFID tag. Then, the attacker uses the original tag ID to send his own data to appear to be from the original source, which enables the attacker to access the entire system as a legal node [30].

• RFID Cloning: This type of attack targets RFID tag by copying its own data to another RFID tag. Although the two RFID tags have identical data, it does not duplicate the original ID of the RFID [30].

• Routing Information Attacks: Routing table information is used by the network router to forward data to their desired destinations. Hence, this type of attack targets this table by spoofing or changing its contents which disrupt network service and most traffic will be discarded and error messages will be sent [30].

3.4.4 Encryption Attacks

3.5 IoT Security Challenges

Like all new technologies, security issues are still the biggest problems that stand in the path of effective developments of the IoT system. There are several security challenges that need to be addressed to increase people trust in adopting IoT devices.

Most IoT devices have limited processing and storage capabilities, due to small and lightweight features which make them run on lower energy. Therefore, sophisticated security algorithms are not suitable for these constrained devices as they are not able to execute complex processing operations in real time. Instead, constrained devices typically only employ fast, lightweight encryption algorithms [33].

3.5.2 Big Data

Providing an efficient authorization and access control mechanism for the IoT system is one of the major fundamentals to provide a secure system. IoT devices should gain access to services or applications only after providing their identities correctly. However, there are many problems associated with device authentication such as the use of weak or default passwords that lead to giving access to attackers who can manipulate device data or even physically damage it. Adopting security by design in IoT devices, enabling two-factor authentications and enforcing the use of strong passwords can help to address these challenges [35].

3.5.4 Secure Communication

The IoT system involves billions of heterogeneous devices which make the manage-ment of this large-scale network a very difficult task to accomplish, especially with constraints associated with memory, energy and time. The more devices, people, interactions and interfaces, the more the risk of security breaches. In other words, with more variety and diversity in the IoT system, the challenges of managing all points in the network to maximize security become a difficult operation to achieve [2].

4.1 IoT Privacy Threats

One of the important characteristics of the IoT is the capability of objects to perceive and sense their environment. But this capability leads to tracking and monitoring user actions and activities which violate user privacy and results in many problems that can literally lead to losing people lives. This section provides a discussion of common privacy threats in the IoT system.

various techniques expand the threat of identification [40]. The use of a surveillance camera, in non-security contexts, is an example of such techniques, where customers’behaviour is studied for analysis and marketing. To address this issue, attribute-based authentication is recommended to minimize the data a device can collect in the IoT and maintain control over the disclosure of data.

4.1.2 Localization and Tracking

With the growth of the IoT, data collection incredibly increases quantitatively due to the explosion of data sources and connected devices. Furthermore, data will change also qualitatively as data is collected from previously inaccessible parts of people’s private lives, for example, data collected by wearables and different devices at home [40].

4.1.4 Life-cycle Transitions

Inventory attacks are related to the illegitimate gathering of information about the existence and characteristics of things in a specific place. Inventory attacks can usually be performed by using the fingerprint of IoT devices, for instance, their com-munication speed, reaction time and so on. If the promise of the IoT will be fulfilled, all smart things will be addressable over the Internet, opening the opportunity for unauthorized entities to exploit this and create an inventory list of things belonging to a target. An inventory attack could be used for profiling individuals, since owning special items disclose private information about the owner [40].

4.1.6 Linkage

• Privacy by Design: One valuable key to preserving privacy in the IoT environment is the privacy by design. The IoT customers should have the required features to control their own information and define who can access it. Currently, some companies use a sort of agreement that allows certain services to access data as desired. Therefore, built-in tools to preserve user’s privacy are required to be built as an essential part of any product.

• Privacy Awareness: One of the main problems of privacy violation is the lack of public awareness. IoT users have to be fully aware of how to keep themselves protected against any types of privacy threats [43].

• Access Control: Providing an efficient access control model for the IoT system to enable smart things to provide fine-grained decisions is one of the solutions for preserving the privacy of IoT users.

5 IoT Safety

Ethics is a branch of philosophy that defines human conduct and behaviour in the society. Ethics considers what is morally right or wrong, just or unjust, while ratio-nally justifying our moral judgments. Ethics in the IoT context deal with defining the correct regulation for human activities towards others and themselves; hence, ethics can be considered as a way to define what is good and bad, right and wrong. With the IoT growth, it will possibly give rise to other moral dilemmas, especially as the technology continues to outperform the development of regulations and policies. The IoT will change everything about how society works and plays. Therefore, there is a need to develop an ethical framework that helps ensure the IoT is used for the good of humanity and not the other way around.

IoT Security, Privacy, Safety and Ethics 143

The ethical design in the IoT products is used as a means to authorize IoT con-sumers to manage and protect their personal data and other related information. In other words, IoT users will have the complete freedom to define their own ethical choices while interacting with IoT devices. All various ethical options and choices will be embedded in the algorithms that are created by programmers and develop-ers. These choices will include different degrees of privacy and data protection to allow users to choose what is best for their purposes [50]. Since providing these new features are not free, an ethical IoT device will include additional cost to involve the implementation and deployment of ethical framing and ensure a higher level of freedom to IoT users. It will be available for users to decide to pay for these new ethical features or not [51].

6.2 Ethics Challenges in IoT

Although the IoT system has been widely accepted in our society and billions of devices are existing, there are several issues to apply ethics in the IoT context. These challenges include the following:

The concept of a smart city is used to describe the better use of public resources to improve people quality of life using the unlimited benefits provided by the IoT system and at the same time decreasing operational costs of public administrations. The IoT provides numerous advantages in controlling and optimizing public services, such as lighting, maintenance of public areas, transport and parking, preservation of cultural heritage, surveillance and garbage collection. Moreover, with multiple sensors existing everywhere and different types of data collected from these devices, people awareness can be improved regarding the status of their city and encourage the active participation of the citizens in the management of public administration [54].

In this section, we provide the smart city as a case study to discuss different security threats and suggest novel solutions to mitigate against.

• Device Hijacking: In this type of attack, the attacker captures and controls a certain device without changing its basic functionality which makes it very difficult to be detected. In a smart city context, an attacker can exploit hijacked smart meters to launch ransomware on energy management systems [53].

• Insecure Hardware: Sensors are the starting point of any attack. If they are not tested appropriately, they will create major threats to the entire IoT system. The lack of hardware standardization of IoT devices creates several weak points that can be exploited by attackers.

7.2 Security Solutions for Smart City

Providing various security mechanisms to secure a smart city is a mandatory opera-tion to keep the innovation of new services and applications that improve people lives and the quality of their lives. There are a set of security solutions for building a secure smart city. These solutions involve: mutual authentication, security monitoring and analysis, and data integrity and confidentiality. This section provides an overview of these security solution. In addition, Table 1 provides a summary of various security threats in different sectors of smart cities and suggested solutions.

The IoT has the capability to connect and communicate with almost all real-world objects over the Internet to increase information sharing. With the help of sensors, the IoT has the ability to collect, analyse and deploy a huge amount of data which in turn will be converted into meaningful information and knowledge that can be used to create new application and services to improve our quality of life. Security and privacy are considered to be the major issues in the IoT system. Providing a secure and

146 H. F. Atlam and G. B. Wills

privacy-preserving IoT system should be a compulsory task to continue its successful developments in our environment. In addition, safety plays an important role in the IoT system to provide a safe and reliable system and protect the IoT system and its components from causing an unacceptable risk or physical damage. In the same way, ethics and regulations when dealing with IoT data are needed to be defined since the technology continues to outperform the development of current regulations and policies. This chapter provided an overview of IoT security, privacy, safety and ethics. It discussed the architecture and essential characteristics of the IoT system. It also presented IoT security by highlighting security requirements, security by design, security attacks and security challenges. IoT privacy by investigating privacy threats

IoT Security, Privacy, Safety and Ethics 147

Inf. 10(2), 1527–1536 (2014)
4. Cerf, V., Ryan, P., Senges, M., Whitt, R.: IoT safety and security as shared responsibility. Bus.

Inform. 1, 7–19 (2016)
5. Shanbhag, R., Shankarmani, R.: Architecture for internet of things to minimize human inter- vention. In: 2015 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015, pp. 2348–2353 (2015)
6. Ashton, K.: That ‘Internet of Things’ Thing. RFID J., 4986 (2009)
7. ITU: The Internet of Things. ITU Internet Rep., p. 212 (2005)
8. ITU: Overview of the Internet of things. Ser. Y Glob. Inf. infrastructure, internet Protoc. Asp.

20. James, M.: Secure by Design: Improving the cybersecurity of consumer Internet of Things Report (2017)

148 H. F. Atlam and G. B. Wills

Syst. Comput. 381(July), 629–636 (2016)
32. Padhy, R., Patra, M., Satapathy, S.: Cloud computing: security issues and research challenges.

Int. J. Comput. Sci. Inf. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)
33. Atlam, H.F., Attiya, G., El-Fishawy, N.: Integration of color and texture features in CBIR system. Int. J. Comput. Appl. 164(3), 23–29 (2017)
34. Aman, W.: Modeling adaptive security in IoT Driven eHealth. In: Norwegian Information Security Conference (NISK 2013), pp. 61–69 (2013)
35. Atlam, H.F., Walters, R.J., Wills, G.B.: Fog computing and the internet of things: a review. Big Data Cognitive Comput. 2(2), 1–18 (2018)
36. Atlam, H.F., Walters, R.J., Wills, G.B.: Internet of nano things : security issues and applica- tions. In: 2018 2nd International Conference on Cloud and Big Data Computing, no. October, pp. 71–77 (2018)
37. Westin, A.F.: Privacy and Freedom. Atheneum, New York (1967)
38. Padilla-López, J.R., Chaaraoui, A.A., Flórez-Revuelta, F.: Visual privacy protection methods: A survey. Expert Syst. Appl. 42(9), 4177–4195 (2015)
39. Atlam, H.F., Alenezi, A., Alassafi, M.O., Walters, R.J., Wills, G.B.: XACML for building access control policies in internet of things. In: Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security (IoTBDS 2018), pp. 253–260. (2018)
40. Ziegeldorf, J.H., Morchon, O.G., Wehrle, K.: Privacy in the internet of things: Threats and challenges. Secur. Commun. Netwo. 7(12), 2728–2742 (2014)
41. Toch,E.,Wang,Y.,Cranor,L.F.:Personalizationandprivacy:asurveyofprivacyrisksandreme- dies in personalization-based systems. User Model. User-Adapted Interact. 22(1–2), 203–220 (2012)
42. Aleisa,N.,Renaud,K.:Privacyoftheinternetofthings:asystematicliteraturereview(Extended Discussion). ArXiv e-prints, pp. 1–10 (2016)

Technol. Eng. Syst. 2(4), 44–50 (2017)
48. Popescul, D., Georgescu, M.: Internet of things—some ethical issues. USV Ann. Econ. Public Adm. 13(2), 208–214 (2013)
49. Alenezi, A., Zulkipli, N. H.N., Atlam, H.F., Walters, R.J., Wills, G.B.: The impact of cloud forensic readiness on security. In: 7th International Conference on Cloud Computing and Ser- vices Science, pp. 511–517 (2017)
50. Baldini, G., Botterman, M., Neisse, R., Tallacchini, M.: Ethical design in the internet of things.

Sci. Eng. Ethics 24(3), 905–925 (2018)
51. Atlam, H.F., Alenezi, A., Alassafi, M.O., Wills, G.B.: Blockchain with internet of things: benefits, challenges, and future directions. Int. J. Intell. Syst. Appl. June, pp. 40–48 (2018) 52. Pollard, W.: IoT governance, privacy and security issues. Eur. Res. Clust. Internet Things, 23–31 (2015)
53. Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities.

CoAP—Application Layer
Connection-Less Lightweight Protocol for the Internet of Things (IoT)
and CoAP-IPSEC Security with DTLS Supporting CoAP

Aniruddha Bhattacharjya, Xiaofeng Zhong, Jing Wang and Xing Li

J. Wang
e-mail:

X. Li
e-mail:

An unconstrained network (UCN) is classically signified by the Internet, while the Internet of Things (IoT) [1–20] comprising of a Low-Power Wireless Personal Area Network (LoWPAN) [6] signifies the constrained domain. An IoT gateway placed on the edge among the Constrained Network (CN) [21] and UCN [21] adapts the communication among these two domains. Its role typically encompasses the adapta-tion between dissimilar protocol layer implementations. Also called a border router, it carries out protocol translations vis-a-vis end-to-end loT security [1–4, 16–20, 22–38]. The gateway is usually an unconstrained device, which can be used for scal-ing down the functionalities from the UCN to CN domain. The gateway can be used for handling security settings in peripheral constrained networks.

To uphold the end-to-end method, the gateway necessitates to be invisible to the communicating endpoints. A node on the UCN can be either Hypertext Transfer Protocol (HTTP) enabled or only Constrained Application Protocol (CoAP) enabled. The communication protocols existing or being designed at the Institute of Electrical and Electronics Engineers (IEEE) and Internet Engineering Task Force (IETF) now empower a standardized protocol stack. The mechanisms founding this stack must thus empower Internet communications encompassing constrained sensing devices, whereas fulfilling the necessities of low-energy communications environments and the aims and the lifetime of IoT applications [22–27, 39–41]. In order to talk this issue for the IoT, the IETF has started the Constrained RESTful Environments (CoRE) working group, which aims at standardizing the incorporation of constrained devices with the Internet at service level. The CoRE proposal aims to permit the integration of constrained devices with the Internet, at service level. CoRE proposes the use of CoAP in constrained devices, a specialized RESTful Web transfer protocol.

1. conceptualization,
2. comparison, and
3. collaboration.

In recent era, there have been significant advances in the capabilities and tech-nologies of both the data gathering of the physical product and the formation and depiction of the virtual product, the Digital Twin. But during data communication again the security of end-to-end path is not much. So, we need to implement end-to-end secure communication protocols for these technologies related to IoT and Internet of Everything (IoE).

be protected end to end (E2E). To cope with these security necessities, CoAP offers DTLS and when DTLS NoSec mode is selected, the CoAP communication could be secured using IPSec at the network layer in a Low-power and Lossy Network (LLN). Nevertheless, DTLS was not intended for lossy networks and constrained devices, it has appeared as a vital candidate to deliver security in loT. Nevertheless, it cannot be employed as it is, ever since it is well thought out to be too heavy for use in constrained environments and networks such as loT. Thus, we have emerged numerous lightweight implementations of DTLS for use in loT nowadays.

Lightweight DTLS Implementation could be depending on employing any of the following techniques:

The first byte encompasses the protocol version Ver, a type field T (token), and TKL (token length). The T is a type field consisting of basic message type informa-tion. TKL represents the size in bytes of the Token field. Then, we have the Code field. The Code field encompasses more specific message type information. Then, we have Message ID field. The Message ID field is a unique ID. The work of this unique ID is to track messages and distinguish likely duplications . To match request and

Options (if any)

Payload (if any)

As shown in Fig. 2, the request/response layer is accountable for altering the resources by outlining methods (i.e., GET, PUT, DELETE, and POST). The Trans-action layer recognizes the reliability technique, when processing messages, and along with that offer messages duplication detection. In the Transaction layer, we can have four types of messages, which are given below:

• Acknowledgment (to ACK. CON. Messages),
• reset (message is received but could not be processed),• confirmable (Acknowledgment is required), and
• non-confirmable (no ACK is required).

The CoAP has many more abilities, which are essential features for IoTs environs [1–20], like URI and content-type provisions, low header overhead, simple parsing method, multicast support, and asynchronous message exchanges. We know that the CoAP’s message could be CON (confirmable), NON (non-confirmable), ACK (Acknowledgement), and RST (Reset). A token is in use in the CoAP [RFC 768] for finding match for each response to its corresponding request. Messages are always exchanged in an asynchronous way. Messages always carry the semantics, responses, and requests.

Therefore, it is well understood that the messages will be exchanged either reliably or non-reliably, liable to the option indicated in the GET request header. Figure 3 has shown that, if the resource is accessible in the time of dealing out the CON-Request, then the server will send the reply in a piggybacked manner with an ACK message.

Another case can be, if the server is not able to reply instantly to CON-Request message, may be for the reason of the lack of proper response, then the server in a simple way recognizes the request with an empty ACK message. In a situation, when the resources are available, then the server will send the reply in a new CON message. In turn of this CON message, the client will acknowledge. Figure 4 has shown this process.

CON Msg. ID [0x22a]
GET/Temp Token (0x20)

ACK Msg. ID [0x22a]

CON Msg. ID [0x24a]

GET/Temp Token (0x30)

ACK [0x24a]

Fig. 4 GET requests with separate responses

V T TKL Code Message ID

Token (If any, TKL bytes) ……..

One of the good solutions to get more reliable access control framework for IoT can be merging other access control systems, like Kerberos and RADIUS with the CoAP protocol, to get a reliable access control framework for IoT.

Some special highlights of the CoAP are as follows:

2.3 CoAP-IPSEC Security

We know that IPsec is a layer 3 protocol. It is ideal for use with IPv6, but in later stage, it is now can be used for IPv4. It can protect application and transport layers’applications, but good thing is that it is not an application-dependent protocol. The reason for this independence is that the IPSec is integrated into the kernel resulting in transparency to the applications. For the reason of this transparency, Transport Layer Security (TLS) and Secure/Multipurpose Internet Mail Extensions (S/MIME) [RFC 3851] can be used by IPSec. The IPSec can offer various security services like limited traffic flow confidentiality, anti-replay mechanism, access control, confidentiality,

0 - 2 bytes

length (extend)

2.4 IPSEC Issues

There are some issues with IPsec.

Fifth point is that IPSec is inserted in the IP stack, so any alterations will have need of kernel level.

Sixth point is that Configuring/Managing/Troubleshooting IPSec and Internet Key Exchange(IKE)areverycompositetasks.Itiswellunderstoodthatenormousnumber

2.5 IPSEC and DTLS Comparisons

A comparison of IPSec and DTLS in various security dimensions is described in Table 1.

5. The fifth point is that the IEEE 802.15.4 specification describes the payload should be 127 bytes as whole. Hence, if we use the DTLS as security protocol, to defend CoAP exchanges, 13 bytes (out of the 127 bytes of IEEE 802.15.4 frame) has to be assigned for DTLS record. Also, 25 bytes has to be used for link layer addressing information, 10 bytes for 6LowPAN addressing, and along with that the 4 bytes of CoAP header. So, as an outcome, only 75 bytes are available for application layer payload. But it is not sufficient space for communicating actual data. Subsequently, one big piece of data (bigger than 75 bytes) will use additional resources from the nodes and the network itself. The reason is that it will be broken into several pieces and sent twice. Hence, some header compression mechanisms are good solution, at the exact cases where needed. The compressing and decompressing necessities are the reason for more constraints to the nodes and network resources.

6. The Sixth point is that in the case of DTLS, some applications might necessitate security services, to be more and more customized in relation to the application or scenarios requirements. Nevertheless, if the security was applied as per the requirements of the application or scenario, it would offer to decrease the usage of existing resources and would increase the network enactment.

162 A. Bhattacharjya et al.

limits of the constrained devices. The S-CoAP prerequisites to offer security for normal connection setup, in addition to that, for the case of mobility also. In other words, the advantage is that the security will be integral part of the CoAP protocol. It is well understood that this security is offered by other standards, so the S-CoAP should be capable to function across numerous sites and networks.

Let us now discuss some of the issues about attacks for these systems.

1. Secure Service Manager (SSM) Spoofing Attack

We have to ensure end-to-end security. The SSM can acquire all session informa-tion by just delegating the DTLS handshake. As we know the encrypted session information is sent to a constrained device instantly, but the SSM does not do the accumulation of session information. Therefore, it is well understood that end nodes joining in the DTLS communication will encrypt and decrypt data themselves only. The SSM is only responsible for the data relay after sending the session informa-tion to the constrained device. In this kind of system, the executor of the encryption and decryption is the end node, in the DTLS communication. There is one obliga-tory thing; the SSM must trust the preregistered device, for example, smartphone of user. So, as an outcome, we get an end-to-end security (semi E2E security exactly) definitely.

3. Denial of Service

164 A. Bhattacharjya et al.

implementing a concrete secure system, with additional mechanisms including key revocation, secure bootstrapping, trust management, and so on [22–27, 29–44].

3.2 CoAP Without DTLS and CoAP with DTLS

The DTLS protocol is nothing but an improved type of the very popular TLS protocol [RFC 5246]. To give more security to the major UDP well-known applications, for instance, Voice over IP/Session Initiation Protocol (VoIP/SIP), DTLS runs on top of UDP instead of TCP. This is a key difference. The DTLS offers automatic key management, confidentiality, authentication, and data integrity. It also provisions wide range of dissimilar cryptographic algorithms. As per the CoAP’s draft, CoAP describes four security modes with the intention of achieving the security services, which is obligatory. They are NoSec, PreSharedKey, RawPublicKey, and Certificate. In case of NoSec mode, the packets are transferred usually as UDP datagrams over IP. The CoAP scheme has indicated this as coap://. In case of all other three security modes,securityisattainedbyDTLSandtheschemeisindicatedbycoaps://.Figures7 and 8 have depicted the message interchange for two cases, CoAP without DTLS and CoAP with DTLS:
Now let us discuss some issues of the DTLS supporting the CoAP. At first, multi-cast communications are not offered by DTLS protocol, but it is an essential part of CoAP protocol and main feature in IoTs. Second thing is that the DTLS handshake protocol is not protected at all, and at anytime it can be attacked by the exhaus-tion attack of the resources of battery-powered device, may be with the stateless cookie also. As an outcome, the nodes could not work properly in the network and make interruption to the whole communication. Third, bitmap window can defend the DTLS from replay attack, still nodes have to obtain the packets first, then pro-cess and occasionally even forward them also. This attack could make the network flooded. So, good resolution can be filtering proxy, for instance, 6LoWPAN [6] Border Router (6LBR). Moreover, one point in this resolution is that possibility of running this kind of filtering on a 6LBR cannot protect all situations. Furthermore, handling the replied packets is energy consuming. Forth issue is Handshake phase which is strongly defenceless, ever since no end host has been authentic to the other end host. Fifth issue is that DTLS security advantages do not match with the CoAP. For example, the loss of a message in-flight necessitates the re-communication of all messages in-flight. But, if all messages in-flight are communicated together in

Server Hello
Certificate
Server Key Exchange
Certificate Request
Server Hello Done

Change Cipher
Specification
Finished
Request

a single UDP packet, it is good, but more resources are obligatory for dealing with large buffers. Additionally, if CoAP client prerequisites Internet access, which essen-tials the CoAP/HTTP mapping process, then, it is well understood that the DTLS handshake process will be big issue.

Mainly, it is not clear if a partial mapping among TLS and DTLS can be accom-plished. This topic could also be more complex, since a CoAP client would not be capable to distinguish which device has started the request. Last but not the least, CoAP messages have two transactions (one round trip); one message starting at the client (request) and the other starting from the server (response). If DTLS is used in these two transactions processes, then we need four round trips, three round trips for DTLS (~40–50 Bytes), and additional one round trip for CoAP. It should be before CoAP’s actual contents are exchanged.

securely reachable. The reachability with security should be regardless of the present location of the device. In parallel, there should not be any changes for CoAP and DTLS as maintained on such devices.

Even though IPsec can be used in the IoT [1–20], it is not principally intended for web protocols, for example, HTTP or CoAP. For web protocols one of the most common security solution is Transport Layer Security (TLS) or its forerunner Secure Sockets Layer (SSL). The connection-oriented TLS protocol can only be used over stream-oriented TCP that is not the favored method of communication for smart objects. By reason of lossy nature of low-power wireless networks, it is tough to keep a nonstop connection in 6LoWPAN networks. An adaptation of TLS for UDP known as Datagram TLS (DTLS) is in use nowadays. It initiates end-to-end secu-rity of dissimilar applications on one machine by functioning among the transport and application layers. DTLS offers replay protection, integrity, confidentiality, and authentication. It also offers defence against Denial-of-Service (DoS) attacks by using cookies. As we know DTLS offers application-level end-to-end security, it can only be in used over the UDP protocol and TLS is in use over TCP. The secure web protocol for the IoT, Secure CoAP dictates the use of DTLS as the underlaying secu-rity resolution for CoAP. It is well understood that we should permit DTLS support in the IoT [1–20]. Communication security defends the messages with confidentiality and integrity services; still many attacks are likely against networks mostly to breach availability security services. These attacks are intended to barge in networks by interrupting, for instance, the routing topology or by launching DoS attacks. Intru-sion Detection Systems (IDS) are obligatory to identify impostors and malicious activities in the network, and firewalls are essential to stop unapproved right of entry to networks. In the IoT, 6LoWPAN networks are defenceless to a number of attacks from the Internet and from inner of the network. Also, 6LoWPAN networks itself can turn out to be source of attacks against Internet hosts, as it is reasonably easier to negotiate a resource-constrained wireless node than a typical Internet host. As a result, we have found that it is not so easy to provide end-to-end security.

2. It is giving us stronger statistical complexity, meaning more security.

Fig. 9 Our SHRSA messaging scheme

Other algorithms: Extended
Euclidean algorithm, Perfect
Forward Secrecy (PFS) using Diffie Hellman, Rabin-Miller primality test, Optimal Asymmetric Encryption
Padding (OEAP), Square and
Multiply algorithm

homomorphic property (meet-in-the-middle attack).

7. It is giving resolution for difficulty of the integer factorization problem of RSA and very computationally costly exponentiation modulo N problem.

OEAP insertion with random salts in our nine-layered SHRSA cipher is helping us to stop attacks like those given below:

170 A. Bhattacharjya et al.

2. Secure hybrid RSA decryption is nine times faster than main RSA decryption. 3. Secure hybrid encryption and decryption are much more complex between each peer.

4. Pohlig–Hellman (PH) key exchange and Diffie–Hellman exchange key ensure three-way authentication peer to peer.

9. No default setting is shared with others.

10. No need of any third party.

15. No need of use of any password as we have our own three-way four-layered authentications for peers and then secure hybrid RSA encryption.

16. Our SHRSA messaging system works with an end-to-end encryption model with full mesh networked architecture to ensure pure peer-to-peer nature.

2. Replacement of SSL/TLS was needed for personal messaging scenario, and it can be used (as SSL/TLS has several backlogs).

3. Our end-to-end user three ways authenticated encrypted messaging architecture based on SHRSA can be incorporated in the future Internet architectures like Choicenet, NEBULA, and eXpressive Internet Architecture (XIA) along with Sourceless Network Architecture and with binding of CoAP with DTLS.

5 Conclusions

In 1999, the Auto-ID Laboratory of Massachusetts Institute of Technology has intro-duced us thought of “the Internet of things”. Then, in 2005, we had the “ITU Internet Reports: The Internet of Things”. We need to develop the security structural design of the IoT, for the reason of offering information security defence for tag privacy, sensor data security, data transmission, etc. We need very deep systematic research on the transmission and information security of the core network depending on the IoT or networking industry security of the IoT. We have seen that recent works are simply adding safety methods in each layer. But this is not at all sufficient. We have already worked on forming lightweight hash functions, which depend on lightweight block ciphers. We know that AES-CCM (Advanced Encryption Stan-

1. Jara, A., Kafle, V., Skarmeta, A.: Secure and scalable mobility management scheme for the internet of things integration in the future internet architecture. Int. J. Ad Hoc Ubiquitous Comput. 13(3–4), 228–242 (2013)
2. Li, S., Gong, P., Yang, Q., Li, M., Kong, J., Li, P.: A secure handshake scheme for mobile- hierarchy city intelligent transportation system. In: International Conference on Ubiquitous and Future Networks. ICUFN, Da Nang, pp. 190–191 (2013)
3. Kang, K.C., Pang, Z.B., Wang, C.C.: Security and privacy mechanism for health internet of things. J. China Univ. Posts Telecommun. 20(Suppl 2), 64–68 (2013)
4. Goncalves, F., Macedo, J., Nicolau, M., Santos, A.: Security architecture for mobile e- health applications in medication control. In: 2013 21st International Conference on Software, Telecommunications and Computer Networks. SoftCOM, Primosten, pp. 1–8 (2013) 5. An, J., Gui, X., Zhang, W., Jiang, J., Yang, J.: Research on social relations cognitive model of mobile nodes in internet of things. J. Netw Comput Appl 36(2), 799–810 (2013)

CoAP—Application Layer Connection-Less Lightweight Protocol … 173

In: International Conference on Safety and Security in Internet of Things. Springer, New York 1079 (2014)
11. IoT-A Consortium (2014) IoT-A—Internet of things architecture. . 27 Jan 2014
12. Logvinov, O., Kraemer, B., Adams, C., Heiles, J., Stuebing G.: Mary Lynne Nielsen, and Brenda Mancuso. Standard for an architectural framework for the internet of things (IoT) IEEE P2413 Webinar Panelists, pp. 1–12 (2014)
13. Zanella, A., Bui, N., Castellani, A.P., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1, 22–32 (2014)
14. Grieco, L.A., Alaya, M.B., Monteil, T., Drira, K.K.: Architecting information centric ETSI- M2 M systems. In: IEEE PerCom (2014)
15. Anderson, J., Rainie, L.: The internet of things will thrive by 2025, Pew research internet project (2014).
16. Yan, Z., Zhangternet of things. J.

Netw. Comput. Appl. 42, 120–134 (2014)
17. Piro, G., Boggia, G., Grieco, L.A.: A standard compliant security framework for IEEE 802.15.4 networks. In: Proceedings of IEEE World Forum on Internet of Things (WF-IoT), Seoul, South Korea, pp. 27–30 (2014)
18. Lee, J.-Y., Lin, W.-C., Huang, Y.-H.: A lightweight authentication protocol for internet of things. In: 2014 International Symposium on Next-Generation Electronics, ISNE 2014, Kwei- Shan, pp. 1–2 (2014)
19. Turkanovi, M., Brumen, B., Hlbl, M.: A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion. Ad Hoc Netw. 20, 96–112 (2014)
20. Ye, N., Zhu, Y., Wang, R.-C.B., Malekian, R., Lin, Q.-M.: An efficient authentication and access control scheme for perception layer of internet of things. Appl. Math. Inf. Sci. 8(4), 1617–1624 (2014)
21. Cherkaoui, A., Bossuet, L., Seitz, L., Selander, G., Borgaonkar, R.: New paradigms for access control in constrained environments. In: 2014 9th International Symposium on Reconfigurable and Communication-Centric Systems-on-Chip (ReCoSoC), Montpellier, pp. 1–4 (2014) 22. Peng, L.B., Ru-chuan, W.B., Xiao-yu, S., Long, C.: Privacy protection based on key-changed mutual authentication protocol in internet of things. Commun. Comput. Inf. Sci. 418, 345–355 (2014)
23. Ukil, A., Bandyopadhyay, S., Pal, A.: IoT-privacy: to be private or not to be private. In: Pro- ceedings—IEEE INFOCOM, Toronto, ON, pp. 123–124 (2014)
24. Sicari, S., Cappiello, C., Pellegrini, F.D., Miorandi, D., Coen-Porisini, A.: A security-and quality-aware system architecture for internet of things. Inf. Syst. Front. 18, 1–13 (2014) 25. Tormo, G.D., Marmol, F.G., Perez, G.M.: Dynamic and flexible selection of a reputation mech- anism for heterogeneous environments. Futur. Gener. Comput. Syst. 49, 113–124 (2014) 26. Gu, L., Wang, J., Sun, B.B.: Trust management mechanism for internet of things. China Com- mun. 11(2), 148–156 (2014)
27. Liu, Y.-B., Gong, X.-H., Feng, Y.-F.: Trust systembased on node behavior detection in internet of things. Tongxin Xuebao/J. Commun. 35(5), 8–15 (2014)

Mech. Mater. 539, 460–463 (2014)
34. Kubler, S., Frmling, K., Buda, A.: A standardized approach to deal with firewall and mobility policies in the IoT. Pervasive Mobile Comput. 20, 100–114 (2014)
35. Daubert, J., Wiesmaier, A., Kikiras, P.: A view on privacy & trust in IoT. In: IOT/CPS-Security Workshop, IEEE International Conference on Communications, ICC 2015, London, GB, June 08–12, 2015, page to appear. IEEE (2015)
36. Bhattacharjya, A., Zhong, X., Wang, J.: Strong, efficient and reliable personal messaging peer to peer architecture based on Hybrid RSA. In: Proceedings of the International Conference on Internet of Things and Cloud Computing (ICC 2016) ISBN 978-1-4503-4063-2/16/03.

37. encrypted messaging scheme based on Hybrid RSA for the Future Internet Architectures. Int.

48. Bhattacharjya, A., Zhong, X., Wang, J., Xing, L.: An efficient and four-layered authenticated secure Hybrid RSA (SHRSA) messaging scheme. IEEE Access, 7, 30487–30506 (2019). Dig-ital Object Identifier

Aniruddha Bhattacharjya is with the Department of Electronic Engineering, Tsinghua Univer-sity, Beijing, China, as a Chinese Government Ph.D. scholar. His research interests are cryptog-raphy, network security, RFID-based architectures and middleware, security in fixed and wireless Networks, applications of cryptography, and IoT security. He has received the ICDCN 2010, Ph.D. Forum Fellowship. He achieved the best paper award in ACM ICC 2016 in Cambridge University, UK. Since 2012, he has been working as an IEEE mentor and ACM faculty sponsor. He is a mem-ber of 34 IEEE societies and various IEEE technical committees. He has published 35 papers as well as 1 Chinese innovation patent is filed.

Some Computational Considerations for Kernel-Based Support Vector
Machine

Mohsen Esmaeilbeigi, Alireza Daneshkhah and Omid Chatrabgoun

O. Chatrabgoun
e-mail:
A. Daneshkhah (B)
Faculty of Engineering, Environment and Computing,
Coventry University, Coventry CV1 2JH, UK
e-mail: ;

© Springer Nature Switzerland AG 2020 177 M. Farsi et al. (eds.), Digital Twin Technologies and Smart Cities,
Internet of Things,

Some Computational Considerations for Kernel-Based Support Vector Machine 179

2 SVM Classification

plane
w1x1 + w2x2 + w3x3 + b = 0,

or hyperplane
n
�wixi + b = 0,

by combining both conditions (1) and (2), we can create the following constraint:

yi(wTxi + b) > 1, (3)

yi(wTxi + b) > 1 − εi.

The considered formulation can be derived via Lagrange multipliers αi and is known in the SVM literature as the primal problem, i.e.,

N

w =�αi yixi.

Fig. 1 Data not linear separable in input space, but they are in the feature space

2.2 Kernel-Based Classification

182 M. Esmaeilbeigi et al.

Obtaining feature space of the data is possible within the framework of reproducing kernel Hilbert space (RKHS). In other words, the mapping of the introduced feature is considered as φ : ω −→ HK(ω) under the map

where bi is obtained as before, i.e., bi = yi −index of an αi which is strictly between 0 and C. For stability purposes, we can again N�α j y jk(x j, xi) with i denoting the

average over all such candidates. For positive definite kernels, it is also possible to formulate the separating hyperplane without the bias term b (see, e.g., [15]).

This example uses a pattern which is not linearly separable and attempts to classify it: population 1 (denoted by blue ⊡ and green +) has centre points at {(0, 1), (1, 0), (2, 1)} and population 2 (denoted by blue ⃝ and red ×) has centre points at {(0, 0), (1, 1), (2, 0)}. Test points are chosen from a normal distribution from those populations and training data is generated from the test points. These distribution

184 M. Esmaeilbeigi et al.

0

data and test points for

-1.5 -1 -0.5 0 0.5 1 1.5 2 2.5 3 3.5

centre points (filled green ⊡ and red ⃝), test points (large green + and red ×) and

significant role, where larger ε encourages an SVM with more locality and smaller ε

encourages less localized influence; this matches the standard localization behaviour

grows unboundedly as ε −→ 0; on the other hand, for a very large ε, this example is perfectly classified. Minimizing the number of support vectors is optimal from a

computational standpoint, and also seems to suggest a viable region for predictions.

result demonstrates that finding an optimal SVM parametrization using either the

margin or the number of support vectors is not always a useful strategy. A more

10 200 100

5

Fig. 4 Fixes C = 0.6 with a variety of ε which shows the number of missed classifications (a) as well as the margin and the required number of support vectors (b)

0
10-2

10-3

10-2 100 102 104 106 108 10-2 100 102 104 106 108

C C

Cross-validation is a popular technique in statistics which uses the given data (instead of the usually unknown solution) to predict optimal values of model parameters for data fitting. The main idea is to split the data into a training set τ and a validation set ν and to then use some form of error norm obtained by gauging the accuracy of the fit built from information on the training set at points in the validation set.

Cross-validation (CV) is an especially popular version of cross-validation and corresponds to using a training set consisting of all but some of the data points, which in turn are the sole member of the validation set. In the context of kernel methods, CV appeared in papers such as [18–20]. Often times, cross-validation is conducted in one of two ways:
Leave-one-out cross-validation (LOOCV): All the data except a single point is used to compute in kernel-based SVM classification, and the residual is judged at that point. In this setting, V = {ν(1), νV (2), . . . , νV (N)} = {x1, x2, . . . , xN} and the errors at each of those points are added up to find total error. As explained in [21], it is most

0.65
0.7
10-2
0.6
102 0.6
101 101
100 10-1 C 0.5
10-2 104 10-2 10-1 100 101 102 103 104

Fig. 6 Fixes ε = 0.01 with a variety of C which shows the number of missed classifications (a) as well as the margin and the required number of support vectors (b)

likely the preferred form to compute. Thus, the entire LOOCV computation can be performed with little overhead compared to the computation of the classification.

Leave-half-out cross-validation: Half of the data is omitted to create a classifi-cation and the residual is judged on the other half; then the process is flipped and both results are combined to compute total error. In this setting, V = {ν(1), ν(2)} and |ν(1)| = |ν(1)|, or as close as possible. Sometimes, instead of leave-half-out cross-validation, some part of the data preserve for cross-validation. This part of data is called fold.

they are most efficient to be generally used for any dataset. An alternative method is the kernel-based SVM which is constructed using the feature space instead of data (input) space. In other words, instead of using data space for classification, we use some nice properties in the data, such as distance from each other, or function of this distance (i.e., feature space). The kernel-based SVM approach allows non-linear classification which is required in the most complex applications, including the ones considered in this paper. It is then demonstrated that the kernel-based SVM possess some useful features, generally refers to the useful characterizations of the kernels such as the possibility of interacting with high-dimensional data and the possibility of encountering with non-linear data. In addition, the existence of some customizable parameters in the kernels makes the kernel-based SVM more flexible in non-linear classification. In other words, the produced error using linear SVMs has been reduced using the kernel-based SVMs. The choice of kernel parameter obviously plays a sig-nificant role, when larger kernel parameter encouraged SVMs with more localities and vice versa. This paper has provided some results on the effect of the parame-ter of the kernel-based SVM classification. In fact, we have examined the effect of these parameters on the classification performance using the kernel-based SVM by appropriately determining the optimal value of these parameters using the presented cross-validation (CV) technique.

References

IOS Press (2003)
12. Scholkopf, B., Smola, A.J.: Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond. MIT Press, Cambridge (2002)
13. Fasshauer, G., McCourt, M.: Kernel-Based Approximation Method using Matlab. World Sci- entific Publishing (2016)
14. Cover, T.M.: Geometrical and statistical properties of systems of linear inequalities with appli- cations in pattern recognition. IEEE Trans. Electron. 14, 326–334 (1965)

Some Computational Considerations for Kernel-Based Support Vector Machine 189

Numer. Algorithms 45(1–4), 345–368 (2007)
21. Fasshauer, G.E.: Meshfree Approximation Methods with Matlab, Interdisciplinary Mathemat- ical Sciences, vol. 6. World Scientific Publishing Co., Singapore (2007)

A. Bhattacharjya (B) · X. Zhong · J. Wang · X. Li Department of Electronic Engineering, Beijing National Research Center for Information Science and Technology, Tsinghua University, Beijing, China
e-mail:

X. Zhong
e-mail:

Cryptography which is the science of encryption plays a dominant role in provid-ing security to Automated Teller Machine (ATM) cards, sending or receiving private emails, electronic commerce, digital signature, mobile phone communications, trans-action processing, securing computer from unauthorized access, and also related to many aspects of the day-to-day lives. In the scenario of personal messaging, we need E2E encryption, which should protect the privacy with authentication, but it also should balance the efficiency. RSA cipher is suffering from various backlogs in this era, particularly on the personal messaging scenario. Therefore, it is vivid that, a secure, strongly authenticated, reliable messaging scheme with strong E2E protection to users and the messages, which will be also much faster, is an essential need these days. Therefore, efficiency plays a pivot role in the designing of secure communication protocol. One of the good solutions can be variants of RSA [1–18], which can make a new hybrid RSA messaging communication protocol, for balanc-ing the efficiency with strong security, privacy, reliability, and authentication. It is well understood that balancing strong security, privacy, reliability, and authentication with high efficiency is challenging. There are several variants of RSA algorithm pro-posed in the past. The proposed secure communication protocol should be protective to privacy strongly, should replace some of the backlogs of RSA, and should work purely peer-to-peer enabling end-to-end encryption.

We know a recent term “Digital Twin”. The idea of a virtual, digital alike to the physical product or the Digital Twin was introduced in 2003 by Dr. Michael Grieves. It was termed in Virtually Perfect: Driving Innovative and Lean Products through Product Lifecycle Management (pg. 133) as a part of the University of Michigan Executive Course on Product Lifecycle Management (PLM).

These four distinguished features are as follows:

1. Less memory usages of SHRSA messaging communication protocol than RSA. 2. Less CPU usages of SHRSA messaging communication protocol than RSA. 3. Efficiency in decryption than main RSA and CRT-RSA.

RSA algorithm has a very renowned property named multiplicative property. For example, if we consider for plaintext messages x1 and x2, as per this property, we can have encryption as shown in Eq. (1):

encK(x1x2) = encK(x1) ∗ encK(x2) (1)

Boneh et al. [7] have shown us another dangerous scientific problem called as exploitation of homomorphic property of RSA.

In a nutshell:

194 A. Bhattacharjya et al.

Again, with Lenstra [2, 26], we can find the heuristic anticipated runtime of the elliptic curve factorization method (ECM) with Eq. (4), to get a factor y of x.

where k is the constant in the following key Eq. (6) :

4 < (1/2N)1/a< x1 < N1/a< xa < (2N)1/a (7)

Here, we assume that the public and private exponents are well-defined modulo F (N) as shown in Eq. (8) :

ed = 1 + kφ(N) (10)

where k is some positive integer.

=�N/xi − i,j=1,i< j� N/xixj + i,j,k=1,i< j<k� N/xixjxk + . . . + (−1)a (11)

We can see from [15, 36], a simple computation by use of Eq. (11) for ∧ and 1.3 (condition for balanced primes) revealed that ∧ fulfills |∧| < (2a − 1) N1−1/a. Thus, F (N) and N have roughly an (a − 1)/a fraction of their most significant bits in common. The encryption algorithm for multi-prime RSA is undistinguishable to that of RSA. The public (encrypting) exponent will commonly be symbolized by e = Nα. While the idea of performing decryption, using CRT [10–12, 36] was mentioned as early as 1977 in the RSA patent (when the modulus consists of more than two primes) and in 1979 by Rabin, it was not fully appreciated for use in RSA until J-J. Quisquater’s and C. Couvreur’s work in 1982 [10]. Divide-and-conquer technique gives CRT-RSA almost theoretical speedup up to four times faster than normal RSA as shown in Eq. (12):

for 1 ≤ i ≤ k. Then, by using CRT to Eq. (13), we can get the plain text M = Cdmod n. M-prime RSA has di = O(n1/k) (so as to log di = O(log(n)/k)) and the multiplication cost of O((log(n)/k)2) for a whole cost of O(k(log(n)/k)3) = O(log3(n)/k2), resulting in the theoretical speedup of M-prime RSA compared to CRT-RSA which is shown in Eq. (14):

S = k2/4 (14)

Also:

• More effortlessness and speediness can come with efficient RSA [14] with extended Euclidean algorithm.

Asanoutcome,wehavedevelopedanSHRSA[19–23]messagingcommunication protocol. The most precarious scientific attacks on RSA is exploitation of multiplica-tive property as shown in [24]. We are using OEAP [24] added with some random

Fig. 1 The SHRSA messaging communication protocol’s algorithms integration

salt with some synchronous time gap, with the plain text, before the SHRSA-based lightweight and efficient personal messaging communication protocol’s encryption begins. This is resolving the below scientific attacks:

The SHRSA-based six-layered personal messaging communication protocol is a multilayered protocol stack as shown in Fig. 2.

First layer end-to-end connection layer establishes pure dedicated end-to-end channel for each peer recognized by IP address. End-to-end connection layer is responsible for creating and receiving TCP connections from peers with TCP relay option, recognized by IP address used. Second layer is for providing multilayer authentication and This second layer shown in Fig. 2 is actually consisting of three layers of authentications internally. The three-layer authentications are shown in Fig. 3.

Diffie–Hellman key
exchange

Fig. 3 The SHRSA’s three-layered authentication

3.2 Problems Resolved by SHRSA Messaging Communication Protocol

In the scheme’s encryption (Layer 5 in Fig. 2), we have first integrated main RSA with Pohlig–Hellman encipher and with efficient RSA for more and more strong and statistical complexity. Before encryption starts, we are using OAEP [16] and random salts with the plaintext. This OAEP and random salts are helping us to resolve two major scientific problems of RSA. It is protecting us from the scientific attacks like exploitation of multiplicative property (chosen ciphertext attack), exploitation of homomorphism property (meet-in-the-middle attack), and short plaintext attack.

2. It is giving us more and more strong and statistical complexity.

3. It is giving us parallel protection to sniffing attacks and real-time key negotiation between each peer is given by PFS using D–H.

7. It is giving us resolution for difficulty of the integer factorization problem of RSA and very computationally costly exponentiation modulo N problem.

8. 1024-bit key is giving us solution for the exploitation of certain key choices problems.

nine-layered protocol stacks.

Now, let us focus on the sixth layer of the messaging scheme’s multilayered

The divide-and-conquer technique boosts the CRT for high efficiency and multi-

prime RSA again boosts up the decryption speed by decreasing the size of exponents

• Computational modular exponentiation complexity and partial key exposure vul-nerability.

• Asymptotic very low speed of decryption of RSA (multi-prime RSA and CRT-RSA insertion are resolving these scientific problems). In the SHRSA decryption

security, privacy, and authentication with high efficiency.

4 Result Analysis of Secure Hybrid RSA-Based

8.0.2. For SHRSA encryption and SHRSA decryption, we have 21

classes for each one as whole 42 classes. In the software package

larger primes. Diffie–Hellman initiator class and challenger class with respondent

class take care about PFS based on DH, peer-to-peer authentication by D–H key

client and SHRSA server’s
memory usage comparisons

Fig. 5 RSA with SHRSA client’s and SHRSA server’s CPU usages comparisons

Now, if we compare the SHRSA cipher’s protocol’s encryption complexity and decryption complexity with main RSA and CRT-RSA, it can be shown in Table 1. Though RSA and CRT-RSA decryption complexity calculations are known to us, still we have calculated again in Appendix B. Details of calculation of SHRSA cipher’s

A Secure Hybrid RSA (SHRSA)-Based Lightweight … 203

Now, let us discuss some security features of the SHRSA cipher and how it can protect us from several dangerous attacks.

(1) Factorization of RSA modulus n

(3) Broadcast decryption by low exponent attack

To avoid this attack, each pair of public keys Pi = (ei, ni) and Pj = (ej, nj and any broadcast message should satisfy ei ̸= ej or mei, mej> ninj. The m and n are large enough, so product of m*n is again large, so in this way, we are avoiding this attack. For another similar attack—Broadcast Decryption by Common Modulus Attack, the message senders are not sending identical messages to receivers with the same modulus and relatively prime encryption exponents.

(6) Finding the eth root attack

We are using the CRT to decrypt. Finding the eth root is a difficult problem [4, 33, 34], if n is large. But if if ϕ(n) is given, it can be found in polynomial time. We are tackling this problem with e = 3 with CRT.

(9) Exploitation of homomorphic property

A Secure Hybrid RSA (SHRSA)-Based Lightweight … 205

We are resolving this problem by using the SHRSA big integer class and we are having the customized Monte Carlo factor with Pollard p-1 factorization for this and the prime number is decided by the SHRSA big integer class with Rabin–Miller Primality test and of course we are using M-prime RSA with CRT-RSA for faster decryption. Moreover, we are using PKCS #5 for defining the exponents as inverses λ (N) = LCM (x − 1, y − 1). Also, OEAP insertion with random salts in the multilayered SHRSA cipher is helpingustostopattackssuchasAlgebraicattacks,Hastadattack,Desmedt–Odlyzko attack, related message attacks, fixed pattern RSA signature forgery, and two attacks by Bleichenbacher.

Moreover, the scheme is Set Partial Domain One. Therefore, these less memory occupancies, less CPU occupancies, and then increasing the computational speed at decryption with faster running time make the SHRSA communication protocol very relevant to these days Internet and IoE’s need.

The SHRSA-based lightweight and efficient personal messaging communication protocol is a perfect combination of strong security, authentication, and reliability. It can protect the private information with a strong balance of efficiency, with a blend of the messaging communication protocol’s encryption and decryption. The scheme can resolve some of the important scientific problems of RSA, for using it in personal messaging scenarios in present Internet and future Internet architectures. In the encryption level, the SHRSA messaging scheme’s encryption algorithm with 1024-bit RSA modulus is helping us to resolve some of the scientific problems like the exploitation of multiplicative property, the exploitation of homomorphic prop-erty (meet-in-the-middle attack), difficulty of the integer factorization problem of RSA, the very high computationally costly exponentiation modulo N problem, and low modular complexity with effortlessness and speediness problem. Moreover, the SHRSA messaging communication protocol’s encryption has proper protection from chosen plaintext attack and short plaintext attack, etc., along with protection to sniff-ing attacks and resolving the real-time key negotiation issue also. Brute-force attack is countered by randomly altering the keys in synchronous time slot with 1024-bit value. In the decryption level, the SHRSA messaging communication protocol’s decryption is helping us to resolve some of the scientific problems like computa-tional modular exponentiation complexity, partial key exposure vulnerability, and asymptotic very low speed of decryption of RSA problem. We are gaining nine times asymptotic decryption speed than the RSA. We have also seen in the testing that the communication protocol is occupying very less memory and it is less CPU occupier also than RSA and CRT-RSA. These properties of the scheme make it more accepted in low-memory and low-CPU constraint environs. All these properties we have seen in results have made the protocol very relevant to all aspects of the IoE scenarios.

Decryption method:
1. Uses his private key (N, d) to compute M = Cdmod N.

2. Extracts the plaintext from the message representative M.

For computation, we have considered k = 3,

208 A. Bhattacharjya et al.

Some more on this SHRSA has attained a decryption speedup compared with + (3 ∗≈ n3/3 + o(n2)�3 ∗ (n/3)3+ (n/3)2�+ 16n2/3+ o�n2�

plain RSA and CRT-RSA, just by decreasing the size of exponents and moduli, at the cost of extra modular exponentiations. Though a linear rise in the number of exponentiations turns to a cubic reduction in the cost of each exponentiation for a complete speedup that is quadratic in the number of factors k of the modulus. Properly evaluating Cdmod n for d = O(n) costs O(log3n), while SHRSA has di = O(n1/k) (so that log di = O(log(n)/k)) and multiplication cost of O((log(n)/k)2) for a complete cost of O(k(log(n)/k)3) = O(log3(n)/k2). We have used three prime numbers as the scheme’s modulus size (bits) is 1024 bits.

2.(n/2)3/b.(n/b)3= b2/4

One of the advantages of SHRSA decryption is time, by use of the Chinese Remainder Theorem and doing the calculations in parallel, the number of bit opera-tions necessitates to decrypt a ciphertext is at most

Complexities Calculations

The RSA modulus was modified so that it can further decrease the decryption time.

Following parameters are used:

• n = Number of bits in modulus.

2. Compute e and d such that d = e−1mod ϕ(N), where gcd(e, ϕ(N)) = 1, ϕ(N) = πk i−1(pi− 1)
3. For 1 ≤ i ≤ k, compute di = d mod (pi-1).

Public key = (N, e).

Technical Report TR–CS–82–2, Department of EECS, University of Wisconsin, Milwaukee, October 1982.
2. Lenstra: Facto 126, 649–673 (1987)
3. Wiener, M.J.: Cryptanalysis of short RSA secret exponents. IEEE Trans. Inf. Theory 36(3), 553–559 (1990)
4. Coppersmith, D.: Finding a small root of a univariate modular equation. In: Advances in Cryp- tology—EUROCRYPT ’96, volume 1070 of Lecture Notes in Computer Science, pp. 155–165.

Springer (1996)
5. Boneh, D., Venkatesan, R.: Breaking RSA may not be equivalent to factoring. In: Advances in Cryptology - EUROCRYPT ’98, volume 1403 of Lecture Notes in Computer Science, pp. 59–71. Springer, 1099
6. Boneh, D., Durfee, G.: Cryptoanalysis of RSA with private key d less than n 0.292. IEEE Trans.

22. Things (IoT), Cyber-Physical Systems: Architecture, Security and Application. EAI/Springer Innovations in Communication and Computing, 153–185 (2019)
23. Bhattacharjya, A., Zhong, X., Wang, J., Xing, L.: CoAP—application layer connection-less lightweight protocol for the Internet of Things (IoT) and CoAP -IPSEC Security with DTLS Supporting CoAP. Accepted chapter in Book entitled “Digital Twin Technologies and Smart Cities” - Springer Series Title: Internet of Things (IoT)”. CiteScore 0.88, IDS Number: BK0ZF 24. Bradly, J., Barbier, J., Handler, D.: Embracing the Internet of Everything to Capture Your Share of $ 14.4 Trillion. White Paper, Cisco (2013)
25. Hinek, M.J.: Small private exponent partial key-exposure attacks on multi-prime RSA. In Technical report, Citeseer (2005)
26. Lenstra, H., Lenstra, W., Lov´asz, L.: Factoring polynomials with rational coefficients. Math- ematische Annalen 261, 515–534 (1982)
27. Hinek, M.J.: Lattice attacks in cryptography: a partial overview. In: CACR Technical Report CACR 2004-08, Centre for Applied Cryptographic Research, University of Waterloo (2004) 28. Brown, D.R.L.: Breaking RSA may be as difficult as factoring. Cryptology ePrint Archive, Report 2005/380 (2005)
29. Hinek, M.J.: New partial key exposure attacks on RSA revisited. In: CACR Technical Report CACR 2004–02, Centre for Applied Cryptographic Research, University of Waterloo (2004) 30. Hinek, M.J.: (Very) large RSA private exponent vulnerabilities. In: CACR Technical Report CACR 2004-01, Centre for Applied Cryptographic Research, University of Waterloo (2004).

Chen, C.Y., Ku, C.Y., Yen, D.C.: Cryptanalysis of large RSA exponent by using the LLL algorithm. Appl. Math. Comput. 169, 516–525 (2005)
31. Sun, H.M., Wu, M.E. ‘An approach towards rebalanced RSACRT with short public exponent’.

212 A. Bhattacharjya et al.

38. Braun, B.M.: Crowcroft, J. SNA: Sourceless Network Architecture, Technical Report, Number 849, Computer Laboratory, UCAM-CL-TR-849, ISSN 1476-2986, March 2014
39. Paxson, V., Sommer, R.: An architecture for exploiting multi-core processors to parallelize network intrusion prevention. In: Proceedings of the IEEE Sarnoff Symposium, pp. 1–7 (2007) 40. Diffie, W., Hellman, M.: “New directions in cryptography” (PDF). IEEE Trans. Inf. Theory 22(6), 644–654 (1976)