UBITECH is hosting the kick-off meeting, in Athens, Greece (February 5-6, 2020), of the RAINBOW Research and Innovation Action, officially started on January 1st, 2020. The project is funded by European Commission under Horizon 2020 Programme (Grant Agreement No. 871403) and spans on the period January 2020 – December 2022. The vision of the RAINBOW is to design and develop an open and trusted fog computing platform that facilitates the deployment and management of scalable, heterogeneous and secure IoT services and cross-cloud applications (i.e, microservices). RAINBOW falls within the bigger vision of delivering a platform enabling users to remotely control the infrastructure that is running, potentially, on hundreds of edge devices (e.g., wearables), thousands of fog nodes in a factory building or flying in the sky (e.g., drones), and millions of vehicles travelling in a certain area or across Europe.
RAINBOW aspires to enable fog computing to reach its true potential by providing the deployment, orchestration, network fabric and data management for scalable and secure edge applications, addressing the need to timely process the ever-increasing amount of data continuously gathered from heterogeneous IoT devices and appliances. The RAINBOW solution will provide significant benefits for popular cloud platforms, fog middleware, and distributed data management engines, and will extend the open-source ecosystem by pushing intelligence to the network edge while also ensuring security and privacy primitives across the device-fog-cloud-application stack. To evaluate its wide applicability, RAINBOW will be demonstrated in various real world and demanding scenarios, such as automated manufacturing (Industry 4.0), connected vehicles and critical infrastructure surveillance with drones. These application areas are safety-critical and demanding; requiring guaranteed extra-functional properties, including real-time responsiveness, availability, data freshness, efficient data protection and management, energy-efficiency and industry-specific security standards.
Within RAINBOW, UBITECH will undertake the administrative and technical coordination of the consortium, and will drive the technological developments in the areas of novel orchestration models and security and trust enablers for fog computing. In particular, UBITECH will develop a fog orchestration framework on top of popular cloud management stacks by rethinking the current de-centralized computing and network algorithms for rapid resource provisioning, monitoring and seamless management of IoT services and cross-cloud applications. The framework will support affinity-aware and multi-objective offloading, enabling the execution of IoT services partitioned into segments (i.e., microservices) on different and heterogeneous fog and edge devices. The algorithmic process of determining where IoT services, and their partitioned segments, must run will be based on user-defined QoS, energy, network dynamics and cost optimization constraints, as well as on privacy and data protection restrictions for IoT services compliancy with cybersecurity (2016/1148) and GDPR (2016/679) EU directives.
Finally, UBITECH will introduce a “zero-conf” overlay mesh network paradigm that guarantees edge device and network security in the form of data protection, identity management, anonymity and resource integrity at all network layers starting from the device (bottom) to the application (top of the stack), designing the fog overlay mesh network on-top of the state-of-the-art CJDNS secure routing protocol enhanced by Direct Anonymous Attestation (DAA) and Control Flow Attestation (CFA)mechanisms. UBITECH will work on advanced remote attestation techniques –modeled and provided as crypto primitives– in the context of the DAA specification, coupled with the CJDNS secure routing protocol to attest that a peer can be trusted and, therefore, be accepted in the overlay mesh network interconnecting fog and cloud nodes. For operational assurance, UBITECH will contribute towards the provision of CFA. This will provide security properties which reduce the overall attack vector for distributed topology functionalities (i.e., node addition/removal) while also considering the nature of fog nodes a priori mobile, geo-distributed, ephemeral and highly dynamic.