Open gparmer opened 4 years ago
Reviewer: Álvaro Albero Review Type: Critical
Problem being solved Internet is a key technology for the functionality of IoT devices. However, the technologies and protocols used in the internet were not designed for cyber physical systems (CPSs). Using the internet generates latency and security problems in IoT systems that need to be address.
Important areas The main areas of study to address these problems are architecture, coordination and timing, and programming models. Edge computing architecture can provide better latency, due to proximity, and security, as it controls the access to the internet of these devices. Different coordination and timing standards are used and newer are being developed; they should be good enough for IoT systems. Finally, programming models that work asynchronously, like JavaScript, but can also ensure a level of determinism in the order of execution are necessary.
Questions about the survey Section 3a: Why IoT devices cannot have a fixed IP address? Couldn’t they work with private fixed addresses if necessary?
Section 5: I do not understand the excessive focus in real time. If there are isolated systems already deployed and working in real time and performing well with many different functions and capabilities, why adding an edge server that will also communicate with the cloud for some tasks needs so much extra complexity?
Section 3a: When the authors talk about using proximity as a way to authenticate and authorize access to an IoT device, are they only using this condition? Is this working in combination with PKI or passwords?
Critiques about the survey In the security section, the authors do not provide any information or solution for systems that do not have physically constrained access. They just comment that other mechanisms should be developed. In the introduction, they consider cars and trains as important systems, and clearly these are totally accessible to anyone so I believe more explanation and detail should have been given here.
In the robust time coordination sections, the authors explain that the systems should be robust to time errors as these may happen due to unexpected events that affect the timing system. However, they do not go further and explain how this can be done and set an example of a system that can overcome time errors in certain circumstances and recover from them.
Reviewer: Akinori Kahata Review Type: Critical
1.the problem being solved. Recently, internet technology is applied to the physical systems, and this change make our life more comfortable. However, compared to conventional internet technology, cyber-physical systems need more reliability include safety and dependability and so on, especially in the area such as factory automation and transportation systems. Traditionally, reliability of these area is secured by isolation, but surrounding environment is changing to open with the internet, then, the technologies for keeping security, time accuracy, safety are needed.
2.most important to the survey. For securing IoIT(Internet of Important Things) reliability, the edge computing technologies, which is placed between IoIT devices and cloud computing, can be a good solution. Specifically, the author shows the possible technologies for enhancing reliability; authentication and authorization method for security, clock synchronization technology and some protocol of time-sensitive networking for coordination and timing, and programming model of temporal semantics for real-time analysis.
3.questions about the survey.
4.critiques about the survey
Lily Shpak Critical Review
The Internet was not originally built for physical systems to interact with it, so now with the increasing number of “smart” devices that need to connect to the Internet, it is important for there to be a secure connection to the Internet. This paper focuses on what they call the Internet of Important Things(IoIT), these IoIT systems are safety-critical, meaning that if they are compromised there will be catastrophic effects. The authors of this paper approach this issue by looking at the use of edge computing and clock synchronization.
They contribute to this issue by providing examples as well as counter examples to fix this issue. The authors argue that the best way to approach the issue of securing the IoIT is to combine the use of real time clocks and edge computing. They talk about different examples of edge computing that could work, as well as different ways to use real time clocks.
Reviewer: Rick Sear Review Type: Critical
There is a contradiction between the current Internet of Things programming trends and the highly time-sensitive nature of a lot of IoT devices. However, there are technologies and techniques which can help resolve this contradiction, which this paper surveys.
Spans a lot of important areas: the architecture of making secure (verifiable and not easily penetrated) systems to the problems associated with real-time systems (and some possible solutions). Mainly, the paper talks about how using edge computing and well-orchestrating a group of IoT devices has great potential to make them do "important things".
Internet of things devices have been naively implemented on top of off the shelf technology. But that tech was designed for less critical/more ethereal systems. This leads to “smart” physical devices (which can’t be replaced as easily as digital components), that have much shorter lives than the “dumb” products they were designed to replace. Also, physical security and responsiveness have different fundamental characteristics than digital security and responsiveness. Therefore, a lack of green field design has led to insecure and unresponsive devices.
They suggest a number of design philosophies for IoT. They recommend using a specific framework for authentication and authorization. They also talk about edge computing as a solution for certain problems. A major section of the paper is on timing coordination, maybe in the direction of networked time-coordinated computing.
Reviewer: Pat Cody Review Type: Critical
The Internet of Things suffers from mismatched priorities with the Internet, as the latter was not originally designed to allow for control over cyber-physical systems. As a result, IoT devices struggle in areas relating to efficient responsiveness and robust security.
This paper highlights a variety of problems the IoT has due to the implementation of the Internet. It discusses some upcoming technologies that can be used to solve the stated problems. It proposes architecture and infrastructure changes to make the IoT more robust.
Reviewer: Sam Hanna Review Type: Critical
Problem Being Solved: This paper talked about the Internet of Important Things (IoIT) which is Cyber-Physical Systems in which safety is a vital component. In these types of systems, timing, reliability, and safety are all very important; these are all things that the conventional internet was not built to handle. This paper surveys different techniques that can be used to mitigate these risks.
Important Areas: While there were a lot of areas that the paper covered, the four main topics were: edge computing, security, timing, and programming models. While these areas were all important, the timing and programming models were the two areas that were covered the most. The paper covered multiple types of technologies that can be used to help these IoIT systems be safe.
Questions about the Survey:
Critiques about the Survey:
Reviewer: Eric Wendt Review Type: Critical
Overview This papers overviews Internet of Things as a technology and mentions many of the challenges and security concerns associated with the concept. Rather than addressing a single challenge, this paper lists many of the strategies/steps taken to mitigate these concerns, as well as illuminating any resulting pitfalls.
Contributions
One of the most critical pieces of information here is the classifications of common IoT time-transfer protocols. Without going into unnecessary detail, the paper gives a broad view of some of the steps taken to solve the problem of clock synchronization.
Far and away the most interesting discussion of this paper was the one on system timing and synchronization. The contrast between IoT devices and regular computing systems is highlighted nicely here, stressing that scheduling, priority, run-time, and timing for IoT devices is crucial to their utility. This topic flies under the radar in many discussions, so having a detailed explanation of this challenge brings the paper together as a whole.
Critiques
This paper falls into the ‘breadth’ rather than ‘depth’ category. For what this paper tries to be, that’s fine. The only problem with this is that the paper frequently references elusive technologies that can be difficult to understand. Making assumptions from the user causes unnecessary confusion. A little more depth would be helpful. They mention Let’s Encrypt here as a unique approach to authentication in IoT devices, but doesn’t give enough information to provide more than a cursory understanding.
Another major critique of this paper is its inability to mention the emergence of 5G technology. Being new to research in IoT, I can offer only slight insight, but I assume that 5G has massive implications for edge computing. Edge computing is hugely prevalent here, so this would be a good opportunity to talk about this new technology. This paper was written in 2018, so it’s excusable in this case, but network providers have been working on this for many years.
Questions:
Reviewer: Rachell Kim Review Type: Critical
Problem Being Solved
Current standards and protocols for Internet technology in IoT systems are considered unreliable in terms of security and does not guarantee safety for many cyber-physical systems. This paper reviews and attempts to offer a few possible solutions to these problems of time-sensitivity and safety in cyber-physical systems which seek to make use of Internet services by referencing some of the existing technologies and techniques, including those developed by the author’s team.
Main Contributions
This paper identifies and attempts to address some of what the authors consider the major vulnerabilities in IoIT systems. The authors propose architectural approaches such as edge computing as well as their own communication protocols, called Auth, to solve the identified issues. The authors also propose integrating existing TSN technologies such as the IEEE standard for clock synchronization (or accurate clocks in general) with edge computing, paired with advanced time transfer mechanisms, to develop a more robust security in IoIT devices.
Questions
Critique
Reviewer: Becky Shanley Review Type: Critical
Problem being solved
Making Cyber-Physical Systems that are critically important and safe, reliable, and secure is really hard. This paper studies some of the technologies it deems most prevalent in providing Important Things with these things. Then, it spends the end of the paper discussing ways that these technologies have been utilized together in programming models to provide the aforementioned attributes.
Important areas
The survey studies technologies, such as Edge Computing, Security (authentication/authorization and availability threats/resiliency), and Timing (clock synchronization, robust time coordination, timeliness of message deliveries). It specifically studies elements of these technologies that provide safety, reliability, and security for IIoT devices (Internet of Important Things). The survey also discusses programming models that combine all of the aforementioned technologies to meet all of the unique requirements of IIoT devices.
Questions about the survey
Critiques about the survey
Reviewer: Huachuan Wang Review Type: Critical
Overview This paper focused on the dependability and safety of Things. It surveys architectural approaches, communication protocols, and programming models that promise to bridge the gap between internet technology and the physical systems. Where the internet and things have different requirements, respectively, regarding timeliness and security. It argued that the smart gateways hosted on edge cloud-based services could provide tighter control over timing and security. This paper also explained how time-sensitive network technology could increase the reliability of the IoT.
Contribution This paper has shown that computers can enhance reliability and resilience as well as improve scalability. It emphasized that a critical enabler for the realization of the IoIT is synchronization and time-aware communication protocols. This paper also explained how edge computers could handle secure communications between Things that allow reliable low-latency connections and achieve real-time responsiveness.
Questions
Questions on the security part. This paper gives an example that attacks for traditional internet services, for example, DDoS. Why is IoT more vulnerable to this kind of attack?
Questions on the coordination and timing part. This paper states that the high-precision clock synchronization combines with edge computers, which can function as gateways to ensure controlled timing on the local area networks with deterministic latencies and reliable delivery. The coordination of the physical time is expensive or not? Software defined network (SDN) can manage the workflow to maximize capacity. However, when compared with time sensitive network (TSN), why TSN potentially can provide much better bounds on latency?
Critiques
This paper is well structured and very informative. Especially in the Real-time part, it provides the illustration, examples, questions, and solutions on each aspect of the definition.
The floating-point numbers are an approximation of the real number, it cannot do equality tests, and its addition is not associative. However, in this paper, it only states that the problem is solved without indicating how this was solved and there is no related reference provided. I found a reference "What Every Computer Scientist Should Know About Floating-Point Arithmetic" (https://docs.oracle.com/cd/E19957-01/806-3568/ncg_goldberg.html) gives detailed instruction. The numerical analysis devoted to studying the numerical stability of algorithms, this helps with understanding the complex computation of floating points.
As the internet of things is expanding security and latency concerns have become important. The internet was not designed to support embedded systems or systems that interact with the physical world. The time and security constraints that come with a cyber physical system are different that strictly digital constraints. This paper surveys technology that has advanced to help manage timing and security in the internet of things.
The paper recognizes where standard digital solutions to problems like authentication will not be adequate for the internet of things. Edge computing is considered as a way to mediate authentication at a closer proximity to the Things while also avoiding a single point of failure. The paper also highlights the issue of timing and coordination within IoT. The protocols used by the internet are not particularly concerned with robust timing which can be crucial to an important Thing. The largest portion of this paper is spent discussing how IoT developers are addressing timing constraints of real-time devices.
Reviewer: Niko Reveliotis Review Type: Critical
Problem Being Solved This paper discusses the techniques being applied to our existing network infrastructure (which was originally built for information systems) to allow for the development of cyber-physical systems. These techniques aren't limited to the physical infrastructure, but also communication protocols and programming models. Specifically, they are examining the Internet of "Important" Things, which are systems that have the highest requirements for safety (such as self-driving vehicles and factory robotics) and how they can be integrated to our network infrastructure.
Main Contributions
This paper describes the future techniques and solutions currently being developed to bring our current network infrastructure up to speed with growing IoT needs. They focus on the three categories: edge computing, security, coordination and timing, and programming models.
Edge computing solution Auth, which allows for credential verification across multiple different "Auth machines" (or Auths) in the event one Auth goes offline. Thus, reducing/eliminating downtime when a central authentication server goes down.
Three Questions
In section 3a, they discuss how certificate authorities are unable to give our certificates at the rate IoT is growing. The paper then discusses the automation of this process through a service called Let's Encrypt. How does the technology behind generating a successful and safe online certificate done under automation? Not necessarily the encryption of the public and private keys, but how is it verified across machines, or how does Let's Encrypt determine whether the request is legitimate?
The paper briefly listed the network protocols (HTTP/TCP/UDP). I understand with TCP you ensure that data was successfully received vs UDP where you continuously send packets up to a recipient. In the context of IoT, are there situations where UDP would be acceptable versus TCP? From what I see, although latency is a problem within these devices, confirming that data was successfully sent seems much more important. When wouldn't this be the case?
In section 3a, when they refer to fixed IP addresses as a security risk are they specifically referring to the global network? I use DHCP reservations to assign static IP addresses to a few devices that I need to access remotely within my home network network (SSH/SFTP). Would this be considered a security risk, or would my router be the first wall of entry before this is a cause of concern?
Three Critiques
Section 4c only briefly discusses the current development of reducing latency within WANs (Wide Area Networks) with wireless connections. To develop a paper discussing the "Important" IoT systems without divulging enough time into wireless latency reduction seems to be a gaping hole in this paper. For example, low latency will allow self driving cars to communicate with each other to make the cars "smarter" by providing them more information to work with, but if that data is old then the information is of significantly less use.
The paper's programming models section focused on Javascript. Not to dissuade from JS development, but many embedded systems are working on limited hardware and have to use lower level languages such as C. These systems aren't necessarily linked to creating a webpage, but rather direct communication between other IoT devices.
Auth's description was limited to a single paragraph. Examining the inner-workings of Auth, and how it could become the future of credential verification would've made their product shine a lot brighter in this paper. This critique is a bit nit-picky; I understand they were trying to give a more general outline of the future of our internet to incorporate IoT devices. I just find this idea of multi-authentication servers from their description to be interesting.
Reviewer: Zach Day Review type: Critical
The paper provides a broad overview of the state of security on the "Internet of Things" scene, along with reviewing popular and upcoming technologies that could be used to enrich IoT functionality and security with a strong focus on technologies that can be applied to real-time systems. Specifically, they focus on devices which utilize the internet to share environmental information with each other. They draw a distinction between consumer "smart" devices and safety-critical systems like robots and vehicle components, which they describe as the "Internet of Important Things." The focus on IoIT gives rise to the aforementioned focus on enabling real-time concurrency.
Security is critical in any system connected to an open network, but systems for which failure could result in catastrophic damage or loss of life, ensuring security is critical for avoid disaster. The authors converge the current concerns with IoIT security with another key issue, timing. Although security and timing are fairly unrelated subjects, they both play a huge role in preventing Thing-induced accidents. The paper's main contribution is creating an overview of humanity's progress thus far in researching security and timing among safety-critical IoT devices.
Section III, p1 describes "physical attacks" through hardware manipulation on IoT devices as being a security concern. My question is, how can hardware manipulation attacks ever not be an issue? If the hacker has meatspace access to a machine, they have, in theory, pwn'd it. Shouldn't this be a concern for the server room security guards and not the developers?
The paper focuses a lot on clock inaccuracies, but very little on actual wireless communication techniques, and by extension, wireless latency. The paper itself agrees with the idea that latency sensitivity is a definite issue for IoT, so why wouldn't it approach latency-reduction technologies along with the other topics?
While I understand the concept of devices sharing time data with each other, I struggle to come up with a concrete use case for the security measures around time transfer described in 4B. Why is so important that time be transferred to other devices, when that device itself would still need a clock to perform anything useful?
While I did mention that reconciling the domains of IoT security and remote timing synchronization is a key contribution of the paper, the transition between the two feels disjointed. I don't really feel like the authors end their talk about security on a conclusive statement. This repeats itself, albeit to a lesser extent, in the transition between timing and programming models.
The authors describe "market influences" as being responsible for increased demand for latency-sensitive networking research, but don't elaborate on it beyond two examples of very broad markets where the tech would be applicable. I understand this isn't a market analysis or anything, but in a "summary"-style paper such as this one I feel like a greater focus on markets and consumers would provide a better context for the amounts of progress in networking research.
Reviewer: Michael Hegarty Review type: Critical
IoT is a new technology that has issues in being integrated into the current internet model. IoT has new domains of security vulnerabilities not seen in other devices, and security is often not a primary concern of IoT designers. Devices also have problems fitting into the current centralized internet model, especially in the areas of time-critical operations, timing, and authentication.
The paper suggests edge computing as a way to bridge the gap between the cloud and IoT. They discuss various security issues involving IoT devices and how due to the criticality of certain tasks that IoT will take on, new issues arise that traditional computer networks wouldn't be as concerned about. They also discuss timing in an IoT system and how to implement clock synchronization. Lastly they go in depth about how the programming model of IoT is atypical due to its real time nature.
In the introduction, the authors mention that IoT devices are replacing devices that generally last decades, while the lifetime of IoT devices is unlikely to last that long. My question is what holds IoT devices back in terms of lasting long periods of time and shouldn't systems be designed specifically to last long in this domain?
I'm not 100% sure what the authors meant by the term 'dark data'. Does it refer to just all sensor data that is collected but isn't processed beyond its primary use?
I found the concept of Asynchronous atomic callbacks to be pretty confusing.How does it differ from thread programming?
I felt like some areas were lacking in explanation of background technology relative to how in depth the authors went into the subject. For example the authors used terms such as inherent accuracy, long term stability and parts per million without really explaining what they are, and then went on to explain 5 different time transfer protocols in depth.
The section on Edge Computing seemed much less fleshed out relative to the other sections despite it being a premier technology that will enable large scale IoT networks.
This paper explains and analyzes the difficulties and necessary technology for the development of a secure Internet of Things. They look at both the technology for the Internet of Things and how it can be used for what they call the Internet of Important Things.
The main areas that they looked at throughout the survey were first security issues such as Authentication, Authorization, and Integrity. They next looked at the methods of distributing computing to edge devices, and finally analyzed the multiple ways in which IoT Systems keep track of time and synchronize actions and clocks.
Reviewer: Ryan Fisk Review Type: Critical
Summary Some of the biggest obstacles to widespread IoT adoption are the limitations placed on it by current internet protocols. The centralized structure of the current internet is prone to latency when used by many IoT devices. Servers also need to be secure and have the ability to verify the devices connecting to them. However, it can be difficult to keep track of authenticated IP addresses when they are being dynamically assigned to each device. The latency also creates a timing issue, since the servers receive data at a later time after the device records it. That latency needs to be reduced before real-time systems can be fully implemented.
Main Contributions This paper looked at the ways that internet protocols and infrastructure could be better adapted to work with IoT devices. Edge computing would solve many of the issues that the paper attempts to tackle. Offloading some computation from the main cloud to smaller edge clouds would reduce latency, therefore allowing for closer to real-time computation. Since the edge cloud would be more local to the devices (the paper uses LAN), it would have fewer devices to keep track of and less volatile IP addresses, which would make authentication of devices faster and more reliable.
Questions I understand how asynchronous atomic callback works in a web browser, for example, but I was confused how the paper proposed to use them in an edge cloud system. Would the AAC be between the main cloud and the edge or between the edge and devices?
The whole concept of labeled logical clock domains is still confusing to me. How can the processor ensure than at any given time, processes A and B have both happened exactly n times. What if the processor was in the middle of process A or B at that time? Would the processor delay the synchronization until it did as many of process A or process B to make sure both had happened n times?
Critiques My first critique is that when talking about the edge cloud, they stopped short of talking about how the edges would connect to the main cloud. They go in depth with how the edge would be set up over LAN, but the whole network would still need to be connected to the larger cloud.
My final critique is about the correctness criteria to control timing from section 5b. Any kind of function to test the correctness of the input would take up time, and in cases like streaming video or video conferencing, getting the data out quickly is more important than ensuring every packet is correct.
Reviewer: Cuidi Wei Review Type: Critical
Problem being solved This paper explains how time sensitive network technology can be leveraged to reliably orchestrate a multiplicity of things, and how augmenting our programming models with a well-defined notion of time can make systems more deterministic and more testable. Today’s IoT solutions are often plagued by problems and IoT devices often lack adequate security.
Main contributions Focusing on Things where dependability and safety are extremely important, this paper discusses and surveys architectural approaches, communication protocols, and programming models that promise to bridge the gap, enabling the use of the Internet technologies even in safety-critical, cyber-physical applications such as factory automation and transportation. Also, in this paper we discuss and survey several technological innovations that we believe will be instrumental in the development of a safe, secure, and reliable IoIT.
Questions about the survey 1.For the Auth, how to securely migrate to other available Auths to continue authentication and authorization services. 2.What’s the difference between Time Sensitive Network(TSN) and the common Network?
Critiques about the survey 1.For a security model, the paper proposes that a device can get physically close to another device can be granted access to services. Is there any problem? For example, this model has a big problem that if a stealer comes to the house, then he can control the devices. (p.4)
Reviewer: Reese Jones Review Type: Critical Review
Problem Being Solved: The paper addresses the fact that the IoT has created a whole new set of security problems that will need to be dealt with in the coming future as IoT becomes more and more expansive. The paper also goes into the fact that the domain of IoT does not fit very well into the current model of the internet, and they present new issues with regard to real-time applications of technology. Main Contributions: This paper first contributes ideas related to security problems that come alongside the IoT and Real-Time computing. Also, the paper contributes to the domain of working with the internet and the IoT by discussing the viability of edge computing and the cloud in order to help the function of IoT devices.
Questions: 1) (This may be because I don't fully comprehend edge computing's benefits) How does/could edge computing benefit devices connected to the whole world in terms of security if they're already connected worldwide does that not present another vector for attacks? 2) Is there ever a point within the creation of a system with edge computing being used more effectively where the benefit with regard to the increased security is outweighed by the physical cost to create the system in the first place? 3) (This is also most likely me not understanding the definition for real-time systems enough) How is it possible that creating a system for real-time computing with edge nodes not create a considerable overhead for computation? I understand the network being more local, but if for example, the device connecting to the node has to then branch off to something on the other side of the world has there not been wasted compute power in that operation?
Critiques: 1) I felt as though the end of the discussion on security was not concrete enough. It felt to me as though the conclusion the authors left off on was not solid enough to move forward with concrete actions. 2) The way this paper was organized (to me at least) feels like there was not enough discussion into the vast network of potential IoT devices, that is to say, that I felt like the authors did not address the differences between different devices and their needs.
Reviewer: Sean McBride Review type: Critical
"On Enabling Technologies for the Internet of Important Things" seeks to identify the gap between the capabilities provided by the Internet / web platform and the requirements of cyber-physical systems (called "Important Things") in the areas of architecture, communication protocols, and programming models. In these various models, the authors seek to review ongoing research involved in closing these gaps and identify remaining areas of research.
Reviewer: Andrew Nguyen Review Type: Critical
Problem Being Solved: The relationship between cyber and physical phenomena continuously grow to become more complex and expectedly intertwined as time progresses. "On Enabling Technologies for the Internet of Important Things" explores this concept with the premise that security, implementation, application, and time complexities are among the many concepts that tie into the Internet of Things.
Main Contributions: There are several main points that the paper delves into. These subjects would discuss about how the infrastructure of IOT can be vulnerable (especially in regards to security) and at the same time be adequately applied to multiple projects to have a more breadth and reliable use. In addition, edge computing would contribute into the idea of stable network connections coupled with reliable low latency communications. Consequently, Timing and the coordination of it can be overlooked and if not thoroughly observed, can have negative or impactful results.
Questions:
Critiques:
Reviewer: Marcus Young Review Type: Critical
Problem Being Solved The Internet's protocols and principles were designed for interacting with information systems, not cyber-physical systems (CPSs). Current Internet technology is widespread and valuable to the IoT, but is slow, lacks quality of service features and fails to physically secure CPSs.
Main Contributions This paper aims to bridge the gap between the internet's protocols and principles and cyber-physical systems by enabling Internet technology to be used in safety-critical CPSs such as factory automation and transportation. The paper calls these safety-critical CPSs IoITs or "Internet of Important Things". Specifically, this paper argues that smart gateways hosted on edge computers are a great complement to the Internet's cloud based services for the IoITs.
Questions
Would our project, "ThingBox", technically be considered an edge computer?
To clarify: Is the problem with Internet Authentication protocols being adopted by IoT that there are simply too many IoT devices that would require certificate authentication, and not enough Humans to provide and approve these certificates?
The paper states: "The TSN standards that are expected this year, particularly updates of the 802.1AS standard, could be the galvanizing force that will lead to worldwide high-precision clock synchronization". Have we seen any action on this front? This paper was published last year, has the updates of the TSN standards had an impact?
Critiques
This paper simply assumes that standards like the IEEE 802.1AS TSN standard will be widely adopted and does not provide a potential plan of adoption to distribute and actually incentivize people to use and adopt these important, new standards.
A common theme with these papers are: This technology is better and here is why. I wish, instead, the papers were like this: This technology is better. But, THIS is why people are still using this worse technology, because of these outside factors, and this is how we hope to get our technology to be adopted.
Reviewer: Jacob Cannizzaro Review Type: Critical
This paper went over many of the problems facing IoT devices and networks currently. One problem has been that IoT devices have typically been created to be sold as quickly as possible instead of making sure that they provide timely, reliable, and secure operations. This combines with the fact that many of these devices rely on cloud services, which could potentially go out of business, leaving useless devices. Problems like this, unpatchable firmware, and a general lack of security in IoT devices shows the use for edge computing as talked about in this paper.
In terms of security, there are some notable issues in today's widely available authentication and certificate type protection. While certificates can be created for stable corporation domains, it would be impossible with given systems to issue each IoT device. With human centered certificate issuing this is obviously a problem with the pure number of Things coming into existence. Even with more advanced certificating protocols like Let's Encrypt won't work with the dynamic nature of Things in the network (IP's change).
In terms of edge computing, there are is also a lot of background into current network timekeeping protocols to show how these networks interact with devices. There are some problems with many of these, for example GNSS (the dominant technology) which is has many problems due to its high frequency waves. These include natural interference as well as relatively easy to implement malicious attacks including jamming.
This paper goes in depth explaining how the use of edge computing can greatly enhance IoT network/device reliability, security, and especially scalability. Edge computing can provide everything from local access control, highly efficient security protocols such as proximity based authentication, and more reliable and effient operation of Things. Edge computing as presented is not meant to replace cloud operations. In fact it can help to work with cloud computing when a device needs an agglomeration of data from the cloud. It can offer processing pre-cloud that allows filtration of raw data into smaller packets to be sent out, which tends to yield lower latency, less storage needs, and increased security.
This paper goes in depth into talking about the time keeping protocols and goes on to make assumptions about these for the future. For example, with eLoran, they assume it will become prevalent as they discuss edge computing because these time-keeping network functions are critical for IoT devices as well. Even though currently only operational in UK, this paper explains how lower frequency waves lead to much safer communications because they are harder to jam, are less at risk to natural interference, and can penetrate indoors (important for large factory networks of IoT devices). These increasingly effective and resillient time keeping measures are shown to be critical to the evolution of the Internet of Important Things (Things that require low-latency secure communication protocols).
Reviewer: Alex Jacobson Review Type: Critical
The paper defines safety-critical systems, such as self driving cars, as the Internet of Important Things. The Internet of Things has issues such as security, and the IoIT has the issue of timing. A self driving car must apply its breaks at the proper moment, or else there can be real life consequences that threaten physical safety. This paper discusses ways to ensure that important time constraints can be met/improved.
Contributions: Using edge computing to offer services to devices that the edge computer is physically close to allow reliable, low latency communications. Edge computers also can improve security by keeping data local, isolating the network, and authenticating things. Furthermore, the TSN task group will be releasing standards for the internet that improve coordination and timing, given that the internet was not designed with those things in mind.
Critiques:
Questions:
2.The paper kept going on about temporal semantics, and states that certain temporal properties should be elevated from quality metrics to correctness criteria. First of all, I am a bit confused on what a temporal semantic is. And second, why should certain ones be elevated from quality metrics to correctness criteria, and what is the difference between those two things? If something is of high quality, is it not likely correct?
Shared concerns/questions:
Discussion: Should we focus on Auth and LetsEncrypt and replace some existing papers?