The SunRISE project aims for the development of new security solutions that address the numerous global challenges that arise from the rapid increase of IoT devices and corresponding cyberattacks, as well as novel techniques that allow exploitation of privacy-sensitive data in a privacy-preserving way.
Objective and Challenges of the Project
To obtain a comprehensive security solution, SunRISE addresses several key aspects, critical in future IoT systems. First, design intrusion detection, by using the latest novel results in machine learning to address security anomaly detection aspects. Second, sharing security intelligence data from IoT nodes to cloud backends, by creating a community with reference structures. Based on the larger dataset, machine learning can be accelerated and overall system security increased. This would result in security turning into a shared responsibility, interest, and effort, and into improved efficiency, cost, and resource usage. Third, the lack of trust by fearing the loss of confidential data will be addressed by using privacy-enhancing technologies (PET), like homomorphic encryption and secure multi-party computation (MPC). Last, the efficient, power- and cost-effective introduction of PET will be addressed by designing and manufacturing suitable hardware supporting AI (Artificial Intelligence) specific to IoT end-nodes and for acceleration.
The SunRISE project focused on several Key Application areas as defined in the ECS-SRA, as published in January 2018, specifically on Digital Industry, Digital Life and Energy. Further, SunRISE will enable the development of the identified essential capabilities: Systems and Components, Connectivity and Interoperability, and Safety, Security and Reliability.
To achieve the SunRISE objectives, the consortium focused on the following key innovations:
- Machine learning on the edge nodes, for IoT security analytics and anomaly detection
- Cloud platform applying machine learning techniques for sharing relevant security data
- Privacy enhancing technology
- Technologies for uniquely secure low-footprint ASICs (Application Specific Integrated Circuits
In project SunRISE, electrical consumption data from several households has been collected over a large timespan, from 2017 to 2022 with samples measured every minutes. Collected data allowed the training of different machine learning models to detect deficient and anomalies consumption devices and high consumption scenarios for co-located households, in a privacy-preserving manner. The data privacy was accomplished through technologies such as federated machine learning and multi-party computation. Malicious behavioural patterns can be detected on the edge device, e.g. the gateway in a household. The developed technologies are linked to the first key innovation.
Another scenario that was investigated in project SunRISE was a distributed cloud center. The ability to predicit the heat demand is of high importance to successfully exploit the waste heat generated from hardware in distributed water-cooled datacenters. The core approach is to schedule and shift compute tasks to data centers where maximum heat demand will be expected. Privacy-preserving adaptations were made so that an external observer could not exploit or misuse the information of the heat demand. This allows, without violation of data privacy regulations, the execution of the prediction model in an environment that is considered to be ‘honest but curious’, which could be a trusted third-party organisation. The developed methodologies are linked to the second key innovation.
With regards to the third key innovation, there was extensive research on several approaches, such as federated machine learning, multi-party computation, differential privacy, and others. Especially worth mentioning is the development of an IP (Intellectual Property) block that accelerates the hardware of a computationally expensive component of HE (Homomorphic Encryption). This IP was also integrated into the Microsoft SEAL HE library and tested on an FPGA (Field Programmable Gate Array).
Furthermore, a robust and scalable authentication platform has been developed to address one of the main Internet-of-Things challenges: authentication of the many and widely dispersed end nodes.
The system uses a physical token, containing the unique ID generated by the central system, that can be read electronically, and is physically connected to the asset. These are the SandGrain tokens (ICs). The developed chip enhances the security of IoT devices and is linked to the fourth key innovation.
Societal and Economic Impact
SunRISE addresses many of the privacy and security concerns of AI/ML and IoT devices. With the technologies researched in SunRISE, both businesses and consumers can increase their trust in smart, connected devices that use ML. This enables the usage of smart devices and ML in fields where they provide a benefit but could not be deployed previously due to security and privacy risks. An example of such a field is the medical domain, which was also highlighted in SunRISE. In addition, the SunRISE technologies could also be deployed in domains where IoT and ML are already widespread, reducing the impact of security and privacy threats.
Furthermore, the SunRISE technologies enable European manufactures to distinguish themselves from others, with a focus on aspects such as privacy and security, which are important in European markets, for both, businesses, and end users. The SunRISE project was essential for the project partners to finance their research in the fields of edge computing, IoT security, data privacy and AI/ML. Several engineers in companies and PhD students at universities could be hired in Europe to work on the project. Especially noteworthy is the funding of the semiconductor start-up company SandGrain that aims for increased manufactory of semiconductors in Europe. Funding for European semiconductor companies such as NXP and SandGrain as part of the SunRISe project has made a significant contribution to the European chips act.
While not being the main objective of SunRISE, the project results showed some clear benefits for sustainable use of resources in the computing world. In the Energy Community use case, computations were performed locally on the edge with low-power hardware, instead in energy-exhaustive cloud infrastructure. In the Cloud Infrastructure use case, an algorithm was implemented in a privacy-preserving way, that uses a combination of forecasting green-energy production and prediction of warm-water usage to shift computing loads to distributed cloud containers, so that the amount of green energy used can be maximized, while the warm-water provision to the households is guaranteed.
Get to know more about the SunRISE PENTA project in the Impact Summary.