2017 Workshop on
Cutting Edge IoT
Inn SFO Airport Hotel
April 7, 2017
Dr. Jeffrey Voas
National Institute of Standards and Technology, USA
Jeffrey Voas is a computer scientist at the US National Institute of Standards and Technology (NIST) in Gaithersburg, MD. Before joining NIST, Voas was a Technical Fellow at SAIC and was an entrepreneur who co-founded Cigital, a software testing and security company which now has over 1,000 employees and is now owned by Synopsys (publicly traded). He has served as the IEEE Reliability Society President (2003-2005, 2009-2010, 2017) and served on the IEEE Board of Directors (2011-2012). Voas has authored and co-authored hundreds of papers. Voas co-authored two John Wiley books (Software Assessment: Reliability, Safety, and Testability  and Software Fault Injection: Inoculating Software Against Errors , Voas is on the editorial board of IEEE Computer Magazine and was on the Editorial Advisory Board of IEEE Spectrum Magazine for 4 years. Voas received his undergraduate degree in computer engineering from Tulane University (1985), and received his M.S. and Ph.D. in computer science from the College of William and Mary (1986, 1990 respectively). Voas is a member of IEEE-Eta Kappa Nu , Fellow of the IEEE, Fellow of the Institution of Engineering and Technology (IET), and Fellow of the American Association for the Advancement of Science (AAAS). Voas＊s current research interests include block chain and Internet of Things (IOT). Voas is an Adjunct Chair Professor of Computer Science at the National Chiao Tung University in Hsinchu, Taiwan. Voas received the Gold Medal from the US Department of Commerce in 2014 for his work on vetting mobile apps to enhance smartphone security.
-8:30 am Dr. Jeffrey Voas (NIST), ※Welcome
-9:30 am Dr. Angelos Stavrou (George
Mason University), Keynote Speaker
-10:15 am Dr. Bill Tonti (IEEE Future
Directions Committee Director)
每 10:30 am Coffee Break
每 11:15 am Dr. Apostol Vassilev (NIST)
每 Noon Rick Kuhn (NIST)
1:00 pm 每
1:45pm George Hurlburt (STEMCorp)
1:45 pm 每
2:30pm Dr. Joseph Williams
(Governor＊s Office, State of Washington, USA)
2:30 pm 每
2:45 pm Coffee Break
3:30 pm Dr. Ram Sriram (NIST)
4:15 pm Roy Want (Google)
5:00 pm Prof. Mahmoud Daneshmand
(Stevens Institute of Technology)
5:00 pm Adjourn
Keynote Speaker: Dr. Angelos Stavrou, George Mason University, USA
Title: Leveraging Blockchain-based protocols in IoT systems
The Internet of Things (IoT) encompasses a wide range of processes: sensing, computation, communication, time, context, and data, to name only a few. How does all of these function as a system when using commercially available components that can be purchased from anywhere and at a low cost, and with little or no component pedigree available? To provide some practical answers to the these questions,
About the speaker:
Dr. Angelos Stavrou is an Associate Professor at George Mason University and the Director of the Center for Assurance Research and Engineering (CARE) at GMU. Stavrou has served as principal investigator on research awards from NSF, DARPA, IARPA, DHS, AFOSR, ARO, ONR, and he is an active member of NIST's Mobile Security team and has written more than 90 peer-reviewed conference and journal articles. Stavrou received his M.Sc. in Electrical Engineering, M.Phil. and Ph.D. (with distinction) in Computer Science all from Columbia University. He also holds an M.Sc. in theoretical Computer Science from University of Athens, and a B.Sc. in Physics with distinction from University of Patras, Greece. Stavrou is an Associate Editor of IEEE Transactions on Reliability and IET Journal on Information Security. His current research interests include security and reliability for distributed systems, security principles for virtualization, and anonymity with a focus on building and deploying large-scale systems. Stavrou received the GMU Department of Computer Science Outstanding Research Award in 2010 and 2016 and was awarded with the 2012 George Mason Emerging Researcher, Scholar, Creator Award, a university-wide award. In 2013, he received the IEEE Reliability Society Engineer of the Year award. He is a NIST guest researcher, a member of the ACM and USENIX, and a senior IEEE member.
Speaker: William Tonti, IEEE Future Directions Committee Director
Title: Hardening the Internet of Things 〞 Requirements for Commercial Technology Implementation
About the speaker:
Dr. Tonti holds a BSEE from Northeastern University, an MSEE and a P.h.D from the University of Vermont, and an MBA from St. Michael＊s College. He retired from IBM in 2009 after 30+ years of service, working as the lead semiconductor technologist for a large part of his career. Dr. Tonti holds in excess of 290 issued patents, and has been recognized as an IBM Master Inventor. He was honored by having his 250＊th patent issue transcribed into the U.S. Congressional Record. Dr. Tonti is a Fellow of the IEEE a past IEEE Reliability Society President, a recipient of the IEEE Reliability Engineer of the Year award, and the IEEE 3＊rd Millennium medal. Dr. Tonti joined IEEE in 2009 as the Director of IEEE Future Directions where he works alongside staff and volunteers to incubate new technologies within the IEEE.
Title: Entropy as a Service: unlocking the full potential of cryptography
Securing the Internet requires strong cryptography, which depends on good entropy for generating unpredictable keys. Cryptography is fundamentally important for protecting data in transit over the Internet or at rest on devices. Today, the security of data protected by cryptography depends not on secret algorithms, but primarily on having strong keys and keeping them secret. Generating strong cryptographic keys is no simple matter, however. Experts recommend using deterministic random bit generators (DRBGs), but the sequence of numbers generated by a DRBG can be traced predictably to the seed (initial value) supplied to the generator. Thus, DRBGs must be seeded with hard-to-guess random data from a reliable source. In information theory, such so-called ※high-entropy§ sources provide true randomness. They are usually based on nondeterministic physical processes such as ring oscillators or some kind of quantum behavior. In contrast, most practical computer systems rely on events like mouse movements, keyboard stroke timings, network events, and hard-disk access times to generate hard-to-guess random data for seeding DRBGs. Although sometimes plausible, such sources often provide only a limited amount of unpredictability. This problem is exacerbated in computing environments that often lack the sources of nondeterminism harnessed by traditional computers for harvesting entropy: embedded devices, IoT devices with limited computational capabilities, cloud computing, etc. This talk introduces entropy as a service architecture that provides entropy from a decentralized root of trust, scaling across diverse geopolitical locales and remaining trustworthy unless much of the collective is compromised. This novel approach is intended to address the proverbial Achilles＊ heel of cryptographic security protection, namely the lack of strength of the keys used to protect critical data and enable clients on the Internet and IoT to benefit from high-quality entropy in order to unlock the full potential of cryptography.
About the speaker:
Dr. Vassilev is a Research Team Lead in the Security Testing Validation & Measurement Group at NIST. He is an active participant in several national and international cryptographic standards groups. Dr. Vassilev works closely with academia, industry and government agencies on the development and adoption of novel approaches to cybersecurity testing and measurement. He is a chairman of the government-industry working group dedicated to modernizing Cryptographic Validation Programs at NIST through automated machine-based testing methodologies. Dr. Vassilev holds a Ph.D. in Mathematics. He holds six US patents and has authored over thirty papers in leading scientific journals.
Title: Combinatorial Methods for Testing Networks of Things
Combinatorial testing (CT) is a proven method for more effective software testing at reduced cost. This method takes advantage of the empirically determined interaction rule, which is based on analysis of thousands of software failures. The rule states that most failures are induced by single factor faults or by the joint combinatorial effect (interaction) of two factors, with progressively fewer failures induced by interactions between three or more factors. Therefore if all faults in a system can be induced by a combination of t or fewer parameters, then testing all t-way combinations of parameter values is pseudo-exhaustive and provides a high rate of fault detection. New algorithms compressing combinations into a small number of tests have made CT practical for industrial use, making it possible to do better testing at lower cost. The talk explains the background, method, and tools available for combinatorial testing, with examples and case studies. Traditional methods such as covering arrays from statistical Design of Experiments will be included, along with extensions such as sequence covering arrays, and measures of combinatorial coverage. New results on using combinatorial methods for detection of certain types of faults without a conventional test oracle will also be introduced. Applications to "Internet of Things" testing will be illustrated using the Voas IoT primitives: sensors, aggregators, communication channels, e-utilities, and decision triggers.
About the speaker:
Rick Kuhn is a computer scientist in the Computer Security Division of the National Institute of Standards and Technology. He is an author of two books and more than 100 publications on information security and software assurance, and is a senior member of the Institute of Electrical and Electronics Engineers (IEEE). He co-developed the role based access control model (RBAC) used throughout industry, and led the effort establishing RBAC as an ANSI standard. Before joining NIST, he worked as a systems analyst with NCR Corporation and the Johns Hopkins University Applied Physics Laboratory. He received an MS in computer science from the University of Maryland College Park, and an MBA from the College of William & Mary.
Projects & bio: http://csrc.nist.gov/staff/Kuhn/kuhn_rick.html
Speaker: George Hurlburt, STEMCorp
Title: Modeling in a NOT Environment
The Internet of Things (IOT) is best considered a federate of loosely connected Networks, of Things (NOT) each oriented around a purposeful function. Each NOT requires a rigorous design architecture to satisfy its desired engineering intent. Fortunately, architecture has evolved from a relationally based technology to a graph based approach, whereby network dynamics and be more precisely modeled. The emerging National Institute for Standards and Technology (NIST) roadmap for NOT design serves as a useful framework for a generalized NOT graph model. This Tutorial lays the groundwork to build a graph model based ontology using the NIST NOT framework. The intent is to instantiate real data world data over this emergent model within a graph database. The goal of this research effort is to demonstrate the utility of an overarching graph ontology as both a diagnostic and run-time tool for IOT related activity from the NOT perspective. A secondary goal is to develop straightforward data entry into a persistent store for automated triple generation, thus increasing utility and reducing the learning curve for use. The tutorial concludes by exploring advanced concepts such as built in rule based test procedures, graph metrics as dynamic performance and pattern indicators and applicability to other related domains.
Speaker: Dr. Joseph Williams,
Governor＊s Office, State of
Businesses in the IoT space, both those operating today and others still to come, are providing the connectivity and analysis that will shape our lives in the years ahead. IoT will complement our existing business strengths and change the way we work, live and play. There is a delicate but important dance that must happen with economic development for IoT and protecting the public interest against potential IoT abuses.
About the speaker:
Speaker: Ram D.Sriram, NIST
The Internet, which has spanned several networks in a wide variety of domains, is having a significant impact on every aspect of our lives. These networks are currently being extended to have significant sensing capabilities, with the evolution of the Internet of Things (IoT). With additional control we are entering the era of Cyber-physical Systems (CPS). In the near future the networks will go beyond physically linked computers to include multimodal-information from biological, cognitive, semantic, and social networks. This paradigm shift will involve symbiotic networks of people (social networks), smart devices, and smart phones or mobile personal computing and communication devices that will form smart net-centric systems and societies (SNSS). These devices 每 and the network -- will be constantly sensing, monitoring, interpreting, and controlling the environment. A key technical challenge for realizing the ※Internet of Everything (IoE)§ is that the network consists of things (both devices and humans) which are heterogeneous, yet need to be interoperable. In other words devices and people need to interoperate in a seamless manner. This requires the development of standard terminologies (or ontologies) which capture the meaning and relations of objects and events. Creating and testing such terminologies will aid in effective recognition and reaction in a network-centric situation awareness environment. In this talk, I will provide a unified framework for Internet of Things, Cyber-Physical Systems, and Smart Networked Systems and Societies, and then discuss the role of ontologies for interoperability. I will also describe representative projects at the National Institute of Standards and Technology.
About the speaker:
Ram D. Sriram is currently the chief of the Software and Systems Division, Information Technology Laboratory, at the National Institute of Standards and Technology. Before joining the Software and Systems Division, Sriram was the leader of the Design and Process group in the Manufacturing Systems Integration Division, Manufacturing Engineering Laboratory, where he conducted research on standards for interoperability of computer-aided design systems. Prior to joining NIST, he was on the engineering faculty (1986-1994) at the Massachusetts Institute of Technology (MIT) and was instrumental in setting up the Intelligent Engineering Systems Laboratory. Sriram has co-authored or authored more than 250 publications, including several books. Sriram was a founding co-editor of the International Journal for AI in Engineering. Sriram received several awards including: an NSF＊s Presidential Young Investigator Award (1989); ASME Design Automation Award (2011); ASME CIE Distinguished Service Award (2014); the Washington Academy of Sciences＊ Distinguished Career in Engineering Sciences Award (2015); ASME CIE division＊s Lifetime Achievement Award (2016). Sriram is a Fellow of IEEE, ASME, AAAS and Washington Academy of Sciences, a member (life) of ACM and AAAI. Sriram has a B.Tech. from IIT, Madras, India, and an M.S. and a Ph.D. from Carnegie Mellon University, Pittsburgh, USA.
Speaker: Roy Want, Google Android
Title: Making the Internet of Things Great Again
In a world of billions of Internet connected smart devices, preferentially discovering things situated nearby and allowing easy user interaction with them, creates a powerful filter for users to overcome the scale and complexity of this global system. Merging the virtual World Wide Web with nearby physical devices that are part of the Internet of Things (IoT), will allow anyone with a mobile device (such as a smartphone), to walk up, and with the appropriate authorization, monitor or control anything. This is the vision of the Physical Web project at Google, and this talk will describe its motivation, goals, and how it's being made ubiquitously available to all users.
About the speaker:
Dr. Roy Want graduated from Cambridge University, England in 1988. He is currently a Research Scientist at Google. Previous positions include Sr. Principal Engineer at Intel Corporation, and a Principal Scientist at Xerox PARC. He holds the grade of ACM and IEEE Fellow. His research interests include mobile and ubiquitous computing, distributed systems, context-aware operation, and electronic identification. He has more than 25 years＊ experience working in the field of mobile computing. He served as the Editor-in-chief for IEEE Pervasive Computing from 2006-2009, and he is currently the Past Chair for ACM SIGMOBILE. To date, he has authored or co-authored more than 75 publications, with 70 issued patents in this area. For more information about Dr. Want's academic and industrial achievements see http://www.roywant.com/cv/vita.htm.
Title: The ※Internet of Things§ (IoT) Challenges
Billions of ※things§ connected to the Internet are generating mountains of Data on all aspects of the human life. Unlike the traditional ※Static Data§, the IoT data is dynamic, it is ※Data in Flight§, ※Data in Motion§, also called ※Streaming Data§. Data streams arrive continuously and so rapidly that it is not feasible or useful to store in a conventional database and analyze at the time of our choosing, if it is not processed immediately, its operational value and use might be lost forever. The Nature of Data Analytics has changed. ※The challenge of IoT today is making sense of all the data we＊re creating and capturing§, says Ginni Rometty, chairman, president and CEO of IBM. ※Analytics Are a Key Part of Value Creation in IoT§, says Pankaj Patel, (ex) EVP of Cisco. The Biggest Challenge of IoT is near-real-time Management and Analytics of ever-increasing Streams of data generated by IoT.
About the speaker:
Dr. Daneshmand is Professor of Department of Business Intelligence & Analytics as well as Department of Computer Science at Stevens Institute of Technology. He has more than 35 years of Industry & University experience as Professor, Researcher, Assistant Chief Scientist, Executive Director, Distinguished Member of Technical Staff, Technology Leader, Chairman of Department, and Dean of College at: Bell Laboratories; AT&T Shannon Labs每Research; University of California, Berkeley; University of Texas, Austin; Sharif University of Technology; University of Tehran; New York University; and Stevens Institute of Technology.