H2020$IOT$2016$2017/H2020$IOT$2016 - Synchronicity-iot · 2018-05-21 · SynchroniCity will provide guidelines to evolve IoT deployments towards a smart-city environment making use

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 1 of 179

,

,,

,

GA,no:,, 732240,

Action,full,title:, SynchroniCity:,Delivering,an,IoT,enabled,Digital,Single,Market,for,Europe,and,Beyond,

Call/Topic:, Large,Scale,Pilots,

Type,of,action:, Innovation,Action,(IA),

Starting,date,of,action:, 01.01.2017,

Project,duration:, 33,months,

Project,end,date:, 30.09.2019,

Deliverable,number:, D2.1,

Deliverable,title:, Reference,Architecture,for,IoT,Enabled,Smart,Cities,

Document,version:, V1.0,

WP,number:, WP2,

Lead,beneficiary:, ENG,

Main,author(s):, Ömer, Özdemir, (ATOS),, José, Manuel, Cantera, (FF),, Martino, Maggio,, Nicola,Muratore,,Francesco,Arigliano,(ENG),,Eunah,Kim,(UDG),,Luis,Muñoz,,Ignacio,Elicegui,Maestro,(UC),,Andrea,Gaglione,,Angelo,Capossele,(DigiCat),

Internal,reviewers:, Alex, Gluhak, (DigiCat),, Thomas,Gilbert, (AI),, Arturo,Medela, (TST),, Francisco,Monsanto,(UBI),,Rick,Schager,(EIN),,Juan,Echevarria,(SAN),,Martin,Brynskov,(AU),

Type,of,deliverable:, Other,

Dissemination,level:, Public,

Delivery,date,from,Annex,1:, M6,

Actual,delivery,date:, 05.08.2017,

,

,

This%deliverable%is%part%of%a%project%that%has%received%funding%from%the%European%Union’s%Horizon%2020%research%

and%innovation%programme%under%grant%agreement%no%732240.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 2 of 179

Executive Summary This document reports on the design and the high-level specifications of the SynchroniCity, Reference Architecture for IoT Enabled Smart Cities.

In the following, we provide a high-level summary of the key points addressed in the report. For more details, please consult the respective sections of the report.

Analysis of relevant standards and technologies

Design of the SynchroniCity architecture started from a detailed review and analysis of the standard technologies and uniform analysis of relevant studies. The analysis has been focused on finding commonalities of the similar works from the other studies.

The first analysis examines a list of relevant initiatives composed by SDOs, EU partnership programs and EU projects. The studies taken into account are:

•, SDOs: ITU-T FG-SSC, ITU-T SG13 Y.2060, ISO/IEC JTC1, oneM2M. •, EU partnership programs: FIWARE, AIOTI, EIP-SCC. •, EU projects: ESPRESSO, BIG-IOT, OrganiCity, Triangulum and symbIoTe.

In order to make the in-depth comparison uniformed and straightforward, the analysis was conducted using a survey approach, by identifying the key points that showed the relevant aspects of core technologies and functionalities that underpin smart city platforms. These key points were:

•, Main Logical layers •, SouthBound Interfaces •, NorthBound Interfaces •, Data Management •, Semantic Interoperability •, Privacy and data protection •, Business Ecosystem

The identified commonalities are the starting point to provide a common SynchroniCity framework for cities and they have been reflected into the design of the SynchroniCity Architecture.

Reference Zone technical baseline and SynchroniCity platform requirements SynchroniCity has established 8 reference zones (RZs) linked to 8 European cities that have been at the forefront of Smart City's development and IoT innovation: Antwerp in Belgium, Carouge in Switzerland, Eindhoven in Netherlands, Helsinki in Finland, Manchester in UK, Milan in Italy, Porto in Portugal and Santander in Spain.

SynchroniCity will provide guidelines to evolve IoT deployments towards a smart-city environment making use of common, open standards and being compliant with OASC principles.

SynchroniCity will support cities in this process including a suitable Architecture Reference Model (ARM) compliant with the project targets. Starting from the initial high level overview of SynchroniCity proposed in Deliverable D1.3, the ARM grouped the different RZ architectural components in following macro-blocks: Southbound interfaces, Data Management, Northbound interfaces, Security and Privacy.

Comparison of SynchroniCity RZs, using this model, provided an update of each reference area focusing on their current IoT implementations and legacy IoT architectures, including a plan for IoT evolution towards a common smart services market and identifying the different functionalities, technologies and components that should be supported by the SynchroniCity architecture. The analysis outcomes were:

•, Southbound and Northbound interfaces: Most of the RZs are already implementing, evaluating or moving towards a NGSI-based core architecture.

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 3 of 179

•, Data Management: FIWARE data models seems a concrete candidate to represent city information, but still a wide set of proprietary schemas is currently adopted. About access to city data, CKAN Open Data Management System is a solution present in most of the RZs.

•, Security and Privacy: some RZs are currently analysing FIWARE security enablers to provide security and privacy features, but actually this is the less developed tier among RZs and proprietary solution, supporting different security and privacy levels are currently adopted.

Besides comparison of RZs, another activity complemented the WP1 (D1.3) requirements analysis, providing a complete set of functional and technical requirements to SynchroniCity core services, classified in three main categories:

•, Architectural system requirements that took into consideration requirements related to: o, Decoupled & distributed components o, Interoperability & Openness o, Scalability o, Legacy Compatibility & heterogeneous landscape o, Resilience to failure & Robustness o, Performance o, Feedback and Monitoring o, Communication

•, Architectural data management and service requirements that included: o, Data Management APIs o, Data Storage Management o, Data models o, Marketplace o, License o, SLA

•, Architectural security and privacy requirements related to: o, Platform Security o, Data Protection and Privacy o, IoT infrastructure security

Logical reference architecture

The design of the SynchroniCity architecture aimed to define a set of logical components and functionalities that can enable different cities to be actively part of IoT Smart City digital single market. The reference architecture was the outcome of different inputs and analyses included in the previous sections and in other SynchroniCity project documents. Following are the key points that have driven the design process:

•, Architecture guidelines and use case analysis: the first input to define logical architectural components comes from guidelines and the list of requirements identified in D1.3, enriched with further improvement resulting from analysis reported in section 2.2.

•, Reference zones compliance: SynchroniCity reference architecture recalled the proposed layered approach followed in RZ technical baseline analysis reported in section 2.1 where the four main aspects (southbound integration, context management, security and privacy and northbound API) of RZ IoT architectures became the central pillars of SynchroniCity Reference Architecture definition.

•, Reuse of existing approaches: the outcome of high-level analysis of the most relevant European initiatives regarding IoT and Smart City platforms showed some commonalities, among the heterogeneous projects, in terms of technologies and functionalities. SynchroniCity architectural components definition covered these common functionalities, trying to reuse existing approaches.

•, OASC principles: this was another relevant approach that has driven the design of logical architecture to achieve the vision of the SynchroniCity project about realization of a common digital single market for IoT-enabled urban services.

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 4 of 179

Starting from these key principles the core logical modules and the main interfaces of the SynchroniCity reference architecture are summarized below:

•, Context Data Management: manages the context information coming from IoT devices and other public and private data sources, providing a common model and interface.

•, IoT Management: responsible to interact with the devices making them compatible and available to the SynchroniCity platform.

•, Data Storage Management: provides functionalities related to data storage, data security and quality.

•, Marketplace and Asset Management: implements a hub to enable digital data exchange for urban data and IoT capabilities.

•, Security, Privacy and Governance: covers all the security aspects related to data, IoT infrastructure and the platform services.

•, Monitoring and Platform management services: provides functionalities to manage platform configuration and to monitor activities of the platform services.

•, Southbound uniform interfaces: represents the set of uniform interfaces defined by SynchroniCity used to connect the overall platform to heterogeneous data sources and IoT devices.

•, Northbound uniform interfaces: provides all the platform functionalities that will be used by the final smart city end-users applications.

Design of architecture included also those requirements, called Interoperability Points, which RZs and external stakeholder have to satisfy to be compliant with SynchroniCity platform.

These requirements refer to the implementation of a set of interfaces covering all the integration aspects that contribute to enable Smart Cities to be part of a digital single market:

•, Context Management interface •, Data Models •, Security Interface •, Marketplace Interface

It is possible to identify four progressive steps related to different levels of compliance with SynchroniCity that can be reached by implementation of this interoperability points.

Technical Specifications

The concrete implementation of the architecture should follow some general criteria useful to select the most suitable technologies. The principles that should drive this process are:

•, Compliance with architecture functionalities •, Openness •, Standard or widely adopted technologies •, Interoperability •, Project consortium knowledge

Following these criteria, some ready-to-use components were identified as possible candidate to implement the logical architectural components and satisfy their functionalities, also according to a proposal of standard APIs and Data models that can be adopted in the SynchroniCity framework.

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 5 of 179

Abbreviations AE AIOTI API AWS BSI CB CDB CDMI CEP CKAN CSE D DCAT DMG DIS DMR

Application Entity Alliance for the Internet of Things Innovation Application Programming Interface Amazon Web Services British Standards Institution Context Broker Context Data Broker Cloud Data Management Interface Complex Event Processing Comprehensive Knowledge Archive Network Common Service Entity Deliverable Data Catalogue Vocabulary Device Management Discovery Data Management and Repository

EC European Commission

FG-SSC Focus Group on Smart Sustainable Cities

GA GE GPS GPRS GMG

Grant Agreement Generic Enabler Global Positioning System General Packet Radio Service Group Management

HART HDSF HTTP IA ICT IDE IOT ISO ITU ITU-T JSON JWT

Highway Addressable Remote Transducer Hadoop Distributed File System Hypertext Transfer Protocol Innovation Action Information and communication technology Integrated Development Environment Internet of things International Standard Organization International Telecommunication Union ITU Telecommunication Standardization Sector JavaScript Object Notation JSON Web Token

LTE Mca Mcc Mcn MQTT NGSI NSE

Long Term Evolution a reference point for M2M communication between CSE and AE a reference point for M2M communication between CSE and CSE a reference point for M2M communication between CSE and NSE Message Queue Telemetry Transport Next Generation Service Interfaces Network Service Entity

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 6 of 179

OASC ODF ODMS PPM PEP PDP RDF REST RFID RPS RZ SAML SCADA SDO SLA SNS SOAP SQS SR SSL SSO TLS UC

Open & Agile Smart Cities Open Data Federation Open Data Management System Privacy Policy Manager Policy Enforcement Point Policy Decision Point Resource Description Framework Representational state transfer Radio Frequency Identification Receive Packet Steering Reference Zone Security Assertion Markup Language Supervisory Control And Data Acquisition Standards Developing Organizations Service Level Agreement Simple Notification Service Simple Object Access Protocol Simple Queue Service System Requirement Secure Sockets Layer Single Sign-On Transport Layer Security Use Case

W3C WP WT XMPP XML XACML

World Wide Web Consortium Work Package Work Task Extensible Messaging and Presence Protocol eXtensible Markup Language eXtensible Access Control Markup Language

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 7 of 179

Contents Introduction, 13!

1! Analysis,of,relevant,standards,and,technologies, 14!

1.1! Smart,City,Reference,Architecture,from,SDOs,&,Fora, 15!1.1.1! ITU$T,FG$SSC, 15!1.1.2! ITU$T,SG13,Y.2060, 17!1.1.3! ISO/IEC,JTC1, 20!1.1.4! oneM2M, 22!

1.2! Smart,City,Reference,Architecture,from,EU,Partnership,Program,and,Projects, 25!1.2.1! FIWARE, 25!1.2.2! AIOTI, 28!1.2.3! EIP$SCC, 31!1.2.4! ESPRESSO, 34!1.2.5! BIG$IOT, 36!1.2.6! OrganiCity, 40!1.2.7! Triangulum, 43!1.2.8! symbIoTe, 48!

1.3! Analysis,outcomes, 51!2! Reference,Zone,technical,baseline,and,SynchroniCity,platform,requirements, 56!

2.1! Reference,zone,technical,baseline,analysis, 56!2.1.1! Antwerp, 57!2.1.2! Carouge, 61!2.1.3! Eindhoven, 64!2.1.4! Helsinki, 67!2.1.5! Manchester, 69!2.1.6! Milan, 73!2.1.7! Porto, 74!2.1.8! Santander, 77!2.1.9! Overall,Reference,Zone,technical,comparison, 81!

2.2! SynchroniCity,Platform,requirements, 83!2.2.1! Architectural,system,requirements, 83!2.2.2! Architectural,data,management,and,service,requirements, 86!2.2.3! Architectural,security,and,privacy,requirements, 89!

3! Logical,reference,architecture, 91!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 8 of 179

3.1! Architecture,overview, 91!3.2! Components,description, 93!3.2.1! Context,Data,Management, 93!3.2.2! IoT,Management, 99!3.2.3! Data,Storage,Management, 101!3.2.4! Marketplace,and,Asset,Management, 101!3.2.5! Security,,Privacy,and,Governance, 110!3.2.6! Monitoring,and,Platform,management,service, 115!

3.3! Interaction,among,components, 117!3.3.1! Authorization,Flow, 117!3.3.2! Context,Management,Flow, 118!3.3.3! Marketplace,Flow, 120!

3.4! Interoperability,points,logical,specifications, 121!3.4.1! Context,Management,Interface, 122!3.4.2! Data,Models, 124!3.4.3! Marketplace,Interface, 125!3.4.4! Security,Interface, 127!3.4.5! SynchroniCity,Compliance,Levels, 128!

4! Reference,implementation,technologies, 130!

4.1! Architecture,blocks,implementation, 131!4.1.1! Context,Management, 131!4.1.2! IoT,Management, 134!4.1.3! Data,Storage,Management, 136!4.1.4! Marketplace, 139!4.1.5! Security, 141!

4.2! Standard,for,APIs,and,Data,Models, 142!4.2.1! NGSI,data,model,and,interfaces, 142!4.2.2! Data,Models, 145!

Conclusions, 147!

Appendix,1,Architectural,requirements, 148!

A1.1,System,Requirements, 149!A1.2,Marketplace,Requirements, 153!A1.3,License,and,Policies,Requirements, 156!A1.4,API,Requirements, 157!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 9 of 179

A1.5,SLA,Requirements, 158!A1.6,Models,Requirements, 159!A1.7,Security,and,Privacy,Requirements, 160!

Appendix,2,Standards,and,technologies,on,core,functionalities, 163!

A2.1,IoT,network,connectivity,and,protocols, 163!A2.2,IoT,Session,layer,protocols, 164!A2.3,IoT,data,management, 165!A2.4,IoT,security,and,privacy, 167!A2.4.1,Privacy,and,data,protection, 167!A2.4.2,Data,access, 169!A2.4.3,Security,on,IoT,infrastructure, 171!A2.4.4,Security,on,Platform, 172!

References, 173!

!,

List of Figures Figure,1:,A,multi$tier,SSC,ICT,architecture,from,communications,view,,emphasizing,on,a,physical,perspective,[3],.................................................................................................................................,15!Figure,2:,ITU$T,Y.2060,IoT,Reference,Model,[6],............................................................................,18!Figure,3:,ISO/IEC,JTC,1,Smart,cities,Solution,Concept,Diagram,[8],..............................................,20!Figure,4:,oneM2M,Possible,smart,city,blue$print,[10],.....................................................................,22!Figure,5:,FIWARE,Overall,Architecture,[13],....................................................................................,25!Figure,6:,AIOTI,HLA,functional,model,[20],......................................................................................,29!Figure,7:,Overall,EIP,SCC,Urban,Platform,Reference,Architecture$Concept,Diagram,[25],...........,31!Figure,8:,ESPRESSO,Smart,Cities,Reference,Architecture,[27],....................................................,34!Figure,9:,BIG$IoT,Architecture,[30],.................................................................................................,37!Figure,10:,Simplified,OrganiCity,facility,architecture,[32],................................................................,40!Figure,11:,TRIANGULUM,Reference,Architecture,[37],...................................................................,44!Figure,12:,symbIoTe,Architecture,[39],............................................................................................,48!Figure,13:,High,Level,Architecture,..................................................................................................,53!Figure,14:,Main,architectural,layers,for,different,IoT,architectures,.................................................,57!Figure,15:,Antwerp,RZ’s,IoT,architecture,........................................................................................,58!Figure,16:,City,of,Caruge,RZ’s,IoT,architecture,..............................................................................,62!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 10 of 179

Figure,17:,Eindhoven,RZ’s,IoT,architecture,....................................................................................,64!Figure,18:,Helsinki,RZ’s,IoT,architecture,........................................................................................,67!Figure,19:,Manchester,RZ’s,IoT,architecture,..................................................................................,70!Figure,20:,Milan,RZ’s,IoT,architecture,............................................................................................,73!Figure,21:,Porto,RZ’s,IoT,architecture,............................................................................................,75!Figure,22:,Santander,RZ’s,IoT,architecture,....................................................................................,78!Figure,23:,SynchroniCity,Reference,Architecture,...........................................................................,93!Figure,24:,Security,Technological,pillars,.......................................................................................,110!Figure,25:,Abstract,Authorization,flow,...........................................................................................,117!Figure,26:,Context,update,and,query,flow,....................................................................................,118!Figure,27:,Context,publish,subscribe,flow,.....................................................................................,119!Figure,28:,IoT,Agent,flow,..............................................................................................................,119!Figure,29:,Offer,creation,flow,........................................................................................................,120!Figure,30:,Order,creation,flow,.......................................................................................................,121!Figure,31:,NGSI,Context,Information,example,[118],....................................................................,122!Figure,32:,Three,different,solutions,to,enable,Context,Management,Interoperability,...................,123!Figure,33:,Different,cases,to,enable,Data,Models,Interoperability,................................................,124!Figure,34:,SynchroniCity,Marketplace,APIs,..................................................................................,125!Figure,35:,Security,Components,Diagram,....................................................................................,127!Figure,36:,SynchroniCity,compliance,levels,..................................................................................,129!Figure,37:,The,Context,Broker,Generic,Enabler,...........................................................................,132!Figure,38:,Amazon,SNS,topic,subscription,...................................................................................,133!Figure,39:,FIWARE,IoT,Device,Management,GE,architecture,.....................................................,135!Figure,40:,sensiNact,Architecture,.................................................................................................,136!Figure,41:,Big,Data,Analysis,GE,Architecture,...............................................................................,137!Figure,42:,CKAN,Architecture,.......................................................................................................,138!Figure,43:,ODF,Architecture,.........................................................................................................,139!Figure,44:,Business,API,Ecosystem,Architecture,.........................................................................,140!Figure,45:,NGSI,Context,Information,Model,.................................................................................,143!,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 11 of 179

List of Tables Table,1:,Description,template,for,ITU$T,FG$SSC,Architecture,.......................................................,17!Table,2:,Description,template,fro,ITU$T,Y.2060,architecture,..........................................................,20!Table,3:,Description,template,for,ISO/IEC,JTC,1,architecture,........................................................,22!Table,4:,Description,template,for,oneM2M,architecture,..................................................................,25!Table,5:,Description,template,for,FIWARE,architecture,..................................................................,28!Table,6:,Description,Template,for,AIOTI,Architecture,.....................................................................,31!Table,7,Description,template,for,EIP,SCC,Urban,Platform,Reference,Architecture,.......................,34!Table,8:,Description,template,fro,ESPRESSO,Smart,Cities,Reference,Architecture,.....................,36!Table,9:,Description,template,for,BIG$IoT,Architecture,...................................................................,39!Table,10:,Description,template,for,OrganiCity,Architecture,............................................................,43!Table,11:,Description,template,for,TRIANGULUM,Architecture,.....................................................,47!Table,12:,Description,template,for,symbIoTe,Architecture,.............................................................,50!Table,13:,Summary,of,Smart,City,Reference,Architectures,from,SDOs,&,Fora,.............................,51!Table,14:,Summary,of,Smart,City,Reference,Architecture,from,EU,Partnership,Programs,...........,51!Table,15:,Summary,of,Smart,City,Reference,Architectures,from,EU,Projects,...............................,52!Table,16:,Comparison,among,SynchroniCity,RZs,–,part,1,.............................................................,81!Table,17:,Comparison,among,SynchroniCity,RZs,–,part,2,.............................................................,82!Table,18:,Architectural,system,requirements,..................................................................................,86!Table,19:,Data,Management,and,Service,requirements,.................................................................,89!Table,20:,Security,and,Privacy,requirements,..................................................................................,90!Table,21:,Context,Data,Broker,module,description,.........................................................................,95!Table,22:,Context,Event,Processing,module,description,................................................................,96!Table,23:,Common,Data,Models,Adapter,module,description,........................................................,97!Table,24:,Data,Connector,module,description,................................................................................,98!Table,25:,IoT,Agents,module,description,......................................................................................,100!Table,26:,Device,Management,module,description,......................................................................,100!Table,27:,Catalogue,Management,module,description,.................................................................,103!Table,28:,Offers/Orders,Management,module,description,...........................................................,103!Table,29:,Peering,Management,module,description,.....................................................................,104!Table,30:,Revenue,Management,module,description,...................................................................,105!Table,31:,Feedback,and,reputation,module,description,...............................................................,106!Table,32:,Customer,Management,module,description,..................................................................,107!Table,33:,License,Management,module,description,.....................................................................,108!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 12 of 179

Table,34:,SLA,Management,module,description,..........................................................................,109!Table,35:,Transparency,and,accountability,module,description,...................................................,109!Table,36:,Data,protection,and,Privacy,module,description,...........................................................,112!Table,37:,Identity,and,Authentication,Management,module,description,.......................................,112!Table,38:,Authorization,and,Accounting,module,description,........................................................,113!Table,39:,Policy,Management,module,description,........................................................................,114!Table,40:,Administration,&,Configuration,module,description,.......................................................,116!Table,41:,Platform,Monitoring,module,description,........................................................................,116!Table,42:,NGSI$9,and,NGSI$10,Operations,List,...........................................................................,145!Table,43:,Generic,template,for,requirements,description,.............................................................,148!,

,

,

,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 13 of 179

Introduction ,

One,of,the,main,aims,of,the,SynchroniCity,project,is,to,design,,implement,and,deploy,an,open,digital,single, market, for, IoT$enabled, urban, services,, where, different, stakeholders, (e.g., cities,, system,integrators,,software,developers,,IoT,device,manufacturers),can,compete,and,innovate.,In,order,to,achieve,this,challenging,goal,,several,related,activities,have,to,be,carried,out:,from,technical,point,of,view,it,is,necessary,to,define,a,platform,that,provides,the,necessary,functionalities,and,interfaces,to,support,the,digital,single,market:,these,include,,for,instance,IoT,and,legacy,system,management,,data,access,management,,security,and,privacy,and,marketplace,mechanisms.,

The, scope, of, this, document, is, to, design, the, SynchroniCity, Reference, Architecture, its, logical,components,,their,functionalities,and,interfaces,that,will,be,implemented,,integrated,and,deployed,by,the,different,cities,(Reference,Zones),in,order,to,participate,to,the,digital,single,market.,

Due,to,the,heterogeneity,of,IoT,technologies,and,standard,,existent,platform,already,in,place,in,the,cities,,reference,architectures,and,international,activities,in,the,Smart,City,domain,,building,a,new,and,generic,platform,,to,satisfy,the,needs,of,a,Digital,Single,Market,across,Europe,(and,beyond),,cannot,be,considered,an,easy,task.,,

For,this,reason,,the,approach,followed,in,this,deliverable,is,twofold:,on,the,one,hand,we,tried,to,base,the, architecture, on, standard, approaches, and, technologies, derived, from, the, most, relevant,international,initiatives,,on,the,other,hand,it,has,been,taken,in,consideration,the,concrete,specific,requirements,coming,from,the,8,Reference,Zones,involved,in,the,SynchroniCity,project.,

The,document,therefore,contains,one,section,dedicated,to,the,analysis,and,comparison,of,relevant,IoT/Smart,City,initiatives,that,include,SDOs,,EU,partnership,programs,and,EU,projectsm,section,2,is,dedicated,to,the,analysis,of,the,existing,RZ,IoT,architecture,and,platform,including,the,definition,of,the,requirements.,,

The,core,part,of,the,deliverable,is,the,reference,architecture,description:,starting,from,all,the,previous,outcomes,,section,3,reports,the,logical,components,,their,functionalities,and,interfaces,following,an,open,and,technologic$agnostic,approach.,The,objective,is,to,provide,a,generic,architecture,that,can,be,implemented,with,different,technologies,by,cities,characterised,by,different,“maturity”,in,terms,of,IoT,infrastructure.,In,this,regard,is,very,relevant,the,definition,of,“interoperability,points”,,the,main,interfaces, and, components, that, interact, with, the, Reference, Zones, systems, and, external,applications:,it,have,been,defined,different,degrees,of,compliance,with,SynchroniCity,platform,that,can,be, reached, interacting,and, implementing,specific, interoperability,points,allowing, the,cities, to,reach,the,SynchroniCity,ecosystem,satisfying,also,a,minimum,set,of,architectural,requirements.,

The,concrete,implementation,of,the,reference,architecture,and,the,related,technological,choices,will,be,carried,out,by,other,tasks,of,the,SynchroniCity,work,package,2:,nevertheless,,this,deliverable,,in,the,last,section,,proposes,some,concrete,technological,components,,compliant,with,SynchroniCity,architectural,approach,and,principles,,that,can,be,reused,to,implement,the,logical,components,of,the,reference,architecture.,

The,result,of,this,deliverable,will,be,a,key,input,for,the,other,SynchroniCity,technical,tasks,related,to,the,implementation,of,the,Digital,Single,Market,,but,also,to,the,ones,that,will,carry,out,to,the,design,and,development,of, the,pilot,applications,relying,on, the,SynchroniCity,platform., It, is, important, to,underline,that,a,second,version,of,this,document,will,be,released,in,February,2018,,including,more,detailed,architectural,specifications,and,interface,definitions,,as,well,new,platform,requirements,that,can,be,identified,during,the,implementation,and,deployment,of,the,SynchroniCity,platform.,

,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 14 of 179

1! Analysis of relevant standards and technologies Smart, City, is, a, key, driver, of, large, scale, IoT, markets, where, and, a, complex, set, of, diverse,technologies,, consisting, of, heterogeneous, IoT, devices,, network, infrastructure,, cloud, systems,,multiple, IoT,platforms,,go, together, to,provide,diverse,smart,city,and,application.,On, top,of, them,,diverse,smart,city,applications,and,services,are,provided.,The,scale,of, the,smart,city,use,cases,varies, from, a, single, local, network, based, system, to, a, large, scaled, cross$platform, deployment.,Various, communication, technologies, are, used, to, support, the, use, case, requirements, and, may,include, diverse, IoT, protocols,, security, and, privacy,, data, analytics, and, managements,, service,orchestration,,business,management,,etc.,,

City, governments, and,markets, are,moving, towards, support, of, smart, cities., Such, active,market,driving, brings, dynamic, technology, developments, but, leads, to, a, lack, of, usable, standards, and,common, framework, for,smart,cities.,As, result,, there,are,several,existing,and,on$going,studies, in,large,scale,IoT,platforms,and,common,frameworks,for,Smart,Cities,in,various,standard,bodies,,EU,programs,and,initiatives.,As,SynchroniCity,aims,to,build,a,Single,Digital,City,Market,for,Europe,by,piloting, its, foundations,at,scale, in,reference,zones,across,8,European,cities,, involving,also,other,cities,globally,,it,is,important,to,analyse,the,existing,solutions,suggested,by,the,relevant,studies,and,to, collect, technologies, are, used, and, available, in, cities., Instead, of, reinventing, the, wheel,,SynchroniCity,targets,to,build,an,architecture,framework,that,collects,the,most,common,capabilities,and, technologies,of,what,cities,need,, is,easily,extendable, for, the,cities,who,want, to,extend, their,existing,framework,,and,provides,easy,adaptation,for,cities,who,have,only,just,begun,to,plan,smart,city,projects.,

Thus,,before,designing,and,building,the,SynchroniCity,architecture,,(1),detailed,reviews,and,analysis,of,the,well$known,or,widely,used,technologies,and,(2),uniform,analysis,of,relevant,studies,have,been,conducted.,Starting,from,the,key,building,blocks,identified,in,D1.3,[1],by,T1.2,as,a,basic,input,,the,analysis,has,been,focused,on,finding,commonalities,of,the,similar,works,from,the,other,studies.,,

The,first,analysis,examined,a,list,of,relevant,studies,is,composed,by,SDOs,,EU,partnership,programs,and,EU,projects.,All,selected,studies,are,targeting,large,scale,IoT,deployment,and/or,smart,city.,The,identified,commonalities,is,a,good,starting,point,to,provide,a,common,SynchroniCity,framework,for,cities., In, order, to, make, the, in$depth, comparison, uniformed, and, straightforward,, the, surveyed,approaches,where,analysed,with,the,following:,

•, Which,are,the,main,logical,layers,of,the,architecture,and,what,are,their,main,functionalities?,•, How,does,the,reference,architecture,handle,southbound,integration?,How,is,integration,with,

legacy,system,managed?,What,kind,of,protocols,are,supported?,•, How,are,authentication,,authorization,and,accounting,managed?,•, How,is,privacy,and,data,protection,handled?,•, Are, there, specific, components, dedicated, to, the, business, ecosystem/marketplace,

management?,What,are,their,specific,functionalities?,•, Are, there, reference, implementations, of, the, architecture, or, suggested, technologies, to,

implement,specific,components?,•, How, is, the, data, collection/publication, process,managed?, Are, there, specific, components,

dedicated,to,open,data,management?,•, How, is, the,data/semantic, interoperability, inside, the,platform,managed?,Are, specific, data,

models,defined?,•, How,is,the,northbound,layer,managed?,Does,the,architecture,define,logical,APIs?,

As,large$scale,IoT,and,Smart,City,platforms,are,composed,of,diverse,devices,and,functionalities,in,different,layers,,the,above,key,questions,are,designed,to,highlight,the,features,of,core,technologies,and,functionalities,that,underpin,smart,city,platforms.,Inputs,from,cities,collected,in,WP1,have,been,used, to, select, these, core, questions., The, following, sections, describe, the, analysis, results, of, the,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 15 of 179

relevant,studies,in,a,common,format.,,

A,further,analysis,of,the,well$known,technologies,included,IoT,network,connectivity,and,protocols,,IoT, session, layer, protocols,, IoT, data, management,, IoT, security, and, privacy, including, data,protection,, security, on, IoT, infrastructure, and, IoT, platform., The, goal, of, the, analysis, is, to, inform,common, choices, of, technologies, and, their, applicability, and, benefits, on, supporting, of, smart, city,framework.,The,resulting,details,can,be,found,in,Appendix,2.,,

1.1! Smart City Reference Architecture from SDOs & Fora

1.1.1! ITU-T FG-SSC The,International,Telecommunication,Union,(ITU),[2],is,the,United,Nations,specialised,agency,in,the,field, of, telecommunications,, information, and, communication, technologies, (ICTs)., The, ITU,Telecommunication,Standardization,Sector,(ITU$T),is,a,permanent,organ,of,ITU.,ITU$T,Study,Group,5,set,up,the,ITU$T,Focus,Group,on,Smart,Sustainable,Cities,(FG$SSC),,which,aims,to,act,as,an,open,platform,for,smart$city,stakeholders.,Figure,1,depicts,a,corresponding,SSC,ICT,architecture,from,communications,view,,emphasizing,on,a,physical,perspective.,,

,

,

Figure,1:,A,multi$tier,SSC,ICT,architecture,from,communications,view,,emphasizing,on,a,physical,perspective,[3],

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 16 of 179

The, reference,model,consists,of, four, layers:,Application, layer,,Data,and,Support, layer,,Network,layer,and,Sensing,layer.,SynchroniCity,analyses,the,reference,model,using,the,Table,1.,

,

,

Which!are!the!main!logical!layers!of!the!architecture!and!what!are!their!main!functionalities?!

It,consists,of,four,logical,layers,(Application,layer,,Data,and,Support,layer,,Network,layer,and,Sensing,layer),and,one,vertical,capability,(Operation,,Administration,,Maintenance,and,Provisioning,,and,Security).,

●, Sensing,layer:,This,consists,of,terminal,node,and,capillary,network.,Terminals,(sensor,,transducer,,actuator,,camera,,RFID,reader,,barcode,symbols,,GPS,tracker,,etc.),sense,the,physical,world.,They,provide,the,superior,"environment$detecting",ability,and,intelligence,for,monitoring,and,controlling,the,physical,infrastructure,within,the,city.,The,capillary,network,(including,SCADA,,sensor,network,,HART,,WPAN,,video,surveillance,,RFID,,GPS,related,network,,etc.),connects,various,terminals,to,network,layer,,providing,ubiquitous,and,omnipotent,information,and,data.,

●, Network,layer:,The,network,layer,indicates,various,networks,provided,by,telecommunication,operators,,as,well,as,other,metro,networks,provided,by,city,stakeholders,and/or,enterprise,private,communication,network.,

●, Data,and,support,layer:,Contains,data,centre,from,industries,,departments,,enterprises,,as,well,as,the,municipal,dynamic,data,centre,and,data,warehouse,,among,others,,established,for,the,realization,of,data,process,and,application,support.,

●, Application,layer:,The,application,layer,includes,various,applications,that,manage,the,SSC,and,deliver,the,SSC,services.,

●, Operation,,Administration,,Maintenance,and,Provisioning,,and,Security,(OAM,&,P,&,security),framework:,,This,provides,the,operation,,administration,,maintenance,and,provisioning,,and,security,function,for,the,ICT,systems,of,SSC.,

How!does!the!reference!architecture!handle!southbound!integration?!How!is!managed!integration!with!legacy!systems?!What!kind!of!protocols!are!supported?!

This,exists,between,the,city,physical,infrastructure,and,sensing,layer.,It,enables,the,terminals,to,sense,the,physical,world,,i.e.,,exchange,of,information,and,control,signals,between,terminal,nodes,in,sensing,layer,and,the,physical,infrastructure.,

How!are!authentication,!authorization!and!accounting!managed?!

Communication,interface,point,6,between,the,OAM,&,P,and,security,framework,and,the,four,layers,(Sensing,layer,,Network,layer,,Data,and,Support,layer,and,Application,layer),enables,the,corresponding,modules,to,exchange,data,flow,and,control,flow,and,provide,operation,,administration,,maintenance,,provisioning,and,security,function.,No,detailed,information,is,provided,on,the,authentication,,authorization,and,accounting,mechanisms.,,

How!is!privacy!and!data!protection!handled?!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 17 of 179

They,are,specified,under,the,corresponding,technical,report,on,Smart,Sustainable,City,Cybersecurity,,data,protection,and,cyber,resilience,in,smart,sustainable,cities,[4].,On,the,basis,of,security,infrastructure,,smart,city,information,security,system,provides,security,for,smart,city,from,technology,and,management.,Establish,a,comprehensive,security,system,from,the,four,directions,of,physical,and,environmental,security,,system,security,,network,security,,and,data,and,application,security,on,technical,level.,Aiming,at,each,layer's,unique,security,risks,of,sensing,layer,,communication,layer,,data,layer,and,application,layer,,implement,appropriate,solutions,respectively,,to,achieve,prevention,and,control,of,smart,city,layer,upon,layer.,Protect,the,whole,construction,system,and,safeguard,the,security,of,smart,city.,

Are!there!specific!components!dedicated!to!the!business!ecosystem/marketplace!management?!What!are!their!specific!functionalities?!

No,specification,was,found.!

Are!there!reference!implementations!of!the!architecture!or!suggested!technologies!to!implement!specific!components?!

No,specification,was,found.,

How!is!the!data!collection/publication!process!managed?!Are!there!specific!components!dedicated!to!open!data!management?!

Generic,capabilities,in,Data,and,Support,Layer,handles,data,collection,and,publication,with,no,details,on,specification.,,The,following,standards,have,been,introduced,governing,open,data,management:,

•, ISO,11179,for,data,modelling,•, ISO,15000,ebXML,for,web,services,

How!is!the!data/semantic!interoperability!managed!inside!the!platform?!Are!specific!data!models!defined?!


How!is!the!northbound!layer!managed?!Does!the!architecture!define!logical!API?!


Table,1:,Description,template,for,ITU$T,FG$SSC,Architecture,

,

1.1.2! ITU-T SG13 Y.2060 ITU$T, Y.2060, [5], provides, an, overview, of, IoT, that, includes, functional, characteristics,, high$level,requirements,and,IoT,reference,model.,It,sees,IoT,as,a,global,infrastructure,and,provides,a,reference,model,that,can,be,applied,to,large$scale,IoT,based,systems,and,applications.,Smart,City,is,a,good,example,to,use,IoT,as,an,infrastructure,,and,this,Recommendation,can,be,viewed,as,conceptual,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 18 of 179

analysis,of,functionalities,in,the,SynchroniCity,architecture.,Figure,2,,shows,its,IoT,reference,model.,

,

Figure,2:,ITU$T,Y.2060,IoT,Reference,Model,[6],

The,reference,model,consists,of,four,layers:,application,layer,,service,support,and,application,support,layer,,network,layer,and,device,layer.,Furthermore,two,vertical,capabilities,are,defined:,management,capabilities,and,security,capabilities.,SynchroniCity,analyses,the,reference,model,using,the,Table,2.,,,


It,consists,of,four,logical,layers,(application,layer,,service,support,and,application,support,layer,,network,layer,and,device,layer),and,two,vertical,capabilities,(management,capabilities,and,security,capabilities).,,

$, Application,layer:,it,contains,IoT,applications,and,functionalities,are,provided,by,IoT,applications.,

$, Service,support,and,application,support,layer:,it,consists,of,following,two,logical,capabilities:,,o, Generic,support,capabilities:,common,capabilities,for,heterogeneous,IoT,applications,

such,as,data,processing,or,data,storage.,o, Specific,support,capabilities:,application$specific,capabilities,and,consist,of,various,

capability,groups.,,$, Network,layer:,it,consists,of,following,two,capabilities:,

o, Networking,capabilities:,control,functions,of,network,connectivity,such,as,access,and,transport,resource,control,functions,,mobility,management,or,authentication,,authorization,and,accounting.,

o, Transport,capabilities:,connectivity,for,transport,of,IoT,service,and,application,specific,data,information,and,IoT,related,control,and,management,information.,,

$, Device,layer:,it,consists,of,following,two,logical,capabilities:,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 19 of 179

o, Device,capabilities:,handle,device,behaviours,of,communication,such,as,direct,interaction,with,communication,networks,,indirect,interaction,with,communication,networks,,ad$hoc,networking,,sleeping,and,waking$up.,,

o, Gateway,capabilities:,support,multiple,interfaces,and,protocol,conversion,for,providing,interoperable,communications.,,

$, Management,capabilities:,it,covers,traditional,fault,,configuration,,accounting,,performance,and,security,classes,,etc.,The,essential,capabilities,include,device,management,,local,network,topology,management,,traffic,and,congestion,management.,Specific,management,capabilities,are,application$specific.,

$, Security,capabilities,consist,of,Generic,security,capabilities,that,are,application,independent,,and,Specific,security,capabilities,coupled,with,application$specific,requirements.,The,Generic,security,capabilities,handle,,o, authorization,,authentication,,application,data,confidentiality,and,integrity,protection,,

privacy,protection,,security,audit,and,anti$virus,in,application,layer,,,o, authorization,,authentication,,use,data,and,signalling,data,confidentiality,and,

signalling,integrity,protection,in,network,layer,,and,o, Authentication,,authorization,,device,integrity,validation,,access,control,data,

confidentiality,and,integrity,protection,in,device,layer.,,


It,is,a,high$level,reference,model,and,provides,only,conceptual,description.,It,states,that,the,southbound,integration,is,handled,by,Gateway,capabilities,in,Device,layer,providing,multiple,interfaces,and,protocol,conversion,,but,there,are,no,specific,technologies,or,methodologies,mentioned.,,

How!are!authentication,!authorization!and!accounting!managed?,

The,reference,model,includes,vertically,located,“Security,capabilities”,and,it,include,authentication,,authorization,and,accounting,in,Application,layer,,Network,layer,and,Device,layer.,However,,no,specification,is,mentioned.,,


Inside,of,“Security,capabilities”,,there,are,privacy,protection,functionalities,in,Application,layer.,,


It,has,“Service,support,and,application,support,layer”,but,it,doesn’t,have,specific,description,on,business,ecosystem,and,marketplace,management.,In,the,Appendix,I,(not,a,normative,part,of,the,standard),,IoT,ecosystem,and,business,models,are,stated.,,


Not,in,this,standard.,,


Generic,capabilities,in,Service,and,Application,support,layer,handles,data,collection,and,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 20 of 179

publication.,But,there,is,no,specification.,,

How!is!the!data/semantic!interoperability!inside!the!platform!managed?!Are!specific!data!models!defined?!

No,specification,is,mentioned.,,


No,APIs,are,mentioned.,,

Table,2:,Description,template,fro,ITU$T,Y.2060,architecture,

1.1.3! ISO/IEC JTC1 ISO/IEC,JTC,1,established,a,Study,Group,on,Smart,Cities,[7],and,has,investigated,the,value,and,scope,of,a,Smart,Cities’,model,,including,a,Smart,City,Reference,Model,from,an,ICT,perspective,,a,domain,knowledge,model,,and,a,data,and,service,model.,Figure,3,shows,the,concept,diagram,from,ISO/IEC,JTC,1/SG1,,Study,group,on,smart,cities,.,,

,

Figure,3:,ISO/IEC,JTC,1,Smart,cities,Solution,Concept,Diagram,[8],

The, concept, diagram,consists, of, business, layer,, data, layer,, sensing, layer,, security, system,,and,cloud,and,network, resources.,SynchroniCity,analyses, the,concept,diagram,and, its, related,works,using,the,Table,3.,,,


The,conceptual,model,includes,the,following,layers:,●, IT,Enabled,Services:,include,applications,and,services,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 21 of 179

●, Business,layer:,includes,analytics,and,models,,visualization,and,decision,support,,catalogues,and,semantics,of,metadata.,

●, Data,layer:,includes,data,ingestion,and,quality,checking,,data,access,,transaction,and,collaboration.,

●, Sensing,Layer:,includes,city,sensor,webs,connecting,physical,networks,such,as,sensor,networks,,and,crowdsourcing,with,phones,and,wearable,device.,,

●, Cloud,and,network,resources,●, Security,system.,


It,adapts,the,existing,and,ongoing,standards,work,in,ITU,and,JTC,1,(SC6,,SC25,,WG10,,and,WG7).,,


No,specification,found.,


ISO/IEC,and,ITU$T,published,a,series,of,standards,as,followings:,•, ISO/IEC,27002,Code,of,practice,for,information,security,management,,•, ISO/IEC,29100:2011,Privacy,framework,•, ISO/IEC,29101:2013,Privacy,architecture,framework,•, ISO/IEC,1st,CD,29134,Privacy,impact,assessment,—Guidelines,•, ISO/IEC,FDIS,29190,Privacy,capability,assessment,model,•, SC27,NWIP,on,“Privacy,enhancing,data,de$identification,techniques”,,under,CD,ballot,

(N15297).,•, ISO/IEC,27032,Guidelines,for,cybersecurity.,•, ITU$T,FG$SSC$0090r3$Technical,Report,on,ICT,Infrastructure,for,Cyber,Security,,Data,

Protection,and,Cyber,Resilience,in,smart,,sustainable,cities’.,The,existing,standards,are,used,to,provide,the,privacy,and,data,protection.,,


The,concept,diagram,includes,Business,layer,for,analytics,and,models,,visualization,and,decision,support,,catalogues,and,semantics,of,metadata.,,


It,is,designed,to,use,of,existing,standards,wherever,it’s,applicable,(e.g.,LDAP,for,generic,data,protocols,and,standards).,,

How!is!the!data!collection/publication!process?!Are!there!specific!components!dedicated!to!open!data!management?!

The,data,layer,manages,data,ingest,and,quality,checking,on,collection,process,,and,data,access,,transaction,and,collaboration,with,the,processed,data.,,

How!is!the!data/semantic!interoperability!inside!the!platform!managed?!Are!specific!data!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 22 of 179

models!defined?!

It,takes,BSI,(British,Standards,Institution),published,PAS,182:2014,(Smart,city,concept,model,–,Guide,to,establishing,a,model,for,data,interoperability),for,defining,its,Upper,level,ontology,for,smart,cities.,Data,&,Ontologies,are,working,in,progress,in,JTC1,SC32,,SC,24,and,WG9.,,


Connected,to,the,upper,level,ontology,concept,,it,defines,integration,service,(data,integration,services,and,application,integration,services),,and,Domain,independent,services,(common,payment,system,,identifiers,,performance,evaluation,,policy,management,,etc.).,,

Table,3:,Description,template,for,ISO/IEC,JTC,1,architecture,

1.1.4! oneM2M OneM2M,[9],is,the,global,partnership,project,formed,by,global,standard,development,organizations,(i.e.,ATIS,,TIA,,ETSI,,TSDSI,,CCSA,,TTA,,TTC,and,ARIB),to,bring,a,horizontal,IoT/M2M,middleware,platform.,The,horizontal,platform,provides,common,services, functions,of,different,vertical,service,domains, so, that, application, developers, can, focus, on, application, logics, since, oneM2M, provides,abstracted,and,common,APIs.,,,

,

Figure,4:,oneM2M,Possible,smart,city,blue$print,[10],

An,oneM2M,based,IoT,system,can,be,consisted,of,both,non$oneM2M,devices,and,oneM2M,devices,together.,As,shown,in,the,Figure,4,,oneM2M,can,support,smart,city,system,from,the,device,to,the,applications, in,a,holistic,way., It, can,build,a,smart,city,system, together,with,other,platforms, (e.g.,FIWARE,,W3C).,For,example,,oneM2M,system,provides,data,collection,and,device,management,for,heterogeneous,IoT,devices,to,the,FIWARE,based,upper, layer,,while,the,upper, layer,provides,data, centric, functionalities, such, as, big, data, processing., This, flexibility, what, oneM2M, provides,enables,multi$platform,interoperability.,Analysis,of,oneM2M,architecture,is,reported,in,Table,4.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 23 of 179

,


oneM2M,layered,architecture,model,consists,of,three,layers,and,each,layer,has,logical,entity:,,

●, Application!Entity!(AE),is,an,entity,in,the,application,layer,that,implements,an,M2M,application,service,logic.,Each,application,service,logic,can,be,resident,in,a,number,of,M2M,nodes,and/or,more,than,once,on,a,single,M2M,node.,Each,execution,instance,of,an,application,service,logic,is,termed,an,"Application,Entity",(AE),and,is,identified,with,a,unique,AE$ID.,Examples,of,the,AEs,include,an,instance,of,a,fleet,tracking,application,,a,remote,blood,sugar,monitoring,application,,a,power,metering,application,,etc.,

●, A,Common!Services!Entity!(CSE),represents,an,instantiation,of,a,set,of,"Common,Service,Functions",of,the,M2M,environments.,Such,service,functions,are,exposed,to,other,entities,through,the,Mca,and,Mcc,reference,points.,Reference,point,Mcn,is,used,for,accessing,underlying,Network,Service,Entities.,Each,Common,Service,Entity,is,identified,with,a,unique,CSE$ID.,

●, Underlying,Network!Services!Entity!(NSE):,A,Network,Services,Entity,provides,services,from,the,underlying,network,to,the,CSEs.,Examples,of,such,services,include,device,management,,location,services,and,device,triggering.,No,particular,organization,of,the,NSEs,is,assumed.,

Services,provided,by,the,Common,Services,Layer,in,the,M2M/IoT,System,reside,within,a,CSE,and,are,referred,to,as,Common,Services,Functions,(CSFs).,The,CSFs,provide,services,to,the,AEs,via,the,Mca,reference,point,and,to,other,CSEs,via,the,Mcc,reference,point.,CSEs,interact,with,the,NSE,via,the,Mcn,reference,point.,An,instantiation,of,a,CSE,in,a,Node,comprises,a,subset,of,the,CSFs.,

How!does!the!reference!architecture!handle!southbound!integration?!How!is!integration!with!legacy!systems!managed?!What!kind!of!protocols!are!supported?!

oneM2M,Infrastructure,Node,(IN),communicates,with,the,other,oneM2M,nodes,(i.e.,MN,,ASN,and,ADN),in,the,field,domain,using,the,APIs,provided,by,CSFs,over,Mcc,and,Mca,reference,points.,oneM2M,protocols,are,bound,to,CoAP,,HTTP,,MQTT,and,WebSocket,for,protocols,(TS$0008,,TS$0009,,TS$0010,and,TS$0020,,respectively).,The,other,IoT/M2M,systems,such,as,LwM2M,,AllJoyn,,OCF,are,interworked,with,oneM2M,system,as,defined,in,the,corresponding,interworking,specifications,(TS$0014,,TS$0021,and,TS$0024,,respectively).,oneM2M,also,provides,generic,interworking,for,legacy,protocols,(e.g.,ZigBee),in,M2M,Area,Network,using,Interworking,Proxy,Entity,(IPE),(TS$0030).,

How!is!the!authentication,!authorization!and!managed?,

Authentication:!oneM2M,provides,mutual,authentication,schemes.,To,prevent,reading,and,copying,of,credentials,,a,secure,environment,within,the,Security,CSF,provides,protection,against,tampering,of,those,credentials,and,related,processed,information.,A,general,mutual,authentication,protocol,is,applied,to,both,symmetric,and,asymmetric,key,based,schemes.,Precise,protocol,messages,and,parameters,depend,on,the,chosen,scheme,and,the,security,parameters,selected.,Authorization:!oneM2M,authorizes,services,and,specific,operations,(e.g.,Retrieve,,Update),on,resources,identified,and,authenticated,entities,,according,to,provisioned,access,control,policies,and,assigned,roles.,This,functionality,is,mandatory,when,any,services,relying,on,authorization,and,access,control,are,present.,Among,other,usages,,the,services,of,this,functionality,may,be,applied,to,personal,information,as,a,means,to,preserve,privacy.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 24 of 179

Accounting:!oneM2M,provides,service,layer,charging,policies,and,configuration,capturing,service,layer,chargeable,events,,generating,charging,records,and,charging,information.,The,IN$CSE,can,interwork,with,charging,systems,in,the,Underlying,Network,(e.g.,3GPP,network).,


Privacy:!Privacy,Policy,Manager,(PPM),functionality,assists,in,the,management,of,privacy,preferences,expressed,by,data,subject,with,respect,to,service,requirements,and,applicable,regulations.,The,PPM,is,a,personal,data,management,framework,based,on,the,user's,privacy,preferences.,,Data!protection:!oneM2M,provides,Secure,Storage,service,to,AEs,and,CSEs,with,access,to,the,secure,storage,capability,of,the,Secure,Environment,(SE).,Data,securely,stored,by,the,AE,or,CSE,shall,only,be,accessible,through,the,Security,API,and,by,authorized,entities.,Stored,data,shall,be,under,the,control,of,the,stakeholder,owning,the,data,independently,from,the,other,stakeholders.,The,Secure,Environment,component,is,a,logical,entity,that,provides,Sensitive,Functions,operating,on,Sensitive,Data,,Secure,Storage,and,other,resources/functions.,


N/A,


As,well,as,the,commercial,implementations,(e.g.,InterDigital,,HPE,,ntels),,some,of,oneM2M,members,manage,their,own,open,source,implementations:,$, KETI,leads,the,OCEAN,which,provides,the,different,oneM2M,node,type,implementations,

based,on,Spring,and,Node.js,frameworks.,$, LAAS$CNRS,leads,the,OM2M,open,source,projects,in,eclipse,based,on,OSGi,framework.,$, Cisco,leads,the,IoTDM,project,which,provides,open,source,for,SDN,environment.,

How!is!managed!the!data!collection/publication!process?!Are!there!specific!components!dedicated!to!open!data!management?!

It,is,up,to,application,to,use,relevant,functionalities,of,the,platform,such,as,storing/sharing,data,(e.g.,container,and,content%Instance,resource,type),,announcement,and,group,management.,As,common,services,,CSFs,includes,Data,Management,and,Repository,(DMR).,Device,Management,(DMG),,Discovery,(DIS),,and,Group,Management,(GMG).,

How!is!managed!the!data/semantic!interoperability!inside!the!platform?!Are!defined!specific!data!models?!

oneM2M,defines,its,Base,Ontology,which,can,be,extended,for,domain,specific,ontologies.,This,can,be,used,for,legacy,device,interworking,in,area,networks,to,represent,their,services,and,functionalities.,Not,only,for,legacy,devices,but,also,for,oneM2M,native,devices,,resource,types,that,contains,IoT/M2M,data,(e.g.,container,resource,type),can,have,semantic,annotation,(i.e.,semantic%Descriptor,resource,type),while,referring,an,ontology,which,can,be,external.,,The,data,models,for,home,domain,appliances,are,standardized,(TS$0023).,The,other,domain,for,data,model,specification,is,under,discussion.,

How!is!managed!the!northbound!layer?!Does!the!architecture!define!logical!API?!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 25 of 179

oneM2M,REST,APIs,over,Mca,reference,points,are,northbound,from,oneM2M,platform,(i.e.,Common,Services,Entity),to,applications,(i.e.,Application,Entity).,Once,the,AE,is,successfully,registered,(i.e.,AE,registration),,by,access,control,mechanism,,it,can,get,access,to,data,and,functionalities,that,platform,provides.,

Table,4:,Description,template,for,oneM2M,architecture,

1.2! Smart City Reference Architecture from EU Partnership Program and Projects

1.2.1! FIWARE FIWARE,[11],is,an,open,source,platform,intended,to,provide,the,software,infrastructure,needed,to,support,smart,applications,in,multiple,sectors.,Particularly,,for,smart,cities,,FIWARE,provides,components,that,allow,acquiring,and,harmonizing,data,coming,from,different,IoT,devices,or,external,systems,owned,by,the,city.,Such,data,is,published,to,a,data,hub,(context,broker),which,contains,a,uniform,view,,in,real,time,,of,the,status,of,a,city.,Furthermore,,the,FIWARE,Context,Broker,offers,a,modern,REST,API,which,allows,applications,and,other,services,to,manage,,consume,and,subscribe,to,all,the,data,generated,by,the,city.,,Around,the,context,broker,different,components,can,be,plugged,in.,For,instance,,historical,and,big,data,can,be,generated,,stored,and,later,analysed,,providing,insights,or,predictions.,Last,but,not,least,,FIWARE,enables,the,publication,and,monetization,of,the,city,data,by,integrating,CKAN,and,different,extensions.,Those,extensions,enable,the,creation,of,a,data,marketplace,by,leveraging,the,TMForum,[12],APIs.,,Figure,5,provides,a,more,detailed,functional,overview,of,a,complete,FIWARE,architecture.,,

,

Figure,5:,FIWARE,Overall,Architecture,[13],

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 26 of 179

,


●, Infrastructure%layer.,Provides,all,the,computational,resources,needed,to,run,a,smart,city,platform,instance.,It,is,based,on,Docker,and,OpenStack,technologies.,

●, Data%acquisition%&%actuation%layer.,It,allows,acquiring,and,ingesting,smart,city,data,from,different,sources,including,diverse,IoT,devices,and,protocols,,existing,IT,systems,,or,extra,private,or,public,data,sources.,In,addition,,it,exposes,mechanisms,to,actuate,over,devices,or,systems,,so,that,a,more,efficient,and,smart,behaviour,is,exhibited,by,a,city.,Context%brokering%layer.,The,main,component,of,this,layer,is,a,data,hub,(performing,the,functional,role,of,a,context,broker),which,integrates,all,the,data,coming,from,different,sources.,In,fact,,it,offers,developers,an,open,API,(FIWARE,NGSI),intended,to,publish,,consume,and,subscribe,to,context,information.,Context,information,is,modelled,using,entities,and,properties,which,represent,what,is,happening,in,real,(or,right),time,in,a,city,,integrating,and,aggregating,information,from,multiple,sources,as,described,above.,Context,information,is,usually,harmonised,as,per,the,rules,dictated,by,the,FIWARE,schemas,(FIWARE%Data%Models).,The,Context,brokering,layer,enables,the,creation,of,multiple,and,related,vertical,applications,portable,at,data,level,and,easily,replicable,in,multiple,cities.,The,context,brokering,layer,typically,exposes,the,last,value,of,each,data,item.,However,,there,is,also,a,short,term,historical,database,which,allows,applications,to,make,use,of,historical,time,series,for,the,different,properties.,This,layer,also,provide,plugins,which,offer,the,capability,to,automatically,generate,long,term,historical,data,and,populate,it,to,big,data,stores.,,

●, Data%processing,%Analytics%&%Visualization%layer.,It,allows,processing,all,the,city,data,so,that,new,information,can,be,derived,or,useful,insights,can,be,obtained.,As,a,result,processes,can,be,optimized,or,better,decisions,can,be,taken.,Data,processing,can,be,performed,in,real,time,(using,a,Complex,Event,Processing,component),or,deferred,by,using,long,term,historical,data,stored,in,Big,Data,systems.,Once,data,has,been,processed,,the,platform,offers,plugins,and,components,for,its,visualization,in,a,dashboard.,Besides,,there,are,graphical,tools,intended,to,perform,advanced,data,analyses,such,as,those,related,to,location,or,business,intelligence.,Last,but,not,least,,some,advanced,interaction,components,are,offered,to,deal,with,3D,representations,or,augmented,reality.,,,,

●, Economy%of%data%layer.,This,layer,incorporates,all,the,components,needed,to,run,an,economy,of,data,,so,that,context,information,from,a,city,is,properly,published,,secured,and,accounted.,It,allows,data,providers,to,publish,,expose,and,charge,for,their,data,,data,consumers,to,acquire,data,sets,and,pay,for,their,consumption.,As,a,result,a,data,marketplace,is,enabled,,moving,forward,from,the,concept,of,open,data,to,the,economy,of,data.,This,layer,is,powered,by,the,corresponding,TM,Forum,APIs.,,


●, Southbound,integration,is,managed,through,a,library,of,connectors,named,IoT,Agents.,Each,IoT,Agent,is,specialized,in,one,IoT,protocol,or,connectivity,mechanism.,There,is,a,programming,library,which,simplifies,the,creation,of,new,IoT,Agents.,,

●, Integration,with,legacy,systems,is,managed,through,context,providers,which,are,adaptors,that,enable,the,integration,of,legacy,systems,with,the,rest,of,smart,city,data,present,in,a,context,broker,instance.,For,instance,,a,context,provider,can,be,used,to,obtain,the,current,position,of,a,bus,,being,this,position,exposed,by,an,existing,bus,fleet,management,system.,,

●, Multiple,protocols,are,supported,,particularly,HTTP,,MQTT,,LWM2M,or,Sigfox.,Different,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 27 of 179

representation,formats,for,IoT,data,are,supported,,including,Ultralight,2.0,or,plain,JSON.,The,developed,of,new,adaptors,for,other,protocols,is,fast,and,easy,thanks,to,the,programming,library,mentioned,above.,,


●, Authentication,is,managed,through,an,Identity,Manager,component,(IdM),based,on,an,extended,version,of,OpenStack,Keystone.,,

●, Authorization,is,controlled,by,a,policy,decision,point,(PDP),implemented,using,XACML,3.0,and,controlled,by,an,HTTP,proxy,,which,acts,as,a,Policy,Enforcement,Point,(PEP).,Such,proxy,secures,access,to,the,data,so,that,only,authenticated,and,authorized,users,can,get,access,to,it.,Currently,a,new,architecture,is,being,developed,which,includes,a,more,robust,API,management,component,(named,APinf),and,accompanying,proxy,(API,Umbrella).,,

●, Accounting,is,managed,as,follows:,Every,transaction,made,by,an,application,is,logged,by,the,PEP,proxy.,Such,PEP,proxy,is,capable,to,propagate,a,usage,log,record,to,the,system,in,charge,of,performing,the,accounting,,the,Business,Framework.,In,fact,,the,Business,API,Ecosystem,supports,pay$per$use,pricing,models.,


Although,the,original,FIWARE,Projects,worked,on,different,privacy,components,,for,the,time,being,there,are,no,,production,ready,,off$the$shelf,platform,components,for,dealing,with,privacy.,As,a,result,,applications,have,to,implement,their,own,custom,mechanisms,for,data,protection,and,privacy.,,


The,Business,API,Ecosystem,GE,[14],is,the,result,of,the,collaboration,between,FIWARE,and,TMForum.,In,this,regard,,the,Business,API,Ecosystem,GE,is,a,joint,component,made,up,by,integrating,the,FIWARE,Business,Framework,with,a,set,of,standard,APIs,(and,its,reference,implementations),provided,by,TMForum,in,its,TMF,API,ecosystem.,This,component,allows,the,monetization,of,different,kind,of,assets,(both,digital,and,physical),during,the,whole,service,life,cycle,,from,offering,creation,to,its,charging,,accounting,and,revenue,settlement,and,sharing.,In,this,way,,the,Business,API,Ecosystem,provides,sellers,the,means,for,managing,,publishing,,and,generating,revenue,of,the,products,,apps,,data,,and,services.,,,The,main,functionalities,offered,are:,

●, Support,for,the,management,of,catalogues,,products,,and,offering,●, Support,for,rich,pricing,models,,including,recurring,payments,,pay$per$use,,etc.,●, Support,for,accounting,callbacks,●, Support,for,billing,and,charging,●, Integrated,support,for,PayPal,,including,customer,charges,and,seller,payments,●, Support,for,revenue,sharing,,including,models,with,multiple,stakeholders,involved,


All,the,components,of,the,architecture,are,open,source,and,offered,through,friendly,open,source,licenses.,Source,code,is,available,through,Github,repositories,[15].,

How!is!managed!the!data!collection/publication!process?!Is!there!a!specific!component!dedicated!to!open!data!management?!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 28 of 179

FIWARE,uses,CKAN,as,the,main,platform,for,managing,open,data,,including,data,publication,and,its,exposure,to,developers,,consumers,or,businesses.,,The,data,collection,and,ingestion,to,CKAN,is,managed,through,specific,platform,components,which,allow,connecting,a,context,broker,instance,to,CKAN.,As,a,result,,new,CKAN,datasets,can,be,generated,on,the,fly,,including,all,the,historical,data,series,generated,along,the,time,by,real,time,datasets.,,,In,addition,,there,are,extra,plugins,offered,by,FIWARE,which,allow,publishing,real,time,datasets,associated,to,dynamic,NGSI,queries.,Last,but,not,least,,FIWARE,is,offering,innovative,CKAN,plugins,which,allow,visualizing,harmonized,entities,in,advanced,and,composable,dashboards.,,In,essence,,FIWARE,provides,connectors,between,the,traditional,open,data,publication,world,and,the,real,(right),time,data,world,,incarnated,by,context,broker,architectures,and,the,NGSI,API.,,


The,FIWARE,Data,Models,site,[16],provides,a,catalogue,of,different,common,information,models,useful,in,the,smart,city,domain.,Multiple,smart,city,verticals,are,addressed,(parking,,lighting,,transport,,waste,management,,etc.).,Some,of,these,data,models,have,already,been,adopted,by,GSMA,[17],and,other,smart,city,platforms.,Such,data,models,have,been,formalized,using,JSON,Schema,,so,that,developers,can,easily,adopt,them.,Last,but,not,least,,the,development,of,the,data,models,follows,a,community$driven,collaborative,approach,,ensuring,that,the,interests,of,different,stakeholders,are,covered.,,


As,it,was,mentioned,before,,the,architecture,mandates,the,northbound,exposure,of,all,data,using,the,FIWARE,NGSI,API.,The,FIWARE,NGSI,API,,supported,by,GSMA,and,TMForum,,is,specified,at,[18],and,it,is,in,process,of,being,formally,standardised,by,the,ETSI,CIM,ISG.,,

Table,5:,Description,template,for,FIWARE,architecture,

1.2.2! AIOTI The,Alliance,for, Internet,of,Things,Innovation,(AIOTI), [19],aims,to,create,and,master,sustainable,innovative, European, IoT, ecosystems, in, the, global, context, to, address, the, challenges, of, IoT,technology,and,applications,deployment.,This, includes,standardisation,, interoperability,and,policy,issues,,in,order,to,accelerate,sustainable,economic,development,and,growth,in,the,new,emerging,European,and,global,digital,markets.,It,has,4,general,WGs,(IoT,research,,Innovation,Ecosystems,,IoT,standardisation,and,IoT,policy),,and,9,market,specific,WGs(Smart,living,environment,for,ageing,well,, smart, farming, and, food, security,, wearables,, smart, cities,, smart, mobility,, smart, water,management,,smart,manufacturing,,smart,energy,and,smart,buildings,and,architecture).,

The,following,analysis,is,based,on,WP3,High,Level,Architecture,(HLA),Release,3.0.,The,work,has,been,carried,out,to,be,applicable,to,large,scale,pilot.,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 29 of 179

,

Figure,6:,AIOTI,HLA,functional,model,[20],

The,High,Level,Architecture,functional,model,depicted,in,Figure,6,consists,of,Application,layer,,IoT,layer,,Network,layer,and,set,of, interfaces,among,the,logical,components.,SynchroniCity,analyses,the,HLA,functional,model,using,the,Table,6.,,,


It,consists,of,App,Entity,in,application,layer,,IoT,Entity,in,IoT,layer,and,Networks,in,network,layer,and,the,functions,are,as,following:,

•, Application,layer:,communications,and,interface,methods,used,in,process,to,process,communications.,It,consists,of,an,App,Entity,that,implements,IoT,application,logic.,,

•, IoT,layer:,IoT,specific,functions.,It,consists,of,an,IoT,Entity,that,exposes,IoT,functions,to,App,Entities.,Typical,examples,of,IoT,functions,include,data,storage,,data,sharing,,subscription,and,notification,,firmware,upgrade,of,a,device,,access,right,management,,location,,analytics,,semantic,discovery,etc.,,

•, Network,layer:,grouped,into,data,plane,services,and,control,plane,services.,,o, Data,plane,provides,short,and,long,range,connectivity,and,data,forwarding,

between,entities,o, Control,plane,services,such,as,location,,device,triggering,,QoS,or,determinism.,,o, It,may,be,realized,via,different,network,technologies,(PAN,,LAN,,WAN,,etc.),and,

consist,of,different,interconnected,administrative,network,domains.,,

How!does!the!reference!architecture!handle!southbound!integration?!How!is!the!integration!with!legacy!systems!managed?!What!kind!of!protocols!are!supported?!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 30 of 179

The,architecture,defines,conceptual,interfaces,for,both,the,data,plane,and,the,network,control,plane.,It,shows,how,to,map,existing,legacy,systems,to,the,data$,and,network,control,planes,of,other,architectures,–,but,leaves,specification,and,implementation,up,to,development,teams,using,the,reference,architecture.,


All,AIOTI,interfaces,support,authentication,,authorization,and,encryption,at,hop,by,hop,level.,E2E,application,level,security,is,carried,out,by,securing,interface,1,shown,in,the,above,Figure.,


Privacy,is,handling,together,with,WP4,in,a,separate,task,force,and,this,high$level,architecture,is,leverage,on,it.,The,General,Data,Protection,Regulation,(GDPR),[21],and,the,Network,and,Information,Security,Directive,(NIS),[22],are,the,baseline,of,the,privacy,management.,,It,defines,7,phases,of,the,personal,data,life,cycle,[23],as,following:,

,It,particularly,describes,privacy,and,security,requirements,and,certification,as,a,verification,of,the,privacy,protection.,It,recommends,end$to$end,security,and,key,management.,,


The,high,level,architecture,doesn’t,specify,the,components,for,the,business,ecosystem/marketplace,,however,,there,are,separate,working,groups:,WP2,for,innovation,and,ecosystem,,and,WP5,for,application,support.,No,specification,has,been,published,in,public,yet.,,,


Not,in,the,current,stage.,,


H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 31 of 179

Data,life,cycle,management,handles,data,management,with,data$centric,approaches.,It,includes,data,obtain/collect,,create/derive,,use,,store,,share/disclose,,archive,,destroy/delete.,


Semantic,metadata,and,common,identifiers,are,used,for,the,interactions,with,things,,services,,virtual,entities,and,users.,No,specification,for,the,metadata,format,or,identifiers,is,defined.,,


It,doesn’t,have,specification,yet,but,only,define,conceptual,interface,access,to,the,capabilities.,It,shows,mapping,with,other,existing,systems,and,architectures,how,the,northbound,interface,can,mapped,with,the,models/interfaces,in,the,other,platforms.,Thus,,at,the,current,status,,the,specification,is,up,to,the,deployment,and,implementation,decision.,,

Table,6:,Description,Template,for,AIOTI,Architecture,

1.2.3! EIP-SCC The, European, Innovation, Partnership, on, Smart, Cities, and, Communities, (EIP$SCC), [24], is, an,initiative,supported,by,the,European,Commission,bringing,together,cities,, industry,,SMEs,,banks,,research,and,other,smart,city,actors.,It,has,6,action,clusters,related,to,smart,cities.,The,following,figures, show, high$level, overview, of, the, urban, platform, illustrating, the, concept, of, infrastructure,integration,in,EIP$SCC,,and,reference,capability,map,EIP$SCC,open,urban,platform.,The,reference,architecture,for,the,common,urban,platform,will,be,carried,out,based,on,the,high$level,concept,and,the,capability,map,,with,tight,collaboration,with,ESPRESSO,project,,introduced,in,section,1.2.4.,,

It,is,noted,that,the,current,version,referred,in,this,document,is,a,draft,version.,The,current,work,on,urban,platform,is,conceptual,level,shown,in,the,Figure,7.,,

,

Figure,7:,Overall,EIP,SCC,Urban,Platform,Reference,Architecture$Concept,Diagram,[25],

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 32 of 179

The,EIP,SCC,Urban,Platform,Reference,Architecture,consists,of,seven,logical,layers,and,two,vertical,capabilities.,SynchroniCity,analyses,the,Urban,platform,reference,architecture,using,the,Table,7.,,


In,the,current,work,status,,it,provide,concept,diagram,of,overall,EIP$SCC,urban,platform,reference,architecture,with,following,layers:,

1., Field,Equipment,/,Device,Capabilities:,including,sensoring,&,measuring,,data,capturing,and,recording,,event,generation,and,recording,,remote,accessibility,,local,accessibility,,local,integration,,customer,messaging,,local,control,,local,device,security,support,and,local,time,maintenance.,

2., Communication,,Network,&,Transport,Capabilities:,including,network,node,asset,management,,telecommunications,network,node,configuration,,local,network,management,,telecommunications,network,management,,network,security,,data,communication,management,,device,provisioning,,device,connection,management,,device,and,event,data,(edge),processing,,device,data,and,event,storage,and,distribution,,configuration,synchronization,,message,and,command,synchronization,,data,communication,,protection,and,security,(e.g.,via,encryption),,and,positioning,synchronization.,,,

3., Device,Asset,Management,&,Operational,Service,Capabilities:,including,device,registration,and,configuration,,operational,status,monitoring,,error,and,alarms,diagnostics,,device,service,level,management,and,reporting,,device,data,unification,and,validation,and,message,&,command,handling.,

4., Data,Management,Capabilities:,including,data,ingestion,,data,virtualization,,non$time,series,data,integration,&,transformation,,time$series,data,integration,&,transformation,,data,fusion,,data,aggregation,,(complex),event,processing,,data,logistics,,data,privacy,protection,,data,security,management,,data,assurance,management,,data,assurance,management,,data,modelling,,data,discovery,,(open),data,publication,,metadata,management,,master,&,reference,data,management,,analytics,,reporting,&,dashboarding,,(geo),visualization,,semi$/unstructured,data,management,,integral,search,&,navigation,and,data,recording.,

5., Integration,&,Orchestration,Capabilities:,data,exchange,,messaging,,load,balancing,,(open),API,management,,rules,management,,event,management,,transaction,management,within,and,between,organizations,,process,orchestration,and,monitoring,,(API),service,management,,publish,,subscription,&,notification,management,,collaboration,,communication,&,(social),media,,service,personalization,and,ecosystem,marketplace.,

6., Generic,City,/,Community,Capabilities:,including,business,models,,procurement,&,funding,,standards,,open,data,,metrics,&,indicators,(performance,management),,knowledge,sharing,,integrated,planning,and,policy,&,regulation,management.,

7., City,/,Community,Specific,Capabilities:,for,EIP$SCC,three,major,target,groups,(sustainable,urban,mobility,,sustainable,districts,&,built,environment,,and,integrated,infrastructure,&,processes.,

8., Stakeholder,Engagement,&,Collaboration,Capabilities:,including,strategic,stakeholder,engagement,,user,experience,management,,citizen,focus,,public$private,collaboration,and,strategic,goals,management.,

9., Privacy,&,Security,Capabilities:,including,security,governance,,access,control,,privacy,&,security,risk,management,,auditing,and,cryptography.,

10.,Common,Service,Capabilities:,including,operations,centre,,service,management,,channel,management,,human,computer,interaction,,market,interaction,and,third$party,interaction.,,


H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 33 of 179

It,states,that,devices,need,to,adhere,to,a,minimum,set,of,standards,such,as,IPv4,or,IPv6,and,IPSec.,It,approaches,to,provide,overall,data,interoperability,and,XML,is,converted,to,JSON.,


It,states,authentication,,authorization,and,accounting,management,as,a,requirement,of,business,service.,However,,there,is,no,specification.,,


Data,privacy,protection,is,handling,in,the,Data,Management,Capabilities,,which,handle,protection,of,privacy,of,citizens,(and,other,stakeholders),by,preventing,unethical,,unlawful,,unregulatory,,unauthorized,or,unwanted,access,to,and,use,of,data,,both,by,government,,NGO,,commercial,or,other,organizations,and,individuals.,This,involves,policies,,processes,,people,and,technology,like,encryption,,anonymization,,pseudonymization,and,data,usage,monitoring.,It,refers,to,EU,Data,Protection,Act,and,other,relevant,EU,,member,state,or,local,legislation,for,full,coverage,of,requirements,for,this,capability.,


In,Integration,&,Orchestration,Capabilities,layer,,it,has,a,specific,function,on,ecosystem,marketplace.,It,also,states,that,“Enabling,services”,handle,API,management,,workflow,management,and,business,rules,management.,,


No,specification,has,been,provided.,,


Data,Management,Capabilities,includes,detailed,functionalities,for,data,collection,,publication,and,data,management,data,privacy,protection,and,data,security,management.,It,also,includes,open,data,publication.,However,,this,work,is,conceptual,design,and,no,specific,technologies,are,mentioned.,,


It,recommends,developing,common,urban,ontology,with,RDF,format,and,concept,of,linked,(open),datam,examples,of,ontologies,can,be,found,in,[26].,!


H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 34 of 179

The,“Integration,&,Orchestration,Capabilities”,includes,various,functionalities,what,northbound,layer,provides,such,as,open,API,management,,rules,management,,event,management,,API,service,management,,etc.,Application,platform,interfaces,includes,graphics,&,Image,,data,management,,data,interchange,,user,interface,,international,operations,,location,&,directory,,transaction,processing,,security,,software,engineering,,system,and,network,management.,,

Table,7,Description,template,for,EIP,SCC,Urban,Platform,Reference,Architecture,

,

,

,

1.2.4! ESPRESSO

,

Figure,8:,ESPRESSO,Smart,Cities,Reference,Architecture,[27],

The,ESPRESSO,project, [28], is,a,by,Horizon,2020, founded,project,with,16,project,partners, from,eight, different, European, countries., The, ESPRESSO, consortium, mainly, includes, partners, from,Smarts, Cities,, public, administration,, European, standardisation, organizations, (ESOs),, national,standardisation, bodies, (NSBs),, standard, development, organizations, (SDOs),, industries,, and,research, facilities.,The,main, target,of, the,ESPRESSO,project, is, to,ensure, the, interoperability,of,Smart,City,solutions.,This,will,help,cities,avoiding,entry,barriers,or,vendor,lock$in,through,promoting,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 35 of 179

common,meta$data,structures,and,interoperable,(open),interfaces,instead,of,proprietary,ones.,,,


●, Positioning,Services:,The,Positioning,Services,Layer,would,include,geodetic,,coordinate,reference,and,global,positioning,related,capabilities.,Location,related,positioning,services,could, be, fulfilled, via, a, range,of,methods,e.g., satellite, or, 4G,depending,on, the, level, of,positional,accuracy,required,

●, Sensing,services:,The,Sensing,Services,Layer,would,include,‘sensor’,related,capabilities,whether,these,are,Internet,of,Things,(IoT),related,devices,,formal,surveying,(land,,asset,management,, construction), methods, or, citizen, based, crowd, sourcing, from, consumer,devices., The, data, capture, services, can, capture, all, significant, features, in, the, built, and,natural,environment,that,are,required,to,support,onward,business,processes,and,effective,decision,making.,

●, Data,Services:,The,Data,Services,Layer,would,include,core,data,management,and,data,lifecycle, (e.g., ingest,, assure,, integrate, etc.), related, capabilities., The, data, services, can,provide,all,the,data,management,,processing,,exploitation,and,dissemination,capabilities,required,to,support, the,onward,application,centric,and,business,process,centric,uses,of,the,data,via,the,Application,Services,and,Business,Services,Layers.,

●, Application, Services:, The, Application, Services, Layer, would, include, all, the, software,applications,that,act,upon,the,data,components,provided,via,the,Data,Services,Layer,to,support,the,onward,Business,Services,Layer.,Application,related,services,should,provide,all,the,functional,capabilities,(e.g.,analytics,,reporting,,data,visualizations,etc.),required,to,support, onward, business, process, and, services, (e.g., waste, management,, asset,management,,urban,mobility,etc.).,

●, Business,Services:,The,Business,Services,Layer,would,include,smart,city,sectoral,specific,business,services,which,would,be,consumed,by,a,variety,of,consumers,and,stakeholders,(e.g.,city,leaders,,citizens,,operations,,and,commerce,etc.).,

●, Consumers:,The,Consumers,Layer,would,include,any,smart,city,stakeholder,who,wishes,to,interact,with,and,consume,smart,city,services.,These,consumers,could,either,be,humans,or,other,smart,city,systems,(e.g.,machine,2,machine,,system,2,system).,

,


Southbound,integration,can,be,done,with,many,existing,new,and,legacy,sources,such,asm,Sensor/Actuators,Networks,,External,IT,Systems,,External,Infrastructures,and,Social,Networks.,

How!is!the!authentication,!authorization!and!accounting!managed?,

Security,is,considered,as,part,of,the,pilot,,but,no,security,mechanism,has,been,defined,yet,for,the,ESPRESSO,pilots.,


Data,about,identifiable,individuals,needs,to,be,treated,with,carem,in,particular,,people,providing,data,need,to,be,confident,that,it,can,only,be,used,in,ways,which,they,have,approved.,Considered,this,way,,that,is,true,of,all,data,–,data,sourced,from,commercial,organizations,may,only,be,available,to,be,used,in,specific,circumstances.,This,traceability,needs,to,be,demonstrable,and,evident,in,a,system,,for,potential,data,providers,to,trust,it.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 36 of 179


There,is,not,any,specific,application,for,ESPRESSO,Project,,this,part,was,only,mentioned,as,a,black,box,in,the,diagrams,and,the,documents,


There,are,2,reference,implementations:,●, Rotterdam,,The,Netherlands,●, Tartu,,Estonia,


Data,collection,is,done,via:,●, City,administrations,(for,Rotterdam,and,Tartu),●, Sensor,suppliers,●, Inhabitants,(the,readings,are,provided,as,open,data,to,the,citizens,of,the,city),●, Buildings,(for,water,and,energy,consumption),●, OpenStreetMaps,for,3D,rendering,data,


The,reference,architecture,uses,predefined,data,models,but,details,are,not,given,in,the,deliverables,


The,reference,architecture,provides,an,open,data,market,for,interacting,with,the,standardized,data,coming,from,the,sources,inside,the,city,,the,detail,for,the,northbound,API,is,not,specified,in,the,deliverables.,

Table,8:,Description,template,fro,ESPRESSO,Smart,Cities,Reference,Architecture,

,

,

1.2.5! BIG-IOT

The,aim,of,the,BIG,IoT,project,[29],is,to,establish,interoperability,by,defining,a,unified,Web,API,for,IoT,platforms:,the,BIG,IoT,API.,This,Web,API,is,aligned,with,the,standards,currently,developed,by,the,W3C,Web,of,Things,group,

The,BIG,IoT,API,has,a,broad,range,of,functionalities,to,run,IoT,platforms,and,offer,their,resources.,Once, the,API, is, implemented,by,an, IoT,platform,or, service,, it, can,be, registered,at, the,BIG, IoT,Marketplace.,We, implement, this,marketplace, to,allow,companies,who,provide, IoT,platforms,and,services,to,monetize,their,resources.,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 37 of 179

,

Figure,9:,BIG$IoT,Architecture,[30],

,


Four,different,Integration,Modes,for,integrating,existing,IoT,platforms,into,the,BIG,IoT,Ecosystem,have,been,identified,Integration!Mode!1:,the,platform,provider,uses,the,Programming,Interface,P1,,offered,by,the,BIG,IoT,Provider,Lib,to,extend,an,existing,or,new,IoT,platform,to,join,the,BIG,IoT,Ecosystem,and,allow,offering,of,resources,via,the,BIG,IoT,Marketplace.,,Integration!Mode!2:,the,platform,provider,develops,and,operates,a,BIG,IoT,Gateway,Service,,which,handles,all,BIG,IoT,related,interactions,with,the,platform,and,translates,the,relevant,BIG,IoT,requests,into,calls,supported,by,the,existing,platform.,For,this,,the,BIG,IoT,Gateway,Service,uses,the,Integration,Interface,I1.,,Integration!Mode!3:,the,platform,provider,develops,and,operates,a,BIG,IoT,Management,Service,,which,handles,all,BIG,IoT,Marketplace,related,interactions.,It,also,translates,the,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 38 of 179

relevant,BIG,IoT,requests,into,calls,supported,by,the,existing,platform,,by,using,the,Integration,Interface,I2.,Access,to,the,resource,offerings,,however,,will,be,directly,provided,by,the,existing,platform,,based,on,the,already,available,interface.,,Integration!Mode!4:,the,platform,provider,develops,and,operates,a,BIG,IoT,Proxy,Service,,which,offers,the,Access,Interface,A1,to,the,offered,resources.,The,BIG,IoT,Proxy,Service,acts,as,an,"always$available",proxy,on,behalf,of,a,typically,constrained,BIG,IoT,Platform.,The,proxy,stores,and,offers,information,that,are,provided,by,the,constrained,platform,and,is,able,to,queue,access,requests,(e.g.,tasks),to,functions,offered,by,the,constrained,platform,until,the,platforms,wakes,up,or,reconnects.,The,registration,of,offerings,on,the,BIG,IoT,Marketplace,is,typically,directly,initiated,by,the,device$level,platform.,


The,BIG,IoT,Provider,Lib,hides,all,the,complexity,of,interacting,with,the,BIG,IoT,Marketplace,and,provides,the,Access,Interface,to,access,the,offered,resources.,Depending,on,the,chosen,IoT,platform,framework,and,programming,language,,an,adequate,version,of,Provider,Lib,has,to,be,chosen.,The,supported,access,paradigms,(e.g.,request/response,,streaming),and,protocols,(e.g.,HTTP,,WebSocket,,MQTT),depend,on,the,chosen,Provider,Lib,implementation.,


The,BIG,IoT,Identity,Management,(IdM),is,the,Marketplace,component,that,is,responsible,to,authenticate,and,authorize,Providers,(BIG,IoT,Platforms,and,Services),and,Consumers,(BIG,IoT,Applications,and,Services),in,the,BIG,IoT,Ecosystem,via,the,Marketplace,Interface,,,Upon,authentication,,the,IdM,will,provide,the,Consumer,or,Provider,Lib,(as,client),the,credentials,that,are,used,in,any,further,communications,with,the,Marketplace.,It,is,assumed,that,BIG,IoT,Developers,as,well,as,BIG,IoT,User,and,Application,,Service,or,Platform,Providers,will,first,register,on,the,BIG,IoT,Marketplace,via,the,Web,Portal,in,order,to,obtain,the,required,information,for,the,authentication,(e.g.,an,API,key,and/or,a,certificate).,


●, Systems,managing,personal,data,have,to,comply,with,European,and,Italian,law,(Legislative,decree,196/2003,and,related,integrations),

●, App,provided,through,public,stores,do,not,have,to,contain,information,related,to,login/password,to,access,the,service,,the,credentials,,if,any,,have,to,be,inserted,by,the,end,user,during,the,registration,

●, The,app,must,have,disclaimer,for,terms,and,conditions,●, If,personal,data,belonging,to,the,user,are,treated,(e.g.,MSISDN,or,user,location),a,

dedicated,notification,has,to,be,provided,in,line,privacy,law,●, The,user,,before,using,the,app,,has,to,accept,terms,and,conditions,●, Within,client/server,communication,,any,personal,data,exchange,has,to,be,performed,in,

a,protected,way,(e.g.,HTTPS),in,order,to,ensure,confidentiality,and,integrity,


The,BIG,IoT,Marketplace,allows,Providers,to,register,their,Offerings,(based,on,semantic,descriptions),and,Consumers,to,discover,relevant,Offerings,(based,on,semantic,queries),at,runtime.,It,also,provides,accounting,support,for,Consumers,and,Providers,to,track,the,amount,of,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 39 of 179

resources,accessed,,as,well,as,a,web,portal,for,developers,and,administrators,to,support,the,implementation,and,management,of,their,Applications,,Services,,and,Platforms,


Big,IoT,project,contains,3,reference,implementations:,Northern,Germany,,Barcelona,,Spain,and,Piedmont,Region,,Italy,


Marketplace,takes,care,of,the,open,data,management,section,which,allows,providers,of,IoT,resources,to,register,and,advertise,their,offerings,,and,consumers,to,discover,them.,

How!is!the!data/semantic!interoperability!managed!inside!the!platform?!Are!specific!data!models!defined?!

The,Big,IoT,project,has,specific,data,models,which,are,defined,and,explained,in,detail,in,deliverable,3.2.A,


The,northbound,layer,is,managed,Marketplace,APIs,which,are,designed,especially,for,provider,and,consumers.,,Provider,main,functionalities,are:,authentication,,registration,of,offerings,,activation,and,de$activation,of,offerings,,and,providing,access,callbacks!Consumer,main,functionalities,are:,authentication,on,a,BIG,IoT,marketplace,,querying,the,marketplace,to,find,relevant,offerings,,(un$)subscribing,to,offerings,to,be,notified,of,any,events,regarding,the,offerings,,Accessing,offerings,

Table,9:,Description,template,for,BIG$IoT,Architecture,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 40 of 179

,

,1.2.6! OrganiCity OrganiCity,[31],is,intended,to,represent,a,new,paradigm,in,City,Making.,It,aims,to,offer,a,multidisciplinary,research,facility,for,developers,of,urban,services,,urban,data,scientists,,Internet,of,Things,solution,developers,,urban,activists,,ethnographers,,sociologists,,economists,as,well,as,citizens,at,a,large,scale,,allowing,different,facets,of,value,creation,for,smarter,cities,and,communities,to,be,explored.,Cities,involved,(Aarhus,,London,and,Santander),,known,as,“OrganiCity,sites”,,offer,to,their,stakeholders,a,common,Experimentation%as%a%Service,platform,plus,access,to,different,sets,of,cities,data,,empowering,them,to,be,active,in,the,development,of,solutions,to,tackle,their,local,issues.,Figure,10,depicts,the,basic,structure,of,the,OrganiCity,facility,architecture,,separated,into,3,different,layers,,known,as,tiers,,which,are,properly,introduced,in,the,Table,10.,

,

Figure,10:,Simplified,OrganiCity,facility,architecture,[32],

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 41 of 179

,

,


Site!Tier,(federated,OC,sites,data,sources):,represents,the,different,sets,of,IoT,deployments/info,sources,provided,by,the,OC,sites.,This,layer,also,includes,the,“Experimenters,site”,,with,all,assets,created,and,updated,during,an,experiment,and,available,as,potential,info,sources,,and,the,“Providers,site”,,with,entities,which,provide,assets,and,data,to,the,OC,facility,not,necessarily,under,the,scope,of,an,experiment.,Platform!Tier,(supported,services,and,exposed,APIs):,exposes,a,set,of,functionalities,and,services,through,a,specific,set,of,APIs,including,the,EaaS,and,Federation,APIs.,The,functionalities,of,each,available,component/service,(briefly,mentioned),are:,

•, Asset!Directory:,The,federated,catalogue,of,all,OC,Site,assets.,Only,authorized,clients,are,able,to,announce/update,assets.,

•, Urban!Data!Observatory!(UDO):,a,collection,of,components,that,facilitate,a,set,of,functionalities,,along,with,a,front$end,UI,,such,as,exploring,all,the,available,resources,of,the,OC,platform,or,accessing,to,stored,data,sources.,

•, Experiment!Management!Service:,exposes,methods,where,OC,experimenters,can,define,,monitor,and,manage,their,experiment.,The,Experimenter’s,Portal,is,the,frontend,tool,that,facilitates,experimenters,to,interact,with,this,service.,,

•, Data!Annotation!Service:,manages,the,data,annotation,process.,It,handles,the,tag,set,definition,during,an,experiment,,the,gathering,of,taggings,by,OC,clients,and,the,automatic,tagging,using,Machine,Learning,methodologies.,

•, Platform!Management!Service:,collection,of,services,and,user$interfaces,managing,the,registration,of,OC,sites,and,users,,as,well,as,other,administration,functionalities,for,authentication,,authorization,and,accounting,(AAA).,

Experimentation!Tier,(experimentation,application,and,user,interfaces):,This,tier,is,intended,to,facilitate,the,co$creation,of,new,services,and,applications,on,top,of,the,OC,Facility,,utilizing,a,rich,set,of,tools,and,enablers,that,facilitate,those,activities,and,also,the,exploration,of,existing,federated,data,assets.,


The,communication,between,the,Site,Tier,and,the,OC,platform,(corresponding,to,the,so,called,“Southbound”),is,based,on,NGSI9/10,and,NGSIv2,interfaces,,since,the,OC,core,platform,is,based,on,FIWARE,Orion,Context,Broker,(OCB),[33].,Specifically,,the,OC,southbound,is,defined:,●, The!Aarhus!OC,site,exposes,the,local,datasets,through,NGSI9/10,[NGSI],and,integrates,

datasets,published,on,the,Open,Data,Aarhus,(ODAA),[34],,platform,,which,is,currently,based,on,a,single,CKAN,server,and,it,was,extended,to,include,a,local,OCB,instance,in,order,to,facilitate,the,integration.,,

●, The!London!OC,site,exposes,the,local,assets,through,NGSI9/10,and,receives,queries,regarding,historical,data,through,Datasource,API.,Moreover,,the,datasource,service,is,responsible,for,extracting,assets,from,various,backend,storages,and,APIs,and,registering,them,in,the,local,asset,directory.,In,all,these,cases,data,are,time$series,data.,

●, Santander!OC,site,integrates,assets,deployed,in,the,city,of,Santander,as,part,of,the,SmartSantander,[SMSP],initiative,and,also,datasets,published,in,Datos,Santander,[SDAT].,To,this,end,,information,of,the,different,data,assets,will,be,integrated,within,a,single,local,Orion,Context,Broker,instance.,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 42 of 179


OrganiCity,Accounts,provide,a,base,service,for,most,interactions,with,the,OC,facility:,the,ability,of,all,actors,interacting,with,and,within,the,platform,to,identify,and,authorise,themselves.,In,the,most,natural,case,,this,is,the,interface,for,all,OC,users,to,sign,into,(and,out,of),the,platform,and,manage,their,accounts.,The,included,functionalities,are,thus,the,following:,●, Persistent,storage,of,accounts,●, Handling,of,user,login,and,logout,,with,the,possible,redirection,of,authentication,to,OAuth,2.0,

providers,(e.g.,Facebook,,Twitter),●, Simple,registration,as,well,via,OAuth,2.0,(as,above),,or,with,user/password,pairs,●, Management,of,account,data,for,a,user’s,own,account,●, Inspection,of,privacy,,showing,where,personal,data,is,used,●, Backend$functionality,for,OrganiCity,components,to,query:,

○, User,authentication,verification,○, User,(personal),data,,e.g.,the,email,address,○, User,roles,to,verify,authorisation.,


As,part,of,OrganiCity,Accounts,,OC,provides,a,flexible,interface,for,users,to,manage,their,personal,and,OrganiCity$related,account,features.,This,includes,two,management,areas:,●, A,self$service,page,,where,users,can,update,their,personal,data,,as,well,as,authentication,

related,settings.,The,portal,also,provides,an,overview,of,active,sessions,and,a,list,of,applications,that,have,access,to,the,user’s,data,or,may,perform,actions,in,the,user’s,name.,

●, An,administrative,tool,that,allows,OC,administrators,to,inspect,and,update,all,settings,related,to,user,accounts,,as,well,as,maintenance,tasks,like,recovering,locked,accounts.,Moreover,,the,administrative,interface,includes,functions,to,view,and,update,the,permissions,related,to,all,components,that,make,use,of,the,OC,Accounts,features.,


OrganiCity,provides,an,IoT,Experimental,platform,,oriented,to,new,experiments,creation,,management,,exploitation,and,conclusions.,This,is,not,initially,intended,for,marketplace.,,


The,core,of,OC,platform,implementation,is,based,on,several,FIWARE,generic,enablers,,mainly,Publish/Subscribe,Orion,Context,Broker,[OCB].,The,OC,platform,runs,an,instance,of,Orion,which,,at,implementation,level,,is,called,"central,OCB",in,order,to,differentiate,it,from,other,site,platforms,which,could,be,using,another,instance,of,OCB.,The,current,implementation,of,the,three,OrganiCity,sites,that,are,federated,within,the,OC,platform,is,based,on,the,integration,of,reusable,components,and,existing,infrastructures,at,the,cities,of,Aarhus,,London,and,Santander,


Data,collection,from,existing,(and,incoming),sites,is,done,though,NGSI,interfaces,(OMA,NGSI9/10,based,interfaces),,and,centralized,(through,federation),in,the,“central,OCB”.,Both,,OrganiCity,site,and,Experimenter,site,,use,their,own,instance,of,OCB,in,order,to,implement,their,local,Asset,Directory.,This,way,,context,information,is,propagated,from,each,one,of,the,assets,to,the,central,instance,of,the,OCB.,Once,in,the,centralized,OCB,,data,is,exposed,to,third,parties,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 43 of 179

through,the,EaaS,API,set,(described,in,the,northbound,box).,


Entities,(assets),joining,the,OC,Facility,must,follow,certain,grammar,rules,in,order,to,speak,to,each,other,using,a,common,language.,Therefore,,the,project,employs,a,data,model,based,on,the,OMA,NGSI,9/10,standard,that,consists,of,three,parts,,namely:,Asset,Element,,Asset,Attributes,and,Attribute,Metadata.,This,data,model,has,also,been,adopted,by,the,Open,Agile,&,Smart,Cities,(OASC),[35],initiative.,In,order,to,use,a,uniform,terminology,when,a,new,asset,is,defined,,the,OC,Facility,uses,several,dictionaries.,The,Dictionaries,Data,Model,is,composed,by,four,classes,in,relationship:,●, A!DataType,represents,a,basic,type,for,a,value.,It,can,also,have,intrinsic,constraints.,●, A,Unit,is,an,information,which,gives,context,for,understanding,a,value.,It,references,a,

DataType.,●, An,AttributeType,represents,a,quantitative,value,in,the,OC,Platform.,●, An,Asset!Type,is,a,kind,of,device,which,can,be,registered,in,the,OC,Platform.,It,expresses,

a,set,of,attributes,which,are,needed,by,any,asset,implementing,this,type.,


OrganiCity,Northbound,is,composed,by,several,sets,of,specific,APIs,that,expose,all,OC,functionalities,and,conforms,the,targeted,EaaS!API.,Its,current,version,is,available,under,the,URL,[api.organicity.eu].,All,EaaS,APIs,are,over,HTTP(S),,following,the,REST,paradigm.,According,to,this,,the,EaaS,API,provided,by,OC,is,composed,by:,Authentication,and,Authorisation,API,,Permissions,API,,Experimentation,Management,API,,Community,Management,API,,Facility,Management,API,,Data,Annotation,API,,Asset,Discovery,API,,Federation,API,,Data,Source,API,and,Accounting,,API.,,

Table,10:,Description,template,for,OrganiCity,Architecture,

1.2.7! Triangulum The,EU,H2020,lighthouse,project,Triangulum,[36],is,looking,for,solutions,for,the,city,of,tomorrow,and,will, develop, smart, urban, districts, with, an, explicit, focus, is, on, Exploitation, and, Replication.,,Within,Triangulum,this,will,be,catalysed,through,the,development,of,the,Smart,City,Framework,that,is, based, on, the, ongoing, evaluation, of, smart, city, implementations, in, the, Lighthouse, Cities,Manchester,,Eindhoven,and,Stavanger,and,heavily,draws,on,the,Strategic,Implementation,Plan,of,the, European, Innovation, Partnership, on, Smart, Cities, and, Communities.,The,concept,is,completed,by,our,strong,focus,on,Follower,Cities,that,are,enabled,through,this,project,to,start,the,implementation,of,their,own,smart,city,solutions,after,year,3,of,the,project.,By,transferring,success,factors,and,local,frame,conditions,to,Follower,Cities,we,close,the,feedback,loop,between,successful,project,implementation,and,replication.,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 44 of 179

,

Figure,11:,TRIANGULUM,Reference,Architecture,[37],

,!


●, Data%sources%layer.,,Encompasses,the,various,sources,of,any,data,of,relevance,within,a,city.,Typical,sources,of,relevant,data,are,given,by,Sensor,Networks,,Social,Media,,Smart,Metering,data,relating,to,energetic,consumption,,as,well,as,Governmental,Data.,Furthermore,,different,commercial,providers,can,act,as,sources,of,information,,which,may,be,localized,or,mapped,to,this,layer.,This,may,also,include,crowdsourcing,data,,which,is,gathered,through,the,usage,of,certain,mobile,applications,and,intended,for,commercial,purpose.,Furthermore,,data,from,sensor,networks,as,well,as,smart,metering,data,is,also,likely,to,be,a,subject,for,charging,and,billing.,

●, Communication%layer.,,This,includes,all,the,facilities,and,infrastructure,which,are,required,to,obtain/gather,the,data,from,the,data,sources,,convey,this,to,repositories,and,make,them,available,for,further,processing.,This,means,that,all,the,communication,technology,which,connects,the,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 45 of 179

sources,to,the,data,storage,facilities,,including,the,data,storage,itself,,belongs,to,this,layer.,,

●, Data%Processing%and%Analysis%layer.,,As,data,is,moving,over,the,infrastructure,briefly,described,above,,it,arrives,at,data,centres.,These,,can,be,for,instance,traditional,,legacy,,physical,data,servers,that,run,some,large,databases,and,are,organized,in,geographically,distributed,data,centres.,The,data,can,also,be,hosted,on,virtual,machines,and/or,repositories.,Data,collected,in,a,central,data,hub,or,in,any,other,entity,has,to,be,processed,in,order,to,extract,the,desired,information.,All,the,data,from,a,variety,of,sources,such,as,distributed,public,or,proprietary,sensor,networks,,governmental,agencies,,companies,and,even,private,citizens,ideally,converges,to,a,single,point,of,access,and,processing.,After,the,initial,optional,enrichment,of,the,data,with,information,about,context,,different,analyses,are,to,be,performed,providing,critical,insights,into,the,progress,of,goal,realization,and,influence,the,decisions,taken,by,the,individual,stakeholders,,but,also,offer,the,possibility,for,the,creation,of,dynamic,self$regulating,systems,such,as,smart,grids.,This,involves,the,integration,of,big,amounts,of,data,in,near,real$time,and,thus,poses,the,need,for,scalable,and,fast,stream,processing,engines.,In,addition,,batch,processing,engines,are,required,for,the,creation,of,appropriate,models,and,information,extraction,for,informed,decision,making.,Prior,to,release,on,publically,accessible,data,portals,,data,that,could,violate,individual,rights,to,privacy,but,also,critical,information,regarding,security,should,be,automatically,filtered,out,or,processed,in,a,way,that,the,associated,risks,are,mitigated.,After,that,,third,party,stakeholders,can,take,over,processing,of,the,collected,data,and,create,working,business,models,out,of,it,,because,governmental,funding,is,limited,and,does,not,always,lead,to,the,optimal,outcome.,Data,disclosure,and,transparent,analysis,also,helps,to,solidify,citizen,trust,and,spark,engagement.,To,assist,the,external,creation,of,services,,appropriate,interfaces,alongside,example,applications,should,and,can,be,offered,and,data,lineage,should,be,kept,transparent.,

●, Application%and%Services%layer.,,On,this,layer,,the,information,extracted,and,gained,within,the,previous,layer,is,incorporated,into,different,Smart,City,applications,and,services.,These,applications,can,either,work,autonomously,on,the,basis,of,predictions,drawn,from,models,as,for,the,regulation,of,traffic,and,public,lightening,,give,valuable,feedback,to,decision,makers,as,to,the,success,of,their,policies,or,provide,incentives,for,citizen,to,change,their,behaviour,in,a,manner,which,both,benefits,them,and,society.,As,this,layer,is,often,closely,interrelated,with,the,previous,one,(Data%Processing%and%Analysis%Layer),,it,is,not,always,possible,to,make,a,clear,cut,separation.,Services,require,data,analysis,and,processing,in,order,to,work,,and,data,analysis,is,performed,with,the,aim,of,future,use,in,such,applications,and,services.,Services,and,applications,can,thus,also,trigger,data,processing,and,then,use,the,results,further,for,simple,display,or,to,achieve,state,changes.,

●, Market%layer.,,This,layer,is,concerned,with,applications,and,services,marketplaces,,which,are,online,stores,designed,to,help,people,and,organizations,to,discover,,purchase,,and,deploy,integrated,applications,and,services,in,different,city,domains.,By,taking,an,interoperable,approach,in,Smart,City,solutions,,applications,and,services,can,be,developed,independently,by,companies,,specifically,SMEs,,but,also,by,individuals,or,researchers.,Critical,to,the,concept,is,the,(open),data,marketplace,from,which,tools,,services,,and,applications,can,push,and/or,pull,urban,data,and,access,other,services,provided,by,the,open,service,engine.,They,can,then,design,and,develop,innovative,end$customer,and,business,applications,around,it.,City,consumers,will,play,key,contributing,roles,in,determining,what,applications,and,services,are,successful.,In$store,mechanisms,,like,user,ratings,and,recommendations,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 46 of 179

number,of,downloads,and,popularity,indexes,can,help,on,shaping,applications,and,services,quality.,In,addition,,security,and,trust,concerns,and,problems,resolution,can,be,addressed,through,city$defined,controlling,rules,and,policies.,Thus,,the,marketplace,envisioned,is,mixed,in,that,both,policy$driven,and,open,with,government,ruling,some,aspects,of,services,and,offers,,and,users,deciding,what,to,be,offered,and,used.,

●, User%Layer,These,are,the,end,users,that,download,apps,from,the,app,stores,and,use,them,on,their,devices.,Thereby,,the,devices,might,be,given,by,smartphones,,tablets,,traditional,PCs,or,notebooks.,The,users,might,be,either,using,the,apps,on,those,devices,or,might,be,utilizing,some,services,which,can,be,found,through,the,corresponding,marketplaces.,The,User,Layer,complements,the,view,on,the,ICT,Reference,Architecture,with,respect,to,how,the,data,,turned,into,sensible,information,,is,utilized,within,a,Smart,City.,

●, Business%Procedures,%Billing%and%Charging%The,usage,of,approaches,for,billing,and,charging,as,well,as,the,presence,of,business,activities,and,processes,around,the,ICT,Reference,Architecture,will,support,the,implementation,of,business,models,that,will,create,the,possibility,for,generating,revenue,for,companies.,In,general,,it,is,possible,to,monetize,the,use,of,(mobile),apps,,services,,and,data.,The,apps,is,paid,for,when,accessing,the,app,stores.,The,service,can,be,paid,for,based,on,different,models,,which,are,established,in,the,SaaS,(Software,as,a,Service),domain,,like,pay,per,service,call/invocation.,For,the,data,,billing,and,charging,models,from,the,traditional,telecommunications,domain,can,employed.,This,includes,flat,rate,type,of,payment,models,,pay,per,volume,,pre$paid,etc.,

●, Smart%City%Governance%Governance,is,the,interaction,of,processes,,information,,rules,,structures,,and,norms,that,guide,behaviour,toward,stated,objectives,that,impact,collections,of,people.,,A,Smart,City,needs,a,smart,governance,infrastructure,,bringing,together,multiple,stakeholders,,worked$out,processes,(social,and,decision$making),,rules,and,policies,,and,supporting,tools,in,driving,growth,and,adaptability,of,smart,services,within,the,city.,,


Southbound%integration,is,described,as,the,Data,Source,Layer,$,Data,service,access,point,(DSD$SAP).,Each,data,source,contains,valuable,raw,data,and,thus,services,dealing,with,the,transmission,of,data,are,necessary.,Furthermore,,there,are,two,types,of,communication,possible:,push%or,pull.!Push%describes,a,style,of,communication,where,the,request,is,initiated,by,the,server,whereas,pull%describes,the,scenario,where,the,request,is,initiated,by,the,client.,,The,information,about,the,usage,of,open,interfaces,between,the,systems,and,smart,city,solutions,across,the,Triangulum,cities,is,vague,at,this,stage.,Currently,,a,mapping,is,being,worked,out,between,the,variety,of,communication,standards,and,the,identified,SAPs.,Furthermore,,quality,measures,are,under,development,to,ensure,conformance,and,interoperability,of,Smart,City,solutions.,In,addition,,open%or%standardized%interfaces,have,already,been,identified,during,the,on$site,assessment.,


Security,has,to,be,considered,across,multiple,domains,and,includes,aspects,such,as,authentication,,authorization,,identity,management,and,privacy.,,A,few,authentication,and,authorization,systems,(Kerberos,,OpenID,,SAML,and,OAuth),are,described,,w.r.t,its,complexity,and,the,technologies,used.,Connecting,the,OpenID,Foundation,built,an,identity,layer,on,top,of,OAuth,could,provide,a,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 47 of 179

sophisticated,solution.,On,the,other,hand,,devices,that,generate,and,collect,data,should,authenticate,against,each,other,too.,Both,devices,should,negotiate,a,common,protocol,,which,can,be,used,later,on.,


Also,Triangulum,sees,privacy,as,another,key,aspect,of,security,,because,many,valuable,data,will,be,transferred,within,a,Smart,City.,Aspects,like,data,anonymization,and,adding,noise,to,the,data,should,be,addressed.,There,are,no,explicit,privacy,and,data,protection,mechanism,defined,(yet).,


There,are,no,explicit,business,ecosystem/marketplace,management,components,defined,(yet).,


As,a,reference,model,,the,Triangulum,ICT,Reference,Architecture,is,meant,to,be,an,abstract,blueprint,capturing,the,characteristics,of,ICT,technology,within,a,Smart,City.,


The,data,collection,is,described,as,the,Data,Repositories,$,Data,service,access,point,(RD$SAP).,Arriving,at,the,Data%Processing%and%Analysis%Layer,,the,Repositories%sub$layer,stores,the,data,gathered,from,the,data,sources,in,several,physical,or,virtual,repositories.,Again,,it,has,to,be,possible,to,transfer,the,stored,data,from,a,specific,repository,or,from,a,group,of,repositories,and,thus,,a,service,dealing,with,the,transmission,of,these,data,is,defined.,


The,data,processing,is,described,as,the,Data,Processing,$,Data,service,access,point,(DPD$SAP).,,Within,the,Data,Processing,sub$layer,,data,has,to,be,processed,in,order,to,extract,the,desired,information.,At,these,locations,,data,from,a,variety,of,repositories,converge,to,a,single,point,of,processing,that,may,contain,one,or,more,data,pools.,Again,,this,layer,needs,to,have,a,service,dealing,with,the,transmission,of,data,from,processing,units,or,groups,of,process,units,and,thus,,this,particular,service,is,listed,below.,Note,that,the,processed,data,could,be,enriched,data,and,thus,could,already,contain,semantic,information.,


The,northbound,is,described,as,the,Data,Analytics,$,Data,service,access,point,(DAD,$SAP).,,The,provided,data,within,the,Data,Analytics,sub$layer,is,processed,and,analysed,and,hence,,the,data,contain,semantic,information.,These,particular,data,offer,insights,into,the,progress,of,goal,realization,(Business,Intelligence),and,also,offer,the,possibility,for,the,creation,of,dynamic,self$regulating,systems,such,as,smart,grids.,A,service,that,offers,the,capability,of,transferring,data,is,needed.,

Table,11:,Description,template,for,TRIANGULUM,Architecture,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 48 of 179

1.2.8! symbIoTe symbIoTe, (symbiosis, of, smart, objects, across, IoT, environments), [38], comes, to, remedy, the,fragmented, IoT, environment., This, fragmentation, is, due, to, the, fact, that, there, are,many, vertical,solutions, to, integrate, connected, objects, using, purpose$specific, implementations, and, connecting,them,to,the,cloud,,where,proprietary,systems,process,the,generated,data,and,manage,the,actuation,in,those,smart,objects.,By,providing,an,abstraction,layer,for,a,“unified,view”,on,various,platforms,and,their,resources,,symbIoTe,makes,them,transparent,to,application,designers,and,developers.,

Even,though,it,was,not,designed,specifically,for,smart,cities,,they,are,one,of,the,scenarios,where,symbIoTe,can,be,important,in,order,to,ensure,a,transparent,way,to,access,resources.,,

Figure,12,describes,the,high,level,architecture,defined,by,the,project.,

,

Figure,12:,symbIoTe,Architecture,[39],


symbIoTe,defines,different,4,layers,,addressed,as,“domains”:,$, Application,Domain,(APP):,enables,platforms,to,register,IoT,devices,which,they,want,to,

advertise,and,make,accessible,via,symbIoTe,to,third,parties,,while,symbIoTe,provides,the,means,for,discovery,of,IoT,devices,across,platforms,by,its,Core,Services.,We,also,envision,domain$specific,back$end,services,(enablers),to,be,placed,in,APP:,They,utilize,the,infrastructure,provided,by,the,underlying,platforms,to,offer,value$added,services,,e.g.,data,analytics,on,top,of,sensor,data,acquired,from,different,platforms,,which,can,ease,the,process,of,cross$platform,and,domain$specific,application,development,(specifically,for,mobile,and,web,applications).,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 49 of 179

$, Cloud,Domain,(CLD):,provides,a,uniform,and,authenticated,access,to,virtualized,IoT,devices,exposed,by,platforms,to,third,parties,through,an,open,API,(Interworking,Interface).,In,addition,,it,builds,services,for,IoT,Platform,Federations,enabling,close,platform,collaboration,,in,accordance,with,platform$specific,business,rules.,1,Interworking,Interface,is,a,symbIoTe,defined,interface,which,opens,up,platform,resources,as,IoT,Services,in,the,Cloud,Domain.,

$, Smart,Space,Domain,(SSP):,provides,services,for,discovery,and,registration,of,new,IoT,devices,in,dynamic,local,smart,spaces,,dynamic,configuration,of,devices,in,accordance,with,predefined,policies,in,those,environments,,and,well$,documented,interfaces,for,devices,available,in,smart,spaces.,,

$, Smart,Device,Domain,(SDEV):,relates,to,smart,devices,and,their,roaming,capabilities.,We,assume,that,devices,have,the,capabilities,to,blend,with,a,surrounding,smart,space,while,they,are,on,the,move.,In,other,words,,smart,devices,can,interact,with,devices,in,a,visited,smart,space,,which,are,managed,by,a,visited,platform,,in,accordance,with,predefined,access,policies.,

How!does!the!reference!architecture!handle!southbound!integration?!How!is!the!integration!with!legacy!systems!managed?!What!kind!of!protocols!are!supported?!

The,supported,communication,protocols,include,ZigBee,,6LoWPAN,,CoAP,,HTTP,and,MQTT.,In,terms,of,southbound,integrations,,symbIoTe,specifies,two,levels,of,integration:,platforms,(L1/L2),and,devices,(L3/L4).,Platforms,$,implementation,of,specific,components,in,order,to,integrate,with,symbIoTe.,Devices,$,in,development,,in,the,future,common,interfaces,such,as,Philips’,home,lighting,and,others,will,be,automatically,supported,and,discoverable.,


symbIoTe,implements,an,ABAC,(Attribute$based,Access,Control),permissions,system,,which,uses,JWT,(JSON,Web,Tokens),[40],to,communicate,the,attributes,on,which,permissions,are,based,on,throughout,the,integrated,platforms.,This,means,that,only,authenticated,users,can,access,the,platform,and,its,resources,,and,these,users,will,only,be,able,to,access,resources,that,belong,to,them,,or,resources,that,they,have,been,previously,allowed,to,use.,This,access,control,is,determined,by,the,roles,attributed,to,each,user,,which,are,“imprinted”,in,their,JWT,tokens.,Since,these,tokens,are,signed,,the,end,applications,can,see,their,contents,but,they,can’t,change,them,,ensuring,that,the,permissions,cannot,be,tampered,with.,By,using,these,tokens,,each,request,made,to,the,platform,can,be,linked,to,a,user,,which,guarantees,the,accounting,in,the,system.,


Privacy,and,data,protection,are,enforced,by,the,mechanisms,described,above,,by,ensuring,that,users,can,only,access,resources,that,either,belongs,to,them,or,they,have,been,given,access,to.,


symbIoTe,will,implement,a,“Bartering,and,Trading”,(B&T),system.,,The,Bartering,component,of,the,ecosystem,consists,in,a,series,of,mechanisms,that,will,allow,for,the,participating,stakeholders,,from,end$users,to,platforms,,to,trade,access,to,the,resources,they,have,for,access,to,other,resources,,like,data,,services,or,devices.,The,bartering,system,will,implement,a,voucher,mechanism,to,provide,access,to,resources,,where,a,token,will,have,properties,such,as:,,

●, access,token,●, Service,Level,Agreement,(SLA),

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 50 of 179

●, details,on,requested,service,(wanted),●, details,on,expected,value,(price),●, time,constraints,(e.g.,timeout,conditions),,

Furthermore,,the,Trading,component,predicts,cases,where,no,direct,trades,like,in,the,bartering,scenario,are,involved,,i.e.,,access,to,resources,can,be,offered,or,requested,without,an,immediate,counter$offer.,The,predicted,scenarios,are:,

●, Direct,Buy:,a,platform,sells,access,to,own,resources,to,an,application/enabler,or,another,platform,for,a,fixed,pricem, , , , , , ,, ,

●, Forward,Trading:,a,platform,is,offering,access,to,own,resources,and,asks,for,corresponding,requests,(bids),from,other,platforms.,

●, Backward,(reverse),Trading:,a,platform,is,looking,for,access,to,resources,offered,by,foreign,platform(s).,,,


There,are,some,reference,implementations,in,different,cities,in,Europe,,for,different,scenarios.,In,Zagreb,and,Wien,there,is,a,pilot,using,air,quality,wearables.,In,Pisa,,a,pilot,exists,for,the,smart,residence,scenario,,with,data,collection,and,actuators,on,smart,home,devices.,,


IoT,Platforms,register,their,resources,in,symbIoTe,,which,then,become,public,and,searchable.,Access,to,the,resources’,information,can,be,negotiated,through,the,bartering,and,trading,mechanisms,previously,explained.,symbIoTe,doesn’t,specify,any,components,for,open,data,management.,


symbIoTe,aims,to,allow,platforms,to,join,the,ecosystem,without,having,to,adapt,to,a,defined,standard.,To,achieve,this,goal,,it,has,created,a,series,of,ontologies,to,support,this,process.,There,is,a,Core,Information,Model,(CIM),which,represents,the,basics,that,are,needed,to,represent,IoT,Platforms,and,their,services,(sensors,,actuators,,services,,platforms,etc.).,To,support,this,model,,there,is,also,the,Meta,Information,Model,(MIM),,used,to,represent,information,such,as,users,and,access,policies.,This,two,models,form,the,basis,of,the,information,model,,which,should,be,common,to,and,usable,by,any,IoT,Platform.,,For,a,platform,to,become,symbIoTe$compliant,,it,must,expose,its,data,using,a,Platform$Specific,Information,Model,(PIM),which,is,basically,the,CIM,with,platform$specific,extensions,to,it.,It,is,through,semantic,mapping,that,interoperability,happens,,where,one,platform,can,translate,its,model,to,another,platform's,model,and,thus,be,able,to,understand,each,other.,Best,Practice,Information,Models,have,been,developed,,which,are,pre$built,PIM,models,specific,to,certain,domains,(e.g.,Smart,Cities,,Smart,Residence),to,make,it,easy,for,platforms,to,join,symbIoTe,without,needing,to,build,their,own,PIMs.,,


The,architecture,defines,an,OData,(Open,Data,Protocol),API,to,expose,the,data,in,the,northbound,layer.,OData,(Open,Data,Protocol),is,an,ISO/IEC,approved,standard,that,defines,a,set,of,best,practices,for,building,and,consuming,RESTful,APIs,[41],

Table,12:,Description,template,for,symbIoTe,Architecture,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 51 of 179

1.3! Analysis outcomes Commonalities,and,differences,among,relevant,studies,are,found,through,the,uniformed,analysis,applied,to,the,all,selected,relevant,studies.,The,followings,are,brief,summary,of,the,analysis.,The,outcomes,are,used,to,build,SynchroniCity,architecture,described,in,the,Section,3.,,,Table,13,,Table,14,and,Table,15,show,a,brief,summary,of,reference,models,for,smart,city,or,large$scale,IoT,that,included,in,the,analysis.,,

,

Table,13:,Summary,of,Smart,City,Reference,Architectures,from,SDOs,&,Fora,

,

Table,14:,Summary,of,Smart,City,Reference,Architecture,from,EU,Partnership,Programs,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 52 of 179

,

Table,15:,Summary,of,Smart,City,Reference,Architectures,from,EU,Projects,

,,Choices,of,solutions,are,different,but,large,commonalities,are,found,in,basic,concepts,of,functionalities,provided.,Particularly,,main,logical,layers,are,relatively,similar,in,many,studies.,Mostly,there,are,one,or,two,supporting,layers,in,between,of,application,layer,and,device,(or,sensing),layer,,while,BIG$IoT,and,OrganiCity,have,different,approaches,in,architecture,to,provide,targeting,functionalities.,FIWARE,,EIP$SCC,and,Triangulum,have,detailed,layers,in,business,support.,While,some,studies,are,on,conceptual,level,(e.g.,,Y.2060,,ISO/IEC,JTC,1,,AIOTI,,EIP$SCC),,FIWARE,,oneM2M,,BIG$IoT,,symbloTe,provide,more,specific,technologies,on,implementing,their,framework.,,Handling,of,southbound,and,northbound,interfaces,may,vary,among,projects,while,the,basic,capabilities,remain,similar.,,,The,followings,are,derived,as,the,analysis,outcomes:,!Main!logical!layer!With,the,exception,for,OrganiCity,and,Big,IoT,,most,of,the,other,works,have,a,layered,architecture.,There,are,subtle,differences,on,details,but,in,summary,,the,high$level,architectures,from,the,studies,we,analysed,can,be,generalized,as,Figure,13:,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 53 of 179

,

Figure,13:,High,Level,Architecture,

,•, IoT,Device,/,Data,source,layer,&,Network,/,communication,layer:,Some,studies,do,not,

separate,Device,and,network,layers,and,some,do.,This,layer,handles,heterogeneous,device,management,and,protocol,conversion.,In,addition,,they,are,data,sources,of,smart,city,applications,and,services,,and,provide,interfaces,to,an,upper,layer,where,data,is,processed.,Details,of,the,choices,of,these,southbound,interfaces,are,separately,discussed,below.,

•, Data,layer:,It,is,common,from,all,architectures,to,have,data,storages,,data,analytics,,data,processing,,and,data,management.,Some,studies,have,service,support,functionalities,in,the,same,layer,and,some,have,in,separate,layer.,Some,put,more,emphasis,on,different,types,of,data,storages,and,analysis,,and,some,put,more,emphasis,on,data,models,and,semantic,interoperability.,

•, Integration/,business,/,marketplace:,The,name,of,this,layer,differs,from,projects,but,the,functionalities,are,similar.,Some,includes,data,management,in,this,layer,,but,when,it’s,separated,,it,focuses,more,on,business,aspect,such,as,KPI,management,,data,marketplace,,service,management,,publish,,etc.,Some,divide,this,layer,into,two,or,three,to,have,more,detail,business,and,customer,support.,

•, Application,and,services:,It,includes,communications,and,application,service,logics,for,smart,city,applications,and,services.,

•, Security/Privacy,layer:,Most,of,studies,have,Security,and,Privacy,capabilities,applying,to,all,layers.,Some,studies,emphasize,end,to,end,security,and,hop,by,hop,encryption,,and,some,emphasize,user,communication,security.,The,details,are,vary,but,it,includes,authentication,,authorization,,network,security,,key,management,,privacy,policy,,data,protection,,etc.,

,Southbound!interfaces!Smart,City,applications,and,services,are,built,on,top,of,heterogeneous,IoT,devices,that,use,different,communication,protocols.,The,role,of,southbound,interfaces,is,to,support,such,heterogeneous,IoT,protocols.,They,provide,an,interface,to,upper,layers,for,easy,building,of,conversion,without,caring,about,such,complexity,in,lower,layer.,The,following,is,a,list,of,southbound,solutions,specified,in,the,analysed,studies:,(it,is,noted,that,some,studies,are,in,conceptual,level,and,no,specification,is,provided).,

•, Protocol,conversion,,gateway,capabilities.,•, CoAP,,HTTP,,MQTT,and,WebSocket,,interworked,with,LwM2M,,AllJoyn,,OCF,,•, A,library,of,connectors,specialized,in,one,IoT,protocol,or,connectivity,mechanisms,,

Integration,with,legacy,systems,is,managed,through,context,providers,,support,of,HTTP,,MQTT,,LWM2M,or,Sigfox.,

•, protocol,conversion,into,IPv4/IPv6,•, Provider,Lib,provides,interaction,with,different,protocols,such,as,HTTP,,websocket,,MQTT.,

,

Applications!and!services,

Integration!/!Business!/!market!place,Data,

Network!/!Communication,

IoT!Device!/!Data!sources,

Security!/!privacy,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 54 of 179

•, based,on,NGSI9/10,and,NGSIv2,interfaces,•, approaches,in,data,interoperability,•, support,of,ZigBee,,6LoWPAN,,CoAP,,HTTP,and,MQTT.,

,In,summary,,,

•, CoAP,,MQTT,,HTTP,,WebSockets,are,the,main,protocols,to,be,supported,,and,LWM2M,,Sigfox,,AllJoyn,,OCF,,6LoWPAN,,Zigbee,are,also,supported,in,a,few,projects.,

•, As,an,interface,,NGSI,API,,protocol,conversion,via,gateway,,or,via,protocol,conversion,library.,

•, There,are,two,projects,to,handle,southbound,not,in,a,communication,protocol,conversion,but,handle,it,in,data,interoperability,approach.,,

,Northbound!interfaces!Northbound,interfaces,provide,common,functionalities,to,build,Smart,city,applications,and,services.,It,includes,diverse,set,of,interfaces,such,as,authentication,,authorization,,and,accounting,,application,data,integration,,policy,management,,performance,evaluation,,event,notification,,user,interface,,etc.,,The,followings,are,a,list,of,northbound,solutions,specified:,(it,is,noted,that,some,studies,are,in,conceptual,level,and,no,specification,is,provided).,

•, REST,APIs,over,oneM2M,Mca,reference,points.,•, FIWARE,NGSI,API.,•, Project$own$built,APIs,named,EaaS,API,,OData,API,,Marketplace,API,,etc.,•, Approaches,on,data,interoperability,(e.g.,,ontology).,

,Data!management!Data,management,is,one,of,the,key,functionalities,that,all,studies,include.,It,includes,data,storage,,modelling,,discovery,,analytics,,processing,,publication,,etc.,Linked,to,the,security,and,privacy,,data,security,and,protection,are,also,handled.,The,followings,are,a,list,of,data,management,solutions,specified:,(it,is,noted,that,some,studies,are,in,conceptual,level,and,no,specification,is,provided.),

•, ISO,11179,data,model,and,ISO,15000,ebXML,for,Open,data,management.,,•, FIWARE,data,model,formatted,in,JSON.,•, BIG$IoT,data,model.,•, OMA,NGSI,9/10.,•, Use,of,existing,standards,(e.g.,,LDAP).,

,,Semantic!interoperability!!Semantic,interoperability,is,often,stated,within,the,scope,of,data,management,functionalities.,For,multi$domain,,multi$platform,based,smart,city,applications,and,services,,it,is,an,important,functionality.,The,following,is,a,list,of,data,management,solutions,specified:,(it,is,noted,that,some,studies,are,in,conceptual,level,and,no,specification,is,provided,,and,some,studies,do,not,mention,on,semantic,interoperability.)!

•, BSI,PAS,182:2014,(Smart,city,concept,model,–,Guide,to,establishing,a,model,for,data,interoperability).,

•, oneM2M,basic,ontology,for,IoT/M2M,data.,The,data,models,for,home,domain,appliances,are,standardized,(TS$0023).,The,other,domain,for,data,model,specification,is,under,discussion.,

•, semantic,metadata,with,common,identifiers.,,Privacy!and!data!protection!

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 55 of 179

The,importance,of,privacy,and,data,protection,are,increasing.,Most,of,the,studies,state,the,requirements,and,functionalities,of,privacy,and,data,protection,,but,not,many,studies,specified,specific,technologies,and,solutions.,,

•, The,General,Data,Protection,Regulation,(GDPR),and,the,Network,and,Information,Security,Directive,(NIS),as,a,baseline.,

•, ISO/IEC,27002,Code,of,practice,for,information,security,management,•, ISO/IEC,29100:2011,Privacy,framework,•, ISO/IEC,29101:2013,Privacy,architecture,framework,•, ISO/IEC,1st,CD,29134,Privacy,impact,assessment,—Guidelines,•, ISO/IEC,FDIS,29190,Privacy,capability,assessment,model,•, SC27,NWIP,on,“Privacy,enhancing,data,de$identification,techniques”,,under,CD,ballot,

(N15297).,•, ISO/IEC,27032,Guidelines,for,cybersecurity.,•, Data,protection,via,secure,storage,system,

,Authentication,!authorization!and!accounting!All,studies,emphasize,the,importance,of,data,protection,and,secure,communication.,Authentication,and,authorization,are,used,to,support,them.,The,decision,of,detail,technical,solutions,including,key,exchange,mechanisms,differ,based,on,the,policies,setting,to,the,targeting,applications,and,services.,,!Business!ecosystem!ISO/IEC,JTC1,,FIWARE,,EIP$SCC,,ESPRESSO,,BIG$IoT,,Triangulum,put,emphasis,on,business,ecosystem,support,while,others,handle,in,service,integration.,There,is,no,common,solution,on,this,matter.,,,The,findings,on,commonalities,among,the,analysed,studies,are,reflected,into,the,design,of,SynchroniCity,architecture,that,is,described,in,Section,3.,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 56 of 179

2! Reference Zone technical baseline and SynchroniCity platform requirements

SynchroniCity,has,established,8,reference,zones,(RZ),corresponding,with,8,highly,innovative,cities,across,Europe,that,have,been,at, the, forefront,of, IoT, innovation:,Antwerp, in,Belgium,,Carouge, in,Switzerland,,Eindhoven,in,Netherlands,,Helsinki,in,Finland,,Manchester,in,UK,,Milan,in,Italy,,Porto,in,Portugal,and,Santander,in,Spain.,These,cities,are,all,on,a,trajectory,to,evolve,towards,a,smart$city,environment,built,upon,existing,IoT,ecosystems,and,IoT,infrastructures,making,use,of,common,,open,standards,and,being,compliant,with,OASC,principles.,This,way,,reference,zones,will,provide,access,to,a,rich,local,ecosystem,that,offers,(an,integrated),set,of,services,,instruments,,infrastructure,and,(city),datasets,through,open,collaboration,models.,SynchroniCity,will,assist,cities,in,this,process,,providing,guidelines,to,evolve,IoT,deployments,including,a,suitable,Architecture,Reference,Model,(ARM),compliant,with,project’s,targets.,

In,order,to,obtain,a,valid,and,useful,SynchroniCity,Architectural,Reference,Model,,this,has,to,support,the,reference,zone,existing,functionalities,,providing,common,and,compatible,solutions,to,missing,components,according, their,evolution,plans,and,preserving,OASC,basis., It,has,also, to,satisfy,all,reference,zones’, technical,and, functional, requirements,,either,existing,or,planned,ones,, from,the,point,of,view,of,an,open,and,standard,IoT,architecture.,

Therefore,,the,aim,of,this,activity,is,to,provide,an,update,of,each,reference,zone,focused,on,their,current,IoT,deployments,that,includes,short$term,plans,for,IoT,evolution,and,identifies,the,different,functionalities,, technologies, and, components, that, should, be, supported, by, SynchroniCity,architecture.,Besides,,it,will,complement,WP1,(D1.3),requirements,analysis,,providing,a,complete,set, of, functional, and, technical, requirements, that, will, be, reflected, on, SynchroniCity, IoT, ARM,definition.,,,,

2.1! Reference zone technical baseline analysis This, section, presents, a, focused, analysis, of, each, RZ’s, IoT, current, deployments, (technologies),,legacy,IoT,architectures,and,plans,to,evolve,towards,a,common,smart,services,market.,This,analysis,considers, the, interoperability, aspects, of, initially, heterogeneous, deployments, and, architectures,,identifying, the, available, interfaces, to, capture, data, from, the, IoT,edge,and,expose, information, to,consumers.,Aligned,with,the,initial,high,level,overview,of,SynchroniCity,proposed,in,Deliverable,D1.3,and, related, technical, specifications,, the, different, RZ, architectural, components, are, grouped,according,to:,

●, Southbound! interfaces,, that,covers, the,different,APIs,and,access,ways,provided,by, the,RZs, to, operate, with, IoT, devices, and, captured, information., This, includes, the, so, called,Southbound, tier,, that, provides, a, bidirectional, joint, (Backend,APIs), of, heterogeneous, IoT,deployments, and, infrastructures, with, the, platform’s, backbone,, supporting, both,, IoT, data,collection,and,commands,addressing.,

●, Data!Management,, including,data,storage,solutions,and,context,management.,Usually,as,part,of,the,core,IoT,architecture,,the,data,storage,refers,to,historic,,data,analysis,and,open,data,portals,,which,offers,end,users,access,to,big,data,features,whilst,context,management,refers, to, context, entities, and, context, information, features,, implementing, discovering,,publish/subscribe,and, registering,mechanisms.,Data,models,,data, formats,and,semantics,are,also,covered,here.,,,

●, Northbound! interfaces,, that, implements, the, Northbound, tier, and, offers, access, to, the,information, and, management, features, exposed, by, the, IoT, deployed, solutions,, usually,through,the,Data,Access,APIs,and/or,the,Context,Management,APIs.,

●, Security! and! Privacy, tier,, covering, security, and, privacy, features, and, exposing, the,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 57 of 179

Authentication,,Authorisation,and,Accounting,solutions,included,in,the,RZ,architecture,that,later, will, support, marketplace, accesses., These, interfaces, (Security, APIs), can, be, also,included,within,the,set,of,APIs,offered,by,the,corresponding,northbound.,,,

This,analysis,approach,is,shown,in,Figure,14.,

,

,

Figure,14:,Main,architectural,layers,for,different,IoT,architectures,

,

,

2.1.1! Antwerp City,of,Antwerp,is,evolving,towards,an,integrated,smart$city,,in,close,interaction,with,both,citizens,and, companies,, focused, on, provide, an, easy, digital, access, to, services,, city, information, and,interconnection,between,data,producers,and,info,consumers.,At,present,Antwerp,channels,its,IoT,evolution,through,two,main,initiatives:,

●, Antwerp!City!Platform!as!a!Service!Platform,(ACPaaS),[42],that,connects,and,discloses,relevant,operational,city$owned,and,city$linked,systems,(including,IoT,sensor,data, in,real$time), and, facilitates, developers, to, build, applications, on, top, of, it, by, providing, reusable,services,,an,open,SDK,and,standard,APIs.,

●, City!of!Things, (CoT), [43], testbed,, focused,on,experimentation,,enables,Antwerp,and, its,local,ecosystem,to,explore,,pilot,and,validate,new,innovations,(e.g.,the,domains,of,mobility,and,logistics,and,environmental,wellbeing).,It,provides,data,to,policy,makers,(environment,,mobility),, city, local, ecosystem, (IoT, technology, validation,, big, data, insights,, living, lab,evaluation),and,experiments,(by,means,of,an,IoT$Big,data,testbed),and,links,up,with,the,city,own,ICT,infrastructure,and,datacentre.,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 58 of 179

,

Figure,15:,Antwerp,RZ’s,IoT,architecture,

At,the,IoT,edge,,the,Antwerp,infrastructure,consists,of,gateways,and,sensors,deployed,across,the,city,,that,feed,the,current,Antwerp,smart,city’s,applications,and,can,also,be,used,for,experimentation.,There,are,three,different,types,of,infrastructure:,

1), a,series,of,multi$technology,gateways,,mainly,used,for,network,experimentation,,2), a,dedicated,private,LoRa$based,Low,Power,WAN,network,to,ensure,a,continuous,stream,of,

data,from,the,City,of,Things,sensors,and,,3), a,complete,set,of,sensors,that,are,connected.,

The, biggest, infrastructural, capacity, of, the, RZ, relies, on, a, set, of, hundred, gateways,, which, are,specifically,developed,for,City,of,Things,(testbed),architecture,and,are,scattered,throughout,the,city.,Each, gateway, is, connected, to, the, city’s, fibre$optic, network,, which, acts, as, a, control, network, to,provide,experimentation,management.,These,gateways,have,a,wide,range,of,wireless,technologies,available,as,dedicated,Systems,on,Chip:,IEEE,802.1ac,on,2.4,and,5,GHz,,DASH7,on,433,and,868,Mhz,,Bluetooth,(Low,Energy),,IEEE,802.15.4,,IEEE,802.15.4g,and,LoRa.,This,enables,connecting,both, high, bitrate, sensors, at, close, range, and, long, range, low, power, sensors., Other, wireless,technologies,(e.g.,,cellular),will,be,integrated,in,the,future.,Additionally,,each,gateway,is,equipped,with,a,small$form$factor,computer,,which,acts,as,a,controller,of,the,different,radios,and,has,ample,storage,and,processing,power,available,for,deploying,large,smart,city,applications,directly,on,top,of,the,gateways.,

City,of,Antwerp,also,features,a,separate,LoRaWAN$based,network,,mainly,intended,for,ensuring,a,continuous,real$time,stream,of,sensor,data,and,a,citywide,coverage.,This,robust,LoRa,network,will,support,data,capturing,for,ACPaaS,and,City,of,Things,core,platforms.,Besides,that,,sensors,can,use,the, existing, commercial, networks, available, in, the, city,, such, as, commercial, LoRa$networks,, a,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 59 of 179

commercial,SigFox$network,,several,mobile,data,networks,(e.g.,GPRS,,LTE,,LTE$M).,When,used,in,city,projects,,the,data,collected,by,these,sensors,will, typically,be,collected,through,RESTful,APIs,provided,by,the,network,providers.,,,

Antwerp,has,a,growing,number,of,sensors,installed,throughout,the,city,,for,both,experimentation,and,operational,purposes.,This,allows,external,parties,to,install,their,own,sensors,and,connect,them,to,the,IoT,infrastructure.,To,allow,both,experimentation,at,the,network,and,data,level,,the,majority,of,the, experimentation, sensors, have, two, radios, attached:, one, LoRaWAN, radio, and, one, additional,radio,,supported,by,the,City,of,Things,gateways.,,

At,the,time,of,writing,,the,following,types,of,sensors,are,installed:,●, Mobile, air, quality, sensors,measuring, gas, levels, and, temperature,, working, on, LoRa, and,

Sigfox.,●, Footfall,and,crowd,monitoring,sensors,installed,in,specific,areas,in,the,city.,These,monitor,

the,human,passage,based,on,the,scanning,of,WiFi,signals.,●, Parking,sensors,monitoring,loading,and,unloading,zones,at,a,few,locations,in,the,city.,These,

set,of,sensors,are,supported,by,a,Sigfox,network,infrastructure.,●, Smart,parking,signs,that,temporarily,prohibit,parking,in,a,particular,zone.,The,signs,contain,

an,accelerometer,and,GPS,sensor,to,monitor,movement,and,their,location.,●, Waste, management, sensors,, to, support, Smart, Waste, applications,, relying, on, GPRS,

connectivity,

2.1.1.1! Southbound and Data IoT Interfaces Antwerp,IoT,infrastructure,provides,2,main,interfaces,,intended,to,capture,information,from,its,IoT,deployed,gateways,,as,well,as,from,other,information,sources.,These,interfaces,link,the,Antwerp,IoT,edge,with,its,core,architecture:,

●, On,each,of,the,multi$technology,gateways,that,are,spread,across,the,city,,the,DYAMAND,(DYnamic,,Adaptive,MAnagement,of,Networks,and,Devices), [44],platform, is, running, in,a,private, Virtual, Machine, in, order, to, easily, cope, with, the, different, types, of, sensors, and,communication,protocols,that,are,or,will,be,installed,on,the,gateways.,DYAMAND,abstracts,all,sensor,(meta$)data,and,allows,the,data,layer,to,uniformly,address,interact,and,manage,all,sensors,that,are,installed,on,the,gateways.,When,a,new,sensor,(wirelessly),connects,with,the,gateways,,DYAMAND,will,automatically,detect,the,sensor,,load,the,required,plug$ins,to,install,the,sensor,and,make,it,uniformly,available,to,the,core,data,platform.,It,also,allows,over,the,air,updating,of,sensors.,

●, The,gateways,are,mainly,intended,for,experimentation,purposes.,Operational,data,traffic,on,the, southbound, interface,will, be,managed,by, the, "Data, Ingestion,&,Device,Management,engine",which,is,a,part,of,ACPaaS.,This,engine,can,capture,any,type,of,real$time,(or,other),data., It,will,manage, the,sources,and,devices,delivering, the,data.,Where,necessary, it,will,convert,the,incoming,data,to,an,understandable,format,(e.g.,JSON),and,it,will,guide,the,data,to, the, correct, location, for, further, processing., The, engine, also, allows, for, two$way,communication,(e.g.,controlling,of,actuators,or,over$the$air,updates,of,sensors),,although,this,functionality,is,not,yet,in,use.,

2.1.1.2! Core IoT Architecture The,Antwerp,core,IoT,architecture,is,composed,by,two,integrated,main,building,blocks:,the,City,of,Things,data,platform,and,the,ACPaaS,engines,for,data,storing,,digital,asset,management,and,data,searching.,These,two,“cores”,are,integrated,,sharing,the,data,provided,by,the,IoT,deployments,,so,the,City, of, Things, platform, provides, solutions, for, data, collecting,, device,management, and, data,access,highly,focused,on,standards,and,key,Smart,Cities,R&D,results,,to,facilitate,innovative,smart,city,experiments,and,cross$technologies,integration,whilst,ACPaaS,is,the,core,architecture,for,the,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 60 of 179

City,of,Antwerp,as,a,whole.,,

The, City, of, Things, data, platform, is, composed, by, the, DYAMAND, component, for, sensor, data,collection, and, discovery, that, links, with, the, Southbound,, the, Tengu, [45], block, for, sensor, data,processing, and, storage, that, also, links, with, the, ACPaaS, data, engines, and, the, LimeDS, [46],component,for,data,access,,service,composition,and,demo,prototyping.,

●, DYAMAND,makes,each,sensor,uniformly,available,to,Tengu.,●, Tengu, is, an, experimentation, platform, for, big, data, applications, that, allows, for, automatic,

deployments,of,several,data,processing,,storage,and,cloud,technologies,(including,Hadoop,,Storm,and,Open,Stack),and,also,interfaces,with,external,data,sources,as,ACPaaS.,It,builds,the, central, technology, management, platform, that, installs, and, manages, all, storage, and,central,processing,technology:,Storm,[47],was,chosen,for,real$time,data,processing,,Spark,[48],for,the,(micro$),batch,processing,and,MongoDB,[49],for,storage,of,all,(raw),sensor,data.,

●, The,accessible,entry$points,going,in,and,out,the,Tengu,managed,data,cluster,,are,set,up,by,LimeDS, (Lightweight,modular,environment, for,Data,oriented,Services),component., It, is,a,toolkit, for, building, (Web), applications, with, a, strong, focus, on, developer, productivity, and,interoperability,with,other,services,and,devices.,LimeDS,provides,also,a,Java,API,that,allows,more,complex,Data,Flow,components,to,be,created.,It,is,designed,to,implement,and,offer,the,data,APIs,to,external,services,as,well,as,the,connection,point,between,Tengu,and,the,gateways.,

ACPaaS,connects,and,discloses,relevant,operational,city$owned,and,city$linked,systems,,including,the,city's,IoT,&,smart,city,related,systems.,It, is,a,modular,service$oriented,architecture,with,open,APIs,,on,which,apps,,websites,,applications,and,platforms,can,be,build.,ACPaaS,offers,a,broad,range,of,reusable,building,blocks,,called,ACPaaS,"engines".,These,are,small,pieces,of,software,,each,with,a,specific,function,that,can,be,reused,in,multiple,applications.,Several,of,these,engines,are,dedicated,to,the,collection,,storage,,processing,and,provisioning,of,IOT,data.,,

The,ACPaaS,engines,related,to,IoT,currently,available,are:,●, data,ingestion,&,device,management,engines:,see,above,●, data,lake,engine:,data,,typically,sensor,data,and,other,frequent,small,(near$)real$time,data,

packages,,will,be,stored,in,the,data,lake.,The,data,is,stored,quickly,after,its,ingestion,,in,its,most,raw,but,readable,form,,and,without,the,loss,of,information.,

●, (real$time), processing, engine:, set, of, tools, for, the, processing, of, real$time, data, $,transformation,,aggregation,of,data,,creation,of,actions,and,alerts,based,on,data.,A,specific,set$up,will,be,created,according,to,the,specific,needs,of,every,system.,

●, IoT,visualisation,engine:,many,types,of,data,,including,real$time,data,can,easily,be,visualised,with,this,engine.,A,dashboard,can,be,created,with,the,required,visualisations,of,the,specific,system.,,

Other,engines,are,still,under,construction,or,on, the,backlog,,especially,with, regards, to,privacy,&,security,,and,intelligent,data,processing,

2.1.1.3! Northbound and Data Access APIs To, exploit, data, captured, and,managed, by,Antwerp, IoT, infrastructures,, the, city, provides, 4,main,access,points:,

●, Antwerp,Open,Data,platform,(The,DataTank,[50]),,that,provides,various,open,datasets,from,the,City,of,Antwerp,in,different,data,formats,(JSON,,CSV,,XML,,KML,,GIS,,etc.).,,

●, The,ACPaaS,API,marketplace,(as,part,of,the,“API,engine”),allows,access,to,open,data,and,open,services,through,RESTful,API's.,With,open,services,ACPaaS,combines,the,best,of,two,worlds:, customers,get, tailor,made,applications,, but, under, the,hood,ACPaaS$engines,are,reused,as,functional,components.,Its,business,level,includes,engines,such,as,the,notification,engine,,the,digital,asset,engine,,the,multi$language,engine,,the,digital,signature,engine,,etc.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 61 of 179

At,present,the,full,functionality,of,the,marketplace,is,only,available,for,internal,use,(i.e.,by,the,city,or,3rd,parties,working,directly,for,the,city),,but,the,City,of,Antwerp,aims,at,making,the,marketplace,available,for,broader,use,by,3rd,parties.,,

●, In,terms,of,standardisation,,the,City,of,Antwerp,is,fostering,the,adoption,of,the,FIWARE,NGSI,10,specification,,including,its,RESTful,APIs.,

●, The, City, of, Things, platform, has, implemented, a, generic, base, API, that, can, be, used, to,uniformly,access,all,smart,city,data.,One,the,main,key,considerations,during,the,design,of,the,API,was,to,design,a,very,scalable,API.,One,of,the,implemented,techniques,is,a,paging,strategy,that,is,optimized,for,making,use,of,web,caches.,This,API,is,the,only,allowed,interface,for,external,services,to,access,internal,City,of,Things,data.,To,gain,access,to,data,streams,,standardised,authentication,protocols,such,as,Basic,Auth,are,supported.,On,top,of,this,base,API,,additional,APIs,or,linking,to,the,NGSi,Context,broker,can,be,supported.,

2.1.1.4! Security and Privacy functionalities Although,the,Antwerp,RZ,has,not,defined,an,official,Security,&,Privacy,layer,,its,platforms,provide,some,tools,to,implement,authentication,and,authorisation,functionalities,when,required:,

●, ACPaaS,solution,specifies,a,user,management,layer.,This,not,only,involves,the,accounts,of,the, end, users,, but, also, their, profile:, the, various, roles, someone, can, assume,, the, user’s,preferences,, etc., Here,, relevant, end, user, information, is, stored, and, managed., Thereby,security, and, privacy, are,major, factors., Furthermore,, through, its, "user, profile, engine", the,solution,is,functioning,as,an,OAuth,identity,provider,for,different,websites,in,the,city,,allowing,easy,access,to,different,sites,through,one,city,wide,profile.,

●, City,of,Things,uses,Basic,Auth.,

2.1.2! Carouge City,of,Carouge,focuses,on,innovation,for,people,while,protecting,citizen,privacy.,In,this,line,,the,city,is, currently,working, on, several, IoT,projects, and,new,sensor, deployments,, but, as, its, flagships, it,present,two,main,developments:,

●, the,“smart,parking”,[51],strategy,and,system,deployed,with,LoRa,sensors,allow,to,understand,the,behaviour,of,car,drivers,and,to,influence,the,parking,offering,for,shops,,restaurants,and,also,to,provide,agile,parking,spaces,for,the,citizens,living,nearby,and,commuter,workers.,For,more,than,a,year,, the,city,of,Carouge,has,been,monitoring,its,parking,spaces,with,“smart,parking”,sensors.,It,allows,understanding,and,influencing,the,behaviour,of,drivers,in,the,city.,It,is,based,on,collaboration,with,Orbiwise,for,the,Lora,communication,and,IEM,for,the,smart,parking,sensors,and,monitoring.,

●, the,“street,noise,monitoring”,pilot,consists,in,audio,monitoring,sensors,deployed,at,various,levels, in,order, to,enable,a,3,dimensional,monitoring,of,noise, in, the,city., It, is,designed, to,address,the,needs,of,people,living,near,streets,and,roads.,The,3D,Street,Noise,Monitoring,is,a,new,solution,of,its,kind,on,the,market.,It,responds,to,a,new,legislation,entering,into,force,in,2018,,to,protect,the,inhabitants,from,noise.,The,Swiss,Government,fully,support,and,follow,the,project,for,potential,replication.,

These,complete,solutions,have,been,engineered,and,designed,to,address,the,specific,needs,and,requirements,of,the,City,,making,up,vertical,silos,centred,on,final,solutions,rather,than,interoperability,and,reusability.,Currently,,city,of,Carouge,is,moving,towards,an,OASC,compliant,IoT,architecture,,based,on,FIWARE,enablers,and,standards, that,provides,a,versatile, IoT,platform, for,current,and,incoming,IoT,deployments.,

In,this,similar,vertical,fashion,,Carouge,also,has,a,app,for,tourism,,using,a,public,WiFi,access,,and,offers,specific,info,of,the,city,plus,an,IoT,deployment,for,Water,and,Gas,resources,management,,operated,by,the,city’s,Water,&,Gas,utility,is,planned.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 62 of 179

,

Figure,16:,City,of,Caruge,RZ’s,IoT,architecture,

The,Carouge, IoT, edge,mainly, relies, on, LoRa, technology,,with, currently,more, than, 1.000, LoRa,sensors,deployed,in,Carouge,and,about,400,new,ones,will,be,implemented,in,the,coming,months,(plans,include,about,5k,LoRa,devices,and,about,60,LoRa,GWs,to,be,installed,in,the,Canton).,,

2.1.2.1! Southbound and Data IoT Interfaces LoRa,access,layer,and,backbone,services,are,currently,managed,and,provided,by,the,SIG,(Utility,company),based,on,the,Orbiwise,LoRa,[52].,So,far,,this,is,a,vertical,service,where,no,specific,APIs,are,provided,to,add,new,third,party,resources,further,than,the,technical,support,to,add,new,LoRa,devices,to,the,existing,backbone.,There,are,neither,device,management,nor,data,injection,public,APIs.,All,the,interfaces,are,property,of,each,current,deployment.,This,way,,City,of,Carouge,currently,has:,

●, LoRa,proprietary,infrastructure,to,capture,Parking,sensors,and,Noise,devices,data,(Parking,IoT,deployment,and,Noise,monitoring,service),

●, Open,WiFi,access,that,covers,whole,City,of,Carouge,,currently,used,for,a,closed,tourism,app,deployed,by,the,city.,

●, 2G/3G,access,(Swisscom),for,Water/Gas,utility,company,sensors,(Proprietary,solution),Short,and,midterm,plans,to,evolve,Carouge,IoT,architecture,consider,the,use,of,FIWARE,compliant,IoT,Agents,development/deployment,,to,provide,an,NGSI,access,to,inject,IoT,data,from,existing,and,new, IoT, deployments., This, will, include, specific, IoT, agents, for, LoRa, infrastructure, that, allows,migration,to,a,LoRa,IoT,edge,infrastructure,plus,FIWARE,IoT,core,platform.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 63 of 179

2.1.2.2! Core IoT Architecture Present,IoT,solutions,in,Carouge,have,been,developed,considering,only,specific,use,cases,,fostering,the,deployment,of,IoT,devices,(e.g.,parking,sensors),to,provide,a,defined,service,(e.g.,find,a,free,parking,lot).,This,means,that,,in,terms,of,context,management,and,data,storing,,each,vertical,solution,implements,their,own,core,with,proprietary,components,to,process,data,and,later,,expose,results.,

In,this,sense,,Carouge,is,planning,to,migrate,to,a,FIWARE,compliant,solution,,evaluating,the,Context,Management, enablers, provided, by, this, architecture., For, incoming, IoT, projects,, NGSI, context,models,,formats,and,FIWARE,semantics,will,be,used.,

For,data,storage,solution,,FIWARE,based,data,models,compliant,with,FIWARE,Big,Data,enablers,are,also,being,evaluated.,

2.1.2.3! Northbound and Data Access APIs Currently,, applications, based, on, available, IoT, deployments, have, been, tailored, for, city’s, and/or,utilities’,specific,purposes,and,no,APIs,to,direct,access,or,manage,captured,info,are,provided.,Each,vertical, solution, offers, a, web, access, to, the, processed, info, (application, layer, based, on, web,proprietary, access), when, required., IoT, data, captured, (Water/Gas,management), is, intended, for,internal,(proprietary),exploitation.,

New,IoT,architecture,northbound,will,be,based,on,FIWARE,so,FIWARE,common,data,access,based,on,NGSI,standards,and,APIs,will,be,available,for,the,City,of,Carouge,,who,will,decide,the,way,these,APIs,will,be,provided,to,third,parties.,

2.1.2.4! Security and Privacy functionalities Current,Security,layer,relies,on,each,vertical,solution.,The,data,are,stored,in,the,Canton,of,Geneva,on,secured,servers,with,a,strict,privacy,policy, to,protect, the,privacy,of, the,citizens.,Currently,,an,analysis,of,different, solutions/possibilities, for,Authentication,,Authorization,and,Accounting, is,on$going,,considering,FIWARE,AAA,enablers,on,FIWARE,Secure,Catalogue,[53],as,a,possible,solution.,The,integration,of,the,Carouge,IoT,deployment,with,FIWARE,will,be,managed,by,Mandat,International,[54],and,UDG,,which,have,experience,with,FIWARE,and,CKAN,[55].,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 64 of 179

,

2.1.3! Eindhoven Eindhoven’s,reference,zone,focuses,on,supporting,organic,growth,of,and,interoperability,between,the,set,of,IoT,platforms,and,vertical,systems,already,present,in,the,city.,Providing,the,new,generation,of,city,services,requires,a,strong,cross$domain,approach,relying,on,shared,data,models,,open,data,streams,and,enabling,vertical,domain$specific,solutions,to,connect,through,a,common,intelligence,layer,for,creating,added$value,services,based,on,new,real$life,scenarios.,Most,importantly,,the,city,IoT,is,to,remain,open,to,the,future,,stimulating,interchangeability,of,data,and,components,,creating,added, value, through, cross$vertical, solutions, and, cooperating, nation$wide, and, internationally, in,relevant,networks,$,such,as,the,OASC,network,$,to,actively,contribute,to,the,developments,of,open,and,accessible,IoT,standards,,frameworks,and,specifications,worldwide.,

,

,

Figure,17:,Eindhoven,RZ’s,IoT,architecture,

In, terms, of, IoT, current, deployments,, Eindhoven,RZ, counts, on, a,wide, set, of, sensors,, including,actuators,,and,wireless,communication,technologies.,These,include:,

●, WiFi,access,to,support,Philips,Light,level,luminaires,,for,its,smart,street,lighting,infrastructure.,●, Micro,Wave,(RF),to,connect,the,ViNotion,[56],people,counters,●, Zigbee,based,protocol,to,read,Munisense,Sound,+,Cell,counters,●, available,mobile,coverage,(2G,,3G,,4G),supporting,new,IoT,sensors/actuators,deployments,●, an, on$going, LoRa, network, deployment, to, provide, wireless, connectivity, to, incoming, IoT,

projects,●, ITS$G5, [57], , ((WiFi$P), infrastructure,on,development, to,build,a, robust,WiFi,connection, in,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 65 of 179

public,vehicles,that,expands,IoT,coverage,in,the,near,future,

To,support,fixed,IoT,nodes,,Eindhoven,provides,a,wired,network,(Ethernet),based,on,fibre,optic,and,copper,cabling.,This,network,connects,the,Sorama,Sound,&,Imaging,[58],deployment.,Using,wired,and,wireless,connections,,Eindhoven,also,captures,data,from,weather,devices,,parking,sensors,and,social,media,(Coosto,[59]),,plus,access,and,manage,deployed,actuators.,,,

As,current,IoT,initiatives,,the,municipality,is,currently,replacing,its,existing,lighting,infrastructure,with,more,energy$efficient,LED$based,connected,lighting,solutions.,The,city,policy,guidelines,will,thus,be,applied,in,the,context,of,the,deployment,of,a,Smart,Light,Grid,that,enables,the,development,of,novel,cross$vertical,applications,and,services,aimed,at,improving,the,quality,of,life,in,the,city.,To,this,end,,concurrent,intelligent,systems,(e.g.,lighting,,air,quality,,traffic,management,,CCTV),will,progressively,be, federated, into, a, smart, city, infrastructure, that, facilitates, cross$vertical, data, exchange, and,exploitation.,Innovation,will,be,carried,out,in,an,ecosystem,centric,approach,with,close,involvement,of,quadruple,helix,partners,(citizens,,businesses,,research,institutes,and,public,authorities).,

2.1.3.1! Southbound and Data IoT Interfaces Present,IoT,deployments,in,Eindhoven,RZ,use,proprietary,protocols,to,collect,measurements,and,address, commands, (when, supported), that, direct, link, the, corresponding, IoT, set, to, its, specific,component,in,the,core,architecture.,As,three,of,its,current,main,IoT,initiatives,,we,find:,,,

●, Proprietary, media, streams, connectors, to, collect, video, and, sound, data, from, Sorama,deployments,in,Eindhoven.,

●, Proprietary, ViNotion, people, counter, interfaces, used, for, pattern, recognition,, aggression,detection,and,prevention.,

●, Proprietary,CityTouch, [60], interfaces,used, for,Philips,Lighting,deployment:,AssetLink,and,ControlLink,APIs.,

Merging,current,and,incoming,IoT,deployments,,the,reference,zone,will,work,with,FIWARE,based,core,architecture,,implementing,an,instance,of,its,FIWARE,IDAS,[61],device,management,enabler,and,using,FIWARE,IoT,Agents,[62],to,capture,IoT,Data.,For,data,streaming,,FIWARE,Kurento,[63],enabler,will,be,also,analysed.,Stratumseind,[64],living,lab,pilot,is,currently,exploring,this,FIWARE,based,architecture.,

2.1.3.2! Core IoT Architecture Eindhoven,has,several,IoT,architectures,running,in,parallel.,The,idea,is,to,foster,the,FIWARE,IoT,architecture,as,much,as,possible,,as,the,evolved,Reference,Zone,only,IoT,architecture,,having,,this,way,, an, open, and, standard, OASC, compliant, platform, that, allows, and, encourage, open, IoT,deployments.,In,this,sense,,the,reference,zone,aims,to,use:,

●, FIWARE, Orion, Context, Broker, as, building, block,, which, provides, the, following, set, of,functionalities:,

○, Query,Context,Info,○, Discovery,Info/Resources,○, Publish/Subscribe,

●, Standard,FIWARE,Data,Models,,based,on,NGSI,context,information,models,(e.g.,streetlight,model).,Next,to,that,Eindhoven,is,investigating,the,possible,use,of,the,Open,Vehicles,Data,Protocol, Definition, [65], and, the,Dutch, use, cases,, architecture,, data,model, and, interface,description,as,provided,by,Ivera,regarding,intelligent,Traffic,Light,Controllers,[66].,

●, FIWARE,NGSI$9, protocol, for,Context,Entity,Discovery, and,NGSI$10,protocol, for,Context,Information.,

●, Specific, architecture, components, (like, Tableau,, R,, etc.), for, BIG, DATA, analytics, and/or,visualization,(no,final,decisions,are,made,yet).,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 66 of 179

2.1.3.3! Northbound and Data Access APIs Eindhoven,RZ,doesn’t,currently,offer,open,APIs, to, third,parties,or,external,consumers, to,directly,access,to,Big,Data,resources,nor,captured,Context,information.,IoT,data,is,gathered,and,exploited,internally, by, each, solution, or, IoT, project., But,, on, the, other, side,, some, sets, of, collected, data, is,processed, and, made, available, to, end, users, through, Eindhoven’s, Open, Data, portal, [67],, from,OpenDataSoft,[68],and,based,on,CKAN,and,DCAT$EU,,and,their,corresponding,RESTful,APIs.,

The,envisioned,RZ,platform,will,offer,an,operational,dashboard,(actuation,of,the,devices,,creating,stats,and,graphs,etc.),for,the,IoT,data,connected,coming,from,sensors.,As,its,core,will,be,based,on,FIWARE, enablers,, NGSI, RESTful, APIs, would, be, available, to, access, and, manage, context,information.,This,capability, is,currently,being,analysed,by, the,RZ.,This,platform,will,also,provide,support,for,commands,and,IoT,device,management,(actuators,,IoT,configuration,,etc.)., ,

2.1.3.4! Security and Privacy functionalities The,Eindhoven,RZ,platform, is, investigating, the,use,of, the,FIWARE,generic, specific, enablers, to,implement,this,security,and,privacy,layer:,

●, The,FIWARE,Keyrock, IDM,GE, [69], could,be, the, central, authorization,and,authentication,mechanism,which,will,be,used,as,the,primary,AAA,operations.,

●, The,Wilma,PEP,proxy,GE, [70], could,add,a, frontend, for, the, (other),FIWARE,GE´s,which,needs,to,be,authorized,via,IDM.,

●, The,AuthZForce,Authorization,PDP,GE,[71],could,be,used,as,the,Policy,Decision,Point,in,the,mechanism.,

The,selected,PDP,is,XACML,v3.0,PEP,compliant,whilst,the,PEP,Proxy,supports,both,the,OAuth2,and,XACML,protocols.,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 67 of 179

,

2.1.4! Helsinki In, Finland,, Helsinki, coordinates, the, national, 6Aika, [72], "open, and, smart, services", strategy,implementation,for,sustainable,urban,development,carried,out,by,Helsinki,,Espoo,,Vantaa,,Tampere,,Turku,and,Oulu.,This,replicates, the,Helsinki's,successful,open,data,approach,and,harmonization,model, through, some, specific, co$financing, IoT, lab, platforms, and, initiatives:, Select4Cities, (2016$2021), [73],, MySmartLife, [74],, bIOTope, (2015$2019), [75], and, Smart, home, installation, at, Smart,Kalasatama,[76],.,All,these,references,are,aligned,with,Helsinki’s,target,,centred,on,smart,solutions,for, citizens, and, urban,mobility,, currently, represented, on,Digitransit, project, [77]., There, are, three,specific,districts,in,Helsinki,for,IoT,pilots:,

●, Smart,Kalasatama,for,urban,last,mile,logistic,pilots:,the,City's,designated,Smart,City,and,Grid,demonstration, area,, with, large, RES,, Smart, Grid,, infrastructures, (smart, lighting,, waste,pipelines),and,Smart,home,installations,in,place.,

●, Jätkäsaari,mobility,hot$spot,of,Northern,Europe,,for,large$scale,mobility,and,AV,,Drone,pilots:,the,City's,designated,smart,mobility,pilot,site,,urban,port,next,to,city,centre,with,10,million,annual, international, passengers,, with, up$take, of, smart, mobility, solutions,, trials, of,autonomous,vehicles,,drone,delivery,,and,other,activities.,

●, Helsinki,Street,Lab,for,pedestrian,mobility,pilots:,the,Centre,of,Helsinki,and,tourist,areas,have,installation,of,ICT,interfaces,in,the,urban,spaces:,NFC/RFID,tags,for,tourist,routes,,statuesm,23,interactive,public,displays,with,city's,test,servicesm,others.,

,

Figure,18:,Helsinki,RZ’s,IoT,architecture,

Among,the,different,IoT,initiatives,currently,on$going,in,Helsinki,Reference,Zone,,two,are,the,projects,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 68 of 179

that,are,leading,the,evolution,of,its,IoT,architectures,,merging,all,deployments,on,a,single,IoT,core:,●, Digitransit,, focused, on, mobility, and, urban, transport, use, case, that, will, be, built, as, pilot,

deployment,together,with,Aalto,University.,It,is,an,open,source,project,based,on,Open,Group,Internet,of,Things, (IoT),Standards, [78]., It, implements,an,O$MI, (Open,Message, Interface),node,[79],that,provides,O$MI/O$DF,(Open,Data,Format),[80],APIs,for,collecting,,storing,and,distributing,data,from,different,sensors,and,sensor,networks,,as,well,as,the,security,models,and, interfaces, (O$MI, Security, models, [81]), to, provide, authorisation, mechanisms., These,interfaces,and,components,will,be,leveraged,for,RZ,data,collection.,

●, Helsinki,urban,platform,(new,data,for,developers,and,decision$makers),,initially,focused,on,real$time,monitoring,of,real,estate,heating,and,energy,consumption,, it,will,provide,tools,to,analyse,and,process,IoT,captured,data,and,improve,data,availability,for,developers,of,mobile,applications.,All,collected,data,by,the,newly,implemented,sensors,and,IoT,deployments,will,be,in,public,use,for,the,software,developers,and,researchers,as,an,open,data.,

2.1.4.1! Southbound and Data IoT Interfaces Current,IoT,deployments,in,the,Helsinki,RZ,involves,a,large,set,of,heterogeneous,sensors,and,IoT,devices,as,a,compilation,of,novel, IoT,projects,and,solutions,(Air,Quality,control,,Noise,metering,,traffic,management,,home,IoT,solutions,and,Public,transportation).,These,IoT,nodes,,and,incoming,IoT, infrastructures,, are, supported, by, Mobile, communication, technologies, (3G, and, 4G, where,available),,WiFi,access,and,a,LoRa,network,,set,up,by,Wapice,[82].,In,terms,of,interfaces,to,capture,IoT,data,,Helsinki,RZ,bets,on,Open,Group,Internet,of,Things,(IoT),[83],and,its,O$MI,(Open,Message,Interface),and,O$DF,(Open,Data,Format),standards:,

●, IoT,Standards,use,the,O$MI,for,transmitting,lifecycle$related,information,mainly,intended,for,automated,processing,by,information,systems.,The,O$MI,fulfils,the,same,purpose,in,the,IoT,Standards,as,HTTP,does,for,the,Internet.,The,O$MI,can,be,used,for,transporting,payloads,in,almost,any,format.,XML,might,currently,be,the,most,common,text$based,payload,format,but,others,,such,as,JSON,,CSV,,etc.,may,also,be,used.,

●, The, O$DF, can, be, used, for, publishing, the, available, data, using, ordinary, URL, (Uniform,Resource,Locator),addresses.,O$DF,structures,can,also,be,used,for,requesting,and,sending,published,data,between,systems,,notably,when,used,together,with,the,O$MI,standard.,

O$MI, messages, can, be, communicated, using, plain, HTTP, communication., Helsinki’s, O$MI, node,sends,requests,and,callback,messages,using,HTTP,POST,messages,,so,Helsinki’s,RZ,provides,a,RESTful, API, to, upload, IoT, data, using, O$MI/O$DF, and, designees, agents, to, support, different,technologies.,A,MQTT,agent,is,already,provided,to,capture,data,from,MQTT,queues.,

In,addition,,Helsinki’s,Urban,Platform,also,implements,connectors,(FTP,,WebDAV,and,specific,APIs),to,feed,static,data,to,its,CKAN,based,core.,

2.1.4.2! Core IoT Architecture The,IoT,platform,core,of,Helsinki’s,RZ,SynchroniCity,Use,case,is,composed,by,an,implementation,of,an,Open,Group,Internet,of,Things,O$MI,Node,that,supports,the,above,mentioned,O$MI,RESTful,API,and,the,O$MI,Security,Models.,According,O$MI,specifications,,the,O$MI,node,will,provide,the,required, functionalities, to, capture,, store,, manage, and, access, the, data, offered, by, the, IoT,deployments.,The,complete,set,of,features,supported,by,the,Helsinki’s,O$MI,node,can,be,checked,here,[84].,

The,O$MI,node,receives,the,data,from,the,integrated,IoT,deployments,(Air,Quality,sensors,,Noise,meters,,Home,devices,,etc.),to,later,feed,CKAN,infrastructure,,developers,APIs,portal,and,Digitransit,access,APIs.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 69 of 179

2.1.4.3! Northbound and Data Access APIs The,northbound,of,Helsinki’s,IoT,architecture,is,mainly,composed,by,three,exposed,data,accesses:,

●, Digitransit,public,APIs,[85],,directly,fed,by,the,O$MI,node,,provides,a,set,of,concrete,APIs,to,manage,public,transportation,data.,

●, Helsinki,CKAN,(Helsinki,Region,Infoshare),[86],offers,open,data,from,the,Greater,Helsinki,region,in,Finland.,The,majority,of,the,entries,in,the,catalog,are,small,static,files,containing,statistical,data,about,the,region.,These,were,added,in,the,first,wave,when,the,service,was,set,up.,There,is,also,several,high,quality,APIs,in,the,catalog,for,example,from,Helsinki,Region,Transport,and,Helsinki,Metropolitan,Area,Public,Libraries.,

2.1.4.4! Security and Privacy functionalities O$MI, node, instance, provides, potential, support, for, O$MI, Security, models,, which, implements,authentication,and,authorisation,mechanisms,to,operate,with,O$MI,RESTful,API.,This,would,mainly,apply, to, the,southbound, layer,,but,could,also,be,useful, for,northbound,future, implementations,of,security,and,privacy,features.,

The, Urban, Platform, project, provides, support, for, OAuth, authentication, and, authorisation,mechanisms.,

2.1.5! Manchester The,smart,city,agenda,in,Manchester,has,developed,significantly,in,the,last,two,years,both,in,terms,of, profile, and, the, integration,of, activities,within, the, city.,Currently, it, has,a,number,of, successful,projects,and,activities,underway,and,“smart”,is,recognised,as,an,important,issue,within,the,political,leadership, and, certain, departments.,Where, the, city,wants, to, be, in, 2025, is, in, the, context, of, the,Manchester’s,city,Strategy.,The,process,is,to,map,that,journey,with,a,key,enabler,to,being,the,need,to, bring, together, activity, in, a, coordinated,way, i.e., a, high, level, programme, board,working, to, an,Integrated, Action, Plan., , Critically, this, must, be, underpinned, by, the, key, pillars, of, city, vision:,Manchester,as,a,world,class,city,as,competitive,as,the,best, international,cities,with,growth,(jobs,and, economic, wealth),, people! (delivering, services, that, foster, aspiration,, independence, and,resilience),and,place,(creating,and,maintaining,a,quality,of,life,for,residents).,

Through, the, leadership,of, the,SmartImpact, project, [87],,Manchester, is, developing,an, integrated,action,plan,for,initiating,,funding,and,implementing,start,city,priorities.,Current,portfolio,of,Smart,City,projects,is,as,follows:,

●, SmartImpact:,URBACT,network,providing,oversight,and,strategic,guidance,●, CityVerve,[88],UK’s,Internet,of,Things,city,demonstrator,●, Triangulum, H2020, Lighthouse, project, focusing, on, smart, energy, districts, and, last, mile,

logistics.,In,addition,,the,city,has,mainstreamed,smart,lighting,through,its,existing,PFI,programme,,which,will,replace,all,the,city’s,streetlights,with,LED.,There,are,also,a,wide,range,of,private,sector,initiatives,both, in,partnerships,with, the,city,and,separately,, including,development,of,a,community$focused,LORA,network,through,Things,Manchester.,

The,core,focus,for,the,city’s,activity,is,within,CityVerve,which,began,in,July,2016,and,runs,until,June,2018.,During,the,24,months,of,the,project,,we,are,developing,an,open,IoT,infrastructure,for,the,city,,across,energy,and,environment,,transportation,,health,and,social,care,,and,culture,and,public,realm,themes.,

The,focus,for,the,majority,of,this,activity,is,in,The,Manchester,Corridor,,which,is,the,city’s,smart,city,district,,containing,2,universities,,hospitals,,business,park,and,a,range,of,cultural,institutions.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 70 of 179

,

Figure,19:,Manchester,RZ’s,IoT,architecture,

During,2017,,the,following,sensor,infrastructure,is,being,installed,as,part,of,CityVerve,,Triangulum,and,other,initiatives:,

●, 80$100, proximity, beacons, for, public, wayfinding, working, with, Sparta, Technology, and,Transport,for,Greater,Manchester,

●, Air, quality, sensor, network, at, road, junctions, to, enable, context$driven, traffic,management,through,integration,with,our,traffic,management,system.,

●, 2,x,ANPR,cars,for,real,time,bus,lane,enforcement,●, Cisco,are,enhancing,the,current,free,WiFi,network,on,Oxford,Road,,to,enable,a,range,of,data,

services,to,be,built,on,top,of,them,●, 10,public,buildings,(University,,hospital,,city,administration,,business,park,,art,gallery,,and,

library),to,install,sensors,for,integration,with,their,Building,Management,Systems,(BMS),and,for,facilities,management,

●, Connected,bus,route,,enhancing,the,Leigh$Manchester,guided,bus,way,,through,IoT,and,real,time,information,at,bus,stops,

●, Adapting,50+,homes,and,1,nursing,home,for,telehealth,and,smart,care,●, 2,public,realm,artworks,using,city,data,to,raise,awareness,●, 200$500,taxis,and,other,vehicles,with,advanced,monitoring,●, 1000,smart,bikes,from,MoBike,●, 4,electric,cargo,bikes,for,last,mile,logistics,●, Open,LORA,network,(Things,Network,Manchester),●, Cisco,installing,a,LORA,network,x,8,base,stations,for,building,management,and,traffic,use,

cases.,In,terms,of,IoT,communication,technologies,and,connectivity,,the,RZ,relies,on:,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 71 of 179

●, 2G,,3G,&,4G,–,UK,marketplace,providers,●, 5G,–,none,(but,looking,at,potential,trials,during,the,course,of,SynchroniCity),●, LORA,–,8,x,base,stations,giving,coverage,across,Manchester,Smart,City,District,plus,Things,

Network,Backbone,support,,community,open,network,across,Greater,Manchester,,Leeds,,Liverpool,etc.,

●, Wifi,–,currently,a,public,wifi,offer,via,Arqiva,,delivered,by,Virgin,Mobilem,looking,to,develop,an,enhanced,offer,for,supporting,IoT,services,

●, UNB,(Ultra,Narrow,Band),–,deployment,by,Telensa,of,a,trial,UNB,network,for,smart,parking,,smart,lighting,and,smart,bins.,

2.1.5.1! Southbound and Data IoT Interfaces Corporate, technology, at, the, City, Council, manages, internal, communication, technologies, and,contract,manages,CCTV,,public,WiFi,and,other,services.,Within,Manchester,smart,city,portfolio,it,has,been,adopted,a,technology,and,vendor,agnostic,approach,to,connectivity,,so,existing,mobile,technologies,(2G,,3G,and,4G),deployed,in,the,city,are,looked,after,by,the,respective,private,sector,providers.,These,are,enhanced,by,point$to$point,microwave,wireless,provided,on,rooftops,,primarily,to,business,consumers,,from,at,least,2,private,companies.,The,Greater,Manchester,area,,as,a,whole,,has, around, 66%, of, fibre, to, the, premises., There, are, 2, primary, fibre, providers, in, the, UK,, BT,Openreach,and,Virgin.,

As,LORA,becomes,a,de,facto,favourite,amongst,a,range,of,LGPR,technologies,,the,city,has,an,open,network,run,through,a,community,of,interest,,Things,Network,(originated,in,Amsterdam),which,now,has,coverage,not, just, in,Greater,Manchester,,but,across,the,north,via,Things,North.,(e.g.,Leeds,,Liverpool,etc.).,Within,CityVerve,an,8$base,station,LoRa,network,using,Meraki,kit,is,being,installed,during,summer,2017,for,a,range,of,use,cases.,

The,Manchester,IoT,architecture,is,being,developed,as,part,of,the,CityVerve,project,,which,has,21,partners,,from,the,public,and,private,sector,and,is,led,by,Cisco,Create,team,,based,at,Manchester,Science,Partnerships,on,the,Corridor.,It,is,a,“platform,of,platforms”,approach,which,will,use,a,number,of,proprietary,services,from,partners,on,the,project,,but,will,provide,considerable,opportunities,for,3rd,party,suppliers,through,a,shared,API.,Where,possible,,access,to,sensor,data,,e.g.,proximity,and,air,quality,sensors,will,be,available,to,3rd,parties,,and,in,addition,aggregated,data,(e.g.,from,energy,systems),will,be,available,where,there,is,no,privacy,or,security,risk.,

2.1.5.2! Core IoT Architecture Current, IoT,deployments, in,Manchester,have,been,tailored,as,specific,solutions,for,concrete,use,cases,, within, the, context, of, the, CityVerve, and, Triangulum, projects., With, over, 20, different,applications,and,a,wide,range,of,cross$domain,solutions,,it,is,vital,that,some,shared,standards,and,interoperability, are, provided., The, RZ, is, deploying, Hypercat, [89], integration, in, line, with, UK,government,and,funder,guidelines,,and,Hypercat,is,currently,a,specification,that,is,being,looked,at,by,British,Standards,Institute,(BSI),to,become,a,standard.,The,RZ,is,also,working,with,Ordnance,Survey,(OS),to,have,high,quality,3D,mapping,across,the,Corridor,and,the,rest,of,Manchester,and,OS,are,a,member,of,international,and,national,Geospatial,standards,bodies.,

The,architecture,being,developed,by,Cisco,in,particular,will,provide,a,secure,CityVerve,platform,but,will, work,with, a,wide, range, of, partners.,Manchester’s, Smart, City, Urban, Platform, is, currently, in,development,and,consists,of,the,following:,

●, Datawell, [90], health, data, sharing, platform,, commissioned, and, managed, by, Greater,Manchester,Academic,Health,Science,Network,

●, British,Telecommunications,(BT),Data,Hub,[91],–,CKAN,based,repository,for,transport,data,(and,other,data,TBC),,and,providing,tools,for,Hypercat,conversion,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 72 of 179

●, ,Asset,Mapping,data,platform,[92],CityVerve,inventory,●, Cisco,CDP,platform,[93],acting,as,a,broker,for,non$application,level,data,(e.g.,from,LORA,

and,UNB,networks),●, Ordnance,Survey,Mapping,Data,[94],,(inc.,3D,mapping),

In,addition,the,city,is,looking,to,bring,in,data,from,energy,and,BMS,systems,and,from,electric,vehicles,from,the,Triangulum,platform,,lighting,data,from,our,PFI$funded,smart,lighting,LED,deployment,,and,journey,data,from,the,Mobike,[95],smart,bike,scheme.,,

2.1.5.3! Northbound and Data Access APIs CityVerve, is,currently,developing,a,single,public,Programmable,City,API.,Using,open,source,API,hosting,solution,,Tyk,[96],,which,will,be,going,live,in,Autumn,2017.,

This,will,provide,uniform,and,RESTful,access,to,range,of,data,sources,(static,and,real,time).,Besides,,latency,requirements,within,applications,and,data,is,also,analysed,,that,will,come,from,a,range,of,different,sources,and,be,accessed,by,a,range,of,different,applications.,

2.1.5.4! Security and Privacy functionalities A,full,security,and,privacy,work,programme,is,being,undertaken:,a,privacy,and,trust,committee,has,been,established, including, key,public, sector, IG,specialists,, and,private, sector, partners,, that, are,looking,to,implement,a,privacy,manager,software,tool.,PPM,is,being,implemented,by,BT,within,the,CityVerve,project.,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 73 of 179

2.1.6! Milan Milan,City,Managers,think,that,Information,Technology,is,the,basis,for,the,value$added,services,a,city,can,offer,to,its,citizens.,ICT,is,also,fundamental,to,trigger,changes,in,behavioural,paradigms,and,to,optimize,the,exploitation,of,local,assets.,

In,this,context,,the,Milan,reference,zone,will,foster,the,evolutions,and,developments,in,the,Internet,of,Things,and,the,interoperability,of,data,adopting,international,standard,and,best,practice,in,order,to,represent,a,driving,force,for,future,city,wide,initiatives.,

,

Figure,20:,Milan,RZ’s,IoT,architecture,

The,existing,and,planned,IoT,infrastructure,will,use,different,communication,networks,including,Wi$Fi,GPRS,,UMTS,,LTE,and,Powerline.,Furthermore,,a,Siemens,energy,management,system,uses,LoraNet,to,connect,all,sensors,installed,on,the,light,poles.,

The,municipality,of,Milan,is,involved,in,several,projects,that,affect,different,domains.,Devices,and,sensors,are,being,deployed,during,these,activities.,The,following,projects,are,the,ones,that,will,share,the,reference,zone,with,SynchroniCity:,

●, Sharing,cities,[97]!addresses,issues,of,pollution,,mobility,,energy,and,building.,●, Dynamap, [98], will, deploy, a, network, of, acoustic, sensors, (microphones), that, detect,

background,noise,and,spikes.,●, Eugugle, [99]! deals, with, redevelopment, of, buildings, and, energy, consumption, leveraging,

building,level,sensor,and,energy,meters.,These,deployments,include,also,other,sets,of,IoT,devices,and,networks,,managed,by,ATM,,the,city,public,transport,division.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 74 of 179

2.1.6.1! Southbound and Data IoT Interfaces Present,IoT,deployments,in,the,Milan,RZ,include,ad,hoc,vertical,solutions,to,collect,data,and,manage,actuators,that,direct,link,the,corresponding,IoT,set,to,its,specific,component,in,the,core,architecture.,Merging, current, and, incoming, IoT, deployments,, the, reference, zone, will, experiment, a, FIWARE,powered,architecture, leveraging,components, to,use, IoT,Agents, in,order, to,capture,and,manage,context,data,and,adapt,it,to,standard,NGSI,data,models.,

2.1.6.2! Core IoT Architecture Milano,has,different, application, silos, relating, to, different, departments, existing, at, the, same, time.,SynchroniCity, offers, the, opportunity, to, try, to,make, all, sources, of, information, interoperable, and,exploitable, in,a,uniform,manner, leveraging,a,modern,and,open,architecture,using,standards,and,best,practices,like:,

●, FIWARE, Standard, data, models, to, enable, data, portability, for, different, applications, and,domain, including,Real, time,and,static,parking,data,,Transportation,data,models, for,smart,mobility,and,efficient,management,of,municipal,services,,etc.,

●, NGSI$9,and,10,RESTful,APIs,implementations,for,Context,Entity,Discovery,and,for,Context,Information,management.,

●, A,Context,Broker,component,enriched,with,data,model,adaptation,features,that,will,be,the,fundamental,element,to,achieve,the,reuse,and,interoperability,improvement,goals.,

2.1.6.3! Northbound and Data Access APIs Milano, RZ, has, adopted, for, two, years, an, APIs, management, system, based, on, WSO2, [100],ecosystem., This, system, comprise, an, identity, management, system,, a, data, catalogue, and,management,and,monitoring,components,that,make,services,accessible,through,APIs,and,allows,access,to,third$party,applications,with,different,monetization,modes.,

The,municipality,of,Milan,through,its,open,data!portal,[101],provides,several,datasets,that,currently,are,not,accessible,via,programmable,through,the,API,,but,only,published,on,a,CMS,based,portal,,available,for,the,citizen,to,be,downloaded.,

They,planned,to,adopt,a,standard,platform,for,the,open,data,and,to,make,data,available,through,RESTful,APIs,during,the,SynchroniCity,project.,

2.1.6.4! Security and Privacy functionalities Milano, RZ, APIs,Management, System, provide, an, IDM, and, an, Authorization, component, able, to,manage,,according,to,the,OAuth2,protocol,,the,API,usage,and,access.,

The,Milano,RZ,will,evaluate, the,adoption,of, the,FIWARE,enablers, to,some,security,and,privacy,aspect.,

2.1.7! Porto Porto,is,the,centre,of,a,large,metropolitan,area,that,provides,city,services,to,more,than,1.8,million,inhabitants.,In,terms,of,smart,cities,,the,Municipality,is,supporting,and,evolving,an,Urban,Platform,,by, investing, in,specific, IoT,projects, through,several, regional,,national,and, international, initiatives,aligned,to,support,the,implementation,of,a,city,level,strategy.,Citizen’s,centred,sustainability,,energy,efficiency,,R&D,and,economic,growth,are,the,main,areas,of,interest,of,the,City,who,started,different,programmes,and,projects, in, those,areas,,aligned,with,smart,cities,principles, (OASC),and,with,a,strong,political,commitment,and,considerable,impact,in,the,city,life,so,far.,In,this,line,,the,connection,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 75 of 179

between,the,implementation,of,infrastructure,(including,IoT,,urban,management,platforms),,urban,innovation,ecosystem,and,the,city,services,based,on,citizens,needs,is,essential,for,a,sustainable,growth,of,the,city.,

Porto,has,been,focusing,on,the,development,of,a,consistent,infrastructure,to,promote,data,driven,decision, making, and, effective, governance, support., The, Integrated, Management, Centre, (CGI),provides, real, time, information, and, promotes, an, integrated, action, amongst, different, public,stakeholders, and, services,, such, as,, security, (Police, and, Municipal, Police),, emergency, (civil,protection,, medical, emergency, and, firefighting),, public, transportation,, and, services, of, the,Municipality,of,Porto,(such,as,,environment,and,waste,,mobility,and,traffic,,and,fleet,management).,The,Municipality,aims,at,creating,and,developing,a,FIWARE$based,Urban,Platform,for,an,integrated,city, management, which, will, support, the, existing, Integrated, Management, Centre., This, process,includes,the,co$creation,of,the,strategy,and,structure,for,the,design,of,the,technological,architecture,,which,will,be,developed.,The,Urban,Platform,will,collect,and,analyse,mobility,,environment,,energy,and,civil,protection,data,for,the,city,management,and,service,provision.,

,

Figure,21:,Porto,RZ’s,IoT,architecture,

Supported,by,the,local,SME,Ubiwhere,,Porto, is,managing,a,network,of,mobile,and,fixed,sensors,across,the,urban,region,and,infrastructure,supporting,different,apps,and,services:,

●, Porto’s,water,supply,company,(Águas,do,Porto),collects,data,from,more,than,20,000,wireless,water,meters,,allowing,real$time,monitoring,of,water,consumption,levels,,advising,for,water,consumption,,preventing,fraud,and,detecting,water,leaks.,Ubiwhere,(a,local,company,,which,is, also,a,member,of, the,SynchroniCity, consortium),developed,a,mobile, app, [102],,which,provides,general,information,about,the,water,quality,,and,valuable,information,to,its,clients,about,its,consumption,profile,(like,alerts,,consumption,analysis,,notifications,and,warnings,,consumption,comparison,with,other,similar,clients),,and,promotes,a,more,sustainable,water,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 76 of 179

consumption.,●, A, key, instrument, in, the, development, of, Porto’s, open, city, platform, is, the, UrbanSense,

Platform,,which,is,owned,and,managed,by,the,University,of,Porto,,and,was,developed,under,the,European,funded,Future,Cities,project,[103],with,the,support,of,the,Municipality,of,Porto,and, Porto, Digital., The, Citibrain, [104], joint$venture,, the, city, of, Porto, and, Ubiwhere, have,developed,the,interfaces,bringing,access,to,real$time,,contextual,environmental,data,from,75,fixed,units,(monitoring,stations),located,across,the,city.,The,data,is,augmented,by,scanners,installed,on,the,city,Council’s,200+,fleet,of,vehicles,,creating,a,large$scale,mobile,scanner.,External,providers,like,the,city’s,water,supplier,,transport,data,providers,,social,media,data,and,business,start$up,statistics,are,all,plugged, in, to, the,platform, to,allow, the,city, itself, to,guide,you,as,you,explore,,travel,and,work.,

The,city,of,Porto,now,has,plans,to,leverage,the,results,of,this,work,and,expand,the,FIWARE/OASC$compliant,Urban,Platform,to,become,the,central,point,of,its,new,integrated,management,and,control,centre.,

2.1.7.1! Southbound and Data IoT Interfaces Communication, IoT,technologies,,deployments,and,IoT,platforms,are,currently, led,by, the,Porto’s,Municipality.,Wireless, communication, protocols, that, support, current, IoT, deployments, and, smart,services,mainly,rely,on,mobile, links,(2G,,3G,and,4G,technologies),and,an,existing, infrastructural,WiFi,network,,assisted,by,the,novel,WiFi,service,provided,in,public,buses.,Porto,is,also,involved,in,a,new,LoRa,network,deployment,to,provide,a,capillary,network,to,support,new,IoT,deployments.,,,

Present, IoT, solutions, captures, and, provides, data, from, sensors, using, proprietary, architectures,,developed,and,deployed,specifically,for,each,application.,There,are,no,designed,APIs,or,tools,to,add,new,devices,or,deployments,oriented,to,third,or,external,partners.,

On,its,current,evolution,to,an,OASC,compliant,architecture,,Porto’s,Municipality,is,aiming,to,an,open,IoT, platform,, based,, on, its, southbound,, in, the, sensiNact, [105], solution, plus, FIWARE, IoT, agent,connector,, providing,, this, way,, open, interfaces, (sensiNact, southbound, bridges), to, existing, and,incoming,IoT,deployments,to,add,devices,and,capture,data,and,standard,FIWARE,compliant,tools,to,further,manage,information,and,resources.,,

2.1.7.2! Core IoT Architecture Current,IoT,deployments,in,Porto,have,been,tailored,as,specific,solutions,for,concrete,use,cases.,This, has, led, to, proprietary, applications, that, store, and, manage, their, corresponding, resources,according,their,own,data,models,,formats,and,semantics,,more,focused,on,presenting,the,processed,information,rather,that,sharing,the,data,sources.,So,,in,terms,of,core,IoT,architecture,,Porto,is,not,currently,using,a,defined,set,of,components,nor,standard,data,models,,but,a,set,of,vertical,complete,and,isolate,solutions.,

As,its,next,step,on,its,Urban,Platform,,Porto,is,fostering,an,Open,&,Standard,IoT,Backend,,following,OASC,recommendations.,Porto,will,merge,all,its,current,IoT,solutions,according,a,FIWARE,based,core,architecture:,

●, FIWARE,Orion,Context,Broker,as,its,main,context,management,enabler,●, NGSI,data,models,and,APIs,to,access/manage,context,information,●, HTTP,and,Web,Services, technology, following, the,OGC,SWE, (Sensor,Web,Enablement),

specifications:,Resource,Discovery,,Publish$Subscribe$Notify,,Event$filtering,&,Processing,,Homogeneous,Remote,Management,,and,Measurement,Storage,

●, FIWARE,/,CKAN,/,microservices,based,architecture,for,Big,Data,solutions,,Porto’s,municipality,present,plans,to,evolve,its,Urban,Platform,includes,a,first,deployment/prototype,by,the,end,of,2017.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 77 of 179

2.1.7.3! Northbound and Data Access APIs As,mentioned,above,,the,current,applications,and,core,IoT,backends,deployed,in,Porto,don’t,initially,cover, third, parties, direct, access, to, captured, IoT, data., This, is, why, Porto, doesn’t, currently, offer,specific,APIs,for,external,consumers,to,manage,IoT,data.,This,situation,will,change,with,the,evolution,of,Porto’s,IoT,architecture,and,IoT,deployments.,New,IoT,architecture’s,northbound,will,expose,data,through, FIWARE, NGSI, RESTful, API, specifications,, according, NGSI, context, data, models, and,formats., In, the, same, way,, Hadoop,, HBase,, Hive,, Spark, and, Cassandra, protocols, and, based,solutions,will,be,analysed,to,provide,end,users,and,stakeholders,with,Open,Data,access.,

2.1.7.4! Security and Privacy functionalities Regarding,authentication,and,authorisation,present,mechanisms,,each,current,solution,uses,its,own,implemented,protocol,,based,on,login/password,over,https,,authorization,token,or,access,using,a,VPN., For, next, Urban, Platform, version,, an, analysis, of, different, solutions/possibilities, for,Authentication,,Authorization,and,Accounting,using,OAuth/OAuth2,is,on$going,,considering,FIWARE,security,enablers,on,FIWARE,Secure,Catalogue,as,a,possible,solution.,

2.1.8! Santander EU$financed,project,SmartSantander,[106],has,been,a,key,milestone,that,enabled,a,wide,variety,of,research,lines,,thus,making,the,city,an,urban,laboratory,and,fostering,the,continuous,evolution,of,its,Smart, City, dimension, towards, the, improvement, of, the, quality, of, municipality, services, and, the,realignment,of, the,productive,model,around,technology,and,knowledge.,With, the,continuous,and,decisive,support,of,the,Municipality,,Santander,is,ready,to,deploy,the,smart,city,platform,aiming,at,providing,support, to,all, the,urban,services,running, in, the,city,as,well,as, to,store,and,expose, the,collected,data.,In,this,sense,,SynchroniCity,will,help,to,go,one,step,beyond,in,several,directions.,

Santander, Reference, Zone, integrates, assets, deployed, in, the, city, of, Santander, as, part, of, the,SmartSantander,initiative,and,also,datasets,published,in,“Datos,Abiertos,Santander”,[107].,To,this,end,, according, OASC, principles, and, SynchroniCity, objectives,, information, of, the, different, data,assets,will,be,integrated,within,a,single,local,IoT,core,based,on,FIWARE,architecture.,

At, the, bottom, level,, the, IoT, edge, will, inject, data, into, the, Santander, IoT, platform, using, NGSI,interfaces., Sensors, deployed, within, the, SmartSantander, IoT, facility, send, the, information, to, the,SmartSantander,platform,,where,specific,connectors,link,to,the,FIWARE,UltraLight,2.0,IoT,Agent,to,feed, data, to, the, FIWARE, core., For, other, data, sources, (e.g.,Municipality, CKAN, data), designed,procedures,consume,and,convert,data,sets,into,NGSI,context,data,and,integrates,those,using,NGSI,primitives,,therefore,achieving,a,unified,format.,

Within,the,Santander,RZ’s,IoT,platform,,context,information,is,managed,according,NGSI,standards,and,FIWARE,NGSIv2,data,models.,Publish/Subscribe,,assets,and,context,discovery,or,query/update,data, functionalities, are, supported, by, the, core, platform., To, create, historical, data,, the, FIWARE,Cygnus,and,STH,(Short,Term,Historics),components,are,used.,

On, the, top, of, the, Santander, architecture,, NGSI, RESTful, APIs, and, Cygnus, connectors, provide,different,accesses,to,IoT,collected,data,to,implement,city,services,or,third,party,apps.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 78 of 179

,

Figure,22:,Santander,RZ’s,IoT,architecture,

Coming, from, different, projects, and, IoT, initiatives,, Santander, RZ, currently, has, a, wide, and,heterogeneous,set,of,IoT,devices,supported,by,diverse,IoT,communication,technologies:,a,DigiMesh,(IEEE,802.15.4),network,connects,SmartSantander,legacy,IoT,sensors,to,gateways,,while,WiFi,and,Ethernet,access,points,connect,these,IoT,gateways,to,the,backbone.,Also,Mobile,networks,assist,,either,, IoT, nodes, or, gateways, to, reach, the, backbone, where, this, broadband, connectivity, is, not,available,or,not,supported,by,specific,nodes,(e.g.,nodes,installed,on,vehicles).,,,,

●, Real,time,information,of,available,parking,spots.,●, Traffic,cameras,in,the,city,providing,real,time,images,about,the,status,of,the,traffic.,●, Traffic,intensity,sensors,and,inductive,loops,(traffic,congestion),●, Indoor,parking.,●, Environmental, nodes, and, noise, meters., Both, fixed, and, mobile, nodes, measuring,

environmental,parameters.,●, Irrigation,sensors,(Parks,&,Gardens).,

In,addition,,the,diverse,Municipality,info,systems,enrich,available,information,providing:,●, Bus,lines,,routes,and,stops,,with,info,about,the,existing,buses,lines,in,the,city,,the,routes,of,

a,particular,line,or,related,to,next,buses,reaching,the,bus,stop,,including,the,distance,to,reach,the,bus,stop,as,well,as,the,estimated,time,of,arrival,for,the,first,and,second,bus,coming.,

●, Taxi,stops,that,provide,real,time,information,about,taxi,availability,in,each,particular,stop.,●, Bike,stops,,providing, information,about, the,number,of,available,public$hire,bikes,and,also,

the,number,of,places,to,return,such,bikes.,●, Bike,lanes.,A,set,of,assets,,including,polylines,that,represent,the,lanes,for,bikes,in,the,city,of,

Santander.,●, Pace,of,the,city,events,(reported,incidents,happening,in,the,city).,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 79 of 179

●, Shopping,information.,●, Information,of,the,beaches,in,the,city.,

A,new,LoRa,network,deployment,,managed,by,the,University,of,Cantabria,,will,also,provide,support,for,new,LoRa,devices,integration.,,

2.1.8.1! Southbound and Data IoT Interfaces Santander,RZ,relies,on,FIWARE,components,to,capture,data,from,the,IoT,edge.,Having,the,FIWARE,Orion,Context,Broker,as,one,of,its,main,building,blocks,,this,offers,a,NGSI,interface,to,collect,context,information, and, manage, IoT, devices., This, interface, provides, a, standard, tool, for, IoT, solutions,suppliers,to,design,and,implement,their,own,connectors,(IoT,Agents),or,select,one,of,the,already,available,ones,within,the,FIWARE,framework,(FIWARE,Backend,Device,Management,IDAS).,In,this,line,,Santander,RZ,is,currently,using:,

●, A,FIWARE,IoT,Agent,for,UL2.0,over,HTTP,protocol,,to,capture,data,from,SmartSantander,IoT,deployments.,

●, A,specific,IoT,Agent,,developed,and,implemented,by,the,University,of,Cantabria,,to,integrate,data,from,the,different,CKAN,municipality,information,sources.,,,,

2.1.8.2! Core IoT Architecture As,shown,in,Figure,22,,Santander’s,RZ,IoT,Core,is,built,by,the,FIWARE,Orion,Context,Broker.,This,instantiates,a,powerful,tool,to,manage,context,providers,and,context,information,based,on,the,NGSI9,and,NGSI10,interfaces,that,implements:,

●, Register,context,producer,applications,(e.g.,a,noise,sensor,located,in,the,street),●, Update,context,information,(e.g.,updates,of,measured,noise,level),●, Notify,when,changes,on,context,information,take,place,(Publish/Subscribe,tool),●, Query,context,information.,

Apart,from,Orion,Context,Broker,,Santander’s,core,also,provides,an,instance,of,Cygnus,connector,for,context,data,coming,from,Orion,Context,Broker,and,aimed,to,be,stored,in,a,specific,persistent,storage,, such, as, HDFS,, CKAN, or, MySQL,, plus, the, Short, Term, Historics, FIWARE, component,(Comet, [108]), able, to,manage, (storing, and, retrieving), historical, context, information, as, raw, and,aggregated,time,series.,

To,manage,context,data,,Santander,relies,on,FIWARE,NGSI,data,models,and,data,formats,(mainly,JSON,and,XML),, trying, to,apply,and, reuse,provided,schemas,and,definitions.,FIESTA, IoT, [109],concepts,and,UltraLight,2.0,protocol,are,used,to,provide,semantics.,

2.1.8.3! Northbound and Data Access APIs As, a, FIWARE, compliant, architecture,, Santander’s, northbound, is, based, on, NGSI, interfaces, to,provide,access,to,IoT,data,and,device,management.,This,access,can,potentially,be,used,to,design,and,develop,specific,access,points,to,IoT,deployments.,Currently,,Santander,RZ,provides,three,open,accesses,to,its,IoT,and,info,sources,catalogue:,

●, OrganiCity, RESTful, APIs, [110], with, the, catalogue, (among, other, cities), of, current, IoT,deployments,and,context,information,of,Santander,city.,Intended,for,experimentation,and,co$creation,processes.,

●, SmartSantander,RESTful,APIs,[111],including,access,to,SmartSantander,IoT,data,to,deploy,any,application,based,on,SmartSantander,Service,Experimentation,layer.,

●, Santander,Open,Data,Catalogue,,a,public,access,,using,different,protocols,and,formats,,to,get,all,public,information,available,about,the,city,,including,IoT,data,sources,,administrative,and,cultural,information.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 80 of 179

2.1.8.4! Security and Privacy functionalities In,terms,of,security,and,privacy,functionalities,,there,is,no,official,layer,implementation,to,be,offered.,Santander,RZ, implements,a,solution,based,on,FIWARE,Keyrock, IDM,and,Wilma,PEP, that,uses,OAuth,mechanisms,to,manage,the,access,to,resources.,These,building,blocks,are,used,in,some,of,the,current,Santander,initiatives,,like,Festival,[112],or,SocIoTal,[113].,

OrganiCity,implements,also,an,OAuth/OAuth2.0,based,access,control,using,Keycloack,[114].,,,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 81 of 179

,

2.1.9! Overall Reference Zone technical comparison Table,16,and,Table,17,summarise,the,overall,analysis,done,of,the,different,RZ,IoT,architectures,and,deployments,,pointing,out,what,do,they,currently,have,deployed,(black,text),and,what,do,they,plan,to,deploy,in,short,term,(written,in,blue),,making,it,also,available,for,SynchroniCity,exploitation.,

,,

,

Table,16:,Comparison,among,SynchroniCity,RZs,–,part,1,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 82 of 179

,

Table,17:,Comparison,among,SynchroniCity,RZs,–,part,2,

From,the,comparison,among,SynchroniCity,RZs,also,shown,in,the,above,tables,,can,be,extracted:,,,,,●, IoT! deployments! and! communication! technologies., As, it, is, set, on, the, requirements,,

SynchroniCity, architecture, will, support, the, integration, of, the, different, IoT, communication,infrastructures,used,in,current,and,incoming,IoT,deployments,,for,Reference,zones,involved,in,the,project,and,for,future,new,cities,joining,this,initiative,,what,means,support,for,existing,and,emerging, IoT,communication,protocols,and, technologies.,The,analysed,RZs,present,several,of,these,technologies,but,most,of,current,IoT,deployments,are,supported,by,Mobile,communications,(GPRS,$2G$,,3G,and,LTE,$4G$),,mainly,for,proprietary,developments,and,WiFi,,where,an,open,WiFi,is,offered.,Cities,such,Santander,also,use,a,DigiMesh,IoT,network,(based,on,IEEE,802.15.4)m,Sigfox,in,Antwerp,or,LoRa,WAN,in,Carouge,and,Manchester,are,already,present.,Besides,this,,almost,all,cities,are,planning,or,currently,evaluating,a,LoRa,WAN,infrastructure,as,a,common,IoT,technology,to,integrate,currently,available,and,new,IoT,data, sources., Emerging, technologies, like, ITS$G5, for, WiFi, connectivity, in, vehicles, in,Eindhoven,or,Ultra,Narrow,Band,in,Manchester,are,being,analysed.,,,,,

●, Southbound! and! Northbound! interfaces., Most, of, the, RZs, are, already, implementing,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 83 of 179

evaluating, or, moving, towards, a, NGSI$based, core, architecture., This, means, the, use, of,NGSI9/10,interfaces,to,collect,data,from,IoT,deployments,(IoT,edge),on,the,southbound,and,to,provide,query/retrieve,,publish/subscribe,and,discovery,mechanisms,on,the,northbound,tier., Also, downlink, communications, are, supported, in, order, to, enable, commands, and,management, functionalities.,This,also,drives, to,an, IoT,architecture,backbone,based,on,a,Context,Manager/Broker,component,that,fully,supports,NGSI,messaging.,On,the,other,hand,,Helsinki, uses, O$MI/O$DF, IoT, messaging, standards,, from, “The, Open, Group”,, and,Manchester,is,using,,Hypercat,and,defining,a,Programmable,City,Interface.,,

●, Data!management.,In,terms,of,data,management,,although,the,FIWARE,data,models,seem,to,be,a,serious,candidate,to,represent,city,information,,there,is,still,a,wide,set,of,proprietary,schemas, plus, other, standards, used,, like, the, Open, Data, Format, (O$DF), in, Helsinki, or,Hypercat,in,Manchester.,CKAN,based,Open,Data,Portals,are,also,present,in,most,of,the,RZs,to,provide,an,open,access,to,city,data,for,citizens,and,end,users.,

●, Security! &! Privacy., Covering, required, solutions, for, Authentication,, Authorisation, and,Accounting,,this,is,the,less,developed,tier,among,RZs.,Each,existing,IoT,implements,their,own,solution,,supporting,different,security,and,privacy,levels.,Apart,from,this,,OAuth/OAuth2,is, the, standard, used, for, authorization, and, some, RZs,, such, Carouge,, Eindhoven, or,Santander,,are,currently,analysing,FIWARE,security,enablers,to,provide,security,and,privacy,features.,

2.2! SynchroniCity Platform requirements This,section,presents,the,system,,data,management,,service,,security,and,privacy,requirements,of,the,SynchroniCity,platform,that,will,drive,the,design,of,its,architecture,and,support,the,development,of,the,digital,single,market.,The,requirements,have,been,derived,by,combining,a,set,of,requirements,,principles,and,guidelines,for,the,initial,SynchroniCity,high$level,architecture,captured,in,Deliverable,D1.3,,data,protection,and,privacy,concerns,highlighted,in,Deliverable,D1.4,[115],,a,set,of,considerations,elaborated,from,the,analysis,of, relevant,standards,and,technologies,(see,Sec.1),,and,a,set,of, requirements,emerged,from,the,reference,zone,technical,baseline,analysis,(see,Sec.2.1).,More,specifically,,a,set,of,generic,architectural, system, requirements, highlights, the, importance, of, being, prepared, to, technological,changes,by,having,an,agile,system,able,to,be,adapted,and,transformed,to,accommodate,multiple,emerging,standards,in,an,efficient,way.,Data,management,and,service,requirements,primarily,focus,on,addressing,the,use,cases,needs,related,to,cities,,marketplace,providers,,IoT,device,operators,,service, component, providers,, data, providers,, data, consumers,, infrastructure, providers, and,citizen/end,users.,Finally,,a,set,of,security,and,privacy, requirements, tackle,measures, in,order, to,achieve,a,security,protection,compliant,with,data,protection,regulations,(e.g.,,GDPR).,For,a,more,detailed,description,of,each,requirement,we,suggest,the,reader,to,refer,to,section,Appendix,1.,It, is, important, to, highlight, that, the, following, requirements, are, related, to, the, SynchroniCity, core,services,and,not,to,the,pilot,applications,that,will,be,defined,and,implemented,in,WP3.,

2.2.1! Architectural system requirements

2.2.1.1! Decoupled & distributed components

The,increasing,investment,in,IoT,technology,results,in,a,fast,and,dynamic,advancement,of,solutions,available,in,the,market.,Current,IoT,technologies,can,quickly,become,old,and,be,replaced,by,better,candidates.,For,this,reason,,the,system,should,support,deployment,through,modular,approach,,thus,every,component,can,be,replaced,easily,and,with,a,very,limited,impact,on,other,components,and,infrastructure.,This,in,turn,,will,increase,the,chances,of,services,being,adopted,by,cities,by,reducing,the, risk, associated, with, deployment, while, also, improving, the, development, lifecycle., Moreover,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 84 of 179

designing,distributed,components,makes,sure,that,they,can,run,on,different,machines,thus,easily,scaling,up,the,running,environment,of,a,component.,,

2.2.1.2! Interoperability & Openness

Resulting,from,a,decoupled,and,distributed,architecture,, the,system,must,use,as,many,publically,accepted,standards,as,possible,for,communication,and,exchanging,datam,e.g.,,gateways,and,APIs,might,act,as,glue,between, those,architectural, components.,Examples,of,open,standards,can,be,XML,, JSON,, SOAP, or, REST., The, data, and, information, in, the, platform, must, be, provided, and,consumed,by,open,protocols,,standard,technologies,and,clear,agreements,,so,new,components,can,easily, access, information., This, also, means, that, the, APIs, should, be, easily, discovered, and,understood,so,that,new,application,integrators,can,easily,use,them.,

2.2.1.3! Scalability

The,systems,can,be,expanded,when,we,foresee,more,users,of,“things”,and/or,streams,of,data.,In,this,horizontal,scaling,other,nodes,could,be,added,,where,copies,of,the,software,will,run,on,,ideally,in,a,dynamic, fashion,so, that,nodes,are,added,automatically,when, the,need,arises.,Alternatively,,more, resources, (e.g.,,CPU,,disk,space,or,memory),can,be,added, to, the,same,node,so, that, the,software,can,use,more,resources.,With,this,vertical,approach,the,system,can,store,more,data,or,have,more,memory,to,perform,advanced,computing.,,

2.2.1.4! Legacy Compatibility & heterogeneous landscape

In,order,to,cope,with,the,dynamic,technological,change,,the,architecture,must,be,able,to,support,both,new,and,legacy,components,,while,handling,different,versions,of,the,components.,Cities,need,to,maximize, the,use,of, legacy,wired/wireless, infrastructuresm, thus, the,system,has, to,support, IoT,based,services,by,efficiently,(re)using,already,available,assets.,Clearly,,understanding,the,protocols,used, by, the, different, RZs, is, a, necessity,, and, the, impact, of, adding, new, protocols, needs, to, be,minimized.,The,system,has,to,allow,to,access,and,manage,heterogeneous,devices,through,a,single,common,framework.,It,must,offer,a,uniform,way,to,access,to,the,different,devices,accessible,on,the,marketplace,in,order,to,overcome,interoperability,problems,and,reduce,the,friction,in,dealing,with,heterogeneous,technologies.,,

2.2.1.5! Resilience to failure & Robustness

The,architecture,must, be, resilient, to, failure.,Taking, into,account, that, components,might, fail, and,communications,be,affected,,it,should,provide,a,self$healing,system,,including,redundant,links,that,cover,breakdowns.,We,should,consider,that,most,of,the,IoT,technologies,have,not,yet,reached,a,maturity,level,free,from,issues.,Moreover,,the,interaction,among,many,different,types,of,components,(e.g.,,sensors,,network,,wireless,technology,,data,store,,servers),from,different,actors,could,generate,problems.,

2.2.1.6! Performance

The,system,should,guarantee,a, real$time,user,experience.,Users,should,be,able, to, responsively,interact,with,the,system,,discovering,new,available,assets,at,run,time.,The,system,should,support,assets,availability,and,fruition,in,compliance,with,their,SLA.,Moreover,,a,continuous,integration,and,delivery,possible,for,each,element,in,the,architecture,,automated,testing,to,reduce,regression,and,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 85 of 179

guarantee, quality, should, support, the, system, to, be, 24/7, operational, and, has, a, close, to, zero,maintenance,windows,(software,upgrades,,firmware,upgrades).,,

2.2.1.7! Feedback and Monitoring

Feedback,,rating,and,reputation,mechanisms,are,useful,in,order,to,provide,a,source,of,suggestions,to,improve,data,,services,and,applications,deployed,within,the,city,,to,facilitate,the,asset,selection,by,the,end,users,,and,to,build,a,reputation,for,the,providers,which,can,be,exploited,among,different,city,marketplaces.,Thus,,the,system,has,to,provide,a,user,feedback,management,for,the,different,assets,published,on, the,marketplace,,able, to,describe, improvements,and/or,use,experience,and,rate, their, quality., Moreover,, the, system, has, to, provide, advanced, usage, monitoring, functions,necessary, in, order, to, enable, other, services, (e.g.,, usage, statistics,, revenue, models,, technical,management).,

2.2.1.8! Communication

Communication, in, IoT,can,happen,between,the,sensor/actuator,and,the,gateway,or,between,the,gateway,towards,the,platform,or,in,some,case,(e.g.,,NB$IoT,,LTE,,etc.),directly,from,sensor/actuator,to, the, platform., Communication, with, the, sensor, to, the, gateway, (when, wireless), is, possible, in,numerous,ways.,At,this,moment,,a,variety,of,standards,are,available,,thus,,the,platform,should,be,able, to,handle,different,protocols, (e.g.,, LoRa,,802.15.4,,NB$IoT,,WiFi,, LTE,,GPRS,,etc.), and,be,flexible,to,incorporate,future,changes.,When,new,components,are,selected,,they,should,comply,with,communication,patterns,such,as:,1)Telemetry!where,communication,flow,is,one$way,from,IoT,device,to, gatewaym, 2), Inquiries,, where, requests, from, devices, looking, to, gather, required, information, or,asking,to,initiate,activities,,for,example,devices,having,their,own,business,logic,need,input,from,a,central,serverm,3),Commands,,were,system,provide,execution,commands, to,a,device,or,a,set,of,devices,to,perform,specific,activitiesm%4)%Notifications!where,information,flows,from,other,systems,to,a,device,or,a,group,of,devices,by!sending,a,broadcast,message,such,as%a%timeZsync%message.%%

,Table 18,summarizes,the,architectural,system,requirements,by,listing,for,each,requirement,its,identifier,,title,,category,and,type,(e.g.,,functional,,non$functional): ,

ID, Title, Category, Type,

SR$MODULARITY$01,

Container,technology, Decoupled,&,distributed,components,

Non$Functional,

SR$INT$OPEN$01, Use,of,publically,accepted,and,open,standards,

Interoperability, &,Openness,

Non$Functional,

SR$SCALABILITY$01,

Horizontal,and,vertical,scaling, Scalability, Non$Functional,

SR$LEGACY$01, Flexible,support,of,new,and,legacy,components,

Legacy, Compatibility,&, heterogeneous,landscape,

Non$Functional,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 86 of 179

SR$LEGACY$02, IoT,Devices,management, Legacy, Compatibility,&, heterogeneous,landscape,

Functional,

SR$ROBUSTNESS$01,

Self$healing,and,robust,system, Resilience,to,failure,&,Robustness,

Non$Functional,

SR$PERF$01, Real$time,user,experience, Performance, Non$Functional,

SR$PERF$02, Operational, Performance, Non$Functional,

SR$FEEDBACK$01, User,Feedback,collection, Feedback,and,monitoring,,

Functional,

SR$MONITORING$01,

Data,usage,monitoring, Feedback,and,monitoring,,

Functional,

SR$COMM$01, IoT,communication,patterns, Communication, Non$Functional,

SR$COMM$02, IoT,integration, Communication, Non$Functional,

Table,18:,Architectural,system,requirements,

,

2.2.2! Architectural data management and service requirements

2.2.2.1! Data Management APIs

Access, and, consumption, of, data,, applications, and, services, through, standard, and, open, APIs,facilitate, the, reuse, of, solutions, thus, avoiding, vendor, lock$in., Moreover,, by, providing, data,publish/subscribe,functionality,the,process,to,send,and,receive,data,in,the,system,can,be,simplified,and, improved., The, system, should, provide, a, set, of, standard, and, open, APIs, to, support, data,publish/subscribe,, track,changes,and,version,update,and,notification,and,asset, search, functions,among,others,capabilities.,As,a,result,,the,system,will,be,able,to,avoid,problems,and,inconsistencies,in,the,access,to,the,resources,,while,simplifying,the,access,to,the,APIs,in,the,marketplace.,,,

2.2.2.2! Data Storage Management

The,architecture,should,address, the,storage,of,data, from,both,platform,and,usage,perspectives.,From,a,platform,point,of,view,,data,could,be,stored,into,a,locally,owned,system,,in,a,cloud,service,or,in,a,hybrid,system.,Several,factors,can,drive,the,decision,of,where,to,store,data.,For,instance,,data, embedding, sensitive, information, may, mandate, for, locally, owned, system, in, order, to, be,compliant,with,data,protection,and,privacy,regulations.,On,the,other,hand,,whenever,there,are,no,restrictions,on,the,physical,data,storage,location,and,depending,on,the,expected,amount,of,data,,cloud,service,can,be,considered,a,flexible,and,viable,solution.,In,this,latter,case,the,system,should,take,into,account,the,latency,of,the,network.,A,hybrid,between,both,solutions,where,some,data,will,be,saved,in,locally,owned,systems,and,some,data,in,cloud,services,could,be,also,possible.,From,a,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 87 of 179

usage,perspective,,applications,and,services,may,require,to,process,data,in,various,formats.,For,instance,, structured, data, carries, specific, information, that, may, fulfil, the, immediate, needs, of, an,application,or,a,service,,whereas, raw,data,can,embed, information, that,may,be,used, in, the,near,future., Thus,, the, architecture, should, take, into, account, different, data, format,, providing, storage,support,for,both,unstructured,(e.g.,,raw,data),and,structured,data.,In,order,to,guarantee,that,data,access, is,performed, in,accordance,with, their, license,,policies,of,distribution,and/or,charging,, the,system,should,support,different,data,categories,based,on,restriction,of,their,usage,such,as,public,or,open,data,,private,data,and,commercial,data.,

2.2.2.3! Data Models

The,adoption,of,standard,and,open,data,models,facilitates,the,reuse,of,assets,and,solutions,avoiding,vendor, lock$in., The, system, has, to, support, open, and, standard, data, models, and, metadata, by,providing, pre$built, taxonomies, to, describe, assets, (e.g.,, data,, services,, applications,, devices), to,simplify,the,definition,of,the,assets,description,and,to,allow,reuse,of,existing,data,models.,,

2.2.2.4! Marketplace

The,architecture,has, to,provide,a,marketplace, in,which,assets,can,be,exchanged,among,users.,Marketplace,providers,can,define,different,governance,policies.,The,system,should,thus,support,a,fine,grained,management, in, terms,of,validation,procedures, to,be, followed,, in,order, to,publish,or,request, assets, in, the,marketplace,, access, policies,, business,models, and, federation, capabilities,among, other, cities,marketplace, thus, enabling, a, single, digital, marketplace., Quality, of, published,resources,and,providers,(e.g.,,in,terms,of,documentation,,availability,,completeness,and,reputation),as,well,as,easy,asset,(e.g.,,data,,services,,applications),discovery,should,be,supported,to,facilitate,better,interaction,between,consumers,and,providers.,Cities,need,to,know,if,a,solution,,developed,for,another,city/domain,,can,be,adopted/reused,quickly,and,without,much,customization,efforts,, thus,the,system,should,provide,a,set,of,SynchroniCity,compliance,policies,for,the,developed,solutions,and,has,to,be,able,to,validate,them,inside,the,marketplace.,Ultimately,,as,cities,consider,citizens’,trust, as, a, key, success, factor,, the, system, should, provide, tools, that, foster, transparency, of, city,operation,,by,publishing,availability,of,services,,decision,making,and,on,the,definition,of,purpose,and,restriction,regarding,IoT,data,collection.,,

2.2.2.5! License

To,support,a,dynamic,ecosystem,in,which,providers,can,establish,various,business,models,the,system,should,provide,data,license,templates,that,can,be,easily,customized,to,an,intended,business,model.,On,the,other,hand,,in,order,to,facilitate,the,publication,process,,providers,should,be,able,to,use,standard,licenses,(e.g.,,GPL,,Apache,,Creative,Commons),thus,the,system,should,allow,the,reuse,of,existing,models,and,predefined,usage,licenses.,,

2.2.2.6! SLA

Many,different,stakeholders,are,part,of,the,digital,single,market,and,different,level,of,services,may,be,required.,The,system,should,allow,to,define,and,manage,extensible,SLA,for,data,access,as,well,as,provide,common,metadata,to,define,SLA,so,that,the,management,and,the,comprehension,of,the,SLA,descriptions,can,be,simplified.,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 88 of 179

Table,19,summarizes,the,Data,Management,and,Service,requirements,by,listing,for,each,requirement,its,identifier,,title,,category,and,type,(e.g.,,functional,,non$functional): ,

ID, TITLE, CATEGORY, TYPE,

SR$API$01, Standard,and,Open,API, Data,Management,APIs,

Non$Functional,

SR$API$02, Publish/subscribe,data,channels,

Data,Management,APIs,

Functional,

SR$API$03, Asset,version,management, Data,Management,APIs,

Functional,

SR$API$04, Resources,status,notification, Data,Management,APIs,

Functional,

SR$API$05, Lookup,asset, Data,Management,APIs,

Functional,

SR$API$06, The, system, has, to, allow, to,access/consume, data, through,RESTful,API,

Data,Management,APIs,

Functional,

SR$POLICY$01, Data,and,service,access,policy, Data,Management,APIs,

Functional,

SR$STORAGE$01, Physical,data,storage,location, Data,Storage,Management,

Non$Functional,

SR$STORAGE$02, Categorization, Data,Storage,Management,

Non$Functional,

SR$LICENSE$01, Data,licenses,definition, Licence, Functional,

SR$LICENSE$02, Customisable,Licenses, Licence, Functional,

SR$LICENSE$03, Pre$built,Licenses,, Licence, Functional,

SR$SLA$01, SLA,management, SLA, Functional,

SR$SLA$02, SLA,common,metadata, SLA, Functional,

SR$MODELS$01, Asset,description,taxonomies, Models, Functional,

SR$MODELS$02, Standard,and,open,data,models, Models, Non$Functional,

SR$MKTPLACE$01, Marketplace,access, Marketplace, Functional,

SR$MKTPLACE$02, Asset,publication,procedure, Marketplace, Functional,

SR$MKTPLACE$03, Flexible, revenue, and, pricing,models,

Marketplace, Functional,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 89 of 179

SR$MKTPLACE$04, Asset,catalogue, Marketplace, Functional,

SR$MKTPLACE$05, SynchroniCity,compliance,policy,validation,

Marketplace, Functional,

SR$MKTPLACE$06, Asset,request,procedure, Marketplace, Functional,

SR$MKTPLACE$07, Marketplace,transparency, Marketplace, Non$Functional,

SR$MKTPLACE$08, Marketplace,peering, Marketplace, Functional,

Table,19:,Data,Management,and,Service,requirements,

2.2.3! Architectural security and privacy requirements

2.2.3.1! Platform security

Data,and,services,can,have,different,security,requirements,based,on,their,scope.,The,platform,which,is,going, to,support, the,services,of, the,city,should,provide, flexible,security,capabilities, in,order, to,accommodate,the,different,needs,of,specific,target,scenarios,,by,providing,support,for,confidentiality,,integrity,,authentication,,authorisation,,immutability,,trust,and,non$repudiation,when,needed.,,

2.2.3.2! Data protection and privacy The,system,should,use,encryption,and,technology,to,authenticate,and,secure,data,in,transit,as,well,as,mitigating,the,risk,of,data,theft,by,encrypting,physical,storage/media,to,protect,data,at,rest.,It,is,necessary,to,provide,systems,for,monitoring,against,any,attacks,and,if,a,breach,occurs,(e.g.,data,are,accessed,by,unauthorized,entities), the,system,should,be,able, to,properly, react,with,defined,procedures.,,As,data,providers,have,the,need,to,restrict,the,access,of,data,source(s),to,third,parties,,the,system,has,to,allow,to,define,and,manage,policies,for,data,and,service,access,control.,Both,the,data,provider,and,the,data,consumer,must,comply,with,the,privacy,and,data,protection,policy,, thus,the,system,should, provide, procedures, and, guidelines, in, order, to, ensure, compliance, with, respect, to, data,protection,rules.,In,addition,,the,system,should,provide,both,data,anonymization,and,aggregation,functions,in,order,to,delete,personal,or,restricted,information,coming,from,the,data,sources,as,well,as,functionalities,to,allow,the,end,user,to,control,his,own,personal,data,defining,who,and,how,can,access,to,it.,,,

2.2.3.3! IoT infrastructure security

The,huge,heterogeneity,in,the,IoT,devices,capability,(in,terms,of,memory,,computational,,or,energy,requirements), plays, against, the, identification, of, a, “unique”, or, “common”, security, solution, set,,whereas,they,call,for,a,large,spectrum,of,security,level,versus,resource,consumption,trade$offs.,,In,order,to,support,both,new,and,legacy,IoT,devices,,the,system,should,provide,end$to$end,security,at,the,API,level,rather,than,supporting,and,coping,with,how,different,solutions,(e.g.,,LoRa,,802.15.4,,NB$IoT,,WiFi,,LTE,,GPRS,,etc.),handle,security,measures,such,as,key,management,,authentication,,integrity,and,confidentiality.,More,specifically,,the,system,should,define,adaptation,policies,of,these,mechanisms,in,the,boundary,points,while,assuring,that,security,remains,independent,from,low,level,IoT,components.,%

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 90 of 179

The,following,tables,summarize,the,SynchroniCity,platform,requirements,,describing,for,each,requirement,its,unique,identifier,(ID),,title,,high,level,category,and,typology,of,the,requirement,(e.g.,,Functional:,it,is,a,requirement,that,expresses,a,functionality,of,the,platform,that,will,be,directly,used,by,a,user,(human,or,external,system)m,Non$Functional:,this,type,of,requirement,is,related,with,platform,features,that,are,not,specific,behaviours,or,functions,,such,as,performance,,security,and,interoperability).,In,the,appendix,,is,presented,,for,each,requirement,,a,more,detailed,description.,,Table,20,summarizes,the,Security,and,Privacy,requirements,by,listing,for,each,requirement,its,identifier,,title,,category,and,type,(e.g.,,functional,,non$functional):,,

ID, TITLE, CATEGORY, TYPE,

SR$PRIVACY$01, Privacy,policies,guidelines, Data, protection, and,Privacy,

Functional,

SR$PRIVACY$02, Data,protection, Data, protection, and,Privacy,

Non$Functional,

SR$PRIVACY$03, Anonymization, Data, protection, and,Privacy,

Non$Functional,

SR$PRIVACY$04, Personal,Data,usage, Data, protection, and,Privacy,

Functional,

SR$SECURITY$01, End$to$end,secure,communication,

IoT,infrastructure, Non$Functional,

SR$SECURITY$02, IoT,adaptation,policies, IoT,infrastructure, Non$Functional,

SR$SECURITY$03, Access,policy, Platform, Functional,

SR$SECURITY$04, Flexible,security,capabilities, Platform, Non$Functional,

Table,20:,Security,and,Privacy,requirements,

,,

,,,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 91 of 179

3! Logical reference architecture This, chapter, describes, the, logical, architecture, of, the, SynchroniCity, platform., It, defines, logical,components,that,address,the,requirements,described,in,section,2,highlighting,in,more,detail, their,functionalities, and, relationships., The, last, part, of, the, chapter, is, focused, on, the, concept, of,interoperability,points,,the,main,set,of,(logical),interfaces,that,have,to,be,implemented,by,the,different,Reference,Zones,,in,order,to,be,compliant,with,the,SynchroniCity,framework,and,to,benefit,from,its,functionalities.%

3.1! Architecture overview This, chapter, will, introduce, the, logical, components, of, SynchroniCity, IoT, Enabled, Smart, Cities,reference,architecture.,The,main,aim,of,this,architecture,is,to,define,a,set,of,logical,components,and,functionalities, that, can, enable, different, cities, to, be, actively, part, of, IoT,Smart,City,Digital, Single,Market.,The,reference,architecture, that,will,be,presented, in, the,next,sections, is, the,outcomes,of,different,inputs,and,analysis,included,here,and,in,other,SynchroniCity,project,documents.,,

,•, Architecture!guidelines!and!use!case!analysis:, deliverable,D1.3,described,a,series,of,

guidelines, and, use, cases, related, to, SynchroniCity, platform, scenarios., The, resulting,requirements,identified,in,this,document,can,be,consider,the,first,input,taken,in,consideration,to,define,the,logical,components.,The,list,of,requirements,,initially,identified,in,D1.3,,has,been,further,improved,in,this,deliverable,(see,section,2.2),taking,in,consideration,the,ones,arisen,by,the,analysis,of,RZs,infrastructure,and,new,needs,elicited,through,related,discussion,with,cities,responsible.,Every,architectural,component,has,a,direct,relationship,with,one,or,more,requirements,that,is,explicitly,indicated,in,its,description.,

,•, Reference!zones!compliance:,Section,2,analysed, the,current,Reference,Zone, technical,

architectures,and,infrastructure,,matching,every,single,city,asset,to,specific,logical,layer.,The,SynchroniCity,reference,architecture,recalls,the,same,proposed,layered,approach,stressing,the, aspects, of, southbound, integration,, context, management,, security, and, privacy, and,northbound,API.,These,main, layers,, further,extended, in, the,global, reference,architecture,picture,, can,be,considered, the,central, pillars,of,all, the,RZs, IoT,architectures,and, for, this,reason,are,directly,reflected,into,the,SynchroniCity,one.,

,•, Reuse!of!existent!approaches:,Section,1,includes,a,high$level,analysis,of,the,most,relevant,

standard,and,initiatives,in,the,field,of,IoT,and,Smart,City,platforms.,The,outcome,of,this,study,showed,some,similarities,,among,the,heterogeneous,projects,,in,terms,of,technologies,but,also,functionalities,provided,and,architectural,layers.,The,SynchroniCity,logical,components,try,to,cover,the,most,common,relevant,functionalities,identified,,maintaining,a,very,generic,approach,that,will,allow,the,RZ,to,implement,the,architectural,blocks,in,different,ways,reusing,existent,assets,and,approaches.,

,•, OASC! principles:, the, architecture, has, been, designed, following, the, OASC, initiative,

principles:,

,o, a, common, standard, API, for, context, information, management:, the, context, data,

manager,(Context,Data,Broker),is,a,key,component,of,the,SynchroniCity,architecture,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 92 of 179

and, the, implementation, of, its, API, (compliant, with, NGSI, API), is, considered, an,“interoperability, point”, (see, section, 3.4), to, enable, cities, to, participate, to, the,SynchroniCity,platform.,

o, a,common,set,of,information,models:,semantic,interoperability,achieved,through,the,adoption, of, common, data, models, is, introduced, in, the, architecture, as, a, basic,requirement,to,enable,re$use,of,applications,in,different,cities,and,domains.,

o, a,set,of,common,standards,data,publication,platforms:,the,role,of,data,its,crucial,in,SynchroniCity, for, this, reason, the, reference, architecture, includes, specific, data,management, components, that,aim, to,provide,, through,standard, interfaces,,all, the,functionalities,related,to,data,life,cycle,management.,

,

The,SynchroniCity, logical, reference,architecture,,depicted, in, the,Figure,23, is, the,composition,of,different,logical,modules,that,are,summarized,below:,,

•, Context!Data!Management:, it,manages,the,context, information,coming,from,IoT,devices,and, other, public, and, private, data, sources,, providing, a, uniform, approach, and, interface.,Context, information, contains, status, information, about, real, world, entities, defined, in, a,structured,way.,CDM,provides,functionalities,to,enable,access,to,different,data,sources,and,analyse,context,information,,e.g.,for,detecting,events.%

•, IoT!Management,is,the,module,responsible,to,interact,,through,specific,IoT,Agents,,with,the,devices,that,use,different,standards,or,protocols,,making,them,compatible,and,available,to,the,SynchroniCity,platformm,,

•, Data!Storage!Management, provides, functionalities, related, to, the,data, storage,and,data,security,and,quality,in,the,specific,context,of,IoT,systems,and,smart,city,platform,interacting,with,heterogeneous,sources.,,

•, Marketplace!and!Asset!Management,supports,business,interactions,between,suppliers,of,the, valuable, digital, assets, (i.e., IoT, data, or, services), that, are, part, of, the, SynchroniCity,ecosystem,and,consumers.,It,will,implement,a,hub,to,enable,digital,data,exchange,for,urban,data,and, IoT,capabilities,providing, features, in,order, to,manage,asset,catalogues,,orders,,revenue, management., These, functions, will, support, the, creation, of, innovative, business,models.,

•, Security,!Privacy!and!Governance:,this,module,covers,all,the,security,aspects,related,to,three,main, pillars:, data,, IoT, infrastructure, and, the, platform, services,, which, underpin, the,applications,and,services,of,the,cities.,Around,these,pillars,,security,functionalities,provide,crucial,security,properties,such,as,confidentiality,,authentication,,authorization,,integrity,,non$repudiation,,access,control,,etc.,

•, Monitoring! and! Platform! management! services:, it, provides, functionalities, to, manage,platform,configuration,and,to,monitor,activities,of,the,platform,services.,It,supports,specific,KPI, definition, to, evaluate, the, status, of, the, platform, in, relation, to, different, aspects, (e.g.,performance,,usage,,reliability,,quality,of,service,etc.),

Figure,23,shows,also,two,other,layers,connected,with,the,overall,platform:,

•, Southbound! uniform! interfaces:, represents, the, set, of, uniform, interfaces, defined, by,SynchroniCity,used,to,connect,the,overall,platform,to,heterogeneous,data,sources,and,IoT,devices., This, represents, one, of, the, relevant, “interoperability, points”, that, should, be,implemented,by,the,Reference,Zones,to,be,part,of,the,SynchroniCity,ecosystem,

•, Northbound!uniform!interfaces:! is, the,set,of,uniform,APIs, that,provides,all, the,platform,functionalities,that,will,be,used,by,the,final,Smart,city,end$users,applications.,Also,this,layer,can, be, considered, an, interoperability, point,, because, it, is, the, main, way,, for, external,applications,,to,interact,with,the,platform,and,to,be,part,of,the,digital,single,market,that,will,be,technically,enabled,by,SynchroniCity.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 93 of 179

,

,

Figure,23:,SynchroniCity,Reference,Architecture,

,

,

3.2! Components description The,architectural,components,above,mentioned,will,be,described,in,details,in,the,following,sections.,,

3.2.1! Context Data Management Context,Data,Management,(CDM),is,the,component,in,charge,of,managing,context,information,at,large,scale,coming,from,IoT,devices,and,other,public,and,private,data,sources,,providing,a,uniform,approach,and,interface.,This,component,plays,a,central,role,in,the,architecture,as,it,represents,a,middleware,that,makes,data,from,different,data,providers,accessible,to,data,consumers.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 94 of 179

Context, information, are, intended, as, structured, data, that, contains, status, information, of, context,entities,and,their,related,attributes,and,metadata.,A,context,entity,can,represent,everything,in,the,real, worldm, for, instance,, users,, places,, devices, that, can, be, abstracted, and, represented, using, a,common,data,model.,CDM,provides,functionalities,to,discover,and,register,the,context,sources,,in,order,to,establish,which,context,information,is,available,and,usable,in,the,ecosystem.,

CDM,offers,different,ways,to,interact,with,data,sources,and,external,applications,by,implementing,read,and,write,access,for,context,information.,More,specifically,,for,an,application,that,plays,a,role,of,context,data,consumer,,CDM,implements,a,query,mechanism,,which,allows,building,simple,or,complex, queries,, and, a, subscription, mechanism, to, receive, notifications, when, specific, data, is,updated.,At, the, same, time,an,application, could,act, on, context, data, sources,, playing, the, role,of,context,data,producer,,because,CDM,provides,functionalities,to,update,context,information,changing,attributes,value,of,the,entities.,,,

CDM,can,support,real$time,event,processing,of,context,events,by,analysing,event,streamsm,in,this,case,CDM,analyses,context,information,,consuming,data,as,input,events,,in,order,to,identify,specific,patterns, and, triggering, related, actions, to, generate, responses, to, changing, conditions., These,responses,can,be,considered,output,events,that,CDM,will,use,to,dispatch,commands,and,update,context,information.,

CDM,exposes,as,interface,a,set,of,APIs,to,provide,access,to,all,the,functionalities,to,manage,context,information., These, APIs, define, operations, and, data, structures, to, enable, communication, and,exchanging, of, information, between, CDM, and, the, other, architectural, components., CDM, also,provides,additional,features,to,adapt,existing,or,legacy,context,data,models,to,a,set,of,common,data,models, aligned, with, data, structure, defined, by, APIs,, but, enriched, with, specific, attributes, and,metadata.,

To,enable,data,storing,CDM,provides,connections, to, third$party, storage,solutions.,Data,Storage,Management,functional,block,allows,view,of,context,historical,data.,

Context,Data,Management,is,composed,by,the,following,functional,modules,,described,in,details,in,the,next,tables:,

•, Context,Data,Broker,,•, Context,Event,Processing,•, Common,Data,Models,Adapter,•, Data,Connector,

,

Module,Name, Context!Data!Broker!

Module,Description,

Context, Data, Broker, (CDB), enables, discovering,, gathering, and,publishing, of, context, information, through, APIs., CB,, through, its,standard, interface,, makes, available, the, context, information,regardless,data,source,and,using,different,type,of,interactions.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 95 of 179

Main,Functionalities,

●, Context% Availability:, represents, the, operations, to, identify,which,context,data,sources,are,connected,to,SynchroniCity,platform.,

,●, Query% and% Subscription:, represents, the, synchronous, and,

asynchronous, interactions, with, context, data, source.,Synchronous, interactions, are, performed, using, a, query,mechanism, to, obtain, context, informationm, the, component,allows, building, powerful, queries,, using, different, types, of,filters,, in, order, to, retrieve, information, with, high, level, of,precision., The, asynchronous, interaction, is, performed, by,publish$subscribe, mechanism:, a, notification, is, generated,when,published,data,meets,the,subscription,conditionsm,this,feature, is, really, useful, to, avoid, the, implementation, of, a,polling,process,on,data,sources,of, interest,,allowing, to,be,notified,when,the,context,information,changes.,

,●, Command% Dispatcher:% through, this, function, the, Context,

Data,Broker,acts,as,an,input,channel,for,an,IoT,device,that,is,able,to,receive,commands,from,external,system.,

Requirements,Mapping,

SR$API$01,

SR$API$02,

SR$API$06,

SR$INT$OPEN$01,

SR$PERF$02,

SR$ROBUSTNESS$01,

SR$SCALABILITY$01,

,

Interaction,with,other,modules,

This,module,interacts,with:,●, Context%Event%Processing,,exchanging,the,context,

information,to,detect,specific,events,and,managing,the,corresponding,actions.,

●, Common%Data%Models%Adapter,%exchanging,the,context,information,to,obtain,a,translation,in,common,data,formats,defined,to,be,compliant,with,smart,city,applications.,

●, Data%Connector,%providing,context,information,to,enable,data,storage.,

Table,21:,Context,Data,Broker,module,description,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 96 of 179

Module,Name, Context!Event!Processing!

Module,Description,

In,a,large,scale,IoT,system,,devices,can,generate,several,simple,eventsm, these, events, contain, semantic, information, that, could, be,quite, limited, to, detect, complex, situations,, so, an, additional,processing,logic,is,required.,

The,Context,Event,Processing,module,processes,a,huge,number,of,events,and,get,valuable,information,from,them.,

It,is,in,charge,of,analysing,context,information,in,real$time,in,order,to, recognize, complex, event, patterns, and, to, enable, adequate,responses.,It,works,by,reacting,not,only,to,single,events,but,also,responding,to,a,combination,of,events,,in,sequence,or,in,parallel,,triggering, meaningful, actions, for, applications, or, context, update,events.,


Pattern% Management:, defines, the, rules, to, detect, the, types, of,possible, patterns, supported., Examples, of, pattern, typologies, are,single,event,,sequence,of,events, for,a,given, time,window,,using,aggregation,function,on,one,or,more,events,,etc.,

Event%Processing%Management:,defines,the,rules,to,analyse,a,set,of,events,under,specific,conditions.,Example,of, these,conditions,could,be,detection,of,events,in,a,specific,time,interval,,recognition,of,events,that,satisfy,the,same,criteria,about,their,attributes,,etc.,

Actions% Management:, defines, the, rules, to, establish, the, actions,responding,to,events,,including,the,execution,configuration.,


SR$API$06,

SR$API$01,

Interaction,with, other,modules,

This,module,interacts,with,the,Context%Data%Broker,receiving,and,analysing,context,information,in,order,to,find,patterns,and,execute,the,actions,to,update,the,context,information.,

Table,22:,Context,Event,Processing,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 97 of 179

,

Module,Name, Common!Data!Models!Adapter!

Module,Description,

This,is,the,module,in,charge,of,adapting,heterogeneous,context,data,to, a, specific, data, model, belonging, to, specific, set, classified, by,application,domains.,

The,approach,is,to,define,a,group,of,harmonized,data,models,that,cover,the,typical,application,domains,of,smart,city,applications.,The,module,gets,information,stored,in,a,specific,context,of,Context,Data,Broker,and,creates,a,new,copy,based,on,a,harmonized,format.,In,the,Context,Data,Broker,will,reside,both,the,original,entity,and,its,real$time,updated,harmonized,copy.,

This, module, plays, an, important, role, in, terms, of, interoperability,aspects,, providing, a, way, for, application, providers, to, define, their,applications, using, these, models, and, ensuring, a, greater, level, of,reusability,of,them,in,SynchroniCity,Reference,zones.,


Data%Models%Configuration:,allows,defining,the,structure,of,the,new,data,model,to,use,in,the,mapping,phase.,

Data%Models%Mapping:,allows,manipulating,information,coming,from,Context, Data, Broker,, by, applying, transformation,, elaboration,,filtering,,merging,on,these,data,in,order,to,adapt,them,to,the,specific,data,model,requested.,

Publishing:,allows,publishing,on,specific,context,of,the,Context,Data,Broker,the,result,of,harmonisation,of,an,entity,with,a,supported,data,model.,


SR$MODELS$02,

SR$INT$OPEN$01,

Interaction, with,other,modules,

This,module, interacts,with, the,Context,Data,Broker, to, receive, the,context,information,and,to,provide,it,the,translated,version.,

,,

Table,23:,Common,Data,Models,Adapter,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 98 of 179

,

Module,Name, Data!Connector!

Module,Description,

The, Data, connector, module, is, responsible, to, enable, storage, of,context,data.,Context,aware,approach,makes,available,information,about, the, current, status,of, relevant, entities,, but, the,Context,Data,Broker,itself,isn't,able,to,provide,consumers,with,historical,data,when,such,data,are,required.,

The,Data,connector,module,should,provide,a,pluggable,system,that,allows,to,feed,external,storage,systems,or,other,data,analysis,tools.,


Plugin%management:, this, functionality, allows, simultaneous, use, of,multiple,plugins.,

Plugin:, in, charge, to, enable, storage, functionalities, supporting, a,specific,storage,system,technology,


SR$PERF$02,


This,module,interacts,with,the,Context!Data!Broker,to,receive,the,context,information.,

Table,24:,Data,Connector,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 99 of 179

3.2.2! IoT Management IoT, Management, is, the, component, responsible, to, interact, with, the, devices, that, use, different,standards,or,protocols,making,them,compatible,and,available,to,the,SynchroniCity,platformm,through,its,interface,this,component,provides,to,the,Context,Management,the,data,coming,from,Southbound%Uniform% Interfaces, layer,, handling, the, creation, and, the, updates, of, Context, Entities, and, their,attributes.,

The,core,component,of,the,IoT,Management,are,the,IoT,Agents,,representing,the,software,modules,that,implement,the,concrete,interface,with,the,devicesm,each,agent,handles,a,specific,protocol,and,provides,to,Context,Management,the,context,entities,with,related,information,,by,creating,an,entity,for,each,device,connected, to, the,platform., IoT,Management,allows,managing, the, IoT,Agents,by,using, centralized, administration, functionalitiesm, in, this, way, each, operation, related, to, creation,,configuration,,monitoring,of,agents,leverages,a,single,administration,point,simplifying,the,overall,IoT,Agents,management.,

The,following,tables,reports,description,about,the,related,sub,modules.,

,

Module,Name, IoT!Agents!

Module,Description,

An, IoT, Agent, is, a, software, module, that, enables, sensors, and,actuators,to,send,their,data,to,and,be,managed,from,a,Context,Data,Broker,using,their,own,native,protocols.,IoT,Agents,should,also,be,able,to,deal,with,security,aspects,(authentication,and,authorization,of, the,channel),and,provide,other,common,services,to,the,device,programmer.,,

This, is, the, module, that, represents, the, whole, set, of, IoT, Agents,covering,all, the,protocols,and,standard,communication, interfaces,exposed,by,devices,of,Data,Sources,layer.,


,The,main,functionalities,provided,by,this,module,are:,

•, Managing,of,information,exchanged,with,devices,(e.g.,measure,reading).,The,agent,is,in,charge,to,mediate,between,the,raw,data,coming,from,the,device,and,the,virtual,entity,representation,at,the,context,level.,

•, Execution,of,commands,or,actions,by,an,actuator,device.,•, Mapping,of,device,and,its,features,to,a,context,entity,with,related,attributes,and,metadata,

•, Manage,entities,lifecycles,at,the,Context,Management,level,


SR$COMM$01,SR$COMM$02,SR$LEGACY$01,SR$SECURITY$02,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 100 of 179


This, module, interacts, with, the, Context, Management, to, provide,context,entity, information,and,manage,queries,, subscriptions,and,commands,executed,on,devices.,

Table,25:,IoT,Agents,module,description,

,

Module,Name, Device!Management!

Module,Description,

This,module,in,charge,of,managing,configuration,of,the,IoT,Agents,to,set,parameters,needed,in,southbound,connection,to,the,devices,,depending,on,the,specific,protocol,used,,and,managing,publication,of, data, observations, to, specific, contexts, associating, the,measurements,to,the,related,context,entities.,

This,module,is,used,only,for,connections,to,devices,that,not,support,the,Context,Management,APIs.,


The,main,functionalities,provided,to,manage,the,IoT,Agent,instances,are:,,

●, Device, Registration/Creation:, before, sending, observations,the,devices,have,to,be,registered.,This,registry,can,include,several,information,such,as,the,Device,ID,,Entity,ID,,Entity,type,,attributes,,static,attributes,and,command,parameters,related,to,the,device.,

●, Device, Observation:, once, a, device, is, registered,,observations,might,be,sent,with,a,simple,HTTP,request.,,

●, Monitoring:,this,functionality,includes,all,the,activities,about,the,device,status,checking.,


SR$COMM$02,SR$LEGACY$01,SR$LEGACY$02,


This, module, interacts, with, the, Context, Management, in, order, to,provide,the,endpoints,where,the,data,are,published,and,to,manage,the,appropriate,mapping,to,context,elements.,

Table,26:,Device,Management,module,description,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 101 of 179

3.2.3! Data Storage Management The,Data,Storage,Management,aims,to,solve,the,issues,related,to,the,data,storing,in,the,specific,context,of,IoT,systems,and,smart,city,platform.,

Data,coming,from,various,heterogeneous,sources,can,differ,in,terms,of,types,,characteristics,and,constraints,imposed,by,their,owners,about,their,exploitation.,

The,SynchroniCity,project,wants,to,address,these,challenges,by,enabling,the,usage,of,data,in,smart,city, applications, through, a, secure, and, trusted, environment, according, to, a, defined, set, of,management,policies.,To,make,this,possible,,a,set,of,functionalities,to,configure,,provision,and,report,storage,activities,have,to,be,made,available,,also,to,ensure,data,security,and,quality.,

In, terms, of, data, security,, several, different, aspects, can, be, taken, into, account, such, as, data,anonymization,,by,classifying,types,of,data,that,request,such,treatment.,,

In,addition,to,these,aspects,,it,is,important,to,consider,that,the,promotion,of,data,exploitation,and,use,requires,a,certain,quality,level,of,the,data,to,be,guaranteed.,Hence,,Data,Storage,Management,could,also,provide,functionalities,related,to,data,cleansing,and,in,general,tools,to,checks,data,quality.,

For,the,purpose,of,this,module,,three,main,categories,of,data,managed,can,be,identified:,●, Public,or,Open,Data:,data,provided,without,restrictions,on,access,,use,and,share.,●, Private,Data:, data, provided,with, restrictions, about, their, usagem, this, category, includes, for,

instance,personal,data.,●, Commercial, Data:, data, provided, with, license, that, define, permission, to, access,, policy, of,

distribution,and,charging.,The,Data,Storage,Management,addresses,the,storage,of,data,from,different,perspectives:,

●, Platform,Perspective:,local,storage,,cloud,platforms,,external,databases,●, Usage, perspective:, structured, or, not, structured, database, for, BI, analysis,, open, data,

publication,and,sources,discovery,and,aggregation.,

3.2.4! Marketplace and Asset Management A,Marketplace,is,a,brokerage,site,that,favours,the,meeting,between,demand,and,supply,of,goods,and,services.,Different,kinds,of,marketplaces,exist:,e$commerce,,B2B,,C2C,,B2C,,m$commerce.,In,the,SynchroniCity, approach,, the,marketplace, component,will, encourage, sustainable, commercial,viability,of,data,by,developing,a,considerable,added,value,that,goes,beyond,traditional,rights$based,licensing,models,of,data,sets.,,,

It,will,contain,a,set,of,modules,aimed,to,lower,the,barriers,for,data,sharing,and,boost,the,confidence,of,data,consumers,and,providers.,Both, the,quantity,and,quality,of,available,data,sources,will,be,improved,as,different,stakeholders,are,incentivised,to,share,higher,value,proprietary,data.,In,more,detail,,the,marketplace,component,will,implement,a,hub,to,enable,digital,data,exchange,for,urban,data,and,IoT,capabilities,with,some,basilar,features,in,order,to,manage,catalogue,,orders,,and,user,roles,within,the,marketplace.,

It, will, also, be, responsible, for, the, revenue,, billing, and, charging, management, and, enabling, the,creation,of,innovative,business,models.,

Eventually,,the,marketplace,will,implement,mechanisms,to,gather,user,rating,and,feedback,on,the,assets,,and,to,support,trust,and,accountability,of,the,publishers.,It,is,possible,to,define,nine,functional,modules,for,the,marketplace,and,asset,management:,

●, Catalogue,management,●, Offers/Orders,management,●, Peering,management,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 102 of 179

●, Revenue,management,●, Feedback,and,reputation,service,●, Customer,management,●, License,management,●, SLA,management,●, Transparency,and,accountability,service,

The,following,tables,describe,the,details,about,each,module.!

,

Module,Name, Catalogue!Management!

Module,Description,

This,module,provides,functionalities, to,publish,,search,and,browse,for,different,assets:,IoT,data,and,actuation,services.,Asset,offerings,can,be,organised, into,groups/categories, $, in,a,hierarchical, fashion,when, possible, $, to, allow, for, an, easy, navigation, and, discovery, of,them., Attributes, define, characteristics, and, properties, of, digital,assets.,They,may,also,be,inherited,from,a,higher,level,in,a,category,hierarchy.,,The,module,lets,the,asset,providers,be,able,to,define,the,technical,description,of,the,assets,they,own.,,

,

Main,functionalities,

The,main,functionalities,provided,by,this,module,are:,

•, Asset,discovery:,allows,users,to,search,for,specific,assets,with,different,methods,(e.g.,,browsing,,searching).,Advanced,search,is,enabled,by,means,of,tags,and,filters.,

•, Publication,of,new,asset,offer:,allows,asset,providers,to,register,a,new,offer,prior,validation,to,ensure,the,quality,of,published,resources,(e.g.,,in,terms,of,documentation,,availability,,completeness).,

•, Publication,of,new,asset,request:,implements,a,procedure,that,allows,the,marketplace,administrator,to,call,for,digital,assets,which,will,then,be,added,to,the,marketplace.,


SR$MKTPLACE$02,SR$MKTPLACE$04,SR$MKTPLACE$05,SR$MKTPLACE$06,SR$PERF$01,SR$MODELS$01,SR$API$05,SR$API$04,SR$API$03,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 103 of 179


This, module, interacts, with, the, License, and, SLA, management,modules, to, bind, a, license,and,a,SLA, respectively, to, a, new,asset,offer., It, interacts, with, the, Offers/Orders, management, module, to,register,new,offers,or,orders.,Information,is,also,exchanged,between,this,module, and, the, Feedback, and,Reputation,module, to, retrieve,feedback,,rating,and,reputation,score,for,every,asset.,This,module,also, interacts, with, the, Peering,Management, module, to, exchange,assets,information,across,the,marketplaces,of,other,reference,zones,in,order,to,expose,them,within,a,single,federated,marketplace.,,

Table,27:,Catalogue,Management,module,description,

,

Module,Name, Offers/Orders!Management!

Module,Description,

This,module,allows,to,acquire,assets,,manage,offerings,and,ordering.,

,



•, Ordering,of,assets:,allows,data,consumers,to,purchase,a,specific,digital,asset,,which,can,be,a,static,batch,of,data,,real$time,data,streamed,by,one,or,more,sources,,or,services.,

•, Management,of,assets,purchased:,allows,data,consumers,to,keep,track,of,the,assets,purchased,through,the,marketplace.,

•, Management,of,offerings:,allows,data,producers,to,keep,track,of,the,assets,they,offer,through,the,marketplace.,

,


SR$PERF$01,SR$MKTPLACE$03,


This, module, interacts, with, the, Catalogue,Management, module, to,exchange, information, regarding,new,offers/orders., It, also, interacts,with, the, Revenue, Management, module, to, enable, monetisation,mechanisms,and,with,the,Transparency,and,Accountability,Service,module,to,track,transaction,information.,,,

Table,28:,Offers/Orders,Management,module,description,

,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 104 of 179

Module,Name, Peering!Management!

Module,Description,

This,module,is,in,charge,of,managing,a,set,of,federation,capabilities,in, accordance, with, the, marketplace, governance., Federation,capabilities,allow,different,marketplaces,to,interact,with,each,other,and, access, their, resources, indistinctly, to, provide, access, to, data,across,them,and,enable,the,development,of,aggregate,services.,,



•, Management,of,federation,requests:,allows,the,marketplace,administrator,to,look,up,for,digital,assets,exposed,in,different,marketplaces,and,keen,to,be,federated,,and,to,send,them,request,for,federation.,After,the,federation,request,is,accepted,,those,assets,will,be,discoverable,buy,users,of,the,marketplace,that,originated,the,request,for,federation,

,

•, Management,of,federation,offers:,allows,the,marketplace,administrator,to,expose,specific,digital,assets,that,could,potentially,be,part,of,a,federated,marketplace.,Those,assets,will,be,then,discovered,by,administrators,of,other,marketplaces,interested,in,federation.,,


SR$MKTPLACE$08,,


This,module, interacts,with, the,Catalogue,management,module, to,exchange, information, regarding, assets, to, expose, them, within, a,single, federated, marketplace, in, compliance, with, the, specific,marketplace,governance.,

Table,29:,Peering,Management,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 105 of 179

,

Module,Name, Revenue!Management!

Module,Description,

This, module, allows, asset, providers, to, generate, revenue, for, their,offers, by, charging, asset, consumers., It, provides, tools, to, manage,asset, usage, information, in, order, to, enable, usage,based,business,models.,This,module,is,also,responsible,for,managing,the,lifecycle,of,assets,, activating, them, when, users, acquire, them, or, deactivating,them,when,the,subscription,is,cancelled.,

Main,Components,


•, Charging,management:,provides,the,charging,functionality,to,the, system, by, interacting, with, one, or, multiple, charging,platforms,(e.g.,,PayPal),and,performing,the,required,actions,to,charge,the,asset,consumers,for,acquiring,or,using,assets,provided,by,different,asset,producers.,

•, Billing, management:, it, is, in, charge, of, sending, invoices, to,asset,consumers,for,their,purchases.,The,invoicing,process,starts,when,a,purchasing,order,is,completed.,In,case,of,static,batch, of, data, or, services,, a, single, invoice, is, sent, to, the,consumer.,Whereas,, in,case,of,real$time,data,invoicing,can,be,done,through,time$triggered,transactions.,,


SR$MKTPLACE$03,


This,module, interacts,with, the,Offer/Order,Management,module, to,enable, monetization, mechanisms, by, exchanging, information, on,orders,and,asset,usage.,

Table,30:,Revenue,Management,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 106 of 179

,

Module,Name, Feedback!and!reputation!

Module,Description,

This,module,provides,user, feedback,management, for, the,different,assets, published, in, the, marketplace., It, also, provides, rating, and,reputation,mechanisms, to, facilitate, the, asset, selection, to, the, end,users,and,to,promote,honest,behaviour,among,users.,



,

•, User,feedback:,allows,users,to,provide,feedbacks,on,digital,assets,they,purchased/exploited.,Feedbacks,will,be,based,on,the,quality,and,reliability,of,data,as,well,as,on,their,compliance,to, SLAs., In, case, of, data, streaming, or, services, running, for,extensive, periods,, users, will, be, allowed, to, adjust, their,feedbacks,periodically, on, the,basis, of, the,actual, and,more,recent,characteristics,of,data.,

•, Asset, rating:, it, is, in, charge, of, building, and, maintaining, a,ranking,of,digital,assets,with,respect,to,feedbacks,received,by,the,users.,

•, Asset, provider, reputation:, it, is, in, charge, of, building, overall,reputations,of,asset,providers,according,to,the,rating,of,their,assets.,


SR$FEEDBACK$01,


This, module, interacts, with, the, Catalogue, Management, and, the,Customer,Management,modules,to,exchange,information,regarding,feedback,, rate,and,reputation,of,assets,and,customers., It, interacts,with,the,Order/Offer,Management,to,check,whether,a,consumer,has,performed,a,purchase,of,a,particular,asset,before,being,able,to,rate,that,asset.,It,also,interacts,with,the,Transparency,and,Accountability,service,module,to,track,information,on,feedback,,rate,and,reputation.,

Table,31:,Feedback,and,reputation,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 107 of 179

,

Module,Name, Customer!Management!

Module,Description,

This,module,allows,to,identify,and,gather,information,about,users,of,the,marketplace.,It,provides,tools,to,manage,customer,information,,personal,data,and,user,consent.,



•, Registration,,update,and,deletion,of,customer,accounts,•, Management,of,user,consent,


SR$PRIVACY$04,


This, module, interacts, with, the, Transparency, and, Accountability,service, module, and, Privacy, management, module, exchanging,updates,on,user,consents,,and,with, the,Feedback,and,Reputation,service,module,to,link,customer,reputation,information.,

Table,32:,Customer,Management,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 108 of 179

Module,Name, License!Management!

Module,Description,

This, module, allows, asset, providers, to, set,, define, and, customize,different, licenses, for, assets, published, on, the, marketplace,, thus,enabling, a, dynamic, ecosystem, in, which, providers, can, establish,various,business,models.,,


The,main,functionalities,provided,by,this,module,are:,●, License,definition,and,customization:,allows,asset,providers,

to, define, different, usage, licenses, for, the, digital, assets,published, in, the, marketplace., It, also, accounts, for, various,business,models,established,by,providers.,Different, license,templates, based, on, standard, licenses, (e.g.,, GPL,, Apache,,Creative, Commons), will, be, made, available, by, this, sub$module, which, can, be, customized, according, to, the, specific,business,models,chosen,by,providers.,

●, Policy,management:, is, in, charge,of, defining,and,managing,the,policies,regulating,the,access,to,digital,assets.,


SR$LICENSE$01,SR$LICENSE$02,SR$LICENSE$03,SR$SECURITY$03,


This,module,interacts,with,the,Catalogue,management,to,exchange,information,on,license,agreement,linked,to,assets.,

Table,33:,License,Management,module,description,

Module,Name, SLA!Management!

Module,Description,

This,module,allows,to,define,and,manage,extensible,SLA,for,services,and, data, provided, in, order, to, satisfy, for, different, stakeholder,requirements.,


Definition, of, Service, Level, Agreements:, allows, to, define, SLAs, for,digital,assets,published, in, the,marketplace, (e.g.,,uptime,, response,times,, quality, of, data,, data, loss, rate)., Common,metadata, models,could, be, used, to, simplify, the,management, and, comprehension, of,SLA,descriptions.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 109 of 179


SR$SLA$01,SR$SLA$02,


This,module,interacts,with,the,Catalogue,management,to,exchange,information, on, SLA, linked, to, assets., It, also, interacts, with, the,Transparency,and,Accountability,Service,module,to,track,information,regarding,the,terms,of,each,SLA.,

Table,34:,SLA,Management,module,description,

,

Module,Name, Transparency!and!accountability!

Module,Description,

This,module, keeps, track,of, each, transaction, (e.g.,, purchase,, data,usage, with, respect, to, license, agreements,, settlement), performed,within,the,marketplace.,It,provides,transparency,of,city,operation,by,publishing, availability, of, services,, decision, making,, purpose, and,restrictions, regarding, IoT, data, collection., It, also, enforces, the, user,preferences,regarding,the,control,of,whom,and,how,should,use,his,own,personal,data.

Functional,Components,


•, Auditing,of,transactions,•, Enforcing,of,user,preferences,


SR$MKTPLACE$07,


This, module, interacts, with, the, SLA, management,, Feedback, and,Reputation, service,, Offer/Order, management, and, Customer,management,modules,to,exchange,information,on,transactions,and,transparency,within,the,marketplace.,

Table,35:,Transparency,and,accountability,module,description,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 110 of 179

3.2.5! Security, Privacy and Governance SynchroniCity, identifies, as,main, security, pillars,Data,, IoT, infrastructure, and, the, overall, Platform,which, is, supporting, the, smart, city, applications, and, services., Alongside, these, pillars,, security,functionalities, provide, crucial, security, properties, such, as, confidentiality,, authentication,,authorization,,integrity,,non$repudiation,,access,control,,etc.,,

A,flexible,and,manageable,security,configuration,can,be,tailored,to,address,specific,application,or,service,security,requirements,taking,into,account,the,large,heterogeneity,of,IoT,devices,exposing,data,and,control, functionalities,while,being,compliant,with, the,different,governance,,policies,and,procedures,of,each,city. ,

,

Figure,24:,Security,Technological,pillars,

Security, layer, contains, a, set, of,modules, aimed, to, ensure, data, protection, and, privacy,,manage,identities,,authenticate,and,authorize,users,accessing,assets,according,to,the,RZ’,governance.,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 111 of 179

,

Module,Name, Data!protection!and!Privacy,,

Module,Description,

This, module, provides, flexible, security, and, privacy, capabilities, in,order, to, accommodate, the, different, needs, of, specific, target,scenarios,, by, providing, support, for, confidentiality,, integrity,,authentication,, immutability, and, non$repudiation., It, provides,cryptographic,mechanisms,to,authenticate,and,secure,data,in,transit,as, well, as, mitigating, the, risk, of, data, theft, by, encrypting, physical,storage/media,to,protect,data,at,rest.,


●, Data, protection:, provides, encryption, and, key, management,functionalities, to,ensure, that,data,are,secure,while,being, in,transit,and,at,rest.,,

,●, Privacy:, provides, functionalities, in, line, with, the, privacy, by,

design,principle.,It,ensures,that,the,system,respects,privacy,during, its, operation., Of, course, the, actual, level, of, privacy,protection,depends,on, the,actual,policy.,Any,personal,data,,and,their, interrelationships,,are,hidden,from,plain,view,,thus,they,cannot,easily,be,abused.,By,separating,the,processing,or,storage,of,several,sources,of,personal,data,that,belong,to,the,same,person,,complete,profiles,of,one,person,cannot,be,made,while,also,achieving,purpose,limitation.,Moreover,,data,is,processed,at,the,highest,level,of,aggregation,and,with,the,least,possible,detail,in,which,it,is,(still),useful.,Aggregation,of,information,over,groups,of,attributes,or,groups,of,individuals,,restricts,the,amount,of,detail,in,the,personal,data,that,remains,,thus, protecting, its, privacy., This, functionality, manages, the,process, to, inform, data, subjects,whenever, personal, data, is,processed,,also,providing,the,right,to,view,,update,and,even,ask,the,deletion,of,personal,data,collected,about,her.,It,also,provides,a, tool, to,show,how,the,privacy,policy, is,effectively,implemented,within,the,system.,,


SR$PRIVACY$01,SR$PRIVACY$02,SR$PRIVACY$03,SR$PRIVACY$04,SR$SECURITY$04,SR$SECURITY$01,


This,module,interacts,with,the,Customer,Management,and,with,the,Transparency,and,Accountability,modules, to,exchange, information,regarding,the,access,and,process,of,personal,data.,It,also,interacts,with, the,Data,Storage,Management, to,enforce,data,protection,and,anonymization, according, to, the, policies, defined, in, the, Policy,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 112 of 179

Management,module.,,

Table,36:,Data,protection,and,Privacy,module,description,

,

Module,Name, Identity!and!Authentication!Management!

Module,Description,

The,Identity,Management,module,is,the,first,step,for,accessing,data,,services, and, applications,, by, providing, secure, and, private,identification, and, authentication, of, users,, trust, management,, and,Single, Sign$On, (SSO), to, service, domains, and, Identity, Federation,towards,applications.


This,module,offers,functionalities,for:,

•, Management, of, user, life$cycle, functions, by, providing, account,creation, and, management,, and, enforcement, of, policies, and,procedures,for,user,registration,,identification,and,authentication.,,

•, Support, to, different, authentication, providers, and, several,applications, can,be, linked, to, this,module,, thus, enabling, single,sign$on,(SSO),to,all,these,applications.,


SR$MKTPLACE$01,SR$SECURITY$01,SR$SECURITY$04,


This, module, interact, with, the, Authorization, and, Accounting,component,to,exchange,information,on,access,request,to,assets.,,

Table,37:,Identity,and,Authentication,Management,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 113 of 179

,

Module,Name, Authorization!and!Accounting!

Module,Description,

This,module,provides,authorization,and,accounting,capabilities,which,are,critical,aspects,to,support,Smart,City,services,and,applications.,It,enforces, a, set, of, conditions, defining, whether, users, have, access,granted, to, a, particular, resource,, while, also, storing, information,regarding,access,for,audit,purposes.


●, Authorization:, provides, a Policy, Enforcement, Point, (PEP),which, intercepts, resource, access, requests,, makes, access,control, decision, requests,, and, enforces, access, control,decisions.,Moreover,,a,Policy,Decision,Point,(PDP),evaluates,access, request, by, checking, authorization, policies, for,rendering,an,access,control,decision.,It,provides,also,a,Policy,Retrieval, Point, (PRP), that, connects, to, the, Policy,Management,component,and,a,Policy,Information,Point,(PIP),to, obtain, applicable, authorization, policies, according, to, an,access, control, decision, request, and, attributes, that, are,needed,for,evaluating,authorization,policies,,for,example,the,IP, address, of, the, requester,, creation, time, of, the, resource,,current, time, or, location, information, of, the, requester., This,information, is, then,combined, in,order, to,get,a, finial,access,control,decision.,,

,●, Accounting:, measures, resource, consumption, performed, by,

users,during,access.,This,includes,the,amount,of,system,time,or,the,amount,of,data,a,user,has,sent,and/or,received,during,a, session., Accounting, is, carried, out, by, logging, of, session,statistics, and, usage, information., It, is, used, also, for,authorization,control,,billing,,and,resource,utilization.,


SR$SECURITY$01,SR$SECURITY$04,SR$MONITORING$01,


This,module,interacts,with,the,Identity,and,Authentication,,and,with,the,Policy,Management,component,to,exchange,information,related,to,access,request,to,assets,and,to,make,authorization,decision,based,on,defined,access,policies., It, also, interacts,with, the,Transparency,and,Accountability,component,to,exchange,information,on,accesses,and,usage,so,that,the,latter,component,can,store,and,provide,a,way,to,show,that,data,,application,and,services,are,accessed,and,used,according,to,their,privacy,and,SLA,requirements.,,

Table,38:,Authorization,and,Accounting,module,description,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 114 of 179

,

Module,Name, Policy!Management!

Module,Description,

This,module,provides,a,unified,policy,management,regarding,access,,privacy,and,governance,of,the,SynchroniCity,platform.,By,providing,a, unified, and, central, policy, management, point,, access, policies,updates, have, an, immediate, result, on, how, the, authorization,component,performs,decision.,In,addition,,this,component,allows,to,define,adaptation,policies,of,security,functionalities,in,the,boundary,points,thus,being,independent,from,low,level,IoT,components.,,


The,Policy,Management,component,allows,to,define,policies,related,to,privacy,,access,,data,protection,and,federation.,


SR$SECURITY$02,SR$SECURITY$03,SR$SECURITY$04,


This,module,interacts,with,each,security,and,privacy,components,as,a, point, providing, policies, to, be, enforced., It, also, interacts,with, the,Peering, management, to, exchange, information, regarding, assets,shared,among,different,RZs,marketplace.,,,

Table,39:,Policy,Management,module,description,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 115 of 179

,

3.2.6! Monitoring and Platform management service SynchroniCity,offers,a,set,of,functionalities,to,manage,platform,configuration,and,to,monitor,activities,of,the,components.,In, terms, of, platform, configuration, SynchroniCity, allows, setting, of, all, the, parameters, related, to,components,functionalities,and,interaction.,In,addition,to,this,,another,set,of,parameters,is,related,to,monitoring,functionalities,in,particular,needed,for,platform,KPI,calculation.,In, terms, of, platform, monitoring,, SynchroniCity, establishes, a, set, of, quantitative, and, qualitative,metrics,to,extract,meaningful,performance,indicators,to,have,an,overview,of,the,status,of,the,platform,in,relation,to,different,aspects,(e.g.,performance,,usage,,reliability,,quality,of,service,,etc.).,,Calculation,of,KPIs,is,based,on,collection,of,specific,logs,and,execution,of,ad,hoc,algorithmsm,this,process, is, related, to, parameters, configured, by, an, administrator,, for, instance,, time, interval,,constants,,threshold,values,and,other,variables,used,in,the,calculation.,In,general, the,monitoring,of, the,platform,aims, to,collect,and,elaborate, the, information, to,make, it,available,for,each,type,of,analysis.,

The,following,tables,describe,the,details,about,each,module:!,

Module,Name, Administration!&!Configuration!

Module,Description,

This, is, the, entry, point, to, set, parameters, related, to, SynchroniCity,platform,and,its,architecture,components,,like,Context,Management,,IoT,Management,,etc.,defining,their,behaviour..,,The, configurations, relate, both, to, the, components’, functionalities,,integration, and, all, the, parameters, needed, to, setup, and, start, the,platform,monitoring,processes.,


●, Platform%and%Component%configuration:,allows,to,setup,server,configuration,,deployment,configuration,etc.,It,is,necessary,in,order,to,run,services,and,applications,of,the,platform,,or,to,enable/disable,specific,functionalities,of,the,platform.,

,●, Monitoring%Configuration:,allows,to,configure,parameters,such,

as, time, intervals,, threshold,values,,etc.,necessary, to,create,the,log,files,used,in,KPI,calculation.,


SR$MODULARITY$01,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 116 of 179


This,module,interacts,with,all,the,modules,of,the,architecture,in,order,to,propagate,the,configuration,parameters.,

Table,40:,Administration,&,Configuration,module,description,

,

Module,Name, Platform!Monitoring!

Module,Description,

This,is,the,module,in,charge,of,running,the,monitoring,processes,of,the,platform,in,order,to,check,the,quality,of,services,and,applications,and,extract,statistics,and,indicators,that,provide,an,overview,on,the,performances,and,reliability,of,the,platform.,


Log%analysis%and%KPI%calculation:,,takes,into,account,the,logs,generated,at,platform,runtime,and,elaborates,them,by,applying,specific,algorithms.,


SR$ROBUSTNESS$01,

SR$MONITORING$01,


This,module, interacts,with, all, the,modules, of, the, architecture, that,provide,logs,for,KPI,calculation.,

Table,41:,Platform,Monitoring,module,description,

,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 117 of 179

,

3.3! Interaction among components

3.3.1! Authorization Flow When,an,application,or,a,component,of,the,SynchroniCity,architecture,requires,access,to,a,protected,resource,(e.g.,access,the,status,of,a,device,through,the,Context,Data,Broker,,query,a,data,service,exposed,in,the,Marketplace,,etc.),according,to,RFC6749,[116],it’s,necessary,to,allow,authentication,and,authorization,roles,separation,in,order,to,have,an,adequate,security,level,,avoiding,unwanted,access,to,resources.,

In,Figure,25, is,depicted, the,Oauth2,abstract, flow,among, the, roles, involved, in, the,authentication,mechanism,when,an,application,or,service,wants,to,use,a,protected,resource.,

,

,

Figure,25:,Abstract,Authorization,flow,

The,abstract,OAuth,2.0,flow,includes,the,following,steps:,

1., The,client,asks,for,authorization,from,the,owner,sending,its,credentials.,The,authorization,could,be,made,(preferably),via,an,IDM,as,an,intermediary.,

2., The,client,receives,an,authorization,grant,,which,is,a,credential,representing,the,resource,owner's,authorization.,

3., The, client, requests, an, access, token, by, authenticating, with, the, authorization, server, and,presenting,the,authorization,grant.,

4., The,authorization,server,authenticates,the,client,and,validates,the,authorization,grant,,and,if,valid,,return,an,access,token.,

5., The,client, requests, the,protected,resource, from,the,resource,server,and,authenticates,by,presenting,the,access,token.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 118 of 179

6., The,resource,server,validates,the,access,token,,and,if,valid,,serves,the,request.,

3.3.2! Context Management Flow Context,[117],is,any,information,that,can,be,used,to,characterize,the,situation,of,an,entity.,An,entity,is,a,person,,place,,or,object, that, is,considered,relevant, to,the, interaction,between,a,user,and,an,application,,including,the,user,and,applications,themselves.,

In,order, to,manage,such,entities,, the, central, role, is,played,by,Context,Data,Broker, (CB),,which,maintains,the,status,and,makes,it,available,to,the,affected,applications.,Below,the,typical,sequences,in,which,the,CB,interacts,with,producers,and,consumers,of,information,will,be,described.,

,

,

Figure,26:,Context,update,and,query,flow,

Figure,26,depicts, the,situation,when, the,CB,simply,maintains, the,status, information,of,an,entity,which,is,asynchronously,updated,by,the,producer,(e.g.,Device,,IoT,agent,,Application),in,order,to,provide,the,entity,status,when,an,application,directly,queries,it.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 119 of 179

,

Figure,27:,Context,publish,subscribe,flow!

In,Figure,27,the,publish/subscribe,mechanism,is,shown.,First,,an,application,subscribe,an,entity,or,only,some,entity,attributes,specifying,conditions,to,be,notified,and,communicating,an,endpoint, to,receive,notifications:,every,time,a,producer,updates,an,entity,or,a,subscribed,attribute,,the,Context,Data,Broker,will,notify,at,the,endpoint,pushing,the,new,information.,

,

Figure,28:,IoT,Agent,flow,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 120 of 179

,,

The,last,sequence,in,Figure,28,is,related,to,the,case,when,an,IoT,Agent, is, in,charge,to,mediate,between,a,device,with,a,proprietary,protocol,and,the,CB.,In,these,cases,firstly,,the,device,needs,to,register, itself,on,the,IoT,agent, that,will,propagates,such,registration,creating,on,the,CB,an,entity,representing,the,device.,After,the,registration,,each,time,the,device,sends,a,new,value,to,the,agent,,the,latter,will,update,the,context,on,the,CB.,When,an,application,needs,to,know,the,status,of,the,device,,it,must,query,the,CB,in,order,to,obtain,the,information,as,in,the,previous,cases.,,

3.3.3! Marketplace Flow The,following,figures,show,the,interaction,among,some,components,of,the,marketplace,in,the,case,of,a,new,asset,offer,and,a,new,asset,order,respectively.,We,assume,that,authentication,and,authorization,have,been,already,performed.,,

%

Figure,29:,Offer,creation,flow!

Specifically,, Figure, 29, shows, the, process, of, an, asset, provider, registering, a, new, asset, in, the,marketplace.,The,asset,provider,interacts,with,the,Catalogue,Management,component,by,describing,the,attributes,of,the,new,asset,and,the,license,and,SLA,to,be,linked,to,that,asset.,The,catalogue,interacts,with,the,License,Management,and,SLA,Management,component,by,linking,the,asset,to,the,license, and, SLA, selected, by, the, asset, consumer., Finally,, it, creates, a, new, order, which, is,communicated,to,the,Order/Offer,Management,and,return,the,offer,identifier,to,the,asset,producer.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 121 of 179

,

Figure,30:,Order,creation,flow%

Figure,30,shows,the,interaction,among,components,while,creating,a,new,asset,order.,First,,an,asset,consumer,searches,for,a,particular,asset,of,its,interest.,The,Catalogue,Management,returns,to,the,asset,consumer,a,list,of,matching,assets,from,which,the,asset,consumer,select,one,for,purchase.,Thus,, the, Catalogue, Management, creates, a, new, order, by, interacting, with, the, Offer/Order,Management,which, returns, the, order, identifier, to, the, asset, consumer., Assuming, a, pay, per, use,business,model, associated, to, that, asset,, after, asset, consumption, the,Offer/Order,Management,interacts,with,the,Revenue,Management,to,charge,the,asset,consumer.,After,a,billing,process,,the,Revenue,Management,sends,an,invoice,back,to,the,asset,consumer.,,

3.4! Interoperability points logical specifications %

In,order,to,be,compliant,with,SynchroniCity,there,are,some,requirements,that,RZs,and,any,other,external,stakeholder,,for,instance,a,developer,or,an,application,provider,that,wants,to,participate,in,the,platform,,have,to,satisfy.,These,requirements,refer,to,the,implementation,of,a,set,of,interfaces,that,realise,integration,among,SynchroniCity,platform,and,the,external,world.,SynchroniCity, Framework, defines, different, types, of, interfaces, related, to, all, dimensions, that,contribute,to,enable,Smart,Cities,to,be,part,of,a,digital,single,market,for,IoT$enabled,urban,services.,It,is,possible,to,identify,the,following,categories,of,interoperability,point:,

•, Context,Management,interface,•, Data,Models,•, Security,Interface,•, Marketplace,Interface,

For,each,of,these,categories,a,set,of,APIs,are,defined,,as,showed,in,the,architecture,picture,using,red,colour.,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 122 of 179

,

3.4.1! Context Management Interface To, ensure, interoperability, in, this, domain,, SynchroniCity, framework, defines, the, Context!Management!APIs,that,represent,a,standard,way,to,communicate,with,the,Context,Management,module,,the,central,block,of,the,architecture.,As, described, previously,, the, main, concept, behind, managing, of, data, and, information, in,SynchroniCity,,is,the,adoption,of,an,abstract,level,that,bases,representation,of,information,on,the,model, of, the, context, entity., Each, data, source, is, represented, as, an, entity, characterised, by, its,attributes,and,metadata.,The,logical,model,of,these,interfaces,is,inspired,to,NGSI,standard,,which,offers,a,powerful,way,to,model,the,real,world,,in,order,to,extract,high,quality,information,from,observation,of,phenomena.,In,terms,of,IoT,System,,each,device,or,data,source,can,be,mapped,to,NGSI,model,and,analysed,by,using, different, modalities., Figure, 31, depicts, how, real, life, objects, can, be, mapped, using, NGSI,approach:,,

,

Figure,31:,NGSI,Context,Information,example,[118],

,This,approach, is, coherent,with, the, interoperability, requirements,of,SynchroniCity,platform,and, it,doesn’t,bind,to,the,use,of,predetermined,data,model.,In,terms,of,exchanging,of,data,or,commands,it,is,possible,to,distinguish,two,interoperability,layers,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 123 of 179

northbound,and,southbound.,Considering,the,interoperability,aspects,from,southbound,connection,point,of,view,,be,compliant,with,SynchroniCity,means,that,the,RZs,have,to,be,able,to,communicate,with,the,Context,Management,module,using,its,APIs.,,To,achieve,this,objective,RZs,have,different,options:,,

●, RZs, implement, directly, the, Context, Management, API:, this, is, the, case, that, ensures, the,highest, level, of, compatibility, because, the,RZ, is,, from,a, technical, point, of, view,, ready, to,interact,with,SynchroniCity.,

●, RZs, adopt, standards, and, well$known, IoT, protocols, in, its, infrastructure:, in, this, case, the,presence, of, IoT, Agents, supporting, these, standards,, already, provided, by, SynchroniCity,,enables,the,integration,between,the,RZ,and,the,SynchroniCity,platform.,

●, RZs, adopt, ad, hoc, solutions, and, proprietary, protocols, in, its, infrastructure:, in, this, case, to,achieve,integration,in,SynchroniCity,platform,,a,custom,IoT,Agent,should,be,developed,in,order,to,adapt,the,custom,RZ,technologies,and,the,Context,Management,interfaces.,

,These,three,options,allow,communication,with,the,Context,Management,component,,which,is,the,basic,condition,to,be,part,of,SynchroniCity,platform.,Following,these,approaches,,it,will,be,possible,to,realise,a,southbound,integration,between,the,platform,and,the,existing,and,legacy,technologies,of,the,RZs.,Considering,the,interaction,issues,from,the,northbound,side,,not,only,the,RZs,have,to,be, compliant, with, specifications,, but, also, applications, providers, have, to, take, into, account, the,interoperability,between,the,applications,created,and,the,SynchroniCity,platform.,Therefore,from,this,point, of, view, the, platform, exposes,, at, northbound,,Context,Management, APIs, to, allow, external,applications,to,manage,context,entities,and,their,attributes,by,using,the,SynchroniCity,framework.,,

,

Figure,32:,Three,different,solutions,to,enable,Context,Management,Interoperability,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 124 of 179

3.4.2! Data Models The,SynchroniCity,framework,will,make,a,set,of,standard,data,models,available,as,part,of,Task,2.2,work,,containing,terms,to,use, in, the,representation,of,context,entities.,By,maintaining,always,the,same,structure,of,context,information,for,different,data,models,,SynchroniCity,will,propose,,as,added,value,,a,classification,of,entities,in,specific,domains.,The,value,added,extensions,will,closely,relate,to,Smart,Cities,and,IoT,platforms.,Example,of,domains,to,take,into,account,can,be:,mobility,,weather,,environment,,risks.,Each,of,them,defines,a,set,of,context,entities,and,related,attributes,that,can,be,mapped,to,generic,context,entities,managed,by,Context,Management.,This,approach,allows,a,one$to$one,mapping,between,generic,entities,and,domain,entities.,Likewise,it,can,also,provide,a,one$to$many,mapping,when,,starting,from,a,generic,entity,definition,,as,it,is,possible,to,obtain,its,representation,in,a,specific,domain,using,two,or,more,complementary,domain,entities.,The, adoption, of, SynchroniCity, data,models, has, relevance, for, both, southbound, and, northbound,interactions., The, following, scenario, shows, the, added, value,, for, both, RZs, and, for, application,providers,when,being,compliant,with,these,data,models.,Suppose,that,a,provider,wants,to,develop,an,application,for,the,specific,RZ$1,in,the,mobility,domain,,for, instance,,about,parking,management., In,order, to,comply,with, the,SynchroniCity,platform,, the,application, has, to, support, the, Context, Management, API, in, order, to, access, SynchroniCity,information.,In,addition,to,this,,if,the,SynchroniCity,platform,has,a,parking,data,model,in,its,ontology,,the,application,can,use,also,this,data,model,to,describe,its,data,and,functionalities.,In,this,way,the,application,provider,designs,an,application,with,a,high,level,of,interoperabilitym,if,there,is,RZ$2,that,supports,,in,addition,to,Context,Management,APIs,,also,the,same,SynchroniCity,parking,data,model,,than,the,application,designed,for,RZ$1,can,be,easily,reused,in,RZ$2,with,a,very,low,effort.,So,the,adoption,of,common,data,models,and,API,giving,the,possibility,to,reuse,the,same,applications,in,different, reference, zones,, with, ease, and, needing, to, perform, only, a, few, technical, activities, also,enabling,them,to,be,part,of,a,common,digital,single,market.,,,

,Figure,33:,Different,cases,to,enable,Data,Models,Interoperability,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 125 of 179

3.4.3! Marketplace Interface SynchroniCity,provides,a,set,of,APIs,aimed,to,lower,the,barriers,for,data,sharing,,while,increasing,the,trust,of,data,consumers,and,providers.,Different,stakeholders,are,incentivised,to,share,valuable,proprietary,data.,The,marketplace,APIs,provide,a,hub,to,enable,digital,asset,exchange,for,urban,data,and,IoT,capabilities.,

,

Figure,34:,SynchroniCity,Marketplace,APIs,

More,specifically,,the,SynchroniCity,marketplace,interface,consists,of,the,following,set,of,APIs:,

Catalogue!management!API,provides,methods, for, the,discovery,of,assets,with,different,search,filters,,methods,,and,for,publishing,new,asset,offers,and,new,asset,request.,A,list,of,available,assets,can, be, retrieved, and, refined, by, specifying, key$words, and, filters, that, match, description,,characteristics,and,properties,of, the,desired,assets.,As,a, result,,asset,consumers,and,cities,can,easily,discover,what,kind,of,assets,are,available,in,the,market.,The,creation,of,a,new,offer,for,an,asset,requires,the,asset,description,,characteristics,and,properties,(e.g.,,scope,,purpose,,meta$data,,etc.).,Moreover,,the,asset,will,need,to,be,linked,to,a,usage,license,and,a,SLA,which,may,be,selected,among,predefined,ones,or, customized,by, the,asset, provider.,Once,a, new,asset, offer, has,been,completely, defined,,will, be, embedded, in, the, catalogue.,On, the, other, hand,, assets, not, currently,available,in,the,catalogue,can,be,requested,by,creating,a,new,asset,request.,Similarly,to,the,asset,offering,,a,new,asset,request,can,be,created,by,providing,an,asset,description,,characteristics,and,properties.,

Offer!and!Order!management!API,provides,methods,to,manage,assets,offerings,and,orders.,The,asset,provider,can,use, this,API, to,perform,several,operations,such,as,update,asset,description,,license,, SLA, and, price,, removal, of, an, asset, offer,, etc., From, the, asset, consumer, side,, this, API,provides, tools, to, place, and, manage, order., More, specifically,, an, asset, consumer, interested, in,acquiring/purchasing,an,asset,available,in,the,catalogue,can,place,an,order,to,finalize,the,acquisition,of, that,asset., In, case,an,asset, consumer,needs, to,manage,an,order,, the,API,allows, to,perform,operations,such,as,unsubscription,,activation,,deactivation,,renew,,etc.,

Peering!management!API,provides,methods,for,the,management,of, federation,requests,and,for,the,management,of,federation,offers.,This,API,is,accessible,only,to,the,marketplace,administrator.,It, allows, to, expose, specific, assets, that, could, potentially, be, part, of, a, federated,marketplace.,By,defining, the, set, of, assets, to, expose,, according, to, the, marketplace, governance,, and, the, set, of,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 126 of 179

marketplace,with,which,to,federate,,the,Federation,offering,handler,will,send,federation,requests,to,the,specified,marketplaces.,On,the,other,hand,,the,Federation,request,handler,allows,to,manage,federation,request.,In,this,case,,the,API,allows,to,retrieve,request,embedding,information,regarding,assets,proposed,to,be,part,of,a,federation.,The,result,of,accepting,a,federation,request,will,be,the,inclusion,of,federated,assets,into,the,local,asset,catalogue.,Similarly,,other,functionalities,such,as,Feedback, and, Reputation,, Transparency, and, accountability, or, Revenue, management, can, be,federated,so,that,different,RZs,can,share,the,same,information,and,be,part,of,a,digital,single,market.,

Revenue!management! API, provides, methods, to, manage, asset, usage, information,, in, order, to,enable,usage,based,business,models,,manage,billing,,charging,and,share,revenues.,It,exposes,an,interface,to,interact,with,external,charging,platforms,such,as,PayPal.,It,collects,all,the,information,required,to,the,charging,(price,,data,usage,,consumer,identifier,,etc.),,which,may,differ,based,on,the,business,model,associated,to,the,asset,order,(e.g.,,pay,per,use,,subscription,,etc.),and,based,on,the, outcome, received,by, the,external, charging, platform,, creates, a, transaction, embedding, funds,transferred,from,a,consumer,to,a,provider,or,a,set,of,providers,if,a,revenue,share,mechanism,has,been, defined, for, the, specific, asset., More, specifically,, the, asset, provider, can, enable, a, revenue,sharing,mechanism,among,other,stakeholders,by,specifying,for,which,asset,offer,and,with,whom,share, revenues, for, that, particular, asset., The, API, allows, also, to, produces, an, invoice, for, each,transaction.,,

Feedback!and!reputation!service!API,provides,methods,for,creating,,updating,and,deleting,user,feedback,to,rate,assets,and,manage,customer,reputation.,User,feedback,can,include,a,text, form,and/or,a,rate,related,to,the,asset,being,evaluated,and,can,be,issued,only,by,asset,consumers,that,placed,an,order,for,the,evaluated,asset.,The,outcome,of,rating,is,linked,to,the,respective,asset,and,visible,within,the,catalogue.,Customer,reputation,is,fairly,and,transparently,updated,based,on,several,factors,such,as,proof,of,SLA,and,usage,license,fulfilment,,overall,rate,of,the,assets,provided,in,the,marketplace,,etc.,,

Customer!management!API,provides,methods,for,the,registration,,retrieval,update,and,deletion,of,customer,accounts,and,for,the,management,of,user,consent.,Depending,on,the,access,restrictions,to,the,marketplace,defined,by,the,marketplace,provider,(e.g.,,city,council,,consortium,,3rd,party),,customer, accounts, can, be, created, and, linked, to, a, specific, roles, (e.g.,, asset, provider,, asset,consumer,,administrator,,etc.).,This,API,provides,also,an,interface,to,create,,retrieve,,update,and,delete,user,consent,so, that, the,desired,result,can,be,enforced,by, the,Privacy,Management,sub$component.,

License!management!provides,methods,for,the,definition,and,customization,of,data,usage,licenses.,More,specifically,,it,provides,an,interface,to,retrieve,pre$defined,data,license,template,so,that,asset,providers, can, link, a, data, usage, license, instance, selected, among, the, available, templates, to, the,offered, asset., If, the, license, template, do, not, fulfil, the, asset, provider, needs,, this, API, allows, to,customize,available,license,templates,or,create,new,ones,so,that,the,new,license,can,better,reflect,the,business,model,requirements.,

SLA!management!API,provides,methods,for,the,definition,of,Service,Level,Agreements.,Similarly,to,the,License,management,API,,it,exposes,an,interface,that,allows,to,create,,retrieve,,update,and,delete,a,Service,Level,Agreement.,,

Transparency!and!accountability!service!API,provides,methods,for,the,audit,of,transactions,and,user,consent.,The,API,takes,a,transaction,identifier,and,related,information,which,will,process,by,creating,and,storing,a,digest.,Similarly,,whenever,user,consent,is,given,to,this,API,along,with,the,user,identifier,,a,digest,is,created,and,stored.,,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 127 of 179

,

3.4.4! Security Interface SynchroniCity,provides,a,set,of,APIs,aimed,to,fulfil,the,security,and,privacy,requirements,of,each,RZ.,SynchroniCity,security,architecture,is,built,upon,OASIS,security,standard,(e.g.,,XACML,[119]),,oneM2M,, GSMA, [120], and, ENISA, [121], IoT, security, guidelines, following, a, modular, design, by,splitting,it, into,several,components,and,sub$components,to,be,consistent,to,SynchroniCity,overall,architectural,and,security,requirements.,It,provides,a,unified,approach,to,the,management,of,security,policies,as,a,viable,and,scalable,means,to,define,and,enforce,security,rules,consistently,among,the,large,variety,of,accessible,resources,(e.g.,,IoT,devices,,data,and,services).,,SynchroniCity,access,control,is,primarily,based,on,an,Attribute$Based,Access,Control,system,(ABAC).,Access,rights,are,granted,to,users,through,policies,combining,attributes,such,as,users,,resources,,actions,,objects,,etc., However,, different, access, control, model, can, also, be, supported, (e.g.,, Role$Based, Access,Control)., With, respect, to, the, standard, identity, management,, authentication,, authorization, and,accounting, components, which, reflect, the, security, standard, and, guidelines, mentioned, above,,SynchroniCity,policy,management,is,decoupled,from,devices,and,services.,Policy,can,be,managed,independently,, thus, focusing, on, providing, business, value, and, compliance, to, data, protection,regulations.,Key,management,,encryption,,digital,signature,and,data,anonymization,functionalities,are,directly,linked,to,resources,and,governed,by,the,policy,management,so,that,implementation,of,changes,and,enforcement,are,simplified,by,deploying,policies,on,the,fly,affecting,each,point,of,use,immediately.,

,

,

Figure,35:,Security,Components,Diagram,

The, access, requester, performs, an, authentication, request, by, interacting, with, the, Identity, and,Authentication, Management,, which, will, respond, with, a, session, token, upon, authorization, thus,concluding,the,login,phase.,The,Authorization,PEP,Proxy,sub$component,is,a,consumer,of,session,tokens,,therefore,it,validates,tokens,while,getting,authorization,info,from,the,token,,such,as,the,user,rolem,it,is,also,a,client,of,the,Authorization,PDP,since,it,intercepts,resource,access,requests,which,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 128 of 179

are,then,forwarded,to,the,Authorization,PDP,to,get,an,authorization,decision,(Permit,or,Deny).,The,PDP, evaluates, access, request, by, checking, authorization, policies, from, the, PRP, which, is, the,connector,between,the,authorization,module,and,the,Policy,Management,module.,It,also,considers,other,information,such,as,the,status,of,the,session,token,by,interacting,with,the,PIP.,Depending,on,this, decision,, the, PEP, Proxy, blocks, or, forwards, the, request, and, sends, information, into, the,Accounting,sub$component.,The,Data,protection,and,Privacy,module,enforce,the,security,measures,such,as,encryption,and,anonymization,,defined,by,the,Policy,Management,module,,directly,on,the,resource/asset,(e.g.,,data,,service,or,application).,

Identity! and! Authentication! Management! API, exposes, interfaces, to, create,, import,, retrieve,,update,,delete,users,and,roles,and,to,perform,authentication.,More,specifically,,the,API,allows,to,create,a,user,by,taking,as,input,username,,optional,information,about,the,user,(e.g.,,contact,info,,description,,purpose,,etc.),,password,and,role,,returning,as,output,the,user,identifier,upon,successful,creation.,Similarly,,user,import,can,parse,user,information,from,an,external,source.,,Retrieve,,update,and, delete, require, to, pass, the, user, identifier, to, the, API,, specifying, which, operation, has, to, be,performed,and,the,respective,additional,information.,In,this,case,the,API,will,return,the,outcome,of,the,operation,(e.g.,,success,,fail).,Moreover,,this,API,allows,to,perform,authentication,by,receiving,user,credentials,,interacting,with,the,authorization,component,and,issuing,authentication,tokens.,

Authorization!and!Accounting!Management!API,exposes,interfaces,to,grant,or,deny,permission,to, access, resources, and, to, log, access, request., It, exposes, interfaces, to, the, authentication,component,and, the,policy,management,component.,More,specifically,, it, receives,access,request,from,the,authentication,component,and,according,to,the,policies,received,by,the,policy,management,component,, it,grants,or,denies,access,to,a,particular,resource.,The,accounting,interface,receives,access,requests,and,store,them.,

Policy!Management!API,provides,an,interface,to,create,,retrieve,,update,and,delete,policies.,Each,policy,embeds,a,title,,a,description,,rules,and,subjects,to,those,rules.,When,a,new,policy,is,created,,the, API, returns, a, policy, identifier,, while, when, updated, or, deleted, it, returns, the, outcome, of, the,operation,(e.g.,,success,or,fail).,This,API,allows,to,retrieve,policies,by,passing,the,policy,identifier,or,by,passing, the,subject., In, the, former,case,, the,API,will, return, the,policy,associated, to, the,policy,identifier, passed,while, in, the, latter, case, it, will, return, a, list, of, policies,matching,with, the, subject,passed.,

Data!protection!and!Privacy!API,provides, interfaces, for,confidentiality,,authentication,, integrity,,non$repudiation,and,privacy,capabilities.,More,specifically,,it,exposes,interfaces,for,data,encryption,which, takes, as, input, the, plaintext, data,, the, encryption, key,, the, encryption, algorithm, and, other,information,related,to,the,specific,algorithm,selected,(e.g.,, initialization,vector,,mode),and,returns,the, encrypted, data., Similarly,, the, decryption, interface,will, take, as, input, the, encrypted, data,, the,decryption, key,, the, decryption, algorithm, and, other, information, related, to, the, specific, algorithm,selected,(e.g.,,initialization,vector,,mode),returning,the,plaintext,data.,It,also,exposes,an,interface,for,digital,signature,which,takes,as,input,the,data,to,authenticate,,the,private,key,and,returns,the,digital, signature., Data, anonymization, is, provided, by, specifying, the, data, to, be, anonymized,, the,algorithm, to, use, and, other, information, related, to, the, specific, algorithm, selected, and, returns, an,anonymized,version,of,the,original,data.,It,also,exposes,an,interface,to,allow,update,,deletion,and,notification,regarding,processing,of,personal,data.,

3.4.5! SynchroniCity Compliance Levels The,previous,sections,underlined,the,main,components,and,interfaces,that,can,be,considered,“interoperability,points”,,the,ones,that,should,be,implemented,by,RZs,or,external,systems,and,applications,to,be,part,of,the,SynchroniCity,platform.,An,important,aspect,that,should,be,stressed,is,that,every,RZ,,based,on,their,level,of,technical,maturity,,can,join,the,SynchroniCity,ecosystem,with,a,specific,level,of,compliance.,The,technical,activities,to,reach,the,platform,compliance,can,be,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 129 of 179

various,in,terms,of,both,complexity,and,duration,but,it,is,possible,to,define,some,milestones:,the,Figure,36,describes,this,approach,presenting,four,progressive,steps,with,different,levels,of,compliance,with,SynchroniCity,that,can,be,reached,by,RZs,indicating,also,a,different,degree,of,interoperability,with,the,platform:,,

•, Existing!proprietary!solutions:,in,this,phase,the,RZs,has,in,place,its,own,proprietary,platforms/IoT,infrastructure.,No,open,or,standard,API,are,provided,to,third,parties,and,the,applications,and,data,can,be,mainly,used,inside,the,local,ecosystem.,

•, Became!part!of!SynchroniCity:,implementing,the,Context,Management,API,,the,RZ,can,share,(part,of),its,data,sources,and,IoT,devices,with,the,SynchroniCity,platform.,This,is,the,first,step,that,enables,the,RZ,to,be,part,of,the,SynchroniCity,ecosystem,with,a,basic,degree,of,compliance.,It,will,be,possible,to,provide,and,access,to,the,data,present,in,the,platform,supporting,the,southbound,uniform,interfaces.,

•, Smart!city!domains:,this,step,is,related,to,the,adoption,of,common,SynchroniCity,data,models,that,allow,to,map,the,context,entities,information,in,specific,domains,of,the,smart,city.,In,this,way,services,and,applications,,developed,for,a,specific,RZ,can,be,easily,replicated,in,another,one,with,a,minimum,effort.,

•, Final,step,is,the,integration!of!RZ!with!the!Marketplace:,it,is,possible,to,have,different,level,of,integration,starting,from,the,simple,participation,to,the,SynchroniCity,Catalogue,,to,promote,specific,RZ,assets,,up,to,the,implementation,of,all,the,other,functionalities,,such,as,revenue,sharing,,feedback,collection,and,so,on.,The,active,participation,to,the,marketplace,enable,the,concrete,realization,of,a,digital,single,market.,,

,

,

Figure,36:,SynchroniCity,compliance,levels,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 130 of 179

4! Reference!implementation!technologies!!,

The,reference,architecture,presented,in,the,previous,chapter,described,,at,logical,level,,the,different,components, that, should, be, implemented, to, provide, all, the, necessary, functionalities, that, satisfy,SynchroniCity, requirements., The, concrete, implementation, of, the, architecture, will, be, specifically,addressed,in,others,WP2,tasks,,such,as,T2.2,(related,to,data,models),,T2.3,(data,marketplace),and,T2.4, (IoT, southbound, technologies)., In, principle,, there, are, no, particular, limitations, in, terms, of,technologies,(e.g.,programming,languages,,API,standards,etc.),for,the,implementation,of,the,logical,componentsm, for, sure, the, reuse, of, existing, assets, is, suggested, in, order, to, speed, up, the,implementation,process.,,

Anyway,,some,general,criteria,should,drive, the,selection,of, the,most,suitable, technologies, to,be,adopted,in,the,concrete,implementation,of,the,SynchroniCity,reference,architecture:,

,•, Compliance! with! architecture! functionalities:, the, technical, components, have, to, be,

compliant, (even, partially), with, the, logical, functionalities/interfaces, defined, by, the,SynchroniCity,reference,architecture.,The,identified,assets,should,be,also,easily,customized,and,extended,to,support,the,missing,functionalities.,

,•, Openness:,the,components,to,be,chosen,for,the,implementation,should,provide,open,API,,

open, usage, licenses, and, possibly, one, open, source, implementation, in, order, to, avoiding,vendor$lock,in,issues.,

,•, Standard!or!widely!adopted!technologies:,the,adoption,of,existing,standard,technologies,

is,highly,recommended.,It,would,be,better,also,to,take,in,consideration,the,customization,of,technological, components, already, in, place, in, the, Reference, Zones, or, widely, used, in,international,Smart,City,contexts.,

,•, Interoperability:, one, of, the, main, objective, of, the, SynchroniCity, platform, is, to, enable,

interoperability,among,different,technologies,and,applicative,domains.,This,aspect,should,be,taken, in, consideration, in, the, selection, of, reference, implementation, components., For,instance,,the,support,of,a,wide,range,of,IoT,protocols,is,fundamental,to,guarantee,integration,with,existent,and,legacy,systems.,

,•, Project! consortium! knowledge:, the, experience, of, the, SynchroniCity, member, is, very,

important,in,the,technical,choices.,Working,on,already,well$known,components,simplifies,the,customization/integration,activitiesm,the,project,consortium,partners,can,take,advantage,from,the,experiences,of,the,others,speeding,up,the,technical,issues,resolution.,

,

In, this, section, are, suggested,, following, the, above, mentioned, criteria,, some, possible, candidate,technologies,that,can,be,used,to,implement,the,logical,architectural,components.,It,is,important,to,underline, that, these, assets, are, not, mandatory, components, to, be, adopted, in, order, to, build, the,SynchroniCity,platform:,they,are,some,ready$to$use,components,that,(partially),satisfy,the,functional,requirements,of,the,logical,architecture,components.,,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 131 of 179

Four,main,macro$blocks,of,the,architecture,have,been,analysed:,●, Context,Management,●, IoT,Management,●, Data,Storage,Management,●, Marketplace,●, Security,

,In,addition,to,this,,further,investigation,has,been,conducted,to,propose,existing,standard,API,and,Data,Models,that,could,be,used,in,SynchroniCity,framework.,In,particular,,about,standard,API,,as,mentioned,in,the,previous,chapter,,a,concrete,candidate,is,NGSI,specification.,

According,to,the,official,documentation,of,the,technologies,analysed,,several,extracts,are,reported,in,order,to,show,their,main,functionalities,and,interfaces.,

,

4.1! Architecture blocks implementation

4.1.1! Context Management Next,paragraphs,describe,several,existing,implementations,for,the,Context,Data,Broker,and,Context,Event,Processing,modules,of,the,Context,Management,block.,Implementation,options,for,a,Context,Data,Broker,are,FIWARE,Orion,GE,and,the,Amazon,SNS.,Both,provide,,all,or,at,least,partially,,the,functionalities,required,for,the,management,of,context,information,have,been,considered.,

For, the, Context, Event, Processing, module,, FIWARE, Proton, GE, and, Apache, Flink, have, been,identified, as, possible, solutions, to, enable, the, required, event, recognition, and, management,functionalities.,

4.1.1.1! The Orion Context Broker The,Orion,Context,Broker, [33], is,an, implementation,of, the,Publish/Subscribe,Context,Broker,GE,(Generic,Enabler),,which, follows, the,NGSI,9,and,NGSI,10, interfaces,specifications.,Using, these,interfaces,,clients,can,do,several,operations:,

●, Register,context,producer,applications,,e.g.,a,temperature,sensor,within,a,room,●, Update,context,information,,e.g.,send,updates,of,temperature,●, Being,notified,when,changes,on,context, information, take,place, (e.g., the, temperature,has,

changed),or,with,a,given,frequency,(e.g.,get,the,temperature,each,minute),●, Query,context,information.,The,Orion,Context,Broker,stores,context,information,updated,from,

applications,,so,queries,are,resolved,based,on,that,information.,Orion, is, a,C++, implementation, of, the,NGSI, 9/10,REST,API, binding, developed, as, a, part, of, the,FIWARE,platform.,

The,Orion,Context,Broker,allows,user,to,manage,the,entire,lifecycle,of,context,information,including,updates,, queries,, registrations, and, subscriptions., It, is, an, NGSI, 9/10, server, implementation, to,manage, context, information, and, its, availability., Using, the,Orion,Context, Broker,, user, is, able, to,register, context, elements, and,manage, them, through,updates,and,queries., In, addition,, user, can,subscribe, to,context, information,so,when,some,condition,occurs,(e.g., the,context,elements,have,changed),you,receive,a,notification.,,

Context, information, is, represented, through, values, assigned, to, attributes, that, characterize, those,entities,relevant,to,your,application.,The,Context,Broker,is,able,to,handle,context,information,at,large,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 132 of 179

scale,by,implementing,standard,REST,APIs.,

,

Figure,37:,The,Context,Broker,Generic,Enabler,

,

,

4.1.1.2! Amazon!Simple!Notification!Service!

Amazon,Simple,Notification,Service, (Amazon,SNS), [122], is, a,web, service, that, coordinates, and,manages,the,delivery,or,sending,of,messages,to,subscribing,endpoints,or,clients.,In,Amazon,SNS,,there, are, two, types, of, clients,, publishers, and, subscribers,, also, referred, to, as, producers, and,consumers.,,

Publishers,communicate,asynchronously,with,subscribers,by,producing,and,sending,a,message,to,a,topic,,which,is,a,logical,access,point,and,communication,channel.,Subscribers,(i.e.,,web,servers,,email,addresses,,Amazon,SQS,queues,,AWS,Lambda,functions),consume,or,receive,the,message,or,notification,over,one,of,the,supported,protocols,(i.e.,,Amazon,SQS,,HTTP/S,,email,,SMS,,Lambda,,MQTT),when,they,are,subscribed,to,the,topic.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 133 of 179

,

Figure,38:,Amazon,SNS,topic,subscription,

When,using,Amazon,SNS,,user,creates,a, topic,and,control,access, to, it,by,defining,policies, that,determine,which,publishers,and,subscribers,can,communicate,with,the,topic.,,

A,publisher,sends,messages,to,topics,that,they,have,created,or,to,topics,they,have,permission,to,publish,to.,Instead,of,including,a,specific,destination,address,in,each,message,,a,publisher,sends,a,message,to,the,topic.,Amazon,SNS,matches,the,topic,to,a,list,of,subscribers,who,have,subscribed,to,that,topic,,and,delivers,the,message,to,each,of,those,subscribers.,,

Each, topic, has, a, unique, name, that, identifies, the, Amazon, SNS, endpoint, for, publishers, to, post,messages,and,subscribers,to,register,for,notifications.,Subscribers,receive,all,messages,published,to,the,topics,to,which,they,subscribe,,and,all,subscribers,to,a,topic,receive,the,same,messages.,

4.1.1.3! Complex!Event!Processing!(Proton) FIWARE, Complex, Event, Processing, (CEP), GE, [123], module, analyses, event, data, in, real$time,,generates,immediate,insight,and,enables,instant,response,to,changing,conditions,(i.e.:,if,the,Entity,attribute,“temperature”,is,over,25,send,an,email,to,me).,

IBM,Proactive%Technology%Online%(Proton),[124],is,an,open,source,complex,event,processing,engine,developed,at,IBM,Research,$,Haifa,and,it,is,an,implementation,of,the,FIWARE,CEP,GE.,It,provides,language,primitives,for,defining,,submitting,,and,executing,event,processing,networks.,The,goal,of,the,system,is,to,respond,to,raw,events,and,identify,meaningful,events,within,contexts.,The,system,comes,with,a,set,of,built$in,operators,(such,as,sequence,,all,,etc.),for,determining,CEP,patterns.,It,also,has,extendable,APIs,for,adding,additional,custom,operators.,The,system,comes,with,existing,source/sink,adapters,,allowing,it,to,extract,raw,events,from,files,or,pull,them,from,RESTful,services.,It,also,provides,extendable,APIs,for,adding,more,adapter,types.,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 134 of 179

4.1.1.4! Complex!Event!Processing!(Apache!Flink) Apache,Flink,[125],is,an,open$source,stream,processing,framework,for,distributed,,high$performing,,always$available,,and,accurate,data,streaming,applications.,

It, offers, different, ways, to, process, different, kinds, of, data, sets,, divided, into, bounded, (finite,, i.e.,,unchanging), and, unbounded, (infinite, data, sets, that, are, continuously, appended, to)., It, allows, for,streaming,processing,,where,execution, is,continuous, for,as, long,as,data, is,being,produced,,and,batch,processing,,that,is,executed,in,a,finite,amount,of,time.,,

Its,main, features, are, being, easily, scalable, horizontally,, running, in,multiple, nodes, to, offer, better,throughputs.,It,provides,event,time,semantics,,in,order,to,process,results,over,data,streams,where,events,may,arrive,out,of,order.,It,also,supports,flexible,windowing,based,on,different,parameters,in,order,to,extract,relevant,results,from,the,processed,streams.,

,

4.1.2! IoT!Management!

About,the,management,of,southbound,connections,,in,this,section,two,possible,solution,have,been,identified,,both,of,them,providing,a,lot,of,IoT,protocols,supported,and,adopting,NGSI$based,interface.,The,first,technology,takes,into,account,comes,from,FIWARE,world,and,it,satisfies,the,requirements,defined,for,Backend,Device,Management,GEm,another,technology,that,seems,to,be,compliant,with,what,defined,for,SynchroniCity,architecture,is,the,sensiNact,gateway,,an,Eclipse,project,that,is,quite,used,in,several,H2020,European,projects.,

4.1.2.1! IDAS!GE!

IDAS,GE,[61],is,an,implementation,of,the,FIWARE,Backend,Device,Management,GE,and,it,is,the,component,able,to,connect,IoT,devices/gateways,to,FIWARE$based,ecosystems.,

In,order,to,send,information,from,the,devices,to,the,platform,,user,can,employ,specific,components,called, IoT, Agents, [62]., These, components,map, southbound, protocol, requests, coming, from, the,device,to,NGSI,requests,to,a,Context,Broker,that,helps,user,mapping,device,data,to,an,NGSI,Entity,and,attributes.,

On,the,southbound,side,,IDAS,exposes,the,Device,API,that,allows,to:,●, Register,device,to,reduce,the,message,footprint,and,use,commands.,●, Send,data,from,the,device,to,the,FIWARE,IoT,Stack,●, Send,commands,from,application,to,the,device,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 135 of 179

,

Figure,39:,FIWARE,IoT,Device,Management,GE,architecture!

4.1.2.2! SensiNact!

SensiNact,[105],is,an,open,source,project,,recently,included,in,Eclipse,Community,,which,provides,gateway,functionalities,dedicated,to,IoT,and,allows,interconnection,of,different,networks,to,achieve,access,and,communication,with,embedded,devices.,The,main,objective,of,sensiNact,is,managing,heterogeneous,IoT,protocols,providing,both,on,demand,and,event,based,access,to,data,or,actions,of,IoT,devices,and,,in,addition,,it,also,provides,a,layer,of,APIs,for,access,to,historic,data.,

In,particular,,sensiNact,consists,in,two,complementary,frameworks:,●, SensiNact%Platform:,it,is,the,core,part,in,charge,of,managing,the,southbound,connection,to,

IoT,devices,and,allowing,access,to,them,with,various,northbound,protocols.,For,Southbound,connections, sensiNact, provides, a, list, of, supported, protocols, like, ZigBee,, LoRa,, MQTT,,XMPP,and,data,coming,from,different,devices,are,accessible,by,a,northbound,interface,that,supports,protocols,like,HTTP,REST,,JSON,RPS,,and,CDMI.,SensiNact,supports,NGSI,for,both, southbound,and,northbound,connections, so,allowing,a, full, integration,with,FIWARE,Platforms,and,the,other,ones,that,use,these,interfaces.,

●, Sensinact, Studio:, it, is, an, IDE, Eclipse$based, that, allows, developing, IoT, applications, by,managing,IoT,devices,connected,to,sensiNact.,

From,the,architecture,point,of,view,,sensiNact,can,be,represented,using,the,following,five,functional,groups:,

,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 136 of 179

,

Figure,40:,sensiNact,Architecture,

The,main,functionalities,of,each,block,are:,●, Device!Protocol!Adapter:!Represents,all,the,bridges,that,allow,southbound,access,to,

heterogeneous,IoT,protocols.,It,exposes,Device%Access%API,to,interact,with,northbound,interfaces!

●, Smart!Object!Access!and!Control:,Includes,all,the,core,functionalities,such,as,devices,and,resources,discovery,,secure,communication,,etc.,It,exposes,its,services,through,the,Consumer%API,to,consumers.,

●, Consumer!Protocol!Adapter:,Represents,all,the,bridges,that,translate,information,coming,through,Consumer,API,interface,and,provide,it,to,consumer,using,specific,application,protocols,(REST,,NGSI,,etc.).,

●, Gateway!Management:!Manages,devices,connected,to,sensiNact,,by,using,the,Device,Management,API,,and,the,other,functionalities,such,as,cache,,resource,directory,and,security,services,by,using,the,,Gateway,Management,API.,

●, Manager!Protocol!Adapter:!Adapts,Gateway,Management,API,to,protocols,used,by,external,management,entities.,

4.1.3! Data!Storage!Management!

Data, Storage, Management, in, SynchroniCity, takes, into, account, different, aspects, of, storage,functionalities,, related, to, the, data, type, (public,, private,, etc.),, security, or, platform, and, usage,perspective.,

The, following, solutions, proposed, cover, mainly, two, aspects, of, storage, functionalities., The, first,component,is,a,FIWARE,solution,focused,on,Big,Data,analysis,and,the,other,ones,are,focused,on,open,data,publishingm,about,these,topic,the,solutions,proposed,are,a,standard,and,well$known,open,data,management,system,as,CKAN,while,the,second,one,adds,a,further,level,of,complexity,about,data,aggregation,,introducing,the,concept,of,federation,of,open,data,management,systems.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 137 of 179

4.1.3.1! Cosmos Cosmos,[126],is,the,codename,for,the,Reference,Implementation,of,the,Big,Data,Generic,Enabler,of,FIWARE,,a,set,of,tools,and,developments,helping,in,the,task,of,enabling,a,Hadoop,as,a,Service,(HaaS),deployment,,Cosmos,is,capable,of,serving:,

●, A,set,of,administration,tools,such,as,HDFS,data,copiers,●, An,OAuth2,tokens,generator,●, A,web,portal,for,users,and,accounts,management,,running,MapReduce,jobs,and,doing,I/O,

of,big,data,●, A,custom,authentication,provider,for,Hive,●, A,REST,API,for,running,MapReduce,jobs,in,a,shared,Hadoop,cluster,●, A,specific,OAuth2$base,proxy,for,Http/REST,operations,

,

Figure,41:,Big,Data,Analysis,GE,Architecture,

,

The,basic,design,principles,of,the,Big,Data,Analysis,GE,are:,●, To,hide,the,complexity,behind,the,process,of,creating,Big,Data,environments,,where,some,

software, packages,must, be, appropriately, configured, in, order, they,work, in, a, coordinated,fashion.,

●, To, offer, a, wide, set, of, processing, and, querying, technologies, for, being, installed, in, the,environment.,The,GE,exposes,a,catalogue,,which,can,grow,up,in,an,easy,and,opened,way.,

●, To,focus,the,efforts,on,extracting,insights,and,value,added,information.,To,achieve,that,,there,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 138 of 179

are, components, allowing, for, complex, SQL$like, queries, design,, reusing, binaries, and, to,compose,processing,sequences,thanks,to,an,easy,and,intuitive,web$based,interface.,

4.1.3.2! CKAN CKAN,[55],is,a,powerful,data,management,system,that,makes,data,accessible,–,by,providing,tools,to,streamline,publishing,,sharing,,finding,and,using,data.,CKAN,is,aimed,at,data,publishers,(national,and, regional, governments,, companies, and, organizations), wanting, to,make, their, data, open, and,available.,It,is,also,aimed,at,the,data,users,who,go,to,CKAN,instances,in,order,to,find,open,data,and,start,using,it.,

CKAN,is,built,with,Python,on,the,backend,and,JavaScript,on,the,frontend,,and,uses,The,Pylons,web,framework, and, SQLAlchemy, as, its, ORM., Its, database, engine, is, PostgreSQL, and, its, search, is,powered,by,SOLR.,It,has,a,modular,architecture,that,allows,extensions,to,be,developed,to,provide,additional,features,such,as,harvesting,or,data,upload.,

CKAN,uses,its,internal,model,to,store,metadata,about,the,different,records,,and,presents,it,on,a,web,interface,that,allows,users,to,browse,and,search,this,metadata., It,also,offers,a,powerful,API,that,allows,third$party,applications,and,services,to,be,built,around,it.,

,

Figure,42:,CKAN,Architecture,

4.1.3.3! Open!Data!Federation Open,Data,Federation,(ODF),[127],is,a,web,application,developed,inside,Festival,Project,[112],,a,H2020, EU$Japan, collaborative, project, related, to, FIRE, (Future, Internet, for, Research, and,Experimentation),initiative.,This,tool,aims,to,provide,a,unique,access,point,to,open,data,sets,coming,from, different, ODMS, (Open, Data, Management, System)., ODF, federates, different, ODMS, and,provides,a,uniform,representation,of,collected,datasets,using,DCAT_AP,[128],,a,specification,based,on,the,international,standard,Data,Catalogue,Vocabulary,(DCAT),[129].,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 139 of 179

Each, representation, contains, the, list, of, metadata, related, to, the, dataset, including, links, to, their,distributions,, which, are, the, files, (CSV,, JSON,, XML,, etc.), that, contain, the, data.,ODF,supports,integration,of,CKAN,and,Socrata,open,data,portals,,but,also,provides,an,ad$hoc,set,of,APIs,,the,Federation%API,,to,allow,to,other,ODMS,,based,on,different,technologies,,to,participate,in,the,federation.,,

In,addition,to,access,to,dataset,metadata,,ODF,also,manages,Linked,Open,Data,and,provides,a,SPARQL,endpoint,to,perform,queries,on,5$star,RDF,data,[130].,

Figure,43,shows,the,internal,architecture,of,ODF:,

,

,

,

Figure,43:,ODF,Architecture,

The,main,modules,are:,●, Federation!Manager:,it,is,the,core,module,of,ODF,and,it,is,in,charge,of,managing,the,

ODMS,federation,process,and,providing,advanced,search,capabilities,on,ODMS.,It,exposes,its,services,by,using,a,set,of,REST,interfaces,,the,Platform%API.,

●, Linked!Open!Data!Repository:,represents,a,RDF,triple,store,and,exposes,API,to,manage,the,linked,open,data,collected,and,to,perform,queries,on,them.,

●, Federated!Open!Data!Catalogue:,it,is,a,web,user,interface,that,uses,the,Platform,API,to,provide,to,end$user,an,access,to,Federation,Manager,services.,,

4.1.4! Marketplace ,A, possible, technical, solution, to, implement, the, SynchroniCity, marketplace, is, the, Business, API,Ecosystem,GE,[14],which,is,the,result,of,the,collaboration,between,FIWARE,and,the,TMForum,[12].,More,specifically,,the,Business,API,Ecosystem,GE,is,a,joint,component,made,up,by,integrating,the,FIWARE, Business, Framework, with, a, set, of, standard, APIs, (and, its, reference, implementations),provided,by,the,TMForum,in,its,TMF,API,ecosystem.,This,enabler,allows,the,monetization,of,assets,during,the,whole,service,life,cycle,, from,offering,creation,to, its,charging,,accounting,and,revenue,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 140 of 179

settlement,and,sharing.,In,this,way,,the,Business,API,Ecosystem,provides,data,providers,the,means,for,managing,,publishing,,and,generating,revenue,of,their,data,,applications,and,services.,,

,

Figure,44:,Business,API,Ecosystem,Architecture,

,Blockchain, technology, [131], is, a, viable, candidate, when, considering, the, possibility, to, run, a,decentralized,marketplace,which,operates,according,to,specific,RZ’s,governance,rules.,,Blockchain,is,essentially,a,distributed,ledger,of,information,(e.g.,,a,transaction,from,A,to,B,in,the,Bitcoin,world),,a,copy,of,which,cannot,be,arbitrarily,altered,without,being,spotted,and,for,which,consistency,of,each,information,can,be,achieved,through,a,decentralized,and,distributed,consensus,,without,requiring,trust,in,any,third,party,but,instead,,through,large,and,flat,pool,of,so$called,miners,using,cryptographic,primitives.,Blockchain,has,been,leveraged,to,manage,Smart,Contracts,,small,pieces,of,software,that,encode,a,set,of,conditions,and,actions,that,a,machine,can,interpret,and,that,can,be,executed,as,expected, using, the, blockchain, infrastructure, without, third, party, involvement, or, supervision.,Blockchain,and,Smart,Contracts,properties,can,be,leveraged,to,increase,citizens,trust,with,respect,to, cities, operations, and, decision, making, while, also, lower, the, friction, between, providers, and,consumers.,Using,cryptographic,trust,,which,is,at,the,core,of,blockchains’,smart,contract,capabilities,,the,conditions,required,for,a,transaction,to,happen,,could,be,written,in,code.,Funds’,release,could,also, be, unclenched, automatically, by, predefined, triggers, written, in, code., Blockchain, technology,allows,users,to,store,and,decide,at,their,will,if,they,want,to,share,their,personal,data,with,others.,In,other,words,,users’,data,would,not,be,stored,on,marketplace,provider’s,servers,,but,on,an,instance,owned/managed,by,each,user.,More,interestingly,,we,could,own,our,personal,data,on,one,unique,blockchain$enabled,platform,and,use,it,on,multiple,marketplaces.,We,would,then,be,moving,from,a,paradigm,where,each,user,would,have,a,separate, identity,and, reputation,on,each,platform, to,a,paradigm,where,users,would,have,a,single,identity,owned,and,controlled,by,himself,and,stored,in,the,blockchain,, thus, fostering, identities,and,reputations, in, line,with, the,digital,single,marketplace,concept., Moreover,, as, user, feedback, and, rating, have, a, strong, impact, on, the, level, of, trust, on,marketplaces,,by,using,blockchain,technology,any,review,could,be,authenticated,,and,solely,users,who,had,actually, been, through,a, prior, transaction,would, be, able, to, post, feedback, and, rate,, for,example,by,signing,with,their,own,private,key,before,posting,them.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 141 of 179

4.1.5! Security!!

In,the,following,,a,set,of,technologies,that,are,potential,candidate,to,support,identity,management,,authentication,,authorization,,data,protection,and,privacy,functions,is,presented.,,,KeyRock!Identity!Management!(IdM)![69], is,a,reference,implementation,of,the,FIWARE,Identity,Management,GE,and,it,covers,a,number,of,key,security,aspects,involving,users’,access,to,networks,,services,and,applications.,The,GE,eases,some,often,complex,administrative,tasks,such,as,secure,and, private, authentication, from, users, to, devices,, networks, and, services,, authorization, &, trust,management,, user, profile, management,, privacy$preserving, disposition, of, personal, data,, Single,Sign$On,(SSO),to,service,domains,and,Identity,Federation,towards,applications.,,

Wilma![70]!is,a,reference,implementation,of,the,FIWARE,PEP,Proxy,GE]!playing,the,role,of,a,PEP,(Policy,Enforcement,Point),,is,a,key,component,to,use,combined,with,the,Identity,Management,GE,that,brings,authentication,and,authorization,to,the,backend,application.,Its,main,functionality, is,to,check, that,only, the,authorized,users,are,able, to,access, the,GE,or,REST,service.,PEP,Proxy, is,thought, to, work, with, OAuth2, and, XACML, protocols, as, the, standards, for, authorization, and,authentication, in, FIWARE., AuthZForce! [71]! is, a, reference, implementation, of, the, FIWARE,Authorization,PDP,GEm,playing,the,role,of,a,PDP,(Policy,Decision,Point),,provides,an,API,to,get,role,permissions,, based, on, authorization, policies, and, authorization, requests, from, PEPs, (Policy,Enforcement,Points).,The,GE,follows,the,REST,architecture,style,and,the,messages,are,written,in,XACML.,AuthZForce,eases,the,implementation,of,an,authorization,module,without,the,necessity,of,hardcode, the, authorization, logic, within, the, application, code,, which, would, make, the, application,harder, to, maintain., The, externalization, of, the, authorization, logic, is, especially, convenient, if, we,combine, this,GE,with, the,PEP,Proxy,and, the, IdM,,bringing,a,simple, to, implement,but, complete,security,solution,for,authentication,and,authorization.,,

Additional, technologies, and, standard, protocols, for, the, implementation, of, authentication, and,authorization,components,such,as,Security,Assertion,Markup,Language,(SAML),[132],,eXtensible,Access,Control,Markup,Language,(XACML),[119],,JSON,Web,Token,(JWT),[40],,OAuth,[133],and,OpenID,(OID),[134],are,included,in,the,appendix.,,,To,preserve,privacy,and,comply,with,privacy,regulations,and,GDPR,,part,of,released,datasets,have,to,be,hidden,or,anonymized,using,various,anonymization,techniques.,DBA,,an,implementation,of,DB!Anonymizer,GE,[135],,is,a,database,re$identification,risk,evaluation,and,anonymization,servicem,it, can, be, used, as, a, support, tool, in, case, of, dataset, disclosure, operations., DBA, deals, with, the,estimation,of,the,re$identification,risk,associated,to,information,disclosures,,which,is,the,risk,that,an,attacker,can,reconstruct,exactly,a,dataset's,content.,This,estimation,is,then,used,for,providing,users,with, a, number, of, functionalities, connected, to, dataset, anonymization., For, instance,, the, service,exposes,a,function,that,calculates,a,value,,that,represents,the,likelihood,(from,0,$,impossibility,to,1,$,certainty),that,an,attacker,can,reconstruct,exactly,a,dataset's,content,that,is,anonymized,using,a,certain,obfuscation,policy.,Moreover,,the,Data!Handling!GE![136],!through,its,implementation!PPL!(Primelife!Policy!Engine),is,a,privacy$friendly,attribute$based,access,control,system,,which,targets,mainly,sensitive,data.,It,permits,to,store,information,together,with,an,attached,privacy,policy,,which,regulates,its,usage.,Thus,,the,Data,Handling,GE,can,reveal,certain,attributes,,according,to,specific,supplied,conditions.,,Additional, technologies, to, implement, privacy, and, data, protection, functionalities, based, on, both,private,and,public,key,cryptography,such,as,the,use,of,a,personal,data,management,framework,,On$the$fly, encryption, (OTFE),, Symmetric, Searchable, Encryption, (SSE),, Public$Key, Searchable,Encryption, (PEKS),, Multi$Party, Computation, (MPC),, and, Verifiable, Secret, Sharing, (VSS), are,presented,in,the,appendix.,In, order, to, support, both, new, and, legacy, IoT, devices,, SynchroniCity, could, provide, end$to$end,security,at,the,API,level,rather,than,supporting,and,coping,with,how,different,solutions,(e.g.,,LoRa,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 142 of 179

802.15.4,, NB$IoT,, WiFi,, LTE,, GPRS,, etc.), handle, security, measures., Implementing, adaptation,policies,of,security,mechanisms,in,the,boundary,points,assures,that,security,remains,independent,from, low, level, IoT, components., Thus,, each,HTTP, request, against, the, SynchroniCity, API, could,require,the,inclusion,of,specific,authentication,credentials.,The,specific,implementation,of,the,API,may,support,multiple,authentication,schemes,(OAuth,,Basic,Auth,,Token),and,will,be,determined,by,the, specific, RZ, according, to, their, governance,, policies, and, procedures., Some, authentication,schemes,may,require,that,the,API,operates,using,TLS,over,HTTP,(HTTPS).,OpenSSL![137],is,an,open, source, project, that, provides, a, robust,, commercial$grade,, and, full$featured, toolkit, for, the,Transport,Layer,Security,(TLS),protocol,and,it,can,also,be,used,as,a,general$purpose,cryptography,library,for,the,implementation,of,other,security,services,such,as,digital,signature,and,data,encryption.,

More,specific,information,regarding,how,different,IoT,protocols,provide,support,for,security,and,what,defence,mechanisms,can,tackle,SynchroniCity,platform,threats,are,described,in,the,appendix.,

4.2! Standard for APIs and Data Models According,to,SynchroniCity,requirements,a,possible,implementation,of,the,Context,Management,API,has,been, identified, in, the,NGSI,specification,, that,offer,all, the,operations,needed, to,manage, the,context,entities.,This,section,analyses,the,NGSI,data,model,and,the,list,of,operations,that,allow,to,interact,with,context,entities,,by,performing,queries,or,publish/subscribe,mechanism.,

In,particular,,this,section,specifies,the,NGSI$9,and,NGSI$10,Interfaces,with,the,following,functions:,,●, Register,and,retrieve,the,availability,of,Context,Entities,and/or,Context,Information,●, Update,Context,Information,in,accordance,to,a,specified,Context,Information,Model.,,●, Query,for,and,subscribe,to,Context,Information,about,Context,Entities.,,

Another,relevant,aspect,is,the,usage,of,common,data,models,that,can,add,benefits,in,SynchroniCity,in,terms,of,interoperability,and,reusability,of,application.,The,following,proposal,is,based,on,FIWARE,Data,Models,project,that,provides,a,wide,set,of,data,models,based,on,NGSI,specification.,

4.2.1! NGSI!data!model!and!interfaces!

NGSI, is,a,protocol,developed,by,OMA, to,manage,Context, Information,,which,provides, following,functionalities:,

●, Manage,the,Context,Information,about,Context,Entities.,●, Access,(query,,subscribe/notify),to,the,available,Context,Information,about,Context,Entities.,

Context,Entities,are,entities,that,are,described,by,Context,Information,and,they,are,described,by,the,Context,Information,Model.,

The, Context, Information,Model, details, how,Context, Information, is, structured, and, associated, to,Context,Entities,in,order,to,describe,their,situation.,In,this,model,,Context,Information,is,organized,as,Context,Elements,,which,contain,set,of,Context,Attributes,and,associated,metadatam,Figure,45,gives,also,some,examples,on,entities,that,can,be,used,as,Context,Entities.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 143 of 179

,

Figure,45:,NGSI,Context,Information,Model,

NGSI, defines, the, following, two, interfaces, for, managing, information, based, on, this, Context,Information,model:,

●, NGSI$9:,provides,operations,to,obtain,the,availability,information,about,context,entities,and,their,attributesm,this,interface,contains,operations,to,register,context,entities,and,to,discover,context,information,providers.,

●, NGSI$10:,provides,operations,for,exchanging,information,about,entities,and,their,attributesm,this, interface, contains, operations, to, perform, queries,, update, or, activate, subscription, on,context,entities.,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 144 of 179

●, ,Table,42,reports,NGSI9,and,NGSI,10,operations,list,

,

NGSI!9! Description! NGSI!10! Description!

registerContext! Allows% registering% and%

updating% of% registered%

Context% Entities,% their%

attribute% names% and%

availability%

queryContext! This%operation%allows%for%

the%synchronous%retrieval%

of%Context%Information.%

discoverContextAvailability!

Allows, the, synchronous,discovery,of,the,potential,set, Context, Entities,,types,of,Context,Entities,and, related, Context,Information, that, can, be,provided.,

subscribeContext! This%operation%allows%the%

asynchronous%retrieval%of%

Context%Information.%It%is%

used% for% subscription% to%

Context%Information.%The%

subscription% triggers% the%

notifications% about% the%

matching% Context%

Entities% based% on% the%

defined% Notify% Condition%

information%passed%in%the%

subscribeContextReque

st%operation.%%

%

subscribeContextAvailability!

Allows,the,asynchronous,discovery,of,the,potential,set, Context, Entities,,types,of,Context,Entities,and, related, Context,Information, that, can, be,provided,,

updateContextSubscription!

This% operation% allows%

updating% a% previous%

subscription% to% Context%

Information.%%

%

updateContextAvailabilitySubscription!

Updates% a% previous%

subscription% to% discover%

Context%Information.%%

unsubscribeContext! This% operation% allows%

unsubscribing%a%previous%

subscription% to% Context%

Information.%%

%

UnsubscribeContextAvailability!

Deletes% a% previous%

subscription% to% discover%

Context%Information.%%

notifyContext! This% operation% allows%

receiving% the% notification%

about% the% Context%

Information% subscribed%

to%by% the%subscriber% that%

implements% the%

notification%interface.%%%

%

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 145 of 179

notifyContextAvailability!

Allows% receiving% the%

notification% about% the%

potential% set% of% Context%

Registrations%subscribed%

to%by% the%subscriber% that%

implements% the%

notification%interface.%

updateContext! This% operation% allows%

updating%a%set%of%Context%

Information,% related%

attributes%and%metadata.%%

Table,42:,NGSI$9,and,NGSI$10,Operations,List,

4.2.2! Data Models Adoption,of,common,models,,besides,the,adoption,of,common,APIs,is,a,fundamental,step,to,allow,for,a,scalable,data,ecosystem,that,supports,the,interoperability,and,re$usage,of,data,and,applications,working,on,top,of,data.,

The,FIWARE,Community,is,promoting,the,development,of,re$usable,and,harmonized,Data,Models,under,the,umbrella,of,the,FIWARE,Data,Models,[16],initiative.,These,data,models,are,reusing,and,extending,the,work,performed,under,the,GSMA,IoT,Big,Data,initiative,[138].,The,work,conducted,under,FIWARE, is,evolving,on,a,daily, basis,by, taking, into, consideration, requirements, from,Data,Models’,adopters.,All,FIWARE,Data,Models,,coherently,with,the,centric,role,of,the,NGSI,API,,are,expressed,to,be,used,with,such,API.,

In, line, with, this, principle, FIWARE, has, harmonised, so, far, the, following, set, of, data, models:,,

●, Environment., A, model, to, enable, the, monitoring, of, air, quality, and, other, environmental,conditions,for,a,healthier,living.,In,particular,,covered,entity,types,include:,

○, AirQualityObserved:,an,observation,of,air,quality,conditions,at,a,certain,place,and,time.,

○, WaterQualityObserved:, capture, all, the, parameters, involved, in, Water, Quality,scenarios.,

○, NoiseLevelObserved:, represents,an,observation,of, those,parameters,that,estimate,noise,pressure,levels,at,a,certain,place,and,time.,

●, Civic!Issue!tracking.,This,set,provides,entity,types,for,civic,issue,tracking,interoperable,with,the,de$facto,standard,Open311.,In,particular,,covered,entity,types,include:,

○, ServiceType.,A,type,of,service,a,citizen,can,request.,○, ServiceRequest.,A,specific,service,request,(of,a,service,type),made,by,a,citizen.,

●, Street!Lighting.,It,models,street,lights,and,all,their,controlling,equipment,towards,energy$efficient,and,effective,urban,illuminance.,The,covered,entity,types,include:,

○, Streetlight:,a,particular,instance,of,a,streetlight.,A,streetlight,is,composed,by,a,lantern,and,a,lamp.,Such,elements,are,mounted,on,a,column,(pole),,wall,or,other,structure.,

○, StreetlightGroup:,a,group,of,streetlights,being,part,of,the,same,circuit,and,controlled,together,by,an,automated,system.,

○, StreetlightModel:,a,model,of,streetlight,composed,by,a,specific,supporting,structure,model,,a,lantern,model,and,a,lamp,model.,A,streetlight,instance,will,be,based,on,a,certain,streetlight,model.,

○, StreetlightControlCabinet:,an,automated,equipment,,usually,on,street,,typically,used,to,control,a,group(s),of,streetlights,,i.e.,one,or,more,circuits.,

●, Device.,This,set,of,entity,types,describes,IoT,devices,(sensors,,actuators,,wearables,,etc.),with,their,characteristics,and,dynamic,status.,The,covered,entity,types,include:,

○, Device:,an,electronic,apparatus,designed,to,accomplish,a,particular,task.,○, DeviceModel:,the,static,properties,common,to,multiple,instances,of,a,Device.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 146 of 179

●, Transportation.,Transportation,data,models,for,smart,mobility,and,efficient,management,of,municipal,services.,The,covered,entity,types,include:,

○, TrafficFlowObserved:,a,recorded,observation,of,traffic,flow.,○, Road:,a,geographic,and,contextual,description,of,a,Road.,○, RoadSegment:,a,geographic,and,contextual,description,of,a,road,segment.,○, Vehicle:,a,specific,vehicle,instance.,,○, VehicleModel:,a,model,of,vehicle,,capturing,its,static,properties,such,as,dimensions,,

materials,or,features.,●, Indicators., It,models,key,performance, indicators, intended, to,measure, the,success,of,an,

organization,or,of,a,particular,activity,in,which,the,organisation,is,engaged.,●, Waste!Management.,This,model,enable,efficient,,recycling,friendly,,municipal,or,industrial,

waste,management,using,containers,,litters,,etc.,The,covered,entity,types,include:,○, WasteContainerIsle:,the,isle,that,holds,one,or,more,containers.,○, WasteContainerModel:, a, model, of, waste, container,, capturing, its, static, properties,

such,as,dimensions,,materials,or,features.,○, WasteContainer:,a,particular,instance,of,waste,container,placed,at,a,particular,isle,or,

place.,●, Parking., This, model, provide, real, time, and, static, parking, data, (on, street, and, off, street),

interoperable,with,the,EU,standard,DATEX,II.,This,model,includes,the,following,entity,types:,○, OffStreetParking:,an,offstreet,parking,site,with,explicit,entries,and,exits.,○, ParkingAccess:,an,access,point,to,an,off,street,parking,site.,○, OnStreetParking:,an,on,street,,free,entry,(but,might,be,metered),parking,zone,which,

contains,at,least,one,or,more,adjacent,parking,spots.,○, ParkingGroup:,a,group,of,parking,spots.,○, ParkingSpot:,an,individual,,usually,monitored,,parking,spot.,

●, Weather., Weather, observed,, weather, forecasted, or, warnings, about, potential, extreme,weather, conditions.,,,

, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 147 of 179

Conclusions This,deliverable,defined, the, first, version,of,SynchroniCity, reference,architecture, for, IoT,Enabled,Smart,Cities,that,includes,the,definition,of,the,high$level,logical,components,and,their,functionalities.,In, order, to, design, the, architecture,, it, has, been, taken, in, considerations, the, use, cases, and,recommendation,included,in,the,deliverable,D1.3,,and,the,platform,requirements,further,improved,by,the,analysis,results,contained,in,this,document.,,

In,particular,,it,was,performed,a,study,,using,a,common,approach,,of,relevant,international,initiatives,,SDOs,and,EU,projects, targeting, large,scale, IoT,deployment,and,smart,city.,As,outcomes,of, this,study, some, commonalities, have, been, identified,, in, terms, of, architectural, approaches, and,technologies,,which,has,been,taken,in,consideration,in,the,architecture,design.,

The,section,2,reported,the,detailed,analysis,of,the,current,IoT,technical, infrastructures,already,in,place,in,the,pilot,cities,(Reference,Zones),identifying,the,different,logical,layers,and,the,technological,platforms/assets,that,implement,them.,Particular,attention,has,been,paid,in,the,analysis,of,IoT,core,technologies, and, the, interfaces, to, southbound, and, northbound, layers,, essential, to, identify, the,interoperability,points,between,the,existing,city,platforms,and,the,synchronicity,one.,The,results,of,an,overall,technical,comparisons,of,the,different,RZs,architectures,highlighted,the,key,features,and,technologies,already,adopted,and,planned,to,be,deployed,in,the,near,future:,this,outcome,together,with,new,city,needs,identified,during,the,technical,discussion,with,RZs,,contributed,to,identify,the,list,of,new,SynchroniCity,platform,requirements,improving,the,ones,already,presented,in,D1.3.,

The,core,part,of,the,deliverable,was,the,definition,of,the,logical,components,of,the,SynchroniCity,reference, architecture,, designed, taking, in, consideration, the, requirements, and, all, the, above$mentioned,analysis.,For,each,component,we,defined, the, functionalities,, the, interactions,with, the,other,architectural,elements,and,a,detailed,mapping,with,the,requirements.,A,specific,section,of,the,chapter, has, been, dedicated, to, the, definition, of, the, “interoperability, points”,, the, specific, logical,interfaces,to,be,implemented,by,RZs,and,external,systems,to,be,part,of,the,SynchroniCity,platform,,enabling,the,participation,in,a,digital,single,market.,The,implementation,of,the,specific,interoperability,points,interfaces,will,ensure,that,each,of,the,8,heterogeneous,RZs,can,be,compliant,(with,different,possible,levels,of,maturity),with,the,SynchroniCity,approach,without,requiring,existing,infrastructure,and,systems,to,be,re$implemented.,

The,last,chapter,of,this,deliverable,was,dedicated,to,the,analysis,of,relevant,existent,technical,assets,that, can, be, easily, reused, and, customised, to, implement, some, of, the, logical, components, of, the,platform.,At, the, end,of, the, document, an,Annex, is, provided,with, an, extensive, description, of, the,requirements,and,relevant,technologies,related,to,current,RZ,infrastructures,or,specific,standards,in,the,IoT,and,Smart,City,domain.,An,updated,final,version,of,this,document,,with,further,logical,and,technical,details,,will,be,released,in,February,2018.,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 148 of 179

Appendix 1! Architectural requirements ,The, requirements, presented, in, the, next, paragraphs, are, described, using, the, following, set, of,attributes:,,,

Title! The%title%of%the%requirement.%

Category! A%high%level%classification%of%the%requirement.%

ID! The%unique%identification%code%for%the%requirement.%

Requirement!Type!

Typology%of%the%requirement:%

· Functional:% it% is% a% requirement% that% expresses% a% functionality% of% the%

platform%that%will%be%directly%used%by%a%user%(human%or%external%system).%

· NonZFunctional:% this% type% of% requirement% is% related% with% platform%

features% that% are% not% specific% behaviours% or% functions,% such% as%

performance,%security%and%interoperability.%

Requirement!Description!

The%description%of%the%requirement.%

Rationale! Motivations%that% justify%the%need%for%the%requirement% in%the%context%of%

the%project.%

Priority! The%priority%level%for%the%implementation%of%the%requirement:%

· High:%the%requirement%has%high%priority%and%has%to%be%implemented%in%

the%first%version%of%the%platform.%

· Medium:% the% requirement% has% medium% priority% and% should% be%

implemented%in%the%final%version%of%the%platform.%

· Low:%the%requirement%has%low%priority%and%its%implementation%is%optional.%

Table,43:,Generic,template,for,requirements,description,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 149 of 179

A1.1!System Requirements ,

Title! Container,technology,

ID! SR$MODULARITY$01,

Category! Decoupled,&,distributed,components,

Priority! High,

Requirement!Description,

The,system,should,be,based,on,a,modular,architecture,design.,,

Rationale, Services, and, components, should, support, deployment, through, container,technology,,which,will, increasing,the,chances,of,services,being,adopted,by,cities.,This,also,reduces,the,risks,associated,with,deployment,,and,can,greatly,improve,the,development,lifecycle.,

Requirement!type!

Non$Functional,

,

Title! Use,of,publically,accepted,and,open,standards,

ID! SR$INT$OPEN$01, Category! Interoperability,&,Openness,

Priority! High,


The,system,should,be,based,on,open,and,standard,components.,,

Rationale, The,architectural,components,must,be,able,to,work,together,without,jeopardizing,the,future.,The,system,must,use,as,many,publically,accepted,standards,as,possible,for,communication,and,exchanging,datam,e.g.,,gateways,and,APIs,might,act,as,glue,between,those,architectural,components.,Examples,of,open,standards,can,be,XML,,json,,SOAP,or,REST.,,

Requirement!type!

Non$Functional,

,,

Title! Horizontal,and,vertical,scaling,

ID! SR$SCALABILITY$01, Category! Scalability, Priority! High,


The,system,should,provide,scalability,to,support,large$scale,IoT,deployments.,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 150 of 179

Rationale, The, system, should, be, flexible, and, responsive, to, evolving, needs, by,considering,both,horizontal,and,vertical,scalability.,

Requirement!type!

Non$Functional,

,,,

Title! Flexible,support,of,new,and,legacy,components,

ID! SR$LEGACY$01, Category! Legacy, Compatibility,&, heterogeneous,landscape,

Priority! High,


The,system,has,to,facilitate,the,reuse,of,existing,deployed,devices.,,

Rationale, Cities, have, to, maximize, the, use, of, legacy, wired/wireless, infrastructures,providing, support, to, IoT, based, services, and, efficient, (re)use, of, already,available,assets.,

Requirement!type!

Non$Functional,

,,,

Title! IoT,Devices,management,

ID! SR$LEGACY$02, Category! Legacy, Compatibility,&, heterogeneous,landscape,

Priority! High,


The,system,has,to,allow,to,access/manage,heterogeneous,devices,through,a,single,common,framework,

Rationale, Offer, a, uniform, way, to, access, to, the, different, devices, accessible, in, the,marketplace,is,needed,to,overcome,interoperability,problems,and,facilitate,the,access,reducing,the,need,to,deal,with,heterogeneous,technologies,,

Requirement!type!

Functional,

,

,

Title! Self$healing,and,robust,system,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 151 of 179

ID! SR$ROBUSTNESS$01,

Category! Resilience,to,failure,&,Robustness,

Priority! High,


The,architecture,must,be,resilient,to,failure,

Rationale, Taking,into,account,that,components,might,fail,and,communications,be,affected,,it,should,provide,a,self$healing,system,,including,redundant,links,that,cover,breakdowns.,We,should,consider,that,most,of,the,IoT,technology,has,not,yet,reached,a,maturity,level,free,from,issues.,Moreover,,the,interaction,among,many,different,types,of,components,(e.g.,,sensors,,network,,wireless,technology,,data,store,,servers),from,different,actors,could,generate,problems.,

Requirement!type!

Non$Functional,

,,,

Title! Real$time,user,experience,

ID! !SR$PERF$01, Category! Performance, Priority! High,


The,system,should,guarantee,a,real$time,user,experience.,

Rationale, Users, should, be, able, to, responsively, interact, with, the, system,, discover, new,available, assets, at, run, time., Assets, provided, by, data, producers, should, be,available,for,fruition,in,compliance,with,their,SLA.,

Requirement!type!

Non$Functional,

,,

Title! Operational,

ID! !SR$PERF$02, Category! Performance, Priority! High,


The,system,should,be,24/7,operational,and,has,a,close, to,zero,maintenance,windows.,

Rationale, A,continuous,integration,and,delivery,possible,for,each,element,in,the,architecture,,automated,testing,to,reduce,regression,and,guarantee,quality,should,support,the,system,to,be,24/7,operational,and,has,a,close,to,zero,maintenance,windows,(software,upgrades,,firmware,upgrades).,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 152 of 179

Requirement!type!

Non$Functional,

,,

Title! Usage,monitoring,

ID! SR$MONITOR$01, Category! Monitoring, Priority! High,


The,system,has,to,provide,advanced,data,usage,monitoring,functions.,

Rationale, This,function,is,necessary,in,order,to,enable,other,marketplace,services,(usage,statistics,,revenue,models,,technical,management).,,

Requirement!type!

Functional,

,,,

Title! User,Feedback,collection,

ID! SR$FEEDBACK$01, Category! Feedback, Priority! High,


The,system,has, to,provide,user, feedback,management, for, the,different,assets,published,on,the,marketplace,

Rationale, Feedback,,rating,and,reputation,mechanism,are,useful,in,order,to,facilitate,the,asset,selection,to,the,end,users.,,

Requirement!type!

Functional,

,,

,

Title! IoT,integration,

ID! SR$COMM$01, Category! Communication, Priority! High,


The,system,should,be,able,to,handle,different,IoT,protocols,

Rationale, Communication,in,IoT,can,happen,between,the,sensor/actuator,and,the,gateway,or,between,the,gateway,towards,the,platform,or,in,some,case,(e.g.,,NB$IoT,,LTE,,etc.),directly,from,sensor/actuator,to,the,platform.,Communication,with,the,sensor,to,the,gateway,(when,wireless),is,possible,in,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 153 of 179

numerous,ways.,At,this,moment,a,clear,standard,is,not,defined,yet,,thus,,the,platform,should,be,able,to,handle,different,protocols,(e.g.,,LoRa,,802.15.4,,NB$IoT,,WiFi,,LTE,,GPRS,,etc.),and,be,flexible,to,incorporate,future,changes.,

Requirement!type!

Non$Functional,

,,

Title! IoT,communication,patterns,

ID! SR$COMM$02, Category! Communication, Priority! High,


The,system,has,to,facilitate,the,support,of,different,communication,patterns.,

Rationale, When,new,components,are,selected,,they,should,comply,with,communication,patterns,such,as:,1)Telemetry!where,communication,flow,is,one$way,from,IoT,device,to,gatewaym,2),Inquiries,,where,requests,from,devices,looking,to,gather,required,information,or,asking,to,initiate,activities,,for,example,devices,having,their,own,business,logic,need,input,from,a,central,serverm,2),Commands,,were,system,provide,execution,commands,to,a,device,or,a,set,of,devices,to,perform,specific,activitiesm%4)%Notifications!where,information,flows,from,other,systems,to,a,device,or,a,group,of,devices,by!sending,a,broadcast,message,such,as%a%timeZsync%message.%,

Requirement!type!

Non$Functional,

,,,

A1.2!Marketplace Requirements

Title! Marketplace,Access,

ID! SR$MKTPLACE$01, Category! Marketplace, Priority! High,


The,System,has,to,provide,a,marketplace,in,which,users,are,able,to,register,and,sign, in, with, different, roles., The, system, shall, provide, access, management,,allowing,for,easy,granting,and,revocation,of,rights,and,privileges,to,the,platform,while,restricting,access,to,unauthorized,users.,

Rationale, The,System,has,to,allow,the,participation,of,all,the,actors,interested,in,the,digital,single,market.,

Requirement!type!

Functional,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 154 of 179

,,

Title! Asset,publication,procedure,

ID! SR$MKTPLACE$02, Category! Marketplace, Priority! Medium,


The, system, has, to, provide, a, validation, procedure, to, be, followed, in, order, to,publish,assets,in,the,Marketplace.,

Rationale, The,marketplace,provider,wants, to, ensure, the,quality, of, published, resources,(e.g.,,in,terms,of,documentation,,availability,,completeness).,

Requirement!type!

Functional,

,,,

Title! Flexible,revenue,and,pricing,models,



The,system,has, to,provide,different,assets, (e.g.,data/service/application),and,usage,revenue,models,(e.g.,,pay,per,use).,

Rationale, The,marketplace,should,support,a,dynamic,ecosystem,in,which,providers,can,establish,various,business,models.,

Requirement!type!

Functional,

,,

Title! Asset,catalogue,



The,System,has,to,provide,a,marketplace,in,which,it,is,possible,to,publish,and,search,for,different,assets:,services,,data,,providers,and,applications.,

Rationale, Different,types,of,providers,(of,data,,services,,applications),have,to,be,visible,on,a,large,audience,in,order,to,provide,their,assets,in,the,digital,single,market.,

Requirement!type!

Functional,

,,

Title! SynchroniCity,compliance,policy,validation,


H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 155 of 179


The,System,has, to,provide,a,set,of,SynchroniCity,compliance,policies, for, the,developed,solutions,and,has,to,be,able,to,validate,them,inside,the,marketplace.,

Rationale, Cities, need, to, know, if, a, solution,, developed, for, another, city/domain,, can, be,adopted/reused,quickly,and,without,much,customization,efforts.,

Requirement!type!

Functional,

,,

Title! Asset,request,procedure,



The,system,has,to,provide,a,procedure,for,requesting,assets,to,be,available,in,the,Marketplace.,

Rationale, Cities,and,citizens,want,to,publish,request,for,assets,not,already,available,in,the,Marketplace.,

Requirement!type!

Functional,

,,

Title! Marketplace,transparency,



The,system,has,to,operate,in,a,transparent,,fair,and,open,way.,

Rationale, Cities, should, consider, citizens’, trust, as, a, key, success, factor,, providing,transparency,of,city,operation,,by,publishing,availability,of,services,and,decision,making., Cities, should, be, explicit, on, the, definition, of, purpose, and, restriction,regarding,IoT,data,collection.,

Requirement!type!

Non$Functional,

,,

Title! Marketplace,peering,



The,system,has,to,allow,peering,capabilities,among,different,Marketplaces.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 156 of 179

Rationale, Cities,want,to,federate,their,marketplaces,,providing,a,(sub)set,of,functionalities,in,accordance,with,their,governance,policies.,,

Requirement!type!

Functional,

,,

A1.3!License and Policies Requirements

Title! Data,licenses,definition,

ID! SR$LICENSE$01, Category! License, Priority! High,


The,system,should,allow,data,providers, to,define,different,usage, licenses, for,data,sources/datasets,published,on,the,marketplace.,,

Rationale, The,marketplace,should,support,a,dynamic,ecosystem,in,which,providers,can,establish,various,business,models.,

Requirement!type!

Functional,

,,

Title! Customisable,Licenses,

ID! SR$LICENSE$02, Category! License, Priority! Medium,


In,order, to,ease, the,definition,of,data,usage, licenses,, the,marketplace,should,provide,templates,that,can,be,easily,customized,to,an,intended,business,model.,,

Rationale, The,system,should,simplify,the,process,related,to,licence,definition,allowing,the,reuse,of,existing,models.,,

Requirement!type!

Functional,

,,

Title! Pre$built,Licenses,,

ID! SR$LICENSE$03, Category! License, Priority! Medium,


The,system,should,provide,data,providers,with,predefined,usage,licenses.,

Rationale, To, facilitate, the,publication,process,,providers,should,be,able, to,use,standard,licenses,(e.g.,,GPL,,Apache,,Creative,Commons),

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 157 of 179

Requirement!type!

Functional,

A1.4!API Requirements

Title! Standard,and,Open,API,

ID! !SR$API$01, Category! API, Priority! High,


The,system,has, to,allow, to,access/consume,data, through,standard,and,open,API/protocols.,

Rationale, The,adoption,of,standard,and,open,API,facilitates,the,reuse,of,solutions,avoiding,vendor,lock$in.,

Requirement!type!

Functional,

,,

Title! Publish/subscribe,data,channels,

ID! !SR$API$02! Category! API, Priority! High,


The,system,has,to,provide,data,publish/subscribe,functionality.,

Rationale, This,function,is,requested,in,order,to,simplify,and,improve,the,process,to,send,and,receive,data,in,the,system.,

Requirement!type!

Functional,

,,

Title! Asset,version,management,,



The,system,has,to,be,able,to,track,changes,and,version,of,API,,datasets,and,assets,in,general.,

Rationale, The,function,is,required,in,order,to,avoid,problem,in,the,access,to,the,resources.,

Requirement!type!

Functional,

,,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 158 of 179

Title! Resources,status,notification,



The,system,has,to,be,able,to,notify,the,user,when,resources/assets,are,updated.,

Rationale, The, user, should, be, notified, about, the, asset, status, in, order, to, avoid,inconsistencies,and,problems.,

Requirement!type!

Functional,

,,

Title! Lookup,assets,



The,system,has,to,provide,asset,search,functionality,APIs.,In,particular,it,should,be,possible,to,look$up,for,assets,using,different,methods,(e.g.,,a,free,text,searchm,search,with,system,filtersm,Tagsm),

Rationale, This,function,is,necessary,to,simplify,the,access,to,the,API,in,the,marketplace.,,

Requirement!type!

Functional,

,

A1.5!SLA Requirements

Title! SLA,management,

ID! !SR$SLA$01, Category! SLA, Priority! High,


The,system,has,to,allow,to,define,and,manage,extensible,SLA,for,data,access.,

Rationale, Adopting, SLA, allows, to, offer, different, level, of, services, for, the, different,stakeholder,that,are,part,of,the,digital,single,market.,

Requirement!type!

Functional,

,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 159 of 179

,,

Title! SLA,common,metadata,

ID! !SR$SLA$02! Category! SLA, Priority! High,


The,system,has,to,provide,a,common,metadata,to,define,SLA.,

Rationale, Adopting, common, metadata, models, simplify, the, management, and, the,comprehension,of,the,SLA,descriptions.,,

Requirement!type!

Functional,

A1.6!Models Requirements

Title! Asset,description,taxonomies,

ID! SR$MODELS$01, Category! Models, Priority! High,


The, system, has, to, provide, pre$built, taxonomies, to, describe, assets, (data,,services,,application,,devices).,

Rationale, This,function,is,necessary,to,simplify,the,definition,of,the,assets,description,and,to,allow,reuse,of,existing,data,models.,

Requirement!type!

Functional,

,,

Title! Standard,and,open,data,models,

ID! SR$MODELS$02, Category! Models, Priority! High,


The, system,has, to, support, open,and, standard, data,models, and,metadata, to,describe,the,different,assets,of,the,marketplace,

Rationale, The,adoption,of,standard,and,open,data,models,facilitates,the,reuse,of,asset,and,solutions,avoiding,vendor,lock$in.,

Requirement!type!

Functional,

,,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 160 of 179

A1.7!Security and Privacy Requirements

Title! Privacy,policies,guidelines,

ID! SR$PRIVACY$01, Category! Privacy, Priority! High,


The, system, has, to, provide, procedures, and, guidelines, in, order, to, ensure,compliance,with,respect,to,data,protection,rules.,

Rationale, Both,the,data,provider,and,the,data,consumer,must,comply,with,the,privacy,and,data,protection,policy.,

Requirement!type!

Functional,

,,

Title! Data,protection,

ID! SR$PRIVACY$02, Category! Privacy, Priority! Medium,


The,Systems,should,be,able,in,properly,reacting,to,data,violations,(e.g.,data,are,accessed,by,unauthorized,entities,or,other,data,breach),with,defined,procedures.,

Rationale, It, is,necessary, to,provide,systems, for,monitoring,against,any,attacks,and, if,a,breach,occurs,an,appropriate,procedure,must,be,in,place,to,handle,it.,

Requirement!type!

Functional,

,,

Title! Anonymization,,



The,system,has,to,provide,data,anonymization/aggregation,functions,in,order,to,delete,personal,or,restricted,information,coming,from,the,data,sources,,

Rationale, It,is,necessary,to,have,these,type,of,functionalities,in,order,to,(re)use,and,publish,data, coming, from, different, sources, being, compliant, with, privacy, and, data,protection,regulations.,

Requirement!type!

Functional,

,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 161 of 179

,

Title! Personal,Data,usage,



The,system,has,to,provide,functionalities,to,allow,the,end,user,to,control,his,own,personal,data,defining,who,and,how,can,access,to,it.,,

Rationale, End$user,should,have,full,control,of,his,personal,data.,

Requirement!type!

Functional,

,,

Title! End$to$end,secure,communication,

ID! !SR$SECURITY$01, Category! IoT,infrastructure,

Priority! High,


The,system,should,provide,security,for,data,communication,and,interactions,among,users.,,

Rationale, The,system,should,use,encryption,and,technology,to,secure,data,in,transit.,

Requirement!type!

Non$Functional,

,,

Title! IoT,adaptation,policies,

ID! !SR$SECURITY$02, Category! IoT,infrastructure, Priority! High,


The, system, should, define, adaptation, policies, of, these,mechanisms, in, the,boundary,points,while,assuring, that,security, remains, independent, from, low,level,IoT,components.,

Rationale, In, order, to, support, both, new, and, legacy, IoT, devices,, the, system, should,provide,end$to$end,security,at,the,API,level,rather,than,supporting,and,coping,with,how,different,solutions,(e.g.,,LoRa,,802.15.4,,NB$IoT,,WiFi,,LTE,,GPRS,,etc.), handle, security, measures, such, as, key, management,, authentication,,integrity,and,confidentiality.,

Requirement!type!

Non$Functional,

,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 162 of 179

,,

Title! Access,policy,

ID! SR$SECURITY$03,

Category! Platform, Priority! High,


The,system,has,to,allow,to,define,and,manage,policies,for,data/service,access/usage.,

Rationale, This,function,allows,a,data,provider,to,restrict,the,access,of,its,data,source(s),to,third,parties.,

Requirement!type!

Functional,

,,

Title! Flexible,security,capabilities,

ID! !SR$SECURITY$04, Category! Platform, Priority! High,


The,system,should,define,and,provide, flexible,security,capabilities, in,order, to,secure,the,platform,which,is,going,to,support,the,services,of,the,city.,

Rationale, Data,and,services,can,have,different,security,requirements,based,on,their,scope.,The,platform,which,is,going,to,support,the,services,of,the,city,should,provide,flexible,security,capabilities,in,order,to,accommodate,the,different,needs,of,specific,target,scenarios,,by,providing,support,for,confidentiality,,integrity,,authentication,,authorisation,,immutability,,trust,and,non$repudiation,when,needed.,,

Requirement!type!

Non$Functional,

,,,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 163 of 179

Appendix 2!Standards and technologies on core functionalities IoT,are,used, in, large, industrial,sectors,and, the,scale,of, the,use,cases,varies, from,a,single, local,network, domain, to, large, scaled, cross$platform, deployment., Heterogeneous, IoT, device,communication,technologies,have,been,introduced,corresponding,to,the,use,case,requirements,and,heavily,diverse,IoT,protocols,are,used,in,the,market.,In,this,section,,we,try,to,categorize,some,major,protocols,used,in,IoT,devices,as,followings:,

•, PHY/LINK, layer, communication:, IEEE, 802.15.4,, Bluetooth, 4.0,, RFID/NFC,, Wi$Fi,,WirelessHART,,Z$Wave,,etc.,,,

•, Network,encapsulation:,6LoWPAN,,6TiSCH,,6Lo,,etc.,•, Transport:,TCP/UDP,•, Session:,CoAP,,XMPP,,MQTT,,LWM2M,,etc.,,

The,followings,are,the,brief,explanation,on,the,major,technologies,and,protocols,that,are,used,in,Smart,City,domains.,,

A2.1!IoT network connectivity and protocols IoT,connectivity,technologies,enable,IoT,devices,(sensors,,cameras,,actuators,,etc.),to,communicate,with, the, outside, world., Typically, this, will, imply, sending, and/or, receiving, messages, over, a,communications, network., Those, messages, are, usually, composed, by, one, or, more, telemetry,measurements,(or,commands),concerning,one,asset,or,thing,bound,to,a,particular,IoT,device.,For,instance,,a,waste,container,is,a,city,asset,which,may,have,a,filling,level,sensor,attached.,Periodically,,such, IoT, device, will, send, measurements, to, a, cloud$based, smart, city, platform., As, a, result,applications,will,be,to,able,exploit,this,data,and,make,the,city,processes,smarter,or,more,efficient.,For,instance,,by,modifying,the,routes,of,the,garbage,collection,service,to,only,pick,up,full,containers.,,,

IoT,devices,are,usually,constrained,devices,so,it,is,of,vital,importance,that,the,technologies,used,for,connectivity,make,an,efficient,use,of,resources.,In,particular,the,minimization,of,battery,consumption,and,the,amount,of,data,traffic,exchanged,are,relevant.,Obviously,,these,two,variables,are,strongly,correlated., Therefore,, it, is, important, to,minimize, data, exchanges, and, to, count,with, connectivity,technologies,inherently,efficient,in,terms,of,battery,consumption.,,

The,reasons,described,above,have,led,to,the,advent,of,the,so,called,Low%Power%Wide%Area%Networks,(LPWAN).,They,are,designed,to,allow,long,range,communications,at,a,low,bit,rate.,With,decreased,power,requirements,,longer,range,and,lower,cost,than,a,traditional,mobile,network,,,LPWAN,data,transfer,rates,are,very,low,,as,is,the,power,consumption,of,connected,devices.,The,networks,can,also,support,more,devices,over,a,larger,coverage,area,than,consumer,mobile,technologies,and,have,better, bi$directionality., While, Bluetooth,, ZigBee, and,Wi$Fi, are, adequate, for, consumer$level, IoT,implementations,,the,need,for,a,technology,such,as,LPWAN,is,much,greater,in,industrial,IoT,,civic,(smart, city),and,commercial,applications., In, these,environments,, the,huge,number,of, connected,devices,can,only,be,supported,if,communications,are,efficient,and,power,costs,low.,

For,the,time,being,,there,have,been,two,different,generations,of,LPWAN,network,technologies:,●, Technologies,operating,in,an,unlicensed,spectrum.,Among,the,first,to,appear,in,the,market,

were,the,proprietary,standards,of,Sigfox,and,LoRa,that,have,been,promoted,by,disruptive,companies,or,initiatives.,,

●, Technologies,operating,under,a,licensed,spectrum,,being,NB$IoT,one,of,the,flagship,ones.,They,are,currently,in,a,deployment,and,consolidation,phase.,,

Sigfox,uses,unlicensed,spectrum,(868MHz, in,Europe,and,902MHz, in, the,US), to,carry, the,small,amounts,of,data, required, for, IoT.,These, ISM,radio,bands,support,bidirectional,communication., It,utilizes,a,wide$reaching,signal, that,passes,freely, through,solid,objects,,called,"ultra$narrowband".,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 164 of 179

The,existing,standard,for,Sigfox,communications,supports,up,to,140,uplink,messages,a,day,,each,of,which,can,carry,a,payload,of,12,Bytes,(excluding,message,header,and,transmission,information),and,up,to,4,downlink,messages,per,day,,each,of,which,can,carry,a,payload,of,8,Bytes.,

LoRa, is, a, proprietary, radio, modulation, technology, for, LPWAN, used, by, different, networks., As,SigFox,,LoRa,uses, license$free,sub,Gigahertz,radio, frequency,bands.,One,of, the,main,protocols,working,on,top,of,this,physical,layer,is,LoRaWAN.,It,is,in,charge,of,managing,the,communication,between,gateways,and,end$node,devices,,and,it,is,maintained,by,the%LoRa%Alliance.,Devices,in,the,network,are,asynchronous,and,transmit,when,they,have,data,available,to,send.,Data,transmitted,by,an,end$node,device,is,received,by,multiple,gateways,,which,forward,the,data,packets,to,a,centralized,network,server.,There,are,different,networks,operating,LoRaWAN,,particularly,the%Things%Network,,a, free, and, open$source, LoRaWAN, network, provider, developed, and, supported, by, a, worldwide,community.,

Recently,,alternatives,to,LoRaWAN,and,SigFox,have,appeared,as,cellular,technologies,operating,under,the,licensed,spectrum,(Mobile!IoT).,They,have,been,promoted,by,telco,companies,and,other,incumbents, such, as, device, manufacturers, (particularly, Huawei),, and, they, are, starting, to, be,consolidated,as,international,telecommunications,standards,backed,by,the,3GPP.,

Narrowband! IoT, (NB� IoT),, also, known, as, LTE% Cat% NB1,, is, a, Low, Power,Wide, Area, (LPWA),technology,which,connects,devices,,and,handles,small,amounts,of, fairly, infrequent,2� way,data,,securely,and,reliably.,Apart,from,a,very,low,power,consumption,(device’s,battery,could,last,10,years),,it, can, work, in, buildings, and, underground., In, addition,, it, can, be, rolled, out, on, existing, cellular,infrastructure,(3G,and,LTE),with,a,firmware,change.,Furthermore,,the,technology,has,been,designed,so,that,devices,can,be,built,at,a,lower,cost.,The,NB$IoT,specification,was,frozen,at,Release,13,of,the,3GPP,specification,(LTE$Advanced,Pro),,in,June,2016.,It,is,stated,that,maximum,user,rates,of,60,kbps,in,the,downlink,can,be,achieved.,Maximum,transmission,block,size,is,680,bits,in,downlink,and,1000,bits,in,the,uplink.,,

LTE$Cat$M1,(also,known,as,Long%Term%Evolution%for%Machines,,LTE$M),is,part,of,the,same,3GPP,Release,13,standard,that,also,defined,Narrowband,IoT.,Both,are,LPWA,technologies,in,the,licensed,spectrum.,With,uplink,and,downlink,speeds,of,375,kb/s, in,half,duplex,mode,,Cat,M1,specifically,supports,IoT,applications,with,low,to,medium,data,rate,needs.,

A2.2!IoT Session layer protocols The,session,layer,protocols,in,IoT,networks,try,to,find,a,balance,between,low,overhead,and,adding,reliability,to,a,certain,degree,,given,the,complexity,of,heterogeneous,underlying,network,protocols.,A,number,of,solutions,have,gained, traction, in, recent,years,, including,CoAP,,XMPP,,MQTT,,and,LWM2M.,

The,Constrained,Application,Protocol,(CoAP), is,an,application, layer,protocol, tailored,to,resource,constrained,devices,and,M2M,applications., It,allows,communication,over, the, Internet,among, IoT,objects,that,support,UDP,and,6lowPAN,,achieving,low,overhead,and,supporting,multicast.,CoAP,is,an,optimized,implementation,of,the,RESTful,specification,,where,a,well$known,URI,specifies,an,entry,point,for,requesting,the,resources,hosted,by,a,server.,Similarly,to,the,HTTP,protocol,,a,typical,URI,can, be:, “coap://ipv6host:port/resource”, CoAP, architecture, is, divided, into, two, layers:, the, lower,message, layer,and, the,upper, request/response, layer.,The,message, layer,provides,reliability,and,sequencing,by,means,of,a,stop,and,wait,protocol,using,the,following,types,of,messages:,confirmable,which,requires,an,acknowledgment,message,as,response,,non$confirmable,which,does,not,require,a, response,, and, reset,which, is, used, in, case,a, confirmable,message, cannot, be,processed.,The,request/response,layer,manages,the,mapping,between,requests,and,responses,and,their,semantic.,This,layer,offers,basic,request,methods,to,provide,a,RESTful,architecture:,GET,,PUT,,POST,and,DELETE.,The,GET,method,retrieves,information,regarding,the,resource,specified,by,the,URI.,PUT,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 165 of 179

and,POST,methods,both,create,or,modify,a,target,resource,,with,the,difference,that,the,former,has,the,idempotent,property.,The,DELETE,method,requests,to,delete,a,specified,resource.,Each,request,is,associated,to,a,response,,which,is,identified,by,a,code,field,in,the,CoAP,header.,

The,Extensible,Messaging,and,Presence,Protocol,(XMPP),is,a,message,oriented,communications,protocol,based,on,XML,,standardised,by,the,IETF.,The,protocol,was,originally,designed,for,instant,messaging,,under,the,name,Jabber.,Because,of,its,strong,extensibility,driven,by,the,underlying,XML,and,the,fit,with,publish/subscribe,patterns,the,protocol,was,adopted,as,an,IoT,protocol,by,means,of,extensions,such,as,the,Efficient,XML,Interchange,(EXI),Format.,

Message, Queue, Telemetry, Transport, (MQTT), is, an, ISO, standard, for, message, oriented,communications,,for,publish/subscribe,scenarios.,It,is,a,lightweight,communications,protocol,,which,makes,it,suitable,to,use,in,scenarios,such,as,IoT,,where,power,usage,,battery,and,communications,constraints,are,present,most,of,the,times.,Using,this,standard,,devices,can,publish,information,to,a,broker, server, for, a, specific, topic,, and, any, clients, subscribed, to, this, topic, will, then, receive, this,information.,The,clients,maintain,an,open,connection,to,the,broker,but,,in,case,of,a,disconnection,from,a,client,,the,broker,can,buffer,any,messages,sent,while,the,client,was,offline,for,retrieval,as,soon,as,the,client,is,back,online.,An,MQTT,session,is,divided,in,four,stages:,connection,,where,the,client,establishes,a,TCP/IP,connection,to,the,brokerm,authentication,,when,the,client,presents,a,set,of,credentials,to,the,brokerm,communication,,during,which,the,client,is,connected,to,the,broker,and,can,perform,publish,,subscribe,,unsubscribe,and,ping,operations,,using,binary,blocks,of,datam,and,finally,, the, termination, stage,, where, the, publisher, or, consumer, informs, the, broker, that, it, will,disconnect.,

OMA, Lightweight, M2M, (LWM2M), is, a, protocol, from, the, Open, Mobile, Alliance, for, IoT, device,management,,including,data,transfer.,The,protocol,enables,managing,devices,and,device,services,,on,top,of,cellular,and,IoT,networks.,OMA,LWM2M,builds,interfaces,for,different,aspects,of,device,management,on,top,of,the,CoAP,standard,,using,DTLS,security,on,top,of,the,UDP,transport,layer.,The,different,interfaces,are:,bootstrap,,where,a,client,sends,an,uplink,bootstrap,request,in,order,to,initialize,the,different,objects,needed,to,register,with,one,or,more,serversm,client,registration,,where,the,client,can,send,uplink,requests,to,register,,update,and,de$registerm,the,device,management,and,service,enablement,,where,the,server,can,send,downlink,requests,in,order,to,discover,and,manage,the, available, devicesm, and, finally,, the, information, reporting, interface,, used, to, communicate,information,from,the,devices,to,the,server,,where,a,server,can,subscribe,(“observe”),devices,that,will,notify,it,,and,cancel,these,observations.,,

A2.3! IoT data management IoT,connectivity,and,protocols,enable,billions,of,devices,to,generate,vast,amounts,of,data.,Such,data,have,to,be,stored,,processed,and,aggregated,on,the,cloud,(or,partially,on,the,edge).,In,addition,data,must,be,made,available,to,smart,applications,so,that,processes,can,be,optimized,and,new,services,offered.,The,final,aim,is,to,improve,citiens,lives,,businesses,performance,and,,more,generally,,contribute,to,the,sustainability,of,the,world,by,harnessing,the,extreme,potential,of,digital,technologies.,,IoT,devices,are,continuously,producing,vast,amounts,of,data,,being,“Big,Data”,the,term,coined,by,the,industry,to,refer,to,those,huge,volumes,of,data.,We,can,refer,to,“IoT,Big,Data”,as,the,“Big,Data”,produced,by,IoT,devices,or,sensors.,In,fact,the,GSMA,IoT,Big,Data,Architecture,Document,defines,“IoT,Big,Data",in,terms,of,"3V's":,,

●, Volume,$,the,amount,of,data,generated,,stored,and,analysed,,which,determines,the,level,of,insight,that,can,be,obtained,from,that,data.,

●, Variety,$,Increasingly,data,is,mashed$up,from,a,variety,of,sources,with,many,different,formats.,The,old,single,data,source,paradigm,incarnated,by,relational,databases,is,no,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 166 of 179

longer,valid.,,●, Velocity,$,the,speed,at,which,data,is,generated,and,processed.,Where,historically,

data,could,reasonably,be,expected,to,be,uploaded,via,a,daily,'batch',process,now,data,is,measured,in,thousands,or,even,millions,of,transactions,per,minute.,

,In,addition,,other,"V's",may,be,added,including:,,

●, Variability,$,Variations,in,the,data,sets.,For,example,is,a,temperature,measured,in,degrees,Celsius,,Fahrenheit,or,Kelvin.,

●, Veracity,$,Quality,of,the,captured,data.,Where,decisions,are,being,made,on,data,you,need,to,be,sure,that,the,data,is,correct.,

,In,the,context,of,the,"Internet,of,Things",data,management,will,allow,new,applications,to,be,developed,which,mine,either,the,real$time,data,coming,from,the,many,Internet,connected,devices,and/or,recorded,historical,data,and,insights.,The,main,challenges,include,data,capture,,storage,,ingestion,,curation,and,publication,,search,,sharing,,transfer,,visualisation,,analysis,,querying,,updating,and,privacy.,,,Below,there,is,a,categorization,of,technologies,that,give,support,to,the,“IoT,(Big),Data”,management.,,

●, NoSQL,data,stores,,●, Data,brokers,●, Complex,Event,processing,engines,

,NoSQL,data,stores,provide,a,mechanism,for,storage,and,retrieval,of,data,which,is,modeled,in,means,other,than,the,tabular,relations,used,in,conventional,relational,databases.,NoSQL,databases,are,schema$free,,support,easy,replication,,have,simple,API,,are,eventually,consistent,,and,can,handle,huge,amounts,of,data.,This,approach,is,motivated,by,different,reasons:,simplicity,of,design,,simpler,"horizontal",scaling,to,clusters,of,machines,(which,is,a,problem,for,relational,databases),,and,finer,control,over,availability.,The,data,structures,used,by,NoSQL,databases,(e.g.,key$value,,wide,column,,graph,,or,document),are,different,from,those,used,by,default,in,relational,databases,,making,some,operations,faster,in,NoSQL.,Two,of,the,most,popular,NoSQL,datastores,are,MongoDB,and,Cassandra.,,MongoDB,is,a,distributed,database,at,its,core,,so,high,availability,,horizontal,scaling,,and,geographic,distribution,are,built,in,and,easy,to,use.,It,works,on,the,concept,of,database,,collection,and,document.,A,database,can,contain,multiple,collections.,A,collection,has,multiple,documents,,uniquely,identified,,and,each,document,is,composed,by,different,key,value,pairs.,Furthermore,,MongoDB,stores,data,in,flexible,,JSON$like,documents,,meaning,fields,can,vary,from,document,to,document,and,data,structure,can,be,changed,over,time.,,Apache%Cassandra,is,a,highly,scalable,,high$performance,distributed,database,designed,to,handle,large,amounts,of,data,across,many,commodity,servers,,providing,high,availability,with,no,single,point,of,failure.,Users,can,access,Cassandra,through,nodes,using,Cassandra,Query,Language.,CQL,(based,on,SQL),treats,the,database,(Keyspace),as,a,container,of,tables.,Programmers,use,cqlsh:,a,prompt,to,work,with,CQL,or,separate,application,language,drivers.,,There,are,NoSQL,datastores,which,can,be,used,to,efficiently,store,short,term,historical,data,as,time!series.,A,time,series,database,is,a,software,system,that,is,optimized,for,the,handling,of,data,organized,by,time.,Time,series,are,finite,or,infinite,sequences,of,data,items,,where,each,item,has,an,associated,timestamp,and,the,sequence,of,timestamps,is,non$decreasing.,One,of,the,most,popular,is,InfluxDB.,It,is,written,in,Go,and,optimized,for,fast,,high$availability,storage,and,retrieval,of,time,series,data,in,fields,such,as,operations,monitoring,,application,metrics,,Internet,of,Things,sensor,data,,and,real$time,analytics.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 167 of 179

A,Data!Broker,allows,to,publish,,consume,and,subscribe,to,data,coming,from,multiple,devices,and,data,sources.,In,fact,,it,allows,applications,to,get,access,to,(harmonised),data,entities,,regardless,datasources.,The,broker,may,store,data,in,the,short,to,medium,term,using,a,datastore.,,The,expected,use,of,this,is:,

●, Retention,of,current,instances,of,harmonised,data,entities,processed,from,IoT,devices,and,external,sources,(context,data)m,

●, Storage,of,a,window,of,short,term,historical,harmonised,data,entities,that,may,be,queried,directly,via,a,third,party,application.,,

●, Storage,of,any,results,of,Analytics,and,Intelligence,results,which,become,additional,context,data,that,can,be,queried,or,mashed,up,with,other,IoT,data,or,external,data,sources.,

,Event,processing,is,a,method,of,tracking,and,analyzing,(processing),streams,of,information,(data),about,things,that,happen,(events),,and,deriving,a,conclusion,from,them.,Complex!event!processing,,or,CEP,,is,event,processing,that,combines,data,from,multiple,sources,to,infer,events,or,patterns,that,suggest,more,complicated,circumstances.,The,goal,of,complex,event,processing,is,to,identify,meaningful,events,(such,as,opportunities,or,threats),and,respond,to,them,as,quickly,as,possible.,CEP,relies,on,a,number,of,techniques,,including:,Event$pattern,detection,,Event,abstraction,,Event,filtering,,Event,aggregation,and,transformation,,etc.,,Apache%Flink,is,an,open$source,stream,processing,framework,for,distributed,,high$performing,,always$available,,and,accurate,data,streaming,applications.,Among,the,main,innovations,introduced,by,this,technology,are:,the,capability,of,,performing,custom,memory,management,,binary,processing.,In,addition,,hybrid,(Real$Time,Streaming,and/or,Batch),distributed,data,processing,can,be,performed,natively,,thus,supporting,many,use,cases:,Batch,,Real$Time,streaming,,Machine,learning,,Graph,processing,or,Relational,queries.,

A2.4!IoT security and privacy Gathering,,evaluating,and,consuming,information,in,the,same,IoT,platform,requires,the,system,to,deal,with,numerous,attacks,such,as,cross$site,scripting,,privilege,escalation,,account,enumeration,,man,in,the,middle,,side$channels,and,other,vulnerabilities,that,may,result,in,security,problems,and,data,leakage.,Therefore,,cities,must,adopt,serious,measures,to,ensure,the,privacy,and,security,of,citizen, data., All, systems, should, be, resistant, against, cyber$attacks,, particularly, the, critical,infrastructure,like,smart,meters.,As,a,result,,for,successful,implementation,of,IoT,,cities,should,place,privacy,and,security,as,a,top,priority.,,Security,solutions,in,Smart,city,include,broad,issues,on,security,in,network,,cloud,,platform,and,IoT,devices,,and,there,is,no,single,solution,for,smart,city,security,solution,because,different,applications,have, different, requirements, of, security., Thus, in, this, section, we, focus, on, the, general, aspect, of,security,assurance,in,the,scope,of,(1),data,protection,,(2),security,support,in,IoT,protocols,and,(3),security,in,platform.,

A2.4.1! Privacy and data protection Insecure,applications,and,networks,may,be,susceptible, to,buffer,overflow,attacks,or,attacks, that,create, a, denial, of, service, condition, leaving, services,, devices, or, more, in, general, resources,inaccessible,to,the,user.,As,a,result,,attackers,can,exploit,applications,and,network,vulnerabilities,to,obtain,, tamper, or, erase, data., There, are, increased, concerns, on, the, threats, related, to, privacy,protection,from,cookies,,HTML5,threats,,IP,threats,,etc.,,,The,General,Data,Protection,Regulation, (GDPR),,a,single,pan$European, law,on,data,protection,,requires,all,the,companies,dealing,with,european,consumers,to,1),increase,transparency,,2),provide,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 168 of 179

user’s,granular,control,on,data,access,and,sharing,,and,3),guarantee,a,set,of,fundamental,individual,digital, rights, (including, right, to, rectification,, erasure,, data, portability,, and, restrict, processing).,Moreover,,accountability,should,be,also,provided,to,demonstrate,the,compliance,with,privacy,and,data,protection,principles,(or,legal,requirements),which,requires,clear,responsibilities,,internal,and,external,auditing,and,controlling,of,all,data,processing.,From,an,architecture,perspective,,privacy,by,design, approach, demands, privacy, to, be, embedded, into, design, as, a, preventive, and, proactive,measure,,whereas,privacy,enhancing, technologies,can,help, to,minimize,or,avoid,risks, to,privacy,and, data, protection., More, specifically,, “Privacy$Enhancing, Technologies, is, a, system, of, ICT,measures, protecting, informational, privacy, by, eliminating, or, minimising, personal, data, thereby,preventing, unnecessary, or, unwanted, processing, of, personal, data,, without, the, loss, of, the,functionality,of,the,information,system.”,,Technologies,that,can,contribute,to,enhance,privacy,and,data,protection,are,searchable,encryption,,verifiable,secret,sharing,and,multi$party,computation.,,In,order,to,provide,data,protection,depending,on,which,security,property,is,required,,cryptographic,techniques,can,be,used,in,the,following,ways:,

●, Encryption! only:, , offers, confidentiality, protection., Payload, is, protected, using, symmetric,keys.

●, Signature! only:, which, offers, source, authentication,, integrity, protection, and, (when,asymmetric,digital, signatures,are,used),non$repudiation.,This,uses,either,symmetric,keys,based,MIC,or,asymmetric,digital,signatures,verified,using,source,end$point,certificates.

●, Nested!SigndthendEncrypt:,This,is,used,in,cases,where,encryption,is,required,in,addition,to,source,authentication,and/or,non$repudiation,using,a,source,end$point,certificate.,A,digital,signature,on,the,payload,is,signed,first,,and,then,encryptions,is,applied,to,combination,of,the,payload,and,digital,signature.

Typical,algorithms,involved,in,the,encryption,and,digital,signature,are:,●, AES,(GCM,or,CCM,mode),,using,128$bit,,256$bit,keys.,, ●, RSA$OAEP,with,MGF1,with,SHA256., ●, Elliptic,Curve,Diffie$Hellman,(ECDH),Key,Agreement,in,Ephemeral$Static,Mode,using,AES., ●, HMAC,using,SHA$256,,SHA$384,or,SHA$512., ●, RSA,signature,using,PKCS1$v1.5,and,MGF1,with,SHA$256,,SHA$384,or,SHA$512., ●, ECDSA, signature, using, P$256,, P$384, or, P$512, with, SHA$256,, SHA$384, or, SHA$512,

respectively. When,deploying,cryptographic,algorithms,useful,guidelines,can,be,found,in:,

●, ISO,18033$1:2015,–,Encryption,Algorithms,●, ISO,18033$2:2015,–,Asymmetric,Ciphers, , ,●, ISO,18033$3:2015,–,Block,Ciphers,,

There,are,several,techniques,to,ensure,data,protection,on,a,storage,level.,Ondthedfly!encryption!(OTFE),is,a,method,to,automatically,encrypt,data,as,it,is,saved.,TrueCrypt,,VeraCrypt,,CipherShed,,BitLocker,,FileVault,and,LUKS,are,common,tools,to,perform,OTFE.,Data!masking,is,the,process,of,obscuring,specific,data,ensuring, that,data,security, is,maintained,and,sensitive, information, is,not,exposed,to,unauthorized,personnel.,Data!erasure, is,a,method,of,software$based,overwriting,that,completely,destroys,all,electronic,data,residing,on,a,hard,drive,or,other,digital,media,to,ensure,that,no,sensitive,data,is,leaked,when,an,asset,is,retired,or,reused.,,As,OneM2M,advises,the,use,of,a,personal,data,management,framework,based,on,the,user's,privacy,preferences,,we,could,embrace,such,a,framework,to,create,access,control,policies,from,the,user's,privacy,preference,and,protects,the,user's,Personally,Identifiable,Information,(PII),from,unauthorized,parties.,It,may,be,operated,by,a,Service,Provider,or,another,stakeholder,acting,as,trusted,third,party.,If,the,Service,Provider,or,other,stakeholder,provides,the,user's,Personally,Identifiable,Information,to,third,party,,the,Service,Provider,or,other,stakeholder,needs,the,user's,acceptance.,In,case,that,the,user,accepted,a,privacy,policy,which, indicates,provision, to, third,party,, the,Service,Provider,may,provide,the,Personally,Identifiable,Information,to,third,party.,However,,if,the,privacy,policy,does,not,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 169 of 179

include,provision,to,third,party,,the,Service,Provider,needs,to,update,the,privacy,policy,and,get,the,user's,consent,to, it.,Moreover,,privacy,enhancing,technologies,can,be,leveraged,to,address,data,privacy.,For,example,,being,able,to,search,by,keywords,directly,on,encrypted,data,performing,certain,computations,over, the, ciphertext, allows, to,determine,with, some,probability,whether,a,document,contains,the,keyword,without,learning,anything,else.,Depending,on,the,type,of,encryption,employed,,there,are,two,main,techniques:!

$, Symmetric! Searchable! Encryption! (SSE):, encrypts, the, database, using, symmetric,encryption,algorithm.,

$, PublicdKey!Searchable!Encryption!(PEKS):,encrypts,the,database,using,public$key,based,encryption,scheme.,

,Multidparty! computation! (MPC), is, a, privacy$preserving, technique, which, allows, to, perform,computation,among,parties,without,revealing,any,input,to,each,other.,MPC,was,first,introduced,by,Andrew,C.,Yao,with, the,motivation,of, the, “millionaire,problem”:, two,millionaires,wish, to,compute,which,one,is,richer,,but,without,revealing,to,each,other,how,much,money,they,have.,,Applications,of,MPC,include,privacy$preserving,data,mining,and,private,information,retrieval,(PIR).,MPC,can,provide,passive,security,,meaning,that,parties,are,honest$but$curious,,and,active,security,mining,that,the,privacy,of,inputs,(and,maybe,outputs),is,preserved,even,if,parties,arbitrarily,deviate,from, the,protocol.,MPC, relays,upon, three,main,primitives:, oblivious, transfer,, secret, sharing,and,verifiable, secret, sharing., An, oblivious, transfer, is, a, protocol, in, which, a, sender, transfers, one, of,potentially,many,pieces,of,information,to,a,receiver,,but,remains,oblivious,as,to,what,piece,if,any,has, been, transferred., Secret, sharing, is, a, primitive, for, distributing, a, secret, amongst, a, group, of,participants,,each,of,whom,is,allocated,a,share,of,the,secret.,The,secret,can,be,reconstructed,only,when,a,sufficient,number,,of,possibly,different,types,,of,shares,are,combined,together.,Verifiable!secret!sharing!(VSS),schemes,allow,participants,to,be,certain,that,no,other,players,are,lying,about,the,contents,of, their, shares,,up, to,a, reasonable,probability,of,error,, thus,making,MPC,schemes,information$theoretically, secure, (i.e.,, the, privacy, of, the, inputs, is, guaranteed,without,making, any,computational,assumptions)., ,,The,European,Union,Agency,for,Network,and,Information,Security,(ENISA),encourages,the,use,of,solutions,based,on,MPC,for,certain,categories,of,simple,but,potentially,high,value,scenarios.,For,example,, MPC, has, been, used, to, compute, the, outcome, of, beet, auctions, in, Denmark, and, for,computing,privately,aggregates,of,smart,meter,consumption,in,the,Netherlands.,,

A2.4.2! Data access Authentication,and,authorization,capabilities,are,critical,aspect,to,support,Smart,City,services,and,applications.,An,access,control,policy,is,defined,as,sets,of,conditions,that,define,whether,users,have,access, granted, to, a, protected, resource., The, authorization, function, can, support, different,mechanisms,, such, as,Access,Control, List, (ACL),,Role,Based,Access,Control, (RBAC),, Attribute,Based,Access,Control,(ABAC),,etc.,Among,the,authentication,and,authorization,standard,solutions,we,can,mention,Security,Assertion,Markup,Language,(SAML),,eXtensible,Access,Control,Markup,Language,(XACML),,JSON,Web,Token,(JWT),,OAuth,and,OpenID.,,,The,Security!Assertion!Markup!Language!(SAML),is,an,XML$based,framework,for,authentication,and, authorization, that, have, been, developed, by, the, Security, Services, Committee, from, the,Organization,for,the,Advancement,of,Structured,Information,Standards,(OASIS).,It,defines,how,to,share,information,about,user,identities,,grant/deny,access,to,resources,and,request,authentication.,Although,,SAML,is,widely,used,in,the,context,of,Web,Single$Sign$On,,security,concerns,have,been,raised,when,a,group,of,researchers,exploited,an,XML,Signature,Wrapping,vulnerability,in,2011,to,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 170 of 179

impersonate,any,user.,Moreover,,it,assumes,dependability,and,trust,on,the,Identity,manager,which,is,a,single$point$of$failure,of,the,whole,system.,

The,eXtensible!Access!Control!Markup!Language!(XACML),defines,a,declarative,fine$grained,,attribute$based,access,control,policy,language,,an,architecture,,and,a,processing,model,describing,how,to,evaluate,access,requests,according,to,the,rules,defined,in,policies.,The,aim,of,XACML,is,to,promote, common, terminology, and, interoperability, between, access, control, implementations, by,multiple,vendors.,From,a,system,perspective,,XACML,is,primarily,an,Attribute$Based,Access,Control,system,(ABAC).,Access,rights,are,granted,to,users,through,policies,combining,attributes,such,as,users,,resources,,actions,,objects,,etc.,However,,different,access,control,model,can,be,implemented,in, XACML, (e.g.,, Role$Based, Access, Control)., The, processing, model, described, by, the, XACML,standard,promotes,the,separation,of,the,access,decision,from,the,point,of,use.,Rather,than,baking,access, decisions, into, client, applications,, having, the, client, decoupled, from, the, access, decision,results,in,an,easier,authorization,policies,update,process.,Thus,,when,the,governing,policy,changes,,updates,can,be,performed,on,the,fly,affecting,each,point,of,use,immediately.,

JSON!Web!Token!(JWT),is,an,open,standard,which,defines,a,compact,and,self$contained,way,for,securely,transmitting,information,between,parties,as,a,JSON,object.,This,information,can,be,verified,and, trusted,by,means,of,digital, signatures., JWTs,can,be,signed,using,a,secret, (with, the,HMAC,algorithm),or,a,public/private,key,pair,using,RSA.,When,used,for,authentication,purposes,,it,allows,a,user,to,access,routes,,services,,and,resources,that,are,permitted,with,that,token.,Single,Sign,On,is,a,feature,that,widely,uses,JWT,nowadays,,because,of,its,small,overhead,and,its,ability,to,be,easily,used, across, different, domains., Moreover,, JSON, Web, Tokens, are, a, good, way, of, securely,transmitting, information,between,parties,because,of, their,support, to,digital,signature.,JSON,Web,Tokens,consist,of,a),header,,b),payload,and,c),signature.,The,header,typically,consists,of,two,parts:,the,type,of,the,token,,which,is,JWT,,and,the,hashing,algorithm,being,used,,such,as,HMAC,SHA256,or,RSA.,The,payload,contains,the,claims,,which,are,statements,about,an,entity,,typically,the,user,,and,additional,metadata.,The,payload, is, then,Base64Url,encoded,to, form,the,second,part,of, the,JSON,Web,Token.,The,signature,is,finally,created,by,signing,the,encoded,header,and,the,encoded,payload.,The,signature,is,used,to,verify,the,identity,of,the,sender,,thus,providing,authentication,and,to,ensure,that,the,message,was,not,tampered,along,the,way,,which,provides,integrity.,

,

OpenID, (OID), is,an,open,standard,and,decentralized,protocol, created,by, the,non$profit,OpenID,Foundation.,Users,can,be,authenticated,by,specific,web,sites,or,applications,called,Relying,Parties,against,third,party,services.,The,authentication,process,between,users,and,Relying,Parties,is,carried,out,through,the,exchange,of,an,identifier,or,OpenID,which,is,provided,by,an,OpenID,provider,acting,as,identity,provider.,,Many,observers,have,suggested,that,OpenID,has,security,weaknesses,and,may,prove,vulnerable,to,phishing,attacks.,For,example,,a,malicious,relying,party,may, forward, the,end$user, to,a,bogus,identity, provider, authentication, page, asking, that, end$user, to, input, their, credentials., Moreover,,OpenID,presents,some,privacy,concerns:,the,identity,provider,is,able,to,track,all,websites,the,user,log,into,and,this,side,effect,is,sold,as,a,feature.,The,user,has,a,unique,identifier,(your,OpenID,uri),for,all,relying,parties,,thus,being,unable,to,choose,between,different,identities,for,different,sites.,,OAuth,is,another,open,standard,dated,back,to,2006,,OAuth,is,different,than,OpenID,and,SAML,in,being, exclusively, for, authorization, purposes, and, not, for, authentication, purposes., The, OAuth,specifications, define, the, following, roles:, 1), the, end, user, or, the, entity, that, owns, the, resource, in,questionm,2),the,resource,server,(OAuth,Provider),,which,is,the,entity,hosting,the,resourcem,3),the,client,(OAuth,Consumer),,which,is,the,entity,that,is,looking,to,consume,the,resource,after,getting,authorization,from,the,client.,,It,is,widely,spread,and,major,organizations,like,Google,,Twitter,and,Facebook,provide,APIs,based,on,OAuth., The,whole, communication, in, the, protocol, is, based, on, HTTP, requests, and, thus,, the,complexity,of,OAuth,is,low.,Since,it,does,not,support,signature,,encryption,,channel,binding,,or,client,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 171 of 179

verifications,,all,security,aspects,are,delegated,to,the,transport,layer,(e.g.,SSL/TLS).,As,a,result,,the,usage, of, TLS, is, mandatory, to, provide, confidentiality,, integrity, and, to, avoid, man$in$the$middle,attacks.,,

A2.4.3!Security on IoT infrastructure The,huge,heterogeneity,in,the,IoT,devices,capability,(in,terms,of,memory,,computational,,or,energy,requirements), plays, against, the, identification, of, a, “unique”, or, “common”, security, solution, set,,whereas, they,call, for, a, large,spectrum,of, security, level, versus, resource,consumption, trade$offs.,Some, protocols, such, as,CoAP,, XMPP,, Bluetooth,mandate, for, confidentiality, and, authentication,services,by,means,of,end$to$end,encryption,and,digital,signatures,while,others,such,as,LoRa,,MQTT,and,Zigbee, focus,on,more, lightweight, security, solutions,, thus, leaving, the, task, to, provide,higher,security,level,protection,to,the,transport,or,application,layer.,

MQTT,allows,for,sending,a,username,and,password,,although,recommends,that,the,password,be,no,longer,than,12,characters.,Username,and,password,are,sent,in,the,clear,,thus,,it,is,critical,that,TLS,is,employed,when,using,MQTT.,,

CoAP, supports, pairing,with,Datagram,TLS, (D$TLS), to, provide, confidentiality, and, authentication,services., More, specifically, it, supports, three, key, agreements, mechanism:, 1), preSharedKey,, 2),rawPublicKey,and,3),certificate.,,

XMPP,supports,a,variety,of,authentication,patterns,via,the,Simple,Authentication,and,Security,Layer,(SASL,–,RFC4422).,Mechanisms,include,one$way,anonymous,as,well,as,mutual,authentication,with,encrypted, passwords,, certificates, and, other, means, implemented, through, the, SASL, abstraction,layer.,,

The,Object,Management,Groups,Data,Distribution,Standard,(DDS),Security,Specification,provides,endpoint, authentication, and, key, establishment, to, perform, subsequent, message, data, origin,authentication,(i.e.,,HMAC).,Both,digital,certificates,,such,as,X.509,Certificates,(PKI),using,RSA,and,DSA,,and,various,identity,and,authorization,token,types,are,supported.,,

Zigbee,provides,both,network,and,application,level,authentication,and,encryption,through,the,use,of,the,AES,algorithm,with,pre$shared,keys.,

Bluetooth,provides,authentication,services, through, two,different,device,pairing,options,,Standard,and,Simple,Pairing.,The,Standard,pairing,method,is,automaticm,the,Simply,pairing,method,includes,a,human$in$loop,to,verify,(following,a,simple,Diffie$Hellman,exchange),that,the,two,devices,display,the,same,hash,of,the,established,key.,Bluetooth,offers,both,one$way,as,well,as,mutual,authentication,options.,,

Bluetooth$LE, introduces, a, two$factor, authentication, system,, the, LE, Secure, Connections, pairing,model, which, combines,, based, on, device, capability,, unencrypted, data, authenticated, using,Connection, Signature, Resolving, Key, (CSRK), , and, device, identity, and, privacy, via, an, Identity,ResolvingKey,(IRK).,In,addition,,Elliptic$Curve,Diffie,Hellman,is,used,for,key,exchange.,,

HTTP/REST,typically,requires,the,support,of,the,TLS,protocol,for,authentication,and,confidentiality,services.,Although,baasic,authentication,(where,credentials,are,passed,in,the,clear),can,be,used,over,TLS,,it,is,more,secure,to,employ,a,token$based,authentication,approach,such,as,OAUTH,2.,,

LoRa,supports,authentication,by,means,of,both,Over,The,Air,Activation,(OTAA),and,Activation,by,Personalization,(ABP).,With,the,former,,each,node,is,deployed,with,a,unique,128$bit,AppKey,used,to,sign,an,unencrypted,join,request,message.,Upon,request,to,join,the,network,,the,network,server,generates,and,sends,to,the,node,two,new,128$bit,keys:,the,app,session,key,(AppSKey),,and,the,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 172 of 179

network, session, key, (NwkSKey)., Alternatively,, with, ABP, nodes, are, already, shipped, with, both,session,keys,,NwkSKey,and,AppSKey.,After, the, joining,phase,,either, through,OTAA,or,ABP,,all,future,messages,are,encrypted,by,using,AES128,in,Counter,mode,(CTR),and,authenticated,using,a,4,byte,Message,Integrity,Code,(MIC).,,,

,

A2.4.4!Security on Platform Applications,and,services,deployed,by,the,cities,can,have,different,security,requirements,based,on,their,scope,,including,confidentiality,, integrity,,authentication,,authorisation,,immutability,,trust,and,non$repudiation., From, a, security, perspective,, best, practices, mandate, for, a, security, in, depth,approach.,Measures,to,address,these,capabilities,are,deployment,of,physical,protection,,access,control,,alarms,and,surveillance,,implementation,of,an,information,security,policy,,creation,of,activity,logs,,regular,auditing,,and,maintenance,of,backups.,More,specifically,,applications,and,services,can,be,targeted,by,tampering,and,accessing,information,from,different,surfaces,,thus,different,protection,measures,to,address,this,threat,must,be,tailored,to,the,target.,Such,defences,range,from:,physical,measures,to, prevent, access, to, restricted, areas, and, the, use, of, tamper$proof, designsm, measures, to, make,tampering/alteration,easier, to,detect,, such,as,measures, to,mitigate, the, in, transit,manipulation,of,messages,travelling,between,systems,or,actorsm,digital,measures,to,prevent,access,such,as,firewalls,and,authentication,systems.,,Unsecure,communication,can,lead,an,attacker,to,capture,plain$text,credentials,exposed,in,network,traffic,and,enumerate,accounts,to,access,the,web,interface.,Attack,vectors,can,leverage,on,Cross$site,Scripting,(XSS),,SQL$Injection,,unencrypted,services,and,poorly,implemented,or,misconfigured,TLS.,Widely,employed,standard$based,security,association/session,setup,protocols,, such,as, the,IPsec,Internet,Key,Exchange,(IKE),protocol,,or,the,handshake,phase,of,the,Transport,Layer,Security,(TLS),protocol,and,its,UDP$based,version,(DTLS),,do,not,restrict,their,operations,to,the,exchange,of, cryptographic, information, for, symmetric, key, derivation., Rather,, they, further, permit, to, flexibly,negotiate,the,specific,security,services,and,relevant,cipher,suites,to,be,employed.,The,use,of,TLS,to,secure,HTTP,traffic,constitutes,the,HTTPS,protocol.,,,,,,,,,,,, ,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 173 of 179

References ,

[1],, SynchroniCity,Consortium,,«D1.3,$,Guidelines,for,SynchroniCity,architecture,»,2017.,

[2],, «ITU,(International,Telecommunication,Union),»,[Online].,Available:,http://www.itu.int/en/Pages/default.aspx.,

[3],, ITU$T,Focus,Group,on,Smart,Sustainable,Cities,,«Setting,the,framework,for,an,ICT,architecture,of,a,smart,sustainable,city,»,2015.,

[4],, ITU$T,Focus,Group,on,Smart,Sustainable,Cities,,«Cybersecurity,,data,protection,and,cyber,resilience,in,smart,sustainable,cities,»,2015.,

[5],, «Recommendation,ITU$T,Y.2060,Overview,of,Internet,of,Things,»,[Online].,Available:,https://www.itu.int/rec/T$REC$Y.2060$201206$I.,

[6],, ITU$T,,«ITU$T,Y.2060,Overview,of,Internet,of,Things,»,2012.,

[7],, ISO/IEC,JTC1,Study,Group,on,Smart,CIties,,«Resolutions,3,,ISO/IEC,JTC,1,N,11894,,2013$11$12,»,2012.,

[8],, «ISO/IEC,JTC1,»,[Online].,Available:,https://www.iso.org/isoiec$jtc$1.html.,

[9],, «oneM2M,»,[Online].,Available:,http://www.onem2m.org/.,

[10],, oneM2M,,«oneM2M,Smart,Cities,Done,Smarter,»,2017.,

[11],, «FIWARE,»,[Online].,Available:,https://www.fiware.org/.,

[12],, «TM,Forum,»,[Online].,Available:,https://www.tmforum.org/.,

[13],, «FIWARE,Managing,context,information,at,large,scale,»,[Online].,Available:,https://www.slideshare.net/FI$WARE/managing$context$information$at$large$scale$final4$yfnv12.,

[14],, «FIWARE,Business,API,Ecosystem,»,[Online].,Available:,https://catalogue.fiware.org/enablers/business$api$ecosystem$biz$ecosystem$ri.,

[15],, «FIWARE,Github,Repository,»,[Online].,Available:,https://github.com/fiware.,

[16],, «FIWARE,Data,Models,»,[Online].,Available:,https://www.fiware.org/data$models.,

[17],, «GSMA$Groupe,Speciale,Mobile,Association,»,[Online].,Available:,https://www.gsma.com/.,

[18],, «FIWARE$NGSI,v2,Specification,»,[Online].,Available:,http://fiware.github.io/specifications/ngsiv2/latest/.,

[19],, «AIOTI,The,Alliance,for,the,Internet,of,Things,Innovation,»,[Online].,Available:,https://aioti$space.org/.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 174 of 179

[20],, AIOTI,WG03,–,loT,Standardisation,,«AIOTI,High,Level,Architecture,(HLA),Release,3.0,»,2016.,

[21],, «EU,General,Data,Protection,Regulation,»,[Online].,Available:,http://www.eugdpr.org/.,

[22],, «The,Directive,on,security,of,network,and,information,systems,(NIS,Directive),»,[Online].,Available:,https://ec.europa.eu/digital$single$market/en/network$and$information$security$nis$directive.,

[23],, AIOTI,,«Report,on,Workshop,on,Security,and,Privacy,in,the,HyperConnected,»,2016.,

[24],, «The,European,Innovation,Partnership,on,Smart,Cities,and,Communities,EIP$SCC,»,[Online].,Available:,https://eu$smartcities.eu/about.,

[25],, EIP,SCC,Work,Stream,2,,«EIP,SCC,Work,Stream,2,Reference,Architecture,&,Design,Principles».,

[26],, «smartcity.linkeddata.es,»,[Online].,Available:,http://smartcity.linkeddata.es/.,

[27],, ESPRESSO,Consortium,,«D4.2,–,Definition,of,Smart,City,Reference,Architecture,»,2016.,

[28],, «ESPRESSO,Project,»,[Online].,Available:,http://espresso$project.eu/.,

[29],, «BIG,IOT,Project,»,[Online].,Available:,http://big$iot.eu/.,

[30],, BIG,IOT,Consortium,,«Deliverable,2.4.a:High$level,architecture,specification–,first,release,»,2016.,

[31],, «OrganiCity,Project,»,[Online].,Available:,http://organicity.eu/.,

[32],, «Co$Creating,the,Cities,of,the,Future».,

[33],, «FIWARE,Orion,Context,Broker,»,[Online].,Available:,https://catalogue.fiware.org/enablers/publishsubscribe$context$broker$orion$context$broker.,

[34],, «Open,Data,Aarhus,»,[Online].,Available:,https://www.odaa.dk.,

[35],, «OASC$,Open,&,Agile,Smart,Cities,initiative,»,[Online].,Available:,http://www.oascities.org/.,

[36],, «Triangulum,Project,»,[Online].,Available:,http://triangulum$project.eu/index.php/project/smart$city$framework/.,

[37],, «TRIANGULUM,D6.1,ICT_Reference,Architecture,»,2016.,

[38],, «symbIoTe,Project,»,[Online].,Available:,https://www.symbiote$h2020.eu/.,

[39],, «symbIoTe,D1.2,–,Initial,Report,on,System,Requirements,and,Architecture,»,2016.,

[40],, «JSON,Web,Token,(RFC,7519),»,[Online].,Available:,https://tools.ietf.org/html/rfc7519.,

[41],, «OData,(Open,Data,Protocol),»,[Online].,Available:,http://www.odata.org/.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 175 of 179

[42],, «ANTWERP,CITY,PLATFORM,AS,A,SERVICE,»,[Online].,Available:,https://antwerpen.digipolis.be/en/blog/2fac1bf7$eeee$432b$9a93$dad32bbb2002.,

[43],, «City,of,Things,»,[Online].,Available:,https://www.imec$int.com/en/cityofthings.,

[44],, J.,Nelis,,T.,Verschueren,,D.,Verslype,e,C.,Develder,,«DYAMAND:,DYnamic,,Adaptive,MAnagement,of,Networks,and,Devices,»,in,Local%Computer%Networks%(LCN),%2012%IEEE%37th,,Clearwater,,FL,,USA,,2012.,,

[45],, «Tengu,»,[Online].,Available:,http://tengu.intec.ugent.be/v1/.,

[46],, «LimeDS,$,Lightweight,Modular,Environment,for,Data,Services,»,[Online].,Available:,http://limeds.be/.,

[47],, «Apache,Storm,»,[Online].,Available:,http://storm.apache.org/.,

[48],, «Apache,Spark,»,[Online].,Available:,https://spark.apache.org/.,

[49],, «MongoDB,»,[Online].,Available:,https://www.mongodb.com/.,

[50],, «The,DataTank,!,Transform,your,datasets,into,a,RESTful,API,»,[Online].,Available:,http://thedatatank.com/.,

[51],, «IEM,Group,$,INNOVATIVE,PARKING,SOLUTIONS,FOR,SMART,CITIES,»,[Online].,Available:,http://www.iemgroup.com/.,

[52],, «Orbiwise,»,[Online].,Available:,https://www.orbiwise.com.,

[53],, «FIWARE,Secure,Catologue,»,[Online].,Available:,https://catalogue.fiware.org/chapter/security,.,

[54],, «Mandat,International,»,[Online].,Available:,www.mandint.org.,

[55],, «FIWARE,CKAN,GE,»,[Online].,Available:,https://catalogue.fiware.org/enablers/ckan.,

[56],, «ViNotion,»,[Online].,Available:,https://www.vinotion.nl/.,

[57],, «Intelligent,Transport,Systems,(ITS)m,Access,layer,specification,for,Intelligent,Transport,Systems,operating,in,the,5,GHz,frequency,band,»,2012.,

[58],, «Sorama,Sound,Solution,»,[Online].,Available:,https://www.sorama.eu/.,

[59],, «COOSTO,Product,»,[Online].,Available:,https://www.coosto.com/en/product/pr$communications/.,

[60],, «CityTouch,connect,application,»,[Online].,Available:,http://www.lighting.philips.com/main/systems/connected$lighting/citytouch/connect$app.,

[61],, «FIWARE,IDAS,GE,»,[Online].,Available:,https://catalogue.fiware.org/enablers/backend$device$management$idas.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 176 of 179

[62],, «FIWARE,IoT,Agent,»,[Online].,Available:,https://github.com/telefonicaid/iotagent$node$lib#fiware$iot$agent$framework.,

[63],, «FIWARE,Kurento,GE,»,[Online].,Available:,https://catalogue.fiware.org/enablers/stream$oriented$kurento.,

[64],, «Stratumseind,living,lab,»,[Online].,Available:,https://www.facebook.com/LivingLabStratumseind/.,

[65],, W.,SPDP,,«Standard,for,Publishing,Dynamic,Parking,Data,»,2017.,

[66],, «Ivera,Protocol,»,[Online].,Available:,https://www.ivera.nl/downloads.,

[67],, «Eindhoven,open,Data,Portal,»,[Online].,Available:,https://data.eindhoven.nl/pages/home/.,

[68],, «OpenDataSoft,»,[Online].,Available:,https://www.opendatasoft.it/.,

[69],, «FIWARE,Keyrock,IDM,GE,»,[Online].,Available:,https://catalogue.fiware.org/enablers/identity$management$keyrock.,

[70],, «FIWARE,Wilma,PEP,Proxy,GE,»,[Online].,Available:,https://catalogue.fiware.org/enablers/pep$proxy$wilma.,

[71],, «FIWARE,AuthZForce,Authorization,PDP,»,[Online].,Available:,https://catalogue.fiware.org/enablers/authorization$pdp$authzforce.,

[72],, «Finland,Six,City,Strategy,(6Aika),»,[Online].,Available:,https://6aika.fi/in$english.,

[73],, «Select4Cities,»,[Online].,Available:,http://www.select4cities.eu/].,

[74],, «mySMARTLife,Project,»,[Online].,Available:,https://www.mysmartlife.eu/mysmartlife/.,

[75],, «bIOTope,Project,»,[Online].,Available:,http://www.biotope$project.eu.,

[76],, «SMART,Kalatasama,»,[Online].,Available:,https://fiksukalasatama.fi/en/].,

[77],, «DigiTransit,Project,»,[Online].,Available:,https://digitransit.fi/en.,

[78],, «Group,Internet,of,Things,Standard,»,[Online].,Available:,http://www.opengroup.org/iot/wp$refarchs/p2.htm.,

[79],, «Open,Message,Interface,(O$MI),Node,Server,»,[Online].,Available:,http://www.opengroup.org/iot/omi/index.htm.,

[80],, «Open,Data,Format,»,[Online].,Available:,http://www.opengroup.org/iot/odf/index.htm.,

[81],, «O$MI,Security,Model,»,[Online].,Available:,https://github.com/filiroman/O$MI$Security$Model.,

[82],, «Wapice,sets,up,LoRa,network,in,7,finnish,cities,»,[Online].,Available:,https://www.iot$ticket.com/news/58$wapice$sets$up$lora$network$in$7$finnish$cities.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 177 of 179

[83],, «Reference,Architectures,and,Open,Group,Standards,for,the,Internet,of,Things,»,[Online].,Available:,http://www.opengroup.org/iot/wp$refarchs/p2.htm.,

[84],, «O$MI,Node,Standard,Conformance».,

[85],, «DigiTransit,Public,APIs,»,[Online].,Available:,https://digitransit.fi/en/developers/services$and$apis.,

[86],, «Helsinki,Region,Infoshare,»,[Online].,Available:,http://www.hri.fi/en/.,

[87],, «URBACT,NETWORK:,SMARTImpact,»,[Online].,Available:,http://urbact.eu/smartimpact.,

[88],, «CityVerve,»,[Online].,Available:,(http://www.cityverve.org.uk.,

[89],, «Hypercat,specification,»,[Online].,Available:,http://www.hypercat.io.,

[90],, «DataWell,Health,Data,Sharing,Platform,»,[Online].,Available:,https://www.gmahsn.org/datawell.,

[91],, «British,Telecommunications,Data,Hub,»,[Online].,Available:,http://home.bt.com.,

[92],, «Asset,mapping,Data,Platform,»,[Online].,Available:,https://www.assetmapping.com/about$us.,

[93],, «CISCO,City,Digital,Platform,»,[Online].,Available:,https://marketplace.cisco.com/catalog/companies/aptus$enterprises$inc/products/city$digital$platform$cdp.,

[94],, «Ordnance,Survey,Mapping,Data,»,[Online].,Available:,https://www.ordnancesurvey.co.uk/.,

[95],, «Mobike,bike,sharing,service,»,[Online].,Available:,https://mobike.com/uk/.,

[96],, «Tyk,open,source,API,Gateway,»,[Online].,Available:,https://tyk.io/,.,

[97],, «Sharing,Cities,Project,»,[Online].,Available:,http://www.sharingcities.eu/.,

[98],, «DYNAMAP:,DYNamic,Acoustic,MAPping,Project,»,[Online].,Available:,http://www.life$dynamap.eu/it/.,

[99],, «EU$GUGLE,:European,cities,serving,as,Green,Urban,Gate,towards,Leadership,in,sustainable,Energy,»,[Online].,Available:,http://eu$gugle.eu/it/.,

[100],,«WSO2,Platform,»,[Online].,Available:,http://wso2.com/.,

[101],,«Milan,Open,Data,Portal,»,[Online].,Available:,http://dati.comune.milano.it.,

[102],,«Porto's,water,supplu,company,mobile,app,»,[Online].,Available:,https://app.aguasdoporto.pt.,

[103],,«Future,Cities,Project,»,[Online].,Available:,http://www.futurecitiesproject.eu.,

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 178 of 179

[104],,«Citibrain,Consortium,»,[Online].,Available:,http://www.citibrain.com.,

[105],,«sensiNact,Platform,»,[Online].,Available:,https://projects.eclipse.org/projects/technology.sensinact.,

[106],,«SmartSantander,»,[Online].,Available:,http://smartsantander.eu/.,

[107],,«Santander,Open,Data,Catalogue,(Datos,Abiertos,Santander),»,[Online].,Available:,http://datos.santander.es/.,

[108],,«FIWARE,Short,Time,Historic,(STH),$,Comet,»,[Online].,Available:,https://github.com/telefonicaid/fiware$sth$comet#fiware$short$time$historic$sth$$$comet.,

[109],,«Fiesta,Project,»,[Online].,Available:,http://fiesta$iot.eu/.,

[110],,«Organicity,Restful,APIs,»,[Online].,Available:,https://docs.organicity.eu/.,

[111],,«SmartSantander,APIs,»,[Online].,Available:,https://api.smartsantander.eu/.,

[112],,«Festival,Project,»,[Online].,Available:,http://www.festival$project.eu.,

[113],,«SocIoTal,Project,»,[Online].,Available:,http://sociotal.eu/.,

[114],,«Keycloak,$,Open,Source,Identity,and,Access,Management,»,[Online].,Available:,http://www.keycloak.org/.,

[115],,SynchroniCity,Consortium,,«D1.4$Privacy,by,design,methodology,&,PIA,»,2017.,

[116],,«The,OAuth,2.0,Authorization,Framework,$,RFC,6749,»,[Online].,Available:,https://tools.ietf.org/html/rfc6749,.,

[117],,A.,K.,D.,a.,G.,D.,Abowd,,«Towards,a,Better,Understanding,of,Context,and,Context$Awareness,»,in,Handheld%and%Ubiquitous%Computing,,1999.,,

[118],,D.,Gori,,«Progetto,e,sviluppo,di,un,servizio,di,lookup,basato,su,hash,table,distribuite,per,la,piattaforma,FIWARE,»,2015/2016.,

[119],,«OASIS,XAMCL,version,3.0,»,[Online].,Available:,http://docs.oasis$open.org/xacml/3.0/xacml$3.0$core$spec$os$en.html.,

[120],,«GSMA,IoT,Security,Guidelines,»,[Online].,Available:,https://www.gsma.com/iot/future$iot$networks/iot$security$guidelines/.,

[121],,«ENISA,(European,Union,Agency,for,Network,and,Information,Security),Smart,Cities,Architecture,Model,»,[Online].,Available:,https://www.enisa.europa.eu/publications/smart$cities$architecture$model.,

[122],,«Amazon,Simple,Notification,Service,(SNS),»,https://aws.amazon.com/it/sns/.,,

[123],,«FIWARE,Complex,Event,Processing,(CEP),»,https://catalogue.fiware.org/enablers/complex$event$processing$cep$proactive$technology$

H2020$IOT$2016$2017/H2020$IOT$2016,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Page 179 of 179

online.,,

[124],,«IBM,Proactive,Technology,Online,»,https://github.com/ishkin/Proton.,,

[125],,«Apache,Flink,»,https://flink.apache.org/introduction.html.,,

[126],,«FIWARE,Big,Data,Generic,Enabler,$,Cosmos,»,(https://github.com/telefonicaid/fiware$cosmos.,,

[127],,Festival,Project,Consortium,,«D2.3,$,Open,data,guidelines,and,federated,testbed,policy,»,2015.,

[128],,«DCAT,Application,profile,for,data,portals,in,Europe,(DCAT$AP),»,[Online].,Available:,https://joinup.ec.europa.eu/asset/dcat_application_profile/description.,

[129],,«Data,Catolog,Vocabulary,(DCAT),»,[Online].,Available:,https://www.w3.org/TR/vocab$dcat/.,

[130],,«5$star,Open,Data,»,[Online].,Available:,http://5stardata.info/en/.,

[131],,M.,Swan,,«,Blockchain:,Blueprint,for,a,new,economy,»,O'Reilly,Media,,Inc.,,2015.,,

[132],,«OASIS,Security,Services,(SAML),»,[Online].,Available:,https://www.oasis$open.org/.,

[133],,«OAuth,Community,Site,»,[Online].,Available:,http://oauth.net/.,

[134],,«OpenID,Foundation,»,[Online].,Available:,http://openid.net/.,

[135],,«FIWARE,DB,Anonymizer,GE,»,[Online].,Available:,https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE.OpenSpecification.Security.Optional_Security_Enablers.DBAnonymizer.,

[136],,«FIWARE,Data,Handling,GE,»,[Online].,Available:,https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE.OpenSpecification.Security.Data_Handling_Generic_Enabler.,

[137],,«OpenSSL,»,[Online].,Available:,https://www.openssl.org.,

[138],,«GSMA,IoT,Big,Data,initiative,»,[Online].,Available:,https://www.gsma.com/iot/iot$big$data.,

,

,

,

Documents

H2020$IOT$2016$2017/H2020$IOT$2016 - Synchronicity-iot · 2018-05-21 · SynchroniCity will provide guidelines to evolve IoT deployments towards a smart-city environment making use