Automated and Secure Onboarding for System of Systems

The Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.