Content uploaded by Lyubomir Blagoev
Author content
All content in this area was uploaded by Lyubomir Blagoev on Aug 24, 2017
Content may be subject to copyright.
Sofia University, Spring Scientific Session of Faculty of Mathematics and Informatics 2017, Bulgaria
Page 1
MY (SMART) HOME, MY (DIGITAL) FORTRESS
Lyubomir Blagoev, USW Ltd,
lyubo@usw.bg
Kamen Spassov, Dept. Of Computing Systems, FMI, Sofia University
kspasov@fmi.uni-sofia.bg
Abstract
The analysis suggested in this article is a bit away from the current mainstream vision of building
Smart Home systems. The stagnation of the development and realization of the idea of Smart Home
requires such analyzes. The modest contribution of our analysis can be reduced to transition theories
to local, private cloud solutions and, above all, the inclusion of a new component in the Smart Home
Configuration. This does not turn it into a "digital fortress," but focuses the solution of the security
problem in a separate subsystem that puts a complex sense of security at the heart of adopting home
comfort in Smart Home.
Keywords: Smart Home, IoT, Security, Reliability.
1. SMART HOME AS A SPACE OF PRIVATE DATA
Each of the residents of a home has created or collected data in electronic form that they would not want to
be accessible to others. Joint cohabitation in a home additionally creates, or leads to, the collection of data
that the occupants individually or collectively would not want to be reachable by others.
Not only data stored as some kind of records (documents, photos, etc.) can be referred to commented
data, but data that the occupants or components of a Smart Home Configuration create but not
store. These are, for example, data about "smart" starting / stopping appliances from home appliances,
lighting / extinguishing lamps, etc., which would give a variety of information - for example, real, rather than
simulated, presence of the occupants, their composition and even for the presence of a particular resident
at home.
Other examples of similar data may be given, but most recently the opportunity to comment, the intelligent
talking and listening assistants play the role of uncontrollable spies [1] working for the cloud to which they
relate. Any promises made by their producers that this is not happening do not sound convincing. For now,
the market success of these assistants is at the stage of the early market, mainly due to their still
incomplete functional presence in our home. Gradually, they will become smarter, more useful to the
homeowners, but along with that, there will be a growing suspicion that they will not only assume that they
are assisting but also as homegrown spies. There is a great chance that this kind of home assistant will not
overtake TALC- chasm [2] and conquer the mass market.
The conclusion from what has been said here is quite alarming: the elements of a Smart Home
configuration gather or generate a lot of information, but homeowners may not have control over it. The
main reason for this is the functioning of Smart Home as a space for creating and collecting sensitive
information with limited means of storing and managing access to it. Loss of control is a result of the cloud-
enabled design of the components or the Smart Home configuration as a whole. The thrust in cloud
security of data support has already achieved a certain level, which in the future is likely to decrease and
hardly increase. That is why the upcoming increase of the volume of Smart Home data requires the
provision of resources to store this data in a more appropriate place. From the point of view of the Smart
Home's inhabitants, this place is exactly the Smart Home Configuration itself.
2. SMART HOME AS A HAUNT OF DIGITAL MONSTERS THREATENING INHABITANTS
A Smart Home Configuration encompasses different devices with more or less intelligent behavior and
some level of autonomy. Currently, intelligence is realized through cloud-based resources, mostly vendor
Sofia University, Spring Scientific Session of Faculty of Mathematics and Informatics 2017, Bulgaria
Page 2
specific for different devices. Therefore, Smart Home-components are exposed on the Internet with all the
resulting possible undesirable consequences. This is similar with the remote control functions.
The hacking of Smart Home components can be relatively harmless (for
example, someone has hacked their neighbor's audio system to reduce
the volume when it plays too laud) to undesirable, including dangerous for
the lives of Smart Home residents. When we build our Smart Home, we
need to consider and avoid a configuration with a component that can put
our children in a critical situation. We need always to remember the case
in China, which is unnecessarily dramatic but essentially true, as a "robot
attack on a person." [3]
This can be summarized to a simple and clear requirement: components
of our Smart Home Configuration must be protected from possible
"technological madness", not only due to external interference but also
due to errors in their operation or interaction between them. The solution
to this problem requires the presence of an additional security component
that takes care of the internal security of the Smart Home configuration.
This component, as an especially distinct subsystem of a Smart Home
configuration, is still missing as a vision. Below, in this document, we will refer to this component
provisionally as a Missing Security Subsystem - MSS.
In critical situations, this component should be able to block the malfunction. In addition, if this MSS turns
out to be helpless, the possibility of human action should be ensured through a Red Button - Emergency
Stop. However, this important button has almost never been associated with the Smart Home vision,
perhaps because there is not available a cloud service with similar function. But even if there is such a
button, if the blocking of functions with it is not enough in a critical situation, Smart Home owners must be
provided with the option to "turn the power off" of their entire configuration.
What was said, not only does not offer a complete technological solution to the problem, but it even does
not clearly explains the whole issue. However, one thing is clear - the solution could not be realized in a
cloud, no matter how smart it is. This prompts to a local solution instead of а cloud solution for the Smart
Home configuration.
3. SMART HOME AS A HAUNT OF DIGITAL MONSTERS THREATENING INTERNET SPACE
It is not necessary for a Smart Home Configuration component to be intelligent or complicated interacting
with other Smart Home components to become a source of threat. It is still a fresh memory of the massive
Internet attack carried out by harmless home appliances that have been hacked without problems [4]. In
that case, the threat outwardly and apparently did not affect the owners of Smart Home Configuration
involved in such a technological endeavor.
The assessment of such threats depends on the purpose of its impact. If its goal is an Internet site, the
public has become accustomed to reconciliation, including unauthorized access to personal data. Let
assume a coffee maker is hacked. It can infect or damage other smart devises e.g. medical ones. This way
it is possible to prevent cure or even to cause death of people under medical care. It is possible through the
infected coffee maker to influence elements of critical infrastructure (energy, transport, etc.). Thus, the
coffee maker becomes an author of eventual damages! Who will take the responsibility? The owner of the
coffee maker? In some countries, dog owners are responsible for the aggressive behavior of their dogs. It
might be funny but if according the law dog owners are responsible for the behavior of their dogs why not
the owners of coffee makers be responsible for the “behavior“ of their coffee makers (intelligent devices)?
Would you agree to bear such a responsibility?
Solving the problem of "export of aggression" outside the Smart Home Configuration requires inclusion of
MSS that should monitor the misconduct of home equipment to external devices. In this case, we can again
(as above) think about critical situations, the role of the “red button”, accessing the “turn the power off”
service and the need for a local (in the home) rather than cloudy implementation of the Smart Home
configuration.
Sofia University, Spring Scientific Session of Faculty of Mathematics and Informatics 2017, Bulgaria
Page 3
4. SMART HOME'S VISION UPGRADE
The Smart Home vision needs to be further developed, with the following important features:
Smart Home dwellers must have full control over the Smart Home system components,
including the ability to "turn the power off" of the entire configuration.
All Smart Home functional components need to "get off the clouds" and land at the home
environment.
An obligatory component appears for each Smart Home configuration - the MSS mentioned
above.
Interaction logic between Smart Home components should be realized in a homogeneous
environment [5] rather than as direct connections between sensors and actuators. Only in this
way, MSS can control the interaction between the objects in a Smart Home Configuration and
their behavior.
The very presentation of the logic of interaction and its realization should be subject to
parallel analysis with the possibility of active intervention in this interaction. That is, if we are
talking about interoperability, it must necessarily be Semantic Interoperability with the
presentation of the semantics in a form understandable to humans.
The Smart Home Environment should also provide standard functions to support of different
types of data that the occupants would not store on Internet-based clouds.
The upgrade procedure itself must guarantee a high level of security because the future
Smart Home configurations will evolve to unpredictable level of complexity. It is more correct to
speak about self-assembling instead of upgrade, with all the resulting consequences of such a
terminological transition.
Such Smart Home development must be done very carefully to avoid
dominating the sense of "smart" presence over the feeling that the
home environment remains human oriented. The very idea of Smart
Home is created "from people to people" and the feeling of comfort
must always prevail over the sense of security and machine presence
without compromising on security.
5. CHANGES IN SMART HOME DIGITAL INFRASTRUCTURE
Changes will also be made to the Smart Home Digital Infrastructure as
it is defined in [5]. The most important changes are:
Switch to internal (for Smart Home Configuration)
communication that easily provides a high level of security. Wi-Fi and
wireless communication in general should be minimized. Cable
connectivity should prevail. The main prerequisite for this is the
substitution of the connection to a “remote” cloud with a "local cloud"
connection that hosts the resources of a Smart Home Configuration.
The cable connection itself will be available in a variety of forms - from
a dedicated cable to the Smart Home component, through "shared cable connectivity" between
different components and Power Line connectivity.
The transition to cable connectivity enables the action of the Red Emergency Stop because
it operates at the lowest level of impact based on cable connectivity
The reduction of Wi-Fi connectivity of Smart Home components will allow them to use highly
simplified operating systems where there is simply nothing to hack. This in turn will make these
components cheaper and easier to operate. Smart Home components will have a level of
complexity that matches their intelligence. Therefore, the intelligent coffee maker will stop
creating problems with his intellect.
The changes listed here are certainly not the only ones, so it is necessary to rethink the
current IoT platform idea on which to build Smart Home Configuration that meets the
requirements discussed in this article
Sofia University, Spring Scientific Session of Faculty of Mathematics and Informatics 2017, Bulgaria
Page 4
In fact, it is necessary to rethink the vision of Smart Home itself as an IoT system. In this
case, the vision of Networks of Things proposed by Jeffrey Voas in [6] is more appropriate.
6. CHANGES IN SMART HOME BUSINESS MODEL
Potential changes to the Smart Home business model can be expected in two ways:
Smart Home as an investment in home comfort and security
The current business model is based on sale of inexpensive, stand-alone devices or on a relatively simple
interaction of such devices in a cloud application available to many users (public cloud). So far, the Smart
Home business model is essentially a SaaS model.
Switching to a private cloud might introduce a new business model, or it will impose changes in already
existing business models. The insurance or risk mitigation toward third parties will add additional cost and
changes in the business models of acquiring and exploitation of Smart Home Private Clouds. The cost of
the insurance will heavily depend on the achieved intelligence of a particular Smart Home configuration
related to risks identification, prevention and mitigation. Currently it is hard to provide a methodology and
tools to assess such intelligence. For sure, we can claim that the use of “black box” approach to build
intelligent Smart Home systems will prevent the precise evaluation of the risks.
The implementation of a Smart Home system with a relatively high user value and acceptable level of
security will not come at a low cost. This is logical, because the Smart Home system is not just an increase
of the number of home appliances. It is creation of a new life environment as an extension of the
architectural environment. The Smart Home system becomes inseparable part of the architecture but also
commensurable to it. With some level of simplification, we can say that a Smart Home system is an asset,
similar to another bedroom, or additional garage, etc. This is in line with the current tendencies new
housing to include elements and support of Smart Home system.
Smart Home as a means of making money
The current business model does not provide a way to make money from selling data created in the Smart
Home space. Control over these data has the relevant cloud structures that provide access to home
equipment, including management functions. Thus, the owners of the respective clouds have the
opportunity to accumulate big data arrays and to benefit from the sale of products that resulted in
accumulated data processing. Owners of Smart Home systems should indirectly benefit from the proceeds.
For example, cloud owners could provide the corresponding smart service at a lower cost. We did not
found research publications on this topic. This means that Smart Home owners do not have data on such
indirect revenue and they cannot resize their own investment in Smart Home System.
With the switch from public to private cloud Smart Home system owners will gain control over the data
generated by their system. The demand for such data will remain the same or even increase, which means
that owners of Smart Home systems will be able to sell these data.
At this stage, it is difficult and not necessary to predict the schemes and at the profitability of selling these
data. It is important that the Smart Home system will be suited in new, more profitable conditions for the
investment. On the other hand, companies that deliver big data analyzes based on data from Smart Home
systems will have to buy these data , which will influence the final cost of the analyzes.
7. ONLY SMART HOME, OR SOME OTHER THINGS IN THE WORLD OF INTERNET OF THINGS
The discussion on Smart Home, more or less, is also applicable to IoT industrial systems, to IoT
configurations for smart buildings and even to smart cities. Differences will not be principle - the complex
solution of the security problem should be interpreted as a systemic activity concentrated in a distinct
MSS. But in the different cases MSS will have different features. For example, in a nuclear power plant,
MSS must also take into account specific parameters of the operation of nuclear reactors, in a smart city
there must be a specific implementation of the control over large groups of people, including taking into
account the possibility of terrorist attacks, etc.
Sofia University, Spring Scientific Session of Faculty of Mathematics and Informatics 2017, Bulgaria
Page 5
A general MSS solution can hardly be given, but no doubt the initial prototype is appropriate to develop for
a Smart Home system, as Smart Home could be seen as an IoT laboratory [7].
Conclusion
The transition from Public Cloud to Private Cloud based Smart Home systems is not the most significant
note in the above. This transition is logical, and a number of developments are the basis for its occurrence.
What is more important here is the need for the mandatory inclusion of the provisionally called Missing
Security Subsystem (MSS) in each Smart Home system. Its functionality is yet to be outlined in details,
which may be the basis for a suitable name.
For now, we can only say that its intelligence will be commensurate with the intelligence of the entire Smart
Home System. The general principles it’s functionality might be a paraphrase of the laws of Isaac Asimov
[8].
References
1. Gerald Sauer, A Murder Case Tests Alexa's Devotion to Your Privacy | WIRED
2. Geoffrey A. Moore, Crossing the Chasm: Marketing and Selling High-Tech Products to
Mainstream Customers, Harper Business Essentials, 1991, ISBN 0-06-051712-3
3. Daily China ' Robot attacks visitor during demonstration'
4. How hackable are your smart home gadgets?, Ry Crist, October 27, 2016
https://www.cnet.com/news/how-hackable-are-your-smart-home-gadgets/
5. Blagoev L., Spassov K., Smart home as a Digital Environment , Sofia University, Spring Scientific
Session of Faculty of Mathematics and Informatics, 28.03.2015, Sofia, Bulgaria
6. Jeffrey Voas, Networks of 'Things', NIST Special Publication 800-183, 2016
7. Blagoev L., Spassov K., The end of IoT Enthusiasm or the Beginning of a new IoT Vision , Sofia
University, Spring Scientific Session of Faculty of Mathematics and Informatics, 26.03.2016,
Sofia, Bulgaria
8. Asimov, Isaac (1950). "Runaround". I, Robot (hardcover) (The Isaac Asimov Collection ed.). New
York City: Doubleday. p. 40. ISBN 0-385-42304-7.