D1.6 VICINITY_D1_6_Architectural_design_1.0

The document, referred as “D1.6 VICINITY Architectural design”, is a deliverable of the VICINITY project, funded by the European Commission (EC) Directorate-General for Research and Innovation (DG RTD), under its Horizon 2020 Research and Innovation Programme (H2020). VICINITY is building a device and standard independent platform for IoT infrastructures that offers „Interoperability as a Service“. They aim of the VICINITY is to solve the interoperability problem with a virtual neighbourhood concept which is a decentralized, user-centric approach that allows transparency and full control over exchanged data.

This deliverable directly addresses the Objective 2.4 “VICINITY Technical requirements and solution architecture specified“, in terms of describing architectural decisions which shape the VICINITY interoperability platform. The selected architectural options and decisions are based on functional and quality requirements extracted from D1.5 VICINITY Technical requirement specification document and can be summarized in the following Figure 1.

Figure 1 High-level logical VICINITY architecture

The VICINITY architecture is divided into the following principal components:

1) VICINITY Cloud providing set of services to setup peer-to-peer interoperability between IoT environments (further referred as virtual neighbourhoods), that are including:

  • access control to the VICINITY-connected IoT objects, 
  • services for device discovery and registration, 
  • deployment of value added services over VICINITY-connected IoT objects and environments,
  • and setting up connection to VICINITY (e.g. getting integrated to VICINITY);

2) VICINITY Node, integrating IoT infrastructures and value-added services to the VICINITY interoperability network. The VICINITY Node includes:

  • VICINITY Communication Node which handles the secure and peer-to-peer exchange of IoT data (IoT events, actions as well as IoT properties) and configuration data with other integrated infrastructures, value added services and the VICINITY Cloud;
  • VICINITY Gateway API providing semantic interoperability interface for VICINITY Adapters/ Agents to register IoT objects, to access shared IoT objects or to discover and query IoT objects;
  • VICINITY Adapters and Agents adapting VICINITY into local infrastructures.

The VICINITY Cloud and set of VICINITY Nodes are creating secure peer-to-peer communication network. This network of loosely coupled peers copying geographically distribution of integrated infrastructures and value-added service thus user data exchange load is distributed accordingly. Moreover, any performance, availability and system failure issues originated in integrated infrastructures and value-added services or even in VICINITY Cloud can be localised in the peer (i.e. spread of issues can be kept under control in the certain part of the peer-to-peer network).

The VICINITY Cloud components such as VICINITY Neighbourhood manager (providing user interface to VICINITY Users), Semantic discovery and dynamic configuration agent platform (providing semantic platform) and VICINITY Communication Server (providing control of communication between integrated infrastructures) shall be deployed as high available software components being to scale in/out VICINITY cloud to current needs to the integrated infrastructures and value added services.

The distributed infrastructure of VICINITY is enhanced by interoperability approach to provide a standard way to both Discover and Access heterogeneous IoT objects distributed among sparse IoT infrastructures based on the work being done by the W3C Web of Things (WoT) WG . Therefore, VICINITY shall rely on Thing description (TD) introduced by WoT to describe every IoT object (which can represent either physical or abstract Things) that belong to any integrated IoT infrastructure, which in turn shall be described as an ecosystem of IoT objects (Things ecosystem descriptions – TEDs). Accordingly, each interested part in taking advantage of the semantic interoperability solution provided by VICINITY must only be able to understand such description frames as well as the Web of Things ontology through the VICINITY Gateway API interface.

The VICINITY trust, privacy and security features are mainly covered:

  • Verification of VICINITY users through VICINITY Neighbourhood Manager and verification and validation of IoT objects (value-added services and devices) through the VICINITY communication server security services;
  • End-to-end security and authenticity of exchanged data through peer-to-peer network using encryption and data integrity services of VICINITY communication Server and Node components;
  • Controlled registration and access to value-added services and IoT objects properties, action and events based on sharing access rules with private data processing consents  through VICINITY Neighbourhood manager set by device owner or service provided;
  • Exchanging of private user data only through VICINITY Nodes and Peer-to-peer network without storing data in VICINITY Cloud ;

The VICINITY Architectural design together with VICINITY Technical requirements specification defines the base line for the following implementation of VICINITY core components, Semantic Discovery and Dynamic Configuration services in WP3 and VICINITY Gateway Adapters and VICINITY Agent and Auto-Discovery platform in WP4.