ETSI SR 003 680 V1.1.1 (2020-03)

ETSI SR 003 680 V1.1.1 (2020-03)






SPECIAL REPORT
SmartM2M;
Guidelines for Security, Privacy and
Interoperability in IoT System Definition;
A Concrete Approach

---------------------- Page: 1 ----------------------
2 ETSI SR 003 680 V1.1.1 (2020-03)



Reference
DSR/SmartM2M-003680
Keywords
interoperability, IoT, IoT platforms, oneM2M
privacy, SAREF, security, semantic

ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
The present document can be downloaded from:
http://www.etsi.org/standards-search
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format at www.etsi.org/deliver.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
https://portal.etsi.org/TB/ETSIDeliverableStatus.aspx
If you find errors in the present document, please send your comment to one of the following services:
https://portal.etsi.org/People/CommiteeSupportStaff.aspx
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying
and microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2020.
All rights reserved.

DECT™, PLUGTESTS™, UMTS™ and the ETSI logo are trademarks of ETSI registered for the benefit of its Members.

3GPP™ and LTE™ are trademarks of ETSI registered for the benefit of its Members and
of the 3GPP Organizational Partners.
oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and
of the oneM2M Partners.
®
GSM and the GSM logo are trademarks registered and owned by the GSM Association.
ETSI

---------------------- Page: 2 ----------------------
3 ETSI SR 003 680 V1.1.1 (2020-03)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 5
Executive summary . 5
1 Scope . 7
1.1 Context for the present document . 7
1.2 Scope of the present document . 7
2 References . 8
2.1 Normative references . 8
2.2 Informative references . 8
3 Definition of terms, symbols and abbreviations . 9
3.1 Terms . 9
3.2 Symbols . 10
3.3 Abbreviations . 10
4 Role based analysis of IoT systems . 10
4.1 Challenges . 10
4.2 Issues to address . 11
4.3 Guidelines. 11
4.4 Stakeholders and roles . 12
4.5 Detailed examples . 12
5 Questions to address . 12
5.1 Introduction . 12
5.2 Privacy . 12
5.3 Security . 15
5.4 Platform Interoperability . 16
5.5 Semantic Interoperability . 19
6 Guidelines for practical implementation . 20
6.1 Introduction . 20
6.2 Strategic guidelines . 21
6.3 Operational guidelines . 21
6.4 Technical guidelines . 22
6.4.1 Generic Guidelines . 22
6.4.2 Privacy . 23
6.4.3 Security . 24
6.4.4 Platforms . 24
6.4.5 Semantic Interoperability . 25
7 Observations and Lessons Learned . 26
Annex A: Examples and associated issues and guidelines . 28
A.1 Examples and issues addressed . 28
A.2 eHealth . 28
A.2.1 Introduction . 28
A.2.2 Storyline . 28
A.2.3 High Level Illustration . 29
A.2.4 Main stakeholders. 30
A.2.5 Why this Use Case is relevant . 30
A.2.6 Issues to address in the development of the example . 31
A.2.7 Questions addressed and relevant guidelines . 32
A.3 Smart Buildings . 33
A.3.1 Introduction . 33
ETSI

---------------------- Page: 3 ----------------------
4 ETSI SR 003 680 V1.1.1 (2020-03)
A.3.2 Storyline . 33
A.3.3 High Level Illustration . 34
A.3.4 Why this Use Case is relevant . 34
A.3.5 Issues to address in the development of the example . 34
A.3.6 Questions addressed and relevant guidelines . 35
A.4 Industrial IoT . 36
A.4.1 Introduction . 36
A.4.2 Storyline . 36
A.4.2.1 The IoT Platform as a support to new service creation . 36
A.4.2.2 The difficulty to set-up the IoT Platform . 37
A.4.3 Why this Use Case is relevant . 38
A.4.4 Issues to address in the development of the example . 38
A.4.5 Questions addressed and relevant guidelines . 39
A.5 IoT based Mission Critical Communications . 40
A.5.1 Introduction . 40
A.5.2 Storyline . 40
A.5.3 High Level Illustration . 41
A.5.4 Main stakeholders. 42
A.5.5 Why this Use Case is relevant . 42
A.5.6 Issues to address in the development of the example . 42
A.5.7 Questions addressed and relevant guidelines . 43
Annex B: For further reading . 45
B.1 Technical Reports . 45
B.2 Technical material . 48
Annex C: Change History . 49
History . 50


ETSI

---------------------- Page: 4 ----------------------
5 ETSI SR 003 680 V1.1.1 (2020-03)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information
pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found
in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in
respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web
server (https://ipr.etsi.org/).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee
can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web
server) which are, or may be, or may become, essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
Foreword
This Special Report (SR) has been produced by ETSI Technical Committee Smart Machine-to-Machine
communications (SmartM2M).
Modal verbs terminology
In the present document "should", "should not", "may", "need not", "will", "will not", "can" and "cannot" are to be
interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.
Executive summary
IoT systems are often seen as an extension to existing systems created by the (potentially massive) addition of
networked devices to an existing system to enlarge its capabilities. However, in a growing number of ICT systems, the
IoT part becomes the core of the overall system and the place where a large part of the value is created.
Though many of the characteristics of IoT systems may be found in other ICT-based systems, the main challenge with
IoT systems is that they should address simultaneously a number of high-level issues like e.g. stakeholders'
involvement, technology choices, deployment model, and integration with/of legacy.
The complexity of these challenges for IoT raises a very large range of questions that should be addressed across the
whole lifecycle of any IoT system (from its inception to its development, deployment and even de-commissioning). The
approach to IoT systems specification, development and deployment taken in the present document is based on the
analysis of typical examples (Use Cases) which have been selected in order to cover a broad panel of sectors and to
answer some of the most pressing questions of the readers from a strategy, management and technology perspective.
The present document focuses on questions related to privacy, security, platforms interoperability and semantic
interoperability that are addressed from different angles and not just from a simple technical perspective. Tables present
"Frequently Asked Questions" with the intent to illustrate major questions in IoT, and their solutions in an easily
digestible form.
The present document offers some strategic, operational and technical guidelines, which intend to fix the issues
addressed in it.
ETSI

---------------------- Page: 5 ----------------------
6 ETSI SR 003 680 V1.1.1 (2020-03)
Annexes of the present document contain representative Use Cases (eHealth, Smart Buildings, Industrial IoT, IoT-based
Mission Critical Communications) relating to the issues addressed in the present document and contain material and
references for further reading as short descriptions of the Technical Reports already produced by ETSI, technical
material and others.

ETSI

---------------------- Page: 6 ----------------------
7 ETSI SR 003 680 V1.1.1 (2020-03)
1 Scope
1.1 Context for the present document
The design, development and deployment of - potentially large - IoT systems require to address a number of topics -
such as security, interoperability or privacy - that are related and should be treated in a concerted manner. In this
context, several Technical Reports have been developed that each address a specific facet of IoT systems.
• ETSI TR 103 533: "Security; Standards Landscape and best practices" [i.1].
• ETSI TR 103 534: "Teaching Material: Part 1 (Security) [i.2] and Part 2 (Privacy)" [i.3].
• ETSI TR 103 535: "Guidelines for semantic interoperability in the industry" [i.4].
• ETSI TR 103 536: "Strategic/technical approach on how to achieve interoperability/interworking of existing
standardized IoT Platforms" [i.5].
TM
• ETSI TR 103 537: "Plugtests preparation on Semantic Interoperability" [i.6].
• ETSI TR 103 591: "Privacy study report; Standards Landscape and best practices" [i.7].
In order to provide a global and coherent view of all the topics addressed, a common approach has been outlined across
the above Technical Reports (TRs) concerned with the objective to ensure that the requirements and specificities of the
IoT systems are properly addressed and that the overall results are coherent and complementary.
The present document has been built with this common approach also applied in all of the TRs listed above.
1.2 Scope of the present document
The present document intends to be a high-level document for the general public and is not specifically addressing a
technical audience (e.g. designers, developers, etc.). It is introducing, in a relatively non-technical manner, to some of
the main issues that individuals and organizations should address when they face the development of an IoT system. A
strong emphasis is put on interoperability, security, privacy and standards in support.
Based on the analysis of representative Use Cases (eHealth, Smart Buildings, Industrial IoT, IoT-based Mission Critical
Communications), which are documented in Annex A, and relating to (and updating) the guidelines developed in the
TRs listed in clause 1.1, it provides guidelines for Security, Privacy and Interoperability in IoT System Definition.
The present document is structured as follows:
• Clauses 1 to 3 set the scene and provide references as well as definition of terms, symbols and abbreviations,
which are used in the document on hand.
• Clause 4 explains the approach to IoT systems specification, development and deployment taken in the present
document. This approach is based on the analysis of typical examples (also termed as Use Cases) which have
been selected in order to cover a broad panel of sectors (e.g. eHealth or Smart Buildings) and to answer some
of the most pressing questions of the readers from a strategy, management and technology perspective. The
clause also suggests how the rest of the document should be read in order to maximize the findings for the
readers.
• Clause 5 focuses on questions related to privacy, security and interoperability (platforms interoperability
and semantic interoperability) that are addressed from different angles and not just from a simple technical
perspective. The text in this clause is mostly presented in the form of a "Frequently Asked Questions" (FAQ)
information sheet with the intent to illustrate major questions in IoT, and their solutions, in an easily digestible
form. The questions also refer to the associated Technical Reports (detailed in Annex B) and the use case
examples (detailed in Annex A).
• Clause 6 offers some strategic, operational and technical guidelines, which intend to fix the issues addressed in
clause 5.
• Clause 7 provides observations and lessons learned from the addressed issues and analysis of Use Cases.
ETSI

---------------------- Page: 7 ----------------------
8 ETSI SR 003 680 V1.1.1 (2020-03)
• Annex A documents representative Use Cases (eHealth, Smart Buildings, Industrial IoT, IoT-based Mission
Critical Communications) relating to the issues addressed in clause 5 and guidelines provided in clause 6.
• Annex B contains short descriptions of the Technical Reports listed in clause 1.1, as well as technical material
and others for further reading.
2 References
2.1 Normative references
Normative references are not applicable in the present document.
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long-term validity.
The following referenced documents are not necessary for the application of the present document, but they assist the
user with regard to a particular subject area.
[i.1] ETSI TR 103 533: "SmartM2M; Security; Standards Landscape and best practices".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/103533/01.01.01_60/tr_103533v010101p.pdf.
[i.2] ETSI TR 103 534-1: "SmartM2M; Teaching material; Part 1: Security".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/10353401/01.01.01_60/tr_10353401v010101p.pdf.
[i.3] ETSI TR 103 534-2: "SmartM2M; Teaching material; Part 2: Privacy".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/10353402/01.01.01_60/tr_10353402v010101p.pdf.
[i.4] ETSI TR 103 535: "SmartM2M; Guidelines for using semantic interoperability in the industry".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/103535/01.01.01_60/tr_103535v010101p.pdf.
[i.5] ETSI TR 103 536: "SmartM2M; Strategic/technical approach on how to achieve
interoperability/interworking of existing standardized IoT Platforms".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/103536/01.01.02_60/tr_103536v010102p.pdf.
TM
[i.6] ETSI TR 103 537: "SmartM2M; Plugtests preparation on Semantic Interoperability".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/103537/01.01.01_60/tr_103537v010101p.pdf.
[i.7] ETSI TR 103 591: "SmartM2M; Privacy study report; Standards Landscape and best practices".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/103591/01.01.01_60/tr_103591v010101p.pdf.
ETSI

---------------------- Page: 8 ----------------------
9 ETSI SR 003 680 V1.1.1 (2020-03)
[i.8] ETSI TR 103 582: "EMTEL; Study of use cases and communications involving IoT devices in
provision of emergency situations".
NOTE: Available at
https://www.etsi.org/deliver/etsi_tr/103500_103599/103582/01.01.01_60/tr_103582v010101p.pdf.
[i.9] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the
protection of natural persons with regard to the processing of personal data and on the free
movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation),
OJ 2016 L 119/1.
[i.10] Regulation (EU) 2018/1807 of the European Parliament and of the Council of 14 November 2018
on a framework for the free flow of non-personal data in the European Union, OJ L 303.
[i.11] Directive 2011/24/EU Of The European Parliament And Of The Council of 9 March 2011 on the
application of patients' rights in cross-border healthcare, OJ L 88.
[i.12] Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016
concerning measures for a high common level of security of network and information systems
across the Union (NIS Directive).
[i.13] AIOTI WG03 Release 4.0, 2018: "High Level Architecture (HLA)".
NOTE: Available at https://aioti.eu/wp-content/uploads/2018/06/AIOTI-HLA-R4.0.7.1-Final.pdf.
[i.14] ETSI TS 118 112: "oneM2M; Base Ontology (oneM2M TS-0012)".
[i.15] GDPR & Public Safety, EENA and Bird & Bird, August 2019.
NOTE: Available at https://eena.org/document/gdpr-public-safety/.
[i.16] ISO/IEC 29147: "Vulnerability Disclosure".
[i.17] ETSI TS 103 645: "CYBER; Cyber Security for Consumer Internet of Things".
[i.18] Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on
ENISA (the European Union Agency for Cybersecurity) and on information and communications
technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity
Act).
[i.19] ETSI TS 118 103: "oneM2M; Security Solutions (oneM2M TS-003)".
[i.20] "Privacy Code of Conduct on mobile health apps".
NOTE: Available at https://ec.europa.eu/digital-single-market/en/privacy-code-conduct-mobile-health-apps.
[i.21] ETSI TR 103 305 (all parts): "CYBER; Critical Security Controls for Effective Cyber Defence".
[i.22] ETSI EN 303 645: "CYBER; Cyber Security for Consumer Internet of Things".
[i.23] ISO/IEC 27000:2018: "Information technology -- Security techniques -- Information security
management systems".
[i.24] BS 10012:2017: "Data protection - Specification for a personal information management system".
3 Definition of terms, symbols and abbreviations
3.1 Terms
For the purposes of the present document, the following terms apply:
denial of service type attacks: cyber-attack in which the perpetrator seeks to make a machine or network resource
unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet
ETSI

---------------------- Page: 9 ----------------------
10 ETSI SR 003 680 V1.1.1 (2020-03)
3.2 Symbols
Void.
3.3 Abbreviations
For the purposes of the present document, the following abbreviations apply:
AI Artificial Intelligence
AIOTI Alliance for the Internet of Things Innovation
API Application Programming Interface
BMS Building Management System
CCTV Closed Circuit Television
CEO Chief Executive Officer
CTI Centre for Testing and Interoperability
CTO Chief Technical Officer
CXO Chief eXperience Officer
DCMS Department of Culture, Media and Sport (a UK Government body)
ECSO European Cyber Security Organization
ENISA European Network Information Security Agency
ER Emergency Room
ETSI European Telecommunications Standards Institute
EU European Union
GDPR General Data Protection Regulation
GSMA GSM Association (a trade body)
HMI Human Machine Interface
HVAC Heating, Ventilation, and Air Conditioning
ICT Information and Communications Technology
IEA International Energy Agency
IIoT Industrial IoT
IoT Internet of Things
IoT-EPI IoT-European Platforms Initiative
JSON Java Script Object Notation
NIS Network Information Security
NIST National Institute of Standards and Technology
OCF Open Connectivity Foundation
PoC Proof-of-Concepts
PPM oneM2M Privacy Policy
...