Pictured DEMETER project coordinator, Kevin Doolin, Director of Innovation, TSSG
The international push for the digitisation of agriculture coupled with the emergence of the Precision Agriculture concept promises a paradigm shift across the entire agricultural supply chain, from farm to fork.
However, this fundamental change in how we manage everything ag comes with a number of significant security challenges, which we would be foolish to ignore.
In brief, Precision Agriculture relies heavily on embedding sensors and IoT technologies across the agricultural supply chain, coupled with introduction of new technologies such as drones/UAVs and remote sensors.
This enables data to be extracted, combined, inferred and analysed in an attempt to modernise and automate a substantial number of agriculture related activities, and to provide the farming community with a new set of tools, such as Decision Support Systems.
In broad terms, the introduction of technology to any economic ecosystem exposes that system to new security threats as fledgling innovations are released into the wild.
Consider the following examples:
- Data privacy can be impacted through the (un)intentional leakage of confidential information through decision support systems, mobile applications etc. Participants in the agri supply chain are open to having their data stolen / accessed through multiple technologies, many of which are currently not fully secure (e.g. one could imagine a farmer/factory/etc would not be happy to have their yield data leaked to competitors).
- The accidental / intentional publication of confidential information, such as market pricing/data of farmers/suppliers would destroy trust and cause significant customer loss.
- Automated UAVs/farm machinery will significantly help the farmer in their day to day activities. However, if these automated systems suffer from a hack, then their technological capabilities can quickly be turned to nefarious uses (for example, a hacker in one country could gain access to the camera capabilities of a UAV and in turn use that to capture land / geography / security data).
- Within the supply chain, reputation is everything. That reputation is built based on substantial data collected about supply chain stakeholders. Falsification of such data for malicious purposes has the potential to cause significant reputational data (e.g. by implying a farm has a disease outbreak, or by mis-representing the animal management practices of a producer).
- Perhaps more alarmingly, the introduction of false data to sensor networks through a hack could cause incorrect sensor data to be collected, meaning the automated farm would take incorrect actions, resulting in the possible ruination of crops and businesses. Similarly, denial of service attacks for critically timed machinery (specific automated machines need to be ready to go at certain crop-dependent times of the year. A malicious attack could disrupt this and cause machines to miss their planned window of operation. Worse still, a hack could cause automatic milking machines to malfunction and could result on loss of livestock.
The recently launched DEMETER project takes the above issues very seriously. DEMETER plans to tackle them from the outset, with its security/privacy-by-design ethos.
The DEMETER project will show how field and plant sensors, weather stations, monitoring and control devices and so much more will help support sustainable and safe farming and food production systems.
Through its multi-actor approach, the programme is also set to improve farmer wellbeing and generally support farmers in precision decision making.
The H2020 EU-funded, €17 million programme will involve 25 deployment sites, 6,000 farmers and over 38,000 devices and sensors being deployed, spanning 318,000 hectares in 18 countries, including Ireland.
It includes 60 partners and together, they will run 20 different pilot programmes across five agricultural sectors.
Demeter is the goddess of the harvest and presides over grains and the fertility of the earth and our project demonstrates TSSG’s and the project team’s strength as precision agriculture leaders in Europe.
DEMETER will demonstrate the real-life potential of advanced interoperability in the Internet of Things (IoT) technologies across the value chain in multiple agri-food operational environments, involving different production sectors, production systems and farm sizes.
DEMETER also displays how an integrated approach to business, behaviour and technology can support farmers and the sector.
It provides further opportunities, including new business models on the farm and in the wider agri-food economy, while also helping to safeguard Europe’s precious natural resources.
One of DEMETER’s core project objectives is to develop knowledge exchange mechanisms which enable interoperability between technologies from different vendors.
The benefit of this is to ease the deployment of novel solutions based on different platforms, sensors, information sources using the new information models developed in the project.
DEMETER will ease the uptake of future (not yet developed) services, data sources, technologies by farmers, thereby allowing the farmers and relevant other stakeholders to increase the range of choices for the most appropriate combination of tools from different suppliers in order to support their expected innovation, all the while limiting vendor lock-in.
This will require strict standardised security and privacy controls to be designed and developed from the outset.
The DEMETER project will implement a single point of entry through which innovators/farmers can access the technologies being developed.
This single, authenticated point of entry provides a strong enforcement of security and privacy. We also provide systems for policy-based access authorisation, meaning certain stakeholders gain access to certain sets or subsets of data from the various systems.
Beyond the user login aspects, DEMETER will also enable security through network level security frameworks and mechanisms (e.g. OAuth2).
More specifically DEMETER will provide a Lightweight Authentication, Authorization and Access control solution for Smart Agriculture based on IoT enabled Information Systems.
This includes a policy language to define which attributes (roles, identity, etc.) and credentials are requested to grant access to resources.
DEMETER includes a data handling policy language that defines how the requested data (attributes and credentials) are handled and passed on.
DEMETER will define a mechanism for interoperability of different authentication and authorization solutions provided by pilot platforms based on a bridge solution to third party elements to support interoperability in a lightweight federation-like approach.
The application of security and access control mechanisms in IoT must deal with strong requirements related to interoperability, flexibility and scalability.
As such, DEMETER will investigate models such as the Distributed Capability-based Access Control (DCapBAC) model, as a possible solution. DCapBAC provides a secure, flexible and efficient access control mechanism for IoT environments in a distributed scenario.
This solution will be integrated within the platform interoperability to provide a distributed and interoperable access and privacy control solution.
To preserve Privacy, DEMETER will integrate access control solutions based on standardised authorization frameworks.
Additionally, the project plans to integrate and develop new components that will facilitate the privacy-preservation based on a fine-grained access control without a lengthy user authorization process, and its integration with minimal disclosure technologies in order to provide an efficient framework for the IoT community of services.
This project is not just about integrating various systems to make something useful.
We have engaged the best and brightest from across the agricultural supply chain to ensure the solutions we build are fit for purpose.
From the outset, DEMETER will engage with all stakeholders to understand their needs and requirements from a security and privacy perspective.
Outputs of the DEMETER project will be extensively published and will be presented to various standards fora for standardisation.
Big names in world farming such as John Deere are on board and one of the core partners is the World Farmers Organisation.
In Ireland, a project on animal wellbeing involves Teagasc. Pilots will see tech experts working hand in hand with farmers and the wider agri industry in areas such as waste and energy management, precision machinery, healthy and high quality crops, livestock and animal health, supply chain robotics and interoperability and more.
An open call for interested farmers, technology solution providers and other interested parties will be launched next year. It will have a €1 million budget.
Written by Kevin Doolin for the Irish Examiner, September 2019