Case Study – Home Automation

Introduction

Home Network Setup


A typical home will have following components :

  • Modem
  • Home gateway / Router
  • PC & Printer
  • Mobiles & Tablets
  • Smart devices (lights / multi-sensors / door locks / switches / web-cams …)
  • STB / Smart TVs
  • NAS (Network attached storage)

What prevents home automation from going viral?


  • Cost & Upgrades
    • Prohibitive costs and a lack of upgrades
  • Energy efficiency
    • Extra energy overhead of “automation”
  • Home Network security
    • Hackers snooping on the network, taking control of home devices or viewing footage from web cams
  • Stability & Reliability
    • Software creates additional vulnerabilities
    • The technology is still evolving, and many components are not tested for security
    • Faulty smart locks could unintentionally open doors
    • Poorly secured smart lights could be controlled by attackers outside the home
  • Secure Remote access
    • Enabling easy remote access to the home network can also make it easier for hackers to gain access to the home network
  • Interoperability
    • Each supplier providing it’s own smart remotes and protocols. There is a need for simpler, unified controls

Proposed Solution (Open Source)


Hardware

  • Raspberry Pi3 :
    • Cost effective yet powerful hardware

Software

  • OpenWrt / LEDE
    • Open source router software distribution
  • OpenHAB / Home Assistant
    • Smart home automation (Smart home appliances) – protocol independent bindings
    • MythTV
    • Streaming Back-end
  • KODI
    • Home media
    • Streaming Front-end

Addressing the Main Concerns


  • Cost & Upgrades
    • Use cheap controllers (e.g. RPi3), and open source software solutions.
    • Upgrades (e.g. Kernel updates) will be supplier dependent
  • Energy efficiency
    • Less power consuming hardware (RPi3 ~ 5 watts), stable software
  • Home Network security
    • Routers & Access control software (e.g. OpenWrt)
  • Software bugs
    • Use stable and tested releases
  • Stability & Reliability
    • Reliable software and hardware
  • Secure Remote access
    • Secure home using high grade VPN (e.g. StrongSwan / IPSec)
  • Interoperability
    • Protocol independent smart controllers (OpenHAB / Home Assistant)
    • KODI / MythTV for streaming solutions.

Good, but we still have issues


  • Software bugs
    • Kernel bugs & vulnerabilities can compromise the system
  • Secure Remote Access
    • VPN solutions for remote access are missing from many routers or are not securely implemented
  • Firmware updates
    • No standard framework for OTA results in the additional cost of working with small suppliers
    • Large Attack Surface
      • Single Attack surface means that once Linux is compromised the entire system is at risk
    • Monolithic proprietary architectures
      • Normally, hard to secure

Project Golden Gate to the rescue


  • Software Security
    • Proactive Protection hardens the OS from the outside. Using a type 1 hypervisor to “Ensure that the Golden Image stays Golden”
  • Secure Remote Access
    • Isolated, defense grade VPN made from Certified D4 Secure components allows secure remote access
  • Firmware updates
    • In-built, consistent, application independent solution solves tracking and updating firmware OTA.
  • Large Attack Surface
    • Reduce the attack surface by modularizing system components with virtualization
    • Data-at-rest protection for optional data encryption
  • Monolithic proprietary architectures
    • Modularity provided by multiple D4 and third-party existing software stacks, all on existing hardware platforms (vServices) with pre-plumbed connections.

Try It Today


Project Golden Gate reference implementation for Raspberry Pi3 is available for download

Check our download page

  • Currently supported UCs
    • OpenHAB (Home automation) + OpenWrt (router)
    • Home Assistant (Home Automation) + OpenWrt (router)
    • KODI Front end for video streaming
  • Coming Soon
    • NAS Support
    • MythTV Demo image
    • Support for additional hardware