IoT SIG Potential Work Items

	A	B	D	E	F	AC
1	Topic	Proposer	Application(s)	People with an interest in collaborating on topic / work item	Comments	Potential work item(s)
2	White paper - X509 vs DIDs/VCs	Michael Shea	X509s are well entrenched in many parts of the IoT sector. Over the past few years replacement of X509 certs with VCs has been promoted/presented as a better solution, but what 'better' means has remained fuzzy.	Damian Glover, Paul Grehan		To create a whitepaper outlining the existing X509 processes used in industry (eg energy, automotive), how they are issued, what they are issued for, how they are updated, how they are revoked and compare this to DIDs & VCs, how they are created, what used for, how updated, revoked, keys rotated. Define and outline the differences between the two technologies and identify the potential value differentiation areas.
3	IoT device management		Define a device lifecycle management framework that leverages Decentralized Identity capabilities, promotes cybersecurity and enables compliance with relevant requirements e.g. NIST encryption standards for small devices/ NCCoE guidelines.
4	CBOR for IoT Identity Devices	Paul Grehan	Keen to discuss leveraging CBOR for use in constrained environments, Gordian Envelope work looks interesting but CBOR in general seems to be the right fit for most smaller footprint devices that are purpose built for other primary functions (ie. not much CPU/memory or key space for DIDs/VCs)			Comment by InternazionaleMilano1908: By using CBOR, IoT devices can transmit and receive data more efficiently, which can help reduce data usage, improve performance, and reduce costs.
5	IoT device identity	Paul Grehan	Device lifecycle management	Damian Glover		Device lifecycle management framework that leverages Decentralized Identity capabilities, promotes cybersecurity and enables compliance with relevant requirements e.g. NIST encryption standards for small devices/ NCCoE guidelines
6	Verifiable sustainability claims	Damian Glover	Provenance / CO2 reporting	Damian Glover, Nicky Hickman, Michael Ford		Schema to express, request and present claims
7	Case Scenario: IoT+DID in agriculture	Mateus Sousa	The application of IoT in agriculture is not a new concept; however, there is an implicit challenge in tracking the product from its initial stage.			In this case scenario, we propose the adoption of decentralized identity in agriculture as a quality guarantee tool. To this aim, we defined a simple architecture that covers all the lifecycle of the product since its plantation to the final product. All in the information should be persisted in a decentralized infrastructure (e.g. blockchain).Challenges: Sensors communications must be secured. We suggest using DIDComm as a transport protocol. Each sensor must have an identity and be connected to its digital twins. Governance: product info must be signed by an well-known entity (e.g. FDA, USA or ANVISA, Brazil) TODO: include figure NOTE: this is a WIP (work in progress), therefore it may be partially or entirely changed
8	Search and adapt patterns / concepts from "people related" SSI concepts for IoT	Artur Philipp	Mediation Agents are used as "mailbox" for mobile agents / wallet apps, since an issuer / veryfier is not able to initiate a conversation with a mobile wallet (no public endpoint). Since a lot of IoT devices are not online / connected all the time, this concept seems to be a reusable pattern for IoT.	Nicky Hickman, Jimmy Dorsey	(Nicky) Also interesting to search human patterns for their relationships with IoT.
9	Use Case: Asset based carbon reporting	Michael Shea	To date much of the carbon reporting in the energy industry is based on modeled data. Model's have the many risks built into them and can be easily manipulated. Today asset data is collected manually or via spreadsheets and entered or uploaded into models. This has the double risk of fraud opportunities and significant cost due to the manual processes. As reporting requirements increase the current processes are no longer viable.	Damian Glover, Nicky Hickman, Michael Ford	(Nicky) Sub-set of Verifiable ESG Claims?	By packaging sensor data into a digital credential linked to the asset DID, and owning organization DID the risk of data on motion attacks would be significantly reduced. Comment from Paul Grehan: This is an interesting perspective as we struggle with data integrity versus data provenance, the "VW" issue. With asset certification we have relatively mature models to test/verify, pair this with VCs for lifecycle authenticity would capture both aspects potentially. Keen to help/contribute to this, it's not exactly what we are looking at but has the same core issues...
10	Interoperable digital twins / AI at the edge	Damian Glover	Enabling use of AI in secure environments e.g. high-tech manufacturing, pharma	Bruce Conrad, Michael Ford		There is a potential conflicting requirement on how the data comes off the sensor. Sensors in many industrial environments are connected by network transports other than HTTP, and these transports can impose severe constraints on packet size and transmission rates. W3C VCs in JSON-LD format are very large and not feasible for transmission in these environments, however the linked data model can provide real value in post processing of data.
11	Responsible AI	Kim Hamilton Duffy	Explore how decentralized identity techniques can help mitigate threats posed by LLMs such as deep fakes. Approaches relying on detection can result in an arms race; in contrast, decentralized identity techniques allow stronger infrastructure enabling trust by design, easy content authenticity detection, and more.
12	Digital twins for historical artifacts and artworks	Ivan Lambov	Similar to people in that they are unique, can be unambiguously identified, can't be copied and have extensive documentation associated with them which can be 'credentialized' and made discoverable using DID-based agents
13	Problem statement: devices are active vastly longer than many identity protocols	Phil Wolff	The power transformer on the utility pole outside my home has a planned life of 50+ years.		(Nicky) Sub-set of IoT Device Identity (Lifecycle management)	How can we help product engineers have confidence that the versions of identity protocols being installed in the 2020s will endure for decades?Which assumptions about the trust ecosystem technical and social stacks are fragile?And what can be done to increase the longevity of a device's identity capabilities even as the rest of the world continues to evolve rapidly?
14	Problem statement: We haven't defined Performant SSI for IoT	Phil Wolff	Can you shoehorn SSI into a device's tiny footprint? The TinyML community undertook this years' ago to squeeze machine learning models onto resource constrained devices.How small a footprint?We don't have measurements of the compute, memory, power, storage, or compute costs of each protocol-part in the trust stack.			Develop a model that product managers or product designers or developers can use to scope how much of the stack can fit, which bits to leave out, how to configure the remain bits to preserve resources, workarounds for what doesn't fit, etc.When extensions to SSI models are proposed, does anyone calculate the resource tax imposed on devices that use them and their connectivity?
15
16	Other		Please specify			Please specify
17
18
19
20
21
22
23
24
25			Are there lightweight versions of, say, DIDComm that would do the job well enough?
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100