<McCool> all: we are starting about 10m late, Kaz and Matthias were delayed (they are here now, setting up)
<McCool> also, quick note that schedule will be a little reorganized so we can end by 3:00; Marketing to start at 13:30 followed immediately by "Next Meetings" discussion
<inserted> scribenick: kaz
mm: [Initial version of Threat
Model]
... [Threat Model]
... stakeholders, roles, assets, adversalies, attack surfaces,
threats, use cases, security objectives/non-objectives
... attack surfaces
... we have an opensource implementation
... hierarchy of trust
... different levels of trust
... [External References and Standards]
... if any ideas, please create an issue on GitHub
... External references
... industrial internet consortium security framework
... IETF ACE, RFC 7252 (CoAP) security model, RFC 3552, RFC
6973, STRIDE Threat Model, OWASP IoT Attack Vectors, IoT
Security Foundation, FIPS and other national standards
... Liaison references
... OCF 1.0 Security spec
... oneM2M security solutions, OPC, Echonet, BACnet
kaji: can we add even more references?
mm: see pullrequest 319
kaji: emotion technology
consortium
... btw, what would be the concrete methodology for the
security discussion?
mm: shows [Process]
... opensource implementation
... also clarifying requirements
... 1. threat model, 2. scoping, 3. state-of-art, 4. solutions,
5. implementation and evaluation
nimura: regarding attack surfaces
mm: protocol bindings execution boundary
nimura: distributed way
... with multiple WoT servients
mm: multiple instances and
bridges
... should clarify what would be in-scope and what would be
out-of-scope
dsr: single system here
mm: WoT is basically a
bridge
... very important to be secure
nimura: use cases?
mm: e.g., smart homes
... gateway as a firewall
kaz: the final deliverable would handle safety as well?
mm: mainly security and privacy but would see the charter
nimura: [WoT Stack]
... also [Role of scripting API]
... discussion on the management interface
... will update the rational document with the WoT stack
diagram as well
kaji: registration of the WoT
servient?
... possible need for a specific servient for management
purposes
nimura: shows the slide on synchronization
sk: TD core model, TD lifecycle,
semantic annotation in JSON Schema, ...
... [Set this TD Model as Baseline]
... shows the basic TD model and sample instances in different
formats
... JSON-LD vs JSON
... [TD Lifecycle]
kaji: proposed to introduce
additional operatons like "@remove" and "@include"
... to modify/update TDs over its life time
... collaboration with the JSON-LD team
dsr: similar topics for the API side as well
yz: dynamic modification or kind of static?
kaji: modify attributes
... e.g., when copy existing attributes, maybe don't need part
of them
... also variation of products like air conditioners
... basic template and various additional features based on
each product
... mainly thinking about lifecycle of products
dsr: possible live update
kaz: possibly update the OS or library weekly?
kaji: yes, so related to scripting as well
sk: [Missing Thing in JSON
Schema]
... long discussion
... keep collaboration with the JSON Schema team
... reuse JSON-LD keys such as @context and @type
... would ask Dave and Yongjing to join the discussion
... [TD Serialization]
... TD core model could be serialized using various
formats
... separation between text-based representation and binary
one
... maybe should select one default text rep and one default
binary rep
... but don't invent new serialization formats
... evaluation of binary versions (e.g., EXI4JSON, CBOR)
... how to evaluate?
... Daniel and Carsten are volunteering
yz we should support all the possible formats?
dsr: how to work with broader
communities?
... need to have a plan for that
dsr: relationshp between
interaction models and semantic models
... scarable approach based on commercial reality
... need for bridging ontologies
... valuable discussion and working on a plan for a roadmap
with clearly defined short term goals
sk: TD related to the semantic model
mm: bridging multiple
standards
... mapping of concepts for transformation
dsr: don't think there could be a single mapping
mm: model for some given
standard
... maybe need for an abstract model for IoT
sk: motivation of this mapping?
dsr: different vendors may have
different models
... need to allow bridging different models
mm: there are ontologies out
there
... could have a common ontology and mapping to that
yz: the mapping itself is not in our scope?
sk: this TF is working on that
dsr: this is a TF of the IG
side
... not for the standard work
mm: we should have some concrete
example
... possible output is about what should be added to TD
dsr: slides available from the agenda wiki
kaz: related to the discussion on
TD vs protocol binding
... TD should handle abstract semantics and protocol binding
should handle concrete information on the device level
mm: but the separation is not that simple
rm: [WoT Servient
architecture]
... 2 types of applications
... [Discovery and Provisioning fro device]
... [Example diagram for sever-client]
... one servient on the gateway
... and another servient on the cloud side
... [Device registered to master repository]
... will continue the discussion and clarify the
requirements
yz: thought we had 2
approaches
... will support both?
rm: yes
[ morning break ]
<dsr> We also need to consider peer to peer approaches for fully distributed repositories which can offer greater security, e.g. against denial of service attacks.
<dsr> scribenick: dsr
Michael McCool as the session lead.
(slides to be uploaded later)
Outline: discuss process and goals, gather/brainstorm, prioritize, derive requirements and incorporate into our plan. An example is the security objectives.
The goals: use cases as a basis for justifying specification design choices
Use cases for mindshare and building a concrete understanding, e.g. as a basis for recruiting new companies to help with work on standards
This needs concrete and compelling examples.
To drive requirements and test cases we need a range of use cases.
There are two broad axes: one is technical and the other the application domain
On the technical axis: simple use cases to explore the data types, interactions and architecture
Complex test cases to test boundaries including pathological cases
Distributed use cases, multi-device use cases, lifecycle use cases, different audiences, etc.
Including real time and streaming.
Example contexts: application domains such as smart Home, smart Building, smart *
We need examples that explore the use of contextual information richer semantics.
Other dimensions: simple to complex, local to global, trusted to untrusted, number of devices, number of ecosystems, asynchronous (deliver whenever) vs Synchronous real-time delivery
Lossy vs guaranteed (transactional)
My expectation is that we should start at the easy end of this multidimensional space and then expand along some key dimensions.
Issues to test: dependency chains, distributed race condiitions, translation of information, and possible loss of meaning and capabilities.
Performance and so forth.
For the smart home: connection of personal devices owned by a family (need to develop personae)
Some devices installed in house, some owned by family some by individual family members.
Assume that there is a firewall with a wifi network, and a gateway/hub that has capability for computation and storage, e.g. acting as a bridge and small services.
Some scenarios: onboarding a new device, controlling a single device, services coordinating multiple devices from different ecosystems, family member moving to new household, visiting guest need access to a subset of devices
Yesterday, Barry talked about some interest scenarios we should look at.
For smart cities: a constellation of smart buildings as well as city infrastructure.
System integrator that combines systems from different manufacturers.
Need for large scale monitoring and maintenance
etc.
The smart factory context involves a combination of IT and OT (operational technology), including strict requirements in respect to safety, reliability and so forth.
The need to address brownfield systems, pre-IoT OT systems.
The need to enable data driven decision monitoring of devices and processes.
More background available from the Industrial internet consortium.
Barry: we could take forever to think about use cases. It would be a good idea to constrain this by considering how use cases change what we think.
Is our goal to list the use cases on the website for internal use or do we want to publish them for external consumption?
Michael: we already have several external bodies working on use cases, perhaps we can leverage these?
Dave: I see a need for a small set of polished use cases for marketing materials in addition to those we use internally for technical guidance.
Michael: we need to decide on our key values and how we can show and explain these to others.
Barry: having simulated devices can be really valuable for ease of demonstrations
Michael: the benefits need to be really clear.
Sebastian: use cases can help with design choices in the architecture, e.g. thing to thing, thing to cloud
I think we can look at smart city use cases from the BigIoT EU project
This includes some automotive use cases.
Michael: we’re trying to enable larger ecosystems that span multiple standards
Smart cities could be fruitful in that regard
Kajimoto-san: what guidelines should we adopt for describing use cases, e.g. the granularity
Sebastian: in the early work of the Interest Group, we rapidly switched to focusing on atomic use cases.
Uday: we should consider use case scenarios involving a handover of domains
e.g. home, workplace and city
Importance of focus and prioritisation
Michael: perhaps we could survey existing use cases and identify a taxonomy
So an action on studying existing use case collections and identify use cases where the web of things would add value.
Another action is to take our key value(s) and brainstorm some example use cases that demonstrate it, and then build the corresponding demos.
<mkovatsc> http://w3c.github.io/wot/wot-ucr.html
<mkovatsc> https://github.com/w3c/wot/tree/master/ucr-doc
Dave: one idea is to make simulated deviced available by our member companies for use in demonstrating the power of the Web of things across ecosystems.
Michael: we could also support online information on how to download and install demos, e.g. onto a Raspberry Pi.
Likewise, we could make it easy for people to download and run simulations.
Some companies could offer evaluation kits
We could collect, maintain and publish a large collection of use cases — however that would be a lot of work.
Kaz: do we want to have an internal collaboration within W3C, e.g. across groups with demos at TPAC?
Michael: yes, e.g. with the automotive and sensor group.
Dave: how about some short term goals?
Michael: yes, we should soon decide on what is and what isn’t in scope.
I would like to assemble a list of references to IoT use case collections
Secondly to work on the marketing needs
For security, we will need to describe what we’re looking for from use cases.
Michael: any volunteers for driving the collection of references for use case collections?
Kajimoto-san: I have some use cases I can offer to the group for consideration
Michael: we should aim to work top down rather than bottom up, so that can ensure that we’re efficiently addressing our goals.
I will put this up on Github and we can use the issue tracker to work on it.
scribe: . we break for lunch ….
<inserted> scribenick: kaz
mk: [Change for 2018?]
... issue: little time between f2f meetings
... slow progress in PlugFest implementations
... still very little at f2f time for TFs
mm: security input
mk: no other comments?
(none)
mk: would go for this
... proposal only 3 f2f meetings in 2018
... and having regional+online
... [Dusseldorf f2f 9-13 July 2017]
uday: give explanation
uday: airport concress
center
... accommodation details to be followed
... f2f wiki will be created shortly
mk: deadline for registration?
uday: not decided yet
mm: need deadline for logistics (food, party, etc.)
mk: hosted by RWE/Lemonbeat
... 9-13 July
... 2months to work
... todos:
... populate wiki: hotel list, collect topics
... block rooms in nearest hotel
... open registration (Kaz to help)
mm: network connection (cable, wifi)
uday: looking into that
mk: check network infrastructure
of the venue
... usually I bring a wifi router
... got inquiry from possible attendees for OpenDay
uday: when would be the
OpenDay?
... possibly Sunday for PlugFest preparation and PlugFest on
Monday
mk: good to have demos on OpenDay as well
uday: half day on Sunday (afternoon) for preparation?
mk: yeah, don't want to work the
whole Sunday
... btw, there will be the IRTF T2T meeting in Plague next
week
... 9-13 July (Sun-Thu; Sat-Fri IETF in Plague)
... [F2F Meeting November 2017: Burlingame, CA, USA]
... TPAC 2017
... 6-10 November 2017
... 4 months to work
... plugfest preparation: open space or room on Sunday
... plugfest: request full-day room or at least 3 hours on
Wed.
... plan observers/groups to meet
kaz: will talk within the W3C
Team
... about the PlugFest planning
mk: joint meetings?
kaz: automotive, DAS, TV,
etc.
... will contact Chairs of those groups
mk: accept observers?
kaz: yes
mk: [F2F eeting spring
2018]
... in US?
... collocated with security conf?
...
internetsociety.org/events/ndss-symposium/ndss-symposium-2017:
San Diego, 18-21 Feb.
... ieee-security.org/TC/SP2017/index.ml: San Jose May)
... look at calendars
... IETF: London, UK, 18-23 March 2018
... OCF? oneM2M?
... todos:
... organize academic conf workshop (with T2TRG)
... will discuss in Chairs call
... good to have the ndss symposium as a fallback if we fail
the possible workshop
... [F2F Meeting Summer 2018]
... Asia?
<inserted> @@@missing log to be added@@@
<inserted> scribenick: taki
YZ: I would like to contribute
OneM2M binding to TD.
... Examples are in JSON formats.
MM: More people need to be
involved from those organizations.
... What is the key message about our value.
... showing "messages" from 5/17 minutes...
... How can we evaluate good message?
... Who we are targeting... Decision makers. ( business
person).
... We are not targeting consumers.
... Trying to connect audio...
... Testing, testing tesing...
... Criteria about message.
... I listed goals. Give meesages to audience.
... They have to agree with us.
... How thimgs are differemt.
... They have to engage with us.
... Messages must be simple.
<naomi> +1 > must be simple
MM: It is all about simple
message, and repeat again.
... no jargon.
... You want to target one level lower.
... avoid confusing words. data model.
... for example.
SK: JSON, XML are also maybe confusing.
MM: You want to communicate
concepts people already know.
... Key message. One key idea. Whats the one thing?
... I looked through. Key ideas.
... I saw Interoperability between multiple standards...
MM is going through the list "key value cadidates" in the slide...
MM: Expand eco-system....
... Not crisp enough. We still have time. In Github, I can
upload.
... I can create pull request.
... It is gonna be public, we have to be careful. can make
private.
... As far as further discussion. Web presence.
... reinforces message, is important.
... Web presence and presentation, should be nice clean.
... Communication meeting. I try to get presentation
template.
... Simple, practical template is what we need/
Matthias: When do we get good
example?
... When do we get it applied?
MM: This is difficult.
... I have been doing two months.
... We need some more proposals.
... By next meeting, less than a meeting, let's prepare for a
proposal.
Matthias: We need to allocate time, or hire marketing people.
MM: We could try to ask for intel marketing people help.
Matthias: Let's make a good concrete plan.
MM: This is all on record, let's continue.
Matthias: We use various content
management.
... Dashboard in WG page.
... So much text.
<kaz> WoT landing page
Matthias: It has to be concise.
MM: Content system is one
reason.
... We need to make some good proposal.
... Make sure the very first thing in each page points to this
page.
Matthias: We can even use static
system...
... We need simple landing page.
... People should be able to be focused.
... Kaz, can we change content management system on WG landing
page?
<kaz> WoT WG page (managed on GitHub)
Matthias: This is not good for
marketing... Three pages has inconsistent information...
... As fast as possible, correct structure.
MM: Landing page, someone is maintaining upcoming pages...
Matthias: Sometimes not updating.
Kaz: I will talk to W3C comm team.
Matthias: We could open issue in github IG space.
<kaz> ACTION: Kaz to talk with the W3C Comm Team about the landing page [recorded in http://www.w3.org/2017/05/19-wot-minutes.html#action01]
<trackbot> Created ACTION-105 - Talk with the w3c comm team about the landing page [on Kazuyuki Ashimura - due 2017-05-26].
Matthias: Or, do we need steering team?
MM: every month, we used to have WoT Comm TF calls.
<kaz> WoT WG repo
Matthias: It is now part of main call.
MM: yingying, naomi should be
part of the discussion.
... We can find out where information on page is coming
from.
... We can also poll.
... Remove page? Redirect better?
... Change content management, etc.
Matthias: Dave had opinion before. But he already left today...
DP: I had similar question
several weeks ago. Dave said content is sometimes duplicated
with multiple pages. It is difficult to maintain.
... We may want to converge them together.
MM: Let's separate out what we
want.
... Having a single page, clear messaging.
... Let's get a meeting with marketing people.
Matthias: We need something
concrete as a result.
... We need to check whether it complies with W3C policy.
MM: WoT, WoT IG, WoT WG, same look and feel is an objective.
Matthias: What are we telling
people.
... and design page accordingly.
MM: Get organization done.
... Then content.
Matthias: Let's see if there is
any objection.
... With regards to policy.
MM: We wanna say clearly and concisely what's our value.
Matthias: Can Daniel help?
DP: Sure.
Matthias: can't hear, naomi
<naomi> sorry to say this but w3c does't accept members directly to modify, write, update w3c pages so I'd like to collect your "raw" voices to reflect to our marketing materials. I don't recall marcomm had a place to hear voices from groups in the past.
Kaz: W3C doesn't allow members
directly update these pages.
... Naomi-san says.
... Yingying and Dave are organizing TF. TF and comm team
should work together. would like to talk with the W3C Comm
Team.
MM: I want comm team active on this.
Matthias: concise, consistent
messages will stay stable.
... can naomi apply radical changes?
<naomi> Matthias, we'll change
<naomi> with hearing your inputs
Matthias: comm team can make private changes.
<naomi> exactly
Matthias: It also works.
... We will contact you guys.
<naomi> thanks Matthias!
Matthias: then please tell us what's allowed and what's not.
<naomi> wot groups++
Kajimoto-san: thank you very much
for cobtribution.
... Dusseldorf meeting is coming shortly.
... Let's prepare quickly.
... I hope you guys can go home safely, and enjoyed here.
... If you have a chance, it is good chance to go to Osaka
castle.
... Ohsumi-san also suggested to visit Kyoto.
Sebastian: I really enjoyed the
week.
... Very organized. Thank you for great food.
Uday: It was so such delicious
food.
... Thank you for hosting.
Kajimoto-san: Thank you.
<kaz> [ Osaka f2f meeting ends ]
This is scribe.perl Revision: 1.152 of Date: 2017/02/06 11:04:15 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: Irssi_ISO8601_Log_Text_Format (score 1.00) Succeeded: s/Echonent/Echonet, BACnet/ Succeeded: s/summary/summary - Sebastian/ Succeeded: s/OS/OS or library/ Succeeded: s/exampl/example/ Succeeded: s/Indistrial/Industrial/ Succeeded: s/work/workplace/ Succeeded: s/automotive group/automotive and sensor group/ Succeeded: i/Initial version of/scribenick: kaz Succeeded: s/TV/TV, etc./ Succeeded: s/... F2F/[F2F/ Succeeded: i/Change for 2018?/scribenick: kaz Succeeded: i/I would like to/@@@missing log to be added@@@ Succeeded: i/I would like to/scribenick: taki Succeeded: i/More people need to be/topic: Marketing and Outreach Succeeded: s|landing page|WoT landing page| Succeeded: s/maketing/marketing/ Succeeded: s/we have comm call/we used to have WoT Comm TF calls/ Succeeded: s/are part/should be part/ Succeeded: s/duplicated/duplicated with multiple pages/ Succeeded: s/simgle/single/ Succeeded: s/together./together. would like to talk with the W3C Comm Team./ Succeeded: s/Oosumi/Ohsumi/ Present: Michael_McCool WARNING: Fewer than 3 people found for Present list! Found ScribeNick: kaz Found ScribeNick: dsr Found ScribeNick: kaz Found ScribeNick: taki Inferring Scribes: kaz, dsr, taki Scribes: kaz, dsr, taki ScribeNicks: kaz, dsr, taki WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth WARNING: No date found! Assuming today. (Hint: Specify the W3C IRC log URL, and the date will be determined from that.) Or specify the date like this: <dbooth> Date: 12 Sep 2002 Guessing minutes URL: http://www.w3.org/2017/05/19-wot-minutes.html People with action items: kaz WARNING: IRC log location not specified! (You can ignore this warning if you do not want the generated minutes to contain a link to the original IRC log.)[End of scribe.perl diagnostic output]