1
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Build "Privacy by design" Webthings
With IoT.js on TizenRT and more
#MozFest, Privacy and Security track
Ravensbourne University, London UK <2018-10-27>
Philippe Coval <p.coval@samsung.com>
Samsung Open Source Group / SRUK

2
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Hello world, $who am I ?
● Philippe Coval
– Samsung Software engineer
● belongs to OpenSource Group
● member of SRUK team
– based in Rennes, France
● Interests:
– Libre Soft/Hard/ware communities
– Embedded, IoT, Web, DIY…
● Need help? Find me online:
– https://wiki.tizen.org/wiki/User:Pcoval

3
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Agenda
● Context:
– IoT status, Privacy matters !
– Motivations for Web of Thing
● Mozilla Webthings framework
● Constrainted IoT devices
– With Javascript !
– using webthing-iotjs !
● Demos & Hands on session
● To be continued:
– @ MozIoT booth
– Privacy+Security space
● Level 9
– Online:
● irc://irc.mozilla.org/#iot

4
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
IoT status
● The Internet of Things is a system of physical objects
– that can be discovered, monitored, controlled,
– or interacted with by electronic devices
– that communicate over various networking interfaces
● and eventually can be connected to the wider Internet.
● Addresses many domains:
– Health, Agriculture, Transport, Cities, Industry
● Critical in many cases: Need to Secure & Privacy Proof

5
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Privacy is about Trust and Control
● Ownership of personal data
– Shared, Transferred, Revoked, Logged, Retrieved and DELETED
● depend on time and context
● Services operators should comply regulations:
– EU: General Data Protection Regulation (GDPR 2018)
● Risk to privacy in the IoT is HIGH!!!
● “Privacy by design” opportunities
– Prevent data collection in first place→Keep data local if possible
● Limit usage of cloud, apps or “captive models”
– New security challenges (Decentralize, reduce surface of attacks)

6
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Motivations for Open Web Of Things
● Open web platform promises:
– Security (isolation in browser)
– Enhanced privacy (DNT)
● Security is not same as Privacy !
● Think decentralized !
– may be harder to secure
● But more resilient
– Edge: Computation on nodes
● Web of Things (WoT)
– An application layer for IoT
– with interoperability
– Specification work by W3C
– And FLOSS implementations

7
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Project
Things
by

8
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Mozilla’s IoT Project Things Overview
● Framework of software/services
– for connecting "things" to the web
● Things Model: Semantic to describe properties
● WebThings: provide Http(s) REST API
● Gateway to connect WebThings
– Rule engine and nice Web UI (PWA)
● Cloud: Remote access facilities

9
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
W3C WebThing model & Thing Description
● Models complies to W3C schemas served on HTTP
– using Javascript, C/C++, Rust, Python, uPython etc…
● Actuator example: RGB Lamp (webthing-ardiuno/example)
curl http://esp8266.local
[{"name":"Dimmable Color Light", "type":"dimmableColorLight",
"href":"/things/dimmable-color-light",
"properties":{"on":{"type":"boolean", "href":
"/things/dimmable-color-light/properties/on"},
"level":{"type":"number", "href":
"/things/dimmable-color-light/properties/level"},
"color":{"type":"string", "href":
"/things/dimmable-color-light/properties/color"}}
}]
Names
= endpoints

10
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Mozilla IoT gateway
● Purpose:
– Connect all webthings in a LOCAL network
– Provides GUI: Progressive web app
● to monitor and control things
– Create Users and Access control using JWT
– Optional remote control using mozilla’s proxy
● GNU/Linux Support:
– Download Reference RaspberryPi image (2, 3)
– Port to ARTIK5 or ARTIK7 (ARMv7) use node-10 or docker container
– https://github.com/rzr/webthing-iotjs/wiki/Gateway

11
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Sharing flow between owner and user
● Owner setup gateway (connect lamp):
– create and allow user(s) to control thing
● User login to GW using OAuth (JWT issued)
gateway="https://sosg.mozilla-iot.org" or "gateway.local"
thing="things/http---esp8266.local-things-dimmable-color-lamp"
property="properties/color"
curl "$gateway/$thing/$property"
-H "$auth"
-H 'Accept: application/json' {"color":"#ffff6f"}
← Or use alternative app: webthings-webapp:
Tizen or Android/SamsungInternet (PWA)

12
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Gateway is extensible using add-ons
● Support other protocols: ZigBee...
● Start with virtual things adapter
– Usage: “Burger menu” / Settings / Addons / “Virtual Things” Add
●
Contrib: Generic sensors
– Abstractions of I2C drivers/modules:
● Temperature, AmbientLight …
– plugged on gateway’s device
● Today we’ll use “Thing URL” Adapter
– to connect webthings using HTTP URL

13
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Every project has challenges,
and every project has its rewards.
~Stephen Schwartz

14
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
IoT Problems and Solutions
● Constrained IoT devices:
– Cloud connected
● Privacy issues
– Easy to prototype:
● Arduino
– Harder to deploy at scale
● Limited on resources
● Native development
– on many RTOS
● Few experts developers
● Technical strategies:
– Edge computing
● Data stay on nodes or in LAN
– Abstraction with high level API
● Port runtimes not apps code
– Portability and standards
● Script languages for MCU
– JavaScript, Python, LUA…
● Target existing developers base

15
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
JavaScript: Language of the Web for IoT ?
● JavaScript is everywhere!
– Many web developers → Many application developers
– Easy leaning curve, Faster and Lower cost of development:
● Standardized and established communities:
– is the leading JavaScript runtime (based on V8 engine)
– NPM repo over 500K modules
● JS Interpreter can fit even into constrained devices
– Few embedded devs to focus more on platforms than apps
– Can run on even low end devices using JerryScript
● (RAM:64K+ROM:200K) Integrated in IoT.js, Zephyr.js, Tizen:RT
"Any application
that can be written in
JavaScript,
will eventually be
written in JavaScript"
~Jeff Atwood

16
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Tizen:RT extends Tizen ecosystem
● Tizen
– Is based on Linux Kernel
– Shipped into
● High end consumer electronics
– Mobile, TV, Wearables etc
– Open to developers
● Native, C/C++ (EFL)
● HTML5
● DotNet
● TizenRT
– Is based on NuttX Kernel
● for constrained devices:
– Ie: Cortex M3 (RAM=30KB Flash=512KB)
– For low end IoT devices:
● Open APIs (C, JavaScript)
● Connectivity
● Reliability
● Security
– Support:
● Qemu, ARTIK05x

17
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
WebThing-IoT.js to power WebThings on IoT.js
● IoT.js runtime is powered by JerryScript
– Features: GPIO, I2C, https and more
– Prototype on GNU/Linux Debian derived OS
– Deploy to constrained device: 05x on RT
● Webthing-iotjs is a fork of webthing-node for IoT.js
– Continuously rebasing to align
– Limitations: ES5.1, and some parts removed:
● mDNS, Websockets (actions, events)…
– https://github.com/rzr/webthing-iotjs/wiki

18
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
050X board as WebThing
● Running:
– TizenRT
– IoT.js
– Webthing-iotjs
● Actuators
– LEDs (GPIO)
● Sensors
– Button (GPIO)
– Analog (ADC)

19 https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
“Any sufficiently
advanced technology
is indistinguishable
from magic.”
~ Arthur C. Clarke

20
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Web of Things Smart Agriculture Demo
https://youtu.be/qrFTn0eA8iQ

21
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
“The secret of getting ahead
is getting started.”
~ Mark Twain

22
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Mission’s plan
● Create a webthing
– it will be an Actuator
● That post to notification through social network
– ActivityPub: adding social features without scarifying privacy
– using IoT.js (or node)
● Connect to some gateway
● Establish a rule to trigger an action

23
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Installing IoT.js runtime for webthings
https://github.com/rzr/webthing-iotjs/wiki/IotJs
● Install for Raspberry Pi 0+
– download snapshot .deb package
– https://dl.bintray.com/rzr/
● Rebuild for OS/Hardware:
– https://github.com/Samsung/iotjs/
● Write hello world & run it:
Hello IoT.js
{
"env": { //...
"IOTJS_ENV": "",
"IOTJS_EXTRA_MODULE_PATH":""
},
"builtin_modules": { //...
"platform": "linux", (...) }
"iotjs": {
"board": ""
},
"argv": [
"iotjs",
"demo.js"
],
// (...)
}
● cat demo.js
console.log(“Hello IoT.js”)
console.log(process)
● iotjs demo.js

24
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Try webthing-iotjs’s simplest actuator:
https://github.com/rzr/webthing-iotjs/wiki
● Download, simulate On/Off actuator example:
– git clone https://github.com/rzr/webthing-iotjs
– iotjs example/simplest-thing.js [port]
● Test it using HTTP client in other terminal →
– Root endpoint is thing description
● Lists all resources' properties
– REST API to Get or Set property
● curl
-H 'Content-Type: application/json'
http://localhost:8888
● curl
-H 'Content-Type: application/json'
http://localhost:8888/properties/on
{"on":false}
● curl -X PUT
-H 'Content-Type: application/json'
--data '{"on":true}'
http://localhost:8888/properties/on
{"on":true}

25
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
From IoT to Social Web using ActivityPub
https://github.com/rzr/webthing-iotjs/wiki/Social
● ActivityPub is an open, decentralized social networking protocol
– Heritage from GNUSocial/StatusNet, Diaspora, Ostatus to Standard (2018)
● Join Mastodon network
– 1st create a user account if you don’t use it yet:
● https://mastodon.social (or any decentralized instance)
– Test it by sending a “toot” from web: “ping @TizenHelper about #WebThingIotJs”
– Create app: https://mastodon.social/settings/applications
● New Application/ name=”webthing-iotjs” / Submit
● Then click on page and note “Your access token”

26
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
git clone https://github.com/rzr/mastodon-lite
make -C mastodon-lite run
error: TODO: edit configuration file ~/.mastodon-lite.json
"access_token": "[TODO: Update with app token …]" ...
Example: Using IoT.js’ HTTP module
● Download and configure credentials in client:
● Post message manually:
cd mastodon-lite && iotjs example/index.js
"Hi @TizenHelper from #Iotjs"
● Run a webthing server to post on property update:
– make -C example/webthing run
– curl -H "Content-Type: application/json"
-X PUT --data
'{"message":
"#WebThingIotJs is working @TizenHelper" }'
http://localhost:8888/properties/message

27
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Minimal code using highlevel APIs
var thing = new Thing('MastodonActuator',['String']);
thing.addProperty(
new Property(thing, 'message',
new Value('#WebThingIotJs Hello',
function(value {mastodon.post(String(value));}),
{label: 'Message', type: 'string'}
);
var server = new WebThingServer(new
SingleThing(thing));
server.start();
Name
Type

28
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Setting up Mozilla IoT gateway
https://github.com/rzr/webthing-iotjs/wiki/Gateway
● Instructions:
– https://iot.mozilla.org/gateway/
● Short cut:
– git clone https://github.com/mozilla-iot/gateway
– cat README.md
– npm install && npm start
– Browse http://localhost:8080
● ARTIK710 port using node10 or docker (WIP)

29
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Connecting things to gateway
https://github.com/rzr/webthing-iotjs/wiki
● Setup gateway
– skip optional steps
● Log in, explore burger menu
● Settings/ Add-ons / +:
– Install some add-ons:
● Virtual Things (to simulate)
● Web Thing (to add by URL)
● Go back “Things” page
– (first entry in the menu):
● Start adding “things”
– press the bottom + button
– Virtual On/Off Switch, ...
● Save, Done (bottom)

30
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Rule engine for Things' behavior
https://github.com/rzr/webthing-iotjs/wiki
● Connect your webthing example
– +, Add by URL:
http://localhost:8888
● (Or your IP:PORT)
● Submit, (Rename), Save, Done
● Add rule (+)
– Place:
● Sensor(s)
● Actuator(s)
– Link properties:
● Example rule:
– If
● Virtual On/Off Switch
– is on,
– set
● MastodonActuator's
– message to
● “#WebThingsIotJs rule
triggered ! ping
@TizenHelper”
Sensor

31
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Summary: Open Web matters for IoT !
● Open Web of Things: to link WWW to physical world
● Mozilla Things framework to connect devices in LAN
● Privacy Is about user's data control of flows
● Javascript aims to reduce integration complexity
● Try webthing-iotjs on GNU/Linux or TizenRT !
● Support & comply to W3C standards, contribute to FLOSS

32
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Resources
● Entry points:
– https://github.com/MozillaFestival/mozfest-program-2018/issues/690
– https://www.w3.org/WoT/
– https://iot.mozilla.org/
● More:
– https://youtu.be/0AAhghY2fpM?t=2448
– https://webofthings.org/
– https://www.w3.org/TR/activitypub/
● Keep in touch online:
– https://social.samsunginter.net/@rzr
– https://s-opensource.org/author/philcovalsamsungcom/
– https://wiki.tizen.org/wiki/Meeting
– https://www.slideshare.net/samsungosg
Resources: flaticons CC
Bonus tip:
for demo convenience
I am drafting demo recipes (WIP)
git clone https://github.com/rzr/TizenRT

33
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Questions or Extras ?
https://wiki.tizen.org/User:Pcoval
(Ask now or later online)

34
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Physical world and Input/Output
https://github.com/rzr/webthing-iotjs/wiki/Sensor
● Analog: Measured phenomena
– Physics, Chemicals, Probabilities
● Digital→Several bits (On/Off)
● Analog↔Digital conversion
– Quantification
● Time matters
– Periodic (frequencies)
● Sensors and actuators
● I/O Pins
– GPIO: General Input (or) Output
● Numeric: 3.3v = 1 , 0v = 0
●
Used for input: buttons, switch
– or output: relay, LED, lights
– PWM: Pulse width modulation
●
Pulse signal (frequency)
●
Used for buzzer, motors, dimmed LED
– UART: Universal Asynchronous Receiver Transmitter
● Serial line: Send (TX) / Receive (RX) data
●
Speed in baud (bit per second)
● Used for console, modems, peripheral MCU
– I2C & SPI buses
● Used for chips (ADC/DAC, sensors, memory)

35
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Generic Sensors addon adapter (I2C)
https://youtu.be/4haKrPetGmg#mozilla-iot-gateway-sensors-20180406rzr
● mozilla-iot-gateway-sensors-20180406rzr
● https://youtu.be/4haKrPetGmg

36
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
WebThings Web App (Tizen & PWA)
https://youtu.be/vzoUJ-v5h38#webthing-esp8266-webapp-20180602rzr
https://youtu.be/vzoUJ-v5h
38#webthing-esp8266-webapp
-20180602rzr

37
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Webthings using IoT.js
https://youtu.be/AUae_45uxNA#webthing-iotjs-20180621rzr

38
https://social.samsunginter.net/@rzrSamsung Open Source Group 2018
Thanks !
Resources:
Flaticons CC,
PixBay.com