DAQ is a framework designed to test and operate IoT devices in an enterprise IoT environment. Nominally about device testing and qualification, Device Automated Qualification (DAQ), provides a means to automate many capabilities, resulting in a more manageable, robust, and secure platform.
Join the [email protected] email list for ongoing discussion about using DAQ for enterprise IoT devices.
There are several main categories of capabilities that DAQ addresses:
- Device automated qualification and testing: Testing the behavior of a device against established security and network standards. More details about the goals and objectives behind this can be found in the IEEE Computer article Taming the IoT: Operationalized Testing to Secure Connected Devices.
- Network security orchestration: Use standard SDN capabilities, such as the FAUCET OpenFlow controller, to orchestrate "microsegmentation" on the network for improved security.
- Device Management Tools: A suite of tools, consoles, and dashboards that help operate a robust ecosystem of IoT devices. (Details forthcoming.)
Most aspects of DAQ assume a baseline setup consisting of:
- Linux install: DAQ has been tested against both
Ubuntu 18.04.2 LTS bionicandDebian GNU/Linux 9.4 stretch, YMMV with other platforms. - Dedicated network adapters: At the very minimum one dedicated ethernet adapter is required. This could either be a separate built-in NIC, or a USB-Ethernet dongle.
- (Optional) OpenFlow-compatible hardware switch, described in the Network Topologies overview.
Please reference here
The top-level DAQ folders correspond to the following structure:
bin/: System setup and management commands.build/: Dynamically created directory for build logs.cmd/: Primary commands for running DAQ testing.config/: System and module configuration files.daq/: Python source for DAQ runtime.docker/: Docker build files for DAQ components and tests.docs/: Documentation.etc/: Version files and external switch setup files.faucet/: Dynamically downloaded version of SDN controller.forch/: Dynamically downloaded version of SDN orchestrator.firebase/: Hosted pages and functions for web dashboard.functions/: Additional Cloud Functions for data processing.inst/: Install directory for specific runtime contents.local/: Local setup and config information.mininet/: Local version of the mininet virtual network host framework.mudacl/: Utilities for managing and testing MUD network files.mud_files/: Examples and prototype device MUD files.out/: Misc transitory output files.proto/: Protobuf related files.protoc-gen-doc/: Dynamically downloaded Protobuf documentation generator.pubber/: Sample code for generating cloud-ingest traffic.resources/: Templates for reports, module configs, test-site definitions.schemas/: Device/cloud data exchange schemas.subset/: Subsets of device tests (e.g. penetration tests).testing/: Scripts for system continuous integration testing.topology/: Network topology setups.validator/: Tools for validating data exchange schemas.venv/: Dynamically downloaded python virtual environment files.
Items in italics can generally be deleted without any loss of functionality (dynamically created at install/runtime). The local subdirectory contains local setup information that is not part of the source distribution.