Web of Things Working Group Charter

The Web of Things seeks to counter the fragmentation of the IoT through standard complementing building blocks (e.g., metadata and APIs) that enable easy integration across IoT platforms and application domains. This Working Group Charter covers those aspects that the Web of Things Interest Group believes are mature enough to progress to W3C Recommendations. Further background is available in the accompanying white paper.

Join the Web of Things Working Group.

Start date	21 December 2016
End date	31 December 2018 (same end date as the IG)
Chairs	Matthias Kovatsch (Siemens), Kazuo Kajimoto (Panasonic), Michael McCool (Intel)
Team Contacts	Kazuyuki Ashimura (0.2 FTE), Dave Raggett, (0.1 FTE), Yingying Chen (0.1 FTE)
Meeting Schedule	Teleconferences: Weekly with additional topic specific calls as appropriate. Face-to-face: we will meet during the W3C's annual Technical Plenary week; additional face-to-face meetings may be scheduled by consent of the participants, with no more than 4 face to face meetings in total per year.

Introduction

This working group is tasked with the standardization of four technological building blocks identified by the Web of Things Interest Group (IG) as being key to realizing the Web of Things. These building blocks will complement existing and emerging standards by focusing on enabling cross-platform and cross-domain interoperability, as opposed to creating yet another IoT standard. The initial concepts are detailed in the WoT Current Practices document of the IG and summarized in the Scope section. There has already been successful incubation of these building blocks in multiple IG PlugFests, where several companies and research institutes have presented and tested their WoT prototypes. Initial open-source implementations are also already available.

Scope

The Working Group has four items in scope to enable interoperability across IoT platforms:

Scope Summary

Thing Description:: Semantic vocabularies for describing the data and interaction models exposed to applications, the choice of communications patterns provided by protocols, and serialization formats suitable for processing on resource-constrained devices and transmission over constrained networks.
Scripting API:: Platform-independent application-facing API for Thing-to-Thing interaction and Thing lifecycle management.
Binding Templates:
: Example mappings from the abstract messages to specific common platforms and protocols in collaboration with the corresponding organizations.
Security and Privacy:
: Cross-cutting policies and mechanisms integrated into the other building blocks to describe and implement security and privacy policies to enable secure and safe interaction across different IoT platforms.

Of these, the first deliverable, the normative Thing Description standard, is central, with the other items playing supporting roles. The Scripting API is also normative but simply serves to provide a standardized and convenient way to access the functionality of the Thing Description from a programming language in order to build concrete applications. Binding Templates are informational and provide mappings to concrete protocols. This deliverable also provides templates for describing further protocol mappings through the Thing Description. The Security and Privacy deliverable is normative, but while considered separately, its implementation is integrated into the other deliverables.

Details for each of these are given below.

Thing Description

The Working Group will develop solutions to describe Things through metadata and declarations of their capabilities (e.g., possible interactions). This work includes the definition of different machine-understandable vocabulary sets as well as serialization formats of such a Thing Description. The Thing Description will be aimed at enabling scalable and automated tooling, including but not limited to search, automated bridging, service composition, validation, and development abstractions. While enabling the use of powerful tooling, the Thing Description will be designed in such a way that even constrained devices can use it. In particular, for basic usages there will not be an explicit dependence on RDF and it will not be necessary for constrained systems to perform explicit semantic processing. However, to enable more complex usages, the Thing Description will include extension points to allow the use of semantic vocabularies and tools (e.g., Linked Open Data, Schema.org, Resource Description Framework (RDF), semantic reasoners, etc.).

The Thing Description will include the following components:

A common vocabulary for describing Things in terms of the data and interaction models they expose to and/or consume from applications (e.g., interaction patterns such as Properties, Actions, and Events as described in the WoT Interest Group current practices document). This vocabulary will cover Thing lifecycles, datatypes (including streams and integrity constraints), and provision for early and late binding. This cross-domain vocabulary will be designed for use in combination with vocabularies for domain-specific semantics and metadata.
A common vocabulary for security and privacy metadata as a basis for platforms to determine how to securely interoperate. This will build upon emerging standards and best practices for securing exchanges, including metadata relating to authentication, authorization, secure communication, and privacy policies. It will support, but not mandate, the utilization of online trusted third party services such as authorization servers. It will support a variety of security token form factors of established serialization formats, domain-specific security token contents (e.g., building automation), and various security models. It will support a variety of protocols for their acquisition and for transportation. Support for secure communications will consider transport as well as application-level security.
A common vocabulary for communications metadata. This will enable platforms to determine how to interoperate given a choice of protocols, data formats, and encodings, as well as different communication patterns, e.g., push, pull, pub-sub, and peer-to-peer. Communications metadata may be needed to describe the multiplexing of data from different sensors, different approaches to buffering data, and the interoperability requirements for communicating with battery-powered or ambient-powered devices that spend a lot of their time asleep to conserve power.

Serialization formats for the Thing Description suitable for use by resource-constrained platforms will be provided and designed to appeal to application developers. The encoding shall allow for resource-efficient instantiation of the software objects that reflect the data and interaction models of Things. Where practical, this will be based upon existing formats and encodings (e.g., EXI- or CBOR-compressed JSON-LD).

Scripting API

The Working Group will seek to specify an API exposed to applications covering the following:

Interactions with Things and reactions/handlers to provide the functionality of a Thing. This includes APIs both for applications acting in the client role interacting with a Thing as well as APIs for applications in the server role, exposing a Thing.
Discovery for local and remote cases, abstracting away from the details of the discovery mechanisms. This will cover a range of approaches: Things on the same host, Things nearby, Things on the same network, Things listed in a repository, and discovery based upon formal or crowd-sourced semantics and social relationships. The API will support a Thing lifecycle including registering and creating Things, either from a Thing Description or using scripting. The API will make applications aware of lifecycle transitions.
Cross-platform security frameworks including authentication, authorization, and secure communication, as well as the means for their establishment through provisioning of metadata and keying associations. This will enable the use of security frameworks, such as IETF OAuth and ACE, according to the specific tasks for the client (e.g., security credentials acquisition and supply), and for the server (e.g., security token enforcement and validation), as well as common tasks (e.g., registration). A goal is to decouple applications from the implementations of the security frameworks. This introduces online trusted-third party components to which constrained WoT components delegate specific processing tasks (such as authentication and authorization). It requires trusted assertions that report about such processing events as well as protocols to trigger such processing.

Where practical, APIs will be defined in ways that are independent of the choice of programming languages. The scope includes APIs for User Agents/browsers as well as APIs for faceless applications in a runtime environment such as Node.js. The underlying assumptions and contracts between the runtime environment and the application (e.g., security policies and callback signatures) will be well-defined.

It should be emphasized that this is a secondary deliverable and in case of conflicts, the Thing Description deliverable will have priority.

Binding Templates

While the Thing Description will provide general mechanisms to describe arbitrary protocols, to enable interoperability, the Working Group will define standard binding templates for common protocols. These standard binding templates will be created in close collaboration with the industry alliances and standards development organizations responsible for these. This includes definition of mappings from the interactions at the Thing Layer to:

Transfer layer communication patterns such as push, pull, pub-sub, bi-directional messaging, etc.
Specific protocols at the transfer layer, e.g., REST-based protocols such as HTTP and CoAP, pub-sub protocols such as MQTT, and raw channel-based protocols such as WebSockets

The Web of Things has a multi-protocol architecture and bindings to both IP and non-IP transports (e.g., Bluetooth Low Energy) may be defined.

Support for secure communications will be included, as defined by the Security and Privacy deliverable.

The Binding Templates deliverable is informative by nature since the intended capabilities of the Thing Description could be used to describe any protocol, even common ones, from first principles. However, interoperability will be enhanced by providing and encouraging the use of standard binding templates for common protocols when possible.

Security and Privacy

The mechanisms for security and privacy must be cross-cutting over the descriptions, scripting APIs, and bindings. The Thing Description and the Scripting API will support both transport and object security using best practices, and the Binding Templates will support the use of appropriate security for the protocols they map to.

In order to enhance the security of WoT systems, we will also generate and implement a security testing plan which will include both functional and adversarial testing of the proposed standards and their implementations. We will only recommend an implementation of the proposed standards for use in production once it has passed such testing.

Out of Scope

The following features are out of scope, and will not be addressed by this working group:

Application- and domain-specific metadata vocabularies: The Working Group is restricted to work on cross-domain vocabularies.
APIs and security frameworks specific to particular platforms external to the W3C: The scope of the Working Group is restricted to APIs and security frameworks that are applicable across platforms. We will not define new security mechanisms but will use existing mechanisms and best practices.
Modification of protocols: If during work on protocol bindings, it becomes apparent that changes are needed to protocols, the Web of Things Working Group will rely on the organization responsible for the protocol to make the changes. It is out of scope for the Working Group to standardize such changes itself.

Success Criteria

In order to advance to Proposed Recommendation, each specification is expected to have at least two independent implementations of each of feature defined in the specification.

Each specification should contain a section detailing any known security or privacy implications for implementers, Web authors, and end users.

Deliverables

More detailed milestones and updated publication schedules are available on the group publication status page.

Draft state indicates the state of the deliverable at the time of the charter approval. Expected completion indicates when the deliverable is projected to become a Recommendation, or otherwise reach a stable state.

Normative Specifications

The working group will deliver the following W3C normative specifications:

WoT Architecture

This specification defines the high-level architecture for the individual WoT building blocks as well as necessary platform configurations. Furthermore, it confines the deployment scenarios targeted by the Web of Things. The document will be based on the WoT Interest Group architecture document.

Draft state: discussion and implementation experience in the Web of Things Interest Group

First Public Working Draft: 2 months after charter commencement

Expected completion: 16 months after charter commencement

WoT Thing Description

This specification defines an ontology and a binding to short names for cross-domain metadata for the Web of Things, including the data model exposed to applications, as well as security and communications metadata.

Draft state: discussion and implementation experience in the Web of Things Interest Group

First Public Working Draft: 4 months after charter commencement

Expected completion: 22 months after charter commencement

WoT Scripting APIs

This specification defines a suite of cross-domain APIs for Application developers for the Web of Things.

Draft state: discussion and implementation experience in the Web of Things Interest Group

First Public Working Draft: 4 months after charter commencement

Expected completion: 22 months after charter commencement

Informative Specifications

WoT Binding Templates

This specification defines binding templates from the Web of Things to some common protocols and encodings.

Draft state: discussion and implementation experience in the Web of Things Interest Group

First Public Working Draft: 4 months after charter commencement

Expected completion: 22 months after charter commencement

Other Deliverables

WoT Test Cases

This document is part of the W3C CR process test suite and defines test cases corresponding to technical issues addressed by the WG. They also help to evaluate the interoperability among the test suite implementations as well as external implementations, e.g., open source projects.

Draft state: discussion in the Web of Things Interest Group

First Public Working Draft: 4 months after charter commencement

Expected completion: 22 months after charter commencement

Other non-normative documents may be created such as:

Use case and requirement documents;
Test suite and implementation report for the specifications;
Guidelines for designing Web of Things bindings to protocols;
Primer or Best Practice documents to support Web developers when designing applications.

The Working Group expects to provide open source implementations for the specifications.

Coordination

For all specifications, this Working Group will seek horizontal review for accessibility, internationalization, performance, privacy, and security with the relevant Working and Interest Groups, and with the TAG. Invitation for review must be issued during each major standards-track document transition, including FPWD and CR, and should be issued when major changes occur in a specification.

W3C Groups

Additional technical coordination with the following W3C Groups will be made, per the W3C Process Document:

Web of Things Interest Group: The Web of Things Interest Group provides a forum for discussion of use cases and requirements, for investigation of areas that need further study before transfer to the standardization track, and for outreach and collaboration with industry alliances and standards development organizations. The Web of Things Working Group may ask the Interest Group to look into issues that are found to be insufficiently mature for immediate standardization. The Interest Group will take the lead on work on testing, e.g., organization of PlugFest events, test frameworks, and joint work with other organizations on interoperability testing.
Accessible Platform Architectures Working Group: For coordination on impacts of Web of Things technologies on accessibility to users with disabilities.
Device and Sensors Working Group: For coordination on APIs for sensors and actuators.
Efficient XML Interchange Working Group: In relation to efficient interchange of Thing descriptions and data.
Spatial Data on the Web Working Group: For collaboration on semantic descriptions, e.g. the Semantic Sensor Network Ontology.
Web and Automotive Business & Working Groups: For collaboration on technologies and requirements relating to connected cars and the Web of Things.
TV Control Working Group: For collaboration on technologies and requirements relating to television control and the Web of Things.

External Organizations

Additional technical coordination with the following external organizations will be sought, per the W3C Process Document. This list is not meant to exclude additional technical coordination with other external organizations not on this list, if such coordination is determined to be relevant by this Working Group.

IETF Authentication and Authorization for Constrained Environments (ace) Working Group: In respect to security building blocks for the Web of Things.
IETF Core Working Group: In respect to protocol bindings for the CoAP protocol.
OneM2M: For collaboration on integrating M2M based platforms within the Web of Things, including platform metadata and approaches for enabling semantic interoperability, and end to end security across platforms.
OPC Foundation: For collaboration on semantic interoperability and end to end security across platforms.
Open Connectivity Foundation: For collaboration on integrating OCF based platforms within the Web of Things, including platform metadata and approaches for enabling semantic interoperability, and end to end security across platforms.
IPSO Alliance: For collaboration on semantic interoperability.
GSMA: In respect to IoT Security Guidelines and end to end security across platforms.
Industrial Internet Consortium: For collaboration on semantic interoperability.
IoT Security Foundation: In respect to security best practices and end to end security across platforms.
Plattform Industrie 4.0: For collaboration on semantic interoperability.

Participation

To be successful, this Working Group is expected to have 6 or more active participants for its duration, including representatives from the key implementors of this specification, and active Editors and Test Leads for each specification. The Chairs, specification Editors, and Test Leads are expected to contribute half of a day per week towards the Working Group. There is no minimum requirement for other Participants.

The group encourages questions, comments and issues on its public mailing lists and document repositories, as described in Communication.

The group also welcomes non-Members to contribute technical submissions for consideration, with the agreement from each participant to Royalty-Free licensing of those submissions under the W3C Patent Policy.

Communication

Technical discussions for this Working Group are conducted in public. Meeting minutes from teleconference and face-to-face meetings will be archived for public review, and technical discussions and issue tracking will be conducted in a manner that can be both read and written to by the general public. Working Drafts and Editor's Drafts of specifications will be developed on a public repository, and may permit direct public contribution requests.

Information about the group (including details about deliverables, issues, actions, status, participants, and meetings) will be available from the Web of Things Working Group home page.

Most Web of Things Working Group teleconferences will focus on discussion of particular specifications, and will be conducted on an as-needed basis.

This group primarily conducts its technical work on the public mailing list public-wot-wg@w3.org (archive). The public is invited to post messages to this list.

The group may use a Member-confidential mailing list for administrative purposes and, at the discretion of the Chairs and members of the group, for member-only discussions in special cases when a participant requests such a discussion.

Decision Policy

This group will seek to make decisions through consensus and due process, per the W3C Process Document (section 3.3). Typically, an editor or other participant makes an initial proposal, which is then refined in discussion with members of the group and other reviewers, and consensus emerges with little formal voting being required.

However, if a decision is necessary for timely progress, but consensus is not achieved after careful consideration of the range of views presented, the Chairs may call for a group vote, and record a decision along with any objections.

To afford asynchronous decisions and organizational deliberation, any resolution (including publication decisions) taken in a face-to-face meeting or teleconference will be considered provisional. A call for consensus (CfC) will be issued for all resolutions (for example, via email and/or Web-based survey), with a response period from one week to 10 working days, depending on the chair's evaluation of the group consensus on the issue. If no objections are raised on the mailing list by the end of the response period, the resolution will be considered to have consensus as a resolution of the Working Group.

All decisions made by the group should be considered resolved unless and until new information becomes available, or unless reopened at the discretion of the Chairs or the Director.

This charter is written in accordance with the W3C Process Document (Section 3.4, Votes), and includes no voting procedures beyond what the Process Document requires.

Patent Policy

This Working Group operates under the W3C Patent Policy (5 February 2004 Version). To promote the widest adoption of Web standards, W3C seeks to issue Recommendations that can be implemented, according to this policy, on a Royalty-Free basis. For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation.

Licensing

This Working Group will use the W3C Software and Document license for all its deliverables.

About this Charter

This charter has been created according to section 5.2 of the Process Document. In the event of a conflict between this document or the provisions of any charter and the W3C Process, the W3C Process shall take precedence.