Karl is a privacy-preserving framework that IoT devices can use to execute as much functionality as possible on a home cloud that runs on user-owned hardware. Rather than relying on third-party cloud services and local device state, devices (sensors) in the home cloud express their functionality in terms of small, ephemeral units of computation (similar to serverless) called modules. When functionality must be offloaded to the cloud, users define pipeline policies that justify under which conditions data can be exfiltrated. For details, see our preprint "The IoT Home Cloud for User-Defined Pipeline Policies".
For example, typical smart cameras either come with expensive local hardware or charge subscription fees to process your raw video recordings in the cloud. Using Karl, the camera can only exfiltrate data derived from raw video after it has been analyzed to contain a person and the numerical statistics have been anonymized:
To run the home cloud, you will need a dedicated computer and a router. This computer can be a laptop, server, Raspberry Pi, etc. The OS of this computer must support aufs and the sys_mount crate. I have only used Karl on Ubuntu 20.04, though it may work on other flavors of Linux. Karl will NOT work on Windows or MacOS. You will need admin access to the router. The dedicated computer and IoT devices must all be connected to the router's network.
If you only want to run the Quick Start, you will only need the computer.
Clone the repository onto the computer. Be sure to clone its submodules.
git clone --recurse-submodules https://github.com/karl-home/karl.git
Follow the directions in INSTALL.md to install dependencies, and build Karl and its example modules and sensors.
This section guides you through trying out Karl with an emulated sensor (the camera sensor is simply a program that produces an image every interval seconds).
After installing dependencies, start a controller, host, and camera binary in separate terminals. To configure logging in Rust, set the RUST_LOG environment variable.
export KARL_PATH=$(pwd)
export KARL_MODULE_PATH=$(pwd)/modules
cd karl-controller
cargo build --release # Run to recompile code
./target/release/karl-controller --dashboard --autoconfirm
cd karl-host
cargo build --release
sudo ./target/release/karl-host
cd karl-sensor-sdk
cargo build --release --examples
./target/release/examples/camera --interval 30
The camera will push an image to the controller once every <interval> seconds. To register modules and define pipeline policies, visit <CONTROLLER_IP>:8080 in a browser. You can install the person_detection and differential_privacy modules, then draw data edges and give network permissions such as in the pipeline policy above.
To configure a real smart home deployment, see the Wiki.
Explore the web UI for confirming sensors and hosts, registering
modules, manually spawning modules, and defining pipeline policies at
<CONTROLLER_IP>:8080 in a browser.
The following modules are currently supported:
| Module ID | Input Params | Returns | Network |
|---|---|---|---|
| differential_privacy | count | - | yes |
| false | - | false | no |
| firmware_update | - | firmware | yes |
| light_switch | light_intent | state | no |
| search | query_intent | response | yes |
| targz | files | video | no |
| true | - | true | no |
| command_classifier | sound | light,search | no |
| person_detection | image | box,all_count,count | no |
Find the module bundles in modules/ after building them according to the setup script.
The entire project is in active development and welcoming contributions in all areas (home cloud architecture, web UI, modules, sensors)! For ideas of where to get started, see existing issues, or try deploying Karl to identify your own pain points. For issues or feature requests, please start a GitHub issue. For questions, join the Discord or shoot me (Gina Yuan) an email. All experience levels welcome!
This research was supported in part by affiliate members and other supporters of the Stanford DAWN project (Google, VMWare, Ant Financial and Meta), and by the NSF under Grant No. 1931750 and 1900638 and CAREER grant CNS-1651570. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.