InternalBlue - Bluetooth Binary Patching and Experimentation Framework

Bluetooth is one of the most established technologies for short range digital wireless data transmission. With the advent of wearables and the Internet of Things (IoT), Bluetooth has again gained importance, which makes security research and protocol optimizations imperative. Surprisingly, there is a lack of openly available tools and experimental platforms to scrutinize Bluetooth. In particular, system aspects and close to hardware protocol layers are mostly uncovered. We reverse engineer multiple Broadcom Bluetooth chipsets that are widespread in off-the-shelf devices. Thus, we offer deep insights into the internal architecture of a popular commercial family of Bluetooth controllers used in smartphones, wearables, and IoT platforms. Reverse engineered functions can then be altered with our InternalBlue Python framework---outperforming evaluation kits, which are limited to documented and vendor-defined functions. The modified Bluetooth stack remains fully functional and high-performance. Hence, it provides a portable low-cost research platform. InternalBlue is a versatile framework and we demonstrate its abilities by implementing tests and demos for known Bluetooth vulnerabilities. Moreover, we discover a novel critical security issue affecting a large selection of Broadcom chipsets that allows executing code within the attacked Bluetooth firmware. We further show how to use our framework to fix bugs in chipsets out of vendor support and how to add new security features to Bluetooth firmware

Testbed architecture and framework for debugging wireless sensor networks

The Internet of Things has emerged as one of the key aspects for the future of the Wireless Sensor Networks and their impact on new applications in real environments. This concept poses new challenges in the implementation, testing and debugging of efficient, robust and reliable technologies under this paradigm, specially in a pre-deployment stage where HW-SW platform prototypes are to be optimized prior to their inclusion in actual deployments. In this work, the design and implementation of a complete testbed infrastructure as a support tool for improving the effectiveness and the applicability of sensor nodes to real systems is presented, focused on the modular architecture of the Cookie platform and aiming to help developers to integrate and improve the whole WSN operation to final real-world scenarios

Supporting Cyber-Physical Systems with Wireless Sensor Networks: An Outlook of Software and Services

Sensing, communication, computation and control technologies are the essential building blocks of a cyber-physical system (CPS). Wireless sensor networks (WSNs) are a way to support CPS as they provide fine-grained spatial-temporal sensing, communication and computation at a low premium of cost and power. In this article, we explore the fundamental concepts guiding the design and implementation of WSNs. We report the latest developments in WSN software and services for meeting existing requirements and newer demands; particularly in the areas of: operating system, simulator and emulator, programming abstraction, virtualization, IP-based communication and security, time and location, and network monitoring and management. We also reflect on the ongoing efforts in providing dependable assurances for WSN-driven CPS. Finally, we report on its applicability with a case-study on smart buildings

Testbed infrastructure for debugging, analyzing and optimizing WSN nodes based on a modular HW-SW architecture

The Internet of Things has emerged as one of the key aspects to the future of the Wireless Sensor Networ ks and their impact in new applications in real environments. This concept poses new challenges in the implementation, testing and assessment of efficient, robust and reliable technologies and prototypes under this paradigm. In this way, the run-time remote interaction with the deployment of hundreds of in-f ield nodes in which developers have to be able to control and manage the wireless network anywhere at any time also implies new objectives to be achieved in order to adapt or even create new HW-SW platforms. In this work, the design and implementation of a complete testbed infrastructure as a support tool for improving the effectiveness and the applicability of sensor nodes to real applications is presented, focused on the m odular architecture of the Cookie hardware platform and aiming to help developers to integrate and optimize the whole WSN system to the final applications in the real world

Using BIP to reinforce correctness of resource-constrained IoT applications

International audienceIoT applications have either a sense-only or a sense-compute-actuate goal and they implement a capability to process and respond to multiple (external) events while performing computations. Existing IoT operating systems provide a versatile execution environment that adheres to the limitations of the interconnected resource-constrained devices. To reduce the development effort, applications are often built on top of RESTful web services, which can be shared and reused. However, the asynchronous communication between remote nodes is prone to event scheduling delays, which cannot be predicted and taken into account while programming the application. Moreover, to avoid long delays in message processing and communication due to packet collisions, the data transmission frequencies between the system's nodes have to carefully chosen. In general, even when appropriate debugging tools and simulators are available, it is still a hard challenge to guarantee the required functional and non-functional properties at the application and system levels. To this end, we focus on IoT applications for the Contiki OS and we introduce a model-based rigorous analysis approach using the BIP component framework. At the application level, we verify qualitative properties regarding service responsiveness, whereas at the system level we can validate qualitative and quantitative properties using statistical model checking. We present results for an application scenario running on a distributed system infrastructure with nodes executing the Contiki OS