Recent advances in industrial wireless sensor networks towards efficient management in IoT

With the accelerated development of Internet-of- Things (IoT), wireless sensor networks (WSN) are gaining importance in the continued advancement of information and communication technologies, and have been connected and integrated with Internet in vast industrial applications. However, given the fact that most wireless sensor devices are resource constrained and operate on batteries, the communication overhead and power consumption are therefore important issues for wireless sensor networks design. In order to efficiently manage these wireless sensor devices in a unified manner, the industrial authorities should be able to provide a network infrastructure supporting various WSN applications and services that facilitate the management of sensor-equipped real-world entities. This paper presents an overview of industrial ecosystem, technical architecture, industrial device management standards and our latest research activity in developing a WSN management system. The key approach to enable efficient and reliable management of WSN within such an infrastructure is a cross layer design of lightweight and cloud-based RESTful web service

SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin

A Novel Architectural Framework on IoT Ecosystem, Security Aspects and Mechanisms: A Comprehensive Survey

For the past few years, the Internet of Things (IoT) technology continues to not only gain popularity and importance, but also witnesses the true realization of everything being smart. With the advent of the concept of smart everything, IoT has emerged as an area of great potential and incredible growth. An IoT ecosystem centers around innovation perspective which is considered as its fundamental core. Accordingly, IoT enabling technologies such as hardware and software platforms as well as standards become the core of the IoT ecosystem. However, any large-scale technological integration such as the IoT development poses the challenge to ensure secure data transmission. Perhaps, the ubiquitous and the resource-constrained nature of IoT devices and the sensitive and private data being generated by IoT systems make them highly vulnerable to physical and cyber threats. In this paper, we re-define an IoT ecosystem from the core technologies view point. We propose a modified three layer IoT architecture by dividing the perception layer into elementary blocks based on their attributed functions. Enabling technologies, attacks and security countermeasures are classified under each layer of the proposed architecture. Additionally, to give the readers a broader perspective of the research area, we discuss the role of various state-of-the-art emerging technologies in the IoT security. We present the security aspects of the most prominent standards and other recently developed technologies for IoT which might have the potential to form the yet undefined IoT architecture. Among the technologies presented in this article, we give a special interest to one recent technology in IoT domain. This technology is named IQRF that stands for Intelligent Connectivity using Radio Frequency. It is an emerging technology for wireless packet-oriented communication that operates in sub-GHz ISM band (868 MHz) and which is intended for general use where wireless connectivity is needed, either in a mesh network or point-to-point (P2P) configuration. We also highlighted the security aspects implemented in this technology and we compare it with the other already known technologies. Moreover, a detailed discussion on the possible attacks is presented. These attacks are projected on the IoT technologies presented in this article including IQRF. In addition, lightweight security solutions, implemented in these technologies, to counter these threats in the proposed IoT ecosystem architecture are also presented. Lastly, we summarize the survey by listing out some common challenges and the future research directions in this field.publishedVersio

An Implementing A Continuous Authentication Protocol To Improve Robustness Security Threats On IoT Using ESP8266

The Internet of Things (IoT) is a network of physical things that are outfitted with sensors, software, and other technologies that are able to communicate and exchange data with other devices and systems over the Internet. Because of the diversity of their surroundings, IoT systems are sensitive to network attacks. The IoT could be the source of these dangers and attacks. There are a lot of devices that communicate with each other via the IoT, and one of the most critical components of this is to maintain IoT security. IoT devices are a prime target for attackers and pose a serious risk of impersonation during a call. Proposals to prevent session hijacking in device-to-device communication are made in this research study. User-to-device authentication relies on usernames and passwords, but continuous authentication doesn't. This protocol relies on device features and contextual information. Moreover, this protocol reduces the synchronization losses using shadow IDs and emergency key. In addition, the protocol’s robustness will be tested by providing security and performance analysis

SYSTEMATIC LITERATURE REVIEW OF IOT METRICS

The Internet of Things (IoT) touches almost every aspect of modern society and has changed the way people live, work, travel and, do business. Because of its importance, it is essential to ensure that an IoT system is performing well, as desired and expected, and that this can be assessed and managed with an adequate set of IoT performance metrics. The aim of this study was to systematically inventory and classifies recent studies that have investigated IoT metrics. We conducted a literature review based on studies published between January 2010 and December 2021 using a set of five research questions (RQs) on the current knowledge bases for IoT metrics. A total of 158 IoT metrics were identified and classified into 12 categories according to the different parts and aspects of an IoT system. To cover the overall performance of an IoT system, the 12 categories were organized into an ontology.  The findings results show that the category of network metrics was the most discussed in 43% of the studies and, with the highest number of metrics at 37%. This study can provide guidelines for researchers and practitioners in selecting metrics for IoT systems and valuable insights into areas for improvement and optimization. &nbsp

Privacy of the Internet of Things: A Systematic Literature Review

The Internet of Things’ potential for major privacy invasion is a concern. This paper reports on a systematic literature review of privacy-preserving solutions appearing in the research literature and in the media. We analysed proposed solutions in terms of the techniques they deployed and the extent to which they satisfied core privacy principles. We found that very few solutions satisfied all core privacy principles. We also identified a number of key knowledge gaps in the course of the analysis. In particular, we found that most solution providers assumed that end users would be willing to expend effort to preserve their privacy; that they would be motivated to take action to ensure that their privacy was respected. The validity of this assumption needs to be proved, since it cannot simply be assumed that people would necessarily be willing to engage with privacy-preserving solutions. We suggest this as a topic for future research

IoT Middleware Platforms for Smart Energy Systems: An Empirical Expert Survey

Middleware platforms are key technology in any Internet of Things (IoT) system, considering their role in managing the intermediary communications between devices and applications. In the energy sector, it has been shown that IoT devices enable the integration of all network assets to one large distributed system. This comes with significant benefits, such as improving energy efficiency, boosting the generation of renewable energy, reducing maintenance costs and increasing comfort. Various existing IoT middlware solutions encounter several problems that limit their performance, such as vendor locks. Hence, this paper presents a literature review and an expert survey on IoT middleware platforms in energy systems, in order to provide a set of tools and functionalities to be supported by any future efficient, flexible and interoperable IoT middleware considering the market needs. The analysis of the results shows that experts currently use the IoT middleware mainly to deploy services such as visualization, monitoring and benchmarking of energy consumption, and energy optimization is considered as a future application to target. Likewise, non-functional requirements, such as security and privacy, play vital roles in the IoT platforms’ performances

SUTMS - Unified Threat Management Framework for Home Networks

Home networks were initially designed for web browsing and non-business critical applications. As infrastructure improved, internet broadband costs decreased, and home internet usage transferred to e-commerce and business-critical applications. Today’s home computers host personnel identifiable information and financial data and act as a bridge to corporate networks via remote access technologies like VPN. The expansion of remote work and the transition to cloud computing have broadened the attack surface for potential threats. Home networks have become the extension of critical networks and services, hackers can get access to corporate data by compromising devices attacked to broad- band routers. All these challenges depict the importance of home-based Unified Threat Management (UTM) systems. There is a need of unified threat management framework that is developed specifically for home and small networks to address emerging security challenges. In this research, the proposed Smart Unified Threat Management (SUTMS) framework serves as a comprehensive solution for implementing home network security, incorporating firewall, anti-bot, intrusion detection, and anomaly detection engines into a unified system. SUTMS is able to provide 99.99% accuracy with 56.83% memory improvements. IPS stands out as the most resource-intensive UTM service, SUTMS successfully reduces the performance overhead of IDS by integrating it with the flow detection mod- ule. The artifact employs flow analysis to identify network anomalies and categorizes encrypted traffic according to its abnormalities. SUTMS can be scaled by introducing optional functions, i.e., routing and smart logging (utilizing Apriori algorithms). The research also tackles one of the limitations identified by SUTMS through the introduction of a second artifact called Secure Centralized Management System (SCMS). SCMS is a lightweight asset management platform with built-in security intelligence that can seamlessly integrate with a cloud for real-time updates