236 research outputs found

    Efficient Security Protocols for Constrained Devices

    Get PDF
    During the last decades, more and more devices have been connected to the Internet.Today, there are more devices connected to the Internet than humans.An increasingly more common type of devices are cyber-physical devices.A device that interacts with its environment is called a cyber-physical device.Sensors that measure their environment and actuators that alter the physical environment are both cyber-physical devices.Devices connected to the Internet risk being compromised by threat actors such as hackers.Cyber-physical devices have become a preferred target for threat actors since the consequence of an intrusion disrupting or destroying a cyber-physical system can be severe.Cyber attacks against power and energy infrastructure have caused significant disruptions in recent years.Many cyber-physical devices are categorized as constrained devices.A constrained device is characterized by one or more of the following limitations: limited memory, a less powerful CPU, or a limited communication interface.Many constrained devices are also powered by a battery or energy harvesting, which limits the available energy budget.Devices must be efficient to make the most of the limited resources.Mitigating cyber attacks is a complex task, requiring technical and organizational measures.Constrained cyber-physical devices require efficient security mechanisms to avoid overloading the systems limited resources.In this thesis, we present research on efficient security protocols for constrained cyber-physical devices.We have implemented and evaluated two state-of-the-art protocols, OSCORE and Group OSCORE.These protocols allow end-to-end protection of CoAP messages in the presence of untrusted proxies.Next, we have performed a formal protocol verification of WirelessHART, a protocol for communications in an industrial control systems setting.In our work, we present a novel attack against the protocol.We have developed a novel architecture for industrial control systems utilizing the Digital Twin concept.Using a state synchronization protocol, we propagate state changes between the digital and physical twins.The Digital Twin can then monitor and manage devices.We have also designed a protocol for secure ownership transfer of constrained wireless devices. Our protocol allows the owner of a wireless sensor network to transfer control of the devices to a new owner.With a formal protocol verification, we can guarantee the security of both the old and new owners.Lastly, we have developed an efficient Private Stream Aggregation (PSA) protocol.PSA allows devices to send encrypted measurements to an aggregator.The aggregator can combine the encrypted measurements and calculate the decrypted sum of the measurements.No party will learn the measurement except the device that generated it

    Wireless Data Logger – A Joint Use of Frequency Converter and Wireless Sensor Network

    Get PDF
    “Smart Industry” is a new unavoidable trend in vast varieties of industry fields. In the case of developing smart crane systems, cutting edge innovation and design is required. Many crane manufactures have expressed their strong interest in applying wireless technology to their crane products. Recent research achievements in wireless sensor node development have created technologically mature, cost effective solutions for many applications. When either monitoring or controlling the crane, one must have access to the frequency converter first. As for the purpose of analyzing the behavior of crane, the Wireless Sensor Network can be used to collect data from frequency converters. In this thesis, a wireless sensor network system was designed and developed in order to collect data from several frequency converters. The UWASA Node, a wireless sensor node designed by researchers from Aalto University and University of Vaasa, was implemented for establishing this wireless data logging network. As a result, the system has an ability of logging continuous data as well as the changes of data in user defined logging interval. Additionally, the reliability of the wireless transmission was investigated and possible solutions were presented.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

    Internet of Things Architectures, Technologies, Applications, Challenges, and Future Directions for Enhanced Living Environments and Healthcare Systems: A Review

    Get PDF
    Internet of Things (IoT) is an evolution of the Internet and has been gaining increased attention from researchers in both academic and industrial environments. Successive technological enhancements make the development of intelligent systems with a high capacity for communication and data collection possible, providing several opportunities for numerous IoT applications, particularly healthcare systems. Despite all the advantages, there are still several open issues that represent the main challenges for IoT, e.g., accessibility, portability, interoperability, information security, and privacy. IoT provides important characteristics to healthcare systems, such as availability, mobility, and scalability, that o er an architectural basis for numerous high technological healthcare applications, such as real-time patient monitoring, environmental and indoor quality monitoring, and ubiquitous and pervasive information access that benefits health professionals and patients. The constant scientific innovations make it possible to develop IoT devices through countless services for sensing, data fusing, and logging capabilities that lead to several advancements for enhanced living environments (ELEs). This paper reviews the current state of the art on IoT architectures for ELEs and healthcare systems, with a focus on the technologies, applications, challenges, opportunities, open-source platforms, and operating systems. Furthermore, this document synthesizes the existing body of knowledge and identifies common threads and gaps that open up new significant and challenging future research directions.info:eu-repo/semantics/publishedVersio

    A self-organized Wireless Sensor Network (WSN) for a home-event managed system: Design of a cost efficient 6LoWPAN-USB gateway with RFID security

    Full text link
    This Thesis investigates the most appropriate choices from a hardware and software design perspective, trying to find a cost-efficient solution for the implementation of a simple and scalable wireless sensor network. The present work goes through the elements that form part of a constrained network and focuses on the design by analysing several network protocol alternatives, radio transmission mechanisms, different hardware devices and software implementations. The construction of a gateway board that starts and coordinates a sensor network is the main target of the thesis. The gateway is connected externally through a USB interface that can be connected to a computer. Inside the WSN, the sensor nodes are connected to the gateway over IEEE 802.15.4 standard for low-power radio based links. The network is designed to be compliant with the TCP/IP stack by means of 6LoWPAN, an adaptation layer protocol used for comprising IPv6 headers. In addition, a small implementation of CoAP (Constrained Application Protocol) is developed that allows interoperability with the sensor nodes on the application layer level. A security mechanism provides packet encryption and identification of nodes by means of RFID reader connected to the gateway and RFID tags attached to the sensor nodes storing security information.Floriano Sánchez, SA. (2015). A self-organized Wireless Sensor Network (WSN) for a home-event managed system: Design of a cost efficient 6LoWPAN-USB gateway with RFID security. http://hdl.handle.net/10251/56609.Archivo delegad

    Multi-Layered Security in the Internet of the Things

    Get PDF
    It is well discussed and understood that there is still a need for suitable security for the Internet of Things. It is however still not clear how existing or emerging security paradigms can be effectively applied to a network of constrained nodes in a lossy communications environment. This thesis provides a survey into what routing protocols can be used with network security in mind. What will also be discussed, is an implementation, that in conjunction which a robust routing protocol, can provide security for a network of constrained devices with a certain level of confidence. The implementation and design involves including communications encryption and centralized non-cryptographic methods for securing the network. This thesis basically explores the use of multiple security mechanisms in an Internet of Things environment by using Contiki OS as the platform of choice for simulations and testing

    A real-time packet scheduling system for a 6LoWPAN industrial application

    Get PDF
    Nowadays, the industrial Wireless Sensor Networks (WSN) are crucial for the monitoring and control of the modern smart factory floor that is relying on them for critical applications and tasks that were performed by wired systems in the past. For this reason, it is required that the transmission mechanisms of wireless sensor networks are efficient and robust and that they guarantee realtime responses with low data losses. Furthermore, it is required that they utilize common networking standards, such as the Internet Protocol (IP), that provides interoperability with already existing infrastructures and offers widely tested security and transmission control protocols. The theoretical part of this document focuses on the description of the current panorama of the industrial WSN, its applications, design challenges and standardizations. It describes the 6LoWPAN standard and the wireless transmission technology that it uses for its lower layers, the IEEE 802.15.4 protocol. Later, it describes the principles behind the wireless scheduling, a state-of-the-art in the IEEE 802.15.4 scheduled channel access and the features of the most used operating systems for WSN. The practical part presents the real-time packet scheduling system for a 6LoWPAN industrial application proposed by this thesis work that adapts the HSDPA scheduling mechanisms to the IEEE 802.15.4 beacon-enabled mode. The system implemented manages the channel access by allocating Guaranteed Time Slots to sensor nodes according to the priority given by three scheduling algorithms that can be selected according to the traffic condition of the network. The system proposed was programmed using Contiki OS. It is based on the eSONIA 6LoWPAN firmware developed for the European Research Project and it was deployed on the FAST WSN for testing. The results, discussion and conclusions are documented at the final sections of this part

    Compact-LWE: Enabling Practically Lightweight Public Key Encryption for Leveled IoT Device Authentication

    Get PDF
    Leveled authentication allows resource-constrained IoT devices to be authenticated at different strength levels according to the particular types of communication. To achieve efficient leveled authentication, we propose a lightweight public key encryption scheme that can produce very short ciphertexts without sacrificing its security. The security of our scheme is based on the Learning With Secretly Scaled Errors in Dense Lattice (referred to as Compact-LWE) problem. We prove the hardness of Compact-LWE by reducing Learning With Errors (LWE) to Compact-LWE. However, unlike LWE, even if the closest vector problem (CVP) in lattices can be solved, Compact-LWE is still hard, due to the high density of lattices constructed from Compact-LWE samples and the relatively longer error vectors. By using a lattice-based attack tool, we verify that the attacks, which are successful on LWE instantly, cannot succeed on Compact-LWE, even for a small dimension parameter like n=13n=13, hence allowing small dimensions for short ciphertexts. On the Contiki operating system for IoT, we have implemented our scheme, with which a leveled Needham-Schroeder-Lowe public key authentication protocol is implemented. On a small IoT device with 8MHZ MSP430 16-bit processor and 10KB RAM, our experiment shows that our scheme can complete 50 encryptions and 500 decryptions per second at a security level above 128 bits, with a public key of 2368 bits, generating 176-bit ciphertexts for 16-bit messages. With two small IoT devices communicating over IEEE 802.15.4 and 6LoWPAN, the total time of completing an authentication varies from 640ms (the 1st authentication level) to 8373ms (the 16th authentication level), in which the execution of our encryption scheme takes only a very small faction from 46ms to 445ms
    corecore