16,230 research outputs found
Securing Real-Time Internet-of-Things
Modern embedded and cyber-physical systems are ubiquitous. A large number of
critical cyber-physical systems have real-time requirements (e.g., avionics,
automobiles, power grids, manufacturing systems, industrial control systems,
etc.). Recent developments and new functionality requires real-time embedded
devices to be connected to the Internet. This gives rise to the real-time
Internet-of-things (RT-IoT) that promises a better user experience through
stronger connectivity and efficient use of next-generation embedded devices.
However RT- IoT are also increasingly becoming targets for cyber-attacks which
is exacerbated by this increased connectivity. This paper gives an introduction
to RT-IoT systems, an outlook of current approaches and possible research
challenges towards secure RT- IoT frameworks
Isolating SDN Control Traffic with Layer-2 Slicing in 6TiSCH Industrial IoT Networks
Recent standardization efforts in IEEE 802.15.4-2015 Time Scheduled Channel
Hopping (TSCH) and the IETF 6TiSCH Working Group (WG), aim to provide
deterministic communications and efficient allocation of resources across
constrained Internet of Things (IoT) networks, particularly in Industrial IoT
(IIoT) scenarios. Within 6TiSCH, Software Defined Networking (SDN) has been
identified as means of providing centralized control in a number of key
situations. However, implementing a centralized SDN architecture in a Low Power
and Lossy Network (LLN) faces considerable challenges: not only is controller
traffic subject to jitter due to unreliable links and network contention, but
the overhead generated by SDN can severely affect the performance of other
traffic. This paper proposes using 6TiSCH tracks, a Layer-2 slicing mechanism
for creating dedicated forwarding paths across TSCH networks, in order to
isolate the SDN control overhead. Not only does this prevent control traffic
from affecting the performance of other data flows, but the properties of
6TiSCH tracks allows deterministic, low-latency SDN controller communication.
Using our own lightweight SDN implementation for Contiki OS, we firstly
demonstrate the effect of SDN control traffic on application data flows across
a 6TiSCH network. We then show that by slicing the network through the
allocation of dedicated resources along a SDN control path, tracks provide an
effective means of mitigating the cost of SDN control overhead in IEEE
802.15.4-2015 TSCH networks
Defending Against Firmware Cyber Attacks on Safety-Critical Systems
In the past, it was not possible to update the underlying software in many industrial control devices. Engineering
teams had to ‘rip and replace’ obsolete components. However, the ability to make firmware updates has provided
significant benefits to the companies who use Programmable Logic Controllers (PLCs), switches, gateways and
bridges as well as an array of smart sensor/actuators. These updates include security patches when vulnerabilities are
identified in existing devices; they can be distributed by physical media but are increasingly downloaded over
Internet connections. These mechanisms pose a growing threat to the cyber security of safety-critical applications,
which are illustrated by recent attacks on safety-related infrastructures across the Ukraine. Subsequent sections
explain how malware can be distributed within firmware updates. Even when attackers cannot reverse engineer the
code necessary to disguise their attack, they can undermine a device by forcing it into a constant upload cycle where
the firmware installation never terminates. In this paper, we present means of mitigating the risks of firmware attack
on safety-critical systems as part of wider initiatives to secure national critical infrastructures. Technical solutions,
including firmware hashing, must be augmented by organizational measures to secure the supply chain within
individual plants, across companies and throughout safety-related industries
LPDQ: a self-scheduled TDMA MAC protocol for one-hop dynamic lowpower wireless networks
Current Medium Access Control (MAC) protocols for data collection scenarios with a large number of nodes that generate bursty traffic are based on Low-Power Listening (LPL) for network synchronization and Frame Slotted ALOHA (FSA) as the channel access mechanism. However, FSA has an efficiency bounded to 36.8% due to contention effects, which reduces packet throughput and increases energy consumption. In this paper, we target such scenarios by presenting Low-Power Distributed Queuing (LPDQ), a highly efficient and low-power MAC protocol. LPDQ is able to self-schedule data transmissions, acting as a FSA MAC under light traffic and seamlessly converging to a Time Division Multiple Access (TDMA) MAC under congestion. The paper presents the design principles and the implementation details of LPDQ using low-power commercial radio transceivers. Experiments demonstrate an efficiency close to 99% that is independent of the number of nodes and is fair in terms of resource allocation.Peer ReviewedPostprint (author’s final draft
Intelligent TDMA heuristic scheduling by taking into account physical layer interference for an industrial IoT environment
In an Internet of Things environment, where multiple mobile devices are brought together, it is not always possible to serve all these devices simultaneously. We developed an intelligent Time Division Multiple Access (TDMA) scheduler which allows to plan the individual packets of the different streams in such a way that everyone can be served by taking into account the interference on the physical layer. The scheduler is applied in a realistic industrial environment and evaluated based on the maximum link latency, the channel occupancy, and the jitter. Two strategies are compared: one where the packets are sequentially allocated, and one periodically. Our results show that the periodically allocated strategy performs the best for the maximum link latency (for a packet size below 1200 bytes) and for the jitter. The channel occupancy is similar for both strategies. Furthermore, the performance can be improved by using a higher number of channels. Compared to classic Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA), the channel occupancy and the jitter are reduced up to 69.9 and 99.9%, respectively. Considering the maximum link latency, the proposed TDMA strategies perform significantly better than the worst case CSMA/CA (up to 99.8%), however, when assuming a best case CSMA/CA scenario, CSMA/CA performs better. Furthermore, we clearly show that there are cases where it is not possible to plan all streams when using CSMA/CA while this becomes feasible when applying the proposed TDMA strategies
- …