Security problems of systems of extremely weak devices

In this paper we discuss some fundamental security issues of distributed systems of weak devices. We briefly describe two extreme kinds of such systems - the sensor network and theRadio Frequency IDentification (RFID) system from the point of view of security mechanisms designer. We describe some most important particularities and issues (including unsolved problems) that have to be taken into account in security design and analysis. Finally we present some fundamental concepts and paradigms of research on security of weak devices. In the paper we also give a brief survey of ultra–light HB/HB+ - family of encryption schemes and so-called predistribution protocols

Verifiably-safe software-defined networks for CPS

Next generation cyber-physical systems (CPS) are expected to be deployed in domains which require scalability as well as performance under dynamic conditions. This scale and dynamicity will require that CPS communication networks be programmatic (i.e., not requiring manual intervention at any stage), but still maintain iron-clad safety guarantees. Software-defined networking standards like OpenFlow provide a means for scalably building tailor-made network architectures, but there is no guarantee that these systems are safe, correct, or secure. In this work we propose a methodology and accompanying tools for specifying and modeling distributed systems such that existing formal verification techniques can be transparently used to analyze critical requirements and properties prior to system implementation. We demonstrate this methodology by iteratively modeling and verifying an OpenFlow learning switch network with respect to network correctness, network convergence, and mobility-related properties. We posit that a design strategy based on the complementary pairing of software-defined networking and formal verification would enable the CPS community to build next-generation systems without sacrificing the safety and reliability that these systems must deliver

Seamless connectivity architecture and methods for IoT and wearable devices

Wearable and Internet of Things (IoT) devices have the potential to improve lifestyle, personalize receiving treatments or introduce assisted living for elderly people. However, service delivery depends on maintaining and troubleshooting device connectivity to smartphones, where user engagement and technology proficiency represent a possible barrier that prevents a wider adoption, especially in the elderly and disabled population. Low-cost and low-power wearable and IoT devices face challenges when operating out of range of known home networks or pared devices. We propose an architecture and methods to provide seamless connectivity (Se-Co) between devices and wireless networks while maintaining low-power, low-cost and standards compatibility. Through Se-Co, the devices connect without user interaction both in home and in unknown roaming networks while maintaining anonymity, privacy and security. Roaming networks approve data limited connectivity to unknown devices that are able to provide a valid anonymized certificate of compliance and no harm through a home provider. Se-Co enables shifting data processing, such as pattern processing using artificial intelligence, from a wearable device or smartphone towards the cloud. The proposed Se-Co architecture could provide solutions to increase usability of wearable devices and improve their wider adoption, while keeping low the costs of devices, development and services

Vehicle density in VANET Applications

This paper analyzes how street-level traffic data affects routing in VANETs applications. First, we offer a general review about which protocols and techniques would fit best for VANET applications. We selected five main technical aspects (Transmission, Routing, Quality of Service, Security and Location) that we consider are differential aspects of VANETs from current Ad-Hoc Networks. Second, the paper analyzes how to configure each technical aspect according to the goal of a wide range of VANET applications. Third, we look at the routing aspect in depth, specifically focusing on how vehicle density affects routing, which protocols are the best option when there is a high/low density, etc. Finally, this research implements a sensor technology, based on an acoustics sensor that has been deployed around the city of Xalapa in México, to obtain reliable information on the real-time density of vehicles. The levels of density were discretized and the obtained data samples were used to feed a traffic simulator, which allowed us to obtain a global picture of the density of the central area of the city. According to the specific levels of vehicle density at a specific moment and place, VANET applications may adapt the routing protocol in a real-time wayPeer ReviewedPostprint (published version

Recovery based time synchronization for wireless networks

Time synchronization schemes in Wireless Sensor Net-works have been subjected to various security threats and attacks. In this paper we throw light on some of these at-tacks. Nevertheless we are more concerned with the pulse delay attack which cannot be countered using any of the cryptographic techniques. We propose an algorithm called Resync algorithm which not only detects the delay attack but also aims to rectify the compromised node and intro-duce it back in the network for the synchronization process. In-depth analysis has been done in terms of the rate of suc-cess achieved in detecting multiple outliers ie nodes under attack and the level of accuracy obtained in the offset values after running the Resync algorithm

Monitoring the health and integrity of Wireless Sensor Networks

Wireless Sensor Networks (WSNs) will play a major role in the Internet of Things collecting the data that will support decision-making and enable the automation of many applications. Nevertheless, the introduction of these devices into our daily life raises serious concerns about their integrity. Therefore, at any given point, one must be able to tell whether or not a node has been compromised. Moreover, it is crucial to understand how the compromise of a particular node or set of nodes may affect the network operation. In this thesis, we present a framework to monitor the health and integrity of WSNs that allows us to detect compromised devices and comprehend how they might impact a network’s performance. We start by investigating the use of attestation to identify malicious nodes and advance the state of the art by exploring limitations of existing mechanisms. Firstly, we tackle effectiveness and scalability by combining attestation with measurements inspection and show that the right combination of both schemes can achieve high accuracy whilst significantly reducing power consumption. Secondly, we propose a novel stochastic software-based attestation approach that relaxes a fundamental and yet overlooked assumption made in the literature significantly reducing time and energy consumption while improving the detection rate of honest devices. Lastly, we propose a mathematical model to represent the health of a WSN according to its abilities to perform its functions. Our model combines the knowledge regarding compromised nodes with additional information that quantifies the importance of each node. In this context, we propose a new centrality measure and analyse how well existing metrics can rank the importance each sensor node has on the network connectivity. We demonstrate that while no measure is invariably better, our proposed metric outperforms the others in the vast majority of cases.Open Acces

Engineering Multimedia-Aware Personalized Ubiquitous Services

Ubiquitous computing focusing on users and tasks instead of devices and singular applications is an attractive vision for the future. Especially the idea of nomadic, mobile users poses new challenges on hardware and software. Mobile devices provide vastly different presentation capabilities and need to integrate into heterogeneous environments. Network bandwidth is far from being constant and services may be available only when online. This paper presents MUNDO, an infrastructure for ubiquitous computing that addresses these challenges. The infrastructure is intended to be non-monolithic with its parts supporting mobile computing using multi-modal user interfaces, mobile data delivery, and ad-hoc communication and networking

Demand-driven data acquisition for large scale fleets

Automakers manage vast fleets of connected vehicles and face an ever-increasing demand for their sensor readings. This demand originates from many stakeholders, each potentially requiring different sensors from different vehicles. Currently, this demand remains largely unfulfilled due to a lack of systems that can handle such diverse demands efficiently. Vehicles are usually passive participants in data acquisition, each continuously reading and transmitting the same static set of sensors. However, in a multi-tenant setup with diverse data demands, each vehicle potentially needs to provide different data instead. We present a system that performs such vehicle-specific minimization of data acquisition by mapping individual data demands to individual vehicles. We collect personal data only after prior consent and fulfill the requirements of the GDPR. Non-personal data can be collected by directly addressing individual vehicles. The system consists of a software component natively integrated with a major automaker’s vehicle platform and a cloud platform brokering access to acquired data. Sensor readings are either provided via near real-time streaming or as recorded trip files that provide specific consistency guarantees. A performance evaluation with over 200,000 simulated vehicles has shown that our system can increase server capacity on-demand and process streaming data within 269 ms on average during peak load. The resulting architecture can be used by other automakers or operators of large sensor networks. Native vehicle integration is not mandatory; the architecture can also be used with retrofitted hardware such as OBD readers. © 2021 by the authors. Licensee MDPI, Basel, Switzerland