Security Frameworks for Machine-to-Machine Devices and Networks

Attacks against mobile systems have escalated over the past decade. There have been increases of fraud, platform attacks, and malware. The Internet of Things (IoT) offers a new attack vector for Cybercriminals. M2M contributes to the growing number of devices that use wireless systems for Internet connection. As new applications and platforms are created, old vulnerabilities are transferred to next-generation systems. There is a research gap that exists between the current approaches for security framework development and the understanding of how these new technologies are different and how they are similar. This gap exists because system designers, security architects, and users are not fully aware of security risks and how next-generation devices can jeopardize safety and personal privacy. Current techniques, for developing security requirements, do not adequately consider the use of new technologies, and this weakens countermeasure implementations. These techniques rely on security frameworks for requirements development. These frameworks lack a method for identifying next generation security concerns and processes for comparing, contrasting and evaluating non-human device security protections. This research presents a solution for this problem by offering a novel security framework that is focused on the study of the “functions and capabilities” of M2M devices and improves the systems development life cycle for the overall IoT ecosystem

Técnicas de segurança para a internet das coisas

Mestrado em Engenharia de Computadores e TelemáticaIoT assume que dispositivos limitados, tanto em capacidades computacionais como em energia disponível, façam parte da sua infraestrutura. Dispositivos esses que apresentam menos capacidades e mecanismos de defesa do que as máquinas de uso geral. É imperativo aplicar segurança nesses dispositivos e nas suas comunicações de maneira a prepará-los para as ameaças da Internet e alcançar uma verdadeira e segura Internet das Coisas, em concordância com as visões atuais para o futuro. Esta dissertação pretende ser um pequeno passo nesse sentido, apresentando alternativas para proteger as comunicações de dispositivos restritos numa perspetiva de performance assim como avaliar o desempenho e a ocupação de recursos por parte de primitivas criptográficas quando são aplicadas em dispositivos reais. Dado que a segurança em diversas ocasiões tem de se sujeitar aos recursos deixados após a implementação de funcionalidades, foi colocada uma implementação de exposição de funcionalidades, recorrendo ao uso de CoAP, num dispositivo fabricado com intenção de ser usado em IoT e avaliada de acordo com a sua ocupação de recursos.IoT comprehends devices constrained in both computational capabilities and available energy to be a part of its infrastructure. Devices which also present less defense capabilities and mechanisms than general purpose machines. It’s imperative to secure such devices and their communications in order to prepare them for the Internet menaces and achieve a true and secure Internet of Things compliant with today’s future visions. This dissertation intends to be a small step towards such future by presenting alternatives to protect constrained device’s communications in a performance related perspective as well as benchmarks and evaluation of resources used by cryptographic primitives when implemented on real devices. Due to security being on multiple occasions subjected to the resources available only after functionalities implementation, a minimalist implementation of functionalities exposure through the use of CoAP was also deployed in an IoT intended device and assessed according to resource overhead

Distributing intelligence in the wireless control of a mobile robot using a personal digital assistant

Personal Digital Assistants (PDAs) have recently become a popular component in mobile robots. This compact processing device with its touch screen, variety of built-in features, wireless technologies and affordability can perform various roles within a robotic system. Applications include low-cost prototype development, rapid prototyping, low-cost humanoid robots, robot control, robot vision systems, algorithm development, human-robot interaction, mobile user interfaces as well as wireless robot communication schemes. Limits on processing power, memory, battery life and screen size impact the usefulness of a PDA in some applications. In addition various implementation strategies exist, each with its own strengths and weaknesses. No comparison of the advantages and disadvantages of the different strategies and resulting architectures exist. This makes it difficult for designers to decide on the best use of a PDA within their mobile robot system. This dissertation examines and compares the available mobile robot architectures. A thorough literature study identifies robot projects using a PDA and examines how the designs incorporate a PDA and what purpose it fulfils within the system it forms part of. The dissertation categorises the architectures according to the role of the PDA within the robot system. The hypothesis is made that using a distributed control system architecture makes optimal use of the rich feature set gained from including a PDA in a robot system’s design and simultaneously overcomes the device’s inherent shortcomings. This architecture is developed into a novel distributed intelligence framework that is supported by a hybrid communications architecture, using two wireless connection schemes. A prototype implementation illustrates the framework and communications architecture in action. Various performance measurements are taken in a test scenario for an office robot. The results indicate that the proposed framework does deliver performance gains and is a viable alternative for future projects in this area