SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin

WSN and RFID integration to support intelligent monitoring in smart buildings using hybrid intelligent decision support systems

The real time monitoring of environment context aware activities is becoming a standard in the service delivery in a wide range of domains (child and elderly care and supervision, logistics, circulation, and other). The safety of people, goods and premises depends on the prompt reaction to potential hazards identified at an early stage to engage appropriate control actions. This requires capturing real time data to process locally at the device level or communicate to backend systems for real time decision making. This research examines the wireless sensor network and radio frequency identification technology integration in smart homes to support advanced safety systems deployed upstream to safety and emergency response. These systems are based on the use of hybrid intelligent decision support systems configured in a multi-distributed architecture enabled by the wireless communication of detection and tracking data to support intelligent real-time monitoring in smart buildings. This paper introduces first the concept of wireless sensor network and radio frequency identification technology integration showing the various options for the task distribution between radio frequency identification and hybrid intelligent decision support systems. This integration is then illustrated in a multi-distributed system architecture to identify motion and control access in a smart building using a room capacity model for occupancy and evacuation, access rights and a navigation map automatically generated by the system. The solution shown in the case study is based on a virtual layout of the smart building which is implemented using the capabilities of the building information model and hybrid intelligent decision support system.The Saudi High Education Ministry and Brunel University (UK

Integrating the Supply Chain with RFID: A Technical and Business Analysis

This paper presents an in-depth analysis of the technical and business implications of adopting Radio Frequency Identification (RFID) in organizational settings. The year 2004 marked a significant shift toward adopting RFID because of mandates by large retailers and government organizations. The use of RFID technology is expected to increase rapidly in the next few years. At present, however, initial barriers against widespread adoption include standards, interoperability, costs, forward compatibility, and lack of familiarity. This paper describes basic components of an RFID system including tags, readers, and antennas and how they work together using an integrated supply chain model. Our analysis suggests that business needs to overcome human resource scarcity, security, legal and financial challenges and make informed decision regarding standards and process reengineering. The technology is not fully mature and suffers from issues of attenuation and interference. A laboratory experiment conducted by the authors\u27 shows that the middleware is not yet at a plug-and-play stage, which means that initial adopters need to spend considerable effort to integrate RFID into their existing business processes. Appendices contain a glossary of common RFID terms, a list of RFID vendors and detailed findings of the laboratory experiment. NOTE: BECAUSE OF THE ILLUSTRATIONS USED, THIS ARTICLE IS LONG; APPROXIMATELY 850KB IN BOTH JOURNAL AND ARTICLE VERSIO

RFID Traceability: A Multilayer Problem

RFID tags have very promising applications in many domains (retail, rental, surveillance, medicine to name a few). Unfortunately the use of these tags can have serious implications on the privacy of people carrying tagged items. Serious opposition from consumers has already thwarted several trials of this technology. The main fears associated with the tags is that they may allow other parties to covertly collect information about people or to trace them wherever they go. As long as these privacy issues remain unresolved, it will be impossible to reap the benefits of these new applications. Current solutions to privacy problems are typically limited to the application layer. RFID system have three layers, application, communication and physical. We demonstrate that privacy issues cannot be solved without looking at each layer separately. We also show that current solutions fail to address the multilayer aspect of privacy and as a result fail to protect it. For each layer we describe the main threats and give tentative solutions

Performance Analysis of Effective Range and Orientation of UHF Passive RFID

The purpose of this research is to characterize the performance of UHF passive RFID tags. Factors of importance are the impact of tag orientation and distance from the RFID reader. Within this study, a comprehensive literature review of RFID technology is presented as well as the methodology used for the research. Furthermore, an analysis of RFID tag experiments is discussed and the results reviewed. To accomplish this task, two main objectives have been established as goals for the study. The first objective is to determine an optimum tag orientation within the RFID reader’s normal read range. Once the optimum tag orientation is determined, the orientation is used to perform range variation tests. The end goal of these tests is to find the maximum range at which the tags are readable under normal conditions using standard equipment. Grasping an idea of RFID tag boundaries contributes to the security and privacy of the technology. This is extremely important as RFID tags are becoming the logistical tool of choice for Department of Defense (DoD) supply chains. This fundamental study creates a foundation that may support both offensive and defensive oriented research. By understanding tag weaknesses and strengths, users of the technology can make sound decisions that lead to the protection of valuable information and assets

An Energy-Efficient ECC Processor of UHF RFID Tag for Banknote Anti-Counterfeiting

In this paper, we present the design and analysis of an energy-efficient 163-b elliptic curve cryptographic (ECC) processor suitable for passive ultrahigh frequency (UHF) radio frequency identification (RFID) tags that are usable for banknote authentication and anti-counterfeiting. Even partial public key cryptographic functionality has long been thought to consume too much power and to be too slow to be usable in passive UHF RFID systems. Utilizing a low-power design strategy with optimized register file management and an architecture based on the López-Dahab Algorithm, we designed a low-power ECC processor that is used with a modified ECC-DH authentication protocol. The ECC-DH authentication protocol is compatible with the ISO/IEC 18000-63 (“Gen2”) passive UHF RFID protocol. The ECC processor requires 12 145 gate equivalents. The ECC processor consumes 5.04 nJ/b at a frequency of 960 kHz when implemented in a 0.13-μm standard CMOS process. The tag identity authentication function requires 30 600 cycles to complete all scalar multiplication operations. This size, speed, and power of the ECC processor makes it practical to use within a passive UHF RFID tag and achieve up to 1500 banknote authentications per minute, which is sufficient for use in the fastest banknote counting machines

Analysis of BFSA Based Anti-Collision Protocol in LF, HF, and UHF RFID Environments

Over the years, RFID (radio frequency identification) technology has gained popularity in a number of applications. The decreased cost of hardware components along with the recognition and implementation of international RFID standards have led to the rise of this technology. One of the major factors associated with the implementation of RFID infrastructure is the cost of tags. Low frequency (LF) RFID tags are widely used because they are the least expensive. The drawbacks of LF RFID tags include low data rate and low range. Most studies that have been carried out focus on one frequency band only. This thesis presents an analysis of RFID tags across low frequency (LF), high frequency (HF), and ultra-high frequency (UHF) environments. Analysis was carried out using a simulation model created using OPNET Modeler 17. The simulation model is based on the Basic Frame Slotted ALOHA (BFSA) protocol for non-unique tags. As this is a theoretical study, environmental disturbances have been assumed to be null. The total census delay and the network throughput have been measure for tags ranging from 0 to 1500 for each environment. A statistical analysis has been conducted in order to compare the results obtained for the three different sets