Trustworthiness Mechanisms for Long-Distance Networks in Internet of Things

Aquesta tesi té com a objectiu aconseguir un intercanvi de dades fiable en un entorn hostil millorant-ne la confiabilitat mitjançant el disseny d'un model complet que tingui en compte les diferents capes de confiabilitat i mitjançant la implementació de les contramesures associades al model. La tesi se centra en el cas d'ús del projecte SHETLAND-NET, amb l'objectiu de desplegar una arquitectura d'Internet de les coses (IoT) híbrida amb comunicacions LoRa i d'ona ionosfèrica d'incidència gairebé vertical (NVIS) per oferir un servei de telemetria per al monitoratge del “permafrost” a l'Antàrtida. Per complir els objectius de la tesi, en primer lloc, es fa una revisió de l'estat de l'art en confiabilitat per proposar una definició i l'abast del terme de confiança. Partint d'aquí, es dissenya un model de confiabilitat de quatre capes, on cada capa es caracteritza pel seu abast, mètrica per a la quantificació de la confiabilitat, contramesures per a la millora de la confiabilitat i les interdependències amb les altres capes. Aquest model permet el mesurament i l'avaluació de la confiabilitat del cas d'ús a l'Antàrtida. Donades les condicions hostils i les limitacions de la tecnologia utilitzada en aquest cas d’ús, es valida el model i s’avalua el servei de telemetria a través de simulacions en Riverbed Modeler. Per obtenir valors anticipats de la confiabilitat esperada, l'arquitectura proposada es modela per avaluar els resultats amb diferents configuracions previ al seu desplegament en proves de camp. L'arquitectura proposada passa per tres principals iteracions de millora de la confiabilitat. A la primera iteració, s'explora l'ús de mecanismes de consens i gestió de la confiança social per aprofitar la redundància de sensors. En la segona iteració, s’avalua l’ús de protocols de transport moderns per al cas d’ús antàrtic. L’última iteració d’aquesta tesi avalua l’ús d’una arquitectura de xarxa tolerant al retard (DTN) utilitzant el Bundle Protocol (BP) per millorar la confiabilitat del sistema. Finalment, es presenta una prova de concepte (PoC) amb maquinari real que es va desplegar a la campanya antàrtica 2021-2022, descrivint les proves de camp funcionals realitzades a l'Antàrtida i Catalunya.Esta tesis tiene como objetivo lograr un intercambio de datos confiable en un entorno hostil mejorando su confiabilidad mediante el diseño de un modelo completo que tenga en cuenta las diferentes capas de confiabilidad y mediante la implementación de las contramedidas asociadas al modelo. La tesis se centra en el caso de uso del proyecto SHETLAND-NET, con el objetivo de desplegar una arquitectura de Internet de las cosas (IoT) híbrida con comunicaciones LoRa y de onda ionosférica de incidencia casi vertical (NVIS) para ofrecer un servicio de telemetría para el monitoreo del “permafrost” en la Antártida. Para cumplir con los objetivos de la tesis, en primer lugar, se realiza una revisión del estado del arte en confiabilidad para proponer una definición y alcance del término confiabilidad. Partiendo de aquí, se diseña un modelo de confiabilidad de cuatro capas, donde cada capa se caracteriza por su alcance, métrica para la cuantificación de la confiabilidad, contramedidas para la mejora de la confiabilidad y las interdependencias con las otras capas. Este modelo permite la medición y evaluación de la confiabilidad del caso de uso en la Antártida. Dadas las condiciones hostiles y las limitaciones de la tecnología utilizada en este caso de uso, se valida el modelo y se evalúa el servicio de telemetría a través de simulaciones en Riverbed Modeler. Para obtener valores anticipados de la confiabilidad esperada, la arquitectura propuesta es modelada para evaluar los resultados con diferentes configuraciones previo a su despliegue en pruebas de campo. La arquitectura propuesta pasa por tres iteraciones principales de mejora de la confiabilidad. En la primera iteración, se explora el uso de mecanismos de consenso y gestión de la confianza social para aprovechar la redundancia de sensores. En la segunda iteración, se evalúa el uso de protocolos de transporte modernos para el caso de uso antártico. La última iteración de esta tesis evalúa el uso de una arquitectura de red tolerante al retardo (DTN) utilizando el Bundle Protocol (BP) para mejorar la confiabilidad del sistema. Finalmente, se presenta una prueba de concepto (PoC) con hardware real que se desplegó en la campaña antártica 2021-2022, describiendo las pruebas de campo funcionales realizadas en la Antártida y Cataluña.This thesis aims at achieving reliable data exchange over a harsh environment by improving its trustworthiness through the design of a complete model that takes into account the different layers of trustworthiness and through the implementation of the model’s associated countermeasures. The thesis focuses on the use case of the SHETLAND-NET project, aiming to deploy a hybrid Internet of Things (IoT) architecture with LoRa and Near Vertical Incidence Skywave (NVIS) communications to offer a telemetry service for permafrost monitoring in Antarctica. To accomplish the thesis objectives, first, a review of the state of the art in trustworthiness is carried out to propose a definition and scope of the trustworthiness term. From these, a four-layer trustworthiness model is designed, with each layer characterized by its scope, metric for trustworthiness accountability, countermeasures for trustworthiness improvement, and the interdependencies with the other layers. This model enables trustworthiness accountability and assessment of the Antarctic use case. Given the harsh conditions and the limitations of the use technology in this use case, the model is validated and the telemetry service is evaluated through simulations in Riverbed Modeler. To obtain anticipated values of the expected trustworthiness, the proposal has been modeled to evaluate the performance with different configurations prior to its deployment in the field. The proposed architecture goes through three major iterations of trustworthiness improvement. In the first iteration, using social trust management and consensus mechanisms is explored to take advantage of sensor redundancy. In the second iteration, the use of modern transport protocols is evaluated for the Antarctic use case. The final iteration of this thesis assesses using a Delay Tolerant Network (DTN) architecture using the Bundle Protocol (BP) to improve the system’s trustworthiness. Finally, a Proof of Concept (PoC) with real hardware that was deployed in the 2021-2022 Antarctic campaign is presented, describing the functional tests performed in Antarctica and Catalonia

Distributed scheduling algorithms for LoRa-based wide area cyber-physical systems

Low Power Wide Area Networks (LPWAN) are a class of wireless communication protocols that work over long distances, consume low power and support low datarates. LPWANs have been designed for monitoring applications, with sparse communication from nodes to servers and sparser from servers to nodes. Inspite of their initial design, LPWANs have the potential to target applications with higher and stricter requirements like those of Cyber-Physical Systems (CPS). Due to their long-range capabilities, LPWANs can specifically target CPS applications distributed over a wide-area, which is referred to as Wide-Area CPS (WA-CPS). Augmenting WA-CPSs with wireless communication would allow for more flexible, low-cost and easily maintainable deployment. However, wireless communications come with problems like reduced reliability and unpredictable latencies, making them harder to use for CPSs. With this intention, this thesis explores the use of LPWANs, specifically LoRa, to meet the communication and control requirements of WA-CPSs. The thesis focuses on using LoRa due to its high resilience to noise, several communication parameters to choose from and a freely modifiable communication stack and servers making it ideal for research and deployment. However, LoRaWAN suffers from low reliability due to its ALOHA channel access method. The thesis posits that "Distributed algorithms would increase the protocol's reliability allowing it to meet the requirements of WA-CPSs". Three different application scenarios are explored in this thesis that leverage unexplored aspects of LoRa to meet their requirements. The application scenarios are delay-tolerant vehicular networks, multi-stakeholder WA-CPS deployments and water distribution networks. The systems use novel algorithms to facilitate communication between the nodes and gateways to ensure a highly reliable system. The results outperform state-of-art techniques to prove that LoRa is currently under-utilised and can be used for CPS applications.Open Acces

A Survey and Future Directions on Clustering: From WSNs to IoT and Modern Networking Paradigms

Many Internet of Things (IoT) networks are created as an overlay over traditional ad-hoc networks such as Zigbee. Moreover, IoT networks can resemble ad-hoc networks over networks that support device-to-device (D2D) communication, e.g., D2D-enabled cellular networks and WiFi-Direct. In these ad-hoc types of IoT networks, efficient topology management is a crucial requirement, and in particular in massive scale deployments. Traditionally, clustering has been recognized as a common approach for topology management in ad-hoc networks, e.g., in Wireless Sensor Networks (WSNs). Topology management in WSNs and ad-hoc IoT networks has many design commonalities as both need to transfer data to the destination hop by hop. Thus, WSN clustering techniques can presumably be applied for topology management in ad-hoc IoT networks. This requires a comprehensive study on WSN clustering techniques and investigating their applicability to ad-hoc IoT networks. In this article, we conduct a survey of this field based on the objectives for clustering, such as reducing energy consumption and load balancing, as well as the network properties relevant for efficient clustering in IoT, such as network heterogeneity and mobility. Beyond that, we investigate the advantages and challenges of clustering when IoT is integrated with modern computing and communication technologies such as Blockchain, Fog/Edge computing, and 5G. This survey provides useful insights into research on IoT clustering, allows broader understanding of its design challenges for IoT networks, and sheds light on its future applications in modern technologies integrated with IoT.acceptedVersio

Intrusion Resilience Systems for Modern Vehicles

Current vehicular Intrusion Detection and Prevention Systems either incur high false-positive rates or do not capture zero-day vulnerabilities, leading to safety-critical risks. In addition, prevention is limited to few primitive options like dropping network packets or extreme options, e.g., ECU Bus-off state. To fill this gap, we introduce the concept of vehicular Intrusion Resilience Systems (IRS) that ensures the resilience of critical applications despite assumed faults or zero-day attacks, as long as threat assumptions are met. IRS enables running a vehicular application in a replicated way, i.e., as a Replicated State Machine, over several ECUs, and then requiring the replicated processes to reach a form of Byzantine agreement before changing their local state. Our study rides the mutation of modern vehicular environments, which are closing the gap between simple and resource-constrained "real-time and embedded systems", and complex and powerful "information technology" ones. It shows that current vehicle (e.g., Zonal) architectures and networks are becoming plausible for such modular fault and intrusion tolerance solutions,deemed too heavy in the past. Our evaluation on a simulated Automotive Ethernet network running two state-of-the-art agreement protocols (Damysus and Hotstuff) shows that the achieved latency and throughout are feasible for many Automotive applications

Achlys : Towards a framework for distributed storage and generic computing applications for wireless IoT edge networks with Lasp on GRiSP

Internet of Things (IoT) has gained substantial attention over the past years. And the main discussion has been how to process the amount of data that it generates which has lead to the edge computing paradigm. Wether it is called fog1, edge or mist, the principle remains that cloud services must become available closer to clients. This documents presents ongoing work on future edge systems that are built to provide steadfast IoT services to users by bringing storage and processing power closer to peripheral parts of networks. Designing such infrastructures is becoming much more challenging as the number of IoT devices keeps growing. Production grade deployments have to meet very high performance requirements, and end-to-end solutions involve significant investments. In this paper, we aim at providing a solution to extend the range of the edge model to the very farthest nodes in the network. Specifically, we focus on providing reliable storage and computation capabilities immediately on wireless IoT sensor nodes. This extended edge model will allow end users to manage their IoT ecosystem without forcibly relying on gateways or Internet provider solutions. In this document, we introduce Achlys, a prototype implementation of an edge node that is a concrete port of the Lasp programming library on the GRiSP Erlang embedded system. This way, we aim at addressing the need for a general purpose edge that is both resilient and consistent in terms of storage and network. Finally, we study example use cases that could take advantage of integrating the Achlys framework and discuss future work for the latter.Comment: 7 page

Internet of Things-aided Smart Grid: Technologies, Architectures, Applications, Prototypes, and Future Research Directions

Traditional power grids are being transformed into Smart Grids (SGs) to address the issues in existing power system due to uni-directional information flow, energy wastage, growing energy demand, reliability and security. SGs offer bi-directional energy flow between service providers and consumers, involving power generation, transmission, distribution and utilization systems. SGs employ various devices for the monitoring, analysis and control of the grid, deployed at power plants, distribution centers and in consumers' premises in a very large number. Hence, an SG requires connectivity, automation and the tracking of such devices. This is achieved with the help of Internet of Things (IoT). IoT helps SG systems to support various network functions throughout the generation, transmission, distribution and consumption of energy by incorporating IoT devices (such as sensors, actuators and smart meters), as well as by providing the connectivity, automation and tracking for such devices. In this paper, we provide a comprehensive survey on IoT-aided SG systems, which includes the existing architectures, applications and prototypes of IoT-aided SG systems. This survey also highlights the open issues, challenges and future research directions for IoT-aided SG systems

A pattern-based framework for the design of secure and dependable SDN/NFV-enabled networks

As the world becomes an interconnected network where objects and humans interact, cyber and physical networks appear to play an important role in smart ecosystems due to their increasing use on critical infrastructure and smart cities. Software Defined Networking (SDN) and Network Function Virtualisation (NFV) are a promising combination for programmable connectivity, rapid service provisioning and service chaining as they offer the necessary end-to-end optimisations. However, with the actual exponential growth of connected devices, future networks, such as SDN and NFV, require open architectures, facilitated by standards and a strong ecosystem.In this thesis, a model-based approach is proposed to support the design and verification of secure and dependable SDN/NFV-enabled networks. The model is based on the development of a pattern-based approach to design executable patterns as solutions for reusable designs and interactions of objects, encoded in a rule based reasoning system, able to guarantee security and dependability (S&D) properties in SDN/NFV enabled networks. To execute S&D patterns, a pattern based framework is implemented for the insertion of patterns at design and at runtime level. The developed pattern framework highlights also the benefit of leveraging the flexibility of SDN/NFV-enabled networks to deploy enhanced reactive security mechanisms for the protection of the industrial network via the use of service function chaining (SFC). To prove the importance of this approach and the functionality of the pattern framework, different pattern instances are implemented to guarantee S&D in network infrastructures. The developed design patterns are able to design network topologies, guarantee network properties and offer security service provisioning and chaining. Finally, in order to evaluate the developed patterns in the pattern framework, three different use cases are described, where a number of usage scenarios are deployed and evaluated experimentally