ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys

Sensor networks have many applications in monitoring and controlling of environmental properties such as sound, acceleration, vibration and temperature. Due to limited resources in computation capability, memory and energy, they are vulnerable to many kinds of attacks. The ZigBee specification based on the 802.15.4 standard, defines a set of layers specifically suited to sensor networks. These layers support secure messaging using symmetric cryptographic. This paper presents two different ways for grabbing the cryptographic key in ZigBee: remote attack and physical attack. It also surveys and categorizes some additional attacks which can be performed on ZigBee networks: eavesdropping, spoofing, replay and DoS attacks at different layers. From this analysis, it is shown that some vulnerabilities still in the existing security schema in ZigBee technology.Les xarxes de sensors tenen moltes aplicacions en el control i la monitorització de les propietats del medi ambient, com ara el so, l¿acceleració, la vibració i la temperatura. A causa dels limitats recursos en la capacitat de càlcul, la memòria i l'energia són vulnerables a molts tipus d'atacs. L'especificació ZigBee basada en l'estàndard 802.15.4, defineix un conjunt de capes, adaptada específicament per a xarxes de sensors. Aquestes capes suporten missatgeria segura mitjançant criptografia simètrica. Aquest article presenta dues formes diferents per agafar la clau de xifrat en ZigBee: atac a distància i atacs físics. També les enquesta i classifica alguns atacs addicionals que es poden realitzar en les xarxes ZigBee: espionatge, falsificació, reproducció i atacs DoS en les diferents capes. A partir d'aquesta anàlisi, es demostren algunes vulnerabilitats existents en l'esquema de seguretat en tecnologia ZigBee.Las redes de sensores tienen muchas aplicaciones en el control y la monitorización de las propiedades del medio ambiente, como el sonido, la aceleración, la vibración y la temperatura. Debido a los limitados recursos en la capacidad de cálculo, la memoria y la energía son vulnerables a muchos tipos de ataques. La especificación ZigBee basada en el estándar 802.15.4, define un conjunto de capas, adaptada específicamente para redes de sensores. Estas capas soportan mensajería segura mediante criptografía simétrica. Este artículo presenta dos formas diferentes para coger la clave de cifrado en ZigBee: ataque a distancia y ataques físicos. También las encuesta y clasifica algunos ataques adicionales que se pueden realizar en las redes ZigBee: espionaje, falsificación, reproducción y ataques DoS en las diferentes capas. A partir de este análisis, se demuestran algunas vulnerabilidades existentes en el esquema de seguridad en tecnología ZigBee

Evolving SDN for Low-Power IoT Networks

Software Defined Networking (SDN) offers a flexible and scalable architecture that abstracts decision making away from individual devices and provides a programmable network platform. However, implementing a centralized SDN architecture within the constraints of a low-power wireless network faces considerable challenges. Not only is controller traffic subject to jitter due to unreliable links and network contention, but the overhead generated by SDN can severely affect the performance of other traffic. This paper addresses the challenge of bringing high-overhead SDN architecture to IEEE 802.15.4 networks. We explore how traditional SDN needs to evolve in order to overcome the constraints of low-power wireless networks, and discuss protocol and architectural optimizations necessary to reduce SDN control overhead - the main barrier to successful implementation. We argue that interoperability with the existing protocol stack is necessary to provide a platform for controller discovery and coexistence with legacy networks. We consequently introduce {\mu}SDN, a lightweight SDN framework for Contiki, with both IPv6 and underlying routing protocol interoperability, as well as optimizing a number of elements within the SDN architecture to reduce control overhead to practical levels. We evaluate {\mu}SDN in terms of latency, energy, and packet delivery. Through this evaluation we show how the cost of SDN control overhead (both bootstrapping and management) can be reduced to a point where comparable performance and scalability is achieved against an IEEE 802.15.4-2012 RPL-based network. Additionally, we demonstrate {\mu}SDN through simulation: providing a use-case where the SDN configurability can be used to provide Quality of Service (QoS) for critical network flows experiencing interference, and we achieve considerable reductions in delay and jitter in comparison to a scenario without SDN

Atomic-SDN: Is Synchronous Flooding the Solution to Software-Defined Networking in IoT?

The adoption of Software Defined Networking (SDN) within traditional networks has provided operators the ability to manage diverse resources and easily reconfigure networks as requirements change. Recent research has extended this concept to IEEE 802.15.4 low-power wireless networks, which form a key component of the Internet of Things (IoT). However, the multiple traffic patterns necessary for SDN control makes it difficult to apply this approach to these highly challenging environments. This paper presents Atomic-SDN, a highly reliable and low-latency solution for SDN in low-power wireless. Atomic-SDN introduces a novel Synchronous Flooding (SF) architecture capable of dynamically configuring SF protocols to satisfy complex SDN control requirements, and draws from the authors' previous experiences in the IEEE EWSN Dependability Competition: where SF solutions have consistently outperformed other entries. Using this approach, Atomic-SDN presents considerable performance gains over other SDN implementations for low-power IoT networks. We evaluate Atomic-SDN through simulation and experimentation, and show how utilizing SF techniques provides latency and reliability guarantees to SDN control operations as the local mesh scales. We compare Atomic-SDN against other SDN implementations based on the IEEE 802.15.4 network stack, and establish that Atomic-SDN improves SDN control by orders-of-magnitude across latency, reliability, and energy-efficiency metrics

Transmission Delay of Multi-hop Heterogeneous Networks for Medical Applications

Nowadays, with increase in ageing population, Health care market keeps growing. There is a need for monitoring of Health issues. Body Area Network consists of wireless sensors attached on or inside human body for monitoring vital Health related problems e.g, Electro Cardiogram (ECG), ElectroEncephalogram (EEG), ElectronyStagmography(ENG) etc. Data is recorded by sensors and is sent towards Health care center. Due to life threatening situations, timely sending of data is essential. For data to reach Health care center, there must be a proper way of sending data through reliable connection and with minimum delay. In this paper transmission delay of different paths, through which data is sent from sensor to Health care center over heterogeneous multi-hop wireless channel is analyzed. Data of medical related diseases is sent through three different paths. In all three paths, data from sensors first reaches ZigBee, which is the common link in all three paths. After ZigBee there are three available networks, through which data is sent. Wireless Local Area Network (WLAN), Worldwide Interoperability for Microwave Access (WiMAX), Universal Mobile Telecommunication System (UMTS) are connected with ZigBee. Each network (WLAN, WiMAX, UMTS) is setup according to environmental conditions, suitability of device and availability of structure for that device. Data from these networks is sent to IP-Cloud, which is further connected to Health care center. Main aim of this paper is to calculate delay of each link in each path over multihop wireless channel.Comment: BioSPAN with 7th IEEE International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA 2012), Victoria, Canada, 201

Analyzing Delay in Wireless Multi-hop Heterogeneous Body Area Networks

With increase in ageing population, health care market keeps growing. There is a need for monitoring of health issues. Wireless Body Area Network (WBAN) consists of wireless sensors attached on or inside human body for monitoring vital health related problems e.g, Electro Cardiogram (ECG), Electro Encephalogram (EEG), ElectronyStagmography (ENG) etc. Due to life threatening situations, timely sending of data is essential. For data to reach health care center, there must be a proper way of sending data through reliable connection and with minimum delay. In this paper transmission delay of different paths, through which data is sent from sensor to health care center over heterogeneous multi-hop wireless channel is analyzed. Data of medical related diseases is sent through three different paths. In all three paths, data from sensors first reaches ZigBee, which is the common link in all three paths. Wireless Local Area Network (WLAN), Worldwide Interoperability for Microwave Access (WiMAX), Universal Mobile Telecommunication System (UMTS) are connected with ZigBee. Each network (WLAN, WiMAX, UMTS) is setup according to environmental conditions, suitability of device and availability of structure for that device. Data from these networks is sent to IP-Cloud, which is further connected to health care center. Delay of data reaching each device is calculated and represented graphically. Main aim of this paper is to calculate delay of each link in each path over multi-hop wireless channel.Comment: arXiv admin note: substantial text overlap with arXiv:1208.240

PluralisMAC: a generic multi-MAC framework for heterogeneous, multiservice wireless networks, applied to smart containers

Developing energy-efficient MAC protocols for lightweight wireless systems has been a challenging task for decades because of the specific requirements of various applications and the varying environments in which wireless systems are deployed. Many MAC protocols for wireless networks have been proposed, often custom-made for a specific application. It is clear that one MAC does not fit all the requirements. So, how should a MAC layer deal with an application that has several modes (each with different requirements) or with the deployment of another application during the lifetime of the system? Especially in a mobile wireless system, like Smart Monitoring of Containers, we cannot know in advance the application state (empty container versus stuffed container). Dynamic switching between different energy-efficient MAC strategies is needed. Our architecture, called PluralisMAC, contains a generic multi-MAC framework and a generic neighbour monitoring and filtering framework. To validate the real-world feasibility of our architecture, we have implemented it in TinyOS and have done experiments on the TMote Sky nodes in the w-iLab.t testbed. Experimental results show that dynamic switching between MAC strategies is possible with minimal receive chain overhead, while meeting the various application requirements (reliability and low-energy consumption)

Exploiting programmable architectures for WiFi/ZigBee inter-technology cooperation

The increasing complexity of wireless standards has shown that protocols cannot be designed once for all possible deployments, especially when unpredictable and mutating interference situations are present due to the coexistence of heterogeneous technologies. As such, flexibility and (re)programmability of wireless devices is crucial in the emerging scenarios of technology proliferation and unpredictable interference conditions. In this paper, we focus on the possibility to improve coexistence performance of WiFi and ZigBee networks by exploiting novel programmable architectures of wireless devices able to support run-time modifications of medium access operations. Differently from software-defined radio (SDR) platforms, in which every function is programmed from scratch, our programmable architectures are based on a clear decoupling between elementary commands (hard-coded into the devices) and programmable protocol logic (injected into the devices) according to which the commands execution is scheduled. Our contribution is two-fold: first, we designed and implemented a cross-technology time division multiple access (TDMA) scheme devised to provide a global synchronization signal and allocate alternating channel intervals to WiFi and ZigBee programmable nodes; second, we used the OMF control framework to define an interference detection and adaptation strategy that in principle could work in independent and autonomous networks. Experimental results prove the benefits of the envisioned solution

Isolating SDN Control Traffic with Layer-2 Slicing in 6TiSCH Industrial IoT Networks

Recent standardization efforts in IEEE 802.15.4-2015 Time Scheduled Channel Hopping (TSCH) and the IETF 6TiSCH Working Group (WG), aim to provide deterministic communications and efficient allocation of resources across constrained Internet of Things (IoT) networks, particularly in Industrial IoT (IIoT) scenarios. Within 6TiSCH, Software Defined Networking (SDN) has been identified as means of providing centralized control in a number of key situations. However, implementing a centralized SDN architecture in a Low Power and Lossy Network (LLN) faces considerable challenges: not only is controller traffic subject to jitter due to unreliable links and network contention, but the overhead generated by SDN can severely affect the performance of other traffic. This paper proposes using 6TiSCH tracks, a Layer-2 slicing mechanism for creating dedicated forwarding paths across TSCH networks, in order to isolate the SDN control overhead. Not only does this prevent control traffic from affecting the performance of other data flows, but the properties of 6TiSCH tracks allows deterministic, low-latency SDN controller communication. Using our own lightweight SDN implementation for Contiki OS, we firstly demonstrate the effect of SDN control traffic on application data flows across a 6TiSCH network. We then show that by slicing the network through the allocation of dedicated resources along a SDN control path, tracks provide an effective means of mitigating the cost of SDN control overhead in IEEE 802.15.4-2015 TSCH networks