Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.Ministerio de Economía y CompetitividadUniversidad de Alcal

A Semantic Interoperability Model Based on the IEEE 1451 Family of Standards Applied to the Industry 4.0

The Internet of Things (IoT) has been growing recently. It is a concept for connecting billions of smart devices through the Internet in different scenarios. One area being developed inside the IoT in industrial automation, which covers Machine-to-Machine (M2M) and industrial communications with an automatic process, emerging the Industrial Internet of Things (IIoT) concept. Inside the IIoT is developing the concept of Industry 4.0 (I4.0). That represents the fourth industrial revolution and addresses the use of Internet technologies to improve the production efficiency of intelligent services in smart factories. I4.0 is composed of a combination of objects from the physical world and the digital world that offers dedicated functionality and flexibility inside and outside of an I4.0 network. The I4.0 is composed mainly of Cyber-Physical Systems (CPS). The CPS is the integration of the physical world and its digital world, i.e., the Digital Twin (DT). It is responsible for realising the intelligent cross-link application, which operates in a self-organised and decentralised manner, used by smart factories for value creation. An area where the CPS can be implemented in manufacturing production is developing the Cyber-Physical Production System (CPPS) concept. CPPS is the implementation of Industry 4.0 and CPS in manufacturing and production, crossing all levels of production between the autonomous and cooperative elements and sub-systems. It is responsible for connecting the virtual space with the physical world, allowing the smart factories to be more intelligent, resulting in better and smart production conditions, increasing productivity, production efficiency, and product quality. The big issue is connecting smart devices with different standards and protocols. About 40% of the benefits of the IoT cannot be achieved without interoperability. This thesis is focused on promoting the interoperability of smart devices (sensors and actuators) inside the IIoT under the I4.0 context. The IEEE 1451 is a family of standards developed to manage transducers. This standard reaches the syntactic level of interoperability inside Industry 4.0. However, Industry 4.0 requires a semantic level of communication not to exchange data ambiguously. A new semantic layer is proposed in this thesis allowing the IEEE 1451 standard to be a complete framework for communication inside the Industry 4.0 to provide an interoperable network interface with users and applications to collect and share the data from the industry field.A Internet das Coisas tem vindo a crescer recentemente. É um conceito que permite conectar bilhões de dispositivos inteligentes através da Internet em diferentes cenários. Uma área que está sendo desenvolvida dentro da Internet das Coisas é a automação industrial, que abrange a comunicação máquina com máquina no processo industrial de forma automática. Essa interligação, representa o conceito da Internet das Coisas Industrial. Dentro da Internet das Coisas Industrial está a desenvolver o conceito de Indústria 4.0 (I4.0). Isso representa a quarta revolução industrial que aborda o uso de tecnologias utilizadas na Internet para melhorar a eficiência da produção de serviços em fábricas inteligentes. A Indústria 4.0 é composta por uma combinação de objetos do mundo físico e do mundo da digital que oferece funcionalidade dedicada e flexibilidade dentro e fora de uma rede da Indústria 4.0. O I4.0 é composto principalmente por Sistemas Ciberfísicos. Os Sistemas Ciberfísicos permitem a integração do mundo físico com seu representante no mundo digital, por meio do Gémeo Digital. Sistemas Ciberfísicos são responsáveis por realizar a aplicação inteligente da ligação cruzada, que opera de forma auto-organizada e descentralizada, utilizada por fábricas inteligentes para criação de valor. Uma área em que o Sistema Ciberfísicos pode ser implementado na produção manufatureira, isso representa o desenvolvimento do conceito Sistemas de Produção Ciberfísicos. Esse sistema é a implementação da Indústria 4.0 e Sistema Ciberfísicos na fabricação e produção. A cruzar todos os níveis desde a produção entre os elementos e subsistemas autónomos e cooperativos. Ele é responsável por conectar o espaço virtual com o mundo físico, permitindo que as fábricas inteligentes sejam mais inteligentes, resultando em condições de produção melhores e inteligentes, aumentando a produtividade, a eficiência da produção e a qualidade do produto. A grande questão é como conectar dispositivos inteligentes com diferentes normas e protocolos. Cerca de 40% dos benefícios da Internet das Coisas não podem ser alcançados sem interoperabilidade. Esta tese está focada em promover a interoperabilidade de dispositivos inteligentes (sensores e atuadores) dentro da Internet das Coisas Industrial no contexto da Indústria 4.0. O IEEE 1451 é uma família de normas desenvolvidos para gerenciar transdutores. Esta norma alcança o nível sintático de interoperabilidade dentro de uma indústria 4.0. No entanto, a Indústria 4.0 requer um nível semântico de comunicação para não haver a trocar dados de forma ambígua. Uma nova camada semântica é proposta nesta tese permitindo que a família de normas IEEE 1451 seja um framework completo para comunicação dentro da Indústria 4.0. Permitindo fornecer uma interface de rede interoperável com utilizadores e aplicações para recolher e compartilhar os dados dentro de um ambiente industrial.This thesis was developed at the Measurement and Instrumentation Laboratory (IML) in the University of Beira Interior and supported by the portuguese project INDTECH 4.0 – Novas tecnologias para fabricação, que tem como objetivo geral a conceção e desenvolvimento de tecnologias inovadoras no contexto da Indústria 4.0/Factories of the Future (FoF), under the number POCI-01-0247-FEDER-026653

CoAP and MQTT Measurements over LoRaWAN

Abstract. Internet of Things (IoT) enables the system of interrelated computing devices such as sensors and actuators. Thus, IoT faces few challenges to execute predefined functionalities during device-to-device communication. Low latency, high bandwidth, privacy, security, reliability, resource and energy efficiency are key challenges in the IoT paradigm. The fundamental requirement includes uninterrupted secure and reliable services. The challenges become even more controversial for low powered IoT devices during information over the long-distance (measured in kilometer) especially when the bandwidth is subject to free of cost. Different network layer supports are required for present Internet of Things (IoT) solutions — from applications at a higher level to media-based support at a lower level. The interoperability of the fragmented IoT solutions are being enabled by various emerging integration platforms. However, Long-Range Wireless Area Network (LoRaWAN) is used to exchange small data packet in such long distance. On the other hand, IoT required suitable communication protocols for power critical IoT devices. Many studies show the possibility of using Message Queue Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) as two major enabling IoT communication protocols to act as middleware to obtain low power consumption, sporadic transmission, and robustness to interference. The main basis of the thesis work is to measure and analysis the performance of the MQTT protocol over LoRaWAN. To implement the analytical approach, MQTT and CoAP protocols are used as a transport vehicle or interoperability middleware on a full TCP/IP-stack to connect end devices, and data transmit over the LoRaWAN. This thesis performed the analytical performance for different Spreading Factors (SF) or Data Rates (DR) along with different payload sizes (the message length) over LoRaWAN by using MQTT and CoAP protocols. In LoRaWAN, the Receive_Delay1 and Receive_Delay2, the minimum time duration needed to establish an MQTT connection is one second for Receive_Delay1, while the maximum is two seconds for Receive_Delay2. The analysis shows for uplink and downlink time and proposes various important facts for future aspects

Sistema de comunicação sem fios de suporte à monitorização ambiental

Poor indoor air quality in classrooms can lead to decreased students’ performance, and affect the health and comfort of the occupants. The purpose of this dissertation is to deploy a system for environmental monitoring support through wireless communications technologies and long range networks. The prototype developed allows to collect continuous measurement of temperature, relative humidity, Volatile Organic Compounds (VOC), air pressure, oxygen and carbon dioxide. Evaluations were done using LoRaWAN protocol in selected classrooms during the winter semester at University of Aveiro. It demonstrates how to collect, integrate, analyse, and visualize real-time air quality data collected.A má qualidade do ar no interior das salas de aula pode levar à diminuição do desempenho dos alunos, uma vez que a qualidade do ar é um factor fundamental a ser controlado para garantir a saúde e o conforto dos ocupantes. Esta dissertação tem como objectivo desenvolver um sistema de suporte à monitorização ambiental através de tecnologias de comunicação sem fios e de redes de longo alcance. O protótipo desenvolvido permite recolher medições contínuas de temperatura, humidade relativa, Compostos Orgânicos Voláteis (VOC), pressão do ar, oxigénio e dióxido de carbono. Foram realizados testes em salas de aulas selecionadas durante o semestre de inverno na Universidade de Aveiro usando o protocolo LoRaWAN. É demonstrado como recolher, integrar, analisar e visualizar em tempo real os dados obtidos.Mestrado em Engenharia de Computadores e Telemátic

On the aspects of iot protocols specification and checking

Тіменко, А. В. Щодо аспектів специфікації і перевірки протоколів інтернету речей = On the aspects of iot protocols specification and checking / А. В. Тіменко // Shipbuilding & Marine Infrastructure. – 2019. – № 2 (12). – С. 35–41.Анотація. Сучасний рівень складності різноманітних програмних систем зумовлює потребу адаптації та доопрацювання процесу розроблення таких систем належним чином. Показовими прикладами останніх є системи, побудовані згідно з концепцією Інтернету речей, що, зокрема, передбачає застосування спеціалізованих протоколів взаємодії компонентів. Концепція Інтернету речей охоплює мільярди різнорідних «розумних» пристроїв, що взаємодіють один з одним на основі різноманітних протоколів. З огляду на варіативність протоколів взаємодії та їх реалізацій виникає проблема сумісності таких пристроїв. Разом із цим варто відзначити, що під час проектування різного роду систем, наприклад систем критичного призначення, все більшого поширення набуває використання формальних методів, зокрема методів перевірки на моделі. Робота адресується вирішенню проблеми перевірки сумісності компонентів систем Інтернету речей шляхом автоматизованого застосування методів перевірки на моделі. Мета роботи – запропонувати підхід до вирішення проблеми перевірки сумісності компонентів систем Інтернету речей за рахунок застосування методу перевірки на моделі. Методика полягає в наступному: спочатку синтезується абстрактна специфікація, потім ця специфікація деталізується і перевіряється методом перевірки на моделі в автоматизованому режимі. Як результат запропоновано підхід до перевірки сумісності компонентів систем Інтернету речей, що полягає в автоматизованій формальній верифікації протоколів взаємодії. Синтез специфікації протоколу MQTT згідно з запропонованим підходом розглядається як тематичне дослідження.Abstract. Modern level of diverse software systems complexity stipulates the engineering process to be adapted and refined appropriately. The demonstrative examples of such systems are the ones from the Internet of Things domain that, in particular, imply the usage of specialized communication protocols. The concept of the Internet of Things encompasses the billions of heterogeneous smart devices communicating to each other through different protocols. Taking into consideration the variation of communication protocols and its implementations, the interoperability problem arises. Moreover, it should be noted that during the designing of diverse systems, the safety-critical ones in particular, the practice of formal methods usage, especially the model checkers, is becoming more and more popular. The work is addressed to solving the interoperability problem of the Internet of Things domain by way of automated model checking. Goal – to propose an approach to solving the interoperability problem in the Internet of Things domain by way of model checking method usage. The technique applied is as follows: synthesize the abstract specification first, and then this specification should be detailed and formally checked in an automated manner. Results obtained – an approach to checking the interoperability between the components of the Internet of Things system has been proposed. The approach is based on automated formal verification of communication protocols. Synthesis of MQTT protocol specification has been considered as a case study. The novelty of work is about the interpretation of interoperability checking problem from the viewpoint of consistency at communication protocols level. The practical value of the results obtained is about the possibility of application of the approach proposed in order to exclude the unexpected scenarios of the Internet of Things System’s components communication, communication failures in particular

Safe Intelligent Driver Assistance System in V2X Communication Environments based on IoT

In the modern world, power and speed of cars have increased steadily, as traffic continued to increase. At the same time highway-related fatalities and injuries due to road incidents are constantly growing and safety problems come first. Therefore, the development of Driver Assistance Systems (DAS) has become a major issue. Numerous innovations, systems and technologies have been developed in order to improve road transportation and safety. Modern computer vision algorithms enable cars to understand the road environment with low miss rates. A number of Intelligent Transportation Systems (ITSs), Vehicle Ad-Hoc Networks (VANETs) have been applied in the different cities over the world. Recently, a new global paradigm, known as the Internet of Things (IoT) brings new idea to update the existing solutions. Vehicle-to-Infrastructure communication based on IoT technologies would be a next step in intelligent transportation for the future Internet-of-Vehicles (IoV). The overall purpose of this research was to come up with a scalable IoT solution for driver assistance, which allows to combine safety relevant information for a driver from different types of in-vehicle sensors, in-vehicle DAS, vehicle networks and driver`s gadgets. This study brushed up on the evolution and state-of-the-art of Vehicle Systems. Existing ITSs, VANETs and DASs were evaluated in the research. The study proposed a design approach for the future development of transport systems applying IoT paradigm to the transport safety applications in order to enable driver assistance become part of Internet of Vehicles (IoV). The research proposed the architecture of the Safe Intelligent DAS (SiDAS) based on IoT V2X communications in order to combine different types of data from different available devices and vehicle systems. The research proposed IoT ARM structure for SiDAS, data flow diagrams, protocols. The study proposes several IoT system structures for the vehicle-pedestrian and vehicle-vehicle collision prediction as case studies for the flexible SiDAS framework architecture. The research has demonstrated the significant increase in driver situation awareness by using IoT SiDAS, especially in NLOS conditions. Moreover, the time analysis, taking into account IoT, Cloud, LTE and DSRS latency, has been provided for different collision scenarios, in order to evaluate the overall system latency and ensure applicability for real-time driver emergency notification. Experimental results demonstrate that the proposed SiDAS improves traffic safety

Denial of service attack detection through machine learning for the IoT

Sustained Internet of Things (IoT) deployment and functioning are heavily reliant on the use of effective data communication protocols. In the IoT landscape, the publish/subscribe-based Message Queuing Telemetry Transport (MQTT) protocol is popular. Cyber security threats against the MQTT protocol are anticipated to increase at par with its increasing use by IoT manufacturers. In particular, IoT is vulnerable to protocol-based Application layer Denial of Service (DoS) attacks, which have been known to cause widespread service disruption in legacy systems. In this paper, we propose an Application layer DoS attack detection framework for the MQTT protocol and test the scheme on legitimate and protocol compliant DoS attack scenarios. To protect the MQTT message brokers from such attacks, we propose a machine learning-based detection framework developed for the MQTT protocol. Through experiments, we demonstrate the impact of such attacks on various MQTT brokers and evaluate the effectiveness of the proposed framework to detect these malicious attacks. The results obtained indicate that the attackers can overwhelm the server resources even when legitimate access was denied to MQTT brokers and resources have been restricted. In addition, the MQTT features we have identified showed high attack detection accuracy. The field size and length-based features drastically reduced the false-positive rates and are suitable in detecting IoT based attacks

Cyber-Physical Systems: a multi-criteria assessment for Internet-of-Things (IoT) systems

This research work was partially supported by funds provided by the European Commission in the scope of FoF/H2020-636909 C2NET, FoF/H2020-723710 vf-OS and ICT/H2020-825631 ZDMP.This article addresses a multi-criteria decision problem regarding the more suitable device (system) to perform a task for cyber-physical systems. New embedded systems provided everyday makes engineers’ decision very difficult. Components are proposed to formally describe solutions, criteria, constraints and priorities, taking into account users’ specific aspects. To materialise all formal descriptions, a model-driven approach is followed, allowing the design of enablers for interoperability with standards. It is enabled the use of different software languages and decision methods. Proposed framework enables a better Internet-of-Things system selection, and therefore stakeholders can perform a more suitable design of their cyber-physical enterprise systems.authorsversioninpres

Intelligent one-class classifiers for the development of an intrusion detection system: the MQTT case study

[Abstarct] The ever-increasing number of smart devices connected to the internet poses an unprecedented security challenge. This article presents the implementation of an Intrusion Detection System (IDS) based on the deployment of different one-class classifiers to prevent attacks over the Internet of Things (IoT) protocol Message Queuing Telemetry Transport (MQTT). The utilization of real data sets has allowed us to train the one-class algorithms, showing a remarkable performance in detecting attacks