Contributions to Securing Software Updates in IoT

The Internet of Things (IoT) is a large network of connected devices. In IoT, devices can communicate with each other or back-end systems to transfer data or perform assigned tasks. Communication protocols used in IoT depend on target applications but usually require low bandwidth. On the other hand, IoT devices are constrained, having limited resources, including memory, power, and computational resources. Considering these limitations in IoT environments, it is difficult to implement best security practices. Consequently, network attacks can threaten devices or the data they transfer. Thus it is crucial to react quickly to emerging vulnerabilities. These vulnerabilities should be mitigated by firmware updates or other necessary updates securely. Since IoT devices usually connect to the network wirelessly, such updates can be performed Over-The-Air (OTA). This dissertation presents contributions to enable secure OTA software updates in IoT. In order to perform secure updates, vulnerabilities must first be identified and assessed. In this dissertation, first, we present our contribution to designing a maturity model for vulnerability handling. Next, we analyze and compare common communication protocols and security practices regarding energy consumption. Finally, we describe our designed lightweight protocol for OTA updates targeting constrained IoT devices. IoT devices and back-end systems often use incompatible protocols that are unable to interoperate securely. This dissertation also includes our contribution to designing a secure protocol translator for IoT. This translation is performed inside a Trusted Execution Environment (TEE) with TLS interception. This dissertation also contains our contribution to key management and key distribution in IoT networks. In performing secure software updates, the IoT devices can be grouped since the updates target a large number of devices. Thus, prior to deploying updates, a group key needs to be established among group members. In this dissertation, we present our designed secure group key establishment scheme. Symmetric key cryptography can help to save IoT device resources at the cost of increased key management complexity. This trade-off can be improved by integrating IoT networks with cloud computing and Software Defined Networking (SDN).In this dissertation, we use SDN in cloud networks to provision symmetric keys efficiently and securely. These pieces together help software developers and maintainers identify vulnerabilities, provision secret keys, and perform lightweight secure OTA updates. Furthermore, they help devices and systems with incompatible protocols to be able to interoperate

RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air

Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe though that most prior art solutions are public key-based, they are not flexible with respect to firmware image distribution principles and it is challenging to make a design with good Denial-Of-Service (DoS) attacks resistance. Apart from often being rather resource demanding, a limitation with current public key-based solutions is that they are not quantum computer resistant. Hence, in this paper, we take a new look into the firmware upgrade problem and propose RoSym, a secure, firmware distribution principle agnostic, and DoS protected upgrade mechanism purely based on symmetric cryptography. We present an experimental evaluation on a real testbed environment for the scheme. The results show that the scheme is efficient in comparison to other state of the art solutions. We also make a formal security verification of RoSym showing that it is robust against different attacks

Efficient Security Protocols for Constrained Devices

During the last decades, more and more devices have been connected to the Internet.Today, there are more devices connected to the Internet than humans.An increasingly more common type of devices are cyber-physical devices.A device that interacts with its environment is called a cyber-physical device.Sensors that measure their environment and actuators that alter the physical environment are both cyber-physical devices.Devices connected to the Internet risk being compromised by threat actors such as hackers.Cyber-physical devices have become a preferred target for threat actors since the consequence of an intrusion disrupting or destroying a cyber-physical system can be severe.Cyber attacks against power and energy infrastructure have caused significant disruptions in recent years.Many cyber-physical devices are categorized as constrained devices.A constrained device is characterized by one or more of the following limitations: limited memory, a less powerful CPU, or a limited communication interface.Many constrained devices are also powered by a battery or energy harvesting, which limits the available energy budget.Devices must be efficient to make the most of the limited resources.Mitigating cyber attacks is a complex task, requiring technical and organizational measures.Constrained cyber-physical devices require efficient security mechanisms to avoid overloading the systems limited resources.In this thesis, we present research on efficient security protocols for constrained cyber-physical devices.We have implemented and evaluated two state-of-the-art protocols, OSCORE and Group OSCORE.These protocols allow end-to-end protection of CoAP messages in the presence of untrusted proxies.Next, we have performed a formal protocol verification of WirelessHART, a protocol for communications in an industrial control systems setting.In our work, we present a novel attack against the protocol.We have developed a novel architecture for industrial control systems utilizing the Digital Twin concept.Using a state synchronization protocol, we propagate state changes between the digital and physical twins.The Digital Twin can then monitor and manage devices.We have also designed a protocol for secure ownership transfer of constrained wireless devices. Our protocol allows the owner of a wireless sensor network to transfer control of the devices to a new owner.With a formal protocol verification, we can guarantee the security of both the old and new owners.Lastly, we have developed an efficient Private Stream Aggregation (PSA) protocol.PSA allows devices to send encrypted measurements to an aggregator.The aggregator can combine the encrypted measurements and calculate the decrypted sum of the measurements.No party will learn the measurement except the device that generated it

Distributed multimedia systems

A distributed multimedia system (DMS) is an integrated communication, computing, and information system that enables the processing, management, delivery, and presentation of synchronized multimedia information with quality-of-service guarantees. Multimedia information may include discrete media data, such as text, data, and images, and continuous media data, such as video and audio. Such a system enhances human communications by exploiting both visual and aural senses and provides the ultimate flexibility in work and entertainment, allowing one to collaborate with remote participants, view movies on demand, access on-line digital libraries from the desktop, and so forth. In this paper, we present a technical survey of a DMS. We give an overview of distributed multimedia systems, examine the fundamental concept of digital media, identify the applications, and survey the important enabling technologies.published_or_final_versio

Development of a virtual personal video recorder based on a set top box

Estágio realizado na Fraunhofer Portugal ResearchTese de mestrado integrado. Engenharia Electrotécnica e de Computadores (Major Telecomunicações). Faculdade de Engenharia. Universidade do Porto. 200

Remote service usage through SIP with multimedia access as a use case

The IP Multimedia Subsystem is under deployment, as an IP-based service control and access infrastructure, but how it interconnects with residential appliances is currently unclear. With IMS access for the residential appliances they can be used as both service consumers and service providers. In this paper we present a protocol which allows residential services to be remotely invoked, through the IMS, and consumed in a different network, along with a prototype implementation and early results. With our protocol services of two distinct service protocol systems can cooperate

Performance evaluation of information and communications technology infrastructure for smart distribution network applications

This thesis was submitted for the degree of Master of Philosophy and awarded by Brunel University.Current electrical networks require secure, scalable and cost-effective Information and Communications Technology (ICT) solutions to facilitate the novel functionalities required by Smart Grids. Countries around the globe are investigating alternative energy sources to mitigate the current energy crisis and environmental issues experienced by many countries due to global warming, rapid growth of population, inefficient energy management, dwindling fossil fuel resources, etc. Therefore, alternative or renewable energy sources, such as wind, solar, hydro, combined heat and power, etc., are required to mitigate such a crisis and such sources will also need to be integrated in to the power grid in a distributed manner. Such distributed energy sources are mainly connected to the distribution networks and introduce huge challenges to the distribution network operator (DNO). Many of these challenges cannot be dealt with effectively using existing network operation mechanisms therefore the research and development of novel ICT solutions to support smart distribution network operation is required. This research investigated suitable ICT solutions to enable the Smart Grid to tackle these challenges and proposes ICT infrastructure models that can be used for simulation studies in order to investigate cost-effective, scalable and secure solutions for the DNOs. Initially, a Quality of Service (QoS) monitoring test-bed was proposed to evaluate the performance of bandwidth intensive applications, such as smart meter data transmission. Simulation studies for different communication technologies, cellular and Power Line Communication (PLC), were also carried out and the simulation models were verified using experimental test results. Finally, the modelling and analysis of smart metering infrastructure was carried out using simulation and extensive studies were performed to evaluate the data transmission rate performance for different configurations of smart meters and concentrators

A Structured Approach to Securing the Connected Car

<p>Vehicles of today have become increasingly dependent on software to handle their functionalities. Updating and maintaining the software in vehicles has therefore become a costly process for the automotive industry. By introducing wireless communications to vehicles, vehicular maintenance can greatly be improved and many other new applications can also be brought to the vehicles. However, the vehicle was not designed with security in mind. Since the vehicle is safety-critical, it is vital that such new remote services do not violate the safety and security requirements of the vehicle. Thus, this thesis presents a general approach to securing the connected car and the usefulness of the approach is demonstrated in a vehicular diagnostics scenario.</p> <p>The thesis comes in two main parts. In the first part, we address security mechanisms for the connected car. First, a survey of current mechanisms to secure the in-vehicle networks is made. Then, a description of possible communication methods with vehicles is given and a taxonomy of current entities involved in such communication is presented. The taxonomy is organised in actors, vehicle-to-X communications, network paths, and dependability and security attributes. The usefulness of the taxonomy is demonstrated by two examples.</p> <p>In the second part, we address security with respect to vehicular diagnostics. First, an overall security analysis of the interaction between the connected car and the repair shop is conducted. We find that the most imminent risk in the repair shop is the loss of authentication keys. The loss of such keys allows masquerading attacks against vehicles. To address this problem, we propose a Kerberos-inspired protocol for authentication and authorisation of the diagnostics equipment and a trusted third party is introduced.</p> <p>To conclude, this thesis shows the value of adopting a structured approach to securing the connected car. The approach has been shown to be useful for identifying threats and countermeasures and thus help improving security.</p

ACUTA eNews June 1996, Vol. 25, No. 6

In This Issue From the President Virtual LAN at Univ. of Mississippi DC at a Glance Internet Phone From ACUTA Headquarter