147 research outputs found
Self-powered Time-Keeping and Time-of-Occurrence Sensing
Self-powered and passive Internet-of-Things (IoT) devices (e.g. RFID tags, financial assets, wireless sensors and surface-mount devices) have been widely deployed in our everyday and industrial applications. While diverse functionalities have been implemented in passive systems, the lack of a reference clock limits the design space of such devices used for applications such as time-stamping sensing, recording and dynamic authentication. Self-powered time-keeping in passive systems has been challenging because they do not have access to continuous power sources. While energy transducers can harvest power from ambient environment, the intermittent power cannot support continuous operation for reference clocks. The thesis of this dissertation is to implement self-powered time-keeping devices on standard CMOS processes.
In this dissertation, a novel device that combines the physics of quantum tunneling and floating-gate (FG) structures is proposed for self-powered time-keeping in CMOS process. The proposed device is based on thermally assisted Fowler-Nordheim (FN) tunneling process across high-quality oxide layer to discharge the floating-gate node, therefore resulting in a time-dependent FG potential. The device was fully characterized in this dissertation, and it does not require external powering during runtime, making it feasible for passive devices and systems.
Dynamic signature based on the synchronization and desynchronization behavior of the FN timer is proposed for authentication of IoT devices. The self-compensating physics ensure that when distributed timers are subjected to identical environment variances that are common-mode noise, they can maintain synchronization with respect to each other. On the contrary, different environment conditions will desynchronize the timers creating unique signatures. The signatures could be used to differentiate between products that belong to different supply-chains or products that were subjected to malicious tampering. SecureID type dynamic authentication protocols based on the signature generated by the FN timers are proposed and they are proven to be robust to most attacks. The protocols are further analyzed to be lightweight enough for passive devices whose computational sources are limited.
The device could also be applied for self-powered sensing of time-of-occurrence. The prototype was verified by integrating the device with a self-powered mechanical sensor to sense and record time-of-occurrence of mechanical events. The system-on-chip design uses the timer output to modulate a linear injector to stamp the time information into the sensing results. Time-of-occurrence can be reconstructed by training the mathematical model and then applying that to the test data. The design was verified to have a high reconstruction accuracy
Quasi-Self-Powered Piezo-Floating-Gate Sensing Technology for Continuous Monitoring of Large-Scale Bridges
Developing a practical framework for long-term structural health monitoring (SHM) of large structures, such as a suspension bridge, poses several major challenges. The next generation of bridge SHM technology needs to continuously monitor conditions and issue early warnings prior to costly repair or catastrophic failures. Additionally, the technology has to interpret effects of rare, high-impact events like earthquakes or hurricanes. The development of this technology has become an even higher priority due to the fact that many of the world's bridges are reaching the end of their designed service lives. Current battery-powered wireless SHM methods use periodic sampling with relatively long sleep-cycles to increase a sensor's operational life. However, long sleep-cycles make the technology vulnerable to missing or misinterpreting the effect of a rare event. To address these practical issues, we present a novel quasi-self-powered sensing solution for long-term and cost-effective monitoring of large-scale bridges. The approach we propose combines our previously reported and validated self-powered Piezo-Floating-Gate (PFG) sensor in conjunction with an ultra-low-power, long-range wireless interface. The physics behind the PFG's operation enable it to continuously capture and store local, cumulative information regarding dynamic loading conditions of the bridge in non-volatile memory. Using extensive numerical and laboratory studies, we demonstrate the capabilities of the PFG sensor for predicting structural conditions. We then present a system level design that adapts PFG sensing for SHM in bridges. A challenging aspect of SHM in large-scale bridges is the need for long-range wireless interrogation, as many portions of the structure are not easily accessible for continual inspection and portions of the bridge cannot be frequently taken out-of-service. We show that by combining self-powered PFG sensors with a small battery and optimized long-range active wireless interface, we can realize a quasi-self-powered system that easily achieves a continuous operating lifespan in excess of 20 years. The efficiency and feasibility of the proposed method is verified in a case study of the Mackinac Bridge in Michigan, the longest suspension bridge across anchorages in the Western Hemisphere. Associated data from the deployment are discussed, in addition to limitations, challenges, and additional considerations for widespread field deployment of the proposed SHM framework
A wireless method for monitoring medication compliance
There are many devices on the market to help remind patients to take their pills, but most require observation by a caregiver to assure medication compliance. This project demonstrates three modes to detect pill removal from a pillbox: a switch under the pills, a reflective type photointerrupter and a transmissive electric eye photosensor. Each mode exhibited blind spots or other failures to detect pill presence, but by combining modes with complementary characteristics, the accuracy of pill detection is greatly increased.
Two methods of caregiver notification are demonstrated: text messages transmitted via an attached cellular phone, or the status is collected by a PC which provides an audit trail and daily notification if no pills were taken
Security of the Internet of Things: Vulnerabilities, Attacks and Countermeasures
Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. Hence, the security of IoT should start with foremost securing WSNs ahead of the other components. However, owing to the absence of a physical line-of-defense, i.e., there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. More specifically, for the application areas in which CIA (confidentiality, integrity, availability) has prime importance, WSNs and emerging IoT technology might constitute an open avenue for the attackers. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: “Passive Attacks” and “Active Attacks”. Understanding these attacks and their associated defense mechanisms will help paving a secure path towards the proliferation and public acceptance of IoT technology
Smart Wireless Sensor Networks
The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks
IoMT amid COVID-19 pandemic: Application, architecture, technology, and security
In many countries, the Internet of Medical Things (IoMT) has been deployed in tandem with other strategies to curb the spread of COVID-19, improve the safety of front-line personnel, increase efficacy by lessening the severity of the disease on human lives, and decrease mortality rates. Significant inroads have been achieved in terms of applications and technology, as well as security which have also been magnified through the rapid and widespread adoption of IoMT across the globe. A number of on-going researches show the adoption of secure IoMT applications is possible by incorporating security measures with the technology. Furthermore, the development of new IoMT technologies merge with Artificial Intelligence, Big Data and Blockchain offers more viable solutions. Hence, this paper highlights the IoMT architecture, applications, technologies, and security developments that have been made with respect to IoMT in combating COVID-19. Additionally, this paper provides useful insights into specific IoMT architecture models, emerging IoMT applications, IoMT security measurements, and technology direction that apply to many IoMT systems within the medical environment to combat COVID-19
A Framework for Facilitating Secure Design and Development of IoT Systems
The term Internet of Things (IoT) describes an ever-growing ecosystem of physical objects
or things interconnected with each other and connected to the Internet. IoT devices
consist of a wide range of highly heterogeneous inanimate and animate objects. Thus, a
thing in the context of the IoT can even mean a person with blood pressure or heart rate
monitor implant or a pet with a biochip transponder. IoT devices range from ordinary
household appliances, such as smart light bulbs or smart coffee makers, to sophisticated
tools for industrial automation. IoT is currently leading a revolutionary change in many
industries and, as a result, a lot of industries and organizations are adopting the paradigm
to gain a competitive edge. This allows them to boost operational efficiency and optimize
system performance through real-time data management, which results in an optimized
balance between energy usage and throughput. Another important application area is
the Industrial Internet of Things (IIoT), which is the application of the IoT in industrial
settings. This is also referred to as the Industrial Internet or Industry 4.0, where Cyber-
Physical Systems (CPS) are interconnected using various technologies to achieve wireless
control as well as advanced manufacturing and factory automation. IoT applications
are becoming increasingly prevalent across many application domains, including smart
healthcare, smart cities, smart grids, smart farming, and smart supply chain management.
Similarly, IoT is currently transforming the way people live and work, and hence
the demand for smart consumer products among people is also increasing steadily. Thus,
many big industry giants, as well as startup companies, are competing to dominate the
market with their new IoT products and services, and hence unlocking the business value
of IoT.
Despite its increasing popularity, potential benefits, and proven capabilities, IoT is still in
its infancy and fraught with challenges. The technology is faced with many challenges, including
connectivity issues, compatibility/interoperability between devices and systems,
lack of standardization, management of the huge amounts of data, and lack of tools for
forensic investigations. However, the state of insecurity and privacy concerns in the IoT
are arguably among the key factors restraining the universal adoption of the technology.
Consequently, many recent research studies reveal that there are security and privacy issues
associated with the design and implementation of several IoT devices and Smart Applications
(smart apps). This can be attributed, partly, to the fact that as some IoT device
makers and smart apps development companies (especially the start-ups) reap business
value from the huge IoT market, they tend to neglect the importance of security. As a
result, many IoT devices and smart apps are created with security vulnerabilities, which
have resulted in many IoT related security breaches in recent years.
This thesis is focused on addressing the security and privacy challenges that were briefly
highlighted in the previous paragraph. Given that the Internet is not a secure environ ment even for the traditional computer systems makes IoT systems even less secure due
to the inherent constraints associated with many IoT devices. These constraints, which are
mainly imposed by cost since many IoT edge devices are expected to be inexpensive and
disposable, include limited energy resources, limited computational and storage capabilities,
as well as lossy networks due to the much lower hardware performance compared
to conventional computers. While there are many security and privacy issues in the IoT
today, arguably a root cause of such issues is that many start-up IoT device manufacturers
and smart apps development companies do not adhere to the concept of security by
design. Consequently, some of these companies produce IoT devices and smart apps with
security vulnerabilities.
In recent years, attackers have exploited different security vulnerabilities in IoT infrastructures
which have caused several data breaches and other security and privacy incidents
involving IoT devices and smart apps. These have attracted significant attention
from the research community in both academia and industry, resulting in a surge of proposals
put forward by many researchers. Although research approaches and findings may
vary across different research studies, the consensus is that a fundamental prerequisite for
addressing IoT security and privacy challenges is to build security and privacy protection
into IoT devices and smart apps from the very beginning. To this end, this thesis investigates
how to bake security and privacy into IoT systems from the onset, and as its main
objective, this thesis particularly focuses on providing a solution that can foster the design
and development of secure IoT devices and smart apps, namely the IoT Hardware Platform
Security Advisor (IoT-HarPSecA) framework. The security framework is expected to
provide support to designers and developers in IoT start-up companies during the design
and implementation of IoT systems. IoT-HarPSecA framework is also expected to facilitate
the implementation of security in existing IoT systems.
To accomplish the previously mentioned objective as well as to affirm the aforementioned
assertion, the following step-by-step problem-solving approach is followed. The first step
is an exhaustive survey of different aspects of IoT security and privacy, including security requirements in IoT architecture, security threats in IoT architecture, IoT application domains
and their associated cyber assets, the complexity of IoT vulnerabilities, and some
possible IoT security and privacy countermeasures; and the survey wraps up with a brief
overview of IoT hardware development platforms. The next steps are the identification of
many challenges and issues associated with the IoT, which narrowed down to the abovementioned
fundamental security/privacy issue; followed by a study of different aspects of
security implementation in the IoT. The remaining steps are the framework design thinking
process, framework design and implementation, and finally, framework performance
evaluation.
IoT-HarPSecA offers three functionality features, namely security requirement elicitation security best practice guidelines for secure development, and above all, a feature that recommends
specific Lightweight Cryptographic Algorithms (LWCAs) for both software and
hardware implementations. Accordingly, IoT-HarPSecA is composed of three main components,
namely Security Requirements Elicitation (SRE) component, Security Best Practice
Guidelines (SBPG) component, and Lightweight Cryptographic Algorithms Recommendation
(LWCAR) component, each of them servicing one of the aforementioned features.
The author has implemented a command-line tool in C++ to serve as an interface
between users and the security framework. This thesis presents a detailed description,
design, and implementation of the SRE, SBPG, and LWCAR components of the security
framework. It also presents real-world practical scenarios that show how IoT-HarPSecA
can be used to elicit security requirements, generate security best practices, and recommend
appropriate LWCAs based on user inputs. Furthermore, the thesis presents performance
evaluation of the SRE, SBPG, and LWCAR components framework tools, which
shows that IoT-HarPSecA can serve as a roadmap for secure IoT development.O termo Internet das coisas (IoT) é utilizado para descrever um ecossistema, em expansão,
de objetos físicos ou elementos interconetados entre si e à Internet. Os dispositivos
IoT consistem numa gama vasta e heterogénea de objetos animados ou inanimados e,
neste contexto, podem pertencer à IoT um indivíduo com um implante que monitoriza a
frequência cardíaca ou até mesmo um animal de estimação que tenha um biochip. Estes
dispositivos variam entre eletrodomésticos, tais como máquinas de café ou lâmpadas inteligentes,
a ferramentas sofisticadas de uso na automatização industrial. A IoT está a
revolucionar e a provocar mudanças em várias indústrias e muitas adotam esta tecnologia
para incrementar as suas vantagens competitivas. Este paradigma melhora a eficiência
operacional e otimiza o desempenho de sistemas através da gestão de dados em tempo
real, resultando num balanço otimizado entre o uso energético e a taxa de transferência.
Outra área de aplicação é a IoT Industrial (IIoT) ou internet industrial ou Indústria 4.0,
ou seja, uma aplicação de IoT no âmbito industrial, onde os sistemas ciberfísicos estão interconectados
a diversas tecnologias de forma a obter um controlo de rede sem fios, bem
como fabricações avançadas e automatização fabril. As aplicações da IoT estão a crescer
e a tornarem-se predominantes em muitos domínios de aplicação inteligentes como sistemas
de saúde, cidades, redes, agricultura e sistemas de fornecimento. Da mesma forma,
a IoT está a transformar estilos de vida e de trabalho e assim, a procura por produtos inteligentes
está constantemente a aumentar. As grandes indústrias e startups competem
entre si de forma a dominar o mercado com os seus novos serviços e produtos IoT, desbloqueando
o valor de negócio da IoT.
Apesar da sua crescente popularidade, benefícios e capacidades comprovadas, a IoT está
ainda a dar os seus primeiros passos e é confrontada com muitos desafios. Entre eles,
problemas de conectividade, compatibilidade/interoperabilidade entre dispositivos e sistemas,
falta de padronização, gestão das enormes quantidades de dados e ainda falta de
ferramentas para investigações forenses. No entanto, preocupações quanto ao estado de
segurança e privacidade ainda estão entre os fatores adversos à adesão universal desta
tecnologia. Estudos recentes revelaram que existem questões de segurança e privacidade
associadas ao design e implementação de vários dispositivos IoT e aplicações inteligentes
(smart apps.), isto pode ser devido ao facto, em parte, de que alguns fabricantes e empresas
de desenvolvimento de dispositivos (especialmente startups) IoT e smart apps., recolham
o valor de negócio dos grandes mercados IoT, negligenciando assim a importância
da segurança, resultando em dispositivos IoT e smart apps. com carências e violações de
segurança da IoT nos últimos anos.
Esta tese aborda os desafios de segurança e privacidade que foram supra mencionados.
Visto que a Internet e os sistemas informáticos tradicionais são por vezes considerados inseguros,
os sistemas IoT tornam-se ainda mais inseguros, devido a restrições inerentes a tais dispositivos. Estas restrições são impostas devido ao custo, uma vez que se espera que
muitos dispositivos de ponta sejam de baixo custo e descartáveis, com recursos energéticos
limitados, bem como limitações na capacidade de armazenamento e computacionais,
e redes com perdas devido a um desempenho de hardware de qualidade inferior, quando
comparados com computadores convencionais. Uma das raízes do problema é o facto
de que muitos fabricantes, startups e empresas de desenvolvimento destes dispositivos e
smart apps não adiram ao conceito de segurança por construção, ou seja, logo na conceção,
não preveem a proteção da privacidade e segurança. Assim, alguns dos produtos e
dispositivos produzidos apresentam vulnerabilidades na segurança.
Nos últimos anos, hackers maliciosos têm explorado diferentes vulnerabilidades de segurança
nas infraestruturas da IoT, causando violações de dados e outros incidentes de
privacidade envolvendo dispositivos IoT e smart apps. Estes têm atraído uma atenção significativa
por parte das comunidades académica e industrial, que culminaram num grande
número de propostas apresentadas por investigadores científicos. Ainda que as abordagens
de pesquisa e os resultados variem entre os diferentes estudos, há um consenso e
pré-requisito fundamental para enfrentar os desafios de privacidade e segurança da IoT,
que buscam construir proteção de segurança e privacidade em dispositivos IoT e smart
apps. desde o fabrico. Para esta finalidade, esta tese investiga como produzir segurança
e privacidade destes sistemas desde a produção, e como principal objetivo, concentra-se
em fornecer soluções que possam promover a conceção e o desenvolvimento de dispositivos
IoT e smart apps., nomeadamente um conjunto de ferramentas chamado Consultor
de Segurança da Plataforma de Hardware da IoT (IoT-HarPSecA). Espera-se que o conjunto
de ferramentas forneça apoio a designers e programadores em startups durante a
conceção e implementação destes sistemas ou que facilite a integração de mecanismos de
segurança nos sistemas préexistentes.
De modo a alcançar o objetivo proposto, recorre-se à seguinte abordagem. A primeira fase
consiste num levantamento exaustivo de diferentes aspetos da segurança e privacidade na
IoT, incluindo requisitos de segurança na arquitetura da IoT e ameaças à sua segurança,
os seus domínios de aplicação e os ativos cibernéticos associados, a complexidade das
vulnerabilidades da IoT e ainda possíveis contramedidas relacionadas com a segurança e
privacidade. Evolui-se para uma breve visão geral das plataformas de desenvolvimento
de hardware da IoT. As fases seguintes consistem na identificação dos desafios e questões
associadas à IoT, que foram restringidos às questões de segurança e privacidade. As demais
etapas abordam o processo de pensamento de conceção (design thinking), design e
implementação e, finalmente, a avaliação do desempenho.
O IoT-HarPSecA é composto por três componentes principais: a Obtenção de Requisitos
de Segurança (SRE), Orientações de Melhores Práticas de Segurança (SBPG) e a recomendação
de Componentes de Algoritmos Criptográficos Leves (LWCAR) na implementação de software e hardware. O autor implementou uma ferramenta em linha de comandos
usando linguagem C++ que serve como interface entre os utilizadores e a IoT-HarPSecA.
Esta tese apresenta ainda uma descrição detalhada, desenho e implementação das componentes
SRE, SBPG, e LWCAR. Apresenta ainda cenários práticos do mundo real que
demostram como o IoT-HarPSecA pode ser utilizado para elicitar requisitos de segurança,
gerar boas práticas de segurança (em termos de recomendações de implementação) e recomendar
algoritmos criptográficos leves apropriados com base no contributo dos utilizadores.
De igual forma, apresenta-se a avaliação do desempenho destes três componentes,
demonstrando que o IoT-HarPSecA pode servir como um roteiro para o desenvolvimento
seguro da IoT
Scientific and technological progress. Advantages and disadvantages
The theme under consideration is divided into two parts: The History of Telephone and Innovations in Telephone Communications.
In the past, people relied on letters to learn about what was going on in the lives of their friends or family members.
The first electrical telegraph was constructed by Sir William Cooke. Another telegraph was developed and patented in the USA in 1837 by Samuel Morse.
When you are citing the document, use the following link http://essuir.sumdu.edu.ua/handle/123456789/2807
Security protocols suite for machine-to-machine systems
Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little
or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging.
Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks.
Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks
- …