Securing Real-Time Internet-of-Things

Modern embedded and cyber-physical systems are ubiquitous. A large number of critical cyber-physical systems have real-time requirements (e.g., avionics, automobiles, power grids, manufacturing systems, industrial control systems, etc.). Recent developments and new functionality requires real-time embedded devices to be connected to the Internet. This gives rise to the real-time Internet-of-things (RT-IoT) that promises a better user experience through stronger connectivity and efficient use of next-generation embedded devices. However RT- IoT are also increasingly becoming targets for cyber-attacks which is exacerbated by this increased connectivity. This paper gives an introduction to RT-IoT systems, an outlook of current approaches and possible research challenges towards secure RT- IoT frameworks

Ein mehrschichtiges sicheres Framework für Fahrzeugsysteme

In recent years, significant developments were introduced within the vehicular domain, evolving the vehicles to become a network of many embedded systems distributed throughout the car, known as Electronic Control Units (ECUs). Each one of these ECUs runs a number of software components that collaborate with each other to perform various vehicle functions. Modern vehicles are also equipped with wireless communication technologies, such as WiFi, Bluetooth, and so on, giving them the capability to interact with other vehicles and roadside infrastructure. While these improvements have increased the safety of the automotive system, they have vastly expanded the attack surface of the vehicle and opened the door for new potential security risks. The situation is made worse by a lack of security mechanisms in the vehicular system which allows the escalation of a compromise in one of the non-critical sub-systems to threaten the safety of the entire vehicle and its passengers. This dissertation focuses on providing a comprehensive framework that ensures the security of the vehicular system during its whole life-cycle. This framework aims to prevent the cyber-attacks against different components by ensuring secure communications among them. Furthermore, it aims to detect attacks which were not prevented successfully, and finally, to respond to these attacks properly to ensure a high degree of safety and stability of the system.In den letzten Jahren wurden bedeutende Entwicklungen im Bereich der Fahrzeuge vorgestellt, die die Fahrzeuge zu einem Netzwerk mit vielen im gesamten Fahrzeug verteile integrierte Systeme weiterentwickelten, den sogenannten Steuergeräten (ECU, englisch = Electronic Control Units). Jedes dieser Steuergeräte betreibt eine Reihe von Softwarekomponenten, die bei der Ausführung verschiedener Fahrzeugfunktionen zusammenarbeiten. Moderne Fahrzeuge sind auch mit drahtlosen Kommunikationstechnologien wie WiFi, Bluetooth usw. ausgestattet, die ihnen die Möglichkeit geben, mit anderen Fahrzeugen und der straßenseitigen Infrastruktur zu interagieren. Während diese Verbesserungen die Sicherheit des Fahrzeugsystems erhöht haben, haben sie die Angriffsfläche des Fahrzeugs erheblich vergrößert und die Tür für neue potenzielle Sicherheitsrisiken geöffnet. Die Situation wird durch einen Mangel an Sicherheitsmechanismen im Fahrzeugsystem verschärft, die es ermöglichen, dass ein Kompromiss in einem der unkritischen Subsysteme die Sicherheit des gesamten Fahrzeugs und seiner Insassen gefährdet kann. Diese Dissertation konzentriert sich auf die Entwicklung eines umfassenden Rahmens, der die Sicherheit des Fahrzeugsystems während seines gesamten Lebenszyklus gewährleistet. Dieser Rahmen zielt darauf ab, die Cyber-Angriffe gegen verschiedene Komponenten zu verhindern, indem eine sichere Kommunikation zwischen ihnen gewährleistet wird. Darüber hinaus zielt es darauf ab, Angriffe zu erkennen, die nicht erfolgreich verhindert wurden, und schließlich auf diese Angriffe angemessen zu reagieren, um ein hohes Maß an Sicherheit und Stabilität des Systems zu gewährleisten

Predictive Pre-allocation for Low-latency Uplink Access in Industrial Wireless Networks

Driven by mission-critical applications in modern industrial systems, the 5th generation (5G) communication system is expected to provide ultra-reliable low-latency communications (URLLC) services to meet the quality of service (QoS) demands of industrial applications. However, these stringent requirements cannot be guaranteed by its conventional dynamic access scheme due to the complex signaling procedure. A promising solution to reduce the access delay is the pre-allocation scheme based on the semi-persistent scheduling (SPS) technique, which however may lead to low spectrum utilization if the allocated resource blocks (RBs) are not used. In this paper, we aim to address this issue by developing DPre, a predictive pre-allocation framework for uplink access scheduling of delay-sensitive applications in industrial process automation. The basic idea of DPre is to explore and exploit the correlation of data acquisition and access behavior between nodes through static and dynamic learning mechanisms in order to make judicious resource per-allocation decisions. We evaluate the effectiveness of DPre based on several monitoring applications in a steel rolling production process. Simulation results demonstrate that DPre achieves better performance in terms of the prediction accuracy, which can effectively increase the rewards of those reserved resources.Comment: Full version (accepted by INFOCOM 2018

Timing analysis in existing and emerging cyber physical systems

A main mission of safety-critical cyber-physical systems is to guarantee timing correctness. The examples of safety- critical systems are avionic, automotive or medical systems in which timing violations could have disastrous effects, from loss of human life to damage to machines and/or the environment. Over the past decade, multicore processors have become increasingly common for their potential of efficiency, which has made new single-core processors become relatively scarce. As a result, it has created a pressing need to transition to multicore processors. However, existing safety-critical software that has been certified on single-core processors is not allowed to be fielded on a multicore system as is. The issue stems from, namely, serious inter- core interference problems on shared resources in current multicore processors, which create non-deterministic timing behavior. Since meeting the timing constraints is the crucial requirement of safety-critical real-time systems, the use of more than one core in a multicore chip is currently not certified yet by the authorities. Academia has paid relatively little attention to non-determinism due to uncoordinated I/O communications, as compared with other resources such as cache or memory, although industry considers it as one of the most troublesome challenges. Hence we focused on I/O synchronization, requiring no information of Worst Case Execution Time (WCET) that can get impacted by other interference sources. Traditionally, a two-level scheduling, such as Integrated Modular Avionics system (IMA), has been used for providing temporal isolation capability. However, such hierarchical approaches introduce significant priority inversions across applications, especially in multicore systems, ultimately leading to lower system utilization. To address these issues, we have proposed a novel scheduling mechanism called budgeted generalized rate monotonic analysis (Budgeted GRMS) in which different applications’ tasks are globally scheduled for avoiding unnecessary priority inversions, yet the CPU resource is still partitioned for temporal isolation among applications. Incorporating the issues of no information of WCETs and I/O synchronization, this new scheduling paradigm enables the “safe” use of multicore processors in safety-critical real-time systems. Recently, newly emerging Internet of Things (IoT) and Smart City applications are becoming a part of cyber- physical systems, as the needs are required and the feasibility are getting visible. What we need to pay attention to is that the promises and challenges arising from IoT and Smart City applications are providing new research landscapes and opportunities and fundamentally transforming real-time scheduling. As mentioned earlier, in traditional real-time systems, an instance of a program execution (a process) is described as a scheduling entity, while, in the emerging applications, the fundamental schedulable units are chunks of data transported over communication media. Another transformation is that, in IoT and Smart City applications, there are multiple options and combinations to choose to utilize and schedule since there are massively deployed heterogeneous kinds of sensing devices. This is contrary to the existing real-time work which is given a fixed task set to be analyzed. For that reason, they also suggest variants of performance or quality optimization problems. Suppose a disaster response infrastructure in a troubled area to ensure safety of humanitarian missions. Cameras and other sensors are deployed along key routes to monitor local conditions, but turned off by default and turned on on-demand to save limited battery life. To determine a safe route to deliver humanitarian shipments, a decision-maker must collect reconnaissance information and schedule the data items to support timely decision-making. Such data items acquired from the time-evolving physical world are in general time-sensitive - a retrieved item may become stale and no longer be accurate/relevant as conditions in the physical environment change. Therefore, “when to acquire” affects the performance and correctness of such applications and thus the overall system safety and data timeliness should be carefully considered. For the addressed problem, we explored various algorithmic options for maximizing quality of information, and developed the optimal algorithm for the order of retrievals of data items to make multiple decisions. I believe this is a significant initial step toward expanding timing-safety research landscapes and opportunities in the emerging CPS area

A Comprehensive Approach to WSN-Based ITS Applications: A Survey

In order to perform sensing tasks, most current Intelligent Transportation Systems (ITS) rely on expensive sensors, which offer only limited functionality. A more recent trend consists of using Wireless Sensor Networks (WSN) for such purpose, which reduces the required investment and enables the development of new collaborative and intelligent applications that further contribute to improve both driving safety and traffic efficiency. This paper surveys the application of WSNs to such ITS scenarios, tackling the main issues that may arise when developing these systems. The paper is divided into sections which address different matters including vehicle detection and classification as well as the selection of appropriate communication protocols, network architecture, topology and some important design parameters. In addition, in line with the multiplicity of different technologies that take part in ITS, it does not consider WSNs just as stand-alone systems, but also as key components of heterogeneous systems cooperating along with other technologies employed in vehicular scenarios

Beacon scheduling in cluster-tree IEEE 802.15.4/ZigBee wireless sensor networks

The recently standardized IEEE 802.15.4/Zigbee protocol stack offers great potentials for ubiquitous and pervasive computing, namely for Wireless Sensor Networks (WSNs). However, there are still some open and ambiguous issues that turn its practical use a challenging task. One of those issues is how to build a synchronized multi-hop cluster-tree network, which is quite suitable for QoS support in WSNs. In fact, the current IEEE 802.15.4/Zigbee specifications restrict the synchronization in the beacon-enabled mode (by the generation of periodic beacon frames) to star-based networks, while it supports multi-hop networking using the peer-to-peer mesh topology, but with no synchronization. Even though both specifications mention the possible use of cluster-tree topologies, which combine multi-hop and synchronization features, the description on how to effectively construct such a network topology is missing. This report tackles this problem, unveils the ambiguities regarding the use of the cluster-tree topology and proposes two collisionfree beacon frame scheduling schemes

Data Aggregation and Cross-layer Design in WSNs

Over the past few years, advances in electrical engineering have allowed electronic devices to shrink in both size and cost. It has become possible to incorporate environmental sensors into a single device with a microprocessor and memory to interpret the data and wireless transceivers to communicate the data. These sensor nodes have become small and cheap enough that they can be distributed in very large numbers into the area to be monitored and can be considered disposable. Once deployed, these sensor nodes should be able to self-organize themselves into a usable network. These wireless sensor networks, or WSNs, differ from other ad hoc networks mainly in the way that they are used. For example, in ad hoc networks of personal computers, messages are addressed from one PC to another. If a message cannot be routed, the network has failed. In WSNs, data about the environment is requested by the data sink. If any or multiple sensor nodes can return an informative response to this request, the network has succeeded. A network that is viewed in terms of the data it can deliver as opposed to the individual devices that make it up has been termed a data-centric network [26]. The individual sensor nodes may fail to respond to a query, or even die, as long as the final result is valid. The network is only considered useless when no usable data can be delivered. In this thesis, we focus on two aspects. The first is data aggregation with accurate timing control. In order to maintain a certain degree of service quality and a reasonable system lifetime, energy needs to be optimized at every stage of system operation. Because wireless communication consumes a major amount of the limited battery power for these sensor nodes, we propose to limit the amount of data transmitted by combining redundant and complimentary data as much as possible in order to transmit smaller and fewer messages. By using mathematical models and computer simulations, we will show that our aggregation-focused protocol does, indeed, extend system lifetime. Our secondary focus is a study of cross-layer design. We argue that the extremely specialized use of WSNs should convince us not to adhere to the traditional OSI networking model. Through our experiments, we will show that significant energy savings are possible when a custom cross-layer communication model is used