7,829 research outputs found
RADIS: Remote Attestation of Distributed IoT Services
Remote attestation is a security technique through which a remote trusted
party (i.e., Verifier) checks the trustworthiness of a potentially untrusted
device (i.e., Prover). In the Internet of Things (IoT) systems, the existing
remote attestation protocols propose various approaches to detect the modified
software and physical tampering attacks. However, in an interoperable IoT
system, in which IoT devices interact autonomously among themselves, an
additional problem arises: a compromised IoT service can influence the genuine
operation of other invoked service, without changing the software of the
latter. In this paper, we propose a protocol for Remote Attestation of
Distributed IoT Services (RADIS), which verifies the trustworthiness of
distributed IoT services. Instead of attesting the complete memory content of
the entire interoperable IoT devices, RADIS attests only the services involved
in performing a certain functionality. RADIS relies on a control-flow
attestation technique to detect IoT services that perform an unexpected
operation due to their interactions with a malicious remote service. Our
experiments show the effectiveness of our protocol in validating the integrity
status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table
Trick or Heat? Manipulating Critical Temperature-Based Control Systems Using Rectification Attacks
Temperature sensing and control systems are widely used in the closed-loop
control of critical processes such as maintaining the thermal stability of
patients, or in alarm systems for detecting temperature-related hazards.
However, the security of these systems has yet to be completely explored,
leaving potential attack surfaces that can be exploited to take control over
critical systems.
In this paper we investigate the reliability of temperature-based control
systems from a security and safety perspective. We show how unexpected
consequences and safety risks can be induced by physical-level attacks on
analog temperature sensing components. For instance, we demonstrate that an
adversary could remotely manipulate the temperature sensor measurements of an
infant incubator to cause potential safety issues, without tampering with the
victim system or triggering automatic temperature alarms. This attack exploits
the unintended rectification effect that can be induced in operational and
instrumentation amplifiers to control the sensor output, tricking the internal
control loop of the victim system to heat up or cool down. Furthermore, we show
how the exploit of this hardware-level vulnerability could affect different
classes of analog sensors that share similar signal conditioning processes.
Our experimental results indicate that conventional defenses commonly
deployed in these systems are not sufficient to mitigate the threat, so we
propose a prototype design of a low-cost anomaly detector for critical
applications to ensure the integrity of temperature sensor signals.Comment: Accepted at the ACM Conference on Computer and Communications
Security (CCS), 201
C-FLAT: Control-FLow ATtestation for Embedded Systems Software
Remote attestation is a crucial security service particularly relevant to
increasingly popular IoT (and other embedded) devices. It allows a trusted
party (verifier) to learn the state of a remote, and potentially
malware-infected, device (prover). Most existing approaches are static in
nature and only check whether benign software is initially loaded on the
prover. However, they are vulnerable to run-time attacks that hijack the
application's control or data flow, e.g., via return-oriented programming or
data-oriented exploits. As a concrete step towards more comprehensive run-time
remote attestation, we present the design and implementation of Control- FLow
ATtestation (C-FLAT) that enables remote attestation of an application's
control-flow path, without requiring the source code. We describe a full
prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone
hardware security extensions. We evaluate C-FLAT's performance using a
real-world embedded (cyber-physical) application, and demonstrate its efficacy
against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the
23rd ACM Conference on Computer and Communications Securit
Wireless sensors and IoT platform for intelligent HVAC control
Energy consumption of buildings (residential and non-residential) represents approximately 40% of total world electricity consumption, with half of this energy consumed by HVAC systems. Model-Based Predictive Control (MBPC) is perhaps the technique most often proposed for HVAC control, since it offers an enormous potential for energy savings. Despite the large number of papers on this topic during the last few years, there are only a few reported applications of the use of MBPC for existing buildings, under normal occupancy conditions and, to the best of our knowledge, no commercial solution yet. A marketable solution has been recently presented by the authors, coined the IMBPC HVAC system. This paper describes the design, prototyping and validation of two components of this integrated system, the Self-Powered Wireless Sensors and the IOT platform developed. Results for the use of IMBPC in a real building under normal occupation demonstrate savings in the electricity bill while maintaining thermal comfort during the whole occupation schedule.QREN SIDT [38798]; Portuguese Foundation for Science & Technology, through IDMEC, under LAETA [ID/EMS/50022/2013
Recommended from our members
Development of a Network of Accurate Ozone Sensing Nodes for Parallel Monitoring in a Site Relocation Study
Recent technological advances in both air sensing technology and Internet of Things (IoT) connectivity have enabled the development and deployment of remote monitoring networks of air quality sensors. The compact size and low power requirements of both sensors and IoT data loggers allow for the development of remote sensing nodes with power and connectivity versatility. With these technological advancements, sensor networks can be developed and deployed for various ambient air monitoring applications. This paper describes the development and deployment of a monitoring network of accurate ozone (O3) sensor nodes to provide parallel monitoring in an air monitoring site relocation study. The reference O3 analyzer at the station along with a network of three O3 sensing nodes was used to evaluate the spatial and temporal variability of O3 across four Southern California communities in the San Bernardino Mountains which are currently represented by a single reference station in Crestline, CA. The motivation for developing and deploying the sensor network in the region was that the single reference station potentially needed to be relocated due to uncertainty that the lease agreement would be renewed. With the implication of siting a new reference station that is also a high O3 site, the project required the development of an accurate and precise sensing node for establishing a parallel monitoring network at potential relocation sites. The deployment methodology included a pre-deployment co-location calibration to the reference analyzer at the air monitoring station with post-deployment co-location results indicating a mean absolute error (MAE) < 2 ppb for 1-h mean O3 concentrations. Ordinary least squares regression statistics between reference and sensor nodes during post-deployment co-location testing indicate that the nodes are accurate and highly correlated to reference instrumentation with R2 values > 0.98, slope offsets < 0.02, and intercept offsets < 0.6 for hourly O3 concentrations with a mean concentration value of 39.7 ± 16.5 ppb and a maximum 1-h value of 94 ppb. Spatial variability for diurnal O3 trends was found between locations within 5 km of each other with spatial variability between sites more pronounced during nighttime hours. The parallel monitoring was successful in providing the data to develop a relocation strategy with only one relocation site providing a 95% confidence that concentrations would be higher there than at the current site
High precision hybrid RF and ultrasonic chirp-based ranging for low-power IoT nodes
Hybrid acoustic-RF systems offer excellent ranging accuracy, yet they typically come at a power consumption that is too high to meet the energy constraints of mobile IoT nodes. We combine pulse compression and synchronized wake-ups to achieve a ranging solution that limits the active time of the nodes to 1 ms. Hence, an ultra low-power consumption of 9.015 µW for a single measurement is achieved. The operation time is estimated on 8.5 years on a CR2032 coin cell battery at a 1 Hz update rate, which is over 250 times larger than state-of-the-art RF-based positioning systems. Measurements based on a proof-of-concept hardware platform show median distance error values below 10 cm. Both simulations and measurements demonstrate that the accuracy is reduced at low signal-to-noise ratios and when reflections occur. We introduce three methods that enhance the distance measurements at a low extra processing power cost. Hence, we validate in realistic environments that the centimeter accuracy can be obtained within the energy budget of mobile devices and IoT nodes. The proposed hybrid signal ranging system can be extended to perform accurate, low-power indoor positioning
- …