Neighbor Discovery Proxy-Gateway for 6LoWPAN-based Wireless Sensor Networks

El propósito de este trabajo es el estudio de métodos para la interconexión de redes personales inalámbricas de área local de bajo consumo y redes de computadores tradicionales. En particular, este proyecto analiza los protocolos de red involucrados así como las posibles formas de interoperabilidad entre ellos, teniendo como meta la integración de redes inalámbricas de sensores IEEE 802.15.4 basadas en 6LoWPAN (una capa de adaptación que hace posible el transporte de paquetes IPv6 sobre IEEE 802.15.4) en redes Ethernet ya existentes, sin necesidad de cambios en la infraestructura de red. Dicha integración permitiría el desarrollo y expansión de aplicaciones de usuario utilizando la tradicional pila de protocolos TCP/IP en sistemas compuestos por dispositivos empotrados de bajo coste y bajo consumo. Para probar la viabilidad de los métodos desarrollados, se diseña, implementa y evalúa un sistema empotrado cuya función es llevar a cabo las tareas de integración descritas

Contributions to bluetooth low energy mesh networks

Bluetooth Low Energy (BLE) has become a popular Internet of Things (IoT) technology. However, it was originally designed to only support the star topology. This PhD thesis investigates and evaluates different Bluetooth Low Energy (BLE) mesh network approaches, including existing ones (such as the Bluetooth Mesh standard), and our own solution for IPv6-based BLE mesh networking (6BLEMesh). The thesis comprises 6 main contributions: 1.- A comprehensive survey on existing BLE mesh networking proposals and a taxonomy for BLE mesh network solutions. 2.- An energy consumption model for Bluetooth Mesh. The model allows to predict useful performance parameters, such as device average current consumption, device lifetime and energy efficiency, considering the impact of the most relevant Bluetooth Mesh parameters, i.e. PollTimeout and ReceiveWindow, as well as application parameters (e.g. the data interval for a sensor that periodically reports its readings). 3.- A new proposed IPv6-based BLE mesh networking IETF standard (in progress), called 6BLEMesh. After defining the characteristics and properties of 6BLEMesh, we evaluated it in terms of connectivity, latency, RTT, and energy consumption. 4.- For the connectivity evaluation of 6BLEMesh, we developed an analytical model that takes a set of network and scenario characteristics as inputs, and provides two main results: i) the probability of no isolation of a node, and ii) the k-connectivity of the considered network. We validated the model by simulation. 5.- An implementation, and an experimental evaluation, of 6BLEMesh. We built a three-node testbed consisting of all node types (i.e. 6LN, 6LR and 6LBR). We used three different popular commercial hardware platforms. We evaluated a number of performance parameters on the testbed, related with latency and energy consumption. Next, we characterized the current consumption patterns of the complete life cycle for different node types in the three-node testbed. We also evaluated the energy performance of a 6LN on three different platforms. We presented a 6LN current consumption model for different connInterval settings. To this end, we experimentally characterized each current consumption state in terms of its duration time and average current consumption value. We illustrated the impact of connInterval on energy performance. 6.- A comparison between Bluetooth Mesh and 6BLEMesh, in terms of protocol stack, protocol encapsulation overhead, end-toend latency, energy consumption, message transmission count, end-to-end reliability, variable topology robustness and Internet connectivity. Bluetooth Mesh and 6BLEMesh offer fundamentally different BLE mesh networking solutions. Their performance depends significantly on their parameter configuration. Nevertheless, the following conclusions can be obtained. Bluetooth Mesh exhibits slightly greater protocol encapsulation overhead than 6BLEmesh. Both Bluetooth Mesh and 6BLEMesh offer flexibility to configure per-hop latency. For a given latency target, 6BLEMesh offers lower energy consumption. In terms of message transmission count, both solutions may offer relatively similar performance for small networks; however, BLEMesh scales better with network size and density. 6BLEMesh approaches ideal packet delivery probability in the presence of bit errors for most parameter settings (at the expense of latency increase), whereas Bluetooth Mesh requires path diversity to achieve similar performance. Bluetooth Mesh does not suffer the connectivity gaps experimented by 6BLEMesh due to topology changes. Finally, 6BLEMesh naturally supports IP-based Internet connectivity, whereas Bluetooth Mesh requires a protocol translation gateway.Bluetooth Low Energy (BLE) ha esdevingut una tecnologia popular per a Internet of Things (loT). Ara bé, va ser originalment dissenyada per suportar només la topologia en estrella. Aquesta tesi doctoral investiga i avalua diferents alternatives de xarxa mesh BLE, incloent alternatives existents (com l'estandard Bluetooth Mesh), i la nostra propia solució basada en IPv6, 6BLEMesh. Aquesta tesi comprén 6 contribucions·principals: 1.- Una revisió exhaustiva de l'estat de l'art i una taxonomia de les xarxes mesh BLE. 2.- Un model de consum d'energia per Bluetooth Mesh. El model permet predir parametres de rendiment útils, tals com consum de corrent, temps de vida del dispositiu i eficiéncia energética, considerant !'impacte deis principals parametres de Bluetooth Mesh (PollTimeout i ReceiveWindow) i a nivell d'aplicació. 3.- Un nou estandard (en progrés) anomenat 6BLEMesh. Després de definir les característiques de 6BLEMesh, aquesta solució ha estat avaluada en termes de connectivitat, laténcia, RTT i consum d'energia. 4.- Per a l'avaluació de connectivitat de 6BLEMesh, hem desenvolupat un model analític que proporciona dos resultats principals: i) probabilitat de no arllament d'un node i ii) k-connectivitat de la xarxa considerada. Hem validat el model mitjani;:ant simulació. .- Una imP.lementació, i una avaluació experimental, de 6BLEMesh. S'ha construrt un testbed de tres nodes, que comprén 5tots els tipus de node principals (6LN, 6LR i 6LBR). S'han usat tres plataformes hardware diferents. S'han avaluat diversos parametres de rendiment en el testbed, relacionats amb laténcia i consum d'energia. A continuació, s'ha caracteritzat els patrons de consum de corren! d'un ciclde de vida complet per als diferents tipus de nodes en el testbed. També s'han avaluat les prestacions d'energia d'un 6LN en tres plataformes diferents. S'ha presenta! un model de consum de corren! d'un 6LN per a diferents valors de connlnterval. Per aquest fi, s'ha caracteritzat emplricament cada estat de consum de corrent en termes de la seva durada i consum de corrent. 6.- Una comparativa entre Bluetooth Mesh i 6BLEMesh, en termes de pila de protocols, overhead d'encapsulament de protocol, laténcia extrem a extrem, consum d'energia, nombre de missatges transmesos, fiabilitat extrem a extrem, robustesa davant de topologies variables, i connexió a Internet. Bluetooth Mesh i 6BLEMesh són solucions de BLE mesh networking fonamentalment diferents. Les seves prestacions depenen de la seva configuració de parametres. Ara bé, es poden extreure les següents conclusions. Bluetooth Mesh mostra un overhead d'encapsulament de protocol lleugerament superior al de 6BLEmesh. Tots dos, Bluetooth Mesh i 6BLEMesh, ofereixen flexibilitat per configurar la laténcia per cada salt. Per un target de laténcia doni¡it, 6BLEMesh ofereix un consum d'energia inferior. En termes de nombre de missatges transmesos, les dues solucions ofereixen prestacions relativament similars per a xarxes petites. Ara bé, 6BLEMesh escala millor amb la mida i la densitat de la xarxa. 6BLEMesh s'aproxima a una probabilitat d'entrega de paquets ideal en preséncia d'errors de bit (amb un increment en la laténcia), mentre que Bluetooth Mesh requereix diversitat de caml per assolir unes prestacions similars. Bluetooth Mesh no pateix els gaps de connectivitat que experimenta 6BLLEMesh a causa de canvis en la topología. Finalment, 6BLEMesh suporta de forma natural la connectivitat amb Internet basada en IP, mentre que Bluetooth Mesh requereix un gateway de traducció de protocols

Contributions to bluetooth low energy mesh networks

Bluetooth Low Energy (BLE) has become a popular Internet of Things (IoT) technology. However, it was originally designed to only support the star topology. This PhD thesis investigates and evaluates different Bluetooth Low Energy (BLE) mesh network approaches, including existing ones (such as the Bluetooth Mesh standard), and our own solution for IPv6-based BLE mesh networking (6BLEMesh). The thesis comprises 6 main contributions: 1.- A comprehensive survey on existing BLE mesh networking proposals and a taxonomy for BLE mesh network solutions. 2.- An energy consumption model for Bluetooth Mesh. The model allows to predict useful performance parameters, such as device average current consumption, device lifetime and energy efficiency, considering the impact of the most relevant Bluetooth Mesh parameters, i.e. PollTimeout and ReceiveWindow, as well as application parameters (e.g. the data interval for a sensor that periodically reports its readings). 3.- A new proposed IPv6-based BLE mesh networking IETF standard (in progress), called 6BLEMesh. After defining the characteristics and properties of 6BLEMesh, we evaluated it in terms of connectivity, latency, RTT, and energy consumption. 4.- For the connectivity evaluation of 6BLEMesh, we developed an analytical model that takes a set of network and scenario characteristics as inputs, and provides two main results: i) the probability of no isolation of a node, and ii) the k-connectivity of the considered network. We validated the model by simulation. 5.- An implementation, and an experimental evaluation, of 6BLEMesh. We built a three-node testbed consisting of all node types (i.e. 6LN, 6LR and 6LBR). We used three different popular commercial hardware platforms. We evaluated a number of performance parameters on the testbed, related with latency and energy consumption. Next, we characterized the current consumption patterns of the complete life cycle for different node types in the three-node testbed. We also evaluated the energy performance of a 6LN on three different platforms. We presented a 6LN current consumption model for different connInterval settings. To this end, we experimentally characterized each current consumption state in terms of its duration time and average current consumption value. We illustrated the impact of connInterval on energy performance. 6.- A comparison between Bluetooth Mesh and 6BLEMesh, in terms of protocol stack, protocol encapsulation overhead, end-toend latency, energy consumption, message transmission count, end-to-end reliability, variable topology robustness and Internet connectivity. Bluetooth Mesh and 6BLEMesh offer fundamentally different BLE mesh networking solutions. Their performance depends significantly on their parameter configuration. Nevertheless, the following conclusions can be obtained. Bluetooth Mesh exhibits slightly greater protocol encapsulation overhead than 6BLEmesh. Both Bluetooth Mesh and 6BLEMesh offer flexibility to configure per-hop latency. For a given latency target, 6BLEMesh offers lower energy consumption. In terms of message transmission count, both solutions may offer relatively similar performance for small networks; however, BLEMesh scales better with network size and density. 6BLEMesh approaches ideal packet delivery probability in the presence of bit errors for most parameter settings (at the expense of latency increase), whereas Bluetooth Mesh requires path diversity to achieve similar performance. Bluetooth Mesh does not suffer the connectivity gaps experimented by 6BLEMesh due to topology changes. Finally, 6BLEMesh naturally supports IP-based Internet connectivity, whereas Bluetooth Mesh requires a protocol translation gateway.Bluetooth Low Energy (BLE) ha esdevingut una tecnologia popular per a Internet of Things (loT). Ara bé, va ser originalment dissenyada per suportar només la topologia en estrella. Aquesta tesi doctoral investiga i avalua diferents alternatives de xarxa mesh BLE, incloent alternatives existents (com l'estandard Bluetooth Mesh), i la nostra propia solució basada en IPv6, 6BLEMesh. Aquesta tesi comprén 6 contribucions·principals: 1.- Una revisió exhaustiva de l'estat de l'art i una taxonomia de les xarxes mesh BLE. 2.- Un model de consum d'energia per Bluetooth Mesh. El model permet predir parametres de rendiment útils, tals com consum de corrent, temps de vida del dispositiu i eficiéncia energética, considerant !'impacte deis principals parametres de Bluetooth Mesh (PollTimeout i ReceiveWindow) i a nivell d'aplicació. 3.- Un nou estandard (en progrés) anomenat 6BLEMesh. Després de definir les característiques de 6BLEMesh, aquesta solució ha estat avaluada en termes de connectivitat, laténcia, RTT i consum d'energia. 4.- Per a l'avaluació de connectivitat de 6BLEMesh, hem desenvolupat un model analític que proporciona dos resultats principals: i) probabilitat de no arllament d'un node i ii) k-connectivitat de la xarxa considerada. Hem validat el model mitjani;:ant simulació. .- Una imP.lementació, i una avaluació experimental, de 6BLEMesh. S'ha construrt un testbed de tres nodes, que comprén 5tots els tipus de node principals (6LN, 6LR i 6LBR). S'han usat tres plataformes hardware diferents. S'han avaluat diversos parametres de rendiment en el testbed, relacionats amb laténcia i consum d'energia. A continuació, s'ha caracteritzat els patrons de consum de corren! d'un ciclde de vida complet per als diferents tipus de nodes en el testbed. També s'han avaluat les prestacions d'energia d'un 6LN en tres plataformes diferents. S'ha presenta! un model de consum de corren! d'un 6LN per a diferents valors de connlnterval. Per aquest fi, s'ha caracteritzat emplricament cada estat de consum de corrent en termes de la seva durada i consum de corrent. 6.- Una comparativa entre Bluetooth Mesh i 6BLEMesh, en termes de pila de protocols, overhead d'encapsulament de protocol, laténcia extrem a extrem, consum d'energia, nombre de missatges transmesos, fiabilitat extrem a extrem, robustesa davant de topologies variables, i connexió a Internet. Bluetooth Mesh i 6BLEMesh són solucions de BLE mesh networking fonamentalment diferents. Les seves prestacions depenen de la seva configuració de parametres. Ara bé, es poden extreure les següents conclusions. Bluetooth Mesh mostra un overhead d'encapsulament de protocol lleugerament superior al de 6BLEmesh. Tots dos, Bluetooth Mesh i 6BLEMesh, ofereixen flexibilitat per configurar la laténcia per cada salt. Per un target de laténcia doni¡it, 6BLEMesh ofereix un consum d'energia inferior. En termes de nombre de missatges transmesos, les dues solucions ofereixen prestacions relativament similars per a xarxes petites. Ara bé, 6BLEMesh escala millor amb la mida i la densitat de la xarxa. 6BLEMesh s'aproxima a una probabilitat d'entrega de paquets ideal en preséncia d'errors de bit (amb un increment en la laténcia), mentre que Bluetooth Mesh requereix diversitat de caml per assolir unes prestacions similars. Bluetooth Mesh no pateix els gaps de connectivitat que experimenta 6BLLEMesh a causa de canvis en la topología. Finalment, 6BLEMesh suporta de forma natural la connectivitat amb Internet basada en IP, mentre que Bluetooth Mesh requereix un gateway de traducció de protocols.Postprint (published version

A security architecture for IPv6 enabled wireless medical sensor networks.

We present the design of an IPv6 enabled wireless sensor network based on the IEEE 802.15.4 standard for medical monitoring. We design a routing mechanism for efficient flooding, a hop-by-hop error recovery and congestion control mechanism for reliable packet delivery and a lightweight security architecture for the medical monitoring system. We extend the widely used Extensible Authentication Protocol (EAP) to employ the Generalized Pre-shared Key (GPSK) authentication method with some optimizations for securing the system. We use the 3-party EAP model with the Personal Area Network Coordinator (PAN coordinator) of IEEE 802.15.4 standard as the EAP authenticator for authenticating sensor nodes within the radio range of the PAN coordinator. In order to use EAP authentication for a sensor node several hops away from the PAN coordinator, we define a new role (relay authenticator) for its coordinator which tunnels EAP messages to the PAN coordinator securely. We define EAP message encapsulation for IEEE 802.15.4 networks and a key hierarchy for the security architecture. We have simulated the system and shown that EAP based authentication is feasible in wireless sensor networks.The original print copy of this thesis may be available here: http://wizard.unbc.ca/record=b136235

Device discovery and context registration in static context header compression networks

Due to the limited bandwidth of Low-Power Wide-Area Networks (LPWAN), the application layer is currently often tied straight above the link layer, limiting the evolution of sensor networks distributed over a large area. Consequently, the highly efficient Static Context Header Compression (SCHC) standard was introduced, where devices can compress the IPv6 and upper layer protocols down to a single byte. This approach, however, assumes that every compression context is distributed before deployment, again limiting the evolution of such networks. Therefore, this paper presents two context registration mechanisms leveraging on the SCHC adaptation layer. This is done by analyzing current registration solutions in order to find limitations and optimizations with regard to very constrained networks. Both solutions and the current State-of-The-Art (SoTA) are evaluated in a Lightweight Machine to Machine (LwM2M) environment. In such situation, both developed solutions decrease the energy consumption already after 25 transmissions, compared with the current SoTA. Furthermore, simulations show that Long Range (LoRa) devices still have a 80% chance to successfully complete the registration flow in a network with a 50% Packet Error Ratio. Briefly, the work presented in this paper delivers bootstrapping tools to constrained, SCHC-enabled networks while still being able to reduce energy consumption

Enhanced Trust-nd Protocol To Prevent Temporal Denial-of-service Vulnerabilities On Ipv6 Link-local Network

Trust-ND is a trust-based distributed security mechanism to secure IPv6 link-local networks as an alternative to the highly complex Secure Neighbor Discovery (SEND) protocol. However, theoretical analysis and experimental research revealed that the Trust-ND protocol is susceptible to temporal Denial-of-Service vulnerabilities due to timestamp reference, field size and format, and verification rule. This research aims to prevent temporal DoS vulnerabilities on IPv6 link-local networks by enhancing Trust-ND without jeopardizing its original structure to retain its advantages over SEND. The proposed enhanced version of Trust-ND, called eTrustND, addresses the vulnerabilities in three stages, (i) Timestamp Formulation, (ii) Enhanced Trust-ND, and (iii) Rule-based verification mechanism. The first stage changes the reference time from system time to UTC, the 24-hour time format in hexadecimal to epoch second in integer. It also increases the precision from one hundredth to one ten-thousandth second. The second stage utilizes the Trust-ND’s Reserved field for the sub-second value and changes the timestamp field data type from byte to IntField. The third stage proposes a rule-based verification mechanism to handle out-of-sync computer clocks, preventing temporal DoS vulnerabilities. The experiment results on a testbed demonstrate that eTrustND prevents temporal-based DoS vulnerabilities without jeopardizing the original Trust-ND packet structure and adding overheads (computation and bandwidth)

Routing and Mobility on IPv6 over LoWPAN

The IoT means a world-wide network of interconnected objects based on standard communication protocols. An object in this context is a quotidian physical device augmented with sensing/actuating, processing, storing and communication capabilities. These objects must be able to interact with the surrounding environment where they are placed and to cooperate with neighbouring objects in order to accomplish a common objective. The IoT objects have also the capabilities of converting the sensed data into automated instructions and communicating them to other objects through the communication networks, avoiding the human intervention in several tasks. Most of IoT deployments are based on small devices with restricted computational resources and energy constraints. For this reason, initially the scientific community did not consider the use of IP protocol suite in this scenarios because there was the perception that it was too heavy to the available resources on such devices. Meanwhile, the scientific community and the industry started to rethink about the use of IP protocol suite in all IoT devices and now it is considered as the solution to provide connectivity between the IoT devices, independently of the Layer 2 protocol in use, and to connect them to the Internet. Despite the use of IP suite protocol in all devices and the amount of solutions proposed, many open issues remain unsolved in order to reach a seamless integration between the IoT and the Internet and to provide the conditions to IoT service widespread. This thesis addressed the challenges associated with the interconnectivity between the Internet and the IoT devices and with the security aspects of the IoT. In the interconnectivity between the IoT devices and the Internet the problem is how to provide valuable information to the Internet connected devices, independently of the supported IP protocol version, without being necessary accessed directly to the IoT nodes. In order to solve this problem, solutions based on Representational state transfer (REST) web services and IPv4 to IPv6 dual stack transition mechanism were proposed and evaluated. The REST web service and the transition mechanism runs only at the border router without penalizing the IoT constrained devices. The mitigation of the effects of internal and external security attacks minimizing the overhead imposed on the IoT devices is the security challenge addressed in this thesis. Three different solutions were proposed. The first is a mechanism to prevent remotely initiated transport level Denial of Service attacks that avoids the use of inefficient and hard to manage traditional firewalls. It is based on filtering at the border router the traffic received from the Internet and destined to the IoT network according to the conditions announced by each IoT device. The second is a network access security framework that can be used to control the nodes that have access to the network, based on administrative approval, and to enforce security compliance to the authorized nodes. The third is a network admission control framework that prevents IoT unauthorized nodes to communicate with IoT authorized nodes or with the Internet, which drastically reduces the number of possible security attacks. The network admission control was also exploited as a management mechanism as it can be used to manage the network size in terms of number of nodes, making the network more manageable, increasing its reliability and extending its lifetime.A IoT (Internet of Things) tem suscitado o interesse tanto da comunidade académica como da indústria, uma vez que os campos de aplicação são inúmeros assim como os potenciais ganhos que podem ser obtidos através do uso deste tipo de tecnologia. A IoT significa uma rede global de objetos ligados entre si através de uma rede de comunicações baseada em protocolos standard. Neste contexto, um objeto é um objeto físico do dia a dia ao qual foi adicionada a capacidade de medir e de atuar sobre variáveis físicas, de processar e armazenar dados e de comunicar. Estes objetos têm a capacidade de interagir com o meio ambiente envolvente e de cooperar com outros objetos vizinhos de forma a atingirem um objetivo comum. Estes objetos também têm a capacidade de converter os dados lidos em instruções e de as comunicar a outros objetos através da rede de comunicações, evitando desta forma a intervenção humana em diversas tarefas. A maior parte das concretizações de sistemas IoT são baseados em pequenos dispositivos autónomos com restrições ao nível dos recursos computacionais e de retenção de energia. Por esta razão, inicialmente a comunidade científica não considerou adequado o uso da pilha protocolar IP neste tipo de dispositivos, uma vez que havia a perceção de que era muito pesada para os recursos computacionais disponíveis. Entretanto, a comunidade científica e a indústria retomaram a discussão acerca dos benefícios do uso da pilha protocolar em todos os dispositivos da IoT e atualmente é considerada a solução para estabelecer a conetividade entre os dispositivos IoT independentemente do protocolo da camada dois em uso e para os ligar à Internet. Apesar do uso da pilha protocolar IP em todos os dispositivos e da quantidade de soluções propostas, são vários os problemas por resolver no que concerne à integração contínua e sem interrupções da IoT na Internet e de criar as condições para a adoção generalizada deste tipo de tecnologias. Esta tese versa sobre os desafios associados à integração da IoT na Internet e dos aspetos de segurança da IoT. Relativamente à integração da IoT na Internet o problema é como fornecer informação válida aos dispositivos ligados à Internet, independentemente da versão do protocolo IP em uso, evitando o acesso direto aos dispositivos IoT. Para a resolução deste problema foram propostas e avaliadas soluções baseadas em web services REST e em mecanismos de transição IPv4 para IPv6 do tipo pilha dupla (dual stack). O web service e o mecanismo de transição são suportados apenas no router de fronteira, sem penalizar os dispositivos IoT. No que concerne à segurança, o problema é mitigar os efeitos dos ataques de segurança internos e externos iniciados local e remotamente. Foram propostas três soluções diferentes, a primeira é um mecanismo que minimiza os efeitos dos ataques de negação de serviço com origem na Internet e que evita o uso de mecanismos de firewalls ineficientes e de gestão complexa. Este mecanismo filtra no router de fronteira o tráfego com origem na Internet é destinado à IoT de acordo com as condições anunciadas por cada um dos dispositivos IoT da rede. A segunda solução, é uma framework de network admission control que controla quais os dispositivos que podem aceder à rede com base na autorização administrativa e que aplica políticas de conformidade relativas à segurança aos dispositivos autorizados. A terceira é um mecanismo de network admission control para redes 6LoWPAN que evita que dispositivos não autorizados comuniquem com outros dispositivos legítimos e com a Internet o que reduz drasticamente o número de ataques à segurança. Este mecanismo também foi explorado como um mecanismo de gestão uma vez que pode ser utilizado a dimensão da rede quanto ao número de dispositivos, tornando-a mais fácil de gerir e aumentando a sua fiabilidade e o seu tempo de vida

Wireless mesh networks for smart-grids

Tese de mestrado. Mestrado Integrado em Engenharia Electrotécnica e de Computadores - Major Telecomunicações. Faculdade de Engenharia. Universidade do Porto. 201