A Distributed Audit Trail for the Internet of Things

Sharing Internet of Things (IoT) data over open-data platforms and digital data marketplaces can reduce infrastructure investments, improve sustainability by reducing the required resources, and foster innovation. However, due to the inability to audit the authenticity, integrity, and quality of IoT data, third-party data consumers cannot assess the trustworthiness of received data. Therefore, it is challenging to use IoT data obtained from third parties for quality-relevant applications. To overcome this limitation, the IoT data must be auditable. Distributed Ledger Technology (DLT) is a promising approach for building auditable systems. However, the existing solutions do not integrate authenticity, integrity, data quality, and location into an all-encompassing auditable model and only focus on specific parts of auditability. This thesis aims to provide a distributed audit trail that makes the IoT auditable and enables sharing of IoT data between multiple organizations for quality relevant applications. Therefore, we designed and evaluated the Veritaa framework. The Veritaa framework comprises the Graph of Trust (GoT) as distributed audit trail and a DLT to immutably store the transactions that build the GoT. The contributions of this thesis are summarized as follows. First, we designed and evaluated the GoT a DLT-based Distributed Public Key Infrastructure (DPKI) with a signature store. Second, we designed a Distributed Calibration Certificate Infrastructure (DCCI) based on the GoT, which makes quality-relevant maintenance information of IoT devices auditable. Third, we designed an Auditable Positioning System (APS) to make positions in the IoT auditable. Finally, we designed an Location Verification System (LVS) to verify location claims and prevent physical layer attacks against the APS. All these components are integrated into the GoT and build the distributed audit trail. We implemented a real-world testbed to evaluate the proposed distributed audit trail. This testbed comprises several custom-built IoT devices connectable over Long Range Wide Area Network (LoRaWAN) or Long-Term Evolution Category M1 (LTE Cat M1), and a Bluetooth Low Energy (BLE)-based Angle of Arrival (AoA) positioning system. All these low-power devices can manage their identity and secure their data on the distributed audit trail using the IoT client of the Veritaa framework. The experiments suggest that a distributed audit trail is feasible and secure, and the low-power IoT devices are capable of performing the required cryptographic functions. Furthermore, the energy overhead introduced by making the IoT auditable is limited and reasonable for quality-relevant applications

Enhancing Cyber Security of LoRaWAN Gateways under Adversarial Attacks

The Internet of Things (IoT) has disrupted the IT landscape drastically, and Long Range Wide Area Network (LoRaWAN) is one specification that enables these IoT devices to have access to the Internet. Former security analyses have suggested that the gateways in LoRaWAN in their current state are susceptible to a wide variety of malicious attacks, which can be notoriously difficult to mitigate since gateways are seen as obedient relays by design. These attacks, if not addressed, can cause malfunctions and loss of efficiency in the network traffic. As a solution to this unique problem, this paper presents a novel certificate authentication technique that enhances the cyber security of gateways in the LoRaWAN network. The proposed technique considers a public key infrastructure (PKI) solution that considers a two-tier certificate authority (CA) setup, such as a root-CA and intermediate-CA. This solution is promising, as the simulation results validate that about 66.67% of the packets that are arriving from an illegitimate gateway (GW) are discarded in our implemented secure and reliable solution

Enhancing Cyber Security of LoRaWAN Gateways under Adversarial Attacks

The Internet of Things (IoT) has disrupted the IT landscape drastically, and Long Range Wide Area Network (LoRaWAN) is one specification that enables these IoT devices to have access to the Internet. Former security analyses have suggested that the gateways in LoRaWAN in their current state are susceptible to a wide variety of malicious attacks, which can be notoriously difficult to mitigate since gateways are seen as obedient relays by design. These attacks, if not addressed, can cause malfunctions and loss of efficiency in the network traffic. As a solution to this unique problem, this paper presents a novel certificate authentication technique that enhances the cyber security of gateways in the LoRaWAN network. The proposed technique considers a public key infrastructure (PKI) solution that considers a two-tier certificate authority (CA) setup, such as a root-CA and intermediate-CA. This solution is promising, as the simulation results validate that about 66.67% of the packets that are arriving from an illegitimate gateway (GW) are discarded in our implemented secure and reliable solution

Internet of robotic things : converging sensing/actuating, hypoconnectivity, artificial intelligence and IoT Platforms

The Internet of Things (IoT) concept is evolving rapidly and influencing newdevelopments in various application domains, such as the Internet of MobileThings (IoMT), Autonomous Internet of Things (A-IoT), Autonomous Systemof Things (ASoT), Internet of Autonomous Things (IoAT), Internetof Things Clouds (IoT-C) and the Internet of Robotic Things (IoRT) etc.that are progressing/advancing by using IoT technology. The IoT influencerepresents new development and deployment challenges in different areassuch as seamless platform integration, context based cognitive network integration,new mobile sensor/actuator network paradigms, things identification(addressing, naming in IoT) and dynamic things discoverability and manyothers. The IoRT represents new convergence challenges and their need to be addressed, in one side the programmability and the communication ofmultiple heterogeneous mobile/autonomous/robotic things for cooperating,their coordination, configuration, exchange of information, security, safetyand protection. Developments in IoT heterogeneous parallel processing/communication and dynamic systems based on parallelism and concurrencyrequire new ideas for integrating the intelligent “devices”, collaborativerobots (COBOTS), into IoT applications. Dynamic maintainability, selfhealing,self-repair of resources, changing resource state, (re-) configurationand context based IoT systems for service implementation and integrationwith IoT network service composition are of paramount importance whennew “cognitive devices” are becoming active participants in IoT applications.This chapter aims to be an overview of the IoRT concept, technologies,architectures and applications and to provide a comprehensive coverage offuture challenges, developments and applications

Internet of Things From Hype to Reality

The Internet of Things (IoT) has gained significant mindshare, let alone attention, in academia and the industry especially over the past few years. The reasons behind this interest are the potential capabilities that IoT promises to offer. On the personal level, it paints a picture of a future world where all the things in our ambient environment are connected to the Internet and seamlessly communicate with each other to operate intelligently. The ultimate goal is to enable objects around us to efficiently sense our surroundings, inexpensively communicate, and ultimately create a better environment for us: one where everyday objects act based on what we need and like without explicit instructions

The Merits of a Decentralized Pollution-Monitoring System Based on Distributed Ledger Technology

Pollution-monitoring systems (PMSs) are used worldwide to sense environmental changes, such as air quality conditions or temperature increases, and to monitor compliance with regulations. However, organizations manage the environmental data collected by such PMSs in a centralized manner, which is why recorded environmental data are vulnerable to manipulation. Moreover, the analysis of pollution data often lacks transparency to outsiders, which may lead to wrong decisions regarding environmental regulations. To address these challenges, we propose a software design for PMSs based on distributed ledger technology (DLT) and the long-range (LoRa) protocol for flexible, transparent, and energy-efficient environment monitoring and data management. To design the PMS, we conducted a comprehensive requirements analysis for PMSs. We benchmarked different consensus mechanisms (e.g., BFT-SMaRt and Raft) and digital signature schemes (e.g., ECDSA and EdDSA) to adequately design the PMS and fulfill the identified requirements

New Waves of IoT Technologies Research – Transcending Intelligence and Senses at the Edge to Create Multi Experience Environments

The next wave of Internet of Things (IoT) and Industrial Internet of Things (IIoT) brings new technological developments that incorporate radical advances in Artificial Intelligence (AI), edge computing processing, new sensing capabilities, more security protection and autonomous functions accelerating progress towards the ability for IoT systems to self-develop, self-maintain and self-optimise. The emergence of hyper autonomous IoT applications with enhanced sensing, distributed intelligence, edge processing and connectivity, combined with human augmentation, has the potential to power the transformation and optimisation of industrial sectors and to change the innovation landscape. This chapter is reviewing the most recent advances in the next wave of the IoT by looking not only at the technology enabling the IoT but also at the platforms and smart data aspects that will bring intelligence, sustainability, dependability, autonomy, and will support human-centric solutions.acceptedVersio