Ryan Shah,Shishir Nagaraja

DOI: https://doi.org/10.1007/978-3-030-65610-2_1

2020-01-01

Information Systems Security

Abstract:Accuracy (and hence calibration) is a key requirement of safety-critical IoT (SC-IoT) systems. Calibration workflows involve a number of parties such as device users, manufacturers, calibration facilities and NMIs who must collaborate but may also compete (mutually untrusting). For instance, a surgical robot manufacturer may wish to hide the identities of third-parties from the operator (hospital), in order to maintain confidentiality of business relationships around its robot products. Thus, information flows that reveal who-calibrates-for-whom need to be managed to ensure confidentiality. Similarly, meta-information about what-is-being-calibrated and how-often-it-is-calibrated may compromise operational confidentiality of a deployment. We show that the challenge of managing information flows between the parties involved in calibration cannot be met by any of the classical access control models, as any one of them, or a simple conjunction of a subset such as the lattice model, fails to meet the desired access control requirements. We demonstrate that a new unified access control model that combines BIBA, BLP, and Chinese Walls holds rich promise. We study the case for unification, system properties, and develop an XACML-based authorisation framework which enforces the unified model. We show that upon evaluation against a baseline simple-conjunction of the three models individually, our unified model outperforms with authorisation times at least 10ms lower than the baseline. This demonstrates it is capable of solving the novel access control challenges thrown up by digital-calibration workflows.

Tuukka Mustapää,Pekka Nikander,Daniel Hutzschenreuter,Raine Viitala

DOI: https://doi.org/10.3390/s20174730

IF: 3.9

2020-08-21

Sensors

Abstract:IoT systems based on collaborative sensor networks are becoming increasingly common in various industries owing to the increased availability of low-cost sensors. The quality of the data provided by these sensors may be unknown. For these reasons, advanced data processing and sensor network self-calibration methods have become popular research topics. In terms of metrology, the self-calibration methods lack the traceability to the established measurement standards of National Metrology Institutes (NMIs) through an unbroken chain-link of calibration. This problem can be solved by the ongoing digitalization of the metrology infrastructure. We propose a conceptual solution based on Digital Calibration Certificates (DCCs), Digital SI (D-SI), and cryptographic digital identifiers, for validation of data quality and trustworthiness. The data that enable validation and traceability can be used to improve analytics, decision-making, and security in industrial applications. We discuss the applicability and benefits of our solutions in a selection of industrial use cases, where collaborative sensing has already been introduced. We present the remaining challenges in the digitization and standardization processes regarding digital metrology and the future work required to address them.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Amir Dirin,Ian Oliver,Teemu H Laine

DOI: https://doi.org/10.3390/s23177532

2023-08-30

Abstract:The trustworthiness of a system is not just about proving the identity or integrity of the hardware but also extends to the data, control, and management planes of communication between devices and the software they are running. This trust in data and device integrity is desirable for Internet of Things (IoT) systems, especially in critical environments. In this study, we developed a security framework, IoTAttest, for building IoT systems that leverage the Trusted Platform Module 2.0 and remote attestation technologies to enable the establishment of IoT devices' collected data and control plan traffic integrity. After presenting the features and reference architecture of IoTAttest, we evaluated the privacy preservation and validity through the implementation of two proof-of-concept IoT applications that were designed by two teams of university students based on the reference architecture. After the development, the developers answered open questions regarding their experience and perceptions of the framework's usability, limitations, scalability, extensibility, potential, and security. The results indicate that IoTAttest can be used to develop IoT systems with effective attestation to achieve device and data integrity. The proof-of-concept solutions' outcomes illustrate the functionalities and performance of the IoT framework. The feedback from the proof-of-concept developers affirms that they perceived the framework as usable, scalable, extensible, and secure.

Yuanyu Zhang,Shoji Kasahara,Yulong Shen,Xiaohong Jiang,Jianxiong Wan

DOI: https://doi.org/10.1109/jiot.2018.2847705

IF: 10.6

2018-01-01

IEEE Internet of Things Journal

Abstract:This paper investigates a critical access control issue in the Internet of Things (IoT). In particular, we propose a smart contract-based framework, which consists of multiple access control contracts (ACCs), one judge contract (JC) and one register contract (RC), to achieve distributed and trustworthy access control for IoT systems. Each ACC provides one access control method for a subject-object pair, and implements both static access right validation based on predefined policies and dynamic access right validation by checking the behavior of the subject. The JC implements a misbehavior-judging method to facilitate the dynamic validation of the ACCs by receiving misbehavior reports from the ACCs, judging the misbehavior and returning the corresponding penalty. The RC registers the information of the access control and misbehavior-judging methods as well as their smart contracts, and also provides functions (e.g., register, update and delete) to manage these methods. To demonstrate the application of the framework, we provide a case study in an IoT system with one desktop computer, one laptop and two Raspberry Pi single-board computers, where the ACCs, JC and RC are implemented based on the Ethereum smart contract platform to achieve the access control.

Robert E. Hiromoto,Michael Haney,Aleksandar Vakanski

DOI: https://doi.org/10.1109/idaacs.2017.8095118

2017-09-01

Abstract:We proposes the development of a cyber-secure, Internet of Things (IoT), supply chain risk management architecture. The proposed architecture is designed to reduce vulnerabilities of malicious supply chain risks by applying machine learning (ML), cryptographic hardware monitoring (CHM), and distributed system coordination (DSC) techniques to mitigate the consequences of unforeseen (including general component failure) threats. In combination, these crosscutting technologies will be integrated into Instrumentation-and-ControI/Operator-in-the-Loop (ICOL) architecture to learn normal and abnormal system behaviors. The detection of absolute or perceived abnormal system-component behaviors will trigger an ICOL alert that will require an operator's manual verification-response action (i.e., that the detected alert is, or is not a viable control system threat). The operator's verification-response will be fed back into the ML systems to recalibrate the perceived normal or abnormal state of the system's behavior.

Naoki Takegawa,Noriyuki Furuichi

DOI: https://doi.org/10.3390/s23031673

IF: 3.9

2023-02-04

Sensors

Abstract:Metrological traceability is essential to ensure the reliability of calibration tests. Calibration certificates usually include information on only one upper-level reference standard. As metrological traceability is multi-layered, generally there is no method available for end users to instantly confirm the traceability from the reference standard to a primary standard. This study focuses on the Ethereum blockchain, which has both tamper resistance and high availability, as a digital data management method. To improve the transparency and reliability of calibration tests, a smart contract that traces back to the primary standard is proposed. Consequently, it is confirmed that end users can instantly obtain traceability information. In addition, the execution of smart contracts requires transaction fees. Here, the calculation of the transaction fees is organized, and the traceability management system is discussed from a cost-effective perspective in the field of metrology.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Serin V. Simpson,Y. Ravi Raju,K. Bhanu Rajesh Naidu,Gopika Venu

DOI: https://doi.org/10.1007/s41870-023-01467-5

2023-09-13

International Journal of Information Technology

Abstract:This study presents SECURE TRUST, a novel blockchain-enabled trust and reputation system designed to address the growing security risks associated with the proliferation of IoT devices. By leveraging blockchain technology, our system effectively evaluates the reliability of nodes in IoT networks and mitigates harmful activities. Our approach employs smart contracts to facilitate collaborative detection and mitigation of malicious behavior among nodes. Furthermore, we integrate a trust and reputation system that assigns trust ratings to nodes based on their past interactions and behavior. Our system is compatible with various hardware platforms and utilizes open-source software components. Extensive testing demonstrates that our proposed approach reliably detects and reduces security risks caused by malicious nodes, offering robust protection against unwanted activities.

John Wickström,Magnus Westerlund,Göran Pulkkis

DOI: https://doi.org/10.48550/arXiv.2007.02652

2020-07-06

Cryptography and Security

Abstract:Proliferation of IoT devices in society demands a renewed focus on securing the use and maintenance of such systems. IoT-based systems will have a great impact on society and therefore such systems must have guaranteed resilience. We introduce cryptographic-based building blocks that strive to ensure that distributed IoT networks remain in a healthy condition throughout their lifecycle. Our presented solution utilizes deterministic and interlinked smart contracts on the Ethereum blockchain to enforce secured management and maintenance for hardened IoT devices. A key issue investigated is the protocol development for securing IoT device deployments and means for communicating securely with devices. By supporting values of openness, automation, and provenance, we can introduce novel means that reduce the threats of surveillance and theft, while also improving operator accountability and trust in IoT technology.

Daniel Reijsbergen,Aung Maw,Sarad Venugopalan,Dianshi Yang,Tien Tuan Anh Dinh,Jianying Zhou

DOI: https://doi.org/10.48550/arXiv.2205.00185

2022-04-30

Cryptography and Security

Abstract:Smart cities deploy large numbers of sensors and collect a tremendous amount of data from them. For example, Advanced Metering Infrastructures (AMIs), which consist of physical meters that collect usage data about public utilities such as power and water, are an important building block in a smart city. In a typical sensor network, the measurement devices are connected through a computer network, which exposes them to cyber attacks. Furthermore, the data is centrally managed at the operator's servers, making it vulnerable to insider threats. Our goal is to protect the integrity of data collected by large-scale sensor networks and the firmware in measurement devices from cyber attacks and insider threats. To this end, we first develop a comprehensive threat model for attacks against data and firmware integrity, which can target any of the stakeholders in the operation of the sensor network. Next, we use our threat model to analyze existing defense mechanisms, including signature checks, remote firmware attestation, anomaly detection, and blockchain-based secure logs. However, the large size of the Trusted Computing Base and a lack of scalability limit the applicability of these existing mechanisms. We propose the Feather-Light Blockchain Infrastructure (FLBI) framework to address these limitations. Our framework leverages a two-layer architecture and cryptographic threshold signature chains to support large networks of low-capacity devices such as meters and data aggregators. We have fully implemented the FLBI's end-to-end functionality on the Hyperledger Fabric and private Ethereum blockchain platforms. Our experiments show that the FLBI is able to support millions of end devices.

Raj Thilak Rajan,Rob-van Schaijk,Anup Das,Jac Romme,Frank Pasveer

DOI: https://doi.org/10.48550/arXiv.1805.11999

2018-05-30

Abstract:Sensor calibration is one of the fundamental challenges in large-scale IoT networks. In this article, we address the challenge of reference-free calibration of a densely deployed sensor network. Conventionally, to calibrate an in-place sensor network (or sensor array), a reference is arbitrarily chosen with or without prior information on sensor performance. However, an arbitrary selection of a reference could prove fatal, if an erroneous sensor is inadvertently chosen. To avert single point of dependence, and to improve estimator performance, we propose unbiased reference-free algorithms. Although, our focus is on reference-free solutions, the proposed framework, allows the incorporation of additional references, if available. We show with the help of simulations that the proposed solutions achieve the derived statistical lower bounds asymptotically. In addition, the proposed algorithms show improvements on real-life datasets, as compared to prevalent algorithms.

Applications,Machine Learning,Signal Processing

Kruno Miličević,Luka Omrčen,Mirko Kohler,Ivica Lukić

DOI: https://doi.org/10.3390/s22134708

IF: 3.9

2022-06-23

Sensors

Abstract:Trends for the digital transformation of metrology and regulation of metrology through IT have some keywords in common with the main properties of the blockchain, such as traceability, immutability, and machine-readable documents. The possible applicability of the blockchain as an innovative IT solution for metrology regulation is known in the scientific community. Still, blockchain implementation must consider the entire metrology pyramid—the technical aspects and the legal framework intrinsic to metrology. This is also valid for possible IoT blockchain applications. In resolving the issues, this paper applies a bottom-up approach, starting from IoT devices analyzed as oracles and building up to the sole definition of measurement units, thereby discussing technical aspects concerning relevant standardization documents. The resulting trust model concept encompasses the vertical and horizontal traceability of the measurement results (oracle data), where normative standards and legal requirements are crucial for building trust. Conclusively, for practical implementations, it will be necessary to analyze blockchain properties and applicability with a view to the standard requirements, as shown for WELMEC.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Davide Margaria,Alberto Carelli,Andrea Vesco

DOI: https://doi.org/10.1109/CCGridW63211.2024.00006

2024-10-14

Abstract:Nowadays, Internet of Things platforms are being deployed in a wide range of application domains. Some of these include use cases with security requirements, where the data generated by an IoT node is the basis for making safety-critical or liability-critical decisions at system level. The challenge is to develop a solution for data exchange while proving and verifying the authenticity of the data from end-to-end. In line with this objective, this paper proposes a novel solution with the proper protocols to provide Trust in Data, making use of two Roots of Trust that are the IOTA Distributed Ledger Technology and the Trusted Platform Module. The paper presents the design of the proposed solution and discusses the key design aspects and relevant trade-offs. The paper concludes with a Proof-of-Concept implementation and an experimental evaluation to confirm its feasibility and to assess the achievable performance.

Cryptography and Security

Chia-Chi Li,Behnam Dezfouli

DOI: https://doi.org/10.48550/arXiv.1805.04215

2018-05-11

Performance

Abstract:Calibration is an important step towards building reliable IoT systems. For example, accurate sensor reading requires ADC calibration, and power monitoring chips must be calibrated before being used for measuring the energy consumption of IoT devices. In this paper, we present ProCal, a low-cost, accurate, and scalable power calibration tool. ProCal is a programmable platform which provides dynamic voltage and current output for calibration. The basic idea is to use a digital potentiometer connected to a parallel resistor network controlled through digital switches. The resistance and output frequency of ProCal is controlled by a software communicating with the board through the SPI interface. Our design provides a simple synchronization mechanism which prevents the need for accurate time synchronization. We present mathematical modeling and validation of the tool by incorporating the concept of Fibonacci sequence. Our extensive experimental studies show that this tool can significantly improve measurement accuracy. For example, for ATMega2560, the ADC error reduces from 0.2% to 0.01%. ProCal not only costs less than 2\% of the current commercial solutions, it is also highly accurate by being able to provide extensive range of current and voltage values.

Fahed Alkhabbas,Mohammed Alsadi,Sadi Alawadi,Feras M Awaysheh,Victor R Kebande,Mahyar T Moghaddam

DOI: https://doi.org/10.3390/s22186842

2022-09-09

Abstract:Internet of Things (IoT) systems are complex systems that can manage mission-critical, costly operations or the collection, storage, and processing of sensitive data. Therefore, security represents a primary concern that should be considered when engineering IoT systems. Additionally, several challenges need to be addressed, including the following ones. IoT systems' environments are dynamic and uncertain. For instance, IoT devices can be mobile or might run out of batteries, so they can become suddenly unavailable. To cope with such environments, IoT systems can be engineered as goal-driven and self-adaptive systems. A goal-driven IoT system is composed of a dynamic set of IoT devices and services that temporarily connect and cooperate to achieve a specific goal. Several approaches have been proposed to engineer goal-driven and self-adaptive IoT systems. However, none of the existing approaches enable goal-driven IoT systems to automatically detect security threats and autonomously adapt to mitigate them. Toward bridging these gaps, this paper proposes a distributed architectural Approach for engineering goal-driven IoT Systems that can autonomously SElf-adapt to secuRity Threats in their environments (ASSERT). ASSERT exploits techniques and adopts notions, such as agents, federated learning, feedback loops, and blockchain, for maintaining the systems' security and enhancing the trustworthiness of the adaptations they perform. The results of the experiments that we conducted to validate the approach's feasibility show that it performs and scales well when detecting security threats, performing autonomous security adaptations to mitigate the threats and enabling systems' constituents to learn about security threats in their environments collaboratively.

D. Cojocaru,D. Popescu,N. Enescu,D. Mancas,Liviu Florin Manta

DOI: https://doi.org/10.1109/ICCC57093.2023.10178932

2023-06-12

Abstract:The Internet of Things (IoT) is the natural response to the need of collecting remote data, to monitor and to remote control hardware devices, given the advancements in the telecommunication field. Started in 1980’s as an application to remotely monitor the supply level of a vending machine placed in a university campus, coined as term by Kevin Aston in 1999, the IoT was used by more than 25% of businesses at 2019 level, and gained popularity as a remote tool for home appliances. A branch of IoT is represented by urban IoT systems, designed to support the smart city vision - Smart City, which seeks to exploit the most advanced communication technologies to support value-added services for city administration and citizens; up until the present, the main developments in this area was conducted toward smart traffic / parking management, and air quality monitoring. In this context, the SmartTest research project aims to create a prototype equipment in form of an intelligent modular system for metrological calibration/verification for time and for distance parameters in urban transport, with robotic assistance and IoT functionalities, which will lead to the development of innovative products and services intended for metrological verifications in motor vehicle traffic – transport of goods but also of passengers.

Engineering,Environmental Science,Computer Science

Marco Arazzi,Serena Nicolazzo,Antonino Nocera

DOI: https://doi.org/10.1016/j.pmcj.2024.101889

2023-10-02

Abstract:With the number of connected smart devices expected to constantly grow in the next years, Internet of Things (IoT) solutions are experimenting a booming demand to make data collection and processing easier. The ability of IoT appliances to provide pervasive and better support to everyday tasks, in most cases transparently to humans, is also achieved through the high degree of autonomy of such devices. However, the higher the number of new capabilities and services provided in an autonomous way, the wider the attack surface that exposes users to data hacking and lost. In this scenario, many critical challenges arise also because IoT devices have heterogeneous computational capabilities (i.e., in the same network there might be simple sensors/actuators as well as more complex and smart nodes). In this paper, we try to provide a contribution in this setting, tackling the non-trivial issues of equipping smart things with a strategy to evaluate, also through their neighbors, the trustworthiness of an object in the network before interacting with it. To do so, we design a novel and fully distributed trust model exploiting devices' behavioral fingerprints, a distributed consensus mechanism and the Blockchain technology. Beyond the detailed description of our framework, we also illustrate the security model associated with it and the tests carried out to evaluate its correctness and performance.

Cryptography and Security,Machine Learning

Denise Ratasich,Faiq Khalid,Florian Geissler,Radu Grosu,Muhammad Shafique,Ezio Bartocci

DOI: https://doi.org/10.1109/ACCESS.2019.2891969

2018-11-06

Abstract:The Internet of Things (IoT) is a ubiquitous system connecting many different devices - the things - which can be accessed from the distance. The cyber-physical systems (CPS) monitor and control the things from the distance. As a result, the concepts of dependability and security get deeply intertwined. The increasing level of dynamicity, heterogeneity, and complexity adds to the system's vulnerability, and challenges its ability to react to faults. This paper summarizes state-of-the-art of existing work on anomaly detection, fault-tolerance and self-healing, and adds a number of other methods applicable to achieve resilience in an IoT. We particularly focus on non-intrusive methods ensuring data integrity in the network. Furthermore, this paper presents the main challenges in building a resilient IoT for CPS which is crucial in the era of smart CPS with enhanced connectivity (an excellent example of such a system is connected autonomous vehicles). It further summarizes our solutions, work-in-progress and future work to this topic to enable "Trustworthy IoT for CPS". Finally, this framework is illustrated on a selected use case: A smart sensor infrastructure in the transport domain.

Emerging Technologies,Machine Learning,Networking and Internet Architecture

Yang You,Kai You,Hao Chen,Tobias J. Oechtering

DOI: https://doi.org/10.1109/jiot.2022.3144934

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:In this article, data-driven self-calibration algorithms for the Internet of Things-based gas concentration monitoring systems embedded with low-cost gas sensors are designed. The measurement errors are assumed to be caused by imperfect compensation for the variation of sensor component behavior. Specifically, the calibration procedure for the nondispersive infrared $CO_{2}$ sensors is developed, for which the temperature dependency is the most dominant drift source. For a single sensor, the hidden Markov model is used to characterize the statistical relationship between different quantities introduced by the physical model that builds on the Beer–Lambert law. For the calibration in the Internet of Things-based system, sensors first transmit their belief functions of the true gas concentration level to the cloud. Then, the cloud fusion center computes a fused belief function according to certain rules. This belief function is then used as reference for calibrating the sensors. To deal with the case where belief functions highly conflict with each other, a Wasserstein distance-based weighted average belief function fusion approach is first proposed as a networked calibration algorithm. To achieve more long-term stable calibration results, the networked calibration problem is further formulated as a partially observed Markov decision process (MDP) problem, and the calibration strategies are derived in a sequential manner. Correspondingly, the deep $Q$ -network approach is applied as a computationally efficient method to solve the proposed MDP problem. The performance of practical designs of the proposed self-calibration algorithms is finally illustrated in numerical experiments utilizing real data.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mohammad Hossein Chinaei,Hassan Habibi Gharakheili,Vijay Sivaraman

DOI: https://doi.org/10.1109/JIOT.2021.3051433

2020-07-07

Abstract:Verification of data generated by wearable sensors is increasingly becoming of concern to health service providers and insurance companies. There is a need for a verification framework that various authorities can request a verification service for the local network data of a target IoT device. In this paper, we leverage blockchain as a distributed platform to realize an on-demand verification scheme. This allows authorities to automatically transact with connected devices for witnessing services. A public request is made for witness statements on the data of a target IoT that is transmitted on its local network, and subsequently, devices (in close vicinity of the target IoT) offer witnessing service. Our contributions are threefold: (1) We develop a system architecture based on blockchain and smart contract that enables authorities to dynamically avail a verification service for data of a subject device from a distributed set of witnesses which are willing to provide (in a privacy-preserving manner) their local wireless measurement in exchange of monetary return; (2) We then develop a method to optimally select witnesses in such a way that the verification error is minimized subject to monetary cost constraints; (3) Lastly, we evaluate the efficacy of our scheme using real Wi-Fi session traces collected from a five-storeyed building with more than thirty access points, representative of a hospital. According to the current pricing schedule of the Ethereum public blockchain, our scheme enables healthcare authorities to verify data transmitted from a typical wearable device with the verification error of the order 0.01% at cost of less than two dollars for one-hour witnessing service.

Cryptography and Security

Shachar Siboni,Vinay Sachidananda,Asaf Shabtai,Yuval Elovici

DOI: https://doi.org/10.48550/arXiv.1610.05971

2016-10-19

Abstract:The Internet of Things (IoT) is a global ecosystem of information and communication technologies aimed at connecting any type of object (thing), at any time and in any place, to each other and to the Internet. One of the major problems associated with the IoT is maintaining security; the heterogeneous nature of such deployments poses a challenge to many aspects of security, including security testing and analysis. In addition, there is no existing mechanism that performs security testing for IoT devices in different contexts. In this paper, we propose an innovative security testbed framework targeted at IoT devices. The security testbed supports both standard and context-based security testing, with a set of security tests conducted under the different environmental conditions in which IoT devices operate. The requirements and architectural design of the proposed testbed are discussed, and the testbed operation is demonstrated in several testing scenarios.

Cryptography and Security