| 1. |
- Gehrmann, Christian, et al.
(författare)
-
SMACK : Short Message Authentication ChecK Against Battery Exhaustion in the Internet of Things
- 2015. - 13
-
Ingår i: 2015 12th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). - 9781467373319 ; , s. 274-282
-
Konferensbidrag (refereegranskat)abstract
- Internet of Things (IoT) commonly identifies the upcoming network society where all connectable devices will be able to communicate with one another. In addition, IoT devices are supposed to be directly connected to the Internet, and many of them are likely to be battery powered. Hence, they are particularly vulnerable to Denial of Service (DoS) attacks specifically aimed at quickly draining battery and severely reducing device lifetime. In this paper, we propose SMACK, a security service which efficiently identifies invalid messages early after their reception, by checking a short and lightweight Message Authentication Code (MAC). So doing, further useless processing on invalid messages can be avoided, thus reducing the impact of DoS attacks and preserving battery life. In particular, we provide an adaptation of SMACK for the standard Constrained Application Protocol (CoAP). Finally, we experimentally evaluate SMACK performance through our prototype implementation for the resource constrained CC2538 platform. Our results show that SMACK is efficient and affordable in terms of memory requirements, computing time, and energy consumption.
|
|
| 2. |
- Gunnarsson, Martin, et al.
(författare)
-
Performance Evaluation of Group OSCORE for Secure Group Communication in the Internet of Things
- 2022
-
Ingår i: ACM Transactions on Internet of Things. - : Association for Computing Machinery. - 2577-6207 .- 2691-1914. ; 3:3
-
Tidskriftsartikel (refereegranskat)abstract
- The Constrained Application Protocol (CoAP) is a major application-layer protocol for the Internet of Things (IoT). The recently standardized security protocol Object Security for Constrained RESTful Environments (OSCORE) efficiently provides end-to-end security of CoAP messages at the application layer, also in the presence of untrusted intermediaries. At the same time, CoAP supports one-to-many communication, targeting use cases such as smart lighting and building automation, firmware update, or emergency broadcast. Securing group communication for CoAP has additional challenges. It can be done using the novel Group Object Security for Constrained RESTful Environments (Group OSCORE) security protocol, which fulfills the same security requirements of OSCORE in group communication environments. While evaluations of OSCORE are available, no studies exist on the performance of Group OSCORE on resource-constrained IoT devices.This article presents the results of our extensive performance evaluation of Group OSCORE over two popular constrained IoT platforms, namely Zolertia Zoul and TI Simplelink. We have implemented Group OSCORE for the Contiki-NG operating system and made our implementation available as open source software. We compared Group OSCORE against unprotected CoAP as well as OSCORE. To the best of our knowledge, this is the first comprehensive and experimental evaluation of Group OSCORE over real constrained IoT devices. © 2022 Copyright held by the owner/author(s).
|
|
| 3. |
|
|
| 4. |
- Höglund, Rikard, et al.
(författare)
-
Current State of the Art in Smart Metering Security
- 2015. - 6
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Power supply infrastructures are facing radical changes. The introduction of Information and Communication Technologies (ICT) into power grids will allow to automatically monitor and control the power demand and supply. This concept is generally referred to as Smart Grid, and is expected to exponentially grow during the coming years. However, ICT systems are increasingly subject to security cyber attacks, which can have a disruptive impact on the whole power grid, and put people’s safety and business interests at risk. This report covers background information on the smart grid with focus on smart metering in particular. Important aspects such as security and life-cycle management are covered. In addition, the typical smart grid components and communication protocols are surveyed.
|
|
| 5. |
- Höglund, Rikard, et al.
(författare)
-
Key Update for the IoT Security Standard OSCORE
- 2023
-
Ingår i: 2023 IEEE International Conference on Cyber Security and Resilience (CSR). - : Institute of Electrical and Electronics Engineers (IEEE). - 9798350311709 - 9798350311716 ; , s. 78-85
-
Konferensbidrag (refereegranskat)abstract
- The standard Constrained Application Protocol (CoAP) is a lightweight, web-transfer protocol based on the REST paradigm and specifically suitable for constrained devices and the Internet-of-Things. Object Security for Constrained RESTful Environment (OSCORE) is a standard, lightweight security protocol that provides end-to-end protection of CoAP messages. A number of methods exist for managing keying material for OSCORE, as to its establishment and update. This paper provides a detailed comparison of such methods, in terms of their features, limitations and security properties. Also, it especially considers the new key update protocol KUDOS, for which it provides a more extended discussion about its features and mechanics, as well as a formal verification of its security properties.
|
|
| 6. |
- Höglund, Rikard, et al.
(författare)
-
Key Update for the IoT Security Standard OSCORE
- 2023
-
Ingår i: 2023 IEEE International Conference on Cyber Security and Resilience (CSR). - : IEEE.
-
Konferensbidrag (refereegranskat)abstract
- The standard Constrained Application Protocol (CoAP) is a lightweight, web-transfer protocol based on the REST paradigm and specifically suitable for constrained devices and the Internet-of-Things. Object Security for Constrained RESTful Environment (OSCORE) is a standard, lightweight security protocol that provides end-to-end protection of CoAP messages. A number of methods exist for managing keying material for OSCORE, as to its establishment and update. This paper provides a detailed comparison of such methods, in terms of their features, limitations and security properties. Also, it especially considers the new key update protocol KUDOS, for which it provides a more extended discussion about its features and mechanics, as well as a formal verification of its security properties.
|
|
| 7. |
- Höglund, Rikard, et al.
(författare)
-
Secure Communication for the IoT : EDHOC and (Group) OSCORE Protocols
- 2024
-
Ingår i: IEEE Access. - : Institute of Electrical and Electronics Engineers Inc.. - 2169-3536. ; 12, s. 49865-
-
Tidskriftsartikel (refereegranskat)abstract
- Communication security of an Internet-of-Things (IoT) product depends on the variety of protocols employed throughout its lifetime. The underlying low-power radio communication technologies impose constraints on maximum transmission units and data rates. Surpassing maximum transmission unit thresholds has an important effect on the efficiency of the solution: transmitting multiple fragments over low-power IoT radio technologies is often prohibitively expensive. Furthermore, IoT communication paradigms such as one-to-many require novel solutions to support the applications executing on constrained devices. Over the last decade, the Internet Engineering Task Force (IETF) has been working through its various Working Groups on defining lightweight protocols for Internet-of-Things use cases. “Lightweight” refers to the minimal processing overhead, memory footprint and number of bytes in the air, compared to the protocol counterparts used for non-constrained devices in the Internet. This article overviews the standardization efforts in the IETF on lightweight communication security protocols. It introduces EDHOC, a key exchange protocol, OSCORE and Group OSCORE, application data protection protocols adapted for securing IoT applications. The article additionally highlights the design considerations taken into account during the design of these protocols, an aspect not present in the standards documents. Finally, we present an evaluation of these protocols in terms of the message sizes and compare with the non-constrained counterpart, the (D)TLS protocol. We demonstrate that the novel key exchange protocol EDHOC achieves ×5 reduction over DTLS 1.3 authenticated with pre-shared keys in terms of total number of bytes transmitted over the air, while keeping the benefits of authentication with asymmetric credentials.
|
|
| 8. |
- Höglund, Rikard, et al.
(författare)
-
Secure Communication for the IoT : EDHOC and (Group) OSCORE Protocols
- 2024
-
Ingår i: IEEE Access. - : Institute of Electrical and Electronics Engineers (IEEE). - 2169-3536. ; 12, s. 49865-49877
-
Tidskriftsartikel (refereegranskat)abstract
- Communication security of an Internet-of-Things (IoT) product depends on the variety of protocols employed throughout its lifetime. The underlying low-power radio communication technologies impose constraints on maximum transmission units and data rates. Surpassing maximum transmission unit thresholds has an important effect on the efficiency of the solution: transmitting multiple fragments over low-power IoT radio technologies is often prohibitively expensive. Furthermore, IoT communication paradigms such as one-to-many require novel solutions to support the applications executing on constrained devices. Over the last decade, the Internet Engineering Task Force (IETF) has been working through its various Working Groups on defining lightweight protocols for Internet-of-Things use cases. “Lightweight” refers to the minimal processing overhead, memory footprint and number of bytes in the air, compared to the protocol counterparts used for non-constrained devices in the Internet. This article overviews the standardization efforts in the IETF on lightweight communication security protocols. It introduces EDHOC, a key exchange protocol, as well as OSCORE and Group OSCORE, application data protection protocols adapted for securing IoT applications. The article additionally highlights the design considerations taken into account during the design of these protocols, an aspect not present in the standards documents. Finally, we present an evaluation of these protocols in terms of the message sizes, and we compare them with the non-constrained counterpart, the (D)TLS protocol. We demonstrate that the novel key exchange protocol EDHOC achieves ×5 reduction over DTLS 1.3 authenticated with pre-shared keys in terms of total number of bytes transmitted over the air, while keeping the benefits of authentication with asymmetric credentials.
|
|
| 9. |
- Lingesten, Niklas, et al.
(författare)
-
Apparatus for continuous wear measurements during wet clutch durability tests
- 2012
-
Ingår i: Wear. - : Elsevier BV. - 0043-1648 .- 1873-2577. ; 288, s. 54-61
-
Tidskriftsartikel (refereegranskat)abstract
- Wet clutches are used in many applications today such as automatic transmissions and limited slip differentials in cars as well as in heavy duty equipment such as wheel loaders. The present study is concerned with the wear and engagement behavior of wet clutches in the latter type of application. A test rig is developed in which the wet clutch engagement is monitored during an arbitrary number of test cycles.This rig has many similarities with the SAE #2 test rig in that they are both inertia type test rigs. However, the test rig presented here has several original parts from heavy duty equipment in production incorporated into it. The data collection includes a continuous measurement of the position of the piston used to apply force on the clutch pack in addition to the separator disc temperatures, hydraulic actuating pressure and torque transfer characteristics. The measurements of the piston position can then be related to the clutch wear during a long test series.
|
|
| 10. |
|
|
