IoT Security: Introduction

Dr. Sriram Sankaran

Associate Professor and Deputy Director,
Center for Cybersecurity Systems and Networks
Amrita Vishwa Vidyapeetham
Amritapuri, Kollam-690525
 Course Objectives
• Introduce students to the technical and practical aspects of IoT
Security
• Study vulnerabilities in IoT Standards, Platforms, Applications and
Protocols
• Identify research issues involved in the design and implementation of
security solutions
• Provide experience through simulating vulnerabilities in IoTs
 Course Outline
• Introduction to Internet of Things
• Architecture and Implementation
• Security for Internet of Things
• Vulnerabilities, Attacks and Countermeasures
• Security Engineering for IoT development
• IoT Security lifecycle
• Security issues in IoT Standards, Platforms, Applications, Protocols
• Cryptographic Foundations for IoT
• Game theory foundations for IoT
• Credential Management for connected devices
• Advanced Topics: Cloud Security for IoT, SDN for IoT Security, Blockchain for IoT
 Course Requirements
• Read research papers
• Students are expected to present research papers, critique and review them
• Projects using Contiki Simulator/Raspberry PI
• Familiarize yourself with Simulator (Feb/Mar)
• Student Participation
• Necessary to be successful in this course
 IoT Security vs Wireless Security vs Mobile
Security
• This course
• Studies Security from an Internet of Things perspective
• Embodies Cryptography, Game Theory and Intrusion Detection
• Not a Wireless Security course
• Does not focus on security in wireless networks
• Not a Mobile Security course
• Does not deal with security in Android devices
 Honor Code
• Students are allowed to discuss approaches to solve problems
• However, source codes and reports from assignments should be your
own work
• You are solely responsible for safeguarding your work
• Plagiarism will be dealt with in a serious manner
• May result in a failing grade
 Books for the Course
• B. Rusell and D. Van Duren, “Practical Internet of Things Security”,
Packt Publishing, 2016
• T. Alpcan and T. Basar, “Network Security: A Decision and Game-
theoretic Approach”, Cambridge University Press, 2011
• Materials prepared by the instructor
 Course Grading

Category Percentage of Grade

Midterm 20
Final Exam 30
Assignments 15
Group Project 35
 Assignments
• Assignments will involve security for IoT devices
• Assignments using Contiki and Raspberry PI
• Installation
• Contiki simulator
• Arduino, Raspberry PI (will be given)
 Group Project
• Projects done in groups of 2 people
• Class divided into groups
• Individual projects given to the groups
• Groups solve a problem pertaining to IoT security, get results, prepare
report
• Use Raspberry PI/Contiki for the project
• Evaluation
• Introduction, Progress and Final Pitch
 List of Group Projects
• Energy Profiling and optimization of Homomorphic Secret Sharing for IoT devices
• Comparative analysis of Intrusion Detection Systems for Internet of Things
• Denial of Service attacks on Internet of Things
• Secure group communication protocols for Internet of Things
• Implement an Intrusion Detection System using Software-Defined Networking
• Group based Authentication and Key Agreement Protocols for machine type communications
• Defending IoT devices against routing protocol based attacks
• Blockchain based Solutions for Internet of Things
• Energy Profiling of TLS and DTLS for Internet of Things
• Security for Internet of Drones/Unmanned Aerial Vehicles and Anti-Spoofing techniques
• Smart Home Automation/health care/traffic management systems with Multi-Agent approach
• Multi-Agent Intrusion Detection System
• IoT honeypot systems for attacker deception
• Smart cities and V2X communication
 What does Internet of Things mean?
• “A global infrastructure for the information society, enabling advanced services by
interconnecting (physical and virtual) things based on existing and evolving, interoperable
information and communication technologies.”
• “An IoT is a network that connects uniquely identifiable “things” to the Internet. The “things”
have sensing/actuation and potential programmability capabilities. Through the exploitation of
the unique identification and sensing, information about the “thing” can be collected and the
state of the “thing” can be changed from anywhere, anytime, by anything.”
• “Internet of Things envisions a self-configuring, adaptive, complex network that interconnects
things to the Internet through the use of the standard communication protocols. The
interconnected things have physical or virtual representation in the digital world,
sensing/actuation capability, a programmability feature and are uniquely identifiable. The
representation contains information including the thing’s identity, status, location or any other
business, social or privately relevant information. The things offer services, with or without
human intervention, through the exploitation of unique identification, data capture and
communication and actuation capability. The service is exploited through the use of intelligent
interfaces and is made available anywhere, anytime and for anything taking security into
consideration”
Cybersecurity vs IoT Security & Cyber Physical
Systems
• IoT Security
• Fusion of cybersecurity with other disciplines
• Much more than mere data, servers, network infrastructure and information
security
• Unique application for each system and system-of systems
• Cybersecurity
• Does not address the physical and security aspects of hardware devices or the
physical world interactions
• Cyber Physical Systems (CPS)
• Do not necessarily have to be connected to the Internet
• Contrast with IoT, where things are connected to the Internet
Cyber Physical Systems vs Internet of Things
 What makes IoT Security different?
• Need for cross-discipline Security Engineering
• Everyone is responsible for security
• IoT and CPS expose huge security problems
• Traditional core engineering disciplines rarely address security engineering
• Security engineers are ignorant of core engineering disciplines
 Threat Intelligence for IoT Security
• Threat Intelligence
• Definition of Gartner: “Evidence-based knowledge, including context,
mechanisms, indicators, implications and actionable advice, about an existing
or emerging menace or hazard to assets that can be used to inform decisions
regarding the subject’s response to that menace or hazard”
• Need for discovery, analysis, understanding and sharing of real-world
threats that are compromising IoT systems
• Need for cross-collaboration across industries, government
organizations, standards body, academia etc.
 IoT Applications: Energy industry and smart
grid
• Connected homes with connected smart appliances
• Communicate electrical demand and load information with the utilities
• Facilitate automated demand-response technology
• Make energy distribution and generation systems much more efficient,
resilient
• Connected to the Smart Grid
• Distribution, monitoring and control systems involve IoT
• Examples: Smart Meter attached to your home
 IoT Applications: Connected vehicles and
transportation
• In-vehicle networks
• Composed of numerous interconnected Electronic Control Units (ECUs)
• CAN, LIN, MOST, FlexRay standards
• Vehicle to Vehicle and Vehicle to Infrastructure Communication
• Applications in Congestion Avoidance, Traffic Monitoring, Obstacle Detection,
Smart Parking Lot etc.
• Autonomous and Self-Driving Cars
 IoT Applications: Manufacturing
• Advent of Industrial IoT
• Use cases: Robotic systems, assembly lines, manufacturing plan design and
operation
• Myriad types of connected sensors and actuators
• Connected over various data buses, intranets and the Internet
• Distributed Automation and Control
• Goal
• Improvements in efficiency
• Minimize costs
 IoT Applications: Wearables
• Things attached to the human body
• Collects state, communicates information, performs control
• Examples: Apple iWatch, FitBit etc.
• Wearable Networked Sensors
• Detect inertial acceleration, heart rate, temperature, geospatial location
• Direct or indirect connectivity to various cloud service providers
• Organizations include wearables in corporate fitness programs to
track employee health and encourage health-conscious living
 IoT Applications: Implantable and medical
devices
• Implantables
• Any sensor, controller or communication device inserted and operated within
the human body
• Non-medical products and Use cases
• Embedded RFID tags
• Facilitate remote monitoring
• Add new communication interfaces that enable the devices to be accessed
• Miniaturized in the form of micro-electrical mechanical systems
(MEMS) that can communicate over radio frequency (RF)
 IoT in the enterprise
• Energy Industry
• Roll-out of advanced metering infrastructures
• Enhanced energy usage and monitoring capabilities
• Facilitate Automated Supply-chain management
• Envisioned as a System-of Systems
• Use cases
• Company with manufacturing and retail facilities
• Managing fleets of connected cars and shipping vehicles
• Drone systems that support the inspection of critical infrastructure and facilities
• Agricultural sensors for monitoring soil quality
• Push data to the cloud
• Conduct comprehensive data analytics
IoT Applications: System of Systems
 IoT device and Service Implementation
• Device implementation
• Original Equipment Manufacturer (OEM)
• Board Support Package (BSP)
• Original Design Manufacturers (ODM)
• Service implementation
• Cloud Service Provider
• OEM
IoT Device/Services Implementation and
Deployment
 Building blocks of IoT: Hardware
• IoT Development Boards
• Arduino, Beagle Board, Pinoccio, Raspberry PI and Cubie Board
• Include microcontrollers (MCUs) and General Purpose Input/Output (GPIO) pins
• MCUs available on the market for IoT development
• MCU Developers
• ARM, Intel, Broadcom, Atmel, Texas Instruments, Freescale and Microchip
Technology
• Limited memory resources
• Sensor Types
• Temperature sensors, accelerometers, air quality sensors, potentiometers, proximity
sensors, moisture sensors and vibration sensors
 Building blocks of IoT: Operating Systems
• Many utilize Real time Operating System (RTOS)
• Selection of RTOS is based on needed performance, security and functional
requirements of the product
• Popular IoT Operating systems
• TinyOS, Contiki, Mantis, FreeRTOS, BrilloOS, Embedded Linux, ARM’s mbedOS
and Snappy Ubuntu Core
• Issues
• Security configuration and storage of security sensitive parameters
• Handling of root password, other account passwords and cryptographic keys
stored on the devices
 Building blocks of IoT: Communications
• Gateway options
• Mobile device (Smartphone) co-located with IoT endpoint
• Communicating over Bluetooth-Low Energy (BLE), Zigbee, Wi-Fi
• Also called Edge gateways
• Gateway IoT protocols
• Message Queuing telemetry transport (MQTT)
• Representational State Transfer (REST)
• Dell, Intel and other companies have introduced IoT gateways
• Consumer-focused gateways
• Samsung SmartThings hub (https://www.smartthings.com)
IoT Communications
 IoT Messaging Protocols
• MQTT
• Constrained Application Protocol (coAP)
• Data Distribution Service (DDS)
• Advanced Message Queueing Protocol (AMQP)
• Extensible Messaging and Presence Protocol (XMPP)
MQTT
CoAP: Constrained Application Protocol
 XMPP
• Based on Extensible Markup Language (XML)
• Open technology for real-time communications
• Evolved from Jabber Instant Messaging (IM)
• Supports the transmission of XML messages over TCP transport
• XMPP-IoT
• Tailored version of XMPP
DDS
 AMQP
• Queuing System in support of Server-to-Server communications
• Allows for both publish/subscribe and point-to-point based
communications
• AMQP IoT endpoints listen for messages on each queue
• Deployment
• Transportation: Vehicle Telemetry devices provide data to analytics systems
for near-real-time processing
 Gateways
• Require the implementation of protocol-specific gateways
• Functionality
• Re-encapsulate the communications over another protocol
• Perform protocol translation
• Application/Enterprise-oriented gateways
• Security implications
• Introduce new attack surfaces into an enterprise
• Protocol limitations, configuration and stacking options
• Threat Modelling
 Transport Protocols
• Transmission Control Protocol (TCP)
• Protocol of choice for today’s web-based communications
• IoT products use TCP (HTTP or MQTT over a secure TLS connection)
• Unsuitable for use in high latency or limited bandwidth network
environments
• User Datagram Protocol (UDP)
• Lightweight transport
• Connectionless communications
• MQTT-SN and CoAP work with UDP
• Datagram TLS (DTLS) implement UDP-based transport
 Network Protocols
• 6LoWPAN (IPv6 over Low Power Wireless Personal Area Networks)
• Support the use of IPv6 within constrained environments
• Supports wireless connectivity at low data rates
• Builds upon 802.15.4 Low Rate Wireless Personal Area Networks (LRWPAN)
• Adaptation layer
• Supports IPv6
• IPv6 with UDP header compression
• Support for fragmentation
• Leverage link encryption offered within IEEE 802.15.4 and apply DTLS
 Data link and physical protocols
• IEEE 802.15.4
• Operate using either P2P or star topologies
• Ideal for use in low-power or low-speed environments
• Operate in the 915 MHz and 2.4 GHz frequency ranges
• Support data rates up to 250 kb/s
• Communication ranges of 10 meters
• ZWave
• Supports transmission of unicast, multicast and broadcast
• Consist of controllers and slaves
• Primary and secondary controllers
• Operates at 908.42 MHz (North America) /868.42 MHz (Europe) frequency
• Data rates of 100 kb/s
• Communication range of 30 meters
 Bluetooth Low Energy (BLE)
• Evolution of Bluetooth for enhanced battery life
• Defaulting to sleep mode and waking up when necessary
• Operate in the 2.4GHz frequency range
• Implements a high-rate frequency-hopping spread spectrum
• Supports AES encryption
 Power Line Communications
• Operate at the link and physical layers of the communication stack
• Support both home and industrial uses
• Communications modulated directly over existing power lines
• Enables power connected devices to be controlled and monitored without
secondary communication conduits
 Cellular Communications
• Move towards 5G and 6G Networks
• Higher throughput and ability to support multiple connections
• Increased movement for direct connectivity of IoT devices to the cloud
• Enable new centralized controller functions
• Support for multitudes of geographically dispersed sensors/actuators
• More Robust Cellular capabilities
• Enable the cloud to be the aggregation point for sensor data feeds
• Web Service Interactions
• Interfaces to numerous enterprise applications
 IoT data collection, storage and analytics
• Advent of Cloud Service Providers (CSP)
• Amazon Web Services (AWS) created the AWS IoT Service
• Microsoft Azure has a specific IoT service
• Salesforce has designed a tailored IoT analytics solution
• Allows IoT devices to be configured and connected to the gateway
nodes using MQTT or REST communications
• Kinesis or Kinesis Firehose can be used to inject data to CSPs
• Logic rules can be set up to forward the most appropriate data
• Data sent for analysis, storage or to be combined with other data
 IoT integration platforms and solutions
• Xively and Thingspeak offering flexible development solutions
• Smart Cities
• Accella and SCOPE platforms offer the ability to integrate a variety of IoT
systems into enterprise solutions
• Thingspeak API
• Used to integrate IoT devices via HTTP communications
• AllJoyn
• Focus on interoperability between IoT devices