-
Ageing Analysis of Embedded SRAM on a Large-Scale Testbed Using Machine Learning
Authors:
Leandro Lanzieri,
Peter Kietzmann,
Goerschwin Fey,
Holger Schlarb,
Thomas C. Schmidt
Abstract:
Ageing detection and failure prediction are essential in many Internet of Things (IoT) deployments, which operate huge quantities of embedded devices unattended in the field for years. In this paper, we present a large-scale empirical analysis of natural SRAM wear-out using 154 boards from a general-purpose testbed. Starting from SRAM initialization bias, which each node can easily collect at star…
▽ More
Ageing detection and failure prediction are essential in many Internet of Things (IoT) deployments, which operate huge quantities of embedded devices unattended in the field for years. In this paper, we present a large-scale empirical analysis of natural SRAM wear-out using 154 boards from a general-purpose testbed. Starting from SRAM initialization bias, which each node can easily collect at startup, we apply various metrics for feature extraction and experiment with common machine learning methods to predict the age of operation for this node. Our findings indicate that even though ageing impacts are subtle, our indicators can well estimate usage times with an $R^2$ score of 0.77 and a mean error of 24% using regressors, and with an F1 score above 0.6 for classifiers applying a six-months resolution.
△ Less
Submitted 13 July, 2023;
originally announced July 2023.
-
PUF for the Commons: Enhancing Embedded Security on the OS Level
Authors:
Peter Kietzmann,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Security is essential for the Internet of Things (IoT). Cryptographic operations for authentication and encryption commonly rely on random input of high entropy and secure, tamper-resistant identities, which are difficult to obtain on constrained embedded devices. In this paper, we design and analyze a generic integration of physically unclonable functions (PUFs) into the IoT operating system RIOT…
▽ More
Security is essential for the Internet of Things (IoT). Cryptographic operations for authentication and encryption commonly rely on random input of high entropy and secure, tamper-resistant identities, which are difficult to obtain on constrained embedded devices. In this paper, we design and analyze a generic integration of physically unclonable functions (PUFs) into the IoT operating system RIOT that supports about 250 platforms. Our approach leverages uninitialized SRAM to act as the digital fingerprint for heterogeneous devices. We ground our design on an extensive study of PUF performance in the wild, which involves SRAM measurements on more than 700 IoT nodes that aged naturally in the real-world. We quantify static SRAM bias, as well as the aging effects of devices and incorporate the results in our system. This work closes a previously identified gap of missing statistically significant sample sizes for testing the unpredictability of PUFs. Our experiments on COTS devices of 64 kB SRAM indicate that secure random seeds derived from the SRAM PUF provide 256 Bits-, and device unique keys provide more than 128 Bits of security. In a practical security assessment we show that SRAM PUFs resist moderate attack scenarios, which greatly improves the security of low-end IoT devices.
△ Less
Submitted 1 August, 2023; v1 submitted 17 January, 2023;
originally announced January 2023.
-
Delay-Tolerant ICN and Its Application to LoRa
Authors:
Peter Kietzmann,
Jose Alamos,
Dirk Kutscher,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Connecting long-range wireless networks to the Internet imposes challenges due to vastly longer round-trip-times (RTTs). In this paper, we present an ICN protocol framework that enables robust and efficient delay-tolerant communication to edge networks. Our approach provides ICN-idiomatic communication between networks with vastly different RTTs. We applied this framework to LoRa, enabling end-to-…
▽ More
Connecting long-range wireless networks to the Internet imposes challenges due to vastly longer round-trip-times (RTTs). In this paper, we present an ICN protocol framework that enables robust and efficient delay-tolerant communication to edge networks. Our approach provides ICN-idiomatic communication between networks with vastly different RTTs. We applied this framework to LoRa, enabling end-to-end consumer-to-LoRa-producer interaction over an ICN-Internet and asynchronous data production in the LoRa edge. Instead of using LoRaWAN, we implemented an IEEE 802.15.4e DSME MAC layer on top of the LoRa PHY and ICN protocol mechanisms in RIOT OS. Executed on off-the-shelf IoT hardware, we provide a comparative evaluation for basic NDN-style ICN [60], RICE [31]-like pulling, and reflexive forwarding [46]. This is the first practical evaluation of ICN over LoRa using a reliable MAC. Our results show that periodic polling in NDN works inefficiently when facing long and differing RTTs. RICE reduces polling overhead and exploits gateway knowledge, without violating ICN principles. Reflexive forwarding reflects sporadic data generation naturally. Combined with a local data push, it operates efficiently and enables lifetimes of >1 year for battery powered LoRa-ICN nodes.
△ Less
Submitted 2 September, 2022;
originally announced September 2022.
-
Usable Security for an IoT OS: Integrating the Zoo of Embedded Crypto Components Below a Common API
Authors:
Lena Boeckmann,
Peter Kietzmann,
Leandro Lanzieri,
Thomas Schmidt,
Matthias Wählisch
Abstract:
IoT devices differ widely in crypto-supporting hardware, ranging from no hardware support to powerful accelerators supporting numerous of operations including protected key storage. An operating system should provide uniform access to these heterogeneous hardware features, which is a particular challenge in the resource constrained IoT. Effective security is tied to the usability of cryptographic…
▽ More
IoT devices differ widely in crypto-supporting hardware, ranging from no hardware support to powerful accelerators supporting numerous of operations including protected key storage. An operating system should provide uniform access to these heterogeneous hardware features, which is a particular challenge in the resource constrained IoT. Effective security is tied to the usability of cryptographic interfaces. A thoughtful API design is challenging, and it is beneficial to re-use such an interface and to share the knowledge of programming embedded security widely.
In this paper, we integrate an emerging cryptographic interface into usable system-level calls for the IoT operating system RIOT, which runs on more than 240 platforms. This interface supports ID-based key handling to access key material in protected storage without exposing it to anyone. Our design foresees hardware acceleration on all available variants; our implementation integrates diverse cryptographic hardware and software backends via the uniform interface. Our performance measurements show that the overhead of the uniform API with integrated key management is negligible compared to the individual crypto operation. Our approach enhances the usability, portability, and flexibility of cryptographic support in the IoT.
△ Less
Submitted 24 August, 2022; v1 submitted 19 August, 2022;
originally announced August 2022.
-
DSME-LoRa: Seamless Long Range Communication Between Arbitrary Nodes in the Constrained IoT
Authors:
José Álamos,
Peter Kietzmann,
Thomas Schmidt,
Matthias Wählisch
Abstract:
Long range radio communication is preferred in many IoT deployments as it avoids the complexity of multi-hop wireless networks. LoRa is a popular, energy-efficient wireless modulation but its networking substrate LoRaWAN introduces severe limitations to its users. In this paper, we present and thoroughly analyze DSME-LoRa, a system design of LoRa with IEEE 802.15.4 DSME as a MAC layer. DSME-LoRa o…
▽ More
Long range radio communication is preferred in many IoT deployments as it avoids the complexity of multi-hop wireless networks. LoRa is a popular, energy-efficient wireless modulation but its networking substrate LoRaWAN introduces severe limitations to its users. In this paper, we present and thoroughly analyze DSME-LoRa, a system design of LoRa with IEEE 802.15.4 DSME as a MAC layer. DSME-LoRa offers the advantage of seamless client-to-client communication beyond the pure gateway-centric transmission of LoRaWAN. We evaluate its feasibility via a full-stack implementation on the popular RIOT operating system, assess its steady-state packet flows in an analytical stochastic Markov model, and quantify its scalability in massive communication scenarios using large scale network simulations. Our findings indicate that DSME-LoRa is indeed a powerful approach that opens LoRa to standard network layers and outperforms LoRaWAN in many dimensions.
△ Less
Submitted 26 August, 2022; v1 submitted 28 June, 2022;
originally announced June 2022.
-
Long-Range ICN for the IoT: Exploring a LoRa System Design
Authors:
Peter Kietzmann,
Jose Alamos,
Dirk Kutscher,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
This paper presents LoRa-ICN, a comprehensive IoT networking system based on a common long-range communication layer (LoRa) combined with Information-Centric Networking (ICN) principles. We have replaced the LoRaWAN MAC layer with an IEEE 802.15.4 Deterministic and Synchronous Multi-Channel Extension (DSME). This multifaceted MAC layer allows for different mappings of ICN message semantics, which…
▽ More
This paper presents LoRa-ICN, a comprehensive IoT networking system based on a common long-range communication layer (LoRa) combined with Information-Centric Networking (ICN) principles. We have replaced the LoRaWAN MAC layer with an IEEE 802.15.4 Deterministic and Synchronous Multi-Channel Extension (DSME). This multifaceted MAC layer allows for different mappings of ICN message semantics, which we explore to enable new LoRa cenarios.
We designed LoRa-ICN from the ground-up to improve reliability and to reduce dependency on centralized components in LoRa IoT scenarios. We have implemented a feature-complete prototype in a common network simulator to validate our approach. Our results show design trade-offs of different mapping alternatives in terms of robustness and efficiency.
△ Less
Submitted 23 April, 2022;
originally announced April 2022.
-
Secure and Authorized Client-to-Client Communication for LwM2M
Authors:
Leandro Lanzieri,
Peter Kietzmann,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Constrained devices on the Internet of Things (IoT) continuously produce and consume data. LwM2M manages millions of these devices in a server-centric architecture, which challenges edge networks with expensive uplinks and time-sensitive use cases. In this paper, we contribute two LwM2M extensions to enable client-to-client (C2C) communication: (i) an authorization mechanism for clients, and (ii)…
▽ More
Constrained devices on the Internet of Things (IoT) continuously produce and consume data. LwM2M manages millions of these devices in a server-centric architecture, which challenges edge networks with expensive uplinks and time-sensitive use cases. In this paper, we contribute two LwM2M extensions to enable client-to-client (C2C) communication: (i) an authorization mechanism for clients, and (ii) an extended management interface to allow secure C2C access to resources. We analyse the security properties of the proposed extensions and show that they are compliant with LwM2M security requirements. Our performance evaluation on off-the-shelf IoT hardware shows that C2C communication outperforms server-centric deployments. First, LwM2M deployments with edge C2C communication yield a ~90% faster notification delivery and ~8x greater throughput compared to common server-centric scenarios, while keeping a small memory overhead of ~8%. Second, in server-centric communication, the delivery rate degrades when resource update intervals drop below 100 ms.
△ Less
Submitted 7 March, 2022;
originally announced March 2022.
-
WIP: Exploring DSME MAC for LoRa -- A System Integration and First Evaluation
Authors:
José Álamos,
Peter Kietzmann,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
LoRa is a popular wireless technology that enables low-throughput (bytes) long-range communication (km) at low energy consumption (mW). Its transmission, though, is on one side prone to interference during long on-air times, and on the other side subject to duty cycle restrictions. LoRaWAN defines a MAC and a vertical stack on top of LoRa. LoRaWAN circumvents the above limitations by imposing a ce…
▽ More
LoRa is a popular wireless technology that enables low-throughput (bytes) long-range communication (km) at low energy consumption (mW). Its transmission, though, is on one side prone to interference during long on-air times, and on the other side subject to duty cycle restrictions. LoRaWAN defines a MAC and a vertical stack on top of LoRa. LoRaWAN circumvents the above limitations by imposing a centralized network architecture, which heavily reduces downlink capacity and prevents peer-to-peer communication. This makes it unusable for many deployments. The Deterministic and Synchronous Multichannel Extension (DSME) of IEEE 802.15.4e benefits of time-slotted communication and peer-to-peer communication and has the potential to overcome LoRaWAN limitations. In this work, we implement DSME on top of LoRa in the open source IoT OS RIOT and open the field for first evaluation experiments on real hardware. Initial results indicate that DSME-LoRa not only enables reliable peer-to-peer communication for constrained IoT devices, but also scales with an increasing number of nodes.
△ Less
Submitted 22 April, 2022; v1 submitted 17 December, 2021;
originally announced December 2021.
-
A Guideline on Pseudorandom Number Generation (PRNG) in the IoT
Authors:
Peter Kietzmann,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resou…
▽ More
Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resources, deterministic real-time operations, and frequent lack of a user interface.
In this paper, we revisit the generation of randomness from the perspective of an IoT operating system (OS) that needs to support general purpose or crypto-secure random numbers. We analyse the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experiments for measuring performance give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.
△ Less
Submitted 14 July, 2021; v1 submitted 23 July, 2020;
originally announced July 2020.
-
Bluetooth Mesh under the Microscope: How much ICN is Inside?
Authors:
Hauke Petersen,
Peter Kietzmann,
Cenk Gündoğan,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Bluetooth (BT) mesh is a new mode of BT operation for low-energy devices that offers group-based publish-subscribe as a network service with additional caching capabilities. These features resemble concepts of information-centric networking (ICN), and the analogy to ICN has been repeatedly drawn in the BT community. In this paper, we compare BT mesh with ICN both conceptually and in real-world exp…
▽ More
Bluetooth (BT) mesh is a new mode of BT operation for low-energy devices that offers group-based publish-subscribe as a network service with additional caching capabilities. These features resemble concepts of information-centric networking (ICN), and the analogy to ICN has been repeatedly drawn in the BT community. In this paper, we compare BT mesh with ICN both conceptually and in real-world experiments. We contrast both architectures and their design decisions in detail. Experiments are performed on an IoT testbed using NDN/CCNx and BT mesh on constrained RIOT nodes. Our findings indicate significant differences both in concepts and in real-world performance. Supported by new insights, we identify synergies and sketch a design of a BT-ICN that benefits from both worlds.
△ Less
Submitted 26 August, 2019;
originally announced August 2019.
-
ICNLoWPAN -- Named-Data Networking for Low Power IoT Networks
Authors:
Cenk Gündoğan,
Peter Kietzmann,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Information Centric Networking is considered a promising communication technology for the constrained IoT, but NDN was designed only for standard network infrastructure.
In this paper, we design and evaluate an NDN convergence layer for low power lossy links that (1) augments the NDN stateful forwarding with a highly efficient name eliding, (2) devises stateless compression schemes for standard…
▽ More
Information Centric Networking is considered a promising communication technology for the constrained IoT, but NDN was designed only for standard network infrastructure.
In this paper, we design and evaluate an NDN convergence layer for low power lossy links that (1) augments the NDN stateful forwarding with a highly efficient name eliding, (2) devises stateless compression schemes for standard NDN use cases, (3) adapts NDN packets to the small MTU size of IEEE 802.15.4, and (4) generates compatibility with 6LoWPAN so that IPv6 and NDN can coexist on the same LoWPAN links. Our findings indicate that stateful compression can reduce the size of NDN data packets by more than 70% in realistic examples. Our experiments show that for common use cases ICNLoWPAN saves 33% of transmission resources over NDN, and about 20% over 6LoWPAN.
△ Less
Submitted 17 December, 2018;
originally announced December 2018.
-
Security for the Industrial IoT: The Case for Information-Centric Networking
Authors:
Michael Frey,
Cenk Gündoğan,
Peter Kietzmann,
Martine Lenders,
Hauke Petersen,
Thomas C. Schmidt,
Felix Shzu-Juraschek,
Matthias Wählisch
Abstract:
Industrial production plants traditionally include sensors for monitoring or documenting processes, and actuators for enabling corrective actions in cases of misconfigurations, failures, or dangerous events. With the advent of the IoT, embedded controllers link these `things' to local networks that often are of low power wireless kind, and are interconnected via gateways to some cloud from the glo…
▽ More
Industrial production plants traditionally include sensors for monitoring or documenting processes, and actuators for enabling corrective actions in cases of misconfigurations, failures, or dangerous events. With the advent of the IoT, embedded controllers link these `things' to local networks that often are of low power wireless kind, and are interconnected via gateways to some cloud from the global Internet. Inter-networked sensors and actuators in the industrial IoT form a critical subsystem while frequently operating under harsh conditions. It is currently under debate how to approach inter-networking of critical industrial components in a safe and secure manner.
In this paper, we analyze the potentials of ICN for providing a secure and robust networking solution for constrained controllers in industrial safety systems. We showcase hazardous gas sensing in widespread industrial environments, such as refineries, and compare with IP-based approaches such as CoAP and MQTT. Our findings indicate that the content-centric security model, as well as enhanced DoS resistance are important arguments for deploying Information Centric Networking in a safety-critical industrial IoT. Evaluation of the crypto efforts on the RIOT operating system for content security reveal its feasibility for common deployment scenarios.
△ Less
Submitted 5 March, 2019; v1 submitted 10 October, 2018;
originally announced October 2018.
-
NDN, CoAP, and MQTT: A Comparative Measurement Study in the IoT
Authors:
Cenk Gündoğan,
Peter Kietzmann,
Martine Lenders,
Hauke Petersen,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
This paper takes a comprehensive view on the protocol stacks that are under debate for a future Internet of Things (IoT). It addresses the holistic question of which solution is beneficial for common IoT use cases. We deploy NDN and the two popular IP-based application protocols, CoAP and MQTT, in its different variants on a large-scale IoT testbed in single- and multi-hop scenarios. We analyze th…
▽ More
This paper takes a comprehensive view on the protocol stacks that are under debate for a future Internet of Things (IoT). It addresses the holistic question of which solution is beneficial for common IoT use cases. We deploy NDN and the two popular IP-based application protocols, CoAP and MQTT, in its different variants on a large-scale IoT testbed in single- and multi-hop scenarios. We analyze the use cases of scheduled periodic and unscheduled traffic under varying loads. Our findings indicate that (a) NDN admits the most resource-friendly deployment on nodes, and (b) shows superior robustness and resilience in multi-hop scenarios, while (c) the IP protocols operate at less overhead and higher speed in single-hop deployments. Most strikingly we find that NDN-based protocols are in significantly better flow balance than the UDP-based IP protocols and require less corrective actions.
△ Less
Submitted 27 September, 2018; v1 submitted 4 June, 2018;
originally announced June 2018.
-
HoPP: Robust and Resilient Publish-Subscribe for an Information-Centric Internet of Things
Authors:
Cenk Gündoğan,
Peter Kietzmann,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
This paper revisits NDN deployment in the IoT with a special focus on the interaction of sensors and actuators. Such scenarios require high responsiveness and limited control state at the constrained nodes. We argue that the NDN request-response pattern which prevents data push is vital for IoT networks. We contribute HoP-and-Pull (HoPP), a robust publish-subscribe scheme for typical IoT scenarios…
▽ More
This paper revisits NDN deployment in the IoT with a special focus on the interaction of sensors and actuators. Such scenarios require high responsiveness and limited control state at the constrained nodes. We argue that the NDN request-response pattern which prevents data push is vital for IoT networks. We contribute HoP-and-Pull (HoPP), a robust publish-subscribe scheme for typical IoT scenarios that targets IoT networks consisting of hundreds of resource constrained devices at intermittent connectivity. Our approach limits the FIB tables to a minimum and naturally supports mobility, temporary network partitioning, data aggregation and near real-time reactivity. We experimentally evaluate the protocol in a real-world deployment using the IoT-Lab testbed with varying numbers of constrained devices, each wirelessly interconnected via IEEE 802.15.4 LowPANs. Implementations are built on CCN-lite with RIOT and support experiments using various single- and multi-hop scenarios.
△ Less
Submitted 11 January, 2018;
originally announced January 2018.
-
Connecting the World of Embedded Mobiles: The RIOT Approach to Ubiquitous Networking for the Internet of Things
Authors:
Martine Lenders,
Peter Kietzmann,
Oliver Hahm,
Hauke Petersen,
Cenk Gündoğan,
Emmanuel Baccelli,
Kaspar Schleiser,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
The Internet of Things (IoT) is rapidly evolving based on low-power compliant protocol standards that extend the Internet into the embedded world. Pioneering implementations have proven it is feasible to inter-network very constrained devices, but had to rely on peculiar cross-layered designs and offer a minimalistic set of features. In the long run, however, professional use and massive deploymen…
▽ More
The Internet of Things (IoT) is rapidly evolving based on low-power compliant protocol standards that extend the Internet into the embedded world. Pioneering implementations have proven it is feasible to inter-network very constrained devices, but had to rely on peculiar cross-layered designs and offer a minimalistic set of features. In the long run, however, professional use and massive deployment of IoT devices require full-featured, cleanly composed, and flexible network stacks.
This paper introduces the networking architecture that turns RIOT into a powerful IoT system, to enable low-power wireless scenarios. RIOT networking offers (i) a modular architecture with generic interfaces for plugging in drivers, protocols, or entire stacks, (ii) support for multiple heterogeneous interfaces and stacks that can concurrently operate, and (iii) GNRC, its cleanly layered, recursively composed default network stack. We contribute an in-depth analysis of the communication performance and resource efficiency of RIOT, both on a micro-benchmarking level as well as by comparing IoT communication across different platforms. Our findings show that, though it is based on significantly different design trade-offs, the networking subsystem of RIOT achieves a performance equivalent to that of Contiki and TinyOS, the two operating systems which pioneered IoT software platforms.
△ Less
Submitted 9 January, 2018;
originally announced January 2018.
