WIXLIB

The above secure real-time services can be used for many applications with timing constraints. To beable to easily reuse these secure real-time services for different applications, it is highly desirable topresent them in an operating system as a system service.1.2Research approachesThis thesis focuses on the design and implementation of a set of secure real-time services and on theevaluation of their performance through experiments. First we carry out a literature survey on relatedwork on existing time synchronization and data collection protocols. Second, we present our protocoldesign and implementions on the target platform. Third, we implement security services for thetarget platform. Then we make a security analysis for protocols design and present countermeasuresbased on the supported security services. Finally, to show the feasibility and study the real-worldperformance, we test the protocols for the target platform both with and without the security servicesand measure their performance.1.3ResultsThis thesis presents the design and implementation of secure real-time services, including time synchronization and low-latency data collection, and perform several experimental performance evaluation. The main results include the following aspects:a. A network-wide time synchronization protocol is designed, analysed and compared to otherexisting alternative schemes. A concrete implementation of the protocol is done for the target platform (ContikiOS on Moteiv Tmote Sky). Our protocol is based on the sender/receiverpairwise synchronization. A tree topology is formed implicitly during the pairwise synchronization starting from the sink node and thus reduces the communication overhead. We also usethe authenticated MAC-timestamping to reduce synchronization error by excluding send timeand receive time and counter some security attacks through authentication of the timestamps.The time synchronization protocol design makes an improvement on the existing protocols,achieving a better performance in some critical metrics, such as communication overhead andadaptability of the dynamic topology while maintaining the same synchronization precision andcomputational complexity.b. The Treeroute routing protocol is ported to the Tmote Sky platform for multi-hop routing. Ademo application of a multi-hop data collection using Treeroute routing is designed and implemented for a multi-hop network. The data collection protocol can achieve lower latency byusing slotted communication based on the network-wide time synchronization. The latency fora data packet from a source node to the destination node will be measured in the synchronizedtime notion among the distributed nodes. So the measured latency will be affected by the synchronization precision. In the experiment, we show that the end-to-end latency of all packets israther stable and the data delivery is very reliable due to non-collision in the slotted communication. This shows that the time synchronization works well enough to provide a global clockfor slot assignment.c. Security services for the target platform are implemented and further used to secure the abovereal-time services. The implementation of the security services utilize the hardware-based AES4

security operations supported by CC2420 radio. We can enable the security services to securethe real-time services. Then we make a security analysis for the protocols design and presentcountermeasures to resist the security attacks based on the supported security services.d. Experiments are done for single-hop networks as well as for multi-hop networks. The real-timeservices are tested, with security enabled and disabled respectively. An analysis of the experimental results is conducted to show the real-world performance of the implemented services.1.4Thesis outlineChapter 2 introduces the security challenges in WSNs and the related work on time synchronizationand low-latency data collection protocols. Chapter 3 describes the designs and implementation detailsof the security services, the time synchronization protocol and low-latency data collection protocol.Chapter 4 makes a security analysis for the real-time services implemented and presents how to securethese services using the security services implemented in this platform. Chapter 5 presents the testresults of some carefully chosen real-world experiments. Chapter 6 concludes the thesis work andpresents the research trends and work.5

Chapter 2BackgroundWireless sensor networks(WSN) is an information gathering paradigm based on the collective effortsof hundreds or thousands of small wireless sensor devices. The devices are equipped with one ormore sensors, a short-range radio transceiver, a small microcontroller, and a power supply. The sensordevices autonomously form networks through which sensor data is transported. The sensor devicesare often severely resource-constrained. An on-board battery or solar panel can only supply limitedamounts of power. The small physical size and low per-device cost limit the complexity of the system.Typical sensor devices are equipped with 8-bit micro-controllers, code memory on the order of 100kilobytes, and less than 20 kilobytes of RAM.Applications for sensor networks can be found in many different areas [20, 15], ranging from biologyand medicine to industry. One of the potential applications are wireless automation systems whichare supported by the real-time control services over sensor networks. Automatic control is a centralcomponent of any modern process and manufacturing industry. The information flows between sensor, actuator and control nodes have traditionally been hardwired synchronous communication. Overthe last decade, there has been a transition to communication buses, such as field bus and Ethernettechnology, in these control systems. Currently there is a major drive to take the next step in thisevolution by moving to wireless communication. More efficient and lower costs for installation andcommissioning are important factors. There is also a large potential for major technological advancesdue to increased flexibility and mobility, which may lead to totally new system designs.Reliable real-time control is the basic requirement for most automation system. It requires real-timeservices such as data collection with low latency and implicitly a time-synchronization service. Meanwhile, as we know, the wireless channel is vulnerable to many kinds of attacks. In such an unreliableand serious resource-limited environment, to achieve the reliability of the system, security is a greatissue to be addressed and should be a built-in property for the system design.This chapter presents the common security issues in a WSN and the related features of the targetplatform. Then it gives an overview of time synchronization and data collection protocols and furtherdiscusses the related work.2.1Security challenges and considerations in WSNThere are several challenges to achieve security in a wireless sensor network:6

a. Poorly protected channels - eavesdropping, signal jamming attacksb. Insecure cooperative network protocols - man-in-the-middle attacksc. Stringent resource constraints on sensor nodes - no computationally intensive security operationd. No physical security - compromised nodesThese challenges make security in a wireless sensor network difficult to achieve. However, forsecurity-critical applications, all the underlying protocols or services need to be designed with security in mind. According to what needs to be protected, security services such as encryption, authentication, authorization and access control, should be in place to provide the necessary protection ofcritical data, such as timestamps for time synchronization service, temperature data for fire monitoring, life-critical data for healthcare monitoring, etc.According to the sources of the security breaches (i.e. unprotected wireless link, distributed communication protocol design, compromised nodes) in a wireless sensor network, security is basicallyconcerned with the following aspects:a. Securing the communication linkThe wireless in nature is exposed physically, so to secure the link means protecting the communication data from being disclosed, modified. This can be achieved through the cryptographicoperations.b. Securing distributed services and protocolsCryptographic techniques help to secure the protocols. But pure cryptographic techniques insome cases can not help to resist some malicious manipulations, such as delay or replay attacks.If the protocols mechanism is poorly designed, it might suffer from the attacks by manipulatingthe mechanism weakness. So we should design the protocols or services, such as secure routing,secure data gathering or secure time synchronization, in a secure way.c. Tolerating compromised nodes attackA WSN is commonly deployed in an unattended environment, so sensor nodes are easily captured. Due to lack of tamper resistance, the embedded cryptographic secret in the compromisednodes can be recovered. Subsequently the compromised nodes can be manipulated as authorized nodes to inject bogus data to trigger false events or stall the reporting of real events. It’sout of the realm of cryptography which is based on the secret. But it can be detected or avoidedto some extent on proper protocol design.Due to the severe resource constraints in a wireless sensor network, there are several design considerations for providing security services in a sensor node.a. Radio is very power-intensive: minimize communication overhead;b. Making deployment easy: It is difficult to setup different keys for each node in a large network;c. Must avoid complex key management: use an efficient key distribution protocol or just usepre-shared keys; use a global key instead of pair-wise keys;d. Traditional public-key cryptographies such as RSA is not computationally feasible: more efficient public key techniques such as ECC might work [31].7

2.2Target platform and supported security featuresIn this section, we first briefly introduce the target platform, and then give an analysis of the securityservices it supports.2.2.1Contiki OS and Moteiv Tmote SkyContiki OS Contiki OS is a highly portable, networked, multi-tasking operating system for severememory-constrained systems [5, 7]. It provides protocol implementations for the sensor devices [6],dynamic loading of programs, native TCP/IP support using the uIP stack [10, 11]. In Contiki OS,one outstanding feature is the use of proto-threads [4, 9, 8] that provide sequential flow of controlwithout complex state machines or full multi-threading. Each proto-thread handles certain events suchas event timer expiration according to the kernel scheduling, but it never consumes processor cycleswhile waiting for future events. This meets the concurrency processing requirement for sensor nodes.To support the timing of events, in Contiki there is a logical clock represented by a tick count variable,which will keep counting the timer interrupt (tick interrupt). Local clock measured in ticks is thebasic clock source of real-time services. Besides, based on this logical clock, there are also two typesof timers implemented in Contiki, i.e., timer and etimer. With the timers we can easily implementtime-critical services.For the security aspect, there is no support of security services in current Contiki. However theradio chip in the hardware platform provides the security crypto acceleration. We can utilize thishardware-assisted feature to support security services and free the microcontroller from long-periodsecurity computation.Moteiv Tmote Sky The experiment hardware platform is Tmote Sky shown in Figure 2.1.Figure 2.1: Tmote Sky moduleTmote Sky is an ultra low power wireless module for use in low-power sensor network applications [24]. It is integrated with microcontroller MSP430F1611 and the CC2420 radio [27] whichis a first Zigbee-ready radio chip compliant with 2.4 Ghz IEEE 802.15.4 specification. The CC2420radio provides high-level security using 128-bit AES crypto accelerator with which we can providethe link-layer secure services.8

2.2.2Supported security features in target platformCurrently there are no security features implemented for the target platform -Tmote Sky in ContikiOS. But the radio chip CC2420 provides extensive flexible hardware support for security operations.We exploit the benefit from the hardware security support and implement the security features to secure the time synchronization protocol and data collection protocol.We first look at the security modes built in CC2420.CC2420 security and IEEE802.15.4 2003 SpecFor compliance with IEEE802.15.4 2003 specification [30], the CC2420 radio features hardwareIEEE 802.15.4 MAC security operations. All security operations are based on AES encryption using128-bit keys. With the extensive hardware support for data encryption and authentication [13], thechallenge to counter security attacks for sensor nodes with constrained resource capacity is relievedgreatly. It is very flexible and different security services can be selected via one of the followingmodes: None-security, CBC-MAC authentication only, CTR mode encryption-only, and CCM, whichcombines authentication with encryption.When utilizing these security features, we refer to the security pitfalls in IEEE802.15.4 specification pointed out in [25]. In fact there is an ongoing work on the IEEE802.15.4b [29] which aims toresolve those security pitfalls.Data freshness service using authenticated timestampData freshness is a security service to counter replay attacks, a very common security issue not onlyexisting in wired networks but also in wireless sensor networks since it is easy for an attacker to initiate a replay attack by just simply recording the packet and then resending it later to get illegal access.A replay attack, also known as a man-in-the-middle attack, is a breach of security in which informationis illegally stored without authorization and then retransmitted to trick the receiver into unauthorizedoperations such as false identification or authentication or a duplicate transaction. Even though thecaptured messages may be encrypted, the attacker does not need to know the actual keys and passwords and just perform the retransmission of valid logon messages which is sufficient to gain accessto the network. Typically a replay attack can be prevented using strong digital signatures that includetime stamps and inclusion of unique information from the previous transaction such as a constantlyincremented sequence number.Time stamping can be utilized to counter a replay attack. A replay packet can be detected by checking its timestamp of sending. With the authenticated time stamping we can ensure the timestamp isnot modified. Two packets can not be sent by a node at the same time, i.e, with the same sendingtimestamp.2.3Real-time issues and time synchronization in WSNsReal-time issues are concerned with requirements of certain type of temporal relationship betweendifferent events and typically are presented in the one of the following aspects:9

a. The relative timeliness ordering of events happened in different nodes (e.g. event X must happenbefore event Y happens);b. The time interval between two events happened on different nodes (there is a deadline for eventY to happen after event X happened);c. The time of the day at which an event happened on a specific node.These aspects are necessary for the collaborative work of the sensor nodes for the decisions of thecentral base station (also referred as Sink). To meet the above real-time requirements, a common timeaxis is needed to provide the timeliness relationship [2, 28].Since time synchronization is critical to sensor networks for both schedule-based protocols and timesensitive applications. In this thesis, we will study the current time synchronization protocols forsensor network and the related security issues.2.3.1Overview and basic conceptsTime synchronization is a common issue in distributed systems, since all the nodes are physicallyseparate and have no common memory. Each node has its own internal clock and its own notionof time, but no common notion of time with other nodes in the network. The real-time issues mentioned in the previous chapter need to be addressed through the time synchronization over the network.There are three reasons for the nodes lack of a common notion of time:Offset The nodes might not be started at the same time and thus a clock offset exists between thesenodes.Skew The crystal oscillator might be running at slightly different frequencies, making the clockvalue to diverge gradually from each other. This is termed as Skew error.Drift The frequency of the clocks might change over time because of aging or changes of conditionssuch as temperature. This is termed as Drift error.Among these, skew and drift error are related to the hardware and physical conditions and changeover a long period and not instantaneously. We aim at not only reducing the time offset betweennodes to get instantaneous synchronization but also compensating for drift and skew by periodicalnetwork-wide synchronization.To achieve time synchronization through message exchanges, there are six delay factors (sourcesof synchronization error) in the time-critical transfer path, which means the path of a sync messagethat contributes to non-deterministic errors in the protocols.Send time This is the time period from the moment a timestamp is taken for sending a timesyncpacket to the point the packet is buffered into the TXFIFO.10

Media access time This delay depends on what kind of media access protocol is using. In TmoteSky, the CC2420 radio use CSMA/CA for media access control. In this case media access delayis the delay for the packet waiting for a clear channel to transmit. This competition-based mediaaccess mechanism leads to highly non-deterministic delay and thus contributes to the major source ofsynchronization error.Transmission time This is the time for the CC2420 radio to transmit a packet over the radio link.It can be computed based on the packet length and transmit speed for the radio. So this delay is aconstant and can be estimated.Radio propagation time This is the time for a radio signal to propagate over the air to reach areceiver. Radio propagation speed is velocity of light which is 300 meters per microsecond. Thiserror is negligible with normally less than 100 meters of coverage for a wireless sensor.Reception time This refers to the time taken to receive the bits and passing them to the MAC layer.This is mainly deterministic in nature for a hardware based RF transceiver.Receive time The bits are then constructed into a packet and then this packet is passed on to theapplication layer where it is decoded. The value of receive time changes due to the variable delaysintroduced by the operating system.According to the varying requirements, such as diverse precision requirements, network density, degree of mobility and topology stability, several proposals for time synchronization protocols have beenpresented. Time synchronization typically is based on message exchange containing the timestampand the measurement of delay. There are three basic solutions for synchronization between two nodes:1. sender/receiver-based synchronization2. receiver/receiver-based synchronization3. delay measurement synchronizationOne-way message exchange is commonly used in receiver/receiver synchronization solution suchas Reference Broadcast Synchronization(RBS) [12], while two-way message exchange is commonlyused in sender/receiver-based synchronization solution, such as Timing-sync Protocol for Sensor Networks(TPSN) [16]. There are also some synchronization protocols based on one-way message exchange as well as the measurement of delay. Typical use of delay measurement is Delay MeasurementTime Synchronization(DMTS) [26].2.3.2Related workWe make an analysis on these popular protocols in use for sensor networks, pointing out what are theadvantages and disadvantages of our protocol compared to these protocols.11

Reference Broadcast Synchronization(RBS)In RBS, a reference node broadcasts a message and all the nodes in the coverage will timestamp thelocal time of receiving this reference message [2, 12]. Then they exchan

Low-latency data collection services will also play a significant role for the time-critical applications. It aims to provide the guarantee of a time limit for the data collection. Based on the synchronized no-tion of time over the network, we implement a protocol for data collection aiming at low end-to-end latency for the same platform.