Biblio

Continued advances in IoT technology have prompted new investigation into its usage for military operations, both to augment and complement existing military sensing assets and support next-generation artificial intelligence and machine learning systems. Under the emerging Internet of Battlefield Things (IoBT) paradigm, a multitude of operational conditions (e.g., diverse asset ownership, degraded networking infrastructure, adversary activities) necessitate the development of novel security techniques, centered on establishment of trust for individual assets and supporting resilience of broader systems. To advance current IoBT efforts, a set of research directions are proposed that aim to fundamentally address the issues of trust and trustworthiness in contested battlefield environments, building on prior research in the cybersecurity domain. These research directions focus on two themes: (1) Supporting trust assessment for known/unknown IoT assets; (2) Ensuring continued trust of known IoBT assets and systems.

With the interconnection of services and customers, network attacks are capable of large amounts of damage. Flexible Random Virtual IP Multiplexing (FRVM) is a Moving Target Defence (MTD) technique that protects against reconnaissance and access with address mutation and multiplexing. Security techniques must be trusted, however, FRVM, along with past MTD techniques, have gaps in realistic evaluation and thorough analysis of security and performance. FRVM, and two comparison techniques, were deployed on a virtualised network to demonstrate FRVM's security and performance trade-offs. The key results include the security and performance trade-offs of address multiplexing and address mutation. The security benefit of IP address multiplexing is much greater than its performance overhead, deployed on top of address mutation. Frequent address mutation significantly increases an attackers' network scan durations as well as effectively obfuscating and hiding network configurations.

A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.

Classic security techniques use patterns (e.g., virus scanner) for detecting malicious software, compiler features (e.g., canaries, tainting) or hardware memory protection features (e.g., DEP) for protecting software. An alternative approach is the verification of software based on the comparison between the binary code loaded before runtime and the actual memory image during runtime. The expected memory image is predictable based on the ELF-file, the loading mechanism, and its allocated memory addresses. Using binary files as references for verifying the memory during execution allows for the definition of white-lists based on the actual software used. This enables a novel way of detecting sophisticated attacks to executed code, which is not considered by current approaches. This paper presents the background, design, implementation, and verification of a non-intrusive runtime memory verification concept, which is based on the comparison of binary executables and the actual memory image.

Ensuring security in the military applications of IoT is a big challenge. The main reasons for this state of affairs is that the sensor nodes of the network are usually mobile, use wireless links, have a small processing power and have a little energy resources. The paper presents the solution for cryptographic protection of transmission between sensor nodes in the data link layer and for cryptographic protection of data stored in the sensor node resources. For this purpose, the Trusted Platform Module (TPM) was used. The proposed solution makes it possible to build secure and fault tolerant sensor network. The following aspects were presented in the paper: the model of such a network, applied security solutions, analysis of the security in the network and selected investigation results of such a network were presented.