Biblio

Secure wireless communication is essential for most industrial applications. The secure and reliable control of processes as well as the data integrity of measured values are key targets in these applications. The industrial Internet-of-Things (IIoT) tries to connect an increasing number of sensors wirelessly. The wireless sensors form wireless sensor networks (WSNs). However, wireless sensor nodes are exposed to various security threats ranging from physical modification on the device itself to remote attacks via the communication channel. It is important to secure the complete lifetime of the wireless sensor nodes and other system components. This includes the production phase, shipping, preparation phase and operational phase. This paper presents a lifetime security concept for a wireless sensor network applied in automotive test beds. In this application scenario, the wireless sensor nodes are used to capture various temperatures in an automotive unit under test. In order to indicate the current state of trustworthiness of the system, a trustworthiness indicator is implemented which is shown to the user. An evaluation of the impact of encrypted communication on power consumption shows that the increase is negligible, and can be expected to be provided by the wireless sensor node's power supply without reducing the node lifetime.

Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trust-worthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an inter-operable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trust-worthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.