Biblio

IoT is an emerging technology in modern world of communication. As the usage of IoT devices is increasing in day to day life, the secure data communication in IoT environment is the major challenge. Especially, small sized Single-Board Computers (SBCs) or Microcontrollers devices are widely used to transfer data with another in IoT. Due to the less processing power and storage capabilities, the data acquired from these devices must be transferred very securely in order to avoid some ethical issues. There are many cryptography approaches are applied to transfer data between IoT devices, but there are obvious chances to suspect encrypted messages by eavesdroppers. To add more secure data transfer, steganography mechanism is used to avoid the chances of suspicion as another layer of security. Based on the capabilities of IoT devices, low complexity images are used to hide the data with different hiding algorithms. In this research study, the secret data is encoded through QR code and embedded in low complexity cover images by applying image to image hiding fashion. The encoded image is sent to the receiving device via the network. The receiving device extracts the QR code from image using secret key then decoded the original data. The performance measure of the system is evaluated by the image quality parameters mainly Peak Signal to Noise Ratio (PSNR), Normalized Coefficient (NC) and Security with maintaining the quality of contemporary IoT system. Thus, the proposed method hides the precious information within an image using the properties of QR code and sending it without any suspicion to attacker and competes with the existing methods in terms of providing more secure communication between Microcontroller devices in IoT environment.

Internet of Things (IoT) devices have been increasingly integrated into our daily life. However, such smart devices suffer a broad attack surface. Particularly, attacks targeting the device software at runtime are challenging to defend against if IoT devices use resource-constrained microcontrollers (MCUs). TrustZone-M, a TrustZone extension for MCUs, is an emerging security technique fortifying MCU based IoT devices. This paper presents the first security analysis of potential software security issues in TrustZone-M enabled MCUs. We explore the stack-based buffer overflow (BOF) attack for code injection, return-oriented programming (ROP) attack, heap-based BOF attack, format string attack, and attacks against Non-secure Callable (NSC) functions in the context of TrustZone-M. We validate these attacks using the Microchip SAM L11 MCU, which uses the ARM Cortex-M23 processor with the TrustZone-M technology. Strategies to mitigate these software attacks are also discussed.

{In the last few decades, Internet of things (IOT) is one of the key elements in industrial revolution 4.0 that used mart phones as one of the best technological advances' intelligent device. It allows us to have power over devices without people intervention, either remote or voice control. Therefore, the “Smart Radar Door “system uses a microcontroller and mobile Bluetooth module as an automation of smart door lock system. It is describing the improvement of a security system integrated with an Android mobile phone that uses Bluetooth as a wireless connection protocol and processing software as a tool in order to detect any object near to the door. The mob ile device is required a password as authentication method by using microcontroller to control lock and unlock door remotely. The Bluetooth protocol was chosen as a method of communication between microcontroller and mobile devices which integrated with many Android devices in secured protocol}.

As Electric Power is one of the major concerns, so the concept of the automatic lighting and security system saves the electrical energy. By using the automatic lightning, the consumption of electrical power can be minimized to a greater extent and for that sensors and microcontrollers can be designed in such a manner such that lights get ON/OFF based on motion in a room. The various sensors used for sensing the motion in an area are PIR motion sensor, IR Motion Sensor. An IR sensor senses the heat of an object and detects its motion within some range as it emits infrared radiations and this complete process can be controlled by microcontroller. Along with that security system can be applied in this concept by programming the microcontroller in such a way that if there is some movement in an area then lights must get ON/OFF automatically or any alarm must start. This chapter proposes the framework for the smart lightning with security systems in a building so that electrical power can be utilized efficiently and secures the building.

A fault attack is a well-known technique where the behaviour of a chip is voluntarily disturbed by hardware means in order to undermine the security of the information handled by the target. In this paper, we explore how Electromagnetic fault injection (EMFI) can be used to create vulnerabilities in sound software, targeting a Cortex-M3 microcontroller. Several use-cases are shown experimentally: control flow hijacking, buffer overflow (even with the presence of a canary), covert backdoor insertion and Return Oriented Programming can be achieved even if programs are not vulnerable in a software point of view. These results suggest that the protection of any software against vulnerabilities must take hardware into account as well.

The article describes design and realization of security system based on single-chip microcontrollers. System includes sensor modules for unauthorized entrance detection based on magnetic contact, measuring carbon monoxide level, movement detection and measuring temperature and humidity. System also includes control unit, control panel and development board Arduino with ethernet interface connected for web server implementation.

Wearable medical devices are playing more and more important roles in healthcare. Unlike the wired connection, the wireless connection between wearable devices and the remote servers are exceptionally vulnerable to malicious attacks, and poses threats to the safety and privacy of the patient health data. Therefore, wearable medical devices require the implementation of reliable measures to secure the wireless network communication. However, those devices usually have limited computational power that is not comparable with the desktop computer and thus, it is difficult to adopt the full-fledged security algorithm in software. In this study, we have developed an efficient authentication and encryption protocol for internetconnected wearable devices using the recognized standards of AES and SHA that can provide two-way authentication between wearable device and remote server and protection of patient privacy against various network threats. We have tested the feasibility of this protocol on the TI CC3200 Launchpad, an evaluation board of the CC3200, which is a Wi-Fi capable microcontroller designed for wearable devices and includes a hardware accelerated cryptography module for the implementation of the encryption algorithm. The microcontroller serves as the wearable device client and a Linux computer serves as the server. The embedded client software was written in ANSI C and the server software was written in Python.

Small embedded devices such as microcontrollers have been widely used for identification, authentication, securing and storing confidential information. In all these applications, the security and privacy of the microcontrollers are of crucial importance. To provide strong security to protect data, these devices depend on cryptographic algorithms to ensure confidentiality and integrity of data. Moreover, many algorithms have been proposed, with each one having its strength and weaknesses. This paper presents a Differential Power Analysis(DPA) attack on hardware implementations of Advanced Encryption Standard(AES) running inside a PIC18F2420 microcontroller.

This scientific paper reveals an intelligent system for data acquisition for dam monitoring and diagnose. This system is built around the RS485 communication standard and uses its own communication protocol [2]. The aim of the system is to monitor all signal levels inside the communication bus, respectively to detect the out of action data loggers. The diagnose test extracts the following functional parameters: supply voltage and the absolute value and common mode value for differential signals used in data transmission (denoted with “A” and “B”). Analyzing this acquired information, it's possible to find short-circuits or open-circuits across the communication bus. The measurement and signal processing functions, for flaws, are implemented inside the system's central processing unit. The next testing step is finding the out of action data loggers and is being made by trying to communicate with every data logger inside the network. The lack of any response from a data logger is interpreted as an error and using the code of the data logger's microcontroller, it is possible to find its exact position inside the dam infrastructure. The novelty of this procedure is the fact that it completely automates the diagnose procedure, which, until now, was made visually by checking every data logger.