Refine
Year of publication
Document Type
- Conference Proceeding (113)
- Article (reviewed) (25)
- Master's Thesis (5)
- Part of a Book (4)
- Article (unreviewed) (4)
- Report (4)
- Book (2)
- Doctoral Thesis (2)
- Patent (2)
Conference Type
- Konferenzartikel (112)
- Konferenzband (1)
Keywords
- Eingebettetes System (8)
- Blockchain (6)
- Kommunikation (4)
- blockchain (4)
- IIoT (3)
- IT-Sicherheit (3)
- Internet der Dinge (3)
- Internet of Things (3)
- IoT security (3)
- Security (3)
Institute
- ivESK - Institut für verlässliche Embedded Systems und Kommunikationselektronik (161) (remove)
Open Access
- Closed Access (81)
- Open Access (41)
- Closed (28)
- Gold (8)
- Bronze (7)
- Diamond (4)
The CAN bus still is an important fieldbus in various domains, e.g. for in-car communication or automation applications. To counter security threats and concerns in such scenarios we design, implement, and evaluate the use of an end-to-end security concept based on the Transport Layer Security protocol. It is used to establish authenticated, integrity-checked, and confidential communication channels between field devices connected via CAN. Our performance measurements show that it is possible to use TLS at least for non time-critical applications, as well as for generic embedded networks.
Uncontrollable manufacturing variations in electrical hardware circuits can be exploited as Physical Unclonable Functions (PUFs). Herein, we present a Printed Electronics (PE)-based PUF system architecture. Our proposed Differential Circuit PUF (DiffC-PUF) is a hybrid system, combining silicon-based and PE-based electronic circuits. The novel approach of the DiffC-PUF architecture is to provide a specially designed real hardware system architecture, that enables the automatic readout of interchangeable printed DiffC-PUF core circuits. The silicon-based addressing and evaluation circuit supplies and controls the printed PUF core and ensures seamless integration into silicon-based smart systems. Major objectives of our work are interconnected applications for the Internet of Things (IoT).
Vehicle-to-Everything (V2X) communication promises improvements in road safety and efficiency by enabling low-latency and reliable communication services for vehicles. Besides using Mobile Broadband (MBB), there is a need to develop Ultra Reliable Low Latency Communications (URLLC) applications with cellular networks especially when safety-related driving applications are concerned. Future cellular networks are expected to support novel latencysensitive use cases. Many applications of V2X communication, like collaborative autonomous driving requires very low latency and high reliability in order to support real-time communication between vehicles and other network elements. In this paper, we classify V2X use-cases and their requirements in order to identify cellular network technologies able to support them. The bottleneck problem of the medium access in 4G Long Term Evolution(LTE) networks is random access procedure. It is evaluated through simulations to further detail the future limitations and requirements. Limitations and improvement possibilities for next generation of cellular networks are finally detailed. Moreover, the results presented in this paper provide the limits of different parameter sets with regard to the requirements of V2X-based applications. In doing this, a starting point to migrate to Narrowband IoT (NB-IoT) or 5G - solutions is given.
The next generation cellular networks are expected to improve reliability, energy efficiency, data rate, capacity and latency. Originally, Machine Type Communication (MTC) was designed for low-bandwidth high-latency applications such as, environmental sensing, smart dustbin, etc., but there is additional demand around applications with low latency requirements, like industrial automation, driver-less cars, and so on. Improvements are required in 4G Long Term Evolution (LTE) networks towards the development of next generation cellular networks for providing very low latency and high reliability. To this end, we present an in-depth analysis of parameters that contribute to the latency in 4G networks along with a description of latency reduction techniques. We implement and validate these latency reduction techniques in the open-source network simulator (NS3) for narrowband user equipment category Cat-Ml (LTE-M) to analyze the improvements. The results presented are a step towards enabling narrowband Ultra Reliable Low Latency Communication (URLLC) networks.
The excessive control signaling in Long Term Evolution networks required for dynamic scheduling impedes the deployment of ultra-reliable low latency applications. Semi-persistent scheduling was originally designed for constant bit-rate voice applications, however, very low control overhead makes it a potential latency reduction technique in Long Term Evolution. In this paper, we investigate resource scheduling in narrowband fourth generation Long Term Evolution networks through Network Simulator (NS3) simulations. The current release of NS3 does not include a semi-persistent scheduler for Long Term Evolution module. Therefore, we developed the semi-persistent scheduling feature in NS3 to evaluate and compare the performance in terms of uplink latency. We evaluate dynamic scheduling and semi-persistent scheduling in order to analyze the impact of resource scheduling methods on up-link latency.
The Datagram Transport Layer Security (DTLS) protocol has been designed to provide end-to-end security over unreliable communication links. Where its connection establishment is concerned, DTLS copes with potential loss of protocol messages by implementing its own loss detection and retransmission scheme. However, the default scheme turns out to be suboptimal for links with high transmission error rates and low data rates, such as wireless links in electromagnetically harsh industrial environments. Therefore, in this paper, as a first step we provide an analysis of the standard DTLS handshake's performance under such adverse transmission conditions. Our studies are based on simulations that model message loss as the result of bit transmission errors. We consider several handshake variants, including endpoint authentication via pre-shared keys or certificates. As a second step, we propose and evaluate modifications to the way message loss is dealt with during the handshake, making DTLS deployable in situations which are prohibitive for default DTLS.
The Transport Layer Security (TLS) protocol is a cornerstone of secure network communication, not only for online banking, e-commerce, and social media, but also for industrial communication and cyber-physical systems. Unfortunately, implementing TLS correctly is very challenging, as becomes evident by considering the high frequency of bugfixes filed for many TLS implementations. Given the high significance of TLS, advancing the quality of implementations is a sustained pursuit. We strive to support these efforts by presenting a novel, response-distribution guided fuzzing algorithm for differential testing of black-box TLS implementations. Our algorithm generates highly diverse and mostly-valid TLS stimulation messages, which evoke more behavioral discrepancies in TLS server implementations than other algorithms. We evaluate our algorithm using 37 different TLS implementations and discuss―by means of a case study―how the resulting data allows to assess and improve not only implementations of TLS but also to identify underspecified corner cases. We introduce suspiciousness as a per-implementation metric of anomalous implementation behavior and find that more recent or bug-fixed implementations tend to have a lower suspiciousness score. Our contribution is complementary to existing tools and approaches in the area, and can help reveal implementation flaws and avoid regression. While being presented for TLS, we expect our algorithm's guidance scheme to be applicable and useful also in other contexts. Source code and data is made available for fellow researchers in order to stimulate discussions and invite others to benefit from and advance our work.
The paper describes the methodology and experimental results for revealing similarities in thermal dependencies of biases of accelerometers and gyroscopes from 250 inertial MEMS chips (MPU-9250). Temperature profiles were measured on an experimental setup with a Peltier element for temperature control. Classification of temperature curves was carried out with machine learning approach.
A perfect sensor should not have thermal dependency at all. Thus, only sensors inside the clusters with smaller dependency (smaller total temperature slopes) might be pre-selected for production of high accuracy inertial navigation modules. It was found that no unified thermal profile (“family” curve) exists for all sensors in a production batch. However, obviously, sensors might be grouped according to their parameters. Therefore, the temperature compensation profiles might be regressed for each group. 12 slope coefficients on 5 degrees temperature intervals from 0°C to +60°C were used as the features for the k-means++ clustering algorithm.
The minimum number of clusters for all sensors to be well separated from each other by bias thermal profiles in our case is 6. It was found by applying the elbow method. For each cluster a regression curve can be obtained.
Recently, the demand for scalable, efficient and accurate Indoor Positioning Systems (IPS) has seen a rising trend due to their utility in providing Location Based Services (LBS). Visible Light Communication (VLC) based IPS designs, VLC-IPS, leverage Light Emitting Diodes (LEDs) in indoor environments for localization. Among VLC-based designs, Time Difference of Arrival (TDOA) based techniques are shown to provide very low errors in the relative position of receivers. Our considered system consists of five LEDs that act as transmitters and a single receiver (photodiode or image sensor in smart phone) whose position coordinates in an indoor environment are to be determined. As a performance criterion, Cramer Rao Lower Bound (CRLB) is derived for range estimations and the impact of various factors, such as, LED transmission frequency, position of reference LED light, and the number of LED lights, on localization accuracy has been studied. Simulation results show that depending on the optimal values of these factors, location estimation on the order of few centimeters can be realistically achieved.
Real-Time Ethernet has become the major communication technology for modern automation and industrial control systems. On the one hand, this trend increases the need for an automation-friendly security solution, as such networks can no longer be considered sufficiently isolated. On the other hand, it shows that, despite diverging requirements, the domain of Operational Technology (OT) can derive advantage from high-volume technology of the Information Technology (IT) domain. Based on these two sides of the same coin, we study the challenges and prospects of approaches to communication security in real-time Ethernet automation systems. In order to capitalize the expertise aggregated in decades of research and development, we put a special focus on the reuse of well-established security technology from the IT domain. We argue that enhancing such technology to become automation-friendly is likely to result in more robust and secure designs than greenfield designs. Because of its widespread deployment and the (to this date) nonexistence of a consistent security architecture, we use PROFINET as a showcase of our considerations. Security requirements for this technology are defined and different well-known solutions are examined according their suitability for PROFINET. Based on these findings, we elaborate the necessary adaptions for the deployment on PROFINET.
Wireless sensor networks have recently found their way into a wide range of applications among which environmental monitoring system has attracted increasing interests of researchers. Such monitoring applications, in general, don way into a wide range of applications among which environmental monitoring system has attracted increasing interests of researc latency requirements regarding to the energy efficiency. Also a challenge of this application is the network topology as the application should be able to be deployed in very large scale. Nevertheless low power consumption of the devices making up the network must be on focus in order to maximize the lifetime of the whole system. These devices are usually battery-powered and spend most of their energy budget on radio transceiver module. A so-called Wake-On-Radio (WoR) technology can be used to achieve a reasonable balance among power consumption, range, complexity and response time. In this paper, some designs for integration of WOR into IEEE 802.1.5.4 are to be discussed, providing an overview of trade-offs in energy consumption while deploying the WoR schemes in a monitoring system.
Environmental Monitoring is an attractive application field for Wireless Sensor Network (WSN). Water Level Monitoring helps to increase the efficiency of water distribution and management. In Pakistan, the world’s largest irrigation system covers 90.000 km of channels which needs to be monitored and managed on different levels. Especially the sensor systems for the small distribution channels need to be low energy and low cost. The distribution presents a technical solution for a communication system which is developed in a research project being co-funded by German Academic Exchange Service (DAAD). The communication module is based on IEEE-802.15.4 transceivers which are enhanced through Wake-On-Radio (WOR) to combine low-energy and real-time behavior. On higher layers, IPv6 (6LoWPAN) and corresponding routing protocols like Routing Protocol for Low power and Lossy Networks (RPL) can extend range of the network. The data are stored in a database and can be viewed online via a web interface. Of course, also automatic data analysis can be performed.
Digital networked communications are the key to all Internet-of-Things applications, especially to smart metering systems and the smart grid. In order to ensure a safe operation of systems and the privacy of users, the transport layer security (TLS) protocol, a mature and well standardized solution for secure communications, may be used. We implemented the TLS protocol in its latest version in a way suitable for embedded and resource-constrained systems. This paper outlines the challenges and opportunities of deploying TLS in smart metering and smart grid applications and presents performance results of our TLS implementation. Our analysis shows that given an appropriate implementation and configuration, deploying TLS in constrained smart metering systems is possible with acceptable overhead.
The application of leaky feeder (radiating) cables is a common solution for the implementation of reliable radio communication in huge industrial buildings, tunnels and mining environment. This paper explores the possibilities of leaky feeders for 1D and 2D localization in wireless systems based on time of flight chirp spread spectrum technologies. The main focus of this paper is to present and analyse the results of time of flight and received signal strength measurements with leaky feeders in indoor and outdoor conditions. The authors carried out experiments to compare ranging accuracy and radio coverage area for a point-like monopole antenna and for a leaky feeder acting as a distributed antenna. In all experiments RealTrac equipment based on nanoLOC radio standard was used. The estimation of the most probable path of a chirp signal going through a leaky feeder was calculated using the ray tracing approach. The typical non-line-of-sight errors profiles are presented. The results show the possibility to use radiating cables in real time location technologies based on time-of-flight method.
The increasing number of transistors being clocked at high frequencies of modern microprocessors lead to an increasing power consumption, which calls for an active dynamic thermal management. In a research project a system environment has been developed, which includes thermal modeling of the microprocessor in the board system, a software environment to control the characteristics of the system’s timing behavior, and a modified Linux scheduler, which is enhanced with a prediction controller. Measurement results are shown for this development for a Freescale i.MX6Q quad-core microprocessor.
We provide a privacy-friendly cloud-based smart metering storage architecture which provides few-instance storage on encrypted measurements by at the same time allowing SQL queries on them. Our approach is most flexible with respect to two axes: on the one hand it allows to apply filtering rules on encrypted data with respect to various upcoming business cases; on the other hand it provides means for a storage-efficient handling of encrypted measurements by applying server-side deduplication techniques over all incoming smart meter measurements. Although the work at hand is purely dedicated to a smart metering architecture we believe our approach to have value for a broader class of IoT cloud storage solutions. Moreover, it is an example for Privacy-by-design supporting the positive-sum paradigm.
6LoWPAN (IPv6 over Low Power Wireless Personal Area Networks) is gaining more and more attraction for the seamless connectivity of embedded devices for the Internet of Things. It can be observed that most of the available solutions are following an open source approach, which significantly leads to a fast development of technologies and of markets. Although the currently available implementations are in a pretty good shape, all of them come with some significant drawbacks. It was therefore decided to start the development of an own implementation, which takes the advantages from the existing solutions, but tries to avoid the drawbacks. This paper discussed the reasoning behind this decision, describes the implementation and its characteristics, as well as the testing results. The given implementation is available as open-source project under [15].
6LoWPAN (IPv6 over Low Power Wireless Personal Area Networks) is gaining more and more attraction for the seamless connectivity of embedded devices for the Internet of Things (IoT). Whereas the lower layers (IEEE802.15.4 and 6LoWPAN) are already well defined and consolidated with regard to frame formats, header compression, routing protocols and commissioning procedures, there is still an abundant choice of possibilities on the application layer. Currently, various groups are working towards standardization of the application layer, i.e. the ETSI Technical Committee on M2M, the IP for Smart Objects (IPSO) Alliance, Lightweight M2M (LWM2M) protocol of the Open Mobile Alliance (OMA), and OneM2M. This multitude of approaches leaves the system developer with the agony of choice. This paper selects, presents and explains one of the promising solutions, discusses its strengths and weaknesses, and demonstrates its implementation.
In this work we describe the implementation details of a protocol suite for a secure and reliable over-the-air reprogramming of wireless restricted devices. Although, recently forward error correction codes aiming at a robust transmission over a noisy wireless medium have extensively been discussed and evaluated, we believe that the clear value of the contribution at hand is to share our experience when it comes to a meaningful combination and implementation of various multihop (broadcast) transmission protocols and custom-fit security building blocks: For a robust and reliable data transmission we make use of fountain codes a.k.a. rateless erasure codes and show how to combine such schemes with an underlying medium access control protocol, namely a distributed low duty cycle medium access control (DLDC-MAC). To handle the well known problem of packet pollution of forward-error-correction approaches where an attacker bogusly modifies or infiltrates some minor number of encoded packets and thus pollutes the whole data stream at the receiver side, we apply homomorphic message authentication codes (HomMAC). We discuss implementation details and the pros and cons of the two currently available HomMAC candidates for our setting. Both require as the core cryptographic primitive a symmetric block cipher for which, as we will argue later, we have opted for the PRESENT, PRIDE and PRINCE (exchangeable) ciphers in our implementation.
Wireless sensor networks have found their way into a wide range of applications among which environmental monitoring systems have attracted increasing interests of researchers. The main challenges for the applications are scalability of the network size and energy efficiency of the spatially distributed motes. These devices are mostly battery-powered and spend most of their energy budget on the radio transceiver module. A so-called Wake-On-Radio (WOR) technology can be used to achieve a reasonable balance among power consumption, range, complexity and response time. In this paper, a novel design for integration of WOR into IEEE802.1.5.4 is presented, which flexibly allows trade-offs in energy consumption between sender and receiver station, between real-time capability and energy consumption. For identical behavior, the proposed scheme is significantly more efficient than other schemes, which were proposed in recent publications, while preserving backward compatibility with standard IEEE802.15.4 transceivers.
Ultra wide band (UWB) signals are well suited both for short-range wireless communication and for high-precision localization applications. Channel impulse response (CIR) analysis in UWB systems is a major element in localization estimation. In this paper, practical aspects of CIR are presented. I.e. a technique for the construction of the accumulated echo-gram of a multipath delayed signal is proposed. Decawave hardware was used to demonstrate the technique of analysis of fine structure of signals with a sub-nanosecond resolution. Temporal stability, reliability and two-way characteristics of such echo-grams are discussed as well. The results of using two EVK1000 radio modules as a radar installation to detect a target in indoor environments prove that a low cost UWB intrusion detection and through-the-wall-vision systems might be developed using the proposed technique.
In the work at hand, we combine a Private Information Retrieval (PIR) protocol with Somewhat Homomorphic Encryption (SHE) and use Searchable Encryption (SE) with the objective to provide security and confidentiality features for a third party cloud security audit. During the auditing process, a third party auditor will act on behalf of a cloud service user to validate the security requirements performed by a cloud service provider. Our concrete contribution consists of developing a PIR protocol which is proceeding directly on a log database of encrypted data and allowing to retrieve a sum or a product of multiple encrypted elements. Subsequently, we concretely apply our new form of PIR protocol to a cloud audit use case where searchable encryption is employed to allow additional confidentiality requirements to the privacy of the user. Exemplarily we are considering and evaluating an audit of client accesses to a controlled resource provided by a cloud service provider.
Die Vielfalt der Protokolle, die praktisch auf allen Ebenen der Netzwerkkommunikation zu berücksichtigen ist, stellt eine der großen Herausforderungen bei der fortschreitenden Automatisierung des intelligenten Hauses dar. Unter dem Überbegriff Internet der Dinge (Internet of Things) entstehen gegenwärtig zahlreiche neue Entwicklungen, Standards, Allianzen und so genannte Ökosysteme. Diese haben die Absicht einer horizontalen Integration gewerkeübergreifender Anwendungen und verfolgen fast alle das Ziel, die Situation zu vereinfachen, die Entwicklungen zu beschleunigen und Markterfolge zu erreichen. Leider macht diese Vielfalt momentan die Welt aber eher noch komplexer und bringt damit das Risiko mit sich, genau das Gegenteil der ursprünglichen Absichten zu erreichen. Dieser Beitrag versucht, die Entwicklungen möglichst systematisch zu kategorisieren und mögliche Lösungsansätze zu beschreiben.
The Bluetooth community is in the process to develop mesh technology. This is highly promising as Bluetooth is widely available in Smart Phones and Tablet PCs, allowing an easy access to the Internet of Things. In this paper work, we investigate the performance of Bluetooth enabled mesh networking that we performed to identify the strengths and weaknesses. A demonstrator for this protocol has been implemented by using the Fruity Mesh protocol implementation. Extensive test cases have been executed to measure the performance, the reliability, the power consumption and the delay. For this, an Automated Physical Testbed (APTB), which emulates the physical channels has been used. The results of these measurements are considered useful for the real implementation of Bluetooth; not only for home and building automation, but also for industrial automation.
Institute of Reliable Embedded Systems and Communication Electronics, Offenburg University of Applied Sciences, Germany has developed an automated testing environment, Automated Physical TestBeds (APTB), for analyzing the performance of wireless systems and its supporting protocols. Wireless physical networking nodes can connect to this APTB and the antenna output of this attaches with the RF waveguides. To model the RF environment this RF waveguides then establish wired connection among RF elements like splitters, attenuators and switches. In such kind of set up it’s well possible to vary the path characteristics by altering the attenuators and switches. The major advantage of using APTB is the possibility of isolated, well controlled, repeatable test environment in various conditions to run statistical analysis and even to execute regression tests. This paper provides an overview of the design and implementation of APTB, demonstrates its ability to automate test cases, and its efficiency.
IPv6 over LoRaWAN™
(2016)
Although short-range wireless communication explicitly targets local and regional applications, range continues to be a highly important issue. The range directly depends on the so-called link budget, which can be increased by the choice of modulation and coding schemes. The recent transceiver generation in particular comes with extensive and flexible support for software-defined radio (SDR). The SX127× family from Semtech Corp. is a member of this device class and promises significant benefits for range, robust performance, and battery lifetime compared to competing technologies. This contribution gives a short overview of the technologies to support Long Range (LoRa™) and the corresponding Layer 2 protocol (LoRaWAN™). It particularly describes the possibility to combine the Internet Protocol, i.e. IPv6, into LoRaWAN™, so that it can be directly integrated into a full-fledged Internet of Things (IoT). The proposed solution, which we name 6LoRaWAN, has been implemented and tested; results of the experiments are also shown in this paper.
Climate change and resultant scarcity of water are becoming major challenges for countries around the world. With the advent of Wireless Sensor Networks (WSN) in the last decade and a relatively new concept of Internet of Things (IoT), embedded systems developers are now working on designing control and automation systems that are lower in cost and more sustainable than the existing telemetry systems for monitoring. The Indus river basin in Pakistan has one of the world's largest irrigation systems and it is extremely challenging to design a low-cost embedded system for monitoring and control of waterways that can last for decades. In this paper, we present a hardware design and performance evaluation of a smart water metering solution that is IEEE 802.15.4-compliant. The results show that our hardware design is as powerful as the reference design, but allows for additional flexibility both in hardware and in firmware. The indigenously designed solution has a power added efficiency (PAE) of 24.7% that is expected to last for 351 and 814 days for nodes with and without a power amplifier (PA). Similarly, the results show that a broadband communication (434 MHz) over more than 3km can be supported, which is an important stepping stone for designing a complete coverage solution of large-scale waterways.
The IEEE 1588 precision time protocol (PTP) is a time synchronization protocol with sub-microsecond precision primarily designed for wired networks. In this letter, we propose wireless precision time protocol (WPTP) as an extension to PTP for multi-hop wireless networks. WPTP significantly reduces the convergence time and the number of packets required for synchronization without compromising on the synchronization accuracy.
Due to climate change and scarcity of water reservoirs, monitoring and control of irrigation systems is now becoming a major focal area for researchers in Cyber-Physical Systems (CPS). Wireless Sensor Networks (WSNs) are rapidly finding their way in the field of irrigation and play the key role as data gathering technology in the domain of IoT and CPS. They are efficient for reliable monitoring, giving farmers an edge to take precautionary measures. However, designing an energy-efficient WSN system requires a cross-layer effort and energy-aware routing protocols play a vital role in the overall energy optimization of a WSN. In this paper, we propose a new hierarchical routing protocol suitable for large area environmental monitoring such as large-scale irrigation network existing in the Punjab province of Pakistan. The proposed protocol resolves the issues faced by traditional multi-hop routing protocols such as LEACH, M-LEACH and I-LEACH, and enhances the lifespan of each WSN node that results in an increased lifespan of the whole network. We used the open-source NS3 simulator for simulation purposes and results indicate that our proposed modifications result in an average 27.8% increase in lifespan of the overall WSN when compared to the existing protocols.
eTPL: An Enhanced Version of the TLS Presentation Language Suitable for Automated Parser Generation
(2017)
The specification of the Transport Layer Security (TLS) protocol defines its own presentation language used for the purpose of semi-formally describing the structure and on-the-wire format of TLS protocol messages. This TLS Presentation Language (TPL) is more expressive and concise than natural language or tabular descriptions, but as a result of its limited objective has a number of deficiencies. We present eTPL, an enhanced version of TPL that improves its expressiveness, flexibility, and applicability to non-TLS scenarios. We first define a generic model that describes the parsing of binary data. Based on this, we propose language constructs for TPL that capture important information which would otherwise have to be picked manually from informal protocol descriptions. Finally, we briefly introduce our software tool etpl-tool which reads eTPL definitions and automatically generates corresponding message parsers in C++. We see our work as a contribution supporting sniffing, debugging, and rapid-prototyping of wired and wireless communication systems.
The Thread protocol is a recent development based on 6LoWPAN (IPv6 over IEEE 802.15.4), but with extensions regarding a more media independent approach, which – additionally – also promises true interoperability. To evaluate and analyse the operation of a Thread network a given open source 6LoWPAN stack for embedded devices (emb::6) has been extended in order to comply with the Thread specification. The implementation covers Mesh Link Establishment (MLE) and network layer functionality as well as 6LoWPAN mesh under routing mechanism based on MAC short addresses. The development has been verified on a virtualization platform and allows dynamical establishment of network topologies based on Thread's partitioning algorithm.
OPC UA (Open Platform Communications Unified Architecture) is already a well-known concept used widely in the automation industry. In the area of factory automation, OPC UA models the underlying field devices such as sensors and actuators in an OPC UA server to allow connecting OPC UA clients to access device-specific information via a standardized information model. One of the requirements of the OPC UA server to represent field device data using its information model is to have advanced knowledge about the properties of the field devices in the form of device descriptions. The international standard IEC 61804 specifies EDDL (Electronic Device Description Language) as a generic language for describing the properties of field devices. In this paper, the authors describe a possibility to dynamically map and integrate field device descriptions based on EDDL into OPCUA.
Legacy industrial communication protocols are proved robust and functional. During the last decades, the industry has invented completely new or advanced versions of the legacy communication solutions. However, even with the high adoption rate of these new solutions, still the majority industry applications run on legacy, mostly fieldbus related technologies. Profibus is one of those technologies that still keep on growing in the market, albeit a slow in market growth in recent years. A retrofit technology that would enable these technologies to connect to the Internet of Things, utilize the ever growing potential of data analysis, predictive maintenance or cloud-based application, while at the same time not changing a running system is fundamental.
The paper describes the hardware and software architecture of the developed multi MEMS sensor prototype module, consisting of ARM Cortex M4 STM32F446 microcontroller unit, five 9-axis inertial measurement units MPU9255 (3D accelerometer, 3D gyroscope, 3D magnetometer and temperature sensor) and a BMP280 barometer. The module is also equipped with WiFi wireless interface (Espressif ESP8266 chip). The module is constructed in the form of a truncated pyramid. Inertial sensors are mounted on a special basement at different angles to each other to eliminate hardware sensors drifts and to provide the capability for self-calibration. The module fuses information obtained from all types of inertial sensors (acceleration, rotation rate, magnetic field and air pressure) in order to calculate orientation and trajectory. It might be used as an Inertial Measurement Unit, Vertical Reference Unit or Attitude and Heading Reference System.
The low cost and small size of MEMS inertial sensors allows their combination into a multi sensor module in order to improve performance. However the different linear accelerations measured on different places on a rotating rigid body have to be considered for the proper fusion of the measurements. The errors in measurement of MEMS inertial sensors include deterministic imperfection, but also random noise. The gain in accuracy of using multiple sensors depends strongly on the correlation between these errors from the different sensors. Although for sensor fusion it usually assumed that the measurement errors of different sensors are uncorrelated, estimation theory shows that for the combination of the same type of sensors actually a negative correlation will be more beneficial. Therefore we describe some important and often neglected considerations for the combination of several sensors and also present some preliminary results with regard to the correlation of measurements from a simple multi sensor setup.
A novel approach of a test environment for embedded networking nodes has been conceptualized and implemented. Its basis is the use of virtual nodes in a PC environment, where each node executes the original embedded code. Different nodes run in parallel, connected via so-called virtual channels. The environment allows to modifying the behavior of the virtual channels as well as the overall topology during runtime to virtualize real-life networking scenarios. The presented approach is very efficient and allows a simple description of test cases without the need of a network simulator. Furthermore, it speeds up the process of developing new features as well as it supports the identification of bugs in wireless communication stacks. In combination with powerful test execution systems, it is possible to create a continuous development and integration flow.
Wireless Sensor Networks (WSN) have emerged as interesting topic in the research community due to its manifold applications. One of the main challenges of this field is the energy consumption of the nodes, which typically is quite restricted due to the required lifetime of such WSNs. To solve that problem several energy-saving MAC protocols have been developed so far. One of them recently presented by the authors is the so-called SmartMAC as an extension to the IEEE802.15.4 standard. In this paper, we present the implementation details of the porting of the SmartMAC protocol to the discrete event network simulator NS3. We develop this module for NS3 to simulate the performance, multi node execution, and multi node configuration. Along with this model, we also present an energy model for the evaluation of the energy consumption. The current implementation in NS3 is based on the LR-WPAN (Low-Rate Wireless Personal Area Networks) as specified by the IEEE802.15.4 (2006) standard. The simulation results show that the SmartMAC with its sleep and wake-up mechanisms for the transceivers, is significantly more efficient than the current NS3 MAC (Medium Access Control) scheme.
Die neueste Generation von programmierbaren Logikbausteinen verfügt neben den konfigurierbaren Logikzellen über einen oder mehrere leistungsfähige Mikroprozessoren. In dieser Arbeit wird gezeigt, wie ein bestehendes Zwei-Chip-System auf einen Xilinx Zynq 7000 mit zwei ARM A9-Cores migriert wird. Bei dem System handelt es sich um das „GPS-gestützte Kreisel-system ADMA“ des Unternehmens GeneSys. Die neue Lösung verbessert den Datenaustausch zwischen dem ersten Mikroprozessor zur digitalen Signalverarbeitung und dem zweiten Prozessor zur Ablaufsteuerung durch ein Shared Memory. Für die schnelle und echtzeitfähige Datenübertragung werden zahlreiche hochbitratige Schnittstellengenutzt.
A novel approach of a testbed for embedded networking nodes has been conceptualized and implemented. It is based on the use of virtual nodes in a PC environment, where each node executes the original embedded code. Different nodes are running in parallel and are connected via so-called virtual interfaces. The presented approach is very efficient and allows a simple description of test cases without the need of a network simulator. Furthermore, it speeds up the process of developing new features.
The M-Bus protocol (EN13757) is in widespread use for metering applications within home area and neighborhood area networks, but lacks a strict specification. This may lead to incompatibilities in real-life installations and to problems in the deployment of new M-Bus networks. This paper presents the development of a novel testbed to emulate physical Metering Bus (M-Bus) networks with different topologies and to allow the flexible verification of real M-Bus devices in real-world scenarios. The testbed is designed to support device manufacturers and service technicians in test and analysis of their devices within a specific network before their installation. The testbed is fully programmable, allowing flexible changes of network topologies, cable lengths and types. Itis easy to use, as only the master and the slaves devices have to be physically connected. This allows to autonomously perform multiple tests, including automated regression tests. The testbed is available to other researchers and developers. We invite companies and research institutions to use this M-Bus testbed to increase the common knowledge and real-world experience.
In this work, we consider a duty-cycled wireless sensor network with the assumption that the on/off schedules are uncoordinated. In such networks, as all nodes may not be awake during the transmission of time synchronization messages, nodes will require to re-transmit the synchronization messages. Ideally a node should re-transmit for the maximum sleep duration to ensure that all nodes are synchronized. However, such a proposition will immensely increase the energy consumption of the nodes. Such a situation demands that there is an upper bound of the number of retransmissions. We refer to the time a node spends in re-transmission of the control message as broadcast duration. We ask the question, what should be the broadcast duration to ensure that a certain percentage of the available nodes are synchronized. The problem to estimate the broadcast duration is formulated so as to capture the probability threshold of the nodes being synchronized. Results show the proposed analytical model can predict the broadcast duration with a given lower error margin under real world conditions, thus demonstrating the efficiency of our solution.
IPv6 over resource-constrained devices (6Lo) emerged as a de-facto standard for the Internet of Things (IoT) applications especially in home and building automation systems. We provide results of an investigation of the applicability of 6LoWPAN with RPL mesh networks for home and building automation use cases. The proper selection of Trickle parameters and neighbor reachable time-outs is important in the RPL protocol suite to respond efficiently to any path failure. These parameters were analyzed in the context of energy consumption w.r.t the number of control packets. The measurements were performed in an Automated Physical Testbeds (APTB). The results match the recommendation by RFC 7733 for selecting various parameters of RPL protocol suite. This paper shows the relationship between various RPL parameters and control traffic overhead during network rebuild. Comparative measurement results with Bluetooth Low Energy (BLE) in this work showed that 6Lo with RPL outperformed BLE in this use case with less control traffic overheads.
In the last decade, IPv6 over Low power Wireless Personal Area Networks (IEEE802.15.4), also known as 6LoWPAN, has well evolved as a primary contender for short range wireless communications and holds the promise of an Internet of Things, which is completely based on the Internet Protocol. The authors' team has developed a 6LoWPAN protocol stack in C language, the stack without the necessity to use a specific design environment or operating system. It is highly flexible, modular, and portable and can be enhanced by several interesting modules, like a Wake-On-Radio-(WOR) MAC layer or a TLS1.2 based security sublayer. The stack is made available as open source at https://github.com/hso-esk/emb6. It was extensively tested on the Automated Physical Testbed (APTB) for Wireless Systems, which is available in the authors' lab and allows a flexible setup and full control of arbitrary topologies. The results of the measurements demonstrate a very good stability and short-term with long-term performance also under dynamic conditions.
Wireless communication systems more and more become part of our daily live. Especially with the Internet of Things (IoT) the overall connectivity increases rapidly since everyday objects become part of the global network. For this purpose several new wireless protocols have arisen, whereas 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks) can be seen as one of the most important protocols within this sector. Originally designed on top of the IEEE802.15.4 standard it is a subject to various adaptions that will allow to use 6LoWPAN over different technologies; e.g. DECT Ultra Low Energy (ULE). Although this high connectivity offers a lot of new possibilities, there are several requirements and pitfalls coming along with such new systems. With an increasing number of connected devices the interoperability between different providers is one of the biggest challenges, which makes it necessary to verify the functionality and stability of the devices and the network. Therefore testing becomes one of the key components that decides on success or failure of such a system. Although there are several protocol implementations commonly available; e.g., for IoT based systems, there is still a lack of according tools and environments as well as for functional and conformance testing. This article describes the architecture and functioning of the proposed test framework based on Testing and Test Control Notation Version 3 (TTCN-3) for 6LoWPAN over ULE networks.
Due to its numerous application fields and benefits, virtualization has become an interesting and attractive topic in computer and mobile systems, as it promises advantages for security and cost efficiency. However, it may bring additional performance overhead. Recently, CPU virtualization has become more popular for embedded platforms, where the performance overhead is especially critical. In this article, we present the measurements of the performance overhead of the two hypervisors Xen and Jailhouse on ARM processors in the context of the heavy load “Cpuburn-a8” application and compare it to a native Linux system running on ARM processors.
Remote code attestation protocols are an essential building block to offer a reasonable system security for wireless embedded devices. In the work at hand we investigate in detail the trustability of a purely software-based remote code attestation based inference mechanism over the wireless when e.g. running the prominent protocol derivate SoftWare-based ATTestation for Embedded Devices (SWATT). Besides the disclosure of pitfalls of such a protocol class we also point out good parameter choices which allow at least a meaningful plausibility check with a balanced false positive and false negative ratio.
Covert channels have been known for a long time because of their versatile forms of appearance. For nearly every technical improvement or change in technology, such channels have been (re-)created or known methods have been adapted. For example, the introduction of hyperthreading technology has introduced new possibilities for covert communication between malicious processes because they can now share the arithmetic logical unit as well as the L1 and L2 caches, which enable establishing multiple covert channels. Even virtualization, which is known for its isolation of multiple machines, is prone to covert- and side-channel attacks because of the sharing of resources. Therefore, it is not surprising that cloud computing is not immune to this kind of attacks. Moreover, cloud computing with multiple, possibly competing users or customers using the same shared resources may elevate the risk of illegitimate communication. In such a setting, the “air gap” between physical servers and networks disappears, and only the means of isolation and virtual separation serve as a barrier between adversary and victim. In the work at hand, we will provide a survey on vulnerable spots that an adversary could exploit trying to exfiltrate private data from target virtual machines through covert channels in a cloud environment. We will evaluate the feasibility of example attacks and point out proposed mitigation solutions in case they exist.
The Internet of Things (IoT), ubiquitous computing and ubiquitous connectivity, Cyber Physical Systems (CPS), ambient intelligence, Machine-to-Machine communication (M2M) or Car-to-Car (C2C)-communication, smart metering, smart grid, telematics, telecare, telehealth – there are many buzzwords around current developments related to the Internet.
This contribution gives an overview on such IoT-applications, as they are already used today to improve the availability of information, increase efficiency, push system limits and extend the value chain. At a closer look, the economic and technical development can be separated into different phases. It is interesting that we are currently at the threshold to a new phase, with decentralized and cooperative communication and control nodes as cornerstones. Thus, embedded systems and their connectivity are in the middle of the scene.
This recent development is described along with some example projects from the author’s team which are used in industrial automation, energy supply and distribution (home automation and smart metering), traffic engineering (cooperative driver assistance systems), and in telehealth and telecare.
Extended Performance Measurements of Scalable 6LoWPAN Networks in an Automated Physical Testbed
(2015)
IPv6 over Low power Wireless Personal Area Networks, also known as 6LoWPAN, is becoming more and more a de facto standard for such communications for the Internet of Things, be it in the field of home and building automation, of industrial and process automation, or of smart metering and environmental monitoring. For all of these applications, scalability is a major precondition, as the complexity of the networks continuously increase. To maintain this growing amount of connected nodes a various 6LoWPAN implementations are available. One of the mentioned was developed by the authors' team and was tested on an Automated Physical Testbed for Wireless Systems at the Laboratory Embedded Systems and Communication Electronics of Offenburg University of Applied Sciences, which allows the flexible setup and full control of arbitrary topologies. It also supports time-varying topologies and thus helps to measure performance of the RPL implementation. The results of the measurements prove an excellent stability and a very good short and long-term performance also under dynamic conditions. In all measurements, there is an advantage of minimum 10% with regard to the average times, like global repair time; but the advantage with reagr to average values can reach up to 30%. Moreover, it can be proven that the performance predictions from other papers are consistent with the executed real-life implementations.
We propose secure multi-party computation techniques for the distributed computation of the average using a privacy-preserving extension of gossip algorithms. While recently there has been mainly research on the side of gossip algorithms (GA) for data aggregation itself, to the best of our knowledge, the aforementioned research line does not take into consideration the privacy of the entities involved. More concretely, it is our objective to not reveal a node's private input value to any other node in the network, while still computing the average in a fully-decentralized fashion. Not revealing in our setting means that an attacker gains only minor advantage when guessing a node's private input value. We precisely quantify an attacker's advantage when guessing - as a mean for the level of data privacy leakage of a node's contribution. Our results show that by perturbing the input values of each participating node with pseudo-random noise with appropriate statistical properties (i) only a minor and configurable leakage of private information is revealed, by at the same time (ii) providing a good average approximation at each node. Our approach can be applied to a decentralized prosumer market, in which participants act as energy consumers or producers or both, referred to as prosumers.
Die Vision vom "Internet der Dinge" prägt seit Jahren Forschung und Entwicklung, wenn es um smarte Technologien und die Vernetzung von Geräten geht. In der Zukunft wird die reale Welt zunehmend mit dem Internet verknüpft, wodurch zahlreiche Gegenstände (Dinge) des normalen Alltags dazu befähigt werden, zu interagieren und sowohl online als auch autark zu kommunizieren. Viele Branchen wie Medizin, Automobilbau, Energieversorgung und Unterhaltungselektronik sind gleichermaßen betroffen, wodurch trotz Risiken auch neues wirtschaftliches Potential entsteht. Im Bereich "Connected Home" sind bereits Lösungen vorhanden, mittels intelligenter Vernetzung von Haushaltsgeräten und Sensoren, die Lebensqualität in den eigenen vier Wänden zu erhöhen. Diese Arbeit beschäftigt sich mit dem Thread Protokoll; einer neuen Technologie zur Integration mehrerer Kommunikationsschnittstellen innerhalb eines Netzwerks. Darüber hinaus wird die Implementierung auf Netzwerkebene (Network Layer) vorgestellt, sowie aufbereitete Informationen bezüglich verwendeter Technologien dargestellt.
Covert and Side-Channels have been known for a long time due to their versatile forms of appearance. For nearly every technical improvement or change in technology, such channels have been (re-)created or known methods have been adapted. For example the introduction of hyperthreading technology has introduced new possibilities for covert communication between malicious processes because they can now share the arithmetic logical unit (ALU) as well as the L1 and L2 cache which enables establishing multiple covert channels. Even virtualization which is known for its isolation of multiple machines is prone to covert and side-channel attacks due to the sharing of resources. Therefore itis not surprising that cloud computing is not immune to this kind of attacks. Even more, cloud computing with multiple, possibly competing users or customers using the same shared resources may elevate the risk of unwanted communication. In such a setting the ”air gap” between physical servers and networks disappears and only the means of isolation and virtual separation serve as a barrier between adversary and victim. In the work at hand we will provide a survey on weak spots an adversary trying to exfiltrate private data from target virtual machines could exploit in a cloud environment. We will evaluate the feasibility of example attacks and point out possible mitigation solutions if they exist.