Slides from the ECU Security Research Institute seminar Monday March 2013, presented by Dr Mike Johnstone. Given the explosion that is the “Internet of Things”, wireless sensors are set to outstrip devices such as computers and smart phones on the Internet. These sensors are used for home automation, smart grids, military deployment etc. However, in contrast to their wired equivalents, wireless networks usually have dynamic topologies, are unprotected from other signals sharing the same medium, and are significantly less reliable than wired networks. This raises issues for such networks in terms of reliability and security- a thorny topic for critical infrastructure. This seminar will explore the scope of wireless sensor networks and evaluate some significant security issues in this space. Speaker Profile Dr Mike Johnstone is a member of the Security Research Institute at Edith Cowan University (ECU) in Western Australia where he teaches secure programming. His research interests include secure development methodologies (for mobile applications), wireless sensor networks (for military systems) and cloud security (for e-Health data sharing). He has been a contractor for private industry, government and research organisations and has held various roles including programmer, systems analyst, project manager and network manager before moving to academia. The ECU Security Research Institute (ECUSRI) is a research unit with Edith Cowan University.

1. Edith Cowan University
Security Research Institute
Security in Wireless Sensor Networks
Security in Wireless(1) Sensor(2)
Networks(3) - Two Out of Three
Ain't Bad?
Mike Johnstone
m.johnstone@ecu.edu.au
Copyright 2013 - Security Research Institute, Edith Cowan University 1

2. Edith Cowan University
Security Research Institute
Agenda
• The Scope of Wireless Sensor Networks
• What are Wireless Sensors?
• An example WSN technology
• Case Studies
• Security issues with WSN devices
Copyright 2013 - Security Research Institute, Edith Cowan University 2

3. Edith Cowan University
Security Research Institute
The Internet of things…
(Cisco, 2011)
Copyright 2013 - Security Research Institute, Edith Cowan University 3

4. Edith Cowan University
Security Research Institute
The Internet of things…
(Cisco, 2011)
Copyright 2013 - Security Research Institute, Edith Cowan University 4

5. Edith Cowan University
Security Research Institute
Wireless Sensor Networks
• Cheap and robust
• A multitude of uses, including:
– Home automation, tagging goods, weather
reporting
– Home monitoring of individuals in aged care
environments
– Automated meter reading for public/private
utilities
Copyright 2013 - Security Research Institute, Edith Cowan University 5

6. Edith Cowan University
Security Research Institute
What exactly is a Wireless Sensor?
• Each node has:
– A microprocessor
– Some memory
– One or more sensors (audio, video…)
– Some way to communicate wirelessly with other
nodes
Copyright 2013 - Security Research Institute, Edith Cowan University 6

7. Edith Cowan University
Security Research Institute
Wireless Sensor Node
(CC2431 on Battery Board)
Copyright 2013 - Security Research Institute, Edith Cowan University 7

8. Edith Cowan University
Security Research Institute
Wireless Sensor Node
(Waspmote)
Weight: 20g
Power consumption: 15mA on, 55 A sleep
Built-in: temp sensor and accelerometer
Wireless protocols supported: 8
Sensors available: 60
Copyright 2013 - Security Research Institute, Edith Cowan University 8

9. Edith Cowan University
Security Research Institute
Manufactured by…
• Atmel
• Libelium
• Samsung
• Texas Instruments
• …
Copyright 2013 - Security Research Institute, Edith Cowan University 9

10. Edith Cowan University
Security Research Institute
A Spectrum of Capabilities
Wireless Standards
802.11b
Complexity
BlueTooth
ZigBee
Data Rate
Copyright 2013 - Security Research Institute, Edith Cowan University 10

11. Edith Cowan University
Security Research Institute
Mesh Networks
Copyright 2013 - Security Research Institute, Edith Cowan University 11

12. Edith Cowan University
Security Research Institute
Low Power WSN Standards
• ZigBee
• Z-Wave
• WirelessHART
• 6LoWPAN
• …
Copyright 2013 - Security Research Institute, Edith Cowan University 12

13. Edith Cowan University
Security Research Institute
6LoWPAN
• Problem: WSN protocols and the Internet are
incompatible
• Solution: 6LoWPAN
• Lets any device be accessible from the
Internet
Copyright 2013 - Security Research Institute, Edith Cowan University 13

14. Edith Cowan University
Security Research Institute
Leading to…
Copyright 2013 - Security Research Institute, Edith Cowan University 14

15. Edith Cowan University
Security Research Institute
ZigBee-An example WSN standard
• Developed by the ZigBee Alliance
• Main characteristics
– low data rates
– low power consumption
– security
– reliability
Copyright 2013 - Security Research Institute, Edith Cowan University 15

16. Edith Cowan University
Security Research Institute
ZigBee
• Specific characteristics
– Operates on the 2.4 GHz ISM
(industrial, scientific and medical) band
– 16 channels available
– Range 10-75m
– Uses strong encryption
Copyright 2013 - Security Research Institute, Edith Cowan University 16

17. Edith Cowan University
Security Research Institute
ZigBee-aware devices can be used for…
• Home Automation
– Air conditioning
– Irrigation Systems
– Lighting Control Systems
– Meter Reading Systems
– Security Systems
– Universal Remote Control
Copyright 2013 - Security Research Institute, Edith Cowan University 17

18. Edith Cowan University
Security Research Institute
To connect devices like this to a HAN
Copyright 2013 - Security Research Institute, Edith Cowan University 18

19. Edith Cowan University
Security Research Institute
Example: Smart Grid
Copyright 2013 - Security Research Institute, Edith Cowan University 19

20. Edith Cowan University
Security Research Institute
Further uses of ZigBee
• Industrial Automation
– Asset Management
– Livestock Tracking
– Personnel Tracking
• Other Applications
– Fire Extinguishers
– Gas (air quality, forest fire) Sensors
– Room Access
Copyright 2013 - Security Research Institute, Edith Cowan University 20

21. Edith Cowan University
Security Research Institute
WSNs-Security issues
• Confidentiality
– Key distribution
– Key transmission
• Integrity
– False nodes joining the network
• Availability
– Susceptibility to denial-of-service attacks
Copyright 2013 - Security Research Institute, Edith Cowan University 21

22. Edith Cowan University
Security Research Institute
Case Studies: Valuable uses of WSNs
• Vehicle tracking
– Your car knows when the speed limit changes
• Heath care
– If someone is in trouble, an alert can be raised
• Environmental monitoring
– Track progress of chemical spills
• Battlefield intelligence
Copyright 2013 - Security Research Institute, Edith Cowan University 22

23. Edith Cowan University
Security Research Institute
WSNs-Current research at ECU-SRI
• Mitigation of denial of service attacks
• Advances in key distribution
• Using multi-agent systems to improve
decision-making
Copyright 2013 - Security Research Institute, Edith Cowan University 23

24. Edith Cowan University
Security Research Institute
Questions?
Copyright 2013 - Security Research Institute, Edith Cowan University 24