Utilizing Intervals in Component-based Design of Cyber Physical Systems

Steffen Peter, Tony Givargis

to appear in 10th IEEE International Conference on Embedded Software and Systems (ICESS), 2013

Within the design of Cyber Physical Systems, model-based approaches are powerful means to describe and test the behavior of the system. Still, a good methodology is needed to go from the idealized model environment to an implementable system architecture that is capable of dealing with uncertainties in both the physical and the cyber subsystem. This paper presents a concept that explicitly utilizes intervals to express uncertainties in the physical system, the control process and the cyber system to improve the robustness and stability of the design. This interval concept has been integrated in a component-based framework that allows one to describe properties of the components out of which the CPS is composed. With a prototype implementation of the component framework, this paper shows the usefulness of this approach for an exemplary CPS. The results indicate the practical benefits of value intervals for property assessment of composed CPSs which can be exploited at design time as well as run time.

Modeling and Mitigation of Faults in Cyber-Physical Systems with Binary Sensors

Volka Gunes, Steffen Peter, Tony Givargis

To appear in 13th IEEE International Conference on Computer and Information Technology (CIT), 2013

This paper presents an analysis framework for correct system operation (i.e. system success) of Cyber- Physical Systems (CPS) that deploy binary sensors with possible faults. We discuss potential faults in the interface part of such systems and address solutions for those faults in order to build dependable and reliable CPS applications. As a practical tool, we present a set of models in SIMULINK to help system designers extend simulations of general CPS applications that deploy binary sensor networks. We provide methodologies to add well-defined fault behaviors and offer assessment tools to measure the effects of possible faults on the overall system success. We demonstrate the feasibility of our contributions using a CPS application and explore various architectures for fault mitigation in a holistic design space exploration environment. With the ability to help system designers analyze and assess a non-trivial design space, the presented approach contributes to the design of fault-tolerant CPSs.

Demo Abstract: Self-Organized Bluetooth Scatternets for Wireless Sensor Networks

Michael Methfessel, Stefan Lange, Rolf Kraemer, Mario Zessack, Steffen Peter

11th ACM Conference on Embedded Networked Sensor Systems (SenSys), 2013

Real-Life Deployment of Bluetooth Scatternets for Wireless Sensor Networks

Michael Methfessel, Stefan Lange, Rolf Kraemer, Mario Zessack, Peter Kollermann, Steffen Peter

In Fifth Workshop on Real-World Wireless Sensor Networks (RealWSN), 2013

Bluetooth scatternets are constructed from overlapping piconets, allowing any number of nodes to be connected into a multi-hop wireless network. Although the topic has been researched for 15 years, actual deployments of self-organized scatternets are rare. We present experiences for scatternets with a tree topology built by the SFX algorithm, an extension of the SHAPER algorithm presented in 2003. After clarifying the innovative aspects of SFX, we present measurements for a laboratory test network of 24 nodes and for a real-life deployment in a photovoltaic power plant with 39 nodes.

Sens4U: Wireless Sensor Network Applications for Environment Monitoring Made Easy

Krzysztof Piotrowski, Steffen Peter

Fourth International Workshop on Software Engineering for Sensor Network Applications (SESENA) In conjunction with ACM/IEEE International Conference on Software Engineering (ICSE) May 18-26, 2013, San Francisco (USA)

The development of wireless sensor network (WSN) or cyber physical systems (CPS) applications is a complex and error prone task. This is due to the huge number of possible combinations of protocols and other software modules, to choose from. Additionally, testing of the chosen configuration and the individual software modules is not a trivial task, especially in case where they are all implemented from scratch. The aim of the Sens4U methodology we present in this paper is to simplify and possibly automatize the process of building a WSN application and to simplify its testing. The main idea of our approach is to exploit the modularity of the available libraries in order to speed-up application development done by non-WSN-experts and to solve the real-life problems. The proposed abstraction is very powerful¸¶the modules provide specific functionalities via defined interfaces and can be connected using these according to the application requirements, to create the desired and minimum target configuration. The modularity improves the testability and reuse of components and thus, their reliability and, as a result, the reliability of the target configurations. Further, the Sens4U approach goes beyond pure software generation and supports creating software and hardware configurations. We are currently focusing on environment monitoring scenarios in order to analyze this problem area in the semi-automatic computer aided application logic generalization process. This paper presents the general concept as well as the tool chain that supports the application development done by non-WSN-experts.

A Ball Goes to School - Our Experiences from a CPS Design Experiment

Steffen Peter, Frank Vahid, Daniel D. Gajski, Tony Givargis

First NSF Workshop on CPS Education (at CPSWeek 2013), April 8th, 2013 in Philadelphia, Pennsylvania, US

Teaching the methodologies of Cyber Physical System (CPS) design requires good examples that are easy to understand and tools that are commonly used in practice. This paper presents our experiences during the practical execution of model-driven design processes applying a range of state-of-the-art design tools for a novel and simple example from the CPS domain. The Falling Ball example has several properties that support teaching basic design principles of CPSs. On one end, students use a number of modeling tools to design and simulate the Falling Ball example. On the other end, students actually build the Falling Ball example using a variety of approaches. Our methodology teaches not only the tools and how to use them to design a CPS system but imparted general concepts such as the need for modeling and the presence of certain technical problems and challenges. This paper presents the example, the applied tools and experiences gained during the first test run of this example in our research group. We plan to use the material presented here in an introduction to CPS course to be offered at UCI later in 2013. In this work we share our experiences with the larger educational community.

[PDF], [Slides]
Tool-supported Methodology for Component-based Design of Wireless Sensor Network Applicationss

Steffen Peter, Peter Langendörfer

CORCS 2012- The 4th IEEE International Workshop on Component-Based Design of Resource-Constrained Systems, in conjunction with COMPSAC 2012 - the IEEE Signature Conference on Computers, Software, and Applications. Izmir, Turkey, July 16-20, 2012

A major issue when developing Wireless sensor networks applications is the need for highly specialized knowledge in the field of embedded programming, networking and in the application domain. In order to speed up the development process, a new methodology for WSN application development is required. It needs to provide ready to use building blocks as well as means to map application requirements to technical features provided by these blocks. Last but not least, mechanisms to select appropriate building blocks and to evaluate the system compiled out of these blocks are essentially needed. This paper presents a design flow fulfilling the mentioned features. In a first step, user requirements elicited from a managed catalog are translated to a graph structure. Then, properties of the composed system derived from meta-information of the applied components are evaluated to resolve constraints ¸¶representing application requirements and/or features of the target system¸¶ in the derived system model. The validity of the methodology, for which the needed tool support has actually been implemented, is shown in an example that illustrates how this approach can propose correct configurations for secure systems as proposed in related work. Since the approach allows designing correct and fine-tuned solutions even for general application requirements we consider it to be a significant step towards improved programmability of WSN nodes.

[PDF], [URN]
Tool-Supported Development of Secure Wireless Sensor Networks

Steffen Peter

Dissertation, BTU Cottbus, Germany, December 13, 2011

The development of secure systems is already a very challenging task. In the domain of wireless sensor networks this challenge is even aggravated by severe constraints of the sensor node devices and the exposed character of the networks. To cope with this issue, this thesis proposes a tool-supported development flow named configKIT, that helps users to integrate secured applications in the domain of Wireless Sensor Networks. It is a component-based framework that selects and composes configurations of hardware and software components for WSN applications from high-level user requirements, automatically. Therefore, the composition process utilizes a flexible meta-model to describe properties of the components, the requirements, and the system semantics, which allows the assessment of the behavior of the composed system. Based on this modeling technology five practical security models are investigated, which base on different technical views on a general security ontology for WSNs. Each model is discussed theoretically and practically, based on a practical integration in the configKIT framework. The configuration toolkit and the security models are finally evaluated by applying the techniques developed to the non-trivial example of secure in-network aggregation. The evaluation shows that all five practical security models developed in this thesis work correctly and with reasonable model overhead. These results promote the notion of a practically applicable toolkit to configure secure applications in WSNs.

Sensor Node Processor for Security Applications

Goran Panic, Thomas Basmer, Oliver Schrape, Steffen Peter, Frank Vater, Klaus Tittelbach-Helmrich

ICECS 2011 - The 18th IEEE International Conference on Electronics, Circuits, and Systems (ICECS), Beirut, Lebanon, December 11-14, 2011

In this paper we present a sensor node processor designed to support complex data encryption/decryption operations. The system is developed around an asynchronous processor core supported by AES, ECC and SHA-1 crypto accelerators. The paper describes the chip architecture and its components and gives the chip implementation details. Finally, the power and performance of the chip have been discussed and analyzed.

Bluetooth Scatternet Tree Formation for Wireless Sensor Networks

Michael Methfessel, Steffen Peter, Stefan Lange

WISARN-FALL 2011 - International Workshop on Wireless Sensor, Actuator and Robot Networks (WISARN), Valencia, Spain, October 17, 2011

Wireless sensor and actor networks based on Bluetooth technology require an algorithm to build up and maintain a Bluetooth scatternet. Although much research has been done, actual deployment is rare because a self-organizing and self-healing procedure suitable for actual Bluetooth nodes has not yet been developed. We present the SFX algorithm to build a scatternet tree with the required properties. The method was verified by simulations for up to 400 nodes and by field tests.

Implementation Analysis of the IEEE 802.15.4 MAC for Wireless Sensor Networks

Thomas Basmer, Henry Schomann, Steffen Peter

iCOST 2011 - International Conference on Selected Topics in Mobile and Wireless Networking (iCOST), Shanghai, China, October 10-12, 2011

IEEE 802.15.4 is the dominant Medium Access Control protocol in wireless sensor networks. To implement this protocol on such severely resource constraint devices, several trade-offs have to be considered. This paper presents an analysis of IEEE 802.15.4 software implementations available for typical sensor node systems, such as the MSP430 from Texas Instruments. We discuss the available implementations concerning the supported features, flexibility issues and the efficiency of the implementations. The latter is based on a static code analysis that allows to measure and compare the number of clock cycles, needed to execute specific MAC functionalities. The result of the study is that the performance of the implementations does not correlate with the number of supported features but rather inversely with the implementation flexibility. The results do not only support integrators of 802.15.4-based networks but help identifying key aspects of future implementations of the protocol.

Monitoring drinking water pipelines - WSAN demonstrator in Frankfurt/Oder

Steffen Peter, Gerd Weber (FWA mbH)

Eurescom mess@ge, issue 1/2011, March 2011

Drinking water provision is a critical infrastructure that can benefit from Wireless Sensor and Actuator Networks (WSANs). As part of the WSAN4CIP project, we implemented a demonstrator to prove the feasibility of WSANs. This technology cannot only increase the economic efficiency of the pipeline network, but also improve its safety and security.

[PDF] copyright by IEEE
Inferring Technical Constraints of a Wireless Sensor Network Application from End-User Requirements

Felix Jonathan Oppermann, Steffen Peter

The 6th International Conference on Mobile Ad-hoc and Sensor Networks (MSN'10), 20 - 22 Dec 2010, Hangzhou, China

This paper describes a two-step process to infer specific technical constraints and parameters needed for a reliable mission-specific design of wireless sensor networks (WSN). As the first step, we propose a new requirement catalog helping end-users to formulate a complete and consistent specification of WSN mission requirements. Its generality allows the unambiguous characterization of a wide spectrum of applications from the end-users perspective. As the second step, we introduce a methodology to deduce fine grained technical specifications from the general requirements. The proposed automatic graph-based requirement expansion approach translates the content of the catalog and additional requirements to specific technical terms, which provide the basis for an application-specific WSN design. A real-world use case - a new WSN application in the area of critical infrastructure protection - demonstrates the applicability of the presented approach.

[PDF] copyright by IEEE
How key establishment in medical sensor networks benefits from near field communication technology

Oliver Maye, Steffen Peter

IOTS 2010 - The 1st IEEE/ACM Internet of Things Symposium, in conjunction with GreenCom 2010, Hangzhou, China, December 18-20, 2010

A major design challenge for medical sensor networks (MSN) is to assure security of the communication links despite of the extremely scarce computational resources. From the security perspective, the establishment of trust during the initial key negotiation phase is a critical issue. The work presented is dedicated to the problem of initially pairing a network node with its sink. The proposed algorithm greatly benefits from near field communication (NFC) technology. Its small operating distance inherently introduces a close coupling between a nodes physical presence and its logical certificate. Important advantage is drawn from the hierarchical architecture of typical MSNs.

[PDF (German)] [SLIDES (German)]
Test of a Bluetooth Transmission Path for Process Automation - Test einer Bluetooth-Funkstrecke für die Prozessautomatisierung (received "Young Engineer Award")

Jana Krimmling, Matthias Mahlig, Steffen Peter

SPS/IPC/Drives 2010, Nuremberg, November 23-25, 2010

Communication technology becomes more important in the field of process automation during the last years. The integration of smart radio based solutions into process automation systems is popular in research and industry. Here we present a Bluetooth based test track operating in a sewage treatment plant. Therefor, we developed novel hardware components based on Bluetooth communication with integrated microcontroller that can provide additional services, monitoring and local intelligence. The radio link quality is analyzed by comparison of the radio link with a conventional wired link used in parallel. The results are promising but room for improvement is identified.

Adaptable Security in Wireless Sensor Networks by Using Reconfigurable ECC Hardware Coprocessors

J. Portilla, A. Otero, E. de la Torre, T. Riesgo, O. Stecklina, St. Peter, P. Langendörfer

International Journal of Distributed Sensor Networks, vol. 2010 (2010)

Specific features of Wireless Sensor Networks (WSNs) like the open accessibility to nodes, or the easy observability of radio communications, lead to severe security challenges. The application of traditional security schemes on sensor nodes is limited due to the restricted computation capability, low-power availability, and the inherent low data rate. In order to avoid dependencies on a compromised level of security, a WSN node with a microcontroller and a Field Programmable Gate Array (FPGA) is used along this work to implement a state-of-the art solution based on ECC (Elliptic Curve Cryptography). In this paper it is described how the reconfiguration possibilities of the system can be used to adapt ECC parameters in order to increase or reduce the security level depending on the application scenario or the energy budget. Two setups have been created to compare the software- and hardware-supported approaches. According to the results, the FPGA-based ECC implementation requires three orders of magnitude less energy, compared with a low power microcontroller implementation, even considering the power consumption overhead introduced by the hardware reconfiguration.

[PDF] copyright by IEEE
An Engineering Approach for Secure and Safe Wireless Sensor and Actuator Networks for Industrial Automation Systems

Steffen Peter, Oliver Stecklina, Peter Langendörfer

ETFA 2009 - 14th IEEE International Conference on Emerging Techonologies and Factory Automation; Session: Security for industrial applications; September 22 - 26, 2009; Mallorca, Spain

Wireless communication and smart sensors and actuators pose means to sustainably improve automation technology. Unfortunately they also cause an abundance of new challenges regarding security and safety of the system. After introducing the security concepts, this paper discusses an engineering methodology to cope with security requirements in context of industrial automation. Two practical examples demonstrate how the solutions even for pretty similar scenarios can differ significantly. The proposed development flow promises a reliable objective engineering of proper system solutions. Key concepts of the flow are a holistic goal description and an iterative composition algorithm that inherently applies and extends existing knowledge.

Tool-supported Composition of Software Modules for Safe and Secure Wireless Sensor Networks

Steffen Peter

Invited Talk: TrustSoft Graduate School on Trustworthy Software Systems; Carl von Ossietzky Universität Oldenburg; June 6th 2009

The development of applications for Wireless Sensor Networks is technically challenging and utterly error-prone. The problem is that severe hardware constraints meet a wide spectrum of vulnerabilities given by the exposed nature of sensor nodes, the distributed character of services and the wireless communication in such networks. Requirements like safety and security are imperative for many sensor networks but increase the complexity of the development even further. The standard approach today is to develop the actual application first and add security and safety features when it eventually runs. Since such functions are not simple add-ons but core functions the result is mostly not satisfying. What is needed is a design flow that respects both the actual application running on small nodes and individual needs for safety and security from the very beginning of the development process. The talk discusses a configuration tool as center of a tool-supported development flow that could help coping with the complexity of the design-process of secure WSN applications. The idea is that such a tool, in a first step, resolves functional dependencies using a library containing available software modules and their properties. In a second step it performs a qualitative assessment of system and security-related properties like integrity, secrecy and robustness. The result will be a set of complete software configurations, including prediction of hardware requirements and security assessment that can be used as blueprint for further system integration. The talk demonstrates an early version of such a tool and addresses open issues that have to be solved before it can significantly improve the development process of safe and secure wireless sensor networks.

Demo: Reconfiguring Crypto Hardware Accelerators on Wireless Sensor Nodes

Steffen Peter, Oliver Stecklina, Jorge Portilla, Eduardo de la Torre, Teresa Riesgo, Peter Langendörfer

Demo session IEEE SECON 2009

Running strong cryptographic algorithms on wireless sensor nodes is extremely difficult due to their limited resources. Hardware accelerators are a suitable means to speed up the computation and reduce power consumption. The drawback of crypto ASICs is the loss of flexibility. In this paper we will shortly introduce a modular design of elliptic curve accelerators which allows to be adjusted to several NIST recommended curves be replacing its reduction unit. This partial reconfiguration will be executed on a Spartan 3 FPGA. The visualization will be done in the following way. Standard motes will be connected to the FPG. On the motes the algorithms will be executed in software. Switching between ECC with a long key i.e. 571bit and those with short key length e.g. to a key length of 163 bit, has a remarkable effect on the execution time. En-/decrypting messages sent to and received from the motes at the FPGA will show that ECC implementation has been reconfigured according to the selected curve on the motes.

tinyDSM: A Highly Reliable Cooperative Data Storage For Wireless Sensor Networks

Krzysztof Piotrowski, Peter Langendörfer, Steffen Peter

Distributed Collaborative Sensor Networks Workshop (DCSN 2009), Baltimore, May 18 - 22, 2009, USA

The advantage of a Wireless Sensor Network (WSN) compared to a centric approach is the distribution of sensing suites. However, in order for such a system of distributed resources to work in a reliable and effective way a smart cooperation between nodes is needed. In this paper we propose a middleware approach for a highly reliable data storage that helps to assure data availability despite the well known WSN resource problems and disappearing or inactive nodes by providing a reasonable data redundancy in the system. Such a solution helps to ease the design and optimization of the data exchange between nodes as well. Our solution is configurable in order to satisfy the needs of the application on top regarding performance/requirements trade-off. The options specify the quantity and quality of the data replication. Additional features like event mechanism that monitors the data and the possibility to issue database like queries increase the applicability of our middleware. In this paper we focus on the evaluation of its capabilities regarding reliability, the consistency of replicates and the costs of the data management. The simulation results for a reasonable set-up show that the CPU load caused by the data replication is low (below 3 percent) and the average inconsistency time is as small as about 0,06 seconds for a single hop and about 0,15 seconds for a two hops replication area. There is still room for improvements, but a clear definition of problems helps to find ways to cope with them in order to achieve the chosen goals.

[PDF] copyright by IEEE [BIBTEX]
In-Network-Aggregation as Case Study for a Support Tool Reducing the Complexity of Designing Secure Wireless Sensor Networks

Steffen Peter, Krzysztof Piotrowski, Peter Langendörfer

3rd IEEE International Workshop on Practical Issues in Building Sensor Network Applications (IEEE SenseApp 2008), held in conjunction with IEEE LCN 2008 (33rd IEEE Conference on Local Computer Networks), October 14-17, 2008, Montréal, Quebec

This paper shows how complex security-related design decisions in wireless sensor networks can be made less difficult with a proposed supporting tool. As case study in this paper we focus on in-network-aggregation which is a promising option to reduce network effort. We introduce several algorithms for concealed data aggregation, each with its own benefits and drawbacks concerning security issues but also with respect to code size, processing overhead etc. Selecting the optimal combination requires in-depth knowledge of programming resource constrained devices, protocols for those devices, and last but not least significant background in security. Our proposed configuration tool - named configKIT - has been designed to cope with such complexity. This paper presents how configKIT works, how it will be set up, and how it can be applied in practice. The pre-compiler assessment process considers memory, energy and security parameters and provides reliable application-dependent configurations to the developer before a single line of code is written. The approach can reduce development time significantly and enables even complex and sophisticated security algorithms to a broader public.

An On-chip Security Monitoring Solution For System Clock For Low Cost Devices

Frank Vater, Steffen Peter, Peter Langendörfer

3rd Workshop on Embedded Systems Security (WESS'2008) A Workshop of the IEEE/ACM EMSOFT'2008 and the Embedded Systems Week October 23, 2008

In this paper we present a new approach for a clock watchdog. This is an essential component to prevent secret key extraction from security hardware by side channel attacks based on clock manipulation. Our proposed circuit detects both too fast and too slow clock speeds and is implemented using only standard digital elements. We also introduce a post-fabrication configuration mechanism by using additional fusebits. In a 0.25um technology the circuit has an area less than 12,500um2 and consumes 2mA, so that an application in very constrained devices, such as wireless sensor nodes, is feasible.

Demo: configKIT - A Security-Aware Software-Configuration-Tool for Wireless Sensor Networks

Steffen Peter, Krzysztof Piotrowski, Peter Langendörfer

The demo presents a security centric configuration tool -- configKIT -- for software running on wireless sensor nodes. It selects modules from a library and combines them to a valid system satisfying application requirements given by the developer. In the selection process configKIT respects semantic and syntactic requirements of software and hardware, resolves dependencies, estimates memory consumption, and classifies the energy consumption. Additionally it emphasizes the classification of security properties, i.e. secrecy, robustness, or integrity, of the explored configurations. This function assist also non-security-experts in making their WSN-implementation more secure. The demo allows users to generate fine tuned solution even for rather general formulated application and security requirements, and to experience how even slight modifications of requirements can significantly change the recommended software configuration.

An Encryption-Enabled Network Protocol Accelerator

Steffen Peter, Mario Zessack, Frank Vater, Goran Panic, Horst Frankenfeldt and Michael Methfessel

6th International Conference on Wired/Wireless Internet Communications (WWIC 2008), May 28-30, 2008 - Tampere, Finland

Even in light-weight wireless computing applications, processing of network-protocols becomes more and more computation- and energyhungry, with increasing data rated and the need for security operations. To cope with such requirements and as alternative to heavy-weight computation systems we propose an embedded system that is build for fast networkprocessing while supporting acceleration of state-of-the-art symmetric (AES) and asymmetric (ECC) cryptographic operations. We demonstrate how to build a dedicated TCP accelerating system based on a pro ling analysis. We also discuss optimized implementations of the AES and ECC cryptographic protocols while considering the trade-off between software and hardware. Compared to an initial software-only implementation our nal system accelerates the protocol handling by a factor of three, while the cryptographic operations are improved by two orders of magnitude. Our system which was manufactured in 0.25um CMOS technology needs about 55 mW for a data rate of 40 MBit/sec.

A Survey on the Encryption of Convergecast-Traffic with In-Network Processing

Steffen Peter, Dirk Westhoff, Claude Castelluccia

IEEE Transactions on Dependable and Secure Computing to appear in 2009.

We present an overview of end-to-end encryption solutions for convergecast-traffic in wireless sensor networks that support in-network processing at forwarding intermediate nodes. Other than hop-by-hop based encryption approaches, aggregator nodes can perform in-network processing on encrypted data. Since it is not required to decrypt the incoming ciphers before aggregating substantial advantages are i) neither keys nor plaintext is available at aggregating nodes, ii) the overall energy consumption of the backbone can be reduced, iii) the system is more flexible with respect to changing routes, and finally iv) the overall system security increases. We provide a qualitative comparison of available approaches, point out their strengths respectively weaknesses and investigate opportunities for further research.

A Middleware Approach to Configure Security in WSN

Peter Langendörfer, Steffen Peter, Krzysztof Piotrowski, Renato Nunes, Augusto Casaca

1st ERCIM Workshop on eMobility, May 21, 2007 - Coimbra, Portugal in conjunction with WWIC 2007

Security configuration of standard systems is a tedious and error prone task. Doing this for WSN is even more complex due to the scarce resources of the sensor nodes. In order to simplify this task we propose a middleware architecture as well as a configuration tool. The main idea is that the configuration tool selects security providing modules such as appropriate cipher means. The choice is based on a detailed description of security needs of the application under development as well as on the description of the available security modules and sensor nodes. The middleware architecture supports configuration before and after deployment of the sensor nodes. It consist of an essential core that provides configuration features and an additional layer in which the security modules are clustered.

[PDF] [SLIDES] copyright by [Springer]
Combinatorial logic circuitry as means to protect low cost devices against side channel attacks

Frank Vater, Peter Langendörfer, Steffen Peter

WISTP, 2007 - Workshop in Information Security Theory and Practices 2007: Smart Cards,Mobile and Ubiquitous Computing Systems, Heraklion, Crete, Greece, May 9-11, 2007

In this paper we present a clock frequency watch dog that can be realized using a digital standard CMOS library. Such watch dog is required to prevent clock speed manipulations that can support side channel attacks on cryptographic hardware devices. The additional area and power consumed by the watch dog for an AES hardware accelerator are 4,200um^2 and 2nJ per 128 bit respectively. The physical properties and the use of standard CMOS technology ensure extremely low additional production cost. Thus, our approach is very well suited to improve the security of low cost devices such as wireless sensor nodes.

copyright by [Idea Group Reference]
Privacy Enhancing Techniques: A Survey and Classification

Peter Langendörfer, Michael Maaser, Krzysztof Piotrowski, Steffen Peter

Book Chapter of "Handbook of Research on Wireless Security"

This chapter provides a survey of privacy enhancing techniques and discusses their effect using a scenario in which a charged location based service is used. We introduce four protection levels and discuss an assessment of privacy enhancing techniques according to these protection levels.

[preprint PDF] [BIBTEX] copyright by [InderScience]
Public key cryptography empowered smart dust is affordable

Steffen Peter, Peter Langendörfer, Krzysztof Piotrowski

Special issue on "Energy-Efficient Algorithm and Protocol Design in Sensor Networks", International Journal of Sensor Networks (IJSNet), 2008, Vo.3 No.5

Public key cryptography (PKC) has been considered for a long time to be computationally too expensive for small battery powered devices. However, PKC turned out to be very beneficial for issues such as key distribution, authentication etc. In the recent years first research groups started to cope with the challenges apply- ing PKC in resource-constrained environments. One result is that in particular ECC seems to be very suitable for such environments, because it provides the same level of security as RSA does while requiring much shorter keys. In this paper we evaluate the power consumption resulting from using various PKC approaches with respect to calculations and transmission of signatures etc. Our findings here clearly indicate that software realisations of PKC lead to relatively long duty cycles (operating intervals) which in turn require significant amount of energy. In contrast, the energy required for computation is negligible if the PKC is performed by power efficient hardware ac- celerators. In such cases the corresponding transmission power becomes much more significant. So we argue for dedicated hardware for elliptic curve cryptography in order to reduce energy consumption and to prolong life time of sensor nodes. Since additional hardware equals to additional cost, we are focussing on hardware accelerators that are optimised with respect to silicon area consumption. Our solution that supports an ECC key length of 163 bit takes about 1.02 mm2 cell area in a 0.25um technology and needs about 12.8 ~Ws per point multiplication. Due to its small size the accelerator can be manufactured for about 0.05 USD in mass production.

An Efficient Polynomial Multiplier in GF(2^m) and its Application to ECC Designs

Steffen Peter, Peter Langendörfer

DATE 2007, Design, Automation and Test in Europe, April 16-20, 2007, Nice, France

In this paper we discuss approaches that allow to construct efficient polynomial multiplication units. Such multipliers are the most important components of ECC hardware accelerators. The proposed hRAIK multiplication improves energy consumption, the longest path, and required silicon area compared to state of the art approaches. We use such a core multiplier to construct an efficient sequential polynomial multiplier based on the known iterative Karatsuba method. Finally, we exploit the beneficial properties of the design to build an ECC accelerator. The design for GF(2^233) requires about 1.4 mm^2 cell area in a .25um technology and needs 80 usec for an EC point multiplication.

Flexible Hardware Reduction for Elliptic Curve Cryptography in GF(2^m)

Steffen Peter, Peter Langendörfer, Krzysztof Piotrowski

DATE 2007, Design, Automation and Test in Europe, April 16-20, 2007, Nice, France

In this paper we discuss two ways to provide flexible hardware support for the reduction step in Elliptic Curve Cryptography in binary fields (GF(2^m)). In our first approach we are using several dedicated reduction units within a single multiplier. Our measurement results show that this simple approach leads to an additional area consumption of less than 10\% compared to a dedicated design without performance penalties. In our second approach any elliptic curve cryptography up to a predefined maximal length can be supported. Here we take advantage of the features of commonly used reduction polynomials. Our results show a significant area penalty compared to dedicated designs. However, we achieve flexibility and the performance is still significantly better than those of known ECC hardware accelerator approaches with similar flexibility or even software implementations.

[preprint PDF] [BIBTEX] copyright by [ELSEVIER]
Crosslayer Firewall Interaction as a Means to Provide Effective and Efficient Protection at Mobile Devices

Peter Langendörfer, Krzysztof Piotrowski, Steffen Peter, Martin Lehmann

Wired/Wireless Internet Communications, Elsevier Computer Communications Journal, May 2007

In this paper we discuss packet filtering firewalls and an application level gateway approach used to secure handheld devices. We propose a firewall management plane as a means for cross layer interaction. In our approach the application level gateway updates the firewall rules based on its knowledge about whether or not a certain source is sending malicious packets. Hereby we pursue a policy of removing malicious packets as close as possible to the network interface. We show that in case of secure web service such a cross layer interaction can significantly decrease the CPU load in case of attacks, i.e., if many malicious packets arrive at the handheld device. Our measurement results show that our cross layer approach can reduce the CPU load caused by the application layer gateway by about 10 to 30 per cent. Finally we propose an integrated firewall processing approach that promises further improvements. It integrates the application controlled firewall before the MAC and provides crosslayer mechanisms to reduce the performance issues of traditional firewall approaches.

On Concealed Data Aggregation for Wireless Sensor Networks

Steffen Peter, Krzysztof Piotrowski, Peter Langendörfer

CCNC2007, 4th IEEE Consumer Communications and Networking Conference, 8-11 January 2007, Las Vegas, Nevada, USA

In this paper we discuss algorithms that allow the concealed data aggregation (CDA) in wireless sensor networks. We describe and evaluate three algorithms that were reported to suit to the WSN scenario. As result of the evaluation, where we emphasize the awareness to potential attack scenarios, we present a brief overview of strengths and weaknesses of the algorithms. Since no algorithm provides all desirable goals, we propose two approaches to cope with the problems. The first is the successive combination of two algorithms. It increases security, while the additional efforts can be minimized by carefully selected parameters. For the second approach we face specific weaknesses and engineer mechanisms that solve the particular issues. With the considered homomorphic message authentication code and a discussion of the id-issue we exemplary evaluate the two biggest issues of the very promising CMT algorithm.

[PDF] [BIBTEX] [SLIDES], copyright by [ACM]
How Public Key Cryptography Influences Wireless Sensor Node Lifetime

Krzysztof Piotrowski, Peter Langendörfer, Steffen Peter

Proceedings of the Fourth ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), 2006

In this paper we try to estimate the real influence of pub- lic key cryptography (PKC) to the lifetime of a sensor node in wireless sensor networks. We investigate four types of nodes; MICA2DOT, MICA2, MICAz and TelosB. For all these nodes we estimate the power consumption for most common RSA and ECC operations, i.e., signature gener- ation and verification as well as key exchange mechanisms. We also estimate the power consumed by the transmission of their results. Our results show that the application of strong cryptography is feasible. Even for the most constrained node performing the ECC-160 signature once every 10 minutes in- creases the duty cycle only by about 0.5 per cent, i.e., the influence to the lifetime is not significant. Nevertheless, the public key cryptography shall be used with care.

Diploma Thesis: Evaluation of Design Alternatives for flexible Elliptic Curve Hardware Accelerators

Steffen Peter

Diploma Thesis at Brandenburgische Technische Universitaet Cottbus, 2006

The primary goal of this diploma thesis is the investigation of approaches for flexible and modular architectures of ECC hardware accelerators. This is preceded by extensive studies of existing methods to find suitable techniques and to identify potential problem areas. The theoretical considerations should result in efficient algorithms for the required operations. Special emphasis will be placed on investigations concerning efficient polynomial multiplications, which represent the most expensive base operation of ECC. The results of this investigations will lead to the development of new hardware designs to satisfy the requirements, such as execution time, area, and energy consumption. An efficient single curve implementation should prove the correctness of the considered algorithms and provide comparable data such as speed and size. Even though the primary focus is placed on an ASIC, an FPGA implementation should supply functional verification. Furthermore, the concept should be confirmed as the ECC design will be part of a real communication system on chip. The single curve ECC design is the basis for flexible ECC accelerators.