https://www.mdu.se/

mdu.sePublications
Planned maintenance
A system upgrade is planned for 10/12-2024, at 12:00-13:00. During this time DiVA will be unavailable.
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Securing Communication in IP-Connected Industrial Wireless Sensor Networks
Mälardalen University, School of Innovation, Design and Engineering.ORCID iD: 0000-0001-8192-0893
2011 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

With the advent of wireless sensor networks (WSN) and success of wirelesscommunication in the local and personal area networks such asWi-Fi and Bluetoothmore serious efforts to apply standard wireless communication in sensitiveindustrial networks were initiated. This effort resulted in the standardizationof WirelessHART. Other standardization efforts include ISA 100.11a andZigBee. Keeping in mind the nature of wireless communication and sensitivityof industrial environments security of these network gets greater importance.

In this thesis we work on security issues in industrial WSN in general andIP-connected WSN in particular. Currently WirelessHART is the only approvedstandard for secure wireless communication in industrial WSNs. Westart our work with the analysis of security mechanisms in WirelessHART.We propose solutions for the security shortcomings in WirelessHART, and designand implement the missing security components. Particularly, we specify,design, implement, and evaluate the first open security manager for WirelessHARTnetworks.

With the standardization of IP in WSNs (6LoWPAN) and birth of Internetof Things the need for IP communication in industrial WSN is getting importance.The recently proposed ISA 100.11a standard is IP-based since its inception.Also standardization efforts are in progress to apply IP in WirelessHARTand Zigbee. Recently, WSNs and traditional IP networks are more tightly integratedusing IPv6 and 6LoWPAN. We realize the importance of having aninteroperable standardized secure IP communication in industrial WSNs. IPSecurity (IPsec) is a mandatory security solution in IPv6. We propose to useIPsec for 6LoWPAN enabled industrial WSNs. However, it is not meaningfulto use IPsec in its current form in resource constrained WSNs. In additionto providing security solutions for WirelessHART, in this thesis we also specify,design, implement, and extensively evaluate lightweight IPsec that enablesend-to-end secure communication between a node in a 6LoWPAN and a device in the traditional Internet. Our results show that lightweight IPsec is a sensibleand practical solution for securing WSN.

Place, publisher, year, edition, pages
Västerås: Mälardalen University , 2011.
Series
Mälardalen University Press Licentiate Theses, ISSN 1651-9256 ; 135
Keywords [en]
Wireless Sensor Networks, Security, 6LoWPAN, IPsec, WirelessHART
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-12261ISBN: 978-91-7485-021-5 (print)OAI: oai:DiVA.org:mdh-12261DiVA, id: diva2:418832
Presentation
2011-06-13, Kappa, Mälardalen University, Västerås, 13:15 (English)
Opponent
Supervisors
Available from: 2011-05-24 Created: 2011-05-16 Last updated: 2019-12-19Bibliographically approved
List of papers
1. Security Considerations for the WirelessHART Protocol
Open this publication in new window or tab >>Security Considerations for the WirelessHART Protocol
2009 (English)In: Emerging Technologies & Factory Automation, 2009. ETFA 2009. IEEE Conference on, 2009, p. 1-8Conference paper, Published paper (Refereed)
Abstract [en]

WirelessHART is a secure and reliable communication standard for industrial process automation. The WirelessHART specifications are well organized in all aspects exceptsecurity: there are no separate specifications of security requirements or features. Rather,security mechanisms are described throughout the documentation. This hinders implementation of the standard and development of applications since it requires profound knowledge of all the core specifications on the part of the developer. In this paper we provide a comprehensive overview of WirelessHART security: we analyze the providedsecurity mechanisms against well known threats in the wireless medium, and propose recommendations to mitigate shortcomings. Furthermore, we elucidate the specifications of the security manager, its placement in the network, and interaction with the network manager.

Identifiers
urn:nbn:se:mdh:diva-12283 (URN)10.1109/ETFA.2009.5347043 (DOI)2-s2.0-77949891992 (Scopus ID)978-1-4244-2727-7 (ISBN)
Conference
Emerging Technologies & Factory Automation, 2009. ETFA 2009. IEEE Conference on
Note
(c) 2011 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.Available from: 2011-05-24 Created: 2011-05-21 Last updated: 2019-12-19Bibliographically approved
2. Securing Communication in 6LoWPAN with Compressed IPsec
Open this publication in new window or tab >>Securing Communication in 6LoWPAN with Compressed IPsec
2011 (English)In: 7th IEEE International Conference on Distributed Computing in Sensor Systems (IEEE DCOSS '11), 2011Conference paper, Published paper (Refereed)
Abstract [en]

Real-world deployments of wireless sensor networks(WSNs) require secure communication. It is important that areceiver is able to verify that sensor data was generated bytrusted nodes. It may also be necessary to encrypt sensor datain transit. Recently, WSNs and traditional IP networks are moretightly integrated using IPv6 and 6LoWPAN. Available IPv6protocol stacks can use IPsec to secure data exchange. Thus, itis desirable to extend 6LoWPAN such that IPsec communicationwith IPv6 nodes is possible. It is beneficial to use IPsec becausethe existing end-points on the Internet do not need to be modifiedto communicate securely with the WSN. Moreover, using IPsec,true end-to-end security is implemented and the need for atrustworthy gateway is removed.In this paper we provide End-to-End (E2E) secure communicationbetween IP enabled sensor networks and the traditionalInternet. This is the first compressed lightweight design, implementation,and evaluation of 6LoWPAN extension for IPsec.Our extension supports both IPsec’s Authentication Header (AH)and Encapsulation Security Payload (ESP). Thus, communicationendpoints are able to authenticate, encrypt and check theintegrity of messages using standardized and established IPv6mechanisms.

Identifiers
urn:nbn:se:mdh:diva-12285 (URN)
Conference
7th IEEE International Conference on Distributed Computing in Sensor Systems (IEEE DCOSS '11)
Note
(c) 2011 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.Available from: 2011-05-24 Created: 2011-05-21 Last updated: 2019-12-19Bibliographically approved
3. Design and Implementation of a Security Manager for WirelessHART Networks
Open this publication in new window or tab >>Design and Implementation of a Security Manager for WirelessHART Networks
2009 (English)In: Mobile Adhoc and Sensor Systems, 2009. MASS '09. IEEE 6th International Conference on, 2009, p. 995-1004Conference paper, Published paper (Refereed)
Abstract [en]

WirelessHART is the first open standard for wireless sensor networks designed specifically for industrial process automation and control systems. WirelessHART is a secure protocol; however, it relies on a Security Manager for the management of the security keys and the authentication of new devices. The WirelessHART standard does not provide the specification and design of the Security Manager. Also, the security specifications in the standard are not well organized and are dispersed throughout the standard which makes an implementation of the standard more difficult. In this paper we provide the detailed specification and design as well as an implementation of the Security Manager for theWirelessHART standard. We evaluate our security manager against different cryptographic algorithms and measure the latency between the Network Manager and the SecurityManager. Our evaluation shows that the proposed security manager meets theWirelessHART requirements. Our analysis shows that the provided Security Manager is capable of securing both the wireless and wired part of the WirelessHART network.

Research subject
Innovation and Design
Identifiers
urn:nbn:se:mdh:diva-12284 (URN)10.1109/MOBHOC.2009.5337019 (DOI)978-1-4244-5113-5 (ISBN)
Conference
Mobile Adhoc and Sensor Systems, 2009. MASS '09. IEEE 6th International Conference on
Note
(c) 2009 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.Available from: 2011-05-24 Created: 2011-05-21 Last updated: 2019-12-19Bibliographically approved

Open Access in DiVA

fulltext(680 kB)1250 downloads
File information
File name FULLTEXT03.pdfFile size 680 kBChecksum SHA-512
48695f1f3e16fee194cdf8da597a038a96f6651f09da1316137bbb73664d9ad6b2821df800d5d81c143e8433ec0f18907237090e9ec33b5ed7566921b4f93f7c
Type fulltextMimetype application/pdf

Authority records

Raza, Shahid

Search in DiVA

By author/editor
Raza, Shahid
By organisation
School of Innovation, Design and Engineering
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 1250 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 1299 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf