Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EcoSec
Search
itszero
June 07, 2012
Technology
1
200
EcoSec
My thesis defense slides for EcoSec: A thin security layer for interactive programming on WSN.
itszero
June 07, 2012
Tweet
Share
More Decks by itszero
See All by itszero
d3.js: the core concepts
itszero
1
2.4k
Routing OpenStreetMap
itszero
0
1.4k
TaipeiFever
itszero
0
300
Other Decks in Technology
See All in Technology
「魔法少女まどか☆マギカ Magia Exedra」のグローバル展開を支える、開発チームと翻訳チームの「意識しない協創」を実現するローカライズシステム
gree_tech
PRO
0
430
iPhone Eye Tracking機能から学ぶやさしいアクセシビリティ
fujiyamaorange
0
200
絶対に失敗できないキャンペーンページの高速かつ安全な開発、WINTICKET × microCMS の開発事例
microcms
0
360
なぜSaaSがMCPサーバーをサービス提供するのか?
sansantech
PRO
5
1.3k
Kiroと学ぶコンテキストエンジニアリング
oikon48
5
5.7k
モダンフロントエンド 開発研修
recruitengineers
PRO
9
6.1k
AIのグローバルトレンド2025 #scrummikawa / global ai trend
kyonmm
PRO
0
110
Bye-Bye Query Spaghetti: Write Queries You'll Actually Understand Using Pipelined SQL Syntax
tobiaslampertlotum
0
120
ソフトウェア エンジニアとしての 姿勢と心構え
recruitengineers
PRO
26
12k
シークレット管理だけじゃない!HashiCorp Vault でデータ暗号化をしよう / Beyond Secret Management! Let's Encrypt Data with HashiCorp Vault
nnstt1
2
130
サンドボックス技術でAI利活用を促進する
koh_naga
0
150
Grafana MCPサーバーによるAIエージェント経由でのGrafanaダッシュボード動的生成
hamadakoji
1
1k
Featured
See All Featured
[RailsConf 2023] Rails as a piece of cake
palkan
56
5.8k
GitHub's CSS Performance
jonrohan
1032
460k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.6k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Mobile First: as difficult as doing things right
swwweet
224
9.9k
Done Done
chrislema
185
16k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
61k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
36
2.5k
Making Projects Easy
brettharned
117
6.4k
Site-Speed That Sticks
csswizardry
10
800
A Modern Web Designer's Workflow
chriscoyier
696
190k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
510
Transcript
EcoSec: A thin security layer for interactive programming on WSN
Chien-An “Zero” Cho Directed by Prof. Pai H. Chou
“Outline” • Introduction • System Overview • Technical Details •
Evaluation • Conclusion
“Motivation”
None
sense> outdoor temp 30 °C query> room occupancy exec >
A/C to 20 °C for occupied room HVAC Control
sense> room occupancy sense> room temperature for occupied room Fire
Scene
• The world is dynamic • To adapt dynamic world,
macroprogramming is gaining its popularity • How do you secure a dynamic sensor network?
“Challenges”
SMALL footprint for tough platform 16k code size + 1k
RAM
fine-grained access control, down to sensor levels
U SECURE while running code at native speed
“Related Works”
Interactive Programming Virtualized Environment WSN Access Control
Interactive Programming EcoCast Marionette LiteShell
EcoCast/Marionette is a pure runtime environment. Both have no security
features. This is where EcoSec can be integrated into.
LiteShell is a command console on node. It allows control
and execute the hex files located on node. EcoSec can also integrated into it as a pre-flight HEX check mechanism.
Virtualized Environment SenShare Darjeeling
SenShare/Darjeeling can be seen as secured since the apps are
sandboxed/virtualized. However, the footprint requirements are even higher and performance is bad.
WSN Access Control WirelessHART SpartanRPC
WirelessHART is de facto protocol for the industry- grade instrument
comm. It uses AES-128 with various keys to protect end-to-end comm. It does not provide fine-grained ACL.
SpartanRPC is capable of define fine-grained policies. However, it is
too abstract and high- level (built on nesC). The footprint is also big.
“Contributions”
Some Preface...
1 2 3 Server Client Resources request?
EcoSec is a thin security layer for dynamic wireless sensor
network composed by three layers.
the 3 layers cryptography handler resource locator policy enforcer
None
EcoSec
eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c request (URI, CODE, AUTH)
check the credentials scan the code hook the sensitive instructions
sign the sanitized code EcoSec Server
eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c signed (URI, CODE’, CERT)
signed-request eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c
verify-request eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c
“System Components”
“Cryptography Handler”
Use for verifying certificates and code signing. We deployed an
ARC4 cipher in current implementation.
“Resources Locator”
Resources are defined as sensors/memory on the nodes. We’ll use
an independent server to resolve URI to actual resources, acting like DNS.
but before that...
How do we define URI for WSN? Note that current
URI has no concept of transportation.
eco://epl.tw:9002/:RF/ 3F/PCRoom/temp.js? unit=c Last components is RESOURCE URI consists of
ENDPOINTs and a RESOURCE. if no ENDPOINT specified, assume ANY.
“Policies Enforcer”
Policies is used to restrict access to resources. Gateway marks
the sensitive codes and it’ll be verified upon execution on nodes.
“Technical Details”
“Object Space”
All objects/relationships are stored in a huge object space. Object
can be referenced quickly by UUID.
#<WSNObject:: TemperatureSensor: Built-in temperature sensor([UUID])> Object Class
Relationships are retained in programming language and also object store.
All metadata from ancestors will be available and overridable by children.
ecosd_node0 Class: WSNObject::Node UUID: 7e786020-7179-012f-ce09-549a20d0e1e2 Based On: 7e785510-7179-012f-ce08-549a20d0e1e2 Metadata: Tag:
NTHUCS-3F-PCROOM-00 Path: /3f/pcroom/00 Connections: [0] WSNObject::Connection -SPI-> WSNObject::TemperatureSensor
ecosd_node0 Class: WSNObject::Platform UUID: 7e785510-7179-012f-ce08-549a20d0e1e2 Based On: 00000000-0000-0000-0000-000000000000 Metadata: Platform:
EPL EcoSD Connections: [0] WSNObject::Connection -Built-In-> WSNObject::Accelerometer EcoSD Platform
“EcoSec Server”
EcoSec Server is a HTTP service on the gateway. It
provides facilities for nodes registration, node lookup and user request signing.
Verb Path Description GET / Server Report GET [WSN Path]
Object Lookup POST [WSN Path] Object Request / (de)registration POST /sign Sign a request
“Code Signing”
Code signing works by swap out sensitive instructions to a
call for parameters check.
0103: MOV 0x80, #0x2 trying to pull high to GPIO
P0.1 0100: MOV R0, 0x2 0103: MOV 0x80, R0
MOV 0x80, R0 MOV 0x80, R0 MOV 0x18, 1 MOV
0x19, 0x01 MOV 0x20, 0x03 LCALL ecosec_sentry MOV 0x80, 0x20 RET code stub
Sentry check if the access is allowed. If so, execute
the original command, or abort execution and reboot.
“EcoSec Node”
EcoSD Hardware Platform Operating System / Runtime EcoSec Userspace Code
XDATA CODE SRAM BLK 1 0x0000 0x01FF Host OS EcoSec
1. map 0x000 ~ 0x01FF to CODE (black region indicates area after memory remap) Mapped: Payload SRAM 2. jump to payload
Function Description void ecosec_init() Init cryptography system of EcoSec bool
ecosec_verify() Verify if payload is properly signed and authorized bool ecosec_execute() Execute payload securely * To save code/mem size, arguments like PSK, payload are pre-configured at compile-time.
CODE EcoSec Sanitized Code SRAM EPC RSL 1. jump to
EPC to preserve env. 5. continue execution 2. call sentry to verify access 3. jump back to EPC to run the instruction 4. return to sentry to cleanup
“Evaluations”
EPL EcoSD Platform 16Mhz 8051-compatible MCU Integrated nRF24L01 RF 16KB
code + 1KB RAM
“Payload Overhead”
overhead = (α+β) * Ɣ α: size of sensitive instruction
β: size of code stub = 12 Ɣ: num. of sensitive instructions
to find out α, Ɣ...
lots of real world apps* average numbers
α = 58, Ɣ = 2 for full app
812 extra bytes for sanitizing a full app
RPC payload will usually have 5 ~ 10 sensitive instructions
only. ≑140 bytes extra
“Latency”
latency = Δ + (ε * Ɣ) Δ: RF transmission
delay ε : execution time latency Ɣ: num. of sensitive instructions
Δ overhead = 812 bytes RFrate = 1Mbit/s ≑ 0.0061
seconds
codestub: 19 verification: 166 + 138 * 20 total: 2945
cycles ≑ 0.0001 seconds
total delay
≑ 0.0062 seconds
“Future Work”
“Toolchain Integration”
Our current work does not know anything about the payload.
Integration with compiler allows more advanced optimization and relocation to be done.
“Security Algorithms”
8051 platform is too resource- constrained. We would like to
explore more algorithms such as One-Way Hashes to be used with EcoSec.
“Hybrid Static Analysis”
Current server does not do static analysis. We would like
to distribute some load to server by allowing server to perform a quick scan to pick out those denied access using direct addressing/immd. value.
“Conclusion”
EcoSec is a novel security framework for the dynamic WSN.
It’s small, high-performance while providing fine-grained control.
DEMO
None
Q&A