Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EcoSec
Search
itszero
June 07, 2012
Technology
1
200
EcoSec
My thesis defense slides for EcoSec: A thin security layer for interactive programming on WSN.
itszero
June 07, 2012
Tweet
Share
More Decks by itszero
See All by itszero
d3.js: the core concepts
itszero
1
2.4k
Routing OpenStreetMap
itszero
0
1.4k
TaipeiFever
itszero
0
300
Other Decks in Technology
See All in Technology
AWS DDoS攻撃防御の最前線
ryutakondo
1
150
開発 × 生成AI × コミュニケーション:GENDAの開発現場で感じたコミュニケーションの変化 / GENDA Tech Talk #1
genda
0
130
AWS re:Inforce 2025 re:Cap Update Pickup & AWS Control Tower の運用における考慮ポイント
htan
1
230
猫でもわかるQ_CLI(CDK開発編)+ちょっとだけKiro
kentapapa
0
3.4k
僕たちが「開発しやすさ」を求め 模索し続けたアーキテクチャ #アーキテクチャ勉強会_findy
bengo4com
0
2.3k
AIに目を奪われすぎて、周りの困っている人間が見えなくなっていませんか?
cap120
1
540
生成AIによるデータサイエンスの変革
taka_aki
0
2.9k
【CEDEC2025】『Shadowverse: Worlds Beyond』二度目のDCG開発でゲームをリデザインする~遊びやすさと競技性の両立~
cygames
PRO
1
340
dipにおけるSRE変革の軌跡
dip_tech
PRO
1
250
MCP認可の現在地と自律型エージェント対応に向けた課題 / MCP Authorization Today and Challenges to Support Autonomous Agents
yokawasa
5
2.2k
Claude Codeが働くAI中心の業務システム構築の挑戦―AIエージェント中心の働き方を目指して
os1ma
9
2.5k
隙間時間で爆速開発! Claude Code × Vibe Coding で作るマニュアル自動生成サービス
akitomonam
3
260
Featured
See All Featured
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
440
A Modern Web Designer's Workflow
chriscoyier
695
190k
Why Our Code Smells
bkeepers
PRO
337
57k
Unsuck your backbone
ammeep
671
58k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Thoughts on Productivity
jonyablonski
69
4.8k
Optimizing for Happiness
mojombo
379
70k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
6k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.8k
Transcript
EcoSec: A thin security layer for interactive programming on WSN
Chien-An “Zero” Cho Directed by Prof. Pai H. Chou
“Outline” • Introduction • System Overview • Technical Details •
Evaluation • Conclusion
“Motivation”
None
sense> outdoor temp 30 °C query> room occupancy exec >
A/C to 20 °C for occupied room HVAC Control
sense> room occupancy sense> room temperature for occupied room Fire
Scene
• The world is dynamic • To adapt dynamic world,
macroprogramming is gaining its popularity • How do you secure a dynamic sensor network?
“Challenges”
SMALL footprint for tough platform 16k code size + 1k
RAM
fine-grained access control, down to sensor levels
U SECURE while running code at native speed
“Related Works”
Interactive Programming Virtualized Environment WSN Access Control
Interactive Programming EcoCast Marionette LiteShell
EcoCast/Marionette is a pure runtime environment. Both have no security
features. This is where EcoSec can be integrated into.
LiteShell is a command console on node. It allows control
and execute the hex files located on node. EcoSec can also integrated into it as a pre-flight HEX check mechanism.
Virtualized Environment SenShare Darjeeling
SenShare/Darjeeling can be seen as secured since the apps are
sandboxed/virtualized. However, the footprint requirements are even higher and performance is bad.
WSN Access Control WirelessHART SpartanRPC
WirelessHART is de facto protocol for the industry- grade instrument
comm. It uses AES-128 with various keys to protect end-to-end comm. It does not provide fine-grained ACL.
SpartanRPC is capable of define fine-grained policies. However, it is
too abstract and high- level (built on nesC). The footprint is also big.
“Contributions”
Some Preface...
1 2 3 Server Client Resources request?
EcoSec is a thin security layer for dynamic wireless sensor
network composed by three layers.
the 3 layers cryptography handler resource locator policy enforcer
None
EcoSec
eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c request (URI, CODE, AUTH)
check the credentials scan the code hook the sensitive instructions
sign the sanitized code EcoSec Server
eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c signed (URI, CODE’, CERT)
signed-request eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c
verify-request eco://epl.tw:9002/:RF/3F/PCRoom/temp.js?unit=c
“System Components”
“Cryptography Handler”
Use for verifying certificates and code signing. We deployed an
ARC4 cipher in current implementation.
“Resources Locator”
Resources are defined as sensors/memory on the nodes. We’ll use
an independent server to resolve URI to actual resources, acting like DNS.
but before that...
How do we define URI for WSN? Note that current
URI has no concept of transportation.
eco://epl.tw:9002/:RF/ 3F/PCRoom/temp.js? unit=c Last components is RESOURCE URI consists of
ENDPOINTs and a RESOURCE. if no ENDPOINT specified, assume ANY.
“Policies Enforcer”
Policies is used to restrict access to resources. Gateway marks
the sensitive codes and it’ll be verified upon execution on nodes.
“Technical Details”
“Object Space”
All objects/relationships are stored in a huge object space. Object
can be referenced quickly by UUID.
#<WSNObject:: TemperatureSensor: Built-in temperature sensor([UUID])> Object Class
Relationships are retained in programming language and also object store.
All metadata from ancestors will be available and overridable by children.
ecosd_node0 Class: WSNObject::Node UUID: 7e786020-7179-012f-ce09-549a20d0e1e2 Based On: 7e785510-7179-012f-ce08-549a20d0e1e2 Metadata: Tag:
NTHUCS-3F-PCROOM-00 Path: /3f/pcroom/00 Connections: [0] WSNObject::Connection -SPI-> WSNObject::TemperatureSensor
ecosd_node0 Class: WSNObject::Platform UUID: 7e785510-7179-012f-ce08-549a20d0e1e2 Based On: 00000000-0000-0000-0000-000000000000 Metadata: Platform:
EPL EcoSD Connections: [0] WSNObject::Connection -Built-In-> WSNObject::Accelerometer EcoSD Platform
“EcoSec Server”
EcoSec Server is a HTTP service on the gateway. It
provides facilities for nodes registration, node lookup and user request signing.
Verb Path Description GET / Server Report GET [WSN Path]
Object Lookup POST [WSN Path] Object Request / (de)registration POST /sign Sign a request
“Code Signing”
Code signing works by swap out sensitive instructions to a
call for parameters check.
0103: MOV 0x80, #0x2 trying to pull high to GPIO
P0.1 0100: MOV R0, 0x2 0103: MOV 0x80, R0
MOV 0x80, R0 MOV 0x80, R0 MOV 0x18, 1 MOV
0x19, 0x01 MOV 0x20, 0x03 LCALL ecosec_sentry MOV 0x80, 0x20 RET code stub
Sentry check if the access is allowed. If so, execute
the original command, or abort execution and reboot.
“EcoSec Node”
EcoSD Hardware Platform Operating System / Runtime EcoSec Userspace Code
XDATA CODE SRAM BLK 1 0x0000 0x01FF Host OS EcoSec
1. map 0x000 ~ 0x01FF to CODE (black region indicates area after memory remap) Mapped: Payload SRAM 2. jump to payload
Function Description void ecosec_init() Init cryptography system of EcoSec bool
ecosec_verify() Verify if payload is properly signed and authorized bool ecosec_execute() Execute payload securely * To save code/mem size, arguments like PSK, payload are pre-configured at compile-time.
CODE EcoSec Sanitized Code SRAM EPC RSL 1. jump to
EPC to preserve env. 5. continue execution 2. call sentry to verify access 3. jump back to EPC to run the instruction 4. return to sentry to cleanup
“Evaluations”
EPL EcoSD Platform 16Mhz 8051-compatible MCU Integrated nRF24L01 RF 16KB
code + 1KB RAM
“Payload Overhead”
overhead = (α+β) * Ɣ α: size of sensitive instruction
β: size of code stub = 12 Ɣ: num. of sensitive instructions
to find out α, Ɣ...
lots of real world apps* average numbers
α = 58, Ɣ = 2 for full app
812 extra bytes for sanitizing a full app
RPC payload will usually have 5 ~ 10 sensitive instructions
only. ≑140 bytes extra
“Latency”
latency = Δ + (ε * Ɣ) Δ: RF transmission
delay ε : execution time latency Ɣ: num. of sensitive instructions
Δ overhead = 812 bytes RFrate = 1Mbit/s ≑ 0.0061
seconds
codestub: 19 verification: 166 + 138 * 20 total: 2945
cycles ≑ 0.0001 seconds
total delay
≑ 0.0062 seconds
“Future Work”
“Toolchain Integration”
Our current work does not know anything about the payload.
Integration with compiler allows more advanced optimization and relocation to be done.
“Security Algorithms”
8051 platform is too resource- constrained. We would like to
explore more algorithms such as One-Way Hashes to be used with EcoSec.
“Hybrid Static Analysis”
Current server does not do static analysis. We would like
to distribute some load to server by allowing server to perform a quick scan to pick out those denied access using direct addressing/immd. value.
“Conclusion”
EcoSec is a novel security framework for the dynamic WSN.
It’s small, high-performance while providing fine-grained control.
DEMO
None
Q&A