Research Result :: TWISNet: Machine-to-Machine security: do more with less
(16/10/2013) Connect things to the Internet without security and they will get hacked in seconds. Put in legacy Internet security protocols without consideration to power consumption and constraint devices battery life will be impacted. That’s why a comprehensive security paradigm for constrained devices is being developed.
As the Internet of Things emerges, the border between Internet and physical world is fading away. This evolution builds on multiple technological enablers ranging from real world modeling and novel user interfaces to embedded communication circuits, radio and software.
The ‘glue’ between physical processes and their numeric representations takes the form of dedicated communicating devices of two sorts. Sensors, on one hand, monitor physical quantities or react to tangible events. Actuators, on the other hand, transform numeric orders into real-world actions. While actuators are often integrated within larger systems, sensors have to be lightweight and disseminated in close contact with the system they monitor. They are among the most constrained devices of the Internet of Things.
Wireless Sensor Networks (WSNs) answer especially well to the classical needs of the industry. Integrated with other systems, they allow for facilities surveillance, optimized asset control and production chain automation. These new services have a direct impact on industry competitiveness.
Valuable for the operational management of industrial facilities, the sensors will also, however, prove of the highest value to bad guys. Indeed, one cannot but admit that a lot of sensor characteristics would attract the attention of attackers. A prey of choice, if you think: a wireless device, connected to the information system, left for years without human management / surveillance, sometimes outside of the physical protection perimeter and able to trigger automatic actions. And, if that was not enough, with so little computing power that attacks against it would likely not be detected / reacted to and that the latest cryptographic algorithms would not be supported.
Therefore, a lot of security questions arise and have to be solved. The first three of them relate to the classical Confidentiality-Integrity-Availability services security is usually split into: How can the sensitive or private sensed data be protected from eavesdropping? How can they be protected from alteration? How to make sure that the sensor-based service can remain available? To these questions have to be added those related to privacy, service efficiency and cybersecurity: Who can be granted access to the sensed data? To what extent can these data be trusted, and how should it be handled? How to prevent sensors from becoming the weakest points of the security chain, and thus the preferred intrusion doors?
A team of European experts just released a unique security framework that provides protection against all types of risks that can threaten WSN during their entire lifespan. Experts collaboration took place in the framework of the three-year project TWISNet (Trustworthy Wireless Industrial Sensor Networks). The TWISNet project has a budget of 3.4 million euro, of which 2.2 million is funded by the EU. It regroups researchers of Dresden Elektronik Ingenieurtechnik GmbH (Germany), Commissariat à l’Energie Atomique et aux Energies Alternatives - CEA (France), Electricité de France (France), Hochschule für Technik und Wirtschaft Dresden (Germany), University Politehnica of Bucharest (Romania), SAP (Switzerland) and Cisco (Netherlands).
‘What makes TWISNet unique is its comprehensive approach of security,’ says security expert and TWISNet technical coordinator Alexis Olivereau, of CEA LIST Institute. ‘The other existing security solutions for WSNs concentrate on a few aspects, but they generally leave wide gaps in the overall model. For example, encryption would be supported but network access would not be controlled. In addition, some of these solutions are still very demanding in terms of resources. If implemented on real sensors, they would drain their batteries at an unacceptably high rate. Or the sensors would simply not have enough memory to run the specified countermeasures.’ These matter-of-fact aspects of security solutions are fully addressed in TWISNet, which produces proof-of -concept platforms running the project specified security protocols.
The TWISNet vision of sensor lifelong security leveraged on detailed threat analyses of four scenarios elaborated by industrial partners of the project. These scenarios where proposed in the areas of nuclear plant facility management, supply and demand energy management, electricity production, and environmental monitoring for pollution control. Together with those identified use cases, several security concerns arose such as privacy of users equipped and monitored by sensor networks, authentication of information source and data reliability.
The life of a sensor begins with bootstrapping and authentication. It is the phase where the sensor learns whom to trust and which cryptography to put in place. It is also the phase where the sensor gets authorized to communicate over an existing topology. TWISNet designed highly secure protocols for this critical phase. Yet, the project also specified means to make it much simpler, for example by letting a large number of sensors be deployed at the same time. Pushing the fast forward button, one would then see the sensor involved in regularly occurring, yet essential, operations: anonymity control and enforcement, intrusion detection and security adaptation to perceived context, reactive or anticipative resilience, secured routing – all being provided by TWISNet. Meanwhile, data are uploaded by sensors and encrypted in accordance with their sensitivity and the current security level. Arriving at the server, data are handled by the mediation layer, which allows for trustworthy and secure processing. Finally, in phase with its emphasis on practicality, TWISNet also offers a simple, efficient and secure support of remote operations on WSNs, from parameter management to firmware upgrade.
With the accelerating expansion of WSN deployment in the recent years and the increasing communications capabilities of sensor nodes, there is little doubt that compromise opportunities will rise accordingly. TWISNet platforms can guarantee an optimal protection level for the most sensitive industrial installations, while being entirely configurable and therefore also adapted to less exposed environments such as home automation.
The TWISNet security platform will be partially included in products of the partners and their business, research and development network.
TWISNet received research funding under the European Union's Seventh Framework Programme (FP7).
Link to project on CORDIS:
- FP7 on CORDIS
- TWISNet project factsheet on CORDIS
Link to project's website:
- 'Trustworthy Wireless Industrial Sensor NETworks' project website
- European Commission's Digital Agenda website
Information Source: Mike Ludwig (TWISNet Scientific Coordinator), Dresden Elektronik, Germany