Tải bản đầy đủ - 0trang
Apps for smart buildings: a case study on building security
Networking technologies for smart homes
A smart home is understood as an integration system, which takes advantage of a range
of techniques such as computers, network communication, as well as synthesized wiring to connect all indoor subsystems that attach to home appliances and household
electrical devices as a whole (Ricquebourg et al., 2006). Under this perspective, the
development of smart home technology during the past years can be described by
examining the networking technologies used to interconnect home devices.
Network technologies is the term used to describe familiar cables that, to a large
extent, already exist, both inside and outside the house: telephone cables, TV cables,
and the power supply network. It also refers to the extra infrastructure that may or may
not exist yet: computer cables and lower voltage cables. It refers to infrared (IR) and
radio frequent communication (RF). Essentially, we refer to technologies that effectively centralize house management and services, providing all-round functions for internal information exchange, while keeping in touch with the outside world.
Traditional suppliers’ products mainly contain a protocol, which allows communication between the products, remote control, and central control by the resident.
Ideally, all different manufacturers’ products should communicate via the same protocol. In practice, however, this is not the case. New platforms have been introduced that
unify products from different manufacturers, yet there is a lot of work that needs to be
done to establish uniform network access.
Wired legacy systems
A homebus is a physical wire, a special low-voltage cable, that is used to transfer signals within the house via a certain protocol. Generally, two types of homebus systems
can be distinguished: the systems with ﬁxed, built-in intelligence and the systems that
can be programmed via a PC. A special version of homebus systems is the powerline
system that transfers signals, within the house, through the power cables. Among the
power line systems, the X10 is the oldest. Improvements on this protocol resulted in
the so-called A10 system, which has a growing popularity for use in both newly built
and existing houses, because of its low price.
All media differ in their properties and have both advantages and disadvantages.
The right selection is also a question of cost. As a general rule, higher data speeds
lead to higher installation costs. However, the demand for bandwidth or bit rate
strongly depends on the application. In general, for control data transmission, a bit
rate of some kbps is sufﬁcient. This holds for most of the smart home components
(sensors, actuators, control, and visualization units). However, for telecommunication
purposes (mainly video communication), the bit rate exceeds the megabit range.
Apart from X10, there are other standards available for setting up a homebus. Here
we report some dominant technologies:
EIB (European Installation Bus) is an open standard widely used in Europe. EIB is available
for power line, signal cable, and radio. The single cable version is currently the most widely
used in smart homes.
Apps for smart buildings: a case study on building security
KNX is a new standard resulting from an amalgamation of three European bus standards,
with EIB being one of them. KNX is expected to replace EIB in the near future. KNX fully
complies to the EN 50090 series, the European Standard for Home and Building Electronic
LON (Local Operating Network) is a proprietary standard, used for energy-control, steering
machinery, and access control systems in industry and larger buildings. The standard is
mostly known for power line signaling, but also supports signal cables, coaxial cables, radio,
and ﬁber optical transmission.
BACnet is a standard developed in the United States for the control of functions in larger
buildings, but has so far not been observed in European smart homes. BACnet is supposed
to easily communicate with the EIB.
Regardless of the technology used, a common denominator of all these technologies
is the fact that each product requires cables. As the number of components installed
increases, so does the need for additional wires. The Ericsson ConsumerLab (2015)
study on consumer trends clearly indicates that families consider too many visible cables
annoying and space consuming. In some cases, consumers hire technicians to set up or
install their entertainment centers, just to ensure that wires are hidden when a TV is
mounted on the wall.
19.2.2 Wireless 802.11 (WiFi)
Wireless technologies are an alternative to laying out long wires across the house. New
component installation is done with increased ﬂexibilitydclearly a desired property for
a smart home product. However, wireless technologies also bring an important drawback. Safety and security cannot reach the levels obtained with wired networks, deterministic response times are not possible, and RF emissions by nearby devices might
cause some user concern. However, it is clear that in many cases the advantages overcome the drawbacks and a wireless network has become the most feasible alternative for
Originally wireless smart home networks were based on protocols speciﬁcally
designed for this purpose but currently, due to the huge penetration of computer and telecom wireless networks, it seems that this is no longer the case. Many new smart home
products are based on the 802.11 family of protocols, reducing the need for installing
additional equipment and enabling the smart devices to become Internet-connected
with minimum effort.
In 2015 the WiFi Alliance for Smart Home was setup, to leverage WiFi’s 16-year
legacy of interoperability, industry-standard security, and great user experience for
enabling the smart homes of the future. The key point of the alliance is that companies
focus on WiFi for the smart home because it is a mature, standards-based technology
ecosystem, it is deployed globally across a range of devices, and it can accommodate
19.2.3 Wireless 802.15.4 (ZigBee/Z-Wave)
The beneﬁts of setting up a wireless network for smart homes are very clear, however
WiFi does not provide an ideal environment. After years of research on wireless sensor
networks and wireless personal area networks, the IEEE 802.15 Wireless Personal Area
Working Group introduced a new networking standard for low-power devices designed
for seamless integration into everyday life. It can be viewed as a low-power WiFi
version and is ideally suited for connecting embedded devices to the Internet with
extremely long battery life requirements.
Today, organizations use IEEE 802.15.4 enabled microcontrollers to effectively
deliver solutions for a variety of areas including consumer electronic device control,
energy management and efﬁciency, home and commercial building automation, as
well as industrial plant management. Two variations of the 802.15.4 protocol have
been used for developing the majority of smart home products.
ZigBee’s name illustrates the mesh networking concept, since messages from the
transmitter zigzag like bees, looking for the best path to the receiver. While Z-Wave
uses a proprietary technology for operating its system, ZigBee’s platform is based
on the standard set by IEEE for wireless personal networks. This means any company
can build a ZigBee-compatible product without paying licensing fees for the technology behind it, which may eventually give ZigBee an advantage in the marketplace.
Like Z-Wave, ZigBee has fully functional devices (or those that route the message)
and reduced function devices (or those that do not).
Z-Wave uses a source routing algorithm to determine the fastest route for messages.
Each Z-Wave device is embedded with a code, and when the device is plugged into the
system, the network controller recognizes the code, determines its location, and adds it
to the network. When a command comes through, the controller uses the algorithm to
determine how the message should be sent. Because this routing can take up a lot of
memory on a network, Z-Wave has developed a hierarchy between devices: Some controllers initiate messages, and some are slaves, which means they can only carry and
respond to messages.
ZigBee/Z-Wave and 802.15.4-based wireless sensor networks have been studied
extensively in the context of developing smart systems for building security. The
ability to distribute smart-sized devices within the building and easily establish a
communication network is very important for advanced monitoring of building security. The use of ZigBee technology in combination with other networking technologies (eg, GSM/GPRS) can signiﬁcantly contribute in developing smart building
security systems that achieve fast-rate, low-cost, low-power wireless network communications. In Liu (2014), a typical application that relies on the CC2430 ZigBee
wireless radio component is developed that provides real-time acquisition in the
home environment temperature, humidity, three tables, IR, smoke, the parameters
of the gas, ﬁre, theft alarm, and home appliances. Alarms related to appliances operation, in combination with traditional sensor alarm systems, are forwarded to smartphone applications in order to achieve a ﬂexible, convenient home security
monitoring. In Huanga et al. (2011) the ability to position small-scale devices at
speciﬁc locations in the home environment is utilized to develop a system for building electrical safety. The primary focus of this system is power consumption monitoring, remote control of appliances, overload protection, and energy management.
These examples demonstrate the cost-effectiveness of ZigBee-based monitoring
and protection systems.
Apps for smart buildings: a case study on building security
Developing systems for smart homes that rely on small-factor embedded devices
that communicate over a 802.15.4 wireless network raises signiﬁcant security and trust
issues. In many cases, these petit computers may need to exchange crucial information
that needs to remain private. Moreover, as these embedded devices are distributed
throughout the building, in some cases they can be easily acquired by an intruder
that is capable of tampering with their hardware components. Several studies exist,
such as Goodspeed (2009), that demonstrate how to extract keys from ZigBee hardware and thus intrude the wireless network. These studies point that without appropriate hardware, key secrecy should not be the foundation of the ZigBee product’s
Adaptic cryptographic algorithms for improving the cyber security of embedded
wireless systems is a difﬁcult task due to resource limitations. In Baumgartner et al.
(2010) a hardware-agnostic implementation of an elliptic curve cryptosystem is provided. The main advantage is that it uses much smaller keys than conventional,
discrete logarithm-based cryptosystems (an 160-bit key in an elliptic curve cryptosystem provides equivalent security with a 1024-bit key in a conventional cryptosystem).
This fact makes elliptic curves an excellent approach for signiﬁcantly improving the
levels of cyber security, given the limited resources of the devices. Research results
have shown that public-key cryptography based on elliptic curves is feasible to be
used in sensor networks (Gura et al., 2004; Malan et al., 2004).
Another approach toward reinforcing the cyber security of the wireless network is
to incorporate zero knowledge proofs (ZKPs) as a cryptographic tool for protecting a
user’s privacy. A ZKP involves two entities, a prover and a veriﬁer. It allows the
prover to demonstrate knowledge of a secret while revealing no information whatsoever of use to the veriﬁer in conveying this demonstration of knowledge to others
(Menezes et al., 1996). Up to now, although a wide variety of ZKPs of this category
has been proposed (Smith, 2005) there exists very few actual implementations
regarding resource constrained devices. Among the very few such systems available
is the one presented in Chatzigiannakis et al. (2011), where the application of ZKP
is studied for the security and privacy empowerment of wireless 802.15.4 networks
consisting of low-constrained devices.
19.2.4 Wireless 802.15.6 (BLE)
In 2014, LOCKITRON1 started a crowd-funding campaign to create a WiFi-enabled
smart lock, one that could connect instantly to a WiFi network and also be controlled
remotely over the Internet. After more than a year invested in developing the product,
the company announced it was pulling the plug on the original device and would
soon begin shipments of a next-generation Bluetooth-only smart lock called the Bolt.
The company also created a separate WiFi-to-Bluetooth bridge accompanying the
Bolt, in order to enable remote connectivity via the Internet. The migration to a Bluetooth low-energy (BLE)-only solution was justiﬁed by LOCKITRON because
Matrix networking technology versus device
fundamentally, they could not get around how power hungry WiFi is, in nonideal circumstances and the substandard customer experience this creates. By switching to
BLE and providing a bridge, they eliminated the hard problem of WiFi power management and gave users instantaneous remote control over the Internet.
This story clearly depicts the motivation behind BLE. As the name implies, this
new version of Bluetooth provides considerably increased power-efﬁciency allowing
devices to run off a tiny battery for long periods. Although the standard was introduced
in 2010, within only a few years, there are numerous wireless devices offering a painless path to control lights, temperature, household appliances, window and door locks,
security systems, and more. This new version of Bluetooth provides a completely new
approach in terms of cyber-securing the network. The previous version of Bluetooth
was known to contain a number of security vulnerabilities that could lead to exposure
of encryption keys (Hager and MidKiff, 2003).
Another beneﬁt of Bluetooth networking is the fact that it is supported by the vast
majority of the mobile phones that are in use today. It is therefore easy to use the resident’s smartphone to provide a simple interface with the smart devices installed in the
premises. Moreover, Bluetooth allows for greater localization accuracy compared to
WiFi, due to its more limited range. It is also easier and safer to set up and operate,
due to the inherent features in Bluetooth’s design (Antoniou et al., 2012) (Table 19.1).
The vulnerability of wireless networks: a case of
Each time a new smart home product enters the market, consumers are concerned
about the cyber-security levels of the wirelessly connected device like smart cameras
and thermostatsddevices that are always connected awaiting a remote control. Such
connected devices may become an easy target for hackers because they may lack basic
security measures. Indeed, as companies (small and established ones) rush to incorporate Internet of Things technologies to produce appealing products, security may not
be prioritized as highly as it should.
A particular case that raises a number of issues is the case of LIFX, a smart light
bulb created in September 2012, through crowd funding. LIFX is considered a characteristic success story for the smart home industry. A so-called hardware premium,
it offers remotely programmable LED light bulbs that can be controlled through a
Apps for smart buildings: a case study on building security
smartphone application. These bulbs are sold at a premium, and are priced around 10
times higher than a compact ﬂuorescent bulb (Wired, 2012). From a consumer
perspective, a key driver for buying the product is the novelty in remote-controlling
the devices, the ability to combine their operation, and the wide range of colors and
Looking into the technical details of the networking aspects of this speciﬁc product
operation, there is the use of two wireless technologies in order to optimize both the
communication between the bulbs as well as the ease of usage. In more detail, one
of the bulbs assumes the role of the controller and connects to the home WiFi network,
thus providing a very simple way to communicate with smartphones as well with the
Internet so that the bulbs can be operated remotely. In parallel, all the bulbs set up an
802.15.4 6LoWPAN mesh network in order to exchange conﬁguration and control
commands. The 802.15.4 wireless technology is designed to keep power consumption
at low levels and also operate at adequate levels in environments with high interference
(eg, when video is transmitted over the WiFi network, or a microwave oven operates in
In June 2014, Context released a detailed report where it demonstrated how researchers, after studying the encryption algorithms, keys and initialization vectors,
as well as the mesh network protocol, managed to inject packets into the 802.15.4
mesh network. These packets allowed them to capture the WiFi authentication details
and decrypt the credentials. The retrieval of the information did not require any prior
authentication and did not cause any alert or trace of a cyber attack.
Context reported that hacking into the light bulb was certainly not trivial but would
be within the capabilities of experienced cyber criminals. In the case of LIFX these
vulnerabilities were overcome relatively quickly and easily. Very shortly after the
release of the report, LIFX issued a ﬁrmware update that solved the problem. In
fact, prior to Context’s report, this vulnerability was totally unexplored (and possibly
unknown), most likely due to the complexity of the equipment and reverse engineering
required. It should also be noted that since this attack was on the 802.15.4 6LoWPAN
wireless mesh network, the attacker had to be within wireless range (ie, within at least
30 m) of a vulnerable LIFX bulb to perform this attack, severely limiting the practicality for exploitation on a large scale.
The hack of devices like the LIFX bulbs is just a sample of the possible security
issues related to IoT components. In some cases the vulnerabilities are fundamental
to the design of the products. Therefore, it is critical to consider their security at the
earliest stages of the design phase and incorporate it throughout the development of
Reinforcing the security of wireless
communications: the case of smart locks
Door locks are probably the ﬁrst group of hardware devices that have attracted serious
developers and have become a smart product. Located at a natural entry point, they are