Tải bản đầy đủ - 0 (trang)
Apps for smart buildings: a case study on building security

Apps for smart buildings: a case study on building security

Tải bản đầy đủ - 0trang

466



Start-Up Creation



19.2



Networking technologies for smart homes



A smart home is understood as an integration system, which takes advantage of a range

of techniques such as computers, network communication, as well as synthesized wiring to connect all indoor subsystems that attach to home appliances and household

electrical devices as a whole (Ricquebourg et al., 2006). Under this perspective, the

development of smart home technology during the past years can be described by

examining the networking technologies used to interconnect home devices.

Network technologies is the term used to describe familiar cables that, to a large

extent, already exist, both inside and outside the house: telephone cables, TV cables,

and the power supply network. It also refers to the extra infrastructure that may or may

not exist yet: computer cables and lower voltage cables. It refers to infrared (IR) and

radio frequent communication (RF). Essentially, we refer to technologies that effectively centralize house management and services, providing all-round functions for internal information exchange, while keeping in touch with the outside world.

Traditional suppliers’ products mainly contain a protocol, which allows communication between the products, remote control, and central control by the resident.

Ideally, all different manufacturers’ products should communicate via the same protocol. In practice, however, this is not the case. New platforms have been introduced that

unify products from different manufacturers, yet there is a lot of work that needs to be

done to establish uniform network access.



19.2.1



Wired legacy systems



A homebus is a physical wire, a special low-voltage cable, that is used to transfer signals within the house via a certain protocol. Generally, two types of homebus systems

can be distinguished: the systems with fixed, built-in intelligence and the systems that

can be programmed via a PC. A special version of homebus systems is the powerline

system that transfers signals, within the house, through the power cables. Among the

power line systems, the X10 is the oldest. Improvements on this protocol resulted in

the so-called A10 system, which has a growing popularity for use in both newly built

and existing houses, because of its low price.

All media differ in their properties and have both advantages and disadvantages.

The right selection is also a question of cost. As a general rule, higher data speeds

lead to higher installation costs. However, the demand for bandwidth or bit rate

strongly depends on the application. In general, for control data transmission, a bit

rate of some kbps is sufficient. This holds for most of the smart home components

(sensors, actuators, control, and visualization units). However, for telecommunication

purposes (mainly video communication), the bit rate exceeds the megabit range.

Apart from X10, there are other standards available for setting up a homebus. Here

we report some dominant technologies:





EIB (European Installation Bus) is an open standard widely used in Europe. EIB is available

for power line, signal cable, and radio. The single cable version is currently the most widely

used in smart homes.



Apps for smart buildings: a case study on building security















467



KNX is a new standard resulting from an amalgamation of three European bus standards,

with EIB being one of them. KNX is expected to replace EIB in the near future. KNX fully

complies to the EN 50090 series, the European Standard for Home and Building Electronic

Systems.

LON (Local Operating Network) is a proprietary standard, used for energy-control, steering

machinery, and access control systems in industry and larger buildings. The standard is

mostly known for power line signaling, but also supports signal cables, coaxial cables, radio,

and fiber optical transmission.

BACnet is a standard developed in the United States for the control of functions in larger

buildings, but has so far not been observed in European smart homes. BACnet is supposed

to easily communicate with the EIB.



Regardless of the technology used, a common denominator of all these technologies

is the fact that each product requires cables. As the number of components installed

increases, so does the need for additional wires. The Ericsson ConsumerLab (2015)

study on consumer trends clearly indicates that families consider too many visible cables

annoying and space consuming. In some cases, consumers hire technicians to set up or

install their entertainment centers, just to ensure that wires are hidden when a TV is

mounted on the wall.



19.2.2 Wireless 802.11 (WiFi)

Wireless technologies are an alternative to laying out long wires across the house. New

component installation is done with increased flexibilitydclearly a desired property for

a smart home product. However, wireless technologies also bring an important drawback. Safety and security cannot reach the levels obtained with wired networks, deterministic response times are not possible, and RF emissions by nearby devices might

cause some user concern. However, it is clear that in many cases the advantages overcome the drawbacks and a wireless network has become the most feasible alternative for

home automation.

Originally wireless smart home networks were based on protocols specifically

designed for this purpose but currently, due to the huge penetration of computer and telecom wireless networks, it seems that this is no longer the case. Many new smart home

products are based on the 802.11 family of protocols, reducing the need for installing

additional equipment and enabling the smart devices to become Internet-connected

with minimum effort.

In 2015 the WiFi Alliance for Smart Home was setup, to leverage WiFi’s 16-year

legacy of interoperability, industry-standard security, and great user experience for

enabling the smart homes of the future. The key point of the alliance is that companies

focus on WiFi for the smart home because it is a mature, standards-based technology

ecosystem, it is deployed globally across a range of devices, and it can accommodate

whole-home ranges.



19.2.3 Wireless 802.15.4 (ZigBee/Z-Wave)

The benefits of setting up a wireless network for smart homes are very clear, however

WiFi does not provide an ideal environment. After years of research on wireless sensor



468



Start-Up Creation



networks and wireless personal area networks, the IEEE 802.15 Wireless Personal Area

Working Group introduced a new networking standard for low-power devices designed

for seamless integration into everyday life. It can be viewed as a low-power WiFi

version and is ideally suited for connecting embedded devices to the Internet with

extremely long battery life requirements.

Today, organizations use IEEE 802.15.4 enabled microcontrollers to effectively

deliver solutions for a variety of areas including consumer electronic device control,

energy management and efficiency, home and commercial building automation, as

well as industrial plant management. Two variations of the 802.15.4 protocol have

been used for developing the majority of smart home products.

ZigBee’s name illustrates the mesh networking concept, since messages from the

transmitter zigzag like bees, looking for the best path to the receiver. While Z-Wave

uses a proprietary technology for operating its system, ZigBee’s platform is based

on the standard set by IEEE for wireless personal networks. This means any company

can build a ZigBee-compatible product without paying licensing fees for the technology behind it, which may eventually give ZigBee an advantage in the marketplace.

Like Z-Wave, ZigBee has fully functional devices (or those that route the message)

and reduced function devices (or those that do not).

Z-Wave uses a source routing algorithm to determine the fastest route for messages.

Each Z-Wave device is embedded with a code, and when the device is plugged into the

system, the network controller recognizes the code, determines its location, and adds it

to the network. When a command comes through, the controller uses the algorithm to

determine how the message should be sent. Because this routing can take up a lot of

memory on a network, Z-Wave has developed a hierarchy between devices: Some controllers initiate messages, and some are slaves, which means they can only carry and

respond to messages.

ZigBee/Z-Wave and 802.15.4-based wireless sensor networks have been studied

extensively in the context of developing smart systems for building security. The

ability to distribute smart-sized devices within the building and easily establish a

communication network is very important for advanced monitoring of building security. The use of ZigBee technology in combination with other networking technologies (eg, GSM/GPRS) can significantly contribute in developing smart building

security systems that achieve fast-rate, low-cost, low-power wireless network communications. In Liu (2014), a typical application that relies on the CC2430 ZigBee

wireless radio component is developed that provides real-time acquisition in the

home environment temperature, humidity, three tables, IR, smoke, the parameters

of the gas, fire, theft alarm, and home appliances. Alarms related to appliances operation, in combination with traditional sensor alarm systems, are forwarded to smartphone applications in order to achieve a flexible, convenient home security

monitoring. In Huanga et al. (2011) the ability to position small-scale devices at

specific locations in the home environment is utilized to develop a system for building electrical safety. The primary focus of this system is power consumption monitoring, remote control of appliances, overload protection, and energy management.

These examples demonstrate the cost-effectiveness of ZigBee-based monitoring

and protection systems.



Apps for smart buildings: a case study on building security



469



Developing systems for smart homes that rely on small-factor embedded devices

that communicate over a 802.15.4 wireless network raises significant security and trust

issues. In many cases, these petit computers may need to exchange crucial information

that needs to remain private. Moreover, as these embedded devices are distributed

throughout the building, in some cases they can be easily acquired by an intruder

that is capable of tampering with their hardware components. Several studies exist,

such as Goodspeed (2009), that demonstrate how to extract keys from ZigBee hardware and thus intrude the wireless network. These studies point that without appropriate hardware, key secrecy should not be the foundation of the ZigBee product’s

security architecture.

Adaptic cryptographic algorithms for improving the cyber security of embedded

wireless systems is a difficult task due to resource limitations. In Baumgartner et al.

(2010) a hardware-agnostic implementation of an elliptic curve cryptosystem is provided. The main advantage is that it uses much smaller keys than conventional,

discrete logarithm-based cryptosystems (an 160-bit key in an elliptic curve cryptosystem provides equivalent security with a 1024-bit key in a conventional cryptosystem).

This fact makes elliptic curves an excellent approach for significantly improving the

levels of cyber security, given the limited resources of the devices. Research results

have shown that public-key cryptography based on elliptic curves is feasible to be

used in sensor networks (Gura et al., 2004; Malan et al., 2004).

Another approach toward reinforcing the cyber security of the wireless network is

to incorporate zero knowledge proofs (ZKPs) as a cryptographic tool for protecting a

user’s privacy. A ZKP involves two entities, a prover and a verifier. It allows the

prover to demonstrate knowledge of a secret while revealing no information whatsoever of use to the verifier in conveying this demonstration of knowledge to others

(Menezes et al., 1996). Up to now, although a wide variety of ZKPs of this category

has been proposed (Smith, 2005) there exists very few actual implementations

regarding resource constrained devices. Among the very few such systems available

is the one presented in Chatzigiannakis et al. (2011), where the application of ZKP

is studied for the security and privacy empowerment of wireless 802.15.4 networks

consisting of low-constrained devices.



19.2.4 Wireless 802.15.6 (BLE)

In 2014, LOCKITRON1 started a crowd-funding campaign to create a WiFi-enabled

smart lock, one that could connect instantly to a WiFi network and also be controlled

remotely over the Internet. After more than a year invested in developing the product,

the company announced it was pulling the plug on the original device and would

soon begin shipments of a next-generation Bluetooth-only smart lock called the Bolt.

The company also created a separate WiFi-to-Bluetooth bridge accompanying the

Bolt, in order to enable remote connectivity via the Internet. The migration to a Bluetooth low-energy (BLE)-only solution was justified by LOCKITRON because

1



https://lockitron.com/.



470



Start-Up Creation



Table 19.1



Matrix networking technology versus device



Networking technology



Motion



Door



Camera



Wired



X



X



X



802.11 (WiFi)

802.15.4 (ZigBee)

802.15.6 (BLE)



X

X



X



Lock



Presence



Smoke

X



X

X



X

X



X



X



fundamentally, they could not get around how power hungry WiFi is, in nonideal circumstances and the substandard customer experience this creates. By switching to

BLE and providing a bridge, they eliminated the hard problem of WiFi power management and gave users instantaneous remote control over the Internet.

This story clearly depicts the motivation behind BLE. As the name implies, this

new version of Bluetooth provides considerably increased power-efficiency allowing

devices to run off a tiny battery for long periods. Although the standard was introduced

in 2010, within only a few years, there are numerous wireless devices offering a painless path to control lights, temperature, household appliances, window and door locks,

security systems, and more. This new version of Bluetooth provides a completely new

approach in terms of cyber-securing the network. The previous version of Bluetooth

was known to contain a number of security vulnerabilities that could lead to exposure

of encryption keys (Hager and MidKiff, 2003).

Another benefit of Bluetooth networking is the fact that it is supported by the vast

majority of the mobile phones that are in use today. It is therefore easy to use the resident’s smartphone to provide a simple interface with the smart devices installed in the

premises. Moreover, Bluetooth allows for greater localization accuracy compared to

WiFi, due to its more limited range. It is also easier and safer to set up and operate,

due to the inherent features in Bluetooth’s design (Antoniou et al., 2012) (Table 19.1).



19.3



The vulnerability of wireless networks: a case of

cyber-security threat



Each time a new smart home product enters the market, consumers are concerned

about the cyber-security levels of the wirelessly connected device like smart cameras

and thermostatsddevices that are always connected awaiting a remote control. Such

connected devices may become an easy target for hackers because they may lack basic

security measures. Indeed, as companies (small and established ones) rush to incorporate Internet of Things technologies to produce appealing products, security may not

be prioritized as highly as it should.

A particular case that raises a number of issues is the case of LIFX, a smart light

bulb created in September 2012, through crowd funding. LIFX is considered a characteristic success story for the smart home industry. A so-called hardware premium,

it offers remotely programmable LED light bulbs that can be controlled through a



Apps for smart buildings: a case study on building security



471



smartphone application. These bulbs are sold at a premium, and are priced around 10

times higher than a compact fluorescent bulb (Wired, 2012). From a consumer

perspective, a key driver for buying the product is the novelty in remote-controlling

the devices, the ability to combine their operation, and the wide range of colors and

brightness provided.

Looking into the technical details of the networking aspects of this specific product

operation, there is the use of two wireless technologies in order to optimize both the

communication between the bulbs as well as the ease of usage. In more detail, one

of the bulbs assumes the role of the controller and connects to the home WiFi network,

thus providing a very simple way to communicate with smartphones as well with the

Internet so that the bulbs can be operated remotely. In parallel, all the bulbs set up an

802.15.4 6LoWPAN mesh network in order to exchange configuration and control

commands. The 802.15.4 wireless technology is designed to keep power consumption

at low levels and also operate at adequate levels in environments with high interference

(eg, when video is transmitted over the WiFi network, or a microwave oven operates in

close proximity).

In June 2014, Context released a detailed report where it demonstrated how researchers, after studying the encryption algorithms, keys and initialization vectors,

as well as the mesh network protocol, managed to inject packets into the 802.15.4

mesh network. These packets allowed them to capture the WiFi authentication details

and decrypt the credentials. The retrieval of the information did not require any prior

authentication and did not cause any alert or trace of a cyber attack.

Context reported that hacking into the light bulb was certainly not trivial but would

be within the capabilities of experienced cyber criminals. In the case of LIFX these

vulnerabilities were overcome relatively quickly and easily. Very shortly after the

release of the report, LIFX issued a firmware update that solved the problem. In

fact, prior to Context’s report, this vulnerability was totally unexplored (and possibly

unknown), most likely due to the complexity of the equipment and reverse engineering

required. It should also be noted that since this attack was on the 802.15.4 6LoWPAN

wireless mesh network, the attacker had to be within wireless range (ie, within at least

30 m) of a vulnerable LIFX bulb to perform this attack, severely limiting the practicality for exploitation on a large scale.

The hack of devices like the LIFX bulbs is just a sample of the possible security

issues related to IoT components. In some cases the vulnerabilities are fundamental

to the design of the products. Therefore, it is critical to consider their security at the

earliest stages of the design phase and incorporate it throughout the development of

the product.



19.4



Reinforcing the security of wireless

communications: the case of smart locks



Door locks are probably the first group of hardware devices that have attracted serious

developers and have become a smart product. Located at a natural entry point, they are



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Apps for smart buildings: a case study on building security

Tải bản đầy đủ ngay(0 tr)

×