Octavian Fratu Nicolae Militaru Simona Halunga (Eds.)

  241 Future Access Enablers for Ubiquitous and Intelligent Infrastructures Third International Conference, FABULOUS 2017 Bucharest, Romania, October 12–14, 2017 Proceedings Lecture Notes of the Institute for Computer Sciences, Social Informatics

and Telecommunications Engineering 241

Editorial Board

  Ozgur Akan Middle East Technical University, Ankara, Turkey

  Paolo Bellavista University of Bologna, Bologna, Italy

  Jiannong Cao Hong Kong Polytechnic University, Hong Kong, Hong Kong

  Geoffrey Coulson Lancaster University, Lancaster, UK

  Falko Dressler University of Erlangen, Erlangen, Germany

  Domenico Ferrari Università Cattolica Piacenza, Piacenza, Italy

  Mario Gerla UCLA, Los Angeles, USA

  Hisashi Kobayashi Princeton University, Princeton, USA

  Sergio Palazzo University of Catania, Catania, Italy

  Sartaj Sahni University of Florida, Florida, USA

  Xuemin Sherman Shen University of Waterloo, Waterloo, Canada

  Mircea Stan University of Virginia, Charlottesville, USA

  Jia Xiaohua City University of Hong Kong, Kowloon, Hong Kong

  Albert Y. Zomaya University of Sydney, Sydney, Australia More information about this series at http://www.springer.com/series/8197

• ^• Octavian Fratu Nicolae Militaru Simona Halunga (Eds.)

  Future Access Enablers for Ubiquitous and Intelligent Infrastructures

Third International Conference, FABULOUS 2017 Bucharest, Romania, October 12–14, 2017 Proceedings Editors Octavian Fratu Simona Halunga Politehnica University of Bucharest University Polytechnica of Bucharest Bucharest Bucharest Romania Romania Nicolae Militaru University Polytechnica of Bucharest Bucharest Romania

ISSN 1867-8211

  ISSN 1867-822X (electronic) Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

ISBN 978-3-319-92212-6

  ISBN 978-3-319-92213-3 (eBook) https://doi.org/10.1007/978-3-319-92213-3 Library of Congress Control Number: 2018944406 ©

  

ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the

material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,

broadcasting, reproduction on microfilms or in any other physical way, and transmission or information

storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now

known or hereafter developed.

The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication

does not imply, even in the absence of a specific statement, that such names are exempt from the relevant

protective laws and regulations and therefore free for general use.

The publisher, the authors, and the editors are safe to assume that the advice and information in this book are

believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors

give a warranty, express or implied, with respect to the material contained herein or for any errors or

omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in

published maps and institutional affiliations. Printed on acid-free paper This Springer imprint is published by the registered company Springer International Publishing AG

  

Preface

  After the prestigious EAI scientific events in Ohrid, Republic of Macedonia, and in Belgrade, Republic of Serbia, the Third EAI International Conference on Future Access Enablers of Ubiquitous and Intelligent Infrastructures (Fabulous 2017) was held in Bucharest, Romania, hosted by the Politehnica University of Bucharest. The confer- ence succeeded in providing an excellent international platform for prominent researchers from academia and industry, innovators and entrepreneurs, to share their knowledge and their latest results in the broad areas of future wireless networks, ambient and assisted living, and smart infrastructures.

  The main topics of Fabulous 2017 included future access networks, the Internet of Things and smart city/smart environment applications, communications and computing infrastructures, security aspects in communications and data processing, and signal processing and multimedia. Three special sessions – “Computational Modeling and Invited Papers,” “Multimedia Security and Forensics,” and “Optoelectronic Devices and Applications Thereof in the Communications Domain” – completed the technical program. With two invited papers, six keynote speeches, and 39 regular papers, Fab- ulous 2017 hosted high-quality technical presentations from young researchers and, also, from well-known specialists from academia and industry who have shaped the field of wireless communications.

  The two invited papers were presented by two young female researchers, Elena Diana Șandru and Ana Neacșu, PhD and MSc students, respectively, from the Poli- tehnica University of Bucharest.

  The six keynote speeches were presented by Prof. Ramjee Prasad (Aalborg University, Denmark), Prof. Nenad Filipovic (University of Kragujevac, Serbia), Dr. Marius Iordache (Orange, Romania), Prof. Hana Bogucka (Poznan University of Technology, Poland), Dr. Onoriu Brădeanu (Vodafone, Romania), and Thomas Wrede (SES, Luxembourg).

  Fabulous 2017 was co-sponsored by Orange Romania and SES Luxembourg. The latter company also sponsored the participation of young researchers in the conference, based on the reviewers’ evaluation. The “Innovative Cybersecurity Public Private Partnership” round table, chaired by Prof. Iulian Martin from the National Defense University Carol I and sponsored by Safetech Innovation SRL and Beia Consult International SRL, were received by participants with great interest. The Best Paper Award of the conference was granted to the paper “Prediction of Coronary Plaque Progression Using a Data-Driven the Approach” having as first author Bojana And- jelkovic Cirkovic, a young researcher from University of Kragujevac, Serbia.

  We would like to show our appreciation for the effort, constant support, and guidance of the Fabulous 2017 conference manager, Katarina Antalova (EAI) and of the Steering Committee members, Imrich Chlamtac, Liljana Gavrilovska, and Alberto Leon-Garcia. Our thanks also go to the Organizing Committee, and especially VI Preface

  materialized in a high-quality technical program. We are also grateful to the local Organizing Committee co-chairs, Dr. Carmen Voicu and Dr. Ioana Manuela Marcu, for theirs sustained effort in organizing and supporting the conference.

  Last but not least, the success of the Fabulous 2017 EAI conference is also due to the high quality of the participants, researchers from academia and industry, whose contributions – included in this volume – have proven to be very valuable. It is our opinion that Fabulous 2017 provided opportunities for the delegates to exchanges their ideas, to find mutual scientific interests, and thus, to foster future research relations. May 2015

  Octavian Fratu Nicolae Militaru

  

Organization

Steering Committee

  Imrich Chlamtac EAI/Create-Net and University of Trento, Italy Liljana Gavrilovska Ss. Cyril and Methodius University in Skopje, Macedonia Alberto Leon-Garcia University of Toronto, Canada

  Organizing Committee

  General Chairs Octavian Fratu Politehnica University of Bucharest, Romania Liljana Gavrilovska Ss. Cyril and Methodius University, Skopje, Macedonia Technical Program Committee Chair Simona Halunga Politehnica University of Bucharest, Romania Web Chair Alexandru Vulpe Politehnica University of Bucharest, Romania Publicity and Social Media Chairs Albena Mihovska Aalborg University, Denmark Cristian Negrescu Politehnica University of Bucharest, Romania Workshop Chairs Corneliu Burileanu Politehnica University of Bucharest, Romania Pavlos Lazaridis

  University of Huddersfield, UK Sponsorship and Exhibits Chair Eduard Cristian Popovici Politehnica University of Bucharest, Romania Publications Chair Nicolae Militaru Politehnica University of Bucharest, Romania Posters and PhD Track Chairs Răzvan Tamaș Constanta Maritime University, Romania Alexandru Martian Politehnica University of Bucharest, Romania Local Chairs Carmen Voicu Politehnica University of Bucharest, Romania Ioana Manuela Marcu Politehnica University of Bucharest, Romania Secretariat Madalina Berceanu Politehnica University of Bucharest, Romania Ana-Maria Claudia

  Dragulinescu Politehnica University of Bucharest, Romania

  Conference Manager Katarina Antalova European Alliance for Innovation

  Technical Program Committee

  Anđelković-Ćirković Bojana

  University of Kragujevac, Serbia Atanasovski Vladimir Ss. Cyril and Methodius University in Skopje, Macedonia Bota Vasile Technical University of Cluj, Romania Boucouvalas Anthony University of the Peloponnese, Greece Brădeanu Onoriu Vodafone, Romania Burileanu Dragos University Politehnica of Bucharest, Romania Chiper Doru Florin Gheorghe Asachi Technical University of Iaşi, Romania Croitoru Victor University Politehnica of Bucharest, Romania Enaki Nicolae Academy of Sciences of Moldova Feieș Valentin University Politehnica of Bucharest, Romania Filipović Nenad University of Kragujevac, Serbia Halunga Simona University Politehnica of Bucharest, Romania Marghescu Ion University Politehnica of Bucharest, Romania Ionescu Bogdan University Politehnica of Bucharest, Romania Isailović Velibor University of Kragujevac, Serbia Khwandah Sinan Brunel University London, UK Latkoski Pero Ss. Cyril and Methodius University in Skopje, Macedonia Lazaridis Pavlos

  University of Huddersfield Manea Adrian University Politehnica of Bucharest, Romania Marcu Ioana University Politehnica of Bucharest, Romania Mihovska Albena Aarhus University, Denmark Militaru Nicolae University Politehnica of Bucharest, Romania Nikolić Dalibor University of Kragujevac, Serbia Paleologu Constantin University Politehnica of Bucharest, Romania Pejanović-Đurišić Milica University of Montenegro Petrescu Teodor University Politehnica of Bucharest, Romania Popovici Eduard Cristian University Politehnica of Bucharest, Romania Poulkov Vladimir

  Technical University of Sofia, Bulgaria

  VIII Organization

  Șchiopu Paul University Politehnica of Bucharest, Romania Suciu George Beia Consult International, Romania Tamaș Razvan Constanța Maritime University, Romania Udrea Mihnea University Politehnica of Bucharest, Romania Vlădescu Marian University Politehnica of Bucharest, Romania Voicu Carmen University Politehnica of Bucharest, Romania Vulović Aleksandra University of Kragujevac, Serbia Vulpe Alexandru University Politehnica of Bucharest, Romania Zaharis Zaharias Aristotle University of Thessaloniki, Greece Zenkova Claudia Chernivtsi National University, Ukraine

  Organization

  IX

  

Contents

  . . .

   Ș tefan-Ciprian Arseni, Alexandru Vulpe, Simona Halunga, and Octavian Fratu

  . . .

   Mircea Popescu, Răzvan Bărtuşică, Alexandru Boitan, Ioana Marcu, and Simona Halunga . . .

   Alexandru Vulpe, George Suciu, Simona Halunga, and Octavian Fratu . . .

  . . .

   Razvan-Florentin Trifan, Andrei-Alexandru Enescu, and Constantin Paleologu . . .

   Alexandru Boitan, Razvan Bărtușică, Simona Halunga, Mircea Popescu, and Iulian Ionuță

  . . .

   Răzvan Bărtușică, Alexandru Boitan, Simona Halunga, Mircea Popescu, and Valerică Bindar . . .

  . . .

   George Suciu, Alexandru Ganaside, Laurentiu Bezdedeanu, Robert Coanca, Stefania Secu, Carmen Nădrag, and Alexandru Marțian

  . . .

   Elena-Mădălina Oproiu, Catalin Costea, Marius Nicuşor Nedelcu, Marius Iordache, and Ion Marghescu . . .

   Bogdan-Mihai Gavriloaia, Marian Novac, and Dragos-Nicolae Vizireanu . . .

  . . .

   Alin Florian Stoicescu, Razvan Craciunescu, and Octavian Fratu . . .

  . . .

   Carmen Voicu, Mădălina Berceanu, and Simona V. Halunga

  Dan Tudor Vuza, Reinhold Frosch, Helmut Koeberl, Idlir Rusi Shkupi, and Marian Vlădescu

  Alexandru Stancu, Alexandru Vulpe, Simona Halunga, and Octavian Fratu

  Mihai Gavrilescu and Nicolae Vizireanu

  Mihai Gavrilescu and Nicolae Vizireanu

  Eugeniu Semenciuc, Andra Pastrav, Tudor Palade, and Emanuel Puschita

  Alexandru Vulpe, Marius Vochin, Laurentiu Boicescu,

  XII Contents

  Contents

  XIII

  

  Roxana Mihăescu, Cristian Stanciu, and Constantin Paleologu

  Ana-Maria Claudia Drăgulinescu, Andrei Drăgulinescu, Ioana Marcu, Simona Halunga, and Octavian Fratu

  

  Vlad Andrei Cârstea, Robert Alexandru Dobre, Claudia Cristina Oprea, and Radu Ovidiu Preda

  Claudia C. Oprea, Radu O. Preda, Ionut Pirnog, and Robert Al. Dobre

  Robert Alexandru Dobre, Constantin Paleologu, Cristian Negrescu, and Dumitru Stanomir

  Octaviana Datcu, Radu Hobincu, Mihai Stanciu, and Radu Alexandru Badea

  Adrian Sima, Paul Schiopu, Marian Vladescu, Bogdan-Mihai Gavriloaia, Florin Garoi, and Victor Damian

   Dan Tudor Vuza and Marian Vlădescu

  

  Viorel Manea, Sorin Puşcoci, and Dan Alexandru Stoichescu XIV Contents

  

  Alina Elena Marcu, Robert Alexandru Dobre, and Marian Vlădescu

  Elena Truţă, Ana Maria Daviţoiu, Ana Mihaela Mitu, Alexandra Andrada Bojescu, Paul Şchiopu, Marian Vlădescu, Genica Caragea, Luminiţa Horhotă, Maria Gabriela Neicu, and Mihai Ionică

  

  Bojana Andjelkovic Cirkovic, Velibor Isailovic, Dalibor Nikolic, Igor Saveljic, Oberdan Parodi, and Nenad Filipovic

  

  Marko N. Živanović, Danijela M. Cvetković, and Nenad D. Filipović

  Arso Vukicevic, Alen Zabotti, Salvatore de Vita, and Nenad Filipovic

  Ana Neacșu, Corneliu Burileanu, and Horia Cucu

  Elena-Diana Șandru, Andi Buzo, Horia Cucu, and Corneliu Burileanu

  Fabulous Main Track

1 Introduction

  have become today’s trending technologies, being in a continuous process of development [

  new thresholds that need to be passed before any data is captured, processed and/or

  surrounding us sets

  embedment of sensors or smart devices in the environment [

   ], the

  security aspects [

  introduces also some vulnerabilities regarding mainly the

  nowadays’ economy [

  

  tion [

  and integra-

  

  

A Hybrid Testbed for Secure

Internet-of-Things

   ,

  Ever since the industrial revolution, humanity has been searching for methods of creating better technologies that can improve the way humans not only interact with the environment, but also how they make use of the resources provided. Recent years have brought a new technological revolution, in terms of miniaturization of devices and their embedment in all layers of society. Earlier proposed concepts, such as Internet of Things [

  Keywords: Internet-of-Things Security Hybrid testbed Software middleware Hardware architectures

  

Abstract. The need for insertion of technology in everyday tasks has brought

an increase in new methodologies and concepts used to accomplish such

objectives. By trying to make technology an enabler for an increasing number of

personal or work-related activities, we allow devices to collect data about our

way of being, that, if not properly protected and used, can prove a vulnerability

for our personal security. This is why new means of securing information, even

by the tiniest or low-resource devices, need to be implemented and, in many

cases, they take the form of cryptographic algorithms, classic or lightweight.

Assessing these algorithms can sometimes become difficult, depending on the

targeted system or on the environment where the device will be deployed. To

address this issue and help developers, in this paper we present a hybrid testbed,

comprised of three hardware architectures, that will ensure a general environ-

ment in which users can test their security solutions, in order to have an idea of

what changes need to be made to provide optimal performances.

  

Telecommunications Department, University Politehnica of Bucharest, 1-3 Iuliu

Maniu Blvd., 061071 Bucharest, Romania

{stefan.arseni,alex.vulpe}@radio.pub.ro, {shalunga,

ofratu}@elcom.pub.ro

  , Simona Halunga, and Octavian Fratu

  (&)

  , Alexandru Vulpe

  (&)

  Ștefan-Ciprian Arseni

• ]. Yet, this fast pace that is characteristic to any recent offer-demand pair in

  4 Ș.-C. Arseni et al.

  Addressing the need of security in transmitting information has been generally made by using cryptographic algorithms to encrypt the data that needs to be sent. These cryptographic algorithms have different key features that make them reliable under certain conditions or in specific environments. The miniaturization of devices brought a problem for security, given that classic cryptographic algorithms require a certain amount of resources to function with an acceptable performance. The constraint resources of a sensor or embedded device lead to the introduction of a new branch of cryptographic algorithms, namely lightweight cryptographic algorithms that give a reasonable degree of security, without requiring too many resources [

  

• Being a relatively new study domain, when compared to classic cryptography, lightweight cryptographic algorithms can, sometimes, prove to be difficult to imple- ment or create, thus requiring a strict phase of testing in which any minor vulnerability or performance drop can be resolved. The hybrid testbed presented in this article was

  and it addresses the problem of testing the implementations of

  first introduced in [ lightweight cryptography, by giving developers a unified platform to conduct their tests on. This testbed is comprised of three different types of hardware architectures, so that the behavior of the implementation on specific environments can be observed. The access to these hardware architectures is done through a middleware that acts as a unique point-of-entrance, enabling developers to write their implementation once and test it simultaneously or consecutively, on each one of the three base architectures. This paper continues the testbed presentation initiated in the previously mentioned paper, by adding information regarding the middleware layer of the testbed, on how it makes use of the hardware architectures and how it enables users to interact with the testbed.

  The present paper is organized as follows. Section

   , some conclusions are drawn.

2 Overview of the Testbed

  

  the hardware implementations of cryptographic algorithms as compared to the software counterparts. By integrating in our testbed an SDSoC (Software Defined

  System-On-a-Chip) that contains also a number of logical gates that can be pro- grammed, we enable users to test their implementation in this type of environment also. The other two hardware architectures of the testbed allow only a software imple- mentation of an algorithm.

  In order for users to interact with these hardware architectures, they need to interact with the middleware layer of the testbed. This layer is composed of two sub- layers: one consisting of the drivers or APIs (Application Programming Interface), required to communicate with the hardware layer, and one consisting of the integrator APIs which developers will use and integrate in their implementations.

  The main architecture of the testbed, with an emphasis on the hardware layer, was emphasizing on the connection of it with the hardware layer and the means that users can access its functions.

  As described in

  

  ], the main challenge is to create a unified access point for all three hardware systems, while maintaining control over the operating characteristics that represent criteria when assessing an algorithm. In order to achieve this point of inte- gration the platforms were customized to support a self-contained operating environ- ment, either under the form of an operating system or a scheduler-service, as will be described in the remaining part of the section.

  Each one of the hardware architectures presents its own methods of interaction that are made available to a user or developer. Figure

   presents an overview of forming

  and receiving, by the corresponding architecture, the API and driver calls, shown in Fig.

  The UI (User Interface) is the component that sends calls to the middleware and

  customizes the task sent to each one of the hardware elements, as follows:

  

Fig. 1. Main architecture of testbed

A Hybrid Testbed for Secure Internet-of-Things

  5

3 Middleware Layer of the Testbed

• For the standard x64 processor that can run also x86 applications, a simple task dispatcher is implemented as a service that waits for the user to send a task to be executed. The task represents an algorithm implementation that is done by the user and sent through the testbed UI. After the completion of the task, collected metrics are parsed and sent to the UI to give the user a performance view of its imple- mentation or algorithm.
• The SDSoC architecture is comprised of two hardware elements that can be used either separately or as a whole. In our proposed testbed, these elements are used as one, by establishing the required communication bridge between them. The FPGA (Field Programmable Gate Array) element contains some defined cryptographic functions, such as permutation, standard AES (Advanced Encryption Standard) S- Boxes or substitutions, which can increase the performance of an algorithm. The implementation in FPGA was taken into consideration given a few performance

  6 Ș.-C. Arseni et al.

  

Fig. 2. Hardware layer customization

The second element, the processor, is the

  tests that were briefly presented in [ point in which the dispatcher service resides and the task is mainly being executed. After the successful completion of the task, results are parsed and transmitted to the UI.

• The third hardware element takes advantage of the possibility of dynamically writing an application into the Flash memory that can be executed afterwards. Implemented as a bootloader, the scheduling-service waits for a task to be deployed through the UI. After receiving a task, the service writes it into the Flash at a separate address and launches it into execution. In this case, the service will return in the waiting state, but will not have the functionality of parsing and sending the results. This functionality will reside in the task itself and will be attached to the user code at deployment.

  After terminating all the deployed tasks, the UI will act also as a collector of data from the underlying dispatcher-services, by formatting and grouping the data and presenting it to the user as performance metrics.

4 Conclusions

  

6. LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436–444 (2015).

  7

  A Hybrid Testbed for Secure Internet-of-Things

  In: Proceedings of the 2015 International Workshop on Internet of Things Towards Applications, 01 November 2015, Seoul, South Korea (2015).

  

9. Lane, N.D., Bhattacharya, S., Georgiev, P., Forlivesi, C., Kawsar, F.: An early resource

characterization of deep learning on wearables, Smartphones and Internet-of-Things devices.

  

8. Botta, A., Donato, W., Persico, V., Pescapé, A.: Integration of cloud computing and Internet

of Things: a survey. Future Gener. Comput. Syst. 56, 684–700 (2016)

  

7. Miorandia, D., Sicarib, S., De Pellegrinia, F., Chlamtaca, I.: Internet of Things: vision,

applications and research challenges. Ad Hoc Netw. 10(7), 1497–1516 (2012)

  The paper introduces a part of the elements that the proposed hybrid testbed contains, with a focus on the software layer and on method of interaction between users and it. Given that this testbed will enable simultaneous testing on three different hardware architectures, it can prove to be an important factor in the process of large-scale integration of the IoT concept. An initial validation of the proposed testbed has been made with high-level tests, through which observations were made on how the testbed can be completely integrated and how multiple functionalities can be developed for users.

  

Acknowledgments. This work was supported by University “Politehnica” of Bucharest,

through the “Excellence Research Grants” Program, UPB – GEX, Identifier: UPB–EXCE-

LENTA–2016, project “Platform for Studying Security in IoT”, contract number 96/2016

(PaSS-IoT) and by a grant of the Ministry of Innovation and Research, UEFISCDI, project

number 5 Sol/2017 within PNCDI III and partially funded by UEFISCDI Romania under grant

no. 60BG/2016 “Intelligent communications system based on integrated infrastructure, with

dynamic display and alerting - SICIAD”.

  Future Gener. Comput. Syst. 25(6), 599–616 (2009)

  

4. Buyyaa, R., Yeoa, C.S., Venugopala, S., Broberga, J., Brandic, I.: Cloud computing and

emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility.

  

3. Qian, L., Luo, Z., Du, Y., Guo, L.: Cloud computing: an overview, cloud computing. In:

Proceedings of The First International Conference CloudCom 2009, Beijing, China, 1–4 December 2009, pp. 626–631 (2009)

  

2. Gubbia, J., Buyyab, R., Marusica, S., Palaniswamihuang, M.: Internet of Things (IoT): a

vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)

  Eng. 57(3), 221–224 (2015)

  References

1. Wortmann, F., Flüchter, K.: Internet of Things - technology and value added. Bus. Inf. Syst.

  

5. Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117

(2015)

  8 Ș.-C. Arseni et al.

  

10. Ma, X., Yu, H., Wang, Y., Wang, Y.: Large-scale transportation network congestion

evolution prediction using deep learning theory. PLoS ONE 10(3), e0119044 (2015).

  

11. Porter, M.E., Heppelmann, J.E.: How smart, connected products are transforming

competition. Harvard Bus. Rev. 92(11), 64–88 (2014)

  

12. Weber, R.H.: Internet of Things – new security and privacy challenges. Comput. Law Secur.

  Rev. 26(1), 23–30 (2010)

  

13. Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud

computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)

  

14. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput.

  Syst. 28(3), 583–592 (2012)

  

15. Sicaria, S., Rizzardia, A., Griecob, L.A., Coen-Porisini, A.: Security, privacy and trust in

Internet of Things: the road ahead. Comput. Netw. 76, 146–164 (2015)

  

16. Yana, Z., Zhangc, P., Vasilakos, A.V.: A survey on trust management for Internet of Things.

  J. Netw. Comput. Appl. 42, 120–134 (2014)

  

17. Romana, R., Zhoua, J., Lopezb, J.: On the features and challenges of security and privacy in

distributed Internet of Things. Comput. Netw. 57(10), 2266–2279 (2013)

  

18. Poschmann, A.Y.: Lightweight cryptography: cryptographic engineering for a pervasive

world. Ph.D. thesis (2009)

  

19. Masanobu, K., Moriai, S.: Lightweight cryptography for the Internet of Things. Sony

Corporation (2008).

  

20. Manifavas, C., Hatzivasilis, G., Fysarakis, K., Rantos, K.: Lightweight cryptography for

embedded systems – a comparative analysis. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, William M. (eds.) DPM/SETOP -2013. LNCS, vol. 8247, pp. 333–349. Springer, Heidelberg (2014).

  

21. Arseni, S., Mițoi, M., Vulpe, A.: PASS-IoT: a platform for studying security, privacy and

trust in IoT. In: 11th International Conference on Communications (COMM 2016), Bucharest, Romania, 9–11 June 2016 (2016). ISBN: 978-1-4673-8196-3

  

22. Eisenbarth, T., Sandeep, K.: A survey of lightweight-cryptography implementations. IEEE

Des. Test Comput. 24(6), 222–533 (2007)

  

23. Panasayya, Y., Kaps, J.-P.: Lightweight cryptography for FPGAs. In: 2009 Proceedings of

International Conference on Reconfigurable Computing and FPGAs, ReConFig 2009, pp. 225–230. IEEE (2009)

  

24. Cédric, H., Kamel, D., Regazzoni, F., Legat, J.-D., Flandre, D., Bol, D., Standaert, F.-X.:

Harvesting the potential of nano-CMOS for lightweight cryptography: an ultra-low- voltage

65 nm AES coprocessor for passive RFID tags. J. Cryptograph. Eng. 1(1), 79–86 (2011)

  

25. Aydin, A., Gulcan, E., Schaumont, P.: SIMON says: break area records of block ciphers on

FPGAs. IEEE Embed. Syst. Lett. 6(2), 37–40 (2014)

  

26. Vivek, V., Shila, D.M.: High throughput implementations of cryptography algorithms on

GPU and FPGA. In: 2013 IEEE International Instrumentation and Measurement Technology Conference (I2MTC), pp. 723–727. IEEE (2013)

  

27. Vulpe, A., Arseni, Ş.-C., Marcu, I., Voicu, C., Fratu, O.: Building a unified middleware

architecture for security in IoT. In: Rocha, Á., Correia, A.M., Adeli, H., Reis, L.P., Costanzo, S. (eds.) WorldCIST 2017. AISC, vol. 570, pp. 105–114. Springer, Cham (2017).

  

Considerations on Estimating the Minimal

Level of Attenuation in TEMPEST Filtering

for IT Equipments

  1(&)

  1

  1 Mircea Popescu , Răzvan Bărtuşică , Alexandru Boitan ,

  2

  2 ₁ Ioana Marcu , and Simona Halunga

The Special Telecommunications Service, Bucharest, Romania

₂

mpopescu@sts.ro

University Politehnica of Bucharest, Bucharest, Romania

imarcu@radio.pub.ro

Abstract. The main purpose of this research is to improve the security of

critical computer systems with minimal costs. One of the main problems in such

cases is the secondary emissions generated by electronic equipment that,

sometimes, might contain confidential information stored inside a secured

computer network. The implementation of a set of measures necessary to pre-

vent information leakage through compromising emissions is generally expen-

sive. This paper analyzes some minimal requirements that have to be fulfilled by

the filtering devices in order to protect the existing commercial IT equipment

against compromising emissions.

  Keywords: Compromising emissions TEMPEST Electrical filter

1 Introduction

  Protection against electromagnetic disturbances is becoming an increasingly important issue for all researchers that have to deal with critical information, such as banks, commerce and security, given that our daily activity becomes more dependent on computers and telecommunications. As they become more and more sophisticated, they tend to become less resistant to electromagnetic interferences.

  Both filtering and shielding are designed to reduce the electromagnetic radiation, so these two operations can be seen as a synergy, each complementing the other. Thus it is important to understand that inappropriate filtering can easily increase the risk of radiated coupling and inappropriate shielding can lead to conductive coupling.

  A proper design of the filters may prevent interferences from electrical wires inside or outside the protected area through metallic interfaces, reducing the conductive coupling, as well as the radial coupling to and from the cables. In TEMPEST protection

  

  ] filters are used to prevent these interferences generated in computer equipment to propagate outward as compromising emissions transmitted through the power supply network.

  A large number of research and studies in the area of compromising emissions in

10 M. Popescu et al.

  the importance of the domain. In

   ] the authors concentrated on evaluating and

• reducing the compromising radiations of LCD/TV sets, while in [

  a number of

  TEMPEST security testing models and countermeasures are illustrated. In

   ] the

  authors presented the results obtained in reconstruction of laser printer information based on the leakages in the media of electromagnetic radiation, power and signal lines. A model and testing procedures for critical systems to severe electro-magnetic threats are given in [

  while in [

  

  the authors show a number of results related to efficiency of shielding for communication equipment under TEMPEST evaluation. In this paper we estimate a minimum level of attenuation of an electrical filter installed on the supply line of commercial computer equipment, so that at the exit of the controllable zone the compromising signals generated by the equipment cannot be detected and intercepted by a hostile receiver. Based on the developed testbed the estimated value is then verified under worst case scenario.

  The paper is organized as follows: Sect.

   sets the theoretical basis for estimating

  the minimum attenuation value of an electric filter for TEMPEST protection of com- mercial computer; Sect.

   .

  2 Estimation of the Minimum Attenuation Level for an Electrical Filter in TEMPEST Protection

  To establish the minimum level of attenuation of the filter installed on the power line to ensure TEMPEST protection of an IT system, we assume the following: the target computer equipment is commercial type (COTS) and meets the electromagnetic dis-

   ]; the signal-to-

  turbance requirements specified in European Standard EN 55022 noise ratio (SNR) received on the power line in the controllable space is limited to 1 (or 0 dB) to reduce the probability of detecting compromising emissions generated by computer equipment; the attacker has the ability to connect sensitive receivers directly to the building’s power supply, communication cables or other metal structures near the target device as well as to receive and process compromising signals with low levels comparable to electrical noise; the electrical noise received by the interceptor on the power line is specific to the residential environment; the interceptor searches for broadband pulses in a quiet zone of the spectrum, with as little external interference as possible; it uses “notch” filters to suppress strong emissions from narrowband radio stations as well as strong signal processing techniques to extract the information carrier from the unwanted background noise.

  The minimum filter attenuation level installed on the power line to reduce the probability of detecting and intercepting compromising emissions by a hostile receiver at the limit of controllable space can be determined by

   ]

  U

  B G p

  A :

  F ð1Þ

  U n ; B c r A f SNR

  Considerations on Estimating the Minimal Level

  11

  where UB is the maximum voltage of the conducted disturbances allowed by EN 55022

  

] received with equipment with the IF bandwidth B; Gp is the processing gain

  obtained by specific techniques (e.g. periodic mediation, correlations) for recovering the information from the compromising signal; Un,B is the root mean square of the background noise noticed by the IF receiver with the bandwidth B; AF is the attenu- ation of the electrical filter installed on the power line between the target equipment and the hostile receiver; Ac is the attenuation of the signal through the conductor network between the target equipment and the hostile receiver; fr is the noise figure of the interceptor receiver.

  Rewriting (

  on a logarithmic scale

F B p n ; B c r ;

  ½A Š ¼ ½U Š þ ½G Š ½U Š ½A Š ½f Š ½SNRŠ ð2Þ where [x] = 20lg (x) is the value of parameter x expressed in dB. The noise and cable attenuation values in the above equations are random variables, which, in the absence of standardized data, might be modeled as a normal distribution with mean and variance evaluated statistically based on a large number of measure- ments in different environments. For other parameters, reasonable estimates must be made, based on the values used in most practical applications, such that the [SNR] should be below an acceptable level with a sufficient detection probability.

  Different types of target signals are received on different frequency ranges and allow different processing gains. Thus all parameters must be estimated separately for the different types of signal of interest. In this paper we assume that the signals have the data rate equal to 5 MHz (e.g. the signal generated by the video card).

  The EN 55022 EMC standard imposes that the maximum allowed voltage distur- bances measured across a 50 X impedance in parallel with 50 lH should not exceed 46 dBlV in the frequency range 0.5

  5 MHz, respectively 50 dBlV in the frequency range 5

  30 MHz measured with a average detector having a resolution bandwidth of 9 kHz

   ]. The compromising emissions of modern digital signals contains wideband

  impulses so the receiver passband has to be extended from 9 kHz (specified in EN 55022 standard) to 2 or 5 MHz. Hence, the received signal strength increases by 20lg (2 MHz/9 kHz) = 47 dB for signal with the bandwidth of 2 MHz, and 20lg (5 MHz/9 kHz) = 55 dB for signal with the bandwidth 5 MHz.

  To determine the value of the electrical filter attenuation, [AF], the worst case scenario has been taken into consideration corresponding to the case in which the electronic equipment generates secondary emissions on the power line to the maximum allowed level. Applying this correction (i.e. for 5 MHz resolution bandwidth) we obtain the limits for the conducted emissions: [UB] = (46 + 55) = 101 dBµV, for RBW@5 MHz, in the frequency range 0.5

  5 MHz and [UB ] = (50 + 55) = 105 dBµV for RBW@5 MHz in the frequency range 5

  30 MHz. The eavesdropping receiver used for tests is a Rohde& Schwarz FSET 7 with IF

  Using time domain

  bandwidths of 2 or 5 MHz and noise figure [fr] = 7 dB [ averaging to increase the signal-to-noise ratio of a periodic signal

   ] with N repetitions

  of a properly in phase aligned signal the processing gain can be calculated by

12 M. Popescu et al.

  p ffiffiffiffi G N or :

  p p

  ¼ ½G Š ¼ 10 lgN ðdBÞ ð3Þ Assuming that the attacker applies signal processing techniques by mediating the received signal on N = 10 frames, the resulting processing gain is approximately

  10 dB. The noise on the power supply is expected to be at least 30 dB above the thermal noise level [

  which is 0 dBlV at B = 5 MHz. Therefore [Un,5] = 30

  dBlV might be a plausible value of the electrical noise received on the power line at B = 5 MHz. From experimental measurements the attenuation between two outlets in a building for the frequency range 1

  60 MHz can be, on average, around 10 dB if the sockets are in the same circuit, and 40 dB if they are located in different circuits [

  

  From (

  there can be determined the minimum attenuation value, [AF], for a low- pass

  filter in the HF/VHF frequency range installed on the power supply line of the com- puter system, so, at the building boundary, the compromising signals accidentally emissions transmitted on the power circuit from a COTS computer system cannot be detected by an attacker, is given by

  30

  10

  7 F ½A Š ¼ 105 þ 10 ¼ 68 dB ð4Þ

  Thus we can conclude that a low-pass electrical filter with attenuation equal to 70 dB, evaluated for HF/VHF frequency range, provides adequate TEMPEST pro- tections if all the COTS informatics equipment operated indoor comply with EN55022 limits.

  3 Experimental Validations of the Results In order to validate the theoretical aspects presented in Sect. a series of tests

  and measurements were carried out in Special Telecommunications Service (STS) TEMPEST lab.

  The first test aimed to detect compromising emissions generated by a commercial computer on the power line and recover the information contained in the received emissions. To achieve this, a test receiver Rohde& Schwarz FSET 7 with IF band- widths of 5 MHz was used and a line impedance stabilization network (LISN) was installed on the supply line of the test equipment. The results, presented in Fig.

  

   show the level of the secondary emissions through the power line from a computer with an image displayed on the monitor (red trace) and without an image displayed on the monitor (green trace). From the spectral analysis a compromise emission around

  25 MHz has been determined, which in this case contains the video signal from the video card. Using a dedicated software package for TEMPEST evaluation, the signals received at the 25.37 MHz frequency were filtered, correlated and the image displayed by the test computer monitor was restored, as shown in Fig.

  

  The second test has been developed to validate the estimated value for the atten-

  

  uation of the electrical filter obtained in Sect. For this, the test configuration in Fig.

  has been used, where PG is the pulse generator, RFG is the radiofrequency

  signal generator Rohde & Schwarz SMP04, ATT is the variable attenuator, REC is the

  Considerations on Estimating the Minimal Level

  13 Compromising emissions ₍₁₎

  

(2)

(a) (b)

  

Fig. 1. (a) The comparative spectral analysis of the secondary emissions in power line by a

computer using an image displayed on the monitor (trace 1) and no image displayed on the

monitor (trace 2), and (b) recovered image processed from secondary emissions by a computer,

from power line. (Color figure online)