Future Access Enablers for Ubiquitous and Intelligent Infrastructures pdf pdf
Octavian Fratu Nicolae Militaru Simona Halunga (Eds.)
241 Future Access Enablers for Ubiquitous and Intelligent Infrastructures Third International Conference, FABULOUS 2017 Bucharest, Romania, October 12–14, 2017 Proceedings Lecture Notes of the Institute for Computer Sciences, Social Informatics
and Telecommunications Engineering 241
Editorial BoardOzgur Akan Middle East Technical University, Ankara, Turkey
Paolo Bellavista University of Bologna, Bologna, Italy
Jiannong Cao Hong Kong Polytechnic University, Hong Kong, Hong Kong
Geoffrey Coulson Lancaster University, Lancaster, UK
Falko Dressler University of Erlangen, Erlangen, Germany
Domenico Ferrari Università Cattolica Piacenza, Piacenza, Italy
Mario Gerla UCLA, Los Angeles, USA
Hisashi Kobayashi Princeton University, Princeton, USA
Sergio Palazzo University of Catania, Catania, Italy
Sartaj Sahni University of Florida, Florida, USA
Xuemin Sherman Shen University of Waterloo, Waterloo, Canada
Mircea Stan University of Virginia, Charlottesville, USA
Jia Xiaohua City University of Hong Kong, Kowloon, Hong Kong
Albert Y. Zomaya University of Sydney, Sydney, Australia More information about this series at http://www.springer.com/series/8197
- • Octavian Fratu Nicolae Militaru Simona Halunga (Eds.)
Future Access Enablers for Ubiquitous and Intelligent Infrastructures
Third International Conference, FABULOUS 2017 Bucharest, Romania, October 12–14, 2017 Proceedings Editors Octavian Fratu Simona Halunga Politehnica University of Bucharest University Polytechnica of Bucharest Bucharest Bucharest Romania Romania Nicolae Militaru University Polytechnica of Bucharest Bucharest Romania
ISSN 1867-8211
ISSN 1867-822X (electronic) Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
ISBN 978-3-319-92212-6
ISBN 978-3-319-92213-3 (eBook) https://doi.org/10.1007/978-3-319-92213-3 Library of Congress Control Number: 2018944406 ©
ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018
This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the
material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation,
broadcasting, reproduction on microfilms or in any other physical way, and transmission or information
storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now
known or hereafter developed.The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication
does not imply, even in the absence of a specific statement, that such names are exempt from the relevant
protective laws and regulations and therefore free for general use.The publisher, the authors, and the editors are safe to assume that the advice and information in this book are
believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors
give a warranty, express or implied, with respect to the material contained herein or for any errors or
omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in
published maps and institutional affiliations. Printed on acid-free paper This Springer imprint is published by the registered company Springer International Publishing AG
Preface
After the prestigious EAI scientific events in Ohrid, Republic of Macedonia, and in Belgrade, Republic of Serbia, the Third EAI International Conference on Future Access Enablers of Ubiquitous and Intelligent Infrastructures (Fabulous 2017) was held in Bucharest, Romania, hosted by the Politehnica University of Bucharest. The confer- ence succeeded in providing an excellent international platform for prominent researchers from academia and industry, innovators and entrepreneurs, to share their knowledge and their latest results in the broad areas of future wireless networks, ambient and assisted living, and smart infrastructures.
The main topics of Fabulous 2017 included future access networks, the Internet of Things and smart city/smart environment applications, communications and computing infrastructures, security aspects in communications and data processing, and signal processing and multimedia. Three special sessions – “Computational Modeling and Invited Papers,” “Multimedia Security and Forensics,” and “Optoelectronic Devices and Applications Thereof in the Communications Domain” – completed the technical program. With two invited papers, six keynote speeches, and 39 regular papers, Fab- ulous 2017 hosted high-quality technical presentations from young researchers and, also, from well-known specialists from academia and industry who have shaped the field of wireless communications.
The two invited papers were presented by two young female researchers, Elena Diana Șandru and Ana Neacșu, PhD and MSc students, respectively, from the Poli- tehnica University of Bucharest.
The six keynote speeches were presented by Prof. Ramjee Prasad (Aalborg University, Denmark), Prof. Nenad Filipovic (University of Kragujevac, Serbia), Dr. Marius Iordache (Orange, Romania), Prof. Hana Bogucka (Poznan University of Technology, Poland), Dr. Onoriu Brădeanu (Vodafone, Romania), and Thomas Wrede (SES, Luxembourg).
Fabulous 2017 was co-sponsored by Orange Romania and SES Luxembourg. The latter company also sponsored the participation of young researchers in the conference, based on the reviewers’ evaluation. The “Innovative Cybersecurity Public Private Partnership” round table, chaired by Prof. Iulian Martin from the National Defense University Carol I and sponsored by Safetech Innovation SRL and Beia Consult International SRL, were received by participants with great interest. The Best Paper Award of the conference was granted to the paper “Prediction of Coronary Plaque Progression Using a Data-Driven the Approach” having as first author Bojana And- jelkovic Cirkovic, a young researcher from University of Kragujevac, Serbia.
We would like to show our appreciation for the effort, constant support, and guidance of the Fabulous 2017 conference manager, Katarina Antalova (EAI) and of the Steering Committee members, Imrich Chlamtac, Liljana Gavrilovska, and Alberto Leon-Garcia. Our thanks also go to the Organizing Committee, and especially VI Preface
materialized in a high-quality technical program. We are also grateful to the local Organizing Committee co-chairs, Dr. Carmen Voicu and Dr. Ioana Manuela Marcu, for theirs sustained effort in organizing and supporting the conference.
Last but not least, the success of the Fabulous 2017 EAI conference is also due to the high quality of the participants, researchers from academia and industry, whose contributions – included in this volume – have proven to be very valuable. It is our opinion that Fabulous 2017 provided opportunities for the delegates to exchanges their ideas, to find mutual scientific interests, and thus, to foster future research relations. May 2015
Octavian Fratu Nicolae Militaru
Organization
Steering CommitteeImrich Chlamtac EAI/Create-Net and University of Trento, Italy Liljana Gavrilovska Ss. Cyril and Methodius University in Skopje, Macedonia Alberto Leon-Garcia University of Toronto, Canada
Organizing Committee
General Chairs Octavian Fratu Politehnica University of Bucharest, Romania Liljana Gavrilovska Ss. Cyril and Methodius University, Skopje, Macedonia Technical Program Committee Chair Simona Halunga Politehnica University of Bucharest, Romania Web Chair Alexandru Vulpe Politehnica University of Bucharest, Romania Publicity and Social Media Chairs Albena Mihovska Aalborg University, Denmark Cristian Negrescu Politehnica University of Bucharest, Romania Workshop Chairs Corneliu Burileanu Politehnica University of Bucharest, Romania Pavlos Lazaridis
University of Huddersfield, UK Sponsorship and Exhibits Chair Eduard Cristian Popovici Politehnica University of Bucharest, Romania Publications Chair Nicolae Militaru Politehnica University of Bucharest, Romania Posters and PhD Track Chairs Răzvan Tamaș Constanta Maritime University, Romania Alexandru Martian Politehnica University of Bucharest, Romania Local Chairs Carmen Voicu Politehnica University of Bucharest, Romania Ioana Manuela Marcu Politehnica University of Bucharest, Romania Secretariat Madalina Berceanu Politehnica University of Bucharest, Romania Ana-Maria Claudia
Dragulinescu Politehnica University of Bucharest, Romania
Conference Manager Katarina Antalova European Alliance for Innovation
Technical Program Committee
Anđelković-Ćirković Bojana
University of Kragujevac, Serbia Atanasovski Vladimir Ss. Cyril and Methodius University in Skopje, Macedonia Bota Vasile Technical University of Cluj, Romania Boucouvalas Anthony University of the Peloponnese, Greece Brădeanu Onoriu Vodafone, Romania Burileanu Dragos University Politehnica of Bucharest, Romania Chiper Doru Florin Gheorghe Asachi Technical University of Iaşi, Romania Croitoru Victor University Politehnica of Bucharest, Romania Enaki Nicolae Academy of Sciences of Moldova Feieș Valentin University Politehnica of Bucharest, Romania Filipović Nenad University of Kragujevac, Serbia Halunga Simona University Politehnica of Bucharest, Romania Marghescu Ion University Politehnica of Bucharest, Romania Ionescu Bogdan University Politehnica of Bucharest, Romania Isailović Velibor University of Kragujevac, Serbia Khwandah Sinan Brunel University London, UK Latkoski Pero Ss. Cyril and Methodius University in Skopje, Macedonia Lazaridis Pavlos
University of Huddersfield Manea Adrian University Politehnica of Bucharest, Romania Marcu Ioana University Politehnica of Bucharest, Romania Mihovska Albena Aarhus University, Denmark Militaru Nicolae University Politehnica of Bucharest, Romania Nikolić Dalibor University of Kragujevac, Serbia Paleologu Constantin University Politehnica of Bucharest, Romania Pejanović-Đurišić Milica University of Montenegro Petrescu Teodor University Politehnica of Bucharest, Romania Popovici Eduard Cristian University Politehnica of Bucharest, Romania Poulkov Vladimir
Technical University of Sofia, Bulgaria
VIII Organization
Șchiopu Paul University Politehnica of Bucharest, Romania Suciu George Beia Consult International, Romania Tamaș Razvan Constanța Maritime University, Romania Udrea Mihnea University Politehnica of Bucharest, Romania Vlădescu Marian University Politehnica of Bucharest, Romania Voicu Carmen University Politehnica of Bucharest, Romania Vulović Aleksandra University of Kragujevac, Serbia Vulpe Alexandru University Politehnica of Bucharest, Romania Zaharis Zaharias Aristotle University of Thessaloniki, Greece Zenkova Claudia Chernivtsi National University, Ukraine
Organization
IX
Contents
. . .
Ș tefan-Ciprian Arseni, Alexandru Vulpe, Simona Halunga, and Octavian Fratu
. . .
Mircea Popescu, Răzvan Bărtuşică, Alexandru Boitan, Ioana Marcu, and Simona Halunga . . .
Alexandru Vulpe, George Suciu, Simona Halunga, and Octavian Fratu . . .
. . .
Razvan-Florentin Trifan, Andrei-Alexandru Enescu, and Constantin Paleologu . . .
Alexandru Boitan, Razvan Bărtușică, Simona Halunga, Mircea Popescu, and Iulian Ionuță
. . .
Răzvan Bărtușică, Alexandru Boitan, Simona Halunga, Mircea Popescu, and Valerică Bindar . . .
. . .
George Suciu, Alexandru Ganaside, Laurentiu Bezdedeanu, Robert Coanca, Stefania Secu, Carmen Nădrag, and Alexandru Marțian
. . .
Elena-Mădălina Oproiu, Catalin Costea, Marius Nicuşor Nedelcu, Marius Iordache, and Ion Marghescu . . .
Bogdan-Mihai Gavriloaia, Marian Novac, and Dragos-Nicolae Vizireanu . . .
. . .
Alin Florian Stoicescu, Razvan Craciunescu, and Octavian Fratu . . .
. . .
Carmen Voicu, Mădălina Berceanu, and Simona V. Halunga
Dan Tudor Vuza, Reinhold Frosch, Helmut Koeberl, Idlir Rusi Shkupi, and Marian Vlădescu
Alexandru Stancu, Alexandru Vulpe, Simona Halunga, and Octavian Fratu
Mihai Gavrilescu and Nicolae Vizireanu
Mihai Gavrilescu and Nicolae Vizireanu
Eugeniu Semenciuc, Andra Pastrav, Tudor Palade, and Emanuel Puschita
Alexandru Vulpe, Marius Vochin, Laurentiu Boicescu,
XII Contents
Contents
XIII
Roxana Mihăescu, Cristian Stanciu, and Constantin Paleologu
Ana-Maria Claudia Drăgulinescu, Andrei Drăgulinescu, Ioana Marcu, Simona Halunga, and Octavian Fratu
Vlad Andrei Cârstea, Robert Alexandru Dobre, Claudia Cristina Oprea, and Radu Ovidiu Preda
Claudia C. Oprea, Radu O. Preda, Ionut Pirnog, and Robert Al. Dobre
Robert Alexandru Dobre, Constantin Paleologu, Cristian Negrescu, and Dumitru Stanomir
Octaviana Datcu, Radu Hobincu, Mihai Stanciu, and Radu Alexandru Badea
Adrian Sima, Paul Schiopu, Marian Vladescu, Bogdan-Mihai Gavriloaia, Florin Garoi, and Victor Damian
Dan Tudor Vuza and Marian Vlădescu
Viorel Manea, Sorin Puşcoci, and Dan Alexandru Stoichescu XIV Contents
Alina Elena Marcu, Robert Alexandru Dobre, and Marian Vlădescu
Elena Truţă, Ana Maria Daviţoiu, Ana Mihaela Mitu, Alexandra Andrada Bojescu, Paul Şchiopu, Marian Vlădescu, Genica Caragea, Luminiţa Horhotă, Maria Gabriela Neicu, and Mihai Ionică
Bojana Andjelkovic Cirkovic, Velibor Isailovic, Dalibor Nikolic, Igor Saveljic, Oberdan Parodi, and Nenad Filipovic
Marko N. Živanović, Danijela M. Cvetković, and Nenad D. Filipović
Arso Vukicevic, Alen Zabotti, Salvatore de Vita, and Nenad Filipovic
Ana Neacșu, Corneliu Burileanu, and Horia Cucu
Elena-Diana Șandru, Andi Buzo, Horia Cucu, and Corneliu Burileanu
Fabulous Main Track
1 Introduction
have become today’s trending technologies, being in a continuous process of development [
new thresholds that need to be passed before any data is captured, processed and/or
surrounding us sets
embedment of sensors or smart devices in the environment [
], the
security aspects [
introduces also some vulnerabilities regarding mainly the
nowadays’ economy [
tion [
and integra-
A Hybrid Testbed for Secure
Internet-of-Things
,
Ever since the industrial revolution, humanity has been searching for methods of creating better technologies that can improve the way humans not only interact with the environment, but also how they make use of the resources provided. Recent years have brought a new technological revolution, in terms of miniaturization of devices and their embedment in all layers of society. Earlier proposed concepts, such as Internet of Things [
Keywords: Internet-of-Things Security Hybrid testbed Software middleware Hardware architectures
Abstract. The need for insertion of technology in everyday tasks has brought
an increase in new methodologies and concepts used to accomplish such
objectives. By trying to make technology an enabler for an increasing number of
personal or work-related activities, we allow devices to collect data about our
way of being, that, if not properly protected and used, can prove a vulnerability
for our personal security. This is why new means of securing information, even
by the tiniest or low-resource devices, need to be implemented and, in many
cases, they take the form of cryptographic algorithms, classic or lightweight.
Assessing these algorithms can sometimes become difficult, depending on the
targeted system or on the environment where the device will be deployed. To
address this issue and help developers, in this paper we present a hybrid testbed,
comprised of three hardware architectures, that will ensure a general environ-
ment in which users can test their security solutions, in order to have an idea of
what changes need to be made to provide optimal performances.
Telecommunications Department, University Politehnica of Bucharest, 1-3 Iuliu
Maniu Blvd., 061071 Bucharest, Romania
{stefan.arseni,alex.vulpe}@radio.pub.ro, {shalunga,
ofratu}@elcom.pub.ro
, Simona Halunga, and Octavian Fratu
(&)
, Alexandru Vulpe
(&)
Ștefan-Ciprian Arseni
- ]. Yet, this fast pace that is characteristic to any recent offer-demand pair in
4 Ș.-C. Arseni et al.
Addressing the need of security in transmitting information has been generally made by using cryptographic algorithms to encrypt the data that needs to be sent. These cryptographic algorithms have different key features that make them reliable under certain conditions or in specific environments. The miniaturization of devices brought a problem for security, given that classic cryptographic algorithms require a certain amount of resources to function with an acceptable performance. The constraint resources of a sensor or embedded device lead to the introduction of a new branch of cryptographic algorithms, namely lightweight cryptographic algorithms that give a reasonable degree of security, without requiring too many resources [
- Being a relatively new study domain, when compared to classic cryptography, lightweight cryptographic algorithms can, sometimes, prove to be difficult to imple- ment or create, thus requiring a strict phase of testing in which any minor vulnerability or performance drop can be resolved. The hybrid testbed presented in this article was
and it addresses the problem of testing the implementations of
first introduced in [ lightweight cryptography, by giving developers a unified platform to conduct their tests on. This testbed is comprised of three different types of hardware architectures, so that the behavior of the implementation on specific environments can be observed. The access to these hardware architectures is done through a middleware that acts as a unique point-of-entrance, enabling developers to write their implementation once and test it simultaneously or consecutively, on each one of the three base architectures. This paper continues the testbed presentation initiated in the previously mentioned paper, by adding information regarding the middleware layer of the testbed, on how it makes use of the hardware architectures and how it enables users to interact with the testbed.
The present paper is organized as follows. Section
, some conclusions are drawn.
2 Overview of the Testbed
the hardware implementations of cryptographic algorithms as compared to the software counterparts. By integrating in our testbed an SDSoC (Software Defined
System-On-a-Chip) that contains also a number of logical gates that can be pro- grammed, we enable users to test their implementation in this type of environment also. The other two hardware architectures of the testbed allow only a software imple- mentation of an algorithm.
In order for users to interact with these hardware architectures, they need to interact with the middleware layer of the testbed. This layer is composed of two sub- layers: one consisting of the drivers or APIs (Application Programming Interface), required to communicate with the hardware layer, and one consisting of the integrator APIs which developers will use and integrate in their implementations.
The main architecture of the testbed, with an emphasis on the hardware layer, was emphasizing on the connection of it with the hardware layer and the means that users can access its functions.
As described in
], the main challenge is to create a unified access point for all three hardware systems, while maintaining control over the operating characteristics that represent criteria when assessing an algorithm. In order to achieve this point of inte- gration the platforms were customized to support a self-contained operating environ- ment, either under the form of an operating system or a scheduler-service, as will be described in the remaining part of the section.
Each one of the hardware architectures presents its own methods of interaction that are made available to a user or developer. Figure
presents an overview of forming
and receiving, by the corresponding architecture, the API and driver calls, shown in Fig.
The UI (User Interface) is the component that sends calls to the middleware and
customizes the task sent to each one of the hardware elements, as follows:
Fig. 1. Main architecture of testbed
A Hybrid Testbed for Secure Internet-of-Things5
3 Middleware Layer of the Testbed
- For the standard x64 processor that can run also x86 applications, a simple task dispatcher is implemented as a service that waits for the user to send a task to be executed. The task represents an algorithm implementation that is done by the user and sent through the testbed UI. After the completion of the task, collected metrics are parsed and sent to the UI to give the user a performance view of its imple- mentation or algorithm.
- The SDSoC architecture is comprised of two hardware elements that can be used either separately or as a whole. In our proposed testbed, these elements are used as one, by establishing the required communication bridge between them. The FPGA (Field Programmable Gate Array) element contains some defined cryptographic functions, such as permutation, standard AES (Advanced Encryption Standard) S- Boxes or substitutions, which can increase the performance of an algorithm. The implementation in FPGA was taken into consideration given a few performance
6 Ș.-C. Arseni et al.
Fig. 2. Hardware layer customization
The second element, the processor, is thetests that were briefly presented in [ point in which the dispatcher service resides and the task is mainly being executed. After the successful completion of the task, results are parsed and transmitted to the UI.
- The third hardware element takes advantage of the possibility of dynamically writing an application into the Flash memory that can be executed afterwards. Implemented as a bootloader, the scheduling-service waits for a task to be deployed through the UI. After receiving a task, the service writes it into the Flash at a separate address and launches it into execution. In this case, the service will return in the waiting state, but will not have the functionality of parsing and sending the results. This functionality will reside in the task itself and will be attached to the user code at deployment.
After terminating all the deployed tasks, the UI will act also as a collector of data from the underlying dispatcher-services, by formatting and grouping the data and presenting it to the user as performance metrics.
4 Conclusions
6. LeCun, Y., Bengio, Y., Hinton, G.: Deep learning. Nature 521(7553), 436–444 (2015).
7
A Hybrid Testbed for Secure Internet-of-Things
In: Proceedings of the 2015 International Workshop on Internet of Things Towards Applications, 01 November 2015, Seoul, South Korea (2015).
9. Lane, N.D., Bhattacharya, S., Georgiev, P., Forlivesi, C., Kawsar, F.: An early resource
characterization of deep learning on wearables, Smartphones and Internet-of-Things devices.
8. Botta, A., Donato, W., Persico, V., Pescapé, A.: Integration of cloud computing and Internet
of Things: a survey. Future Gener. Comput. Syst. 56, 684–700 (2016)
7. Miorandia, D., Sicarib, S., De Pellegrinia, F., Chlamtaca, I.: Internet of Things: vision,
applications and research challenges. Ad Hoc Netw. 10(7), 1497–1516 (2012)The paper introduces a part of the elements that the proposed hybrid testbed contains, with a focus on the software layer and on method of interaction between users and it. Given that this testbed will enable simultaneous testing on three different hardware architectures, it can prove to be an important factor in the process of large-scale integration of the IoT concept. An initial validation of the proposed testbed has been made with high-level tests, through which observations were made on how the testbed can be completely integrated and how multiple functionalities can be developed for users.
Acknowledgments. This work was supported by University “Politehnica” of Bucharest,
through the “Excellence Research Grants” Program, UPB – GEX, Identifier: UPB–EXCE-
LENTA–2016, project “Platform for Studying Security in IoT”, contract number 96/2016
(PaSS-IoT) and by a grant of the Ministry of Innovation and Research, UEFISCDI, project
number 5 Sol/2017 within PNCDI III and partially funded by UEFISCDI Romania under grant
no. 60BG/2016 “Intelligent communications system based on integrated infrastructure, with
dynamic display and alerting - SICIAD”.Future Gener. Comput. Syst. 25(6), 599–616 (2009)
4. Buyyaa, R., Yeoa, C.S., Venugopala, S., Broberga, J., Brandic, I.: Cloud computing and
emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility.
3. Qian, L., Luo, Z., Du, Y., Guo, L.: Cloud computing: an overview, cloud computing. In:
Proceedings of The First International Conference CloudCom 2009, Beijing, China, 1–4 December 2009, pp. 626–631 (2009)
2. Gubbia, J., Buyyab, R., Marusica, S., Palaniswamihuang, M.: Internet of Things (IoT): a
vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)Eng. 57(3), 221–224 (2015)
References
1. Wortmann, F., Flüchter, K.: Internet of Things - technology and value added. Bus. Inf. Syst.
5. Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117
(2015)8 Ș.-C. Arseni et al.
10. Ma, X., Yu, H., Wang, Y., Wang, Y.: Large-scale transportation network congestion
evolution prediction using deep learning theory. PLoS ONE 10(3), e0119044 (2015).
11. Porter, M.E., Heppelmann, J.E.: How smart, connected products are transforming
competition. Harvard Bus. Rev. 92(11), 64–88 (2014)
12. Weber, R.H.: Internet of Things – new security and privacy challenges. Comput. Law Secur.
Rev. 26(1), 23–30 (2010)
13. Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud
computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)
14. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput.
Syst. 28(3), 583–592 (2012)
15. Sicaria, S., Rizzardia, A., Griecob, L.A., Coen-Porisini, A.: Security, privacy and trust in
Internet of Things: the road ahead. Comput. Netw. 76, 146–164 (2015)
16. Yana, Z., Zhangc, P., Vasilakos, A.V.: A survey on trust management for Internet of Things.
J. Netw. Comput. Appl. 42, 120–134 (2014)
17. Romana, R., Zhoua, J., Lopezb, J.: On the features and challenges of security and privacy in
distributed Internet of Things. Comput. Netw. 57(10), 2266–2279 (2013)
18. Poschmann, A.Y.: Lightweight cryptography: cryptographic engineering for a pervasive
world. Ph.D. thesis (2009)
19. Masanobu, K., Moriai, S.: Lightweight cryptography for the Internet of Things. Sony
Corporation (2008).
20. Manifavas, C., Hatzivasilis, G., Fysarakis, K., Rantos, K.: Lightweight cryptography for
embedded systems – a comparative analysis. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, William M. (eds.) DPM/SETOP -2013. LNCS, vol. 8247, pp. 333–349. Springer, Heidelberg (2014).
21. Arseni, S., Mițoi, M., Vulpe, A.: PASS-IoT: a platform for studying security, privacy and
trust in IoT. In: 11th International Conference on Communications (COMM 2016), Bucharest, Romania, 9–11 June 2016 (2016). ISBN: 978-1-4673-8196-3
22. Eisenbarth, T., Sandeep, K.: A survey of lightweight-cryptography implementations. IEEE
Des. Test Comput. 24(6), 222–533 (2007)
23. Panasayya, Y., Kaps, J.-P.: Lightweight cryptography for FPGAs. In: 2009 Proceedings of
International Conference on Reconfigurable Computing and FPGAs, ReConFig 2009, pp. 225–230. IEEE (2009)
24. Cédric, H., Kamel, D., Regazzoni, F., Legat, J.-D., Flandre, D., Bol, D., Standaert, F.-X.:
Harvesting the potential of nano-CMOS for lightweight cryptography: an ultra-low- voltage65 nm AES coprocessor for passive RFID tags. J. Cryptograph. Eng. 1(1), 79–86 (2011)
25. Aydin, A., Gulcan, E., Schaumont, P.: SIMON says: break area records of block ciphers on
FPGAs. IEEE Embed. Syst. Lett. 6(2), 37–40 (2014)
26. Vivek, V., Shila, D.M.: High throughput implementations of cryptography algorithms on
GPU and FPGA. In: 2013 IEEE International Instrumentation and Measurement Technology Conference (I2MTC), pp. 723–727. IEEE (2013)
27. Vulpe, A., Arseni, Ş.-C., Marcu, I., Voicu, C., Fratu, O.: Building a unified middleware
architecture for security in IoT. In: Rocha, Á., Correia, A.M., Adeli, H., Reis, L.P., Costanzo, S. (eds.) WorldCIST 2017. AISC, vol. 570, pp. 105–114. Springer, Cham (2017).
Considerations on Estimating the Minimal
Level of Attenuation in TEMPEST Filtering
for IT Equipments
1(&)
1
1 Mircea Popescu , Răzvan Bărtuşică , Alexandru Boitan ,
2
2 1 Ioana Marcu , and Simona Halunga
The Special Telecommunications Service, Bucharest, Romania
2mpopescu@sts.ro
University Politehnica of Bucharest, Bucharest, Romania
imarcu@radio.pub.ro
Abstract. The main purpose of this research is to improve the security of
critical computer systems with minimal costs. One of the main problems in such
cases is the secondary emissions generated by electronic equipment that,
sometimes, might contain confidential information stored inside a secured
computer network. The implementation of a set of measures necessary to pre-
vent information leakage through compromising emissions is generally expen-
sive. This paper analyzes some minimal requirements that have to be fulfilled by
the filtering devices in order to protect the existing commercial IT equipment
against compromising emissions.Keywords: Compromising emissions TEMPEST Electrical filter
1 Introduction
Protection against electromagnetic disturbances is becoming an increasingly important issue for all researchers that have to deal with critical information, such as banks, commerce and security, given that our daily activity becomes more dependent on computers and telecommunications. As they become more and more sophisticated, they tend to become less resistant to electromagnetic interferences.
Both filtering and shielding are designed to reduce the electromagnetic radiation, so these two operations can be seen as a synergy, each complementing the other. Thus it is important to understand that inappropriate filtering can easily increase the risk of radiated coupling and inappropriate shielding can lead to conductive coupling.
A proper design of the filters may prevent interferences from electrical wires inside or outside the protected area through metallic interfaces, reducing the conductive coupling, as well as the radial coupling to and from the cables. In TEMPEST protection
] filters are used to prevent these interferences generated in computer equipment to propagate outward as compromising emissions transmitted through the power supply network.
A large number of research and studies in the area of compromising emissions in
10 M. Popescu et al.
the importance of the domain. In
] the authors concentrated on evaluating and
- reducing the compromising radiations of LCD/TV sets, while in [
a number of
TEMPEST security testing models and countermeasures are illustrated. In
] the
authors presented the results obtained in reconstruction of laser printer information based on the leakages in the media of electromagnetic radiation, power and signal lines. A model and testing procedures for critical systems to severe electro-magnetic threats are given in [
while in [
the authors show a number of results related to efficiency of shielding for communication equipment under TEMPEST evaluation. In this paper we estimate a minimum level of attenuation of an electrical filter installed on the supply line of commercial computer equipment, so that at the exit of the controllable zone the compromising signals generated by the equipment cannot be detected and intercepted by a hostile receiver. Based on the developed testbed the estimated value is then verified under worst case scenario.
The paper is organized as follows: Sect.
sets the theoretical basis for estimating
the minimum attenuation value of an electric filter for TEMPEST protection of com- mercial computer; Sect.
.
2 Estimation of the Minimum Attenuation Level for an Electrical Filter in TEMPEST Protection
To establish the minimum level of attenuation of the filter installed on the power line to ensure TEMPEST protection of an IT system, we assume the following: the target computer equipment is commercial type (COTS) and meets the electromagnetic dis-
]; the signal-to-
turbance requirements specified in European Standard EN 55022 noise ratio (SNR) received on the power line in the controllable space is limited to 1 (or 0 dB) to reduce the probability of detecting compromising emissions generated by computer equipment; the attacker has the ability to connect sensitive receivers directly to the building’s power supply, communication cables or other metal structures near the target device as well as to receive and process compromising signals with low levels comparable to electrical noise; the electrical noise received by the interceptor on the power line is specific to the residential environment; the interceptor searches for broadband pulses in a quiet zone of the spectrum, with as little external interference as possible; it uses “notch” filters to suppress strong emissions from narrowband radio stations as well as strong signal processing techniques to extract the information carrier from the unwanted background noise.
The minimum filter attenuation level installed on the power line to reduce the probability of detecting and intercepting compromising emissions by a hostile receiver at the limit of controllable space can be determined by
]
U
B G p
A :
F ð1Þ
U n ; B c r A f SNR
Considerations on Estimating the Minimal Level
11
where UB is the maximum voltage of the conducted disturbances allowed by EN 55022
] received with equipment with the IF bandwidth B; Gp is the processing gain
obtained by specific techniques (e.g. periodic mediation, correlations) for recovering the information from the compromising signal; Un,B is the root mean square of the background noise noticed by the IF receiver with the bandwidth B; AF is the attenu- ation of the electrical filter installed on the power line between the target equipment and the hostile receiver; Ac is the attenuation of the signal through the conductor network between the target equipment and the hostile receiver; fr is the noise figure of the interceptor receiver.
Rewriting (
on a logarithmic scale
F B p n ; B c r ;
½A ¼ ½U þ ½G ½U ½A ½f ½SNR ð2Þ where [x] = 20lg (x) is the value of parameter x expressed in dB. The noise and cable attenuation values in the above equations are random variables, which, in the absence of standardized data, might be modeled as a normal distribution with mean and variance evaluated statistically based on a large number of measure- ments in different environments. For other parameters, reasonable estimates must be made, based on the values used in most practical applications, such that the [SNR] should be below an acceptable level with a sufficient detection probability.
Different types of target signals are received on different frequency ranges and allow different processing gains. Thus all parameters must be estimated separately for the different types of signal of interest. In this paper we assume that the signals have the data rate equal to 5 MHz (e.g. the signal generated by the video card).
The EN 55022 EMC standard imposes that the maximum allowed voltage distur- bances measured across a 50 X impedance in parallel with 50 lH should not exceed 46 dBlV in the frequency range 0.5
5 MHz, respectively 50 dBlV in the frequency range 5
30 MHz measured with a average detector having a resolution bandwidth of 9 kHz
]. The compromising emissions of modern digital signals contains wideband
impulses so the receiver passband has to be extended from 9 kHz (specified in EN 55022 standard) to 2 or 5 MHz. Hence, the received signal strength increases by 20lg (2 MHz/9 kHz) = 47 dB for signal with the bandwidth of 2 MHz, and 20lg (5 MHz/9 kHz) = 55 dB for signal with the bandwidth 5 MHz.
To determine the value of the electrical filter attenuation, [AF], the worst case scenario has been taken into consideration corresponding to the case in which the electronic equipment generates secondary emissions on the power line to the maximum allowed level. Applying this correction (i.e. for 5 MHz resolution bandwidth) we obtain the limits for the conducted emissions: [UB] = (46 + 55) = 101 dBµV, for RBW@5 MHz, in the frequency range 0.5
5 MHz and [UB ] = (50 + 55) = 105 dBµV for RBW@5 MHz in the frequency range 5
30 MHz. The eavesdropping receiver used for tests is a Rohde& Schwarz FSET 7 with IF
Using time domain
bandwidths of 2 or 5 MHz and noise figure [fr] = 7 dB [ averaging to increase the signal-to-noise ratio of a periodic signal
] with N repetitions
of a properly in phase aligned signal the processing gain can be calculated by
12 M. Popescu et al.
p ffiffiffiffi G N or :
p p
¼ ½G ¼ 10 lgN ðdBÞ ð3Þ Assuming that the attacker applies signal processing techniques by mediating the received signal on N = 10 frames, the resulting processing gain is approximately
10 dB. The noise on the power supply is expected to be at least 30 dB above the thermal noise level [
which is 0 dBlV at B = 5 MHz. Therefore [Un,5] = 30
dBlV might be a plausible value of the electrical noise received on the power line at B = 5 MHz. From experimental measurements the attenuation between two outlets in a building for the frequency range 1
60 MHz can be, on average, around 10 dB if the sockets are in the same circuit, and 40 dB if they are located in different circuits [
From (
there can be determined the minimum attenuation value, [AF], for a low- pass
filter in the HF/VHF frequency range installed on the power supply line of the com- puter system, so, at the building boundary, the compromising signals accidentally emissions transmitted on the power circuit from a COTS computer system cannot be detected by an attacker, is given by
30
10
7 F ½A ¼ 105 þ 10 ¼ 68 dB ð4Þ
Thus we can conclude that a low-pass electrical filter with attenuation equal to 70 dB, evaluated for HF/VHF frequency range, provides adequate TEMPEST pro- tections if all the COTS informatics equipment operated indoor comply with EN55022 limits.
3 Experimental Validations of the Results In order to validate the theoretical aspects presented in Sect. a series of tests
and measurements were carried out in Special Telecommunications Service (STS) TEMPEST lab.
The first test aimed to detect compromising emissions generated by a commercial computer on the power line and recover the information contained in the received emissions. To achieve this, a test receiver Rohde& Schwarz FSET 7 with IF band- widths of 5 MHz was used and a line impedance stabilization network (LISN) was installed on the supply line of the test equipment. The results, presented in Fig.
show the level of the secondary emissions through the power line from a computer with an image displayed on the monitor (red trace) and without an image displayed on the monitor (green trace). From the spectral analysis a compromise emission around
25 MHz has been determined, which in this case contains the video signal from the video card. Using a dedicated software package for TEMPEST evaluation, the signals received at the 25.37 MHz frequency were filtered, correlated and the image displayed by the test computer monitor was restored, as shown in Fig.
The second test has been developed to validate the estimated value for the atten-
uation of the electrical filter obtained in Sect. For this, the test configuration in Fig.
has been used, where PG is the pulse generator, RFG is the radiofrequency
signal generator Rohde & Schwarz SMP04, ATT is the variable attenuator, REC is the
Considerations on Estimating the Minimal Level
13 Compromising emissions (1)
(2)
(a) (b)
Fig. 1. (a) The comparative spectral analysis of the secondary emissions in power line by a
computer using an image displayed on the monitor (trace 1) and no image displayed on the
monitor (trace 2), and (b) recovered image processed from secondary emissions by a computer,
from power line. (Color figure online)