Skip to main content
SpringerLink
Log in

Smart Embedded Appliances Networks – Security Considerations

  • Chapter
  • First Online:
Embedded Systems for Smart Appliances and Energy Management

Part of the book series: Embedded Systems ((EMSY,volume 3))

  • 1904 Accesses

Abstract

Cryptography is an essential part of network security. But using it effectively requires understanding the context, the processes and the threats. The article explains basic cryptographic concepts like key agreement protocols and certificates, and how they fit into the context of smart embedded appliances networks. The problem of secure key distribution and its consequences for commissioning procedures is explored in higher detail. The final part explains how systems are broken into, despite cryptography, and what to do about it.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://heise.de/-1517754 (in German)

  2. 2.

    The other reason is that hacking GSM requires hardware modifications and expert knowledge because easily downloadable software and instructions are not available as of 2012. GSM hacks are therefore rare and covered by mainstream media only in connection with intelligence services (“IMEI-catcher”).

References

  1. P. Degauque, P. Laly, V. Degardom, M. Lienard and L. Diquelou, “Compromising Electromagnetic Field Radiated by In-House PLC Lines,” in GLOBECOM 2010, 2010.

    Google Scholar 

  2. A. Avizienis, J.-C. Laprie, B. Randell and C. Landwehr, “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33, 2004.

    Article  Google Scholar 

  3. ZigBee Alliance, ZigBee Smart Energy Profile Specification, San Ramon, CA: ZigBee Standards Organization, 2008.

    Google Scholar 

  4. B. Schneier, Applied Cryptography, New York: John Wiley & Sons, 1996.

    Google Scholar 

  5. NIST, “NIST SP 800-57 - Recommendation for Key Management,” National Institute of Standards and Technology, 2007.

    Google Scholar 

  6. J. Großschädl, A. Szekely and S. Tillich, "The energy cost of cryptographic key establisment in wireless sensor networks," in ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security, ACM, 2007.

    Google Scholar 

  7. NIST, “NIST IR 7628 - Guidelines for Smart Grid Cyber Security,” National Institute of Standards and Technology, 2010.

    Google Scholar 

  8. S. Gollakota, N. Ahmed, N. Zeldovich and D. Katabi, “Secure in-band wireless pairing,” in SEC'11 Proceedings of the 20th USENIX conference on Security, Berkeley, 2011.

    Google Scholar 

  9. S. Mahlknecht, M. Damm and C. Grimm, “A Smartcard Based Approach for a Secure Energy Management Node Architecture,” in Industrial Informatics (INDIN), 2010.

    Google Scholar 

  10. A. D. Rubin, “All Your Devices Can Be Hacked (Invited Talk),” in TEDx MidAtlantic, Washington DC, 2011.

    Google Scholar 

  11. J.-P. Katoen, I. Zapreev, E. Hahn, H. Hermanns and D. Jansen, “The Ins and Outs of the Probabilistic Model Checker MRMC,” in Sixth Internatinal Conference on the Quantitative Evaluation of Systems QEST '09, 2009.

    Google Scholar 

  12. B. Schneier, Beyond Fear, New York: Copernicus Books, 2003.

    Google Scholar 

Download references

Acknowledgments

Thanks go to Christian Krieg for his inputs and contribution.

Author information

Authors and Affiliations

  1. Tridonic GmbH & Co KG, Vienna University of Technology, Belvederegasse 39/2, Wien, Austria

    Edgar Holleis

Authors
  1. Edgar Holleis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Edgar Holleis .

Editor information

Editors and Affiliations

  1. Design of Cyber-Physical Systems, TU Kaiserslautern, Postfach 27-29/384, Kaiserslautern, 67663, Germany

    Christoph Grimm

  2. edacentrum GmbH, Schneiderberg 32, Hannover, 30167, Germany

    Peter Neumann

  3. Institut fur Computertechnik, TU Vienna, Gusshausstrasse 27-29/384, Wien, 1040, Austria

    Stefan Mahlknecht

Acronyms

AES

Advanced Encryption Standard – widely used cipher

DES

Data Encryption Standard – precursor to AES

DH

Diffie-Hellman key agreement – early asymmetric algorithm

DSA

Digital Signature Algorithm – similar to RSA

DRM

Digital Restrictions Management

ECC

Elliptic Curve Cryptography

ECDH

Diffie-Hellman key agreement using ECC

ECDSA

Digital Signature Algorithm using ECC

ECMQV

Menezes-Qu-Vanstone key agreement using ECC

GSM

Global System for Mobile Communication – cellular phone standard

ID

Identification – typically an ID number

MAC

Media Access Control – protocol layer of a typical networking stack

MD5

Message Digest Algorithm 5 – hash function

MITM

Man in the Middle Attack

MQV

Menezes-Qu-Vanstone – authenticated key agreement protocol

NFC

Near Field Communication – upcoming wireless technology

PGP

Pretty Good Privacy – email encryption package

PIN

Personal Identification Number – numeric password

PKCS

Public Key Cryptography Standards – smart card technology standard

RSA

Rivest-Shamir-Adleman – asymmetric cryptographic algorithm

SHA1

Secure Hash Algorithm 1 – hash function

SIM

Subscriber Identity Module – cryptographic module of cellular phones

SSL

Secure Socket Layer – protocol suite used in the World Wide Web

TLS

Transport Layer Security – successor to SSL

WEP

Wire Equivalent Protection – failed security standard for Wi-Fi

WPA

Wi-Fi Protected Access – successor to WEP

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer Science+Business Media New York

About this chapter

Cite this chapter

Holleis, E. (2013). Smart Embedded Appliances Networks – Security Considerations. In: Grimm, C., Neumann, P., Mahlknecht, S. (eds) Embedded Systems for Smart Appliances and Energy Management. Embedded Systems, vol 3. Springer, New York, NY. https://doi.org/10.1007/978-1-4419-8795-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-1-4419-8795-2_5

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4419-8794-5

  • Online ISBN: 978-1-4419-8795-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation