The framework presented in Sect. 2 enables resilient low-power wireless communication despite harsh environmental conditions. However, dependability is the combination of several attributes that allow a user to put trust into and rely on a system [3]. Such attributes are reliability (i.e., continuity of correct, accurate, and timely service), availability (i.e., readiness for correct service), safety (i.e., absence of catastrophic consequences on users and environments); confidentiality (absence of unauthorized disclosure of information); and integrity (i.e., absence of improper system alteration).
In the IoT context there are several dependability threats that can affect those attributes. In the previous sections, we already discussed how harsh environmental conditions represent a major threat for the reliability and availability of a system due to their impact on communication performance. Similarly, two other common threats to all IoT systems are:
-
Physical and remote attacks. IoT devices are deployed everywhere, and attackers can not only mount attacks remotely via network interfaces, but also physically (e.g., by performing dynamic fault induction [13], or by collecting information through side-channels [15]).
-
Complexity. The IoT is a complex system (of systems) where many devices with continuously updated software and services cooperate using a dynamically changing communication network and where the number of devices is not known in advance. These properties make designed IoT applications prone to design and implementation flaws, as well as scaling bugs.
As dependability is the combination of several attributes, it is sufficient that one of them is poorly addressed to affect the overall system performance. An analogy is the most fragile link of a chain (the one that is most likely to break) compromising the usability of the whole system when splitting apart. To build a dependable IoT that is resilient against failures and attacks, it is hence not sufficient to consider only dependable networking in harsh environments as discussed in Sect. 2, but to address all relevant functions and threats of the IoT in an interdisciplinary fashion. We describe next our efforts in this regard by providing an overview of our joint research activities in the areas of dependable localization and communication (Sect. 3.1), dependable embedded computing (Sect. 3.2), composition of smart objects (Sect. 3.3), and dependable networked control (Sect. 3.4). These efforts are carried out in the DependableThingsFootnote 2 project funded by Graz University of Technology.
Dependable wireless localization and communication
Wireless technologies suffer from physical and man-made impairments (e.g., multi-path propagation and interference from competing transmissions, as well as from the effect of temperature variations and other environmental properties): this impairs the accuracy, latency, loss, and energy consumption of wireless services. A key challenge is therefore to offer statistical guarantees on the reliability and availability of correct wireless localization and communication by automatically adapting system parameters, using models of the transceiver hardware and the environment.
In our research, we employ location-resolved models of the environment [19] to obtain robustness and scalability, as well as adaptive radio front-ends (i.e., tunable filters and antennas) to support low-power operation [2], in contrast to power-hungry software defined radios that are normally considered for flexible (cognitive) radios. We then map the problem to a model-predictive control system to gain control over the dependability requirements. The control loop includes the adaptable radio front-ends, physical-layer signal processing for environment modeling/mapping, robust wireless communication and localization, and communication protocols for distributed control of the radio transceivers.
Dependable embedded computing
The IoT requires all kinds of connected computing devices to execute software dependably: operations have to be completed within guaranteed response times, functions must be immune to environmental perturbation or attacks, and secret information must not be revealed via physical side-channels or communication interfaces. While security, reactivity, and dynamic modularity are still considered independently in today’s embedded system design, this separation has unacceptable implications on the resilience, versatility, and longevity of IoT devices. We hence investigate an integrated approach that spans across all system layers.
Our research focuses on co-designed hardware and software that jointly handle the inherent complexity of both physical attack scenarios and modular real-time applications, accounting for the additional support for dynamically changing software and service composition. We tackle the co-design of processor architectures and operating systems as a base for dependable applications and services: in contrast to established concepts for comparable embedded systems [14], we focus on the solid anchoring of security, real-time, and modularity features throughout the entire stack.
Dependable composition
In the IoT, smart things collaborate to provide services. They do so by using protocols that are vital for the safe and secure operation of the system, but that are not always documented well and rarely implemented correctly. Indeed, bugs such as Heartbleed [11] have achieved notoriety because of their deleterious effects, and studies show that implementations of important protocols like TLS are rife with bugs [4].
Our research activities in this domain aim to develop methods and tools to automatically find bugs in communication protocols as efficiently as possible. We focus on observing and experimenting with the behavior of implementations under the assumption that a full specification is not available. Towards this goal, we use language modeling techniques to learn models of protocol implementations [1]. This model can be used for different purposes: we can compare learned models and flag differences as suspicious behavior; we can use a model for model-based fuzzing of the implementation; we can formally verify the learned model; or we can use the model for runtime verification and enforcement to detect attacks that use the protocol in untypical ways.
Dependable networked control
As communication between smart items is prone to errors and likely to be corrupted by unpredictable distortions and losses, the stability and performance of the respective feedback loops have to be robust with respect to these phenomena which are inherent to the IoT. The fact that conventional control theories are based on ideal assumptions such as non-delayed actuation and sensing and perfect synchronization motivates the need for innovative methods for the design of dependable systems.
Towards this goal, we propose an information-theoretic approach to networked control building on our earlier results on the characterization of information processing in deterministic input-output systems using information loss as a key parameter [12]. We focus on a recovery of disturbed or lost interconnecting signals based on information theoretic principles [18]. We plan to adapt methods from interactive real-time multimedia communication to automatic control, and aim to investigate the potential of these methods to increase the stability margins. In contrast to related theoretic works [17], our approach is intended for practical applications and constrained CPUs.