Abstract
IoT devices are more important than ever. In a connected world, IoT devices have many uses. They are no longer merely used at work; they are part of our everyday lives. Security concerns arise if the devices generate, collect, or process sensitive data. Physical layer security controls are the cornerstone once the risk for humans increases when physical security fails. To achieve security in IoT devices, preventing is better than detecting. Formal verification is an important and valuable tool for detecting possible vulnerabilities and ensuring data security. Thus, this paper proposes an Event-B proof-based formal model of IoT physical layer security and attacks from the requirements analysis level to the goal level. Our model is built incrementally using a refining method during design and verification. We present a three-level formal approach: first, the construction of the IoT physical layer; then, we check for IoT physical layer vulnerabilities by processing the lack of some characteristics that cause these vulnerabilities, such as speed, typical bandwidth, and power consumption; lastly, we detect physical layer attacks like jamming and MAC spoofing, which helps to build security proofs. Our approach uses an electrocardiogram (ECG) IoT system as a case study, and as an additional case study to back up the proposed method’s generalizability, we used a fire alarm system. Also, we use the proof obligations and the ProB animator in the Rodin model checking tool to check and validate our approach.
Similar content being viewed by others
Data availability
No datasets were generated or analyzed during the current study.
References
Ning H, Wang Z (2011) Future internet of things architecture: like mankind neural system or social organization framework? IEEE Commun Lett 15(4):461–463
López TS, Ranasinghe DC, Patkai B, McFarlane D (2011) Taxonomy, technology and applications of smart objects. Inf Syst Front 13(2):281–300
Ghosh A, Chakraborty D, Law A (2018) Artificial intelligence in Internet of things. CAAI Trans Intell Technol 3(4):208–218
Rizvi S, Pipetti R, McIntyre N, Todd J, Williams I (2020) Threat model for securing internet of things (IoT) network at device-level. Internet Things 11:100240
Hamamreh JM, Furqan HM, Arslan H (2018) Classifications and applications of physical layer security techniques for confidentiality: a comprehensive survey. IEEE Commun Surv Tutor 21(2):1773–1828
Shakiba-Herfeh M, Chorti A, Poor HV (2021) Physical layer security: authentication, integrity, and confidentiality. In: Physical layer security. Springer, Cham, pp 129–150
Wang D, Bai B, Lei K, Zhao W, Yang Y, Han Z (2019) Enhancing information security via physical layer approaches in heterogeneous IoT with multiple access mobile edge computing in smart city. IEEE Access 7:54508–54521
Alladi T, Chamola V, Sikdar B, Choo KKR (2020) Consumer IoT: security vulnerability case studies and solutions. IEEE Consumer Electron Mag 9(2):17–25
Wang N, Wang P, Alipour-Fanid A, Jiao L, Zeng K (2019) Physical-layer security of 5G wireless networks for IoT: challenges and opportunities. IEEE Internet Things J 6(5):8169–8181
Ullah F, Al-Turjman F, Nayyar A (2020) IoT-based green city architecture using secured and sustainable android services. Environ Technol Innov 20:101091
Keerthi K, Roy I, Hazra A, Rebeiro C (2019) Formal verification for security in IoT devices. Security and Fault Tolerance in Internet of Things, pp 179–200
Bae WS (2019) Verifying a secure authentication protocol for IoT medical devices. Clust Comput 22(1):1985–1990
Desnitsky V, Kotenko I (2016) Automated design, verification and testing of secure systems with embedded devices based on elicitation of expert knowledge. J Ambient Intell Humaniz Comput 7(5):705–719
Kammüller F (2017) Formal modeling and analysis with humans in infrastructures for iot health care systems. In: International conference on human aspects of information security, privacy, and trust. Springer, Cham, pp 339–352
Kammüller F (2017) Human centric security and privacy for the iot using formal techniques. In: International conference on applied human factors and ergonomics. Springer, Cham, pp 106–116
Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for Internet of Things environments. Int J Commun Syst 30(16):e3323
Drozdov D, Patil S, Dubinin V, Vyatkin V (2017) Towards formal verification for cyber-physically agnostic software: a case study. In: IECON 2017–43rd annual conference of the IEEE industrial electronics society. IEEE, pp 5509–5514
Kim H, Kang E, Lee EA, Broman D (2017) A toolkit for construction of authorization service infrastructure for the internet of things. In: Proceedings of the second international conference on Internet-of-Things design and implementation, pp 147–158
Mohsin M, Sardar MU, Hasan O, Anwar Z (2017) IoTRiskAnalyzer: a probabilistic model checking based framework for formal risk analytics of the Internet of Things. IEEE Access 5:5494–5505
Kars P (1998) Formal methods in the design of a storm surge barrier control system. In: Lectures on embedded systems, European educational forum, school on embedded systems. Springer, London, pp 353–367
Zahra S, Alam M, Javaid Q, Wahid A, Javaid N, Malik SUR, Khan MK (2017) Fog computing over IoT: a secure deployment and formal verification. IEEE Access 5:27132–27144
Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of Things(IoT): a vision, architectural elements, and future directions. Futur Gener Comput Syst 29(7):1645–1660
Weyrich M, Ebert C (2015) Reference architectures for the internet of things. IEEE Softw 33(1):112–116
Zhang AL (2016) Research on the architecture of internet of things applied in coal mine. In: 2016 International conference on information system and Artificial Intelligence (ISAI). IEEE, pp 21–23
Zhang N, Fang X, Wang Y, Wu S, Wu H, Kar D, Zhang H (2020) Physical-layer authentication for internet of things via wfrft-based gaussian tag embedding. IEEE Internet Things J 7(9):9001–9010
Li C, Palanisamy B (2018) Privacy in internet of things: from principles to technologies. IEEE Internet Things J 6(1):488–505
Ali B, Awad AI (2018) Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3):817
Li X, Luo C, Ji H, Zhuang Y, Zhang H, Leung VC (2020) Energy consumption optimization for self-powered IoT networks with non-orthogonal multiple access. Int J Commun Syst 33(1):e4174
Debroy S, Samanta P, Bashir A, Chatterjee M (2019) SpEED-IoT: spectrum aware energy efficient routing for device-to-device IoT communication. Futur Gener Comput Syst 93(833–848):4
Xu T, Darwazeh I (2018) Non-orthogonal narrowband Internet of Things: a design for saving bandwidth and doubling the number of connected devices. IEEE Internet Things J 5(3):2120–2129
Kamel SOM, Hegazi NH (2018) A proposed model of IoT security management system based on a study of internet of things (IoT) security. Int J Sci Eng Res 9(9):1227–1244
Greco C, Pace P, Basagni S, Fortino G (2021) Jamming detection at the edge of drone networks using Multi-layer Perceptrons and Decision Trees. Appl Soft Comput 111:107806
Chi Z, Li Y, Liu X, Wang W, Yao Y, Zhu T, Zhang Y (2020) Countering cross-technology jamming attack. In: Proceedings of the 13th ACM conference on security and privacy in wireless and mobile networks, pp 99–110
Yousefnezhad N, Madhikermi M, Främling K (2018) Medi: measurement-based device identification framework for internet of things. In: 2018 IEEE 16th international conference on industrial informatics (INDIN). IEEE, pp 95–100
Boulkenafet Z, Komulainen J, Hadid A (2018) On the generalization of color texture-based face anti-spoofing. Image Vis Comput 77:1–9
Farhin F, Sultana I, Islam N, Kaiser MS, Rahman MS, Mahmud M (2020) Attack detection in internet of things using software defined network and fuzzy neural network. In: 2020 joint 9th international conference on informatics, electronics & vision (ICIEV) and 2020 4th international conference on imaging, vision & pattern recognition (icIVPR). IEEE, pp 1–6
Hoang TS (2013) An introduction to the Event-B modelling method. Ind Deploy Syst Eng Methods 211–236
Craigen D (1999) Formal methods adoption: what’s working, what’s not! In: Proceedings of the 5th and 6th international SPIN workshops on theoretical and practical aspects of SPIN model checking. Springer, London, pp 77–91
Eisner C (2002) Using symbolic CTL model checking to verify the railway stations of Hoorn- Kersenboogerd and Heerhugowaard. Int J Softw Tools Technol Transf 4(1):107–124
Damchoom K, Butler M, Abrial JR (2008) Modelling and proof of a tree-structured file system in Event-B and Rodin. In: International conference on formal engineering methods. Springer, Berlin, Heidelberg, pp 25–44
Orsini G, Posdorfer W, Lamersdorf W (2021) Saving bandwidth and energy of mobile and IoT devices with link predictions. J Ambient Intell Humaniz Comput 12(8):8229–8240
Prieto MD, Martínez B, Monton M, Guillen IV, Guillen XV, Moreno JA (2014) Balancing power consumption in IoT devices by using variable packet size. In: 2014 eighth international conference on complex, intelligent and software intensive systems. IEEE, pp 170–176
Aravindh G, Kowshik A. Speed detection using IOT. Int J Comput Appl 975:8887
Muankid A, Ketcham M (2019) The real-time electrocardiogram signal monitoring system in wireless sensor network. Int J Online Biomed Eng 15(2)
Gusev M, Poposka L, Spasevski G, Kostoska M, Koteska B, Simjanoska M, Trontelj J (2020) Noninvasive glucose measurement using machine learning and neural network methods and correlation with heart rate variability. J Sensors 2020
Georgiades G, Papageorgiou XS, Loizou SG (2019) Integrated forest monitoring system for early fire detection and assessment. In: 2019 6th international conference on control, decision and information technologies (CoDIT). IEEE, pp 1817–1822
Leuschel M, Butler M (2013) ProB: A model checker for B. In: International symposium of formal methods Europe. Springer, Berlin, Heidelberg, pp 855–874
Ait-Ameur Y, Baron M, Kamel N, Mota JM (2009) Encoding a process algebra using the Event B method: application to the validation of human–computer interactions. Int J Softw Tools Technol Transfer 11:239–253
Abrial JR, Butler M, Hallerstede S, Hoang TS, Mehta F, Voisin L (2010) Rodin: an open toolset for modelling and reasoning in Event-B. Int J Softw Tools Technol Transfer 12(6):447–466
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all authors, the corresponding author states that there is no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Toman, Z.H., Hamel, L., Toman, S.H. et al. Formal verification for security and attacks in IoT physical layer. J Reliable Intell Environ 10, 73–91 (2024). https://doi.org/10.1007/s40860-023-00202-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40860-023-00202-y