Skip to main content
SpringerLink
Log in

Formal verification for security and attacks in IoT physical layer

  • Original Article
  • Published:
Journal of Reliable Intelligent Environments Aims and scope Submit manuscript

Abstract

IoT devices are more important than ever. In a connected world, IoT devices have many uses. They are no longer merely used at work; they are part of our everyday lives. Security concerns arise if the devices generate, collect, or process sensitive data. Physical layer security controls are the cornerstone once the risk for humans increases when physical security fails. To achieve security in IoT devices, preventing is better than detecting. Formal verification is an important and valuable tool for detecting possible vulnerabilities and ensuring data security. Thus, this paper proposes an Event-B proof-based formal model of IoT physical layer security and attacks from the requirements analysis level to the goal level. Our model is built incrementally using a refining method during design and verification. We present a three-level formal approach: first, the construction of the IoT physical layer; then, we check for IoT physical layer vulnerabilities by processing the lack of some characteristics that cause these vulnerabilities, such as speed, typical bandwidth, and power consumption; lastly, we detect physical layer attacks like jamming and MAC spoofing, which helps to build security proofs. Our approach uses an electrocardiogram (ECG) IoT system as a case study, and as an additional case study to back up the proposed method’s generalizability, we used a fire alarm system. Also, we use the proof obligations and the ProB animator in the Rodin model checking tool to check and validate our approach.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25
Fig. 26
Fig. 27
Fig. 28

Similar content being viewed by others

Data availability

No datasets were generated or analyzed during the current study.

References

  1. Ning H, Wang Z (2011) Future internet of things architecture: like mankind neural system or social organization framework? IEEE Commun Lett 15(4):461–463

    Article  Google Scholar 

  2. López TS, Ranasinghe DC, Patkai B, McFarlane D (2011) Taxonomy, technology and applications of smart objects. Inf Syst Front 13(2):281–300

    Article  Google Scholar 

  3. Ghosh A, Chakraborty D, Law A (2018) Artificial intelligence in Internet of things. CAAI Trans Intell Technol 3(4):208–218

    Article  Google Scholar 

  4. Rizvi S, Pipetti R, McIntyre N, Todd J, Williams I (2020) Threat model for securing internet of things (IoT) network at device-level. Internet Things 11:100240

    Article  Google Scholar 

  5. Hamamreh JM, Furqan HM, Arslan H (2018) Classifications and applications of physical layer security techniques for confidentiality: a comprehensive survey. IEEE Commun Surv Tutor 21(2):1773–1828

    Article  Google Scholar 

  6. Shakiba-Herfeh M, Chorti A, Poor HV (2021) Physical layer security: authentication, integrity, and confidentiality. In: Physical layer security. Springer, Cham, pp 129–150

  7. Wang D, Bai B, Lei K, Zhao W, Yang Y, Han Z (2019) Enhancing information security via physical layer approaches in heterogeneous IoT with multiple access mobile edge computing in smart city. IEEE Access 7:54508–54521

    Article  Google Scholar 

  8. Alladi T, Chamola V, Sikdar B, Choo KKR (2020) Consumer IoT: security vulnerability case studies and solutions. IEEE Consumer Electron Mag 9(2):17–25

    Article  Google Scholar 

  9. Wang N, Wang P, Alipour-Fanid A, Jiao L, Zeng K (2019) Physical-layer security of 5G wireless networks for IoT: challenges and opportunities. IEEE Internet Things J 6(5):8169–8181

    Article  Google Scholar 

  10. Ullah F, Al-Turjman F, Nayyar A (2020) IoT-based green city architecture using secured and sustainable android services. Environ Technol Innov 20:101091

    Article  Google Scholar 

  11. Keerthi K, Roy I, Hazra A, Rebeiro C (2019) Formal verification for security in IoT devices. Security and Fault Tolerance in Internet of Things, pp 179–200

  12. Bae WS (2019) Verifying a secure authentication protocol for IoT medical devices. Clust Comput 22(1):1985–1990

    Article  Google Scholar 

  13. Desnitsky V, Kotenko I (2016) Automated design, verification and testing of secure systems with embedded devices based on elicitation of expert knowledge. J Ambient Intell Humaniz Comput 7(5):705–719

    Article  Google Scholar 

  14. Kammüller F (2017) Formal modeling and analysis with humans in infrastructures for iot health care systems. In: International conference on human aspects of information security, privacy, and trust. Springer, Cham, pp 339–352

  15. Kammüller F (2017) Human centric security and privacy for the iot using formal techniques. In: International conference on applied human factors and ergonomics. Springer, Cham, pp 106–116

  16. Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for Internet of Things environments. Int J Commun Syst 30(16):e3323

    Article  Google Scholar 

  17. Drozdov D, Patil S, Dubinin V, Vyatkin V (2017) Towards formal verification for cyber-physically agnostic software: a case study. In: IECON 2017–43rd annual conference of the IEEE industrial electronics society. IEEE, pp 5509–5514

  18. Kim H, Kang E, Lee EA, Broman D (2017) A toolkit for construction of authorization service infrastructure for the internet of things. In: Proceedings of the second international conference on Internet-of-Things design and implementation, pp 147–158

  19. Mohsin M, Sardar MU, Hasan O, Anwar Z (2017) IoTRiskAnalyzer: a probabilistic model checking based framework for formal risk analytics of the Internet of Things. IEEE Access 5:5494–5505

    Article  Google Scholar 

  20. Kars P (1998) Formal methods in the design of a storm surge barrier control system. In: Lectures on embedded systems, European educational forum, school on embedded systems. Springer, London, pp 353–367

  21. Zahra S, Alam M, Javaid Q, Wahid A, Javaid N, Malik SUR, Khan MK (2017) Fog computing over IoT: a secure deployment and formal verification. IEEE Access 5:27132–27144

    Article  Google Scholar 

  22. Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of Things(IoT): a vision, architectural elements, and future directions. Futur Gener Comput Syst 29(7):1645–1660

    Article  Google Scholar 

  23. Weyrich M, Ebert C (2015) Reference architectures for the internet of things. IEEE Softw 33(1):112–116

    Article  Google Scholar 

  24. Zhang AL (2016) Research on the architecture of internet of things applied in coal mine. In: 2016 International conference on information system and Artificial Intelligence (ISAI). IEEE, pp 21–23

  25. Zhang N, Fang X, Wang Y, Wu S, Wu H, Kar D, Zhang H (2020) Physical-layer authentication for internet of things via wfrft-based gaussian tag embedding. IEEE Internet Things J 7(9):9001–9010

    Article  Google Scholar 

  26. Li C, Palanisamy B (2018) Privacy in internet of things: from principles to technologies. IEEE Internet Things J 6(1):488–505

    Article  Google Scholar 

  27. Ali B, Awad AI (2018) Cyber and physical security vulnerability assessment for IoT-based smart homes. Sensors 18(3):817

    Article  PubMed Central  ADS  PubMed  Google Scholar 

  28. Li X, Luo C, Ji H, Zhuang Y, Zhang H, Leung VC (2020) Energy consumption optimization for self-powered IoT networks with non-orthogonal multiple access. Int J Commun Syst 33(1):e4174

    Article  Google Scholar 

  29. Debroy S, Samanta P, Bashir A, Chatterjee M (2019) SpEED-IoT: spectrum aware energy efficient routing for device-to-device IoT communication. Futur Gener Comput Syst 93(833–848):4

    Google Scholar 

  30. Xu T, Darwazeh I (2018) Non-orthogonal narrowband Internet of Things: a design for saving bandwidth and doubling the number of connected devices. IEEE Internet Things J 5(3):2120–2129

    Article  Google Scholar 

  31. Kamel SOM, Hegazi NH (2018) A proposed model of IoT security management system based on a study of internet of things (IoT) security. Int J Sci Eng Res 9(9):1227–1244

    Google Scholar 

  32. Greco C, Pace P, Basagni S, Fortino G (2021) Jamming detection at the edge of drone networks using Multi-layer Perceptrons and Decision Trees. Appl Soft Comput 111:107806

    Article  Google Scholar 

  33. Chi Z, Li Y, Liu X, Wang W, Yao Y, Zhu T, Zhang Y (2020) Countering cross-technology jamming attack. In: Proceedings of the 13th ACM conference on security and privacy in wireless and mobile networks, pp 99–110

  34. Yousefnezhad N, Madhikermi M, Främling K (2018) Medi: measurement-based device identification framework for internet of things. In: 2018 IEEE 16th international conference on industrial informatics (INDIN). IEEE, pp 95–100

  35. Boulkenafet Z, Komulainen J, Hadid A (2018) On the generalization of color texture-based face anti-spoofing. Image Vis Comput 77:1–9

    Article  Google Scholar 

  36. Farhin F, Sultana I, Islam N, Kaiser MS, Rahman MS, Mahmud M (2020) Attack detection in internet of things using software defined network and fuzzy neural network. In: 2020 joint 9th international conference on informatics, electronics & vision (ICIEV) and 2020 4th international conference on imaging, vision & pattern recognition (icIVPR). IEEE, pp 1–6

  37. Hoang TS (2013) An introduction to the Event-B modelling method. Ind Deploy Syst Eng Methods 211–236

  38. Craigen D (1999) Formal methods adoption: what’s working, what’s not! In: Proceedings of the 5th and 6th international SPIN workshops on theoretical and practical aspects of SPIN model checking. Springer, London, pp 77–91

  39. Eisner C (2002) Using symbolic CTL model checking to verify the railway stations of Hoorn- Kersenboogerd and Heerhugowaard. Int J Softw Tools Technol Transf 4(1):107–124

    Article  Google Scholar 

  40. Damchoom K, Butler M, Abrial JR (2008) Modelling and proof of a tree-structured file system in Event-B and Rodin. In: International conference on formal engineering methods. Springer, Berlin, Heidelberg, pp 25–44

  41. Orsini G, Posdorfer W, Lamersdorf W (2021) Saving bandwidth and energy of mobile and IoT devices with link predictions. J Ambient Intell Humaniz Comput 12(8):8229–8240

    Article  Google Scholar 

  42. Prieto MD, Martínez B, Monton M, Guillen IV, Guillen XV, Moreno JA (2014) Balancing power consumption in IoT devices by using variable packet size. In: 2014 eighth international conference on complex, intelligent and software intensive systems. IEEE, pp 170–176

  43. Aravindh G, Kowshik A. Speed detection using IOT. Int J Comput Appl 975:8887

  44. Muankid A, Ketcham M (2019) The real-time electrocardiogram signal monitoring system in wireless sensor network. Int J Online Biomed Eng 15(2)

  45. Gusev M, Poposka L, Spasevski G, Kostoska M, Koteska B, Simjanoska M, Trontelj J (2020) Noninvasive glucose measurement using machine learning and neural network methods and correlation with heart rate variability. J Sensors 2020

  46. Georgiades G, Papageorgiou XS, Loizou SG (2019) Integrated forest monitoring system for early fire detection and assessment. In: 2019 6th international conference on control, decision and information technologies (CoDIT). IEEE, pp 1817–1822

  47. Leuschel M, Butler M (2013) ProB: A model checker for B. In: International symposium of formal methods Europe. Springer, Berlin, Heidelberg, pp 855–874

  48. Ait-Ameur Y, Baron M, Kamel N, Mota JM (2009) Encoding a process algebra using the Event B method: application to the validation of human–computer interactions. Int J Softw Tools Technol Transfer 11:239–253

    Article  Google Scholar 

  49. Abrial JR, Butler M, Hallerstede S, Hoang TS, Mehta F, Voisin L (2010) Rodin: an open toolset for modelling and reasoning in Event-B. Int J Softw Tools Technol Transfer 12(6):447–466

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, FSM, Al-Monastir University, Monastir, Tunisia

    Zinah Hussein Toman & Sarah Hussein Toman

  2. Department of Computer Science, Faculty of Computer Science and Information Technology, Al-Qadisiyah University, Al Diwaniyah, Iraq

    Zinah Hussein Toman & Sarah Hussein Toman

  3. Department of Computer Science, ISIMM, Al-Monastir University, Monastir, Tunisia

    Lazhar Hamel

  4. IMT Atlantique, LS2N, Nantes, France

    Mohamed Graiet

  5. Federal Institute of Pernambuco/Federal University of Campina Grande, Campina Grande, Brazil

    Dalton Cézane Gomes Valadares

Authors
  1. Zinah Hussein Toman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lazhar Hamel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarah Hussein Toman
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohamed Graiet
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dalton Cézane Gomes Valadares
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zinah Hussein Toman.

Ethics declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Toman, Z.H., Hamel, L., Toman, S.H. et al. Formal verification for security and attacks in IoT physical layer. J Reliable Intell Environ 10, 73–91 (2024). https://doi.org/10.1007/s40860-023-00202-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s40860-023-00202-y

Keywords

Search

Navigation