Abstract
With the rapid expansion of Internet of Things (IoT), Constrained Application Protocol (CoAP) is developed to enable those devices with small memory, constrained computing power and limited ability to communicate with other nodes in the network. Meanwhile, group communication is very useful for managing and controlling a set of homogeneous devices in many IoT scenarios. Thus, many scholars are devoted to expanding CoAP to enable group communication. Furthermore, because CoAP is widely applicated in transportation, health care, industrial and many other areas, the security and consistency of data is of great importance. In this paper, we adopt Communicating Sequential Processes (CSP) to model group communication CoAP, and we use model checker Process Analysis Toolkit (PAT) to verify six properties of our model, including deadlock freedom, divergence freedom, data reachability, data leakage, client faking and entity manager faking. The verification results show that the original architecture has the security risk of data leakage. So we enhance it by adding message authentication code in the process. In the light of the new verification results, it can be found that we succeed in eliminating the possibility of data leakage.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of things (IoT): a vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)
Bormann, C.: Angelo paolo castellani, zach shelby: CoAP: an application protocol for billions of tiny internet nodes. IEEE Internet Comput. 16(2), 62–67 (2012)
Rahman, A., Dijk, E.: Group communication for the constrained application protocol (CoAP). RFC 7390, 1–46 (2014)
Ishaq, I., Hoebeke, J., Moerman, I., Demeester, P.: Observing CoAP groups efficiently. Ad Hoc Netw. 37, 368–388 (2016)
Sadeghi, A.-R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. DAC 54(1–54), 6 (2015)
Tushir, B., Sehgal, H., Nair, R., Dezfouli, B., Liu, Y.: The impact of DoS attacks on resource-constrained IoT devices: a study on the mirai attack. CoRR abs/2104.09041 (2021)
Capossele, A., Cervo, V., De Cicco, G., Petrioli, C.: Security as a CoAP resource: an optimized DTLS implementation for the IoT. In: ICC 2015, pp. 549–554 (2015)
Ishaq, I., Hoebeke, J., Moerman, I., Demeester, P.: Experimental evaluation of unicast and multicast CoAP group communication. Sensors 16(7), 1137 (2016)
Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Hoboken (1985). ISBN 0-13-153271-5
Lambert, S.M.: Exploiting the power of message authentication codes. Inf. Syst. Secur. 3(3), 53–63 (1994)
Tschofenig, H., Fossati, T.: Transport layer security (TLS)/Datagram transport layer security (DTLS) profiles for the internet of things. RFC 7925, 1–61 (2016)
McGrew, D.A., Bailey, D.V., Campagna, M.J., Dugal, R.: AES-CCM elliptic curve cryptography (ECC) cipher suites for TLS. RFC 7251, 1–10 (2014)
Desmedt, Y.: Man-in-the-middle attack. In: van Tilborg, H.C.A. (eds.) Encyclopedia of Cryptography and Security. Springer, Boston (2005). https://doi.org/10.1007/0-387-23483-7_241
Lowe, G.: Probabilistic and prioritized models of timed CSP. Theor. Comput. Sci. 138(2), 315–352 (1995)
Acknowledgement
This work was partly supported by the National Key Research and Development Program of China under Grant No. \(2018_{YFB}2101300\), the National Natural Science Foundation of China under Grant Nos. 61872145 and 62032024, and Shanghai Trusted Industry Internet Software Collaborative Innovation Center.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Chen, S., Li, R., Zhu, H. (2022). Formalization and Verification of Group Communication CoAP Using CSP. In: Shen, H., et al. Parallel and Distributed Computing, Applications and Technologies. PDCAT 2021. Lecture Notes in Computer Science(), vol 13148. Springer, Cham. https://doi.org/10.1007/978-3-030-96772-7_58
Download citation
DOI: https://doi.org/10.1007/978-3-030-96772-7_58
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-96771-0
Online ISBN: 978-3-030-96772-7
eBook Packages: Computer ScienceComputer Science (R0)