Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things
Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things
This thesis explores ideas connected with the cybersecurity of, and secure communications for, Internet of Things (IoT) devices; and introduces a number of original elements of research — including the Secure Remote Update Protocol (SRUP), a protocol developed to provide a mechanism for secure Command and Control messages. The work introduces cybersecurity concepts and background, IoT networking protocols and Command and Control messaging, before moving on to describe the original research. The design and concept of SRUP is described in detail, along with a scheme to support the use of dynamic identity in the context of the IoT. Techniques to establish device identity are then described, followed by an examination of the security features of SRUP. An open-source implementation of SRUP is then introduced, alongside a discussion on the way this has been optimized for ease of use by non-specialist developers. A concept to enable the controlled sharing of information and requests between Command and Control networks using SRUP is then described, along with a discussion on how this approach could be adopted to help to address the problem of short-term provision of access to IoT systems by guest users. Finally an experimental assessment of the protocol in simulated real-world conditions is described and measurements of the performance overhead associated with using SRUP, with inexpensive low-power hardware, are discussed and analysed. These results show that the use of the SRUP protocol, in comparison to an insecure implementation, added an additional processing delay of between 42.92ms and 51.60ms to the end-to-end message propagation — depending on the specific hardware in use. The thesis concludes with a summary of the research, and some recommendations for follow-on work.
University of Southampton
Poulter, Andrew John
8bbad929-4d27-43c7-ba22-8c737127e8c5
February 2022
Poulter, Andrew John
8bbad929-4d27-43c7-ba22-8c737127e8c5
Cox, Simon
0e62aaed-24ad-4a74-b996-f606e40e5c55
Poulter, Andrew John
(2022)
Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things.
University of Southampton, Doctoral Thesis, 272pp.
Record type:
Thesis
(Doctoral)
Abstract
This thesis explores ideas connected with the cybersecurity of, and secure communications for, Internet of Things (IoT) devices; and introduces a number of original elements of research — including the Secure Remote Update Protocol (SRUP), a protocol developed to provide a mechanism for secure Command and Control messages. The work introduces cybersecurity concepts and background, IoT networking protocols and Command and Control messaging, before moving on to describe the original research. The design and concept of SRUP is described in detail, along with a scheme to support the use of dynamic identity in the context of the IoT. Techniques to establish device identity are then described, followed by an examination of the security features of SRUP. An open-source implementation of SRUP is then introduced, alongside a discussion on the way this has been optimized for ease of use by non-specialist developers. A concept to enable the controlled sharing of information and requests between Command and Control networks using SRUP is then described, along with a discussion on how this approach could be adopted to help to address the problem of short-term provision of access to IoT systems by guest users. Finally an experimental assessment of the protocol in simulated real-world conditions is described and measurements of the performance overhead associated with using SRUP, with inexpensive low-power hardware, are discussed and analysed. These results show that the use of the SRUP protocol, in comparison to an insecure implementation, added an additional processing delay of between 42.92ms and 51.60ms to the end-to-end message propagation — depending on the specific hardware in use. The thesis concludes with a summary of the research, and some recommendations for follow-on work.
Text
PhD_Thesis_Southampton
- Version of Record
Text
PTD_Thesis_Poulter-SIGNED
Restricted to Repository staff only
More information
Published date: February 2022
Identifiers
Local EPrints ID: 457985
URI: http://eprints.soton.ac.uk/id/eprint/457985
PURE UUID: 82c65cfd-5828-4831-85cb-6b32f2aa9584
Catalogue record
Date deposited: 23 Jun 2022 18:17
Last modified: 16 Mar 2024 17:42
Export record
Contributors
Author:
Andrew John Poulter
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics