The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things

Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things
Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things
This thesis explores ideas connected with the cybersecurity of, and secure communications for, Internet of Things (IoT) devices; and introduces a number of original elements of research — including the Secure Remote Update Protocol (SRUP), a protocol developed to provide a mechanism for secure Command and Control messages. The work introduces cybersecurity concepts and background, IoT networking protocols and Command and Control messaging, before moving on to describe the original research. The design and concept of SRUP is described in detail, along with a scheme to support the use of dynamic identity in the context of the IoT. Techniques to establish device identity are then described, followed by an examination of the security features of SRUP. An open-source implementation of SRUP is then introduced, alongside a discussion on the way this has been optimized for ease of use by non-specialist developers. A concept to enable the controlled sharing of information and requests between Command and Control networks using SRUP is then described, along with a discussion on how this approach could be adopted to help to address the problem of short-term provision of access to IoT systems by guest users. Finally an experimental assessment of the protocol in simulated real-world conditions is described and measurements of the performance overhead associated with using SRUP, with inexpensive low-power hardware, are discussed and analysed. These results show that the use of the SRUP protocol, in comparison to an insecure implementation, added an additional processing delay of between 42.92ms and 51.60ms to the end-to-end message propagation — depending on the specific hardware in use. The thesis concludes with a summary of the research, and some recommendations for follow-on work.
University of Southampton
Poulter, Andrew John
8bbad929-4d27-43c7-ba22-8c737127e8c5
Poulter, Andrew John
8bbad929-4d27-43c7-ba22-8c737127e8c5
Cox, Simon
0e62aaed-24ad-4a74-b996-f606e40e5c55

Poulter, Andrew John (2022) Engineering applications and architectures for cybersecurity of command-and control messaging in the internet of things. University of Southampton, Doctoral Thesis, 272pp.

Record type: Thesis (Doctoral)

Abstract

This thesis explores ideas connected with the cybersecurity of, and secure communications for, Internet of Things (IoT) devices; and introduces a number of original elements of research — including the Secure Remote Update Protocol (SRUP), a protocol developed to provide a mechanism for secure Command and Control messages. The work introduces cybersecurity concepts and background, IoT networking protocols and Command and Control messaging, before moving on to describe the original research. The design and concept of SRUP is described in detail, along with a scheme to support the use of dynamic identity in the context of the IoT. Techniques to establish device identity are then described, followed by an examination of the security features of SRUP. An open-source implementation of SRUP is then introduced, alongside a discussion on the way this has been optimized for ease of use by non-specialist developers. A concept to enable the controlled sharing of information and requests between Command and Control networks using SRUP is then described, along with a discussion on how this approach could be adopted to help to address the problem of short-term provision of access to IoT systems by guest users. Finally an experimental assessment of the protocol in simulated real-world conditions is described and measurements of the performance overhead associated with using SRUP, with inexpensive low-power hardware, are discussed and analysed. These results show that the use of the SRUP protocol, in comparison to an insecure implementation, added an additional processing delay of between 42.92ms and 51.60ms to the end-to-end message propagation — depending on the specific hardware in use. The thesis concludes with a summary of the research, and some recommendations for follow-on work.

Text
PhD_Thesis_Southampton - Version of Record
Available under License University of Southampton Thesis Licence.
Download (36MB)
Text
PTD_Thesis_Poulter-SIGNED
Restricted to Repository staff only
Available under License University of Southampton Thesis Licence.

More information

Published date: February 2022
Related URLs:

Identifiers

Local EPrints ID: 457985
URI: http://eprints.soton.ac.uk/id/eprint/457985
PURE UUID: 82c65cfd-5828-4831-85cb-6b32f2aa9584
ORCID for Andrew John Poulter: ORCID iD orcid.org/0000-0002-3438-3981

Catalogue record

Date deposited: 23 Jun 2022 18:17
Last modified: 16 Mar 2024 17:42

Export record

Contributors

Author: Andrew John Poulter ORCID iD
Thesis advisor: Simon Cox

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×