IoT Security

© 2017 Pearson Education, Inc., Hobken, NJ. All rights reserved.

 Internet of
Things (IoT)
 What is IoT?
• Humans use the internet to share information with each other.

• Currently, the internet is not just a mean of communication, it

is used to connect things like fridges, cars, washing machines,
etc..
• It has a lot of applications in medical, manufacturing, and
agricultures and many other domains.
• IoT connects up all things, and in doing so, contribute to safer
environments, and create efficiencies that save time, money,
energy and other resources.
• Video 1: What is smart city?
 Internet of
Things (IoT)
reference
Model
IoT reference Model

The 7 levels of IoT Reference Model

 Security in the IoT
As shown in
Figure,
security must
pervade the
entire model.

For the purpose of the IoT Reference Model, security measures must:
● Secure each device or system
● Provide security for all processes at each level.
● Secure movement and communication between each level.
 Part 2:
Physical
Devices and
Controllers
 Sensors and Actuators
• In the previous slides, you gained a good understanding
of what the Internet of Things refers to, and its
enormous scope to help increase safety and create
efficiencies.
• Sensor: A sensor detects changes in its environment and
sends information about that change. (Temperature
sensor, Microphone, Humidity Sensor, etc.)
• Actuator: performs action, such as moves or controls
something. (Motor, Speaker, Screen, etc.)
• Watch Video-2 (Sensors and Actuators)
 Sensors in your smart
phone
• The touch screen allows interaction with all phone (IoT device)
functions and Apps, and some game Apps use the capability for play.
• A typical smart phone contains many sensors of various types, and is
generally internet capable. A few of the most common sensors
include:
• Magnetometer: Detects magnetic fields
• Accelerometer: Detects the movement of the phone (helps in determining
location) (linear motion)
• Gyroscope: Detects a change in the phone’s orientation (rotated motion)

• In most cases these sensors generate data and deal with it in the
phone itself. In an IoT scenario, the data generated by a sensor is sent
out into a network. This may or may not involve a message or
command for action coming back to the phone.
 Phone Sensors
 Packet Tracer Demo
• Learn about packet tracer (can download Packet Tracer from 
https://www.netacad.com/courses/packet-tracer-download/ by
enrolling in Cisco’s free Introduction to Packet Tracer course. ).
• Watch Video 3 (Packet Tracer Demo) to learn more about packet tracer tool.

• video 4 (Touchy-feely lamp) shows an example of an electronics (Arduino)

starter kit line up that uses a simple sensor and responding actuator to make
a touchy-feely lamp.

• Video 5- IoT Scenario House

• Video 6 - IoT Scenario City

• Video 7- IoT Scenario Industrial

  Microcontroller
development boards

Video 8- Tour of the Arduino Uno board

  MicroComputer
development boards

Video 9- Tour of the Raspberry Pi board

 Layer 2:
Connectivity
  Sensor communication
• Serial communication protocol is the common protocol used for
microcontrollers’ communications. It involves the process of
transmitting a series of digital pulses between sender and receiver
on specified data rate (Baud Rate), and is generally divided
into synchronous and asynchronous categories.
  RS-232 and USB

USB USB RS-232

  System Communication
• The large amount of data that is collected by sensors is required to be
transferred to servers on the Cloud for analysis and decision making. Then the
necessary action will be delivered back from the Cloud to microcontrollers.

• Communication between sensors to computer/Cloud is done using a number of

communication protocols based on the power consumption, coverage, data
rate, and cost requirement for each IoT system.
  System Communication
• Sensor to Cloud communication protocols

1. Ethernet
• A wired network is the traditional way of connecting devices to the
Internet, and is practical for an environment with a wired
connection to the Internet, such as a smart home system.
  System Communication
• Sensor to Cloud communication protocols

2. Wireless
• The diagram below illustrates the different types of wireless communications
used by mobile technology, and how the communication is sent to the internet:
via Bluetooth (BT), WiFi and Mobile.
 How 'things' connect?
• We need to know how can things send data and receive instructions through a network.

• IoT makes use of existing technology for physical connections, and their corresponding
protocols, such as Ethernet , 4G mobile, or 5G mobile network.

• There are also newer protocols and connectivity types being developed specifically for
IoT.

• These protocols use a wireless technology called narrow band RF technology such as
LoRa (Long Range Radio) WAN network, SIGFOX (Ultra Narrow Band), and NB-IoT
(Narrow-Band IoT).

• Narrowband RF technologies operate over longer distances and at lower power levels,
but their trade-off is that they only offer smaller bandwidth connectivity, limiting their
use to restricted data and bandwidth applications. Examples include alarm systems,
critical sensor arrays, and many (Machine to Machine) M2M applications.

• The main advantage of Narrowband RF technologies is that they are low cost to set up
and operate, and the devices that they support use minimal power.
 How 'things' connect?
• Watch Video 10 (Tilt Maze) that shows a ball in a maze game being controlled
remotely via a tablet. This utilizes servo motors to tilt the physical maze, and
sensors in the tablet responding to the position of the tablet.

• After watching the video, try to answer the following questions.

1- How does the angle of the tablet get measured?

2- What converts this measurement to a signal to be sent over the internet?

3- How do you think this signal is sent to the internet?

4- How is the Raspberry Pi connected to the internet?

5- How is the Raspberry Pi connected to the Arduino?

6- What enables the remote user to view the position of the ball?
 How 'things' connect?
• The diagram below simplifies the process, to illustrate
how the data moves through the layers (of the layer
model). 
OSI and TCP/IP Models
(Frameworks)
OSI and TCP/IP Models
(Frameworks)
OSI and TCP/IP Models
OSI and TCP/IP Models
OSI and TCP/IP Models
OSI and TCP/IP Models
OSI and TCP/IP Models
 Protocol data units

What makes data communications

(transportation of data) is the break of
data stream into pieces called
datagram.

PDU
Encapsulation & Decapsulation
Data link layer addressing -
MAC addressing

MAC addresses consist of 48 bits

Internet layer addressing
 IPv6 addresses

IPv 6 Address Structure

Example IPv 6 Addressees

Examples of compressed IPv6 addresses after removing the highlighted zeroes

Compare MAC and IP
addresses
Routing protocols

Packet switching in a data network

 IoT Protocols Overview
• The TCP/IP suite is the key communication protocol stack that includes significant families of
protocols for device communications over the network and the Internet. However, new protocols
are required to enhance the TCP/IP suite for the IoT environment by providing the communications
between resource-constrained devices within the IoT Low-Power and Lossy Networks (LLN).

• IoT devices are usually placed in resource-limited environments, such as: 

• remote and isolated agricultural applications;
• mobile and lightweight medical devices that need be powered for long periods of time in
a variety of locations;
• outside for smart city applications; and
• many other scenarios where there are power and network connection constraints.

• Also, in most IoT applications, devices are required to be very small in size for implementation, and
therefore they must operate on battery, and run on low memory and CPU power with a limited
network communication capability. The majority of IoT applications (such as smart cities), contain a
large number of low-power, low-data rate, small devices performing the data acquisition process,
transmission of information to actuators, and the update of feedback loops. 

• There are numerous IoT protocols available and in progress, and in the following slides we
will examine the most popular ones.  
 IoT Protocols Overview

Acronyms associated with Networks and Protocols.

Main IoT protocols

Application protocols
The application protocols such as HTTP and
XMPP, traditionally found in the Application
layer, are considered to be resource
demanding protocols. This does not make
them a suitable option for communication in
an IoT constrained environment with a large
number of connected devices. Therefore, more
lightweight protocols are required by the IoT
industry to address this problem.
 
Constrained Application Protocol (CoAP) and
Message Queuing Telemetry Transport
(MQTT) are the two most popular IoT
application protocols [Hanes et al 2017].

Let’s now take a look at each of them in more

detail.
Application protocols
Constrained Application Protocol (CoAP) and
Message Queuing Telemetry Transport
(MQTT) are the two most popular IoT
application protocols [Hanes et al 2017].

Let’s now take a look at each of them in more

detail.
 Constrained Application
Protocol (CoAP)
- CoAP message exchange is done using UDP
(User Datagram Protocol) with strong security
measures, through the utilization of the Datagram
Transport Layer Security (DTLS)
- CoAP architecture performs two main activities:
messaging and request/response
- The messaging activity is responsible for
reliability and detect duplication of messages.
- The request/response activity is responsible for
communication.
- CoAP has four messaging modes: confirmable,
non- confirmable, piggyback and separate.

- Confirmable and non-confirmable modes

represent the reliable and unreliable
transmissions.
- Other modes are used for request/response.
- Piggyback is used for client/server direct
communication where the server sends its
response directly after receiving the message
i.e., within the acknowledgment message
- the separate mode is used when the server
response comes in a message separate from the
acknowledgment. Four messaging modes
 Constrained Application
Protocol (CoAP)
- The communication between
client and server uses a CoAP
message ID to ensure reliability
and detect duplicate message.
- The Client sends GET request to
get temperature from the sensor.
- CON marking in the message
means the message will be Example: Piggyback message mode
retransmitted until the recipient
send an acknowledge. With the
same message ID.
- The temperature sensor replies
with an ACK message
referencing the correct ID and
sends the temperature reading at
the same time, i..e., with the ACK
message.
 Message Queuing Telemetry
Transport (MQTT)
- It provides a publish/ subscribe
architecture

- The system consists of three main

components: publishers (client),
subscribers (client), and a broker
(server)
- The brokers classify sensory data in
topics and send them to subscribers
interested in
the topics.
- Information is buffered at the
message broker in the case of
connection failure, so publisher
and subscriber do not need to be MQTT Publish/Subscribe framework
online at the same time. he
The message broker receives and accepts
- MQTT uses TCP (Transmission Control the connection and data.  Additionally, the
Protocol) as a reliable protocol for message broker manages the subscription
connection and transmission, and can use processes to transmit the publisher data to
Transport Layer Security (TLS) for additional a subscriber interested in this data. 
CoAP versus MQTT
Transport protocols

All protocols explained in this layer are not only IoT

specific ones.

For example, both Transmission Control Protocol (TCP)

and User Datagram Protocol (UDP) are the core
protocols for the TCP/IP protocol suite.

However, IoT applications mostly use UDP,

TCP, and DTLS (Data Transport Layer Security) as
transport layer protocols.
 Internet protocols
Internet Protocol version 6 (IPv6)
IPv6 is a an upgrade to IP version 4 (IPv4). It uses 128 bit
addresses compared to the 32 bit addresses in IPv4,
providing a larger number of addresses with integrated
security features to accommodate the rapid growth of
Internet users.

6LoWPAN
IPv6 addresses are too long for IoT data frames; standards
and protocols are required to encapsulate the IPv6
datagram in small packets. IPv6 over Low power Wireless
Personal Network (6LoWPAN) is the first protocol to have
successfully encapsulated the IPv6 for IEEE802.15.4
networks [Salman 2015].

6LoWPAN represents an adaptation layer between datalink layer and Internet layer
 IPv6 Routing Protocol for Low Power and
Lossy Networks (RPL)
RPL is a distance Routing table stored on the border router
vector routing
protocol that
determines the
best route based
on the distance
between the
nodes. 

The RPL has two

different modes:
storing and non-
storing. 

IoT routers are resource constrained and thus can not support the traditional routing
protocols
IPv6 Routing Protocol for Low Power and
Lossy Networks (RPL)
IPv6 Routing Protocol for Low Power and
Lossy Networks (RPL)
Routing table stored on all nodes router
 Network access and physical
protocols (IEEE 802.3 Ethernet)
IoT devices may be connected via a wired connection. For permanent
connections, Ethernet is commonly used.  The data rate using
Ethernet can range from 10 Mbps to more than 1 Gbps (1000 Mbps).
10-base-T can be found on small microcontrollers; 100-base-T (100
Mbps) can be found on many higher-powered microcontrollers or
single board computers. 
Some examples of Ethernet-connected IoT devices are:
• Cameras – video. Transmitting 4K quality video over WiFi
may create problems due to the data speed constraints in WiFi
• Voice (VoIP)
• Set-top boxes - video/audio streaming and storage
• Game applications and systems
• Static industrial equipment 
• Sensors transmitting high security data, where transmitting via
a wireless connection is viewed as high risk transmission
• High-reliability control, such as robotics or medical
applications
Network access and physical protocols
(IEEE 802.11 a/b/g/n/ac/ad/ah/ax WiFi)
IEEE 802.11, also known as WiFi, is a protocol replacing wired
Ethernet for wireless communications. In a WiFi network, the
transmitter or wireless access point (WAP) is responsible for
translating the digital signals from wired network to radio signals,
and vice versa, for communications between mobile devices in the
WAP range and the Internet. 

There have been a number of IEEE 802.11 protocol versions

introduced since 1997, including: IEEE 802.11a , IEEE 802.11 b, IEEE
802.11 g, IEEE 802.11 n, IEEE 802.11 ac, IEEE 802.11 ad, IEEE
802.11 ah, and IEEE 802.11 ax. The last two protocols address the
shortcomings in IoT-constrained environments.

Range: 20m to 250m

data rates: between 1 Mb/s to 2.0 Gb/s
Network access and physical protocols
(IEEE 802.15.4)
Since the traditional frame format of MAC layer protocols was not
suitable for IoT low power, IEEE 802.15.4 was created with a more
efficient frame format that has become the most used IoT MAC
layer standard. 

The common IEEE 802.15.4 IoT applications are:

• Home and building automation

• Automotive networks
• Industrial wireless sensor networks
• Interactive toys and remote controls
• The commonly used IoT applications [list from
Hanes et al 2017].

There are number of protocols based on IEEE 802.15.4, including

ZigBee, 6LoWPAN, and Thread.
Network access and physical protocols
(LPWAN)
Low Power Wide Area Network (LPWAN) is a protocol for
resource constrained devices and networks over long ranges.
Some of the most well-known protocols based on LPWAN are
LoRa, SigFox, and Weightless [McClellan 2017].
 Network access and physical protocols
(Cellular)
Cellular networks are suitable for long distance communications in IoT applications.
 
Four generations of mobile communication have been developed over the past 30 years, and the fifth one is coming
up by 2020. 

The Global Service for Mobile communication (GSM) is a 2G (second generation) cellular network protocol that was
developed by the European Telecommunication Standards Institute (ETSI) in 1991. GSM added fast data
communication and introduced the Short Messaging System (SMS). In the later version, the General Packet Radio
Service (GPRS) was added to GSM, with the Multimedia Messaging System (MMS) as the main feature for sending
video, pictures, and sound [Joan 2011].  

To improve the speed and capacity of cellular networks, LTE (Long-Term Evolution) based on 4G was introduced. LTE
is replacing the GSM in IoT applications for M2M connection, with better connection and lower costs - however all
cellular network protocols come with a high price that in most situations makes them too expensive to adopt. 

The new LTE 4G includes the standardization of NarrowBand IoT (or NB-IoT) that is a LPWAN technology.

Cellular networks are expensive technology, due to their utilization of licensed Radio Frequency and intellectual
property protection. 
The 5th Generation cellular network is in progress, and will improve IoT communications. It also promises to lower
costs, battery consumption, and latency. In a 5G network, data rates of hundreds of megabits are available per
second for tens of thousands of users. It also enables several hundreds of thousands of simultaneous connections for
massive wireless sensor networks.
 Bandwidth and coverage
Today’s IoT networks are best explained by looking at the bandwidth and coverage of
each network technology, as shown

Categorizing the IoT network protocol

based on Bandwidth to Range
 How to choose a specific IoT
protocol?
• The majority of IoT cases require wireless connection,
and there are many aspects to consider when choosing a
protocol:
• is the connection over a very short distance, or might it be
citywide?
• what is the volume of data being sent? Is it huge – such as
video files – or small?
• the frequency of generated data: periodical generation, or
only occasional (when a device does not need to be ‘on’ all
the time, draining power)?

• Each IoT solution needs to be considered in its own right.

There is no 'one size fits all' solution.
How to choose a specific IoT
protocol?

LPWAN Cellular

IEEE 802.15.4

NFC IEEE 802.11

 Types of wireless networks
• The distance the data can be communicated affects the
network that technology can be used in.
• Wireless communication standards/protocols and
technology can be grouped based on the size of the
network.
• From smallest to largest networks, these are:
• Personal Area Network (PAN) and Wireless Sensor Network
(WSN);
• Wireless Local Area Network (WLAN); and
• Wireless Wide Area Network (WWAN).
 Types of wireless networks
PAN or Wireless PAN (WPAN)
covers small geographical area (few
meters) (Bluetooth, Zigbee, Z-
wave, Thread and 6LoWPAN)

LAN is a wired or wireless (WLAN)

network that interconnects devices
located in a small, geographical
area, such as a home, office,
campus, or factory. It offers high-
speed bandwidth

WAN is a network that covers a large

geographic area and connects LANs
together. It is managed and owned by
service providers and has a lower speed
bandwidth compared to LAN

Network technologies and protocols can be mapped to traditional Network classifications

as PAN, LAN, and WAN. We’ll look at each separately in the following sections.
 Personal Area Network (PAN) and
Wireless Sensor Network (WSN)
• Bluetooth Low Energy 802.15.4
• Bluetooth Low Energy (BLE), a version of Bluetooth designed for low-powered devices, can help IoT
devices conserve energy by maintaining the devices in sleep mode until they are connected. What
makes BLE ideal for IoT applications is the fact that it can rapidly pair and reconnect with devices in
six milliseconds (down from six seconds for classic Bluetooth). 

• The most common Bluetooth settings are: 

• Standard: Bluetooth 4.2 core specification
• Frequency: 2.4GHz (ISM)
• Range: 50-150m (Smart/BLE)
• Data Rates: 1Mbps (Smart/BLE)

• The figure below illustrates two topologies of Bluetooth technology: star and mesh topologies.
Bluetooth mesh is the latest version, and includes ‘many-to-many’ communications for large-scale
networking applications such as asset tracking, home and building automation, lighting, beaconing,
and smart metering.
 Personal Area Network (PAN) and
Wireless Sensor Network (WSN)
• ZigBee - IEEE 802.15.4

• ZigBee is a WPAN protocol for low processing and low power devices. It has a low data
rate that is less expensive than Bluetooth and WiFi, and based on IEEE 802.15.4. 

• ZigBee is suitable for infrequent data transmission at low-data rates within a small area
(10-100 m), such as buildings. 

• ZigBee uses the 2.4GHz ISM (Industrial, Scientific and Medical) frequency, and has a data
rate of approximately 250 kbps. 

• ZigBee operation

• In a ZigBee network, devices can take on three different roles: 

• Zigbee coordinator,
• Zigbee router, and 
• Zigbee client
 Personal Area Network (PAN) and
Wireless Sensor Network (WSN)
• ZigBee - IEEE 802.15.4
• The ZigBee coordinator is responsible for managing the Zigbee clients, and formation
and maintenance of the ZigBee network. Each ZigBee coordinator can connect to eight
ZigBee devices, including a combination of clients and routers.

• ZigBee routers are used to bridge the data between ZigBee client and ZigBee
coordinators when they are far from each other. The figure below shows the three
types of ZigBee topologies.

Star, Cluster Tree, and Mesh Network Topology

 Personal Area Network (PAN) and
Wireless Sensor Network (WSN)
• 6LowPAN
6LoWPAN can be seen as
a combination of two protocols:
Internet Protocol version 6 (IPv6) and
Low-Power Wireless Personal Network
(LoWPAN).

6LoWPAN supports the mesh

network and can communicate not only
with the 802.15.4 network, but also IP-
based networks such as WiFi , Ethernet,
with a bridge device
 Personal Area Network (PAN) and
Wireless Sensor Network (WSN)
• Near-field communication (NFC) is a set of communication
protocols that enable two electronic devices - typically portable devices such as
smartphones - to establish low-speed communication by bringing them within 4
cm (1.6 in) to 10Cm of each other.

• NFC devices are used in contactless payment systems, like those used in credit
cards and electronic ticket smartcards. NFC-enabled devices can act as
electronic identity documents and keycards.
 Wireless Local Area Network
(WLAN)
• WiFi (IEEE 802.11)

Range: 20m to 250m

data rates: between 1 Mb/s to 2.0 Gb/s.

Operates in the unlicensed 2.4 and 5

Gigahertz (Ghz) Ranges of RF spectrum

Two Wi-Fi standards, IEEE802.11ah and IEEE802.11ax (HEW, High

Efficiency Wireless) have been developed for IoT applications.
Both standards are low data rate and short range. The IEEE802.11
ax released in early 2019. It allows more devices (18) to
communicate simultaneously within a 40 MHz channel.
 Wireless Wide Area Network
(WWNN)
• Mobile Network (1G, 2G, 3G, 4G, 5G).
 Low Power Wireless Wide Area
Network (LPWAN)
• Low Power Wide Area Network (LPWAN) is a low power, low bit rate, and long range
communication technology designed for low power and low processing devices, such as
sensors.

• LPWAN- LoRa (Low Range Radio)

• LoRaWANTM  is a LPWAN protocol introduced by LoRa Alliance, an open and non-profit

organisation with more than 300 members who work together to define open global
standards for IoT LPWAN.

• Connection range several Kilometres (2-7 Km), more than cellular.

• BW Range from 0.3 to 50 Kbps.

• Security in LoRaWANTM is handled through network and application layers to make it a

rather secure protocol. Devices, such as sensors, are connected to a network and
application server through LoRa gateway, as per the diagram below.
Low Power Wireless Wide Area
Network (LPWAN)

LoRaWAN Network Structure

 Low Power Wireless Wide Area
Network (LPWAN)
Sigfox

• Sigfox is a French company, that developed Sigfox

technology.
• Standard: Sigfox

• Frequency: 900MHz

• Range: 30-50km (rural environments); 3-10km (urban

environments)
• Data Rates: 10-1000bps