Vulnerabilities of the 6P protocol for the Industrial Internet of Things: Impact analysis and mitigation

The 6TiSCH architecture defined by the IETF provides a standard solution for extending the Internet of Things (IoT) paradigm to industrial applications with stringent reliability and timeliness requirements. In this context, communication security is another crucial requirement, which is currently l...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Computer communications Ročník 194; s. 411 - 432
Hlavní autoři: Righetti, Francesca, Vallati, Carlo, Tiloca, Marco, Anastasi, Giuseppe
Médium: Journal Article
Jazyk:angličtina
Vydáno: Elsevier B.V 01.10.2022
Témata:
6P Vulnerabilities
6p vulnerability
6TiSCH
Availability
Energy utilization
Impact analysis
Impact mitigation
Industrial internet of thing
Industrial Internet of Things
Internet of things
Internet protocols
Minimal scheduling function
MSF
Network architecture
Network security
Power management (telecommunication)
Scheduling algorithms
Scheduling functions
Security
Standard solutions
Availability
MSF
6P
6TiSCH
Security
6P vulnerabilities
Industrial Internet of Things
ISSN:0140-3664, 1873-703X, 1873-703X
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:The 6TiSCH architecture defined by the IETF provides a standard solution for extending the Internet of Things (IoT) paradigm to industrial applications with stringent reliability and timeliness requirements. In this context, communication security is another crucial requirement, which is currently less investigated in the literature. In this article, we present a deep assessment of the security vulnerabilities of 6P, the protocol used for resource negotiation at the core of the 6TiSCH architecture. Specifically, we highlight two possible attacks against 6P, namely the Traffic Dispersion and the Overloading attacks. These two attacks effectively and stealthy alter the communication schedule of victim nodes and severely thwart network basic functionalities and efficiency, by specifically impacting network availability and energy consumption of victim nodes. To assess the impact of the attacks two analytical models have been defined, while, to demonstrate their feasibility, they have been implemented in Contiki-NG. The implementation has been used to quantitatively evaluate the impact of the two attacks by both simulations and measurements in a real testbed. Our results show that the impact of both attacks may be very significant. The impact, however, strongly depends on the position of the victim node(s) in the network and it is highly influenced by the dynamics of the routing protocol. We have investigated mitigation strategies to alleviate this impact and proposed an extended version of the Minimal Scheduling Function (MSF), i.e., the reference scheduling algorithm for 6TiSCH. This allows network nodes to early detect anomalies in their schedules possibly due to an Overloading attack, and thus curb the attack impact by appropriately revising their schedule.
ISSN:0140-3664
1873-703X
1873-703X
DOI:10.1016/j.comcom.2022.07.054