Comprehensive Analysis of Secure Data Aggregation Scheme for Industrial Wireless Sensor Network

As an Industrial Wireless Sensor Network (IWSN) is usually deployed in a harsh or unattended environment, the privacy security of data aggregation is facing more and more challenges. Currently, the data aggregation protocols mainly focus on improving the efficiency of data transmitting and aggregating, alternately, the aim at enhancing the security of data. The performances of the secure data aggregation protocols are the trade-off of several metrics, which involves the transmission/fusion, the energy efficiency and the security in Wireless Sensor Network (WSN). Unfortunately, there is no paper in systematic analysis about the performance of the secure data aggregation protocols whether in IWSN or in WSN. In consideration of IWSN, we firstly review the security requirements and techniques in WSN data aggregation in this paper. Then, we give a holistic overview of the classical secure data aggregation protocols, which are divided into three categories: hop-by-hop encrypted data aggregation, end-to-end encrypted data aggregation and unencrypted secure data aggregation. Along this way, combining with the characteristics of industrial applications, we analyze the pros and cons of the existing security schemes in each category qualitatively, and realize that the security and the energy efficiency are suitable for IWSN. Finally, we make the conclusion about the techniques and approach in these categories, and highlight the future research directions of privacy preserving data aggregation in IWSN.     

Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks

Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.     

Novel method for transferring access control list rules to synchronize security protection in a locator/identifier separation protocol environment with cross‐segment host mobility

Extended access control lists (ACLs) are used to filter packets for network security. However, in current network frameworks, ACL rules are not transferred simultaneously with devices that move across network segments. The Internet Engineering Task Force proposed the Locator/Identifier Separation Protocol (LISP), which enables routers (xTRs) to configure ACL rules for blocking immobile endpoint identifiers (EIDs). However, when an EID moves from the original xTR to a new xTR, the ACL rules at the original xTR cannot be transferred with the EID. Thus, the new xTR lacks the corresponding ACL rules to effectively block the EID, resulting in security risks. The highlights of this study are as follows. First, a method is proposed for dynamically transferring ACL rules in LISP environments and frameworks. Second, the map‐register and map‐notify protocols were combined to encapsulate and transfer the ACL rules and thus obviate an additional process required to transfer these rules. Third, the experimental results verified that the proposed method can be used to achieve synchronized security protection in an LISP environment involving cross‐segment EID movements.     

基于英飞凌TC275的整车控制器CCP协议底层驱动开发

针对以英飞凌TC275单片机为平台的整车控制器,进行控制器局域网络标定协议(controller area network calibration protocol,CCP)底层驱动程序的开发。依据CCP的需求开发了英飞凌TC275的控制器局域网络(controller area network,CAN)模块、系统定时器(system timer,STM)模块和FLASH模块的底层驱动程序,实现CCP标定系统的通信连接、数据上传、数据下载、数据存储等功能。为验证系统的性能,进行整车控制器的实际测试,测试结果表明:所开发的基于TC275单片机的CCP底层驱动程序能够实现CCP的功能要求。     

一种云计算数字签名技术的研究与实现

由于云计算具有可靠性高、成本低、性能高等特点,已经成为了新一代信息技术变革的核心。为了能够有效推动互联网安全架构的可持续性发展。本文提出了一种云计算数字签名技术,该技术有机结合了云计算技术与数字签名技术。首先阐述了数字签名系统中应用云计算技术的价值,其次,分析了云计算数字签名技术的实现模型,并且设计了云计算数字签名协议,最后,开展了实例分析,将云计算数字签名技术应用到移动营业厅的业务信息交易中。结果表明：所有业务均可在网上完成,那么既可大大方便用户,又可降低移动营业厅的工作量,还可确保业务信息交易的可靠性、唯一性、真实性、安全性与不可抵赖性。通过结果分析得出结论：云计算数字签名技术既可保障签名文件的完整性与真实性,又可跨平台操作签名文件,还可让数字签名模型利用互联网来对密码运算基础设施进行便捷化、可靠化地访问。     

Fast Directional Handoff and lightweight retransmission protocol for enhancing multimedia quality in indoor WLANs

More and more mobile devices such as smartphones are being used with IEEE 802.11 wireless LANs (WLANs or Wi-Fi). However, mobile users are still experiencing poor service quality on the move due to the large handoff delay and packet loss problem. In order to reduce the delay, a new handoff scheme using the geomagnetic sensor embedded in mobile devices is proposed in this paper. The proposed scheme predicts the movement direction of a Mobile Station (MS) from the currently associated Access Point (AP) and performs active scanning with a reduced number of channels. In terms of the packet loss, a lightweight retransmission protocol is also proposed to minimize lost packets on Wi-Fi without producing a lot of acknowledgement packets. The proposed approaches are implemented on Android smartphones, and their performance is evaluated in a real indoor WLAN environment. The evaluation results demonstrate that the proposed schemes maintain seamless quality for real-time video even in an environment with frequent handoffs. Note that the proposed schemes are a client-only solution and do not require modification of the existing APs, which renders them very practical.     

基于不均等分层分簇的无线传感器网络协议

针对不均等分簇协议中节点竞选半径和簇头的选取机制存在缺陷问题,提出了不均等分层分簇协议,将网络覆盖区域进行分层处理,降低了簇头簇内负担,提高了能量使用效率,并采用Matlab软件进行了仿真实验。仿真结果表明,UHC协议有效降低了簇内节点密度,且延长了网络使用寿命。     

Multi-Rate Polling: Improve the Performance of Energy Harvesting Backscatter Wireless Networks

In recent years, Researchers have proposed the concept of Energy Harvesting Backscatter Wireless Networks (EHBWN). EHBWN usually consists of one sink and several backscatter nodes. Backscatter nodes harvest energy from their environment and communicate with sink through backscattering the carrier wave transmitted by sink. Although a certain amount of access protocols for Energy Harvesting Wireless Networks have been present, they usually do not take the sink’s receiver sensitivity into account, which makes those protocols unsuitable in practice. In this paper, we first give an analysis of the backscatter channel link budget and the relationship between the effective communication range and uplink data rate. After that, we point out that a single uplink data rate for all the backscatter nodes is no longer suitable due to the constraint of sink receiver sensitivity. Later we propose Multi-rate Polling which divides the network into different uplink data rata regions to make sure the correct packet reception by the sink and improve the network performance. Multi-rate Polling also introduces a parameter K, through adjusting it, we can achieve the trade-off between network throughput and fairness to meet the requirement under various scenarios. We validate Multi-rate Polling under different networks and average harvesting rates through simulation. The result shows that the proposed protocol can effectively improve the network performance and has excellent scalability, which makes it suitable for EHBWN.     

高速率通信网络下时变系统的有限时域H∞控制

针对高速率通信网络和Round-Robin（RR）协议影响下网络化时变系统的有限时域[H∞]控制问题，考虑到系统中存在乘性噪声、随机时滞和量化效应，提出了一种基于观测器的有限时域[H∞]控制器的设计方法。利用李雅普诺夫稳定性理论和线性矩阵不等式（Linear Matrix Inequality，LMI）技术得到有限时域[H∞]控制器存在的充分条件。基于锥补线性化（Cone Complementarity Linearization，CCL）方法通过求解一组递归矩阵不等式得到观测器和控制器参数。所设计的控制器保证闭环网络化时变系统在给定的时域内稳定，且满足预定的[H∞]性能指标。数值仿真验证了所提方法的有效性。     

Thermodynamic modeling of hydrogen refueling for heavy-duty fuel cell buses and comparison with aggregated real data

The foreseen uptake of hydrogen mobility is a fundamental step towards the decarbonization of the transport sector. Under such premises, both refueling infrastructure and vehicles should be deployed together with improved refueling protocols. Several studies focus on refueling the light-duty vehicles with 10 kg_H2 up to 700 bar, however less known effort is reported for refueling heavy-duty vehicles with 30–40 kg_H2 at 350 bar. The present study illustrates the application of a lumped model to a fuel cell bus tank-to-tank refueling event, tailored upon the real data acquired in the 3Emotion Project. The evolution of the main refueling quantities, such as pressure, temperature, and mass flow, are predicted dynamically throughout the refueling process, as a function of the operating parameters, within the safety limits imposed by SAE J2601/2 technical standard. The results show to refuel the vehicle tank from half to full capacity with an Average Pressure Ramp Rate (APRR) equal to 0.03 MPa/s are needed about 10 min. Furthermore, it is found that the effect of varying the initial vehicle tank pressure is more significant than changing the ambient temperature on the refueling performances. In conclusion, the analysis of the effect of different APRR, from 0.03 to 0.1 MPa/s, indicate that is possible to safely reduce the duration of half-to-full refueling by 62% increasing the APRR value from 0.03 to 0.08 MPa/s.