SciresolSciresolhttps://indjst.org/author-guidelinesIndian Journal of Science and Technologyhttps://doi.org/10.17485/IJST/v13i21.73A secure IoTbased flood warning system using elliptical curve cryptographyKhanUmmer IqbalUmmer.iqbal.khan@gmail.com1OberoiD.S.1National Institute of Electronics and Information Technology Srinagar/JammuIndia13212020Abstract
Objectives: To propose a design of an early flood warning system based on IOT with a strong emphasis on the security requirements of such systems. Methods/Analysis: The design of an early flood warning system is based on measuring the hydrological parameters of a river, which include water level and discharge through an IOT based network. To calculate the discharge of water in a river, Manning’s equation has been employed. Security protocols based on elliptical curve cryptography has been proposed for authenticating the real-time hydrological data. The proposed security protocols have been formally validated and verified against various active and passive attacks using AVISPA and Scyther. Simulation of the proposed scheme has also been carried out on the TOSSIM simulator using the TinyECC library to estimate the radio and CPU energy overheads. Findings: The formal security validation of the proposed authentication scheme indicates that the scheme is SAFE against various active and passive attacks. The simulation on Scyther indicates that no attacks have been found in proposed authentication protocols. The AVISPA validation also declares the scheme as SAFE as all-important security goals have been achieved. The Energy analyses on TOSSIM indicate that each node in the scheme requires 133 mJ for radio transmission and 59 mJ for CPU operations about the Mica2 Energy Model. Novelty/Improvement: Researchers have proposed many designs and schemes for early flood warnings without giving much emphasis to the security of such systems. The paper focuses on the security requirements of such systems.
Scientists across the world are constantly developing technologies to monitor the flowing rivers to avert the destruction caused by it. The key hydrological parameters like water discharge, water level, and precipitation provide an insight into the behavior of the river like floods, spill, and discharge. 1. The need to have real-time monitored data such as flow rate, precipitation, water level, is essential in order to make a reasonable decision on the actions necessary to be performed to allow rivers to continue benefiting humans and prevent rivers from destroying human investments2.
Internet of Things (IoT) and Wireless Sensor Networks (WSN) presents a promising solution for developing new flood warnings systems. The design of such systems primarily involves interfacing of hydrological sensors with data acquisition boards fitted with the Mote3. The sensed data is then transported to the IoT gateway through a multihop mesh network. However, the authentication of hydrological data is of paramount importance as, based on this data, flood warnings are dissemaited4.
The resource constraint nature of IoT/WSN almost pre-empties the use of conventional Public Key Cryptography schemes and digital signatures based on RSA. ECC has shown more promise for the application of asymmetric techniques for authentication in WSN. ECC 5can achieve the same level of security as RSA with smaller key sizes, e.g., 160 Bit ECC can provide comparable security to the conventional 1024 Bit RSA6. Smaller key size often brings the advantage of faster computation efficiency and saving of bandwidth, memory and energy. That makes ECC better suited for resource constraint devices like WSN/IoT.
This study proposed a secure flood warning system designed in an IoT environment. It enabled a lightweight security framework to secure the communication pattern involved in the system. The Security solution leverages the low computational overheads associated with Elliptical Curve Cryptography (ECC) without using any digital signature algorithm. The proposed security protocols have been formally verified by Avispa7 and Scyther8. The scheme has been simulated on the TOSSIM simulator, and a relevant discussion based on the performance of the proposed security scheme is also presented.
1.1 Related work
In 9 proposed a flood prediction system using Wireless Sensor Networks. The system is based on linear regression, which uses a polynomial to predict a rise in floodwater. In10 presented a real-time flood monitoring system based on low power devices. The system was used in southern Spain. In9proposed a flood warning system based which transmitted the data on GPRS from a remote location. In11 proposed a flood warning system using empirical formulae. Samman12 presented a simulation model based on numerical techniques for flood prediction in Saudi Arabia.
In13 proposed a Real-Time Flash-Flood Monitoring, alerting, and forecasting system using data mining and wireless sensor network. The system includes the variables, which include temperature, humidity, and vibration measured through wireless sensor nodes. 14, 15, 16, 17, 18presented early warning system for water flooding based on simplified parameters. In 19, 20 proposed visual sensing mechanism for early flood warning. The visual sensing method for urban flood monitoring is used in 18, 19 as a solution for an early warning system. Visual sensors provided a real-time picture of affected sites.
The existing designs in the literature have not addresed the security aspects of a real-time early flood warning system. The proposed work primarily focuses on the security aspects of such systems. As most of the early flood warning systems comprise of low power devices, conventional security mechanisms cannot be employed as such. Typically the security need of such systems involves authentication of communicated hydrological data. If the sensor data is not authenticated, a masqueraded data can subvert a false alarm. The paper focuses on elliptical curve cryptography to provide algorithms for data authentication.
Preliminaries2.1 Elliptical curve cryptography
An elliptical Curve satisfies the equation (1):
y2=x3+ax+b
In the elliptical curve group (E,+) defined over a finite field FP for some prime no ‘P,’ let G(x,y) be a generator point that can generate every other point in the group. When this point G(x,y) is added ‘n’ number of times to itself, the point addition yields another point Q(x,y) belonging to the same Elliptical curve.
Given G(x,y) and Q(x,y) are known, finding ‘n’ is computationally infeasible and is called an Elliptical Curve Discrete Log Problem(ECDLP). Choosing a suitably large Field makes it computationally more challenging to find ‘n.’
2.2 TinyOS
TinyOS21is an open-source, event-based operating system designed to specifically meet the requirements of resource constraint networks like IoT and WSN. It features a component-based architecture that enables rapid implementation with limited code size. Its Execution model is similar to a Finite State Machine (FSM) with more programmable options. Its event-based ability and split phase operation allow a high degree of concurrency to be handled in limited memory space. TOSSIM is the simulator used in TinyOS.
2.3 TinyECC
TinyECC22 provides a simple, configurable, flexible, and ready-to-use software library for developing WSN/IOT based applications on TinyOS. All the ECC operations, including point addition, point doubling, and point multiplications, are supported by TinyECC.
Proposed secure flood warning system
The architecture of the proposed system is built around a host of sensors that are interfaced with a data acquisition system and sensor network, as shown in Figure 1. A set of Hydrological sensors are deployed at various strategically important locations (Sensor spots). These Sensor spots are deployed across the length of the river at various critical conjunctions. The sensors placed at the sensor- spots are interfaced with a data-acquisition system using a wired connection. The various hydrological parameters to be monitored include Discharge, Water Level, Precipitation (Rainfall).
Discharge is the volume of water moving down a stream or river per unit of time, commonly expressed in cubic feet per second or gallons per day. River discharge monitoring can play an important role in ascertaining the possibility of floods. Discharge can be calculated using Manning’s equation. For using Manning’s equation, an initial survey of the cross-section of the river is done to establish the topography of the river. The free surface slope of the water is determined by measuring the level of water at several points along the length of the river for which level sensors can be employed. The calculation of instantaneous discharge is based on (2):
Q=1/nAR2/3S1/2
Where n is the Manning’s coefficient of rugosity, a constant depending on the characteristics of the place to be measured, A is the area of flow (in the cross-section of the river), R is the hydraulic radius computed as Area over the wetted perimeter and S is the slope. Manning equation is the ISO 1070:1992(E) standard.
Basic schematic of the proposed system
The schematics to compute the discharge using the manning equation are shown in Figure 2. The Data acquisition nodes behaving as an RFD’s in an IoT environment acquire the water level reading from the various chosen location. Through a multihop based routing protocol, these readings are relayed to the gateway. The gateway further relays the level reading over a point to point link to a community center where a slope, as well as discharge, is calculated. The sensors used for measurement generate a current output in the range of 4 to 19 mA proportional to the parameters being measured. The current output from different sensors is fed to the ADC channel of a data acquisition board like MDA30023. Data acquisition board MDA 300 supports up to 8 channels of 16-bit analog input with single-ended 0 to 2.5-volt inputs or 4 differential 0 to 2.5 volt ADC channel. It also supports 8 digital 0 to 2.5 volt IO channels, 64K EEPROM for sensor calibration data, 200Hz counter channel, and external 12C interface. The data acquisition boards fitted with a wireless sensor network mote would transmit the sensor readings to a gateway. The sensing and transmission of data are done by an embedded program written in NesC language based on TinyOS20 operating system.
Discharge calculation
The program intelligently senses the parameters by dynamically changing the sampling rate and selective data transmission for effective management of power and data storage. The Gateway is used to bridge wired and wireless components of the network and shall be programmed as a coordinator that receives the data sent from the sensor nodes wirelessly. An application server is connected to gateway using either Ethernet or USB interface. Community centers are equipped with necessary hardware and software’s which includes a computer system and actuators for alarming the local population about various anomalies. The computer system runs an instance of a serial forwarder, which populates the global database. The data dispatched from various community center’s will finally populate a global database through an Internet cloud. As an enormous amount of data is being generated over some time, effective data management can be employed for efficient data storage and retrieval using big data concepts.
System security for WSN based flood warning system
Security is one of the most imperative aspects of any system. From an architectural perspective, the proposed early flood system can be divided into 3 tiers: Mote tier, Server Tier, Client Tier. Mote Tier involves the sensor network infrastructure for sensing and forwarding the hydrological parameters. The server tier involves the Calibration of raw data from the mote tier. It also provides the functionality of a serial forwarder. Client tier involves data visualization and analysis. The security of data in the client and server tier can be handled by a conventional cryptographic method. However, the security of the Mote tier is a challenge as it involves low power devices for which conventional cryptographic methods are not potent.
Hydrological data is generally meant for public viewing; hence there is no need for any confidentiality. The risk of injecting false packets (Sybil Attack) 21 by an adversary into the network would exist. This can result in disruption of flood monitoring by raising false alarms or subverting a genuine alarm. Thus the fundamental security requirement for the proposed system is authentication of data. Authentication is used to establish that the communication pattern between Node and Gateway is legitimate.
In Mote Tier, RFD is responsible for sensing Hydrological parameters and transmitting these readings to the cluster FFD or directly to the Gateway depending upon the topology being used. In either case, it becomes imperative to authenticate the data from the RFD as based upon these values, certain actuations or alarms may be triggered. On the other hand, a user query needs to be forwarded from Gateway to the respective RFD for processing. Thus it becomes quite essential to provide authentication in the following cases assuming a flat topology:
Gateway to RFD Communication
RFD to Gateway Communications
4.1 Authentication protocols based on ECC
We present a set of lightweight protocols for achieving authenticated RFD to Gateway, Gateway to RFD Communication. The proposed authentication protocols are based on elliptical curve cryptography, thus making it suitable for resource constraint devices24, 25, 26. The Notations used in the framework are tabulated in Table 1. During the initialization, RFD selects a private key XA and computes the public key as PA(x,y) =XA.G(x,y), and Gateway selects a private essential SB and computes the public key as PBASE(x,y) = SB .G(x,y)
Symbols
Symbol
Description
RFD
Reduced Function Device
XA
Private Key of RFD A
SB
Private Key of MIB600
PA(x,y)
Public Key of RFD A
PBASE(x,y)
Public Key of Gateway
G(x,y)
Generator Point of Elliptical Curve
H()
Hash Function
IDA
Identity of RFD A
+
Point Addition
*
Scalar Multiplication
4.1.1 Gateway to RFD Authentication
In this authentication algorithm, an RFDA authenticates Gateway.
Step 1 : RFDA Computes M1(x,y) = IDA * PA(x,y) and sends it to the Gateway
Step 2: Gateway Computes M2(x,y) = M1(x,y) * SB and Sends it to the RFDA
Step 3: RFDA Computes CK(x,y) = IDA * XA * PBASE(x,y)
Step 4: RFDA authenticates Gateway if M2(x,y) == CK(x,y)
4.1.2 RFD to Gateway Authentication
In this authentication algorithm, Gateway authenticates RFDA.
Step 4 : Gateway Checks if (M3(x,y) == DK(x, y)), if true then RFDA is authenticated.
Formal Verification using AVISPA and Scyther
Avispa is an automated validation tool for security protocols. It is a push-button tool based on Dolev and Yao 27 model. Dolev and Yoa28attack model gives complete control of the communication channel to the intruder. The intruder, in this case, can forward, modify, and change messages but cannot overdue the computational strength of an algorithm. In Avispa, the protocols are modeled using HLPSL. It is a role-based formal language that comprises of roles compositions, security models, etc. The architecture of Avispa is shown in Figure 3.
Avispa Architecture
The protocol implemented in HLPSL is translated into IF format using an HLPSL to OF translator. The IF format is then passed into various AVISPA backend, which includes OFMC, ATSE, SATMC, and TA4SP. These backends check a protocol against active and passive attacks. The HLPSL Scripts for RFD to Gateway and Gateway to RFD are shown in Figure 4 and Figure 5.
The OFMC outputs are shown in Figure 6 and Figure 7. The outputs indicate that the proposed protocols are safe against active and passive attacks.
Scyther is an automated security protocol validation tool developed by Cremers. In Scyther, security protocols are modeled in Scyther Protocol Description Language (SPDL). In SPDL, communicating parties are modeled as roles, and the communication pattern is specified within these roles. The communication between the specified roles is implemented using send and recv operations. In order to verify the security strength of a protocol, various types of claims are declared within the roles defining the protocol. In Scyther, there are 6 types of claims: 1. Secret: 2. Session-Key-Reveal (SKR):. Weak Agree 4. Alive. 4. NI_Agree: 4. NI_Synch. The verification of the protocol in scyther is indicated in Figure 8. From Figure 8, it can be depicted that the protocol is verified against all major claims depicting that protocol is safe against various active and passive attacks.
HLPSL script for gateway to RFD
HLPSL Script for RFD to gateway
OFMC output for gateway to RFD
OFMC output for RFD to gateway
Verification result in Scyther
Implementation and Simulation
The proposed design and scheme has been implemented on TinyOS using TinyECC Library. An IoT/WSN application in TinyOS is component-based and supports split-phase operations. Component-based development involves developing applications in a modular way, thus supporting modularity. Split phase operations, also called an asynchronous method, calls help in effective duty cycle management, thus conserving energy. A component in TinyOS is implemented through an interface. Accessing components through interfaces helps in standardization in user /system component development. An IoT application in TinyOS is graphically represented using a component graph. The component graph graphically depicts the usage of various components that are used in developing the application, as well as the interface service provided and used by a component. The component graph of TinyECC is shown in Figure 9. The component graph of the developed application is shown the Figure 10.
Component Graph of TinyECC
Component Graph of the proposed scheme
The developed application on TinyOS has been simulated on TinyViz, a graphical user interface of the TOSSIM Simulator. A snapshot of TinyViz simulation is shown inFigure 11. The Total RAM and ROM consumed are shown in Figure 12. The energy consumed by the proposed scheme has been computed using PowerTOSSIM. PowerTOSSIM is an energy estimation module of TOSSIM. The energy module used in calculating the CPU and Radio power consumption by Power TOSSIM is depicted in Table 2. The average energy consumed by a node for implementing the proposed scheme is shown in Figure 13.
imulation snapshot on TinyViz
Memory consumed
Energy model
CPU
Radio
LED/Sensor Board/EEPROM
Active
8.0 mA
Rx
7.0 mA
Led’s
6.2 mA
Idle
3.2 mA
Tx(-20 dBm)
3.7 mA
Sensor Board
0.7 mA
ADC Noise Reduce
1.0 mA
Tx(-19 dBm)
5.2 mA
EEPROM
Power Down
103 µA
Tx(-15 dBm)
5.4 mA
Read
6.2mA
Power Save
110 µA
Tx(-8 dBm)
6.5 mA
Read Time
565 µs
Stand By
216 µA
Tx(-5 dBm)
7.1 mA
Extended Standby
223 µA
Tx(0 dBm)
8.5 mA
Write
18.4 mA
Internal Oscillator
0.93 µA
Tx(+4 dBm)
11.6 mA
Write Time
12.9 ms
Energy Consumed per Node as depicted by PowerTOSSIM
Conclusion
In this study, a secured system for early flood warning using wireless sensor networks has been presented. Many Schemes have been given by various researchers for using IoT/WSN for early flood warnings. However, not much work has been done in securing such systems. A lightweight security framework has been presented to achieve authentication between Gateway and RFD devices used in the system. The developed protocols were formally verified using AVISPA and Scyther. The formal analysis depicted that the protocol was found safe against various active and passive attacks. The protocol has also been implemented on TinyOS and simulated on the TOSSIM platform. The energy overheads of the scheme have also been calculated.
ReferencesSanchez-RosarioFranciscoRosarioDavid Sanchez-EtalJesus B Alonso-HernandezA Low Consumption Real Time Environmental Monitoring System for Smart Cities based on ZigBee Wireless Sensor NetworkProceedings of IEEE International Conference on Wireless Communications and Mobile Computing2015AneesApplications of Remote Sensing, Hydrology and Geophysics for Flood Analysis201710.17485/ijst/2017/v10i17/111541HattabguesmiWireless Smart Sensor Networks for Real-Time Warning System of Flash Floods and Torrents201710.5120/ijca2017913240Moon Ayaz HassanIqbalUmmerBhatGhulam MohiduinSecured Data Acquisition System for Smart Water Applications using WSN201610.17485/ijst/2016/v9i10/86694RayaMaximHubauxJean-PierreThe security of vehicular ad hoc networksNovember2005ACM pressNew YorkAlexandria VA USA5964GuraNPatelAWanderAEberleHShantzS CJoyeMQuisquaterJJComparing Elliptic Curve Cryptography and RSA on 8-bit CPUs3156SpringerBerlin, Heidelberg2004119132978-3-540-22666-6https://doi.org/10.1007/978-3-540-28632-5_9AVISPAAVISPA Web tool: Automated validation of internet security protocols and applicationsJune20172017-06-01CremersCJFComputer Aided VerificationGuptaAMalikSThe Scyther Tool: Verification, Falsification, and Analysis of Security Protocols20085123SpringerBerlin, Germanyhttps://doi.org/10.1007/978-3-540-70545-1_38SealVRahaAMaitySMitraSMukherjeeAKantinaskarMA simple flood forecasting scheme using wireless sensor networks”201231Marin-PerezRafaelGarcía-PintadoJavierGómezAntonio SkarmetaA Real-Time Measurement System for Long-Life Flood Monitoring and Warning Applications2012124421342361424-8220MDPI AGhttps://dx.doi.org/10.3390/s120404213KeoduangsineSGoodwinRA GPRS-Based Data Collection and Transmission for Flood Warning System: The Case of the Lower Mekong River Basin201233HassounSaleh A. AlDeveloping an empirical formulae to estimate rainfall intensity in Riyadh region201123281881018-3639Elsevier BVhttps://dx.doi.org/10.1016/j.jksues.2011.03.003ManeS-SMokashiM-KReal-Time Flash-Flood Monitoring, Alerting and Forecasting System using Data Mining and Wireless Sensor Network201518811886https://doi.org/10.1109/ICCSP.2015.7322851DawoodM. SheikSuganyaJ.DeviR. KarthikaAthishaG.A Review on Wireless Sensor Network Protocol for Disaster Management2013221411462319-8656Association of Technology and Sciencehttps://dx.doi.org/10.7753/ijcatr0202.1011DegrossiWireless Sensor Networks for Flood Monitoring in Brazil2013Baden-Baden, Germanyhttps://doi.org/10.7753/IJCATR0202.1011SunkphoJOotamakornCReal-time flood monitoring and warning system2011332227235KrzhizhanovskayaV.V.ShirshovG.S.MelnikovaN.B.BellemanR.G.RusadiF.I.BroekhuijsenB.J.GouldbyB.P.LhommeJ.BalisB.BubakM.PyaytA.L.MokhovI.I.OzhiginA.V.LangB.MeijerR.J.Flood early warning system: design, implementation and computational modules201141061151877-0509Elsevier BVhttps://dx.doi.org/10.1016/j.procs.2011.04.012Tejaswitha1VJagadeeshbabuMMonitoring of Water Level Variations in Rivers and Flood Alert System Using Wireless Sensor Networks20160307https://doi.org/10.17148/IJARCCE.2015.4885LoS-WJ-H WuLinF-PHsuC-HVisual Sensing for Urban Flood Monitoring20151582000620029https://doi.org/10.3390/s150820006ElkhrachyIsmailFlash Flood Hazard Mapping Using Satellite Images and GIS Tools: A case study of Najran City, Kingdom of Saudi Arabia (KSA)2015182612781110-9823Elsevier BVhttps://dx.doi.org/10.1016/j.ejrs.2015.06.007LevisPhilipGayDavidTinyosprogrammingCambridge University Press2009LiuPNingTiny ECC: A Configurable Library for Elliptical Curve Cryptography in Wireless Sensor Networks7th International Conference on Information Processing in Sensor Networks SPOTS TrackApril2008https://doi.org/10.1109/IPSN.2008.47Memsic Xserve User Manual2007HankersonDarrelVanstoneScottMenezesAlfredSpringerNew York2004978-0-387-95273-4https://doi.org/10.1007/b97644DhillonP KKalraSElliptic curve cryptography for real time embedded systems in IoT networks5th International Conference on Wireless Networks and Embedded Systems (WECON)2016https://doi.org/10.1109/wecon.2016.7993462El-hajjMohammedFadlallahAhmadChamounMarounSerhrouchniAhmedA Survey of Internet of Things (IoT) Authentication Schemes2019195114111411424-822010.3390/s19051141MDPI AGhttps://dx.doi.org/10.3390/s19051141DolevDYaoAOn the security of public key protocols1981Nashville, TN, USA350357DolevD.YaoA.On the security of public key protocols19832921982080018-9448Institute of Electrical and Electronics Engineers (IEEE)https://dx.doi.org/10.1109/tit.1983.1056650