Planned maintenance
A system upgrade is planned for 10/12-2024, at 12:00-13:00. During this time DiVA will be unavailable.
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Vulnerabilities of the 6P protocol for the Industrial Internet of Things: Impact analysis and mitigation
University of Pisa, Italy.ORCID iD: 0000-0003-3892-8368
University of Pisa, Italy.
RISE Research Institutes of Sweden, Digital Systems, Data Science. (Cybersecurity Unit)ORCID iD: 0000-0001-8842-9810
University of Pisa, Italy.
2022 (English)In: Computer Communications, ISSN 0140-3664, E-ISSN 1873-703X, Computer Communications, Vol. 194, p. 411-432Article in journal (Refereed) Published
Abstract [en]

The 6TiSCH architecture defined by the IETF provides a standard solution for extending the Internet of Things (IoT) paradigm to industrial applications with stringent reliability and timeliness requirements. In this context, communication security is another crucial requirement, which is currently less investigated in the literature. In this article, we present a deep assessment of the security vulnerabilities of 6P, the protocol used for resource negotiation at the core of the 6TiSCH architecture. Specifically, we highlight two possible attacks against 6P, namely the Traffic Dispersion and the Overloading attacks. These two attacks effectively and stealthy alter the communication schedule of victim nodes and severely thwart network basic functionalities and efficiency, by specifically impacting network availability and energy consumption of victim nodes. To assess the impact of the attacks two analytical models have been defined, while, to demonstrate their feasibility, they have been implemented in Contiki-NG. The implementation has been used to quantitatively evaluate the impact of the two attacks by both simulations and measurements in a real testbed. Our results show that the impact of both attacks may be very significant. The impact, however, strongly depends on the position of the victim node(s) in the network and it is highly influenced by the dynamics of the routing protocol. We have investigated mitigation strategies to alleviate this impact and proposed an extended version of the Minimal Scheduling Function (MSF), i.e., the reference scheduling algorithm for 6TiSCH. This allows network nodes to early detect anomalies in their schedules possibly due to an Overloading attack, and thus curb the attack impact by appropriately revising their schedule.

Place, publisher, year, edition, pages
2022. Vol. 194, p. 411-432
Keywords [en]
Industrial Internet of Things, Security, 6TiSCH, 6P, MSF, 6P Vulnerabilities, Availability
National Category
Communication Systems Computer Systems Embedded Systems
Identifiers
URN: urn:nbn:se:ri:diva-60318DOI: 10.1016/j.comcom.2022.07.054OAI: oai:DiVA.org:ri-60318DiVA, id: diva2:1702854
Available from: 2022-10-11 Created: 2022-10-11 Last updated: 2023-05-25Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records

Tiloca, Marco

Search in DiVA

By author/editor
Righetti, FrancescaTiloca, Marco
By organisation
Data Science
In the same journal
Computer Communications
Communication SystemsComputer SystemsEmbedded Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 79 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf