Vulnerabilities of the 6P protocol for the Industrial Internet of Things: Impact analysis and mitigation
2022 (English)In: Computer Communications, ISSN 0140-3664, E-ISSN 1873-703X, Vol. 194, p. 411-432Article in journal (Refereed) Published
Abstract [en]
The 6TiSCH architecture defined by the IETF provides a standard solution for extending the Internet of Things (IoT) paradigm to industrial applications with stringent reliability and timeliness requirements. In this context, communication security is another crucial requirement, which is currently less investigated in the literature. In this article, we present a deep assessment of the security vulnerabilities of 6P, the protocol used for resource negotiation at the core of the 6TiSCH architecture. Specifically, we highlight two possible attacks against 6P, namely the Traffic Dispersion and the Overloading attacks. These two attacks effectively and stealthy alter the communication schedule of victim nodes and severely thwart network basic functionalities and efficiency, by specifically impacting network availability and energy consumption of victim nodes. To assess the impact of the attacks two analytical models have been defined, while, to demonstrate their feasibility, they have been implemented in Contiki-NG. The implementation has been used to quantitatively evaluate the impact of the two attacks by both simulations and measurements in a real testbed. Our results show that the impact of both attacks may be very significant. The impact, however, strongly depends on the position of the victim node(s) in the network and it is highly influenced by the dynamics of the routing protocol. We have investigated mitigation strategies to alleviate this impact and proposed an extended version of the Minimal Scheduling Function (MSF), i.e., the reference scheduling algorithm for 6TiSCH. This allows network nodes to early detect anomalies in their schedules possibly due to an Overloading attack, and thus curb the attack impact by appropriately revising their schedule.
Place, publisher, year, edition, pages
Elsevier B.V. , 2022. Vol. 194, p. 411-432
Keywords [en]
6P, 6P vulnerabilities, 6TiSCH, Availability, Industrial Internet of Things, MSF, Security, Energy utilization, Internet protocols, Network architecture, Network security, Power management (telecommunication), Scheduling algorithms, 6p vulnerability, Impact analysis, Impact mitigation, Industrial internet of thing, Minimal scheduling function, Scheduling functions, Standard solutions, Internet of things
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:ri:diva-60173DOI: 10.1016/j.comcom.2022.07.054Scopus ID: 2-s2.0-85136202483OAI: oai:DiVA.org:ri-60173DiVA, id: diva2:1699870
Note
Funding details: 952652; Funding details: RIT17-0032; Funding details: Horizon 2020 Framework Programme, H2020; Funding details: VINNOVA; Funding details: Ministero dell’Istruzione, dell’Università e della Ricerca, MIUR; Funding text 1: The authors sincerely thank the anonymous reviewers and the Associate Editor for their insightful comments and suggestions, that have helped to improve the technical and editorial quality of the manuscript. The authors would also like to thank Gioele Carignani for his invaluable help in the implementation of the attacks on the Contiki-NG OS. This work was partially supported by the Italian Ministry of Education and Research (MIUR) in the framework of the CrossLab project (Departments of Excellence); by VINNOVA and the CelticNext project CRITISEC; by the H2020 project SIFIS-Home (Grant agreement 952652 ); and by the SSF project SEC4Factory (grant RIT17-0032 ).
2022-09-292022-09-292025-09-23Bibliographically approved