2. Security
in
WSN
is
difficult
because…
• Nodes
are
physically
accessible
• Scale
is
unprecedended
• Resources
are
limited
• Opera?on
is
una@ended
3. There
is
a
large
disconnect
between
research
and
applica?on
• A
large
body
of
work
on
security
in
sensor
networks.
– …
a
cursory
search
on
Google
scholar
gives
34,400
hits
since
2009
• Yet
security
remains
largely
ignored
in
reported
deployments
4. Research
is
oPen
based
on
assump?ons
such
as
…
• Random
choice
of
a@ack
targets
• Nodes
are
placed…:
in
a
grid,
uniformly
and
densely,
in
a
tree
with
a
single
sink,
in
pre-‐
decided
groups.
• Sensors
can
do…:
RSA
crypto,
puzzles,
Java,
homomorphic
crypto,
game
theory….
as
well
as
their
tasks.
• All
nodes
are
coopera?ve
and
trustworthy,
faults
always
occur
randomly.
5. Three
Guiding
Principles
• Link
studies
to
context
of
use
• Leverage
rela?onship
with
physical
phenomena.
• Security
as
part
of
resilient
design
6. Link
studies
to
context
of
use
•
•
•
•
•
•
Threat
Model
Physical
Security
Sensed
informa?on
Topology
Node
capabili?es
Security
objec?ves
7. Leverage
rela?onship
to
physical
phenomena
• Key
genera?on
and
distribu?on.
• Distance
bounding.
• Observability
of
associa?on.
• A@esta?on.
• Verifica?on
of
correct
behaviour
8. Security
as
part
of
resilient
design
• Is
it
a
fault
or
a
compromise?
• Redundancy
drives
anomaly
detec?on,
trust,
recovery
• Adapta?on
vs
security
• Resource
limita?ons
9. Research
Themes
• Designing
solu?ons
in
concrete
se^ngs.
• Establishing
confidence
in
the
correct
and
secure
opera?on
of
devices.
• Measuring
the
“health”
of
the
network
from
within
itself.
• Data
quality
and
trustworthiness
assurance.
10. Designing
solu?ons
in
concrete
se^ngs
• Key
management
for
the
context
of
use
• Evaluate
and
improve
exis?ng
algorithms
e.g.,
applicability,
scaleability
• Mi?ga?on
and
recovery
through
reconfigura?on
11. Establishing
confidence
in
the
correct
and
secure
opera?on
of
devices
• Measuring
device
integrity.
• A@esta?on
techniques
– SoPware,
hardware,
physical
• Behavioural
fingerprin?ng
and
valida?on.
• Reputa?on.
12. Measuring
the
health
of
the
network
from
within
itself
• For
a
sensor,
a
network,
a
city.
• Assurances
and
Mechanisms
• Capability
of
restart/recovery/
response/degraded
opera?on
• Coordina?on/Topology/
Redundancy
• Effect
of
adapta?on
on
security
and
resilience
13. • Learning
to
dis?nguish
between
normal
behaviour,
failures
and
security.
• Recognising
security
events
in
constantly
evolving
networks.
• A@ack
characterisa?on
• Compromise
epidemiology
14. Data
Quality
and
Trustworthiness
Assurance
• Data
protec?on
and
provenance
• In-‐network
Data
Aggrega?on
• How
to
accept
data
degrada?on
to
maintain
overall
system
goals.
• Understand
and
mi?gate
against
data
deteriora?on
effects
e.g.
node
compromise
failures,
fouling
• Data
usage
control