Secure Connected Objects

Dominique Paret is Engineer ESIEE / DEA of physics and was responsible for the technical support of an international leader of electronic components for many years. Professor in numerous engineering schools in France and abroad, he runs a company of consultants/technical experts.Jean-Paul Huon is Engineer IMERIR + CNAM of Robotic & Artificial Intelligence and has previously worked in many sectors (Telecom, electrical vehicle, Retail, mobile payments, Public Transport, French Post Office and DGA (Délégation Générale pour l'Armement). He is the co-founder of the "Business connected group" Z#BRE which he runs by exploiting the economic potential of the Internet of Things.

• Foreword xiPreface xiiiAcknowledgements xvPreamble xviiPart 1 Introduction – The Buzz about IoT and IoE 1Chapter 1 Introduction 31.1 Definition of communicating- or connected Things 31.1.1 Connected Things – Communicating Things 31.1.2 Definition of the IoT 41.1.3 Internet of X 5Chapter 2 The (Overly) Vast World of IoT 92.1 2011–2016: the craze for the term “Connected Thing” 92.1.1 The catch-all 92.1.2 Fashion, buzz and “bubble” 102.1.3 “Hype” cycle for innovations 112.2 The true goal of this book 14Chapter 3 Why a Connectable Thing? 153.1 Examples of connectable things 153.1.1 Home care for the elderly 163.1.2 In the automotive industry 19Part 2 Constraints Surrounding an IoT Project 21Chapter 4 Aspects to be Taken into Consideration 234.1 Aspects pertaining to the concrete realization of Connected Things 234.1.1 Financial and marketing aspects 244.1.2 Technical and industrial aspects 244.1.3 Regulatory and normative aspects 244.1.4 Security aspects 244.1.5 Cost aspects 24Chapter 5 Financial and Marketing Aspects 275.1 Economic aspects 275.1.1 Saleable / buyable 275.2 Ergonomic aspects 295.2.1 Mechanical form and design vs ergonomics 29Chapter 6 Technical and Industrial Aspects 316.1 Technical aspects 316.1.1 Life cycle of a new product 316.1.2 Techno-economic feasibility 326.1.3 Design 326.1.4 Industrialization, manufacturing process and quality assurance 326.2 Energy aspects 326.2.1 Power supply to the Thing 336.3 Industrial aspects 39Chapter 7 Regulatory and Normative Aspects 417.1 Regulatory aspects and recommendations 417.1.1 Radiofrequency regulations 427.2 Health-related recommendations 437.2.1 Exposure of the human body to electromagnetic fields 447.2.2 Specific Absorption Rate (SAR) 447.3 Societal regulations and individual freedoms (privacy) 457.3.1 The various data needing to be protected 457.3.2 Loi Informatique et Libertés 457.3.3 Mandate 436, PIA and RFID and IoT applications 467.3.4 GDPR – General Data Protection Regulation 497.3.5 Privacy by design 517.4 Environmental regulations and recycling 537.4.1 Electronic waste treatment 537.4.2 Regulation and organization of the chain 547.4.3 Labeling of electrical and electronic equipment 547.5 Normative aspects 557.5.1 ISO/AFNOR 557.5.2 IEEE 567.5.3 ETSI 56Chapter 8 Security Aspects 598.1 Security aspects 598.1.1 The weak links 608.1.2 Possible solutions 628.1.3 Definition and choice of security target 638.1.4 Concepts of security levels applied in IoT 648.1.5 True security – the “Secure Element” 678.1.6 Cryptography 708.1.7 Symmetric and asymmetric encryption 718.1.8 Consumer Things, IoT, security… and the Cloud 758.2 Judging the quality of security 808.3 Some thoughts about security, privacy and IoT 818.4 Vulnerabilities and attacks in the IoT chain 828.4.1 Attacks on the software layer 838.4.2 Attacks on the board or Thing 848.4.3 Attacks on the integrated circuits 848.4.4 Security standards 85Part 3 Overall Architecture of the IoT Chain 87Chapter 9 Communication Models in IoT 899.1 Communication models in IoT 899.1.1 OSI model 899.1.2 TCP/IP model 929.1.3 By way of conclusion 98Chapter 10. Overall Architecture of an IoT System 10110.1 Overall architecture of a CT and IoT solution 10110.1.1 Description of the complete chain 10210.2 From a more technological point of view 10210.2.1 Architecture and overview of an IoT chain 10210.2.2 The “base station/gateway” 10610.2.3 The “Cloud” zone 10910.2.4 The “User” zone 11010.3 The very numerous protocols involved 113Part 4 Detailed Description of the IoT Chain 117Part 4A From the User (The Outside World) to the Thing 119Chapter 11 From the Outside World to the Thing 12111.1 Connection of the Thing to the outside world 12111.1.1 Using sensors 12111.1.2 Using wired connections 12211.1.3 Using RF links 12211.1.4 Very Short Range (<10 cm) 12211.1.5 Short range SR Wide band (tens of meters) 124Chapter 12 The Secure Connected Thing 12712.1 Physical constitution of the Thing 12712.1.1 Sensors 12712.1.2 Local intelligence – microcontroller 12812.1.3 Security (SE)… 128Part 4B From the Thing to the Base Station 131Chapter 13 Means of Communication to Access a Base Station 13313.1 Possible network connectivity technologies 13313.1.1 Local or ultra-local non-operated RF networks 13513.1.2 Extended-deployment operated RF networks 13613.1.3 Is there space for all these technologies? 13613.2 Medium-range MR Wide-band (hundreds of meters) 13613.2.1 Wi-Fi 13713.3 Long-range (LR– tens of kilometers) 13813.3.1 NB, UNB, WB, UWB, FHSS, DSSS and RF regulations 13813.3.2 Regulators and regulations 14013.3.3 RF bases 14613.4 LTN – Low-Throughput Network 15213.4.1 Long Range LR - LTN 15313.4.2 LR LTN in (U)NB– SIGFOX 15613.4.3 LR LTN in DSSS (spectrum spreading) – LoRa, from Semtech 16713.4.4 A discussion of spectrum spreading – SS 16913.4.5 LR WB 19213.4.6 Operated LR WB networks 196Part 4C From the Base Station to the Server 203Chapter 14 Network Access Layer – IP 20514.1 IPv4 20514.1.1 Operation 20614.1.2 Services provided 20614.1.3 Reliability 20614.2 IPv6 20714.2.1 Differences between IPv6 and IPv4 20714.2.2 Problems of privacy and/or anonymity? 20914.3 6LoWPAN 20914.3.1 Description of the technology 21014.3.2 Integration of an IPv6 packet into an IEEE 802.15.4 frame 21014.3.3 Autoconfiguration of an IP address 21114.3.4 Network supervision and management 21114.3.5 Constraints on “upper-layer” applications 21114.3.6 Security 21214.3.7 Routing 212Chapter 15 The Server 21515.1 Conventional functions of a server in IoT 216Chapter 16 Transport and Messaging Protocols 21916.1 Transport 21916.1.1 Operation 22016.1.2 Structure of a TCP segment 22016.2 “IoT messaging” technologies 22116.2.1 Main protocol parameters 22116.3 Protocols 22516.4 HTTP – HyperText Transfer Protocol 22616.5 Http/2 22716.6 MQTT – Message Queuing Telemetry Transport 22716.6.1 Security in MQTT 22916.7 CoAP – Constrained Application Protocol 22916.8 XMPP 23016.9 DDS – Data Distribution Service 23116.10 AMQP – Advanced Message Queuing Protocol 23216.11 SMQ 23316.12 JMS – Java Messaging Service 23316.13 Other protocols 23416.14 The broker 23416.14.1 Examples of possibilities 23516.15 Programming languages 23616.16 Operating systems 236Part 4D From the Cloud Server to the Various Users 237Chapter 17 Cloud and Fog Computing 23917.1 Cloud computing? 23917.1.1 What is its mode of operation? 24017.1.2 Advantages and benefits in IoT applications 24017.1.3 Types of Cloud computing 24117.1.4 Cloud products and services 24117.2 Example: the PaaS platform AWS IoT 24217.3 How security is managed 24417.4 Fog computing? 24517.5 Big data 24617.6 Natural interfaces 247Part 5 Concrete Realization of an IoT Solution Examples and Costs 249Chapter 18 Examples of the Concrete Realization of Connected Things 25118.1 Subject/application taken as an example 25118.1.1 Architecture of the product: a communicating physical Thing 25318.1.2 Mandatory steps in creating the Thing 255Chapter 19 Cost Aspects 26119.1 CAPEX and OPEX are in the same boat… 26119.1.1 CAPEX 26219.1.2 OPEX 27319.1.3 Conclusions 27519.1.4 Very important conclusions 276Conclusion 279Bibliography 281Index 285