Paula Fraga-Lamas - Academia.edu (original) (raw)
Papers by Paula Fraga-Lamas
The Internet of Things (IoT) is a distributed system of physical objects that requires the seamle... more The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.
As a result of the progressive implantation of the Industry 4.0 paradigm, many industries are exp... more As a result of the progressive implantation of the Industry 4.0 paradigm, many industries are experimenting a revolution that shipyards cannot ignore. Therefore, the application of the principles of Industry 4.0 to shipyards are leading to the creation of Shipyards 4.0. Due to this, Navantia, one of the 10 largest shipbuilders in the world, is updating its whole inner workings to keep up with the near-future challenges that a Shipyard 4.0 will have to face. Such challenges can be divided into three groups: the vertical integration of production systems, the horizontal integration of a new generation of value creation networks, and the re-engineering of the entire production chain, making changes that affect the entire life cycle of each piece of a ship. Pipes, which exist in a huge number and varied typology on a ship, are one of the key pieces, and its monitoring constitutes a prospective cyber-physical system. Their improved identification, traceability, and indoor location, from production and through their life, can enhance shipyard productivity and safety. In order to perform such tasks, this article first conducts a thorough analysis of the shipyard environment. From this analysis, the essential hardware and software technical requirements are determined. Next, the concept of smart pipe is presented and defined as an object able to transmit signals periodically that allows for providing enhanced services in a shipyard. In order to build a smart pipe system, different technologies are selected and evaluated, concluding that passive and active RFID (Radio Frequency Identification) are currently the most appropriate technologies to create it. Furthermore, some promising indoor positioning results obtained in a pipe workshop are presented, showing that multi-antenna algorithms and Kalman filtering can help to stabilize Received Signal Strength (RSS) and improve the overall accuracy of the system.
The Internet of Things (IoT) is undeniably transforming the way that organizations communicate an... more The Internet of Things (IoT) is undeniably transforming the way that organizations communicate and organize everyday businesses and industrial procedures. Its adoption has proven well suited for sectors that manage a large number of assets and coordinate complex and distributed processes. This survey analyzes the great potential for applying IoT technologies (i.e., data-driven applications or embedded automation and intelligent adaptive systems) to revolutionize modern warfare and provide benefits similar to those in industry. It identifies scenarios where Defense and Public Safety (PS) could leverage better commercial IoT capabilities to deliver greater survivability to the warfighter or first responders, while reducing costs and increasing operation efficiency and effectiveness. This article reviews the main tactical requirements and the architecture, examining gaps and shortcomings in existing IoT systems across the military field and mission-critical scenarios. The review characterizes the open challenges for a broad deployment and presents a research roadmap for enabling an affordable IoT for defense and PS.
This paper presents a novel home automation system named HASITE (Home Automation System based on ... more This paper presents a novel home automation system named HASITE (Home Automation System based on Intelligent Transducer Enablers), which has been specifically designed to identify and configure transducers easily and quickly. These features are especially useful in situations where many transducers are deployed, since their setup becomes a cumbersome task that consumes a significant amount of time and human resources. HASITE simplifies the deployment of a home automation system by using wireless networks and both self-configuration and self-registration protocols. Thanks to the application of these three elements, HASITE is able to add new transducers by just powering them up. According to the tests performed in different realistic scenarios, a transducer is ready to be used in less than 13 s. Moreover, all HASITE functionalities can be accessed through an API, which also allows for the integration of third-party systems. As an example, an Android application based on the API is presented. Remote users can use it to interact with transducers by just using a regular smartphone or a tablet.
The Internet of Things (IoT) involves a wide variety of heterogeneous technologies and resource-c... more The Internet of Things (IoT) involves a wide variety of heterogeneous technologies and resource-constrained devices that interact with each other. Due to such constraints, IoT devices usually require lightweight protocols that optimize the use of resources and energy consumption. Among the different commercial IoT devices, Bluetooth and Bluetooth Low Energy (BLE)-based beacons, which broadcast periodically certain data packets to notify their presence, have experienced a remarkable growth, specially due to their application in indoor positioning systems. This article proposes a family of protocols named Lightweight Protocol for Sensors (LP4S) that provides fast responses and enables plug-and-play mechanisms that allow IoT telemetry systems to discover new nodes and to describe and auto-register the sensors and actuators connected to a beacon. Thus, three protocols are defined depending on the beacon hardware characteristics: LP4S-6 (for resource-constraint beacons), LP4S-X (for more powerful beacons) and LP4S-J (for beacons able to run complex firmware). In order to demonstrate the capabilities of the designed protocols, the most restrictive (LP4S-6) is tested after implementing it for a telemetry application in a beacon based on Eddystone (Google's open beacon format). Thus, the beacon specification is extended in order to increase its ability to manage unlimited sensors in a telemetry system without interfering in its normal operation with Eddystone frames. The performed experiments show the feasibility of the proposed solution and its superiority, in terms of latency and energy consumption, with respect to approaches based on Generic Attribute Profile (GATT) when multiple users connect to a mote or in scenarios where latency is not a restriction, but where low-energy consumption is essential.
Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (I... more Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.
Nowadays, the railway industry is in a position where it is able to exploit the opportunities cre... more Nowadays, the railway industry is in a position where it is able to exploit the opportunities created by the IIoT (Industrial Internet of Things) and enabling communication technologies under the paradigm of Internet of Trains. This review details the evolution of communication technologies since the deployment of GSM-R, describing the main alternatives and how railway requirements, specifications and recommendations have evolved over time. The advantages of the latest generation of broadband communication systems (e.g., LTE, 5G, IEEE 802.11ad) and the emergence of Wireless Sensor Networks (WSNs) for the railway environment are also explained together with the strategic roadmap to ensure a smooth migration from GSM-R. Furthermore, this survey focuses on providing a holistic approach, identifying scenarios and architectures where railways could leverage better commercial IIoT capabilities. After reviewing the main industrial developments, short and medium-term IIoT-enabled services for smart railways are evaluated. Then, it is analyzed the latest research on predictive maintenance, smart infrastructure, advanced monitoring of assets, video surveillance systems, railway operations, Passenger and Freight Information Systems (PIS/FIS), train control systems, safety assurance, signaling systems, cyber security and energy efficiency. Overall, it can be stated that the aim of this article is to provide a detailed examination of the state-of-the-art of different technologies and services that will revolutionize the railway industry and will allow for confronting today challenges.
The Internet of Energy (IoE) represents a novel paradigm where electrical power systems work coop... more The Internet of Energy (IoE) represents a novel paradigm where electrical power systems work cooperatively with smart devices to increase the visibility of energy consumption and create safer, cleaner and sustainable energy systems. The implementation of IoE services involves the use of multiple components, like embedded systems, power electronics or sensors, which are an essential part of the infrastructure dedicated to the generation and distribution energy and the one required by the final consumer. This article focuses on the latter and presents a smart socket system that collects the information about energy price and makes use of sensors and actuators to optimize home energy consumption according to the user preferences. Specifically, this article provides three main novel contributions. First, what to our knowledge is the first hardware prototype that manages in a practical real-world scenario the price values obtained from a public electricity operator is presented. The second contribution is related to the definition of a novel wireless sensor network communications protocol based on Wi-Fi that allows for creating an easy-to-deploy smart plug system that self-organizes and auto-configures to collect the sensed data, minimizing user intervention. Third, it is provided a thorough description of the design of one of the few open-source smart plug systems, including its communications architecture, the protocols implemented, the main sensing and actuation components and the most relevant pieces of the software. Moreover, with the aim of illustrating the capabilities of the smart plug system, the results of different experiments performed are shown. Such experiments evaluate in real-world scenarios the system's ease of use, its communications range and its performance when using HTTPS. Finally, the economic savings are estimated for different appliances, concluding that, in the practical situation proposed, the smart plug system allows certain energy-demanding appliances to save almost e 70 per year.
This article presents VineSens, a hardware and software platform for supporting the decision-maki... more This article presents VineSens, a hardware and software platform for supporting the decision-making of the vine grower. VineSens is based on a wireless sensor network system composed by autonomous and self-powered nodes that are deployed throughout a vineyard. Such nodes include sensors that allow us to obtain detailed knowledge on different viticulture processes. Thanks to the use of epidemiological models, VineSens is able to propose a custom control plan to prevent diseases like one of the most feared by vine growers: downy mildew. VineSens generates alerts that warn farmers about the measures that have to be taken and stores the historical weather data collected from different spots of the vineyard. Such data can then be accessed through a user-friendly web-based interface that can be accessed through the Internet by using desktop or mobile devices. VineSens was deployed at the beginning in 2016 in a vineyard in the Ribeira Sacra area (Galicia, Spain) and, since then, its hardware and software have been tested to prevent the development of downy mildew, showing during its first season that the system can led to substantial savings, to decrease the amount of phytosanitary products applied, and, as a consequence, to obtain a more ecologically sustainable and healthy wine.
The Internet of Things (IoT) is a distributed system of physical objects that requires the seamle... more The Internet of Things (IoT) is a distributed system of physical objects that requires the seamless integration of hardware (e.g., sensors, actuators, electronics) and network communications in order to collect and exchange data. IoT smart objects need to be somehow identified to determine the origin of the data and to automatically detect the elements around us. One of the best positioned technologies to perform identification is RFID (Radio Frequency Identification), which in the last years has gained a lot of popularity in applications like access control, payment cards or logistics. Despite its popularity, RFID security has not been properly handled in numerous applications. To foster security in such applications, this article includes three main contributions. First, in order to establish the basics, a detailed review of the most common flaws found in RFID-based IoT systems is provided, including the latest attacks described in the literature. Second, a novel methodology that eases the detection and mitigation of such flaws is presented. Third, the latest RFID security tools are analyzed and the methodology proposed is applied through one of them (Proxmark 3) to validate it. Thus, the methodology is tested in different scenarios where tags are commonly used for identification. In such systems it was possible to clone transponders, extract information, and even emulate both tags and readers. Therefore, it is shown that the methodology proposed is useful for auditing security and reverse engineering RFID communications in IoT applications. It must be noted that, although this paper is aimed at fostering RFID communications security in IoT applications, the methodology can be applied to any RFID communications protocol.
As a result of the progressive implantation of the Industry 4.0 paradigm, many industries are exp... more As a result of the progressive implantation of the Industry 4.0 paradigm, many industries are experimenting a revolution that shipyards cannot ignore. Therefore, the application of the principles of Industry 4.0 to shipyards are leading to the creation of Shipyards 4.0. Due to this, Navantia, one of the 10 largest shipbuilders in the world, is updating its whole inner workings to keep up with the near-future challenges that a Shipyard 4.0 will have to face. Such challenges can be divided into three groups: the vertical integration of production systems, the horizontal integration of a new generation of value creation networks, and the re-engineering of the entire production chain, making changes that affect the entire life cycle of each piece of a ship. Pipes, which exist in a huge number and varied typology on a ship, are one of the key pieces, and its monitoring constitutes a prospective cyber-physical system. Their improved identification, traceability, and indoor location, from production and through their life, can enhance shipyard productivity and safety. In order to perform such tasks, this article first conducts a thorough analysis of the shipyard environment. From this analysis, the essential hardware and software technical requirements are determined. Next, the concept of smart pipe is presented and defined as an object able to transmit signals periodically that allows for providing enhanced services in a shipyard. In order to build a smart pipe system, different technologies are selected and evaluated, concluding that passive and active RFID (Radio Frequency Identification) are currently the most appropriate technologies to create it. Furthermore, some promising indoor positioning results obtained in a pipe workshop are presented, showing that multi-antenna algorithms and Kalman filtering can help to stabilize Received Signal Strength (RSS) and improve the overall accuracy of the system.
The Internet of Things (IoT) is undeniably transforming the way that organizations communicate an... more The Internet of Things (IoT) is undeniably transforming the way that organizations communicate and organize everyday businesses and industrial procedures. Its adoption has proven well suited for sectors that manage a large number of assets and coordinate complex and distributed processes. This survey analyzes the great potential for applying IoT technologies (i.e., data-driven applications or embedded automation and intelligent adaptive systems) to revolutionize modern warfare and provide benefits similar to those in industry. It identifies scenarios where Defense and Public Safety (PS) could leverage better commercial IoT capabilities to deliver greater survivability to the warfighter or first responders, while reducing costs and increasing operation efficiency and effectiveness. This article reviews the main tactical requirements and the architecture, examining gaps and shortcomings in existing IoT systems across the military field and mission-critical scenarios. The review characterizes the open challenges for a broad deployment and presents a research roadmap for enabling an affordable IoT for defense and PS.
This paper presents a novel home automation system named HASITE (Home Automation System based on ... more This paper presents a novel home automation system named HASITE (Home Automation System based on Intelligent Transducer Enablers), which has been specifically designed to identify and configure transducers easily and quickly. These features are especially useful in situations where many transducers are deployed, since their setup becomes a cumbersome task that consumes a significant amount of time and human resources. HASITE simplifies the deployment of a home automation system by using wireless networks and both self-configuration and self-registration protocols. Thanks to the application of these three elements, HASITE is able to add new transducers by just powering them up. According to the tests performed in different realistic scenarios, a transducer is ready to be used in less than 13 s. Moreover, all HASITE functionalities can be accessed through an API, which also allows for the integration of third-party systems. As an example, an Android application based on the API is presented. Remote users can use it to interact with transducers by just using a regular smartphone or a tablet.
The Internet of Things (IoT) involves a wide variety of heterogeneous technologies and resource-c... more The Internet of Things (IoT) involves a wide variety of heterogeneous technologies and resource-constrained devices that interact with each other. Due to such constraints, IoT devices usually require lightweight protocols that optimize the use of resources and energy consumption. Among the different commercial IoT devices, Bluetooth and Bluetooth Low Energy (BLE)-based beacons, which broadcast periodically certain data packets to notify their presence, have experienced a remarkable growth, specially due to their application in indoor positioning systems. This article proposes a family of protocols named Lightweight Protocol for Sensors (LP4S) that provides fast responses and enables plug-and-play mechanisms that allow IoT telemetry systems to discover new nodes and to describe and auto-register the sensors and actuators connected to a beacon. Thus, three protocols are defined depending on the beacon hardware characteristics: LP4S-6 (for resource-constraint beacons), LP4S-X (for more powerful beacons) and LP4S-J (for beacons able to run complex firmware). In order to demonstrate the capabilities of the designed protocols, the most restrictive (LP4S-6) is tested after implementing it for a telemetry application in a beacon based on Eddystone (Google's open beacon format). Thus, the beacon specification is extended in order to increase its ability to manage unlimited sensors in a telemetry system without interfering in its normal operation with Eddystone frames. The performed experiments show the feasibility of the proposed solution and its superiority, in terms of latency and energy consumption, with respect to approaches based on Generic Attribute Profile (GATT) when multiple users connect to a mote or in scenarios where latency is not a restriction, but where low-energy consumption is essential.
Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (I... more Fog computing extends cloud computing to the edge of a network enabling new Internet of Things (IoT) applications and services, which may involve critical data that require privacy and security. In an IoT fog computing system, three elements can be distinguished: IoT nodes that collect data, the cloud, and interconnected IoT gateways that exchange messages with the IoT nodes and with the cloud. This article focuses on securing IoT gateways, which are assumed to be constrained in terms of computational resources, but that are able to offload some processing from the cloud and to reduce the latency in the responses to the IoT nodes. However, it is usually taken for granted that IoT gateways have direct access to the electrical grid, which is not always the case: in mission-critical applications like natural disaster relief or environmental monitoring, it is common to deploy IoT nodes and gateways in large areas where electricity comes from solar or wind energy that charge the batteries that power every device. In this article, how to secure IoT gateway communications while minimizing power consumption is analyzed. The throughput and power consumption of Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC) are considered, since they are really popular, but have not been thoroughly analyzed when applied to IoT scenarios. Moreover, the most widespread Transport Layer Security (TLS) cipher suites use RSA as the main public key-exchange algorithm, but the key sizes needed are not practical for most IoT devices and cannot be scaled to high security levels. In contrast, ECC represents a much lighter and scalable alternative. Thus, RSA and ECC are compared for equivalent security levels, and power consumption and data throughput are measured using a testbed of IoT gateways. The measurements obtained indicate that, in the specific fog computing scenario proposed, ECC is clearly a much better alternative than RSA, obtaining energy consumption reductions of up to 50% and a data throughput that doubles RSA in most scenarios. These conclusions are then corroborated by a frame temporal analysis of Ethernet packets. In addition, current data compression algorithms are evaluated, concluding that, when dealing with the small payloads related to IoT applications, they do not pay off in terms of real data throughput and power consumption.
Nowadays, the railway industry is in a position where it is able to exploit the opportunities cre... more Nowadays, the railway industry is in a position where it is able to exploit the opportunities created by the IIoT (Industrial Internet of Things) and enabling communication technologies under the paradigm of Internet of Trains. This review details the evolution of communication technologies since the deployment of GSM-R, describing the main alternatives and how railway requirements, specifications and recommendations have evolved over time. The advantages of the latest generation of broadband communication systems (e.g., LTE, 5G, IEEE 802.11ad) and the emergence of Wireless Sensor Networks (WSNs) for the railway environment are also explained together with the strategic roadmap to ensure a smooth migration from GSM-R. Furthermore, this survey focuses on providing a holistic approach, identifying scenarios and architectures where railways could leverage better commercial IIoT capabilities. After reviewing the main industrial developments, short and medium-term IIoT-enabled services for smart railways are evaluated. Then, it is analyzed the latest research on predictive maintenance, smart infrastructure, advanced monitoring of assets, video surveillance systems, railway operations, Passenger and Freight Information Systems (PIS/FIS), train control systems, safety assurance, signaling systems, cyber security and energy efficiency. Overall, it can be stated that the aim of this article is to provide a detailed examination of the state-of-the-art of different technologies and services that will revolutionize the railway industry and will allow for confronting today challenges.
The Internet of Energy (IoE) represents a novel paradigm where electrical power systems work coop... more The Internet of Energy (IoE) represents a novel paradigm where electrical power systems work cooperatively with smart devices to increase the visibility of energy consumption and create safer, cleaner and sustainable energy systems. The implementation of IoE services involves the use of multiple components, like embedded systems, power electronics or sensors, which are an essential part of the infrastructure dedicated to the generation and distribution energy and the one required by the final consumer. This article focuses on the latter and presents a smart socket system that collects the information about energy price and makes use of sensors and actuators to optimize home energy consumption according to the user preferences. Specifically, this article provides three main novel contributions. First, what to our knowledge is the first hardware prototype that manages in a practical real-world scenario the price values obtained from a public electricity operator is presented. The second contribution is related to the definition of a novel wireless sensor network communications protocol based on Wi-Fi that allows for creating an easy-to-deploy smart plug system that self-organizes and auto-configures to collect the sensed data, minimizing user intervention. Third, it is provided a thorough description of the design of one of the few open-source smart plug systems, including its communications architecture, the protocols implemented, the main sensing and actuation components and the most relevant pieces of the software. Moreover, with the aim of illustrating the capabilities of the smart plug system, the results of different experiments performed are shown. Such experiments evaluate in real-world scenarios the system's ease of use, its communications range and its performance when using HTTPS. Finally, the economic savings are estimated for different appliances, concluding that, in the practical situation proposed, the smart plug system allows certain energy-demanding appliances to save almost e 70 per year.
This article presents VineSens, a hardware and software platform for supporting the decision-maki... more This article presents VineSens, a hardware and software platform for supporting the decision-making of the vine grower. VineSens is based on a wireless sensor network system composed by autonomous and self-powered nodes that are deployed throughout a vineyard. Such nodes include sensors that allow us to obtain detailed knowledge on different viticulture processes. Thanks to the use of epidemiological models, VineSens is able to propose a custom control plan to prevent diseases like one of the most feared by vine growers: downy mildew. VineSens generates alerts that warn farmers about the measures that have to be taken and stores the historical weather data collected from different spots of the vineyard. Such data can then be accessed through a user-friendly web-based interface that can be accessed through the Internet by using desktop or mobile devices. VineSens was deployed at the beginning in 2016 in a vineyard in the Ribeira Sacra area (Galicia, Spain) and, since then, its hardware and software have been tested to prevent the development of downy mildew, showing during its first season that the system can led to substantial savings, to decrease the amount of phytosanitary products applied, and, as a consequence, to obtain a more ecologically sustainable and healthy wine.