My course on WSN and VANET Security
This course is included in the Doctoral Program in Information and Communication Technology at the University of L'Aquila. It deals with the security management principles - according to ISO 31000 Risk Management - and the applicable techniques to Wireless Sensor Networks (WSN) and Vehicular Ad hoc NETworks
(VANET), special classes of wireless ad hoc networks.
Wireless sensor networks (Wireless Sensor Network, WSN), wireless inter-vehicular and intra-vehicular networks (Vehicular Ad-hoc Networks, VANET) are instances of wireless ad-hoc networks.
Wireless ad-hoc networks can be rightly considered as enablers for Operation Technologies (OT): nowadays we are observing a process of convergence with the extension of classical IT cyber risks also to OT domain to be managed in accordance with the NIS and the future NIS2 by OSE (Operatori di Servizi Essenziali).
The seminar objective is introducing WSN and VANET security issues, challenges and risk countermeasures as a simple but concrete guide line to manage a Cyber Security Management Process compliant to ISO and NIST standards.
According to the ISO 31000, we can refer to "security management process" as a 4-steps iterated process starting from cyber risk identification, evaluation and quantification, mitigation and continuous monitoring until a residual risk assumed acceptable has been reached: in other words "security application" corresponds to a rebalancing process where security vulnerabilities get reduced when the proper countermeasures (in this case specific security functions) are applied. The "Required Security Level" (RSL) for the system can be determined from the analysis of its security vulnerabilities, hence RSL evaluation strongly depends on the evaluation / quantification of cyber vulnerabilities (CRQ). Techniques for CRQ for an IT-OT integrated scenario are described. On the other side, the security performance offered by a security function (that can quantitatively estimated) determines the "Offered Security Level" (or "Expected Security Level"). The condition for the "security application" to a specific network function is given by its "Required Security Level" balanced by the "Offered Security Level" of some security function.
ISO 31000 defines passive and active countermeasures: from a security point of view, passive functions typically include cryptographic techniques, hashing, message authentication codes, secure routing, while active functions include estimation techniques of system behavior or misbehavior able to detect cyber attacks (intrusion / attack detection and classification) through the issue of an alarm. ISO 31000 principles inspire the operative procedures for the specific technical standards in engineering domains: e.g. ISO 27000 family for the ICT domain, ISO 26262 and the future ISO 21434 for the automotive domain.
Mathematical methods to compute the security performance of a cryptographic technique are set by the "information theoretic security" - or information theory applied to security - introduced by C. E. Shannon in 1949 with its masterwork "Communication Theory of Secrecy Systems".
Passive security functions for WSNs and VANETs are still based on the ordinary cryptographic mechanisms (symmetric, asymmetric, hybrid schemes) but the technical constrains of the microprocessors embedded into WSN and VANET nodes push to innovative and raffinate techniques such as elliptic curve cryptography (ECC) and identity-based cryptography (useful for privacy preserving in VANETs). Active security functions are based on behavior estimators and classifiers derived from the theory of Discrete Event Dynamic Systems and Machine Learning algorithms.
The course introduces specific set of security techniques applicable to WSN and VANET systems that usually result in hybrid approaches trying to optimize benefits of the ordinary schemes with network constrains.
The course reports the passive and active security functions from literature and those that have been introduced and developed at Univaq labs during last years currently employed in several projects as SEAMLESS, EMERGE, SHINE-ON: TAKS (Topology Authenticated Key Scheme) and its ECC-based version ECTAKS (Elliptic Curve Topology Authenticated Key Scheme) as well as the intrusion detection system WIDS (WPM-based Intrusion Detection System) and MVET (Mean-Variance Evaluation Technique).
In this sense the family of cryptographic schemes
denoted as TAKS (Topology Authenticated Key Scheme) and the intrusion
detection system denoted as WIDS (WPM-based Intrusion Detection System) are introduced. TAKS (and its ECC-based version denoted as ECTAKS) and
WIDS techniques have been designed at DEWS within the WINSOME Project (Wireless
Sensor Network Secure System for Structural
Integrity Monitoring and Alerting). WINSOME is an experimental platform where security functions TAKS and WIDS have been developed and tested on various WSN technologies
by students from M. S. and Ph. D. courses to build demonstrators ready for customizations in other projects. As an example TAKS and WIDS have been successfully implemented over a clustered IRIS-based WSN in PNRM SEAMLESS Project and currently into operation to collect and monitor parameters related to the agricoltural sector in ECSEL AFarCloud Project.
Slides from A.A. 2024/25 course:
The course. Risk Based Thinking. Elements of a wireless network, Wireless Network Taxonomy: Wireless Sensor Network (WSN) vs. Mobile Ad hoc Network (MANET) vs. Vehicular Ad hoc Network (VANET).
Part I: Security analysis applied to WSN and VANET
I.1 The framework of Security Management. From Risk to Security Management: Security Management Process, Approaches for Risk Evaluation, Techniques for Risk Evaluation, P-I Matrix and isorisk curves, FTA – CVSS, NIST SP 800-30 Guide for Conducting a Risk Assessment. Security management in the automotive domain: ISO / SAE 21434, Threat Analysis and Risk Assessment (TARA), Cybersecurity Risk Quantification technique EVITA, Guide line for TARA execution using EVITA. Reference Cyber Security functions: Security metrics, Timing Constraints, Cyber Risk Mitigation.
I.2 The case of WSN. Definition of WSN. Applications, Design Issues, Reference WSN Architecture. IEEE 802.15.4.
I.3 The case of VANET. Definition of VANET. VANET
vs. MANET. VANET Applications. Inter-Vehicular Communications Systems.
Intra-Vehicular Communications Systems.
I.4 Threats and Attacks against WSN and VANET. Classification of Cyber attackers, Classification of attacks, Cyber attacks against WSN, Cyber attacks against VANET, Cyber attacks against Intra-Vehicle Communications, Classification of the Security Functions.
Part II: Mitigation Measures: Security Techniques for WSN and VANET
II.1 Passive Security Functions. Mathematical background: Kerckhoffs' principle. The Shannon's lessons, Modular Arithmetic, Generating Prime Numbers, Generating Pseudo-random Numbers, Elliptic Curve (EC) Algebra, Discrete Logarithm Problem and its EC version, Pairings on Elliptic Curves, Zero Knowledge Proof. Techniques: Ciphering, Hash functions, Message authentication codes, Digital signatures. Key Establishment Protocols: Symmetric KEP, Asymmetric KEP, ID Based KEP, Hybrid KEP, Authentication of public key.
II.2 Active Security Functions. Mathematical background: Dynamic Systems, Discrete Events Dynamical Systems (DEDS), The Intrusion Detection Problem: DEDS Modeling using Petri Nets, Mapping PN into a finite automaton (FA), Identification of observables and hidden states, State Sequence Estimation. Behavior Classifier. Information Theoretic Model of an Intrusion Detection System. Techniques: Machine Learning, Anomaly Detection System, Audit data, Representation Model: Rules Based Techniques, Statistics Based Techniques. Classification Model.
II.3 Security Techniques made in Univaq. TAKS/ECTAKS: TAKSx driving ideas & main features, TAKS Definition, TAK Equations, Geometric Interpretation of TAK, Authenticated Network Topology. ECC-based TAKS (ECTAKS), ECTAKS vs. ECDHE. ECTAKS Schemes for Encryption / Decryption and Sender Signature. Intro to ECTAKS Security Proof. Selective Secure Clusterwise Communications. TAKSx release chronology. WIDS/MVET: WIDS driving ideas & main features, reference architecture, technique, security analysis. WIDS for IEEE 802.15.4 systems. MVET driving ideas & main features, reference architecture, technique, performance analysis.
II.4 VANET Security and Privacy. V2X Communications Security: Architecture, Analysis, Privacy preserving solutions. Intra-Vehicle Communications Security: Vulnerabilities, Countermeasures.