Abstract:In modern systems that rely on the use of Battery Management Systems (BMS), longevity and the re-use of battery packs have always been important topics of discussion. These battery packs would be stored inside warehouses where they would need to be properly monitored and configured before their re-integration into the new systems. Traditional use of wired connections can be very cumbersome, and sometimes even impossible, due to the outer layers and packaging. To circumvent these issues, we propose an extension… Show more
“…We base our design of the DKD on the use of the STS protocol [11], [17]. STS is a known protocol used in wide networks; however, it has not been previously investigated for use with the ECQV.…”
Be it in the IoT or automotive domain, implicit certificates are gaining ever more prominence in constrained embedded devices. They present a resource-efficient security solution against common threat concerns. The computational requirements are not the main issue anymore. The focus is now placed on determining a good balance between the provided security level and the derived threat model. A security aspect that often gets overlooked is the establishment of secure communication sessions, as most design solutions are based only on the use of static key derivation, and therefore, lack the perfect forward secrecy. This leaves the transmitted data open for potential future exposures by having keys tied to the certificates rather than the communication sessions. We aim to patch this gap, by presenting a design that utilizes the Station to Station (STS) protocol with implicit certificates. In addition, we propose potential protocol optimization implementation steps and run a comprehensive study on the performance and security level between the proposed design and the state-of-the-art key derivation protocols. In our comparative study, we show that with a slight computational increase of 20% compared to a static ECDSA key derivation, we are able to mitigate many session-related security vulnerabilities that would otherwise remain open.
“…We base our design of the DKD on the use of the STS protocol [11], [17]. STS is a known protocol used in wide networks; however, it has not been previously investigated for use with the ECQV.…”
Be it in the IoT or automotive domain, implicit certificates are gaining ever more prominence in constrained embedded devices. They present a resource-efficient security solution against common threat concerns. The computational requirements are not the main issue anymore. The focus is now placed on determining a good balance between the provided security level and the derived threat model. A security aspect that often gets overlooked is the establishment of secure communication sessions, as most design solutions are based only on the use of static key derivation, and therefore, lack the perfect forward secrecy. This leaves the transmitted data open for potential future exposures by having keys tied to the certificates rather than the communication sessions. We aim to patch this gap, by presenting a design that utilizes the Station to Station (STS) protocol with implicit certificates. In addition, we propose potential protocol optimization implementation steps and run a comprehensive study on the performance and security level between the proposed design and the state-of-the-art key derivation protocols. In our comparative study, we show that with a slight computational increase of 20% compared to a static ECDSA key derivation, we are able to mitigate many session-related security vulnerabilities that would otherwise remain open.
“…By relying only on NFC, we are able to provide a solution for three different scenarios that extend the BMS functionality, as described in Table I. : (i) active readout of internal sensors [19], (ii) idle state scenario considered for off-vehicle use cases, and (iii) active diagnostic readout [20].…”
Section: The Novel Bms Design For Wireless Readoutmentioning
confidence: 99%
“…Therefore, it is of utmost importance to secure the location of the master key with an SM. We rely on the use of SNDEF records [20].…”
Section: B Security Protocol For External Bms Readoutmentioning
confidence: 99%
“…The security design for external readout, which considers the idle state and active diagnostics use cases, is based on the lightweight security design for authentication and data exchange proposed in [20]. We formalize the protocol in Figure 4.…”
Section: B Security Protocol For External Bms Readoutmentioning
confidence: 99%
“…In response to the aforementioned challenges, we present in this paper a complete design for wireless BMS internal and external data communication based on NFC. To extend on the previous work in this area, we unify two separate designs, one targeting internal sensor readout from battery packs and the other targeting external status and diagnostic readout in a BMS system design [19], [20].…”
Battery management systems (BMS) are becoming increasingly important in the modern age, where clean energy awareness is getting more prominent. They are responsible for controlling large battery packs in modern electric vehicles. However, conventional solutions rely only on a wired design, which adds manufacturing cost and complexity. Recent research has considered wireless solutions for the BMS. However, it is still challenging to develop a solution that considers both the active in-vehicle and the external second-life applications. The battery passport initiative aims to keep track of the batteries, both during active and inactive use cases. There is a need to provide a secure design while considering energy and cost-efficient solutions. We aim to fill this gap by proposing a wireless solution based on near-field communication (NFC) that extends previous work and provides a unified architecture for both use cases. To provide protection against common wireless threats, an advanced security analysis is performed, as well as a system design analysis for the wake-up process that reduces the daily power consumption of the stored battery packs from milli-to microwatts.
The Industrial Internet of Things (IIoT) paradigm is a key research area derived from the Internet of Things (IoT). The emergence of IIoT has enabled a revolution in manufacturing and production, through the employment of various embedded sensing devices connected with each other by an IoT network, along with a collection of enabling technologies such as artificial intelligence (AI) and edge/fog computing. One of the unrivaled characteristics of IIoT is the inter-connectivity provided to industries; however, this characteristic might open the door for cyber-criminals to launch various attacks. In fact, one of the major challenges hindering the prevalent adoption of the IIoT paradigm is IoT security. Inevitably, an increasing number of research proposals have been introduced over the last decade to overcome these security concerns. To obtain an overview of this research area, conducting a literature survey of the published research is necessary, eliciting the various security requirements and their considerations. This paper provides a literature survey of IIoT security, focused on the period from 2017 to 2023. We identify IIoT security threats and classify them into three categories, based on the IIoT layer they exploit to launch these attacks. Additionally, we characterize the security requirements that these attacks violate. Finally, we highlight how emerging technologies, such as AI and edge/fog computing, can be adopted to address security concerns and enhance IIoT security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.