Secure Communications in CIoT Networks with a Wireless Energy Harvesting Untrusted Relay

The Internet of Things (IoT) represents a bright prospect that a variety of common appliances can connect to one another, as well as with the rest of the Internet, to vastly improve our lives. Unique communication and security challenges have been brought out by the limited hardware, low-complexity, and severe energy constraints of IoT devices. In addition, a severe spectrum scarcity problem has also been stimulated by the use of a large number of IoT devices. In this paper, cognitive IoT (CIoT) is considered where an IoT network works as the secondary system using underlay spectrum sharing. A wireless energy harvesting (EH) node is used as a relay to improve the coverage of an IoT device. However, the relay could be a potential eavesdropper to intercept the IoT device’s messages. This paper considers the problem of secure communication between the IoT device (e.g., sensor) and a destination (e.g., controller) via the wireless EH untrusted relay. Since the destination can be equipped with adequate energy supply, secure schemes based on destination-aided jamming are proposed based on power splitting (PS) and time splitting (TS) policies, called intuitive secure schemes based on PS (Int-PS), precoded secure scheme based on PS (Pre-PS), intuitive secure scheme based on TS (Int-TS) and precoded secure scheme based on TS (Pre-TS), respectively. The secure performances of the proposed schemes are evaluated through the metric of probability of successfully secure transmission (PSST), which represents the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. PSST is analyzed for the proposed secure schemes, and the closed form expressions of PSST for Pre-PS and Pre-TS are derived and validated through simulation results. Numerical results show that the precoded secure schemes have better PSST than the intuitive secure schemes under similar power consumption. When the secure schemes based on PS and TS polices have similar PSST, the average transmit power consumption of the secure scheme based on TS is lower. The influences of power splitting and time slitting ratios are also discussed through simulations.


Introduction
Internet of Things (IoT) represents an emerging era of networking that provides ubiquitous connectivity and information exchange spanning home, vehicular, healthcare monitoring and industrial environment [1][2][3][4]. A large number of common entities with computing and communication capabilities can be connected to the Internet. The pervasive sensing and control capabilities of such smart objects will lead to a transformative change of the whole society. Although the term IoT has been proposed for almost a decade [5], the corresponding technologies and protocols are still open research issues.
A serious issue caused by the usage of massive IoT devices is the spectrum scarcity. The concept of Cognitive Internet of Things (CIoT) has been advocated to solve this problem [6][7][8][9][10][11]. In a CIoT network, an IoT device acts as an unlicensed secondary user and operates on the same spectrum bands owned by a licensed primary user. According to the sensing ability of the IoT device, the IoT device can access the spectrum in different ways. When the IoT device has the capability of spectrum sensing, it senses the spectrum and transmits when a spectrum whole is detected. This kind of dynamic spectrum access is called overlay spectrum sharing [12]. However, it is challenging to design lightweight spectrum sensing algorithms with high detection probability for a simple and energy-constraint device. When the IoT device does not sense the spectrum, it accesses the primary spectrum bands as long as the secondary transmission satisfies the interference threshold constraint [12], which indicates the tolerance of the secondary transmission at the primary receiver [13]. This kind of dynamic spectrum access is called underlay spectrum sharing [10]. To satisfy the interference threshold constraint, it is required that the secondary user has the knowledge of the interference level at the primary receiver. Spectrum leasing is another way to access the primary spectrum bands when the IoT device does not employ spectrum sensing [9,11]. In CIoT networks based on spectrum-leasing, the primary user leases its spectrum to the secondary user who has helped to relay the primary signals. Despite the limited resources including restricted power supply, limited data processing capability and range of communication, the IoT devices have to share their precious resources with the primary user to win the rights to access the primary spectrum.
Communication security is obviously another critical problem in IoT networks, due to their extensive application in commercial, governmental, industrial and military applications [14]. However, the broadcast nature of wireless communication makes the transmission vulnerable to eavesdropping attack. Traditional cryptographic encryption has been widely used to protect the message from being eavesdropped [15,16]. Nevertheless, there are difficulties and vulnerabilities associated with key distribution and management in IoT networks that have a very large number of resource-constrained IoT devices, heterogeneous Radio access technologies (RATs) and different subsystems controlled by distinct operators. As a result, lightweight protocols with high efficiency are appealing solutions for the security issues in the IoT.
Physical layer security (PLS) has attracted much attention recently, since it is generally irrelevant to the RAT, and offers "built-in" security that is information-theoretically unbreakable. The main idea of PLS is exploiting the wireless channels and interference environments to keep the confidential message from eavesdropping. So far, a variety of PLS techniques have been proposed, such as artificial noise techniques [17], cooperative relay transmission [18], secure beamforming [19], and coding strategy [20]. Since cooperative communication through the relays has proven advantageous in improving the network coverage and energy efficiency, PLS techniques based on cooperative relay transmission are of significant importance in the IoT, where the devices usually have restricted power supply and limited coverage range for the reliable communication. Numerous papers have emerged to deal with the secrecy issue in relay networks where the relays are trusted and act as friendly helpers to resist external eavesdroppers [18,21,22]. However, the relay itself should be considered as an untrusted entity in some applications. For example, in defense, financial, and government intelligence networks, different users have the different rights to access information. Furthermore, a relay from a different network may not have the permission to acquire the information as the source and the destination does. How to keep the information confidential from the relay is an important security issue.
Taking into consideration the severe issues of spectrum scarcity and security, a CIoT network is considered and underlay spectrum sharing strategy is used, where sensing capability is not required for the IoT devices. A relay acts as an information forwarder as well as a potential eavesdropper. Without considering the energy constraint of the relay, numerous papers have studied the secure transmission via the relays [23,24]. Since energy harvesting techniques can exploit the external energy source and relieve devices from the constraints induced by battery usage, a prospective study on the secure transmission via an energy harvesting relay is provided in this paper. To enhance the security of the CIoT network, the destination transmits jamming signals to jam the untrusted relay while the IoT device transmits the information signals. Both the information and jamming signals are used by the EH relay for energy harvesting. Power splitting (PS) and time splitting (TS) receiver architectures [25] are used at the relay. Our main contributions and key results are summarized in the following.

•
We propose PLS transmission schemes for a CIoT network where an untrusted relay helps the secondary transmission. To the best of our knowledge, this is the first paper to consider the security issue in an underlay CIoT network with an untrusted relay from the PLS perspective.
Since the transmissions of the IoT nodes may cause interference with the primary receiver, the existing secrecy criteria (e.g., secrecy outage or secrecy rate) can not describe the system performance properly. In this paper, we derived a new criterion to illustrate the secrecy performance of the CIoT network.

•
To protect the information from being intercepted by the untrusted relay, amplify-and-forward relaying protocol is used and destination-aided jamming strategy is adopted. An intuitive secure scheme and a precoded secure scheme are proposed for the CIoT network based on PS and TS policies, respectively. The secrecy performances of these schemes are evaluated by the probability of successfully secure transmission (P SST ), which represents the probability that the interference threshold constraint is satisfied and the secrecy rate of the secondary transmission is positive. The closed forms of P SST of the precoded secure schemes based on PS and TS policies are given and verified with the simulation results.

•
We compare the intuitive secure scheme and the precoded secure scheme based on PS and TS policies, and find out that the precoded secure schemes have better P SST than the intuitive secure schemes under similar power consumption. Moreover, the precoded secure scheme based on TS policy is more energy efficient than that based on PS policy.

•
The numerical results show that P SST of the PS policy is not sensitive to the PS ratio when P SST reaches a certain value, and an optimal PS ratio maximizing the achievable secrecy rate is considered under the P SST constraint. In the TS policy, the time splitting ratio shows both constructive and destructive effects on the two-hop secondary transmission via the EH untrusted relay. Thus, there exists an optimal energy harvesting time in the TS policy that maximizes P SST .
The rest of the paper is organized as follows. We discuss the related work in Section 2. Section 3 describes the CIoT network with an untrusted EH relay. The PLS schemes based on PS and TS policies are proposed in Sections 4 and 5, respectively, where the performances of the proposed PLS schemes are analyzed in terms of P SST . Numerical results are presented in Section 6, and the effects of different system parameters on the secrecy performance of the proposed PLS schemes are discussed and various design insights are obtained. Finally, we draw conclusions in Section 7.

Related Work
The related research about physical layer security suitable for IoT is summarized in this section. Then, we discuss some existing work on PLS using untrusted relays and energy harvesting entities.
There are two main categories of PLS techniques: (1) intelligent designs to keep the information secure from the eavesdroppers where no secret key is needed; and (2) generation of secret keys over public channels by exploiting the wireless communication medium [26]. In this paper, we are more interested in the first category, which does not require error-free two-way public channels. Moreover, keyless secrecy methods are more easily extended to large-scale sensor networks.
In the downlink communication network of the IoT, the controllers transmit signals, and they could be equipped with multiple antennas and adequate energy supply. The PLS schemes such as optimal precoding, artificial noise and secure space-time coding can be applicable in the IoT, and the pros and cons of these conventional PLS techniques have been summarized in [14]. Secrecy rate and secrecy outage probability are main metrics to evaluate the secrecy performance. In the uplink communication network of the IoT, an IoT device, such as a sensor or a surveillance camera, transmits to the controller, and the IoT device is usually resource-constrained. The channel-aware encryption (CAE) scheme proposed in [27] is an appealing solution in sensor networks where sensors have very low data rate. In the CAE scheme, a sensor may stay dormant, report a "flipped" decision, or report its unaltered local decision at each instant. How it acts depends on where its instantaneous channel fading gain to the legal controller falls among some known thresholds. How to optimize these comparison thresholds is not discussed by the authors in [27]. In [28], the optimal thresholds were derived to further improve the performance. When relays are used in IoT networks with passive eavesdroppers with locations, a randomize-and-forward relay scheme has been proposed in [29]. The authors formulated a secrecy-rate maximization problem subject to a secrecy-outage-probability constraint, and designed the optimal power allocation and codeword rate [29]. Considering the spectrum scarcity, a Cognitive Internet of Things (CIoT) has been proposed where the IoT device acts as a secondary user and accesses the primary spectrum by using the spectrum-leasing strategy [9]. To achieve secure transmission, the authors utilized cooperative jamming performed by an energy harvesting helper. Based on the cooperative jamming scheme, an auction framework was proposed to build an incentive mechanism for the secondary users. The channel assignment problem in time-critical IoT-based cognitive radio networks under proactive jamming attacks was considered in [30]. Subject to delay constraints, a probabilistic spectrum assignment algorithm that aimed at minimizing the packet invalidity ratio of each cognitive radio transmission has been proposed. Since energy harvesting is an appealing and promising technology [31,32], more and more papers study PLS problems with EH nodes recently. In [10], the PLS issue of cognitive sensor radio networks (CSRNs) with an external EH eavesdropper was investigated. Underlay spectrum sharing was used in CSRNs. The sensor node acts as the secondary user, and adjusts its transmit power to guarantee the primary user's quality-of-service (QoS). Two scenarios with different interference power constraints were studied and the closed-form analytical expressions of secrecy outage probability for both cases were derived [10]. Authors in [33] considered an underlay cognitive radio system, where a source in a secondary system transmitted information to a full-duplex (FD) wireless EH destination node in the presence of an eavesdropper. The harvested energy at the destination was used to send jamming signals, so that the eavesdropper's decoding capacity is degraded. Upper and lower bounds of probability of strictly positive secrecy capacity (SPSC) have been derived in [33]. However, these existing secure schemes are based on the assumption that the nodes in the IoT or CIoT are trusted, and they are designed to prevent interception from the eavesdroppers outside.
When untrusted relays are considered, numerous PLS schemes have been proposed based on different relaying protocols. Authors in [34] adopted a successive amplify-and-forward (AF) relaying scheme, where the multi-antenna source transmitted to two selected nodes alternately. The inter-relay interference, which is usually regarded as detrimental, was used to jam the untrusted nodes. The authors proposed several relay selection schemes with different complexities and derived the closed-form expressions of the lower bound of secrecy outage probability in [34]. For multiple-antenna untrusted relay systems, a joint destination-aided cooperative jamming and precoding scheme was devised to maximize the secrecy rate by jointly designing the precoding matrices for the source, relay, and destination [35]. Authors in [23] proposed a modulo-and-forward (MF) protocol at the relay with nested lattice encoding at the source to improve the secrecy in a dual-hop untrusted relay network. A multi-hop line network was considered in [24], where each node received signals transmitted by its neighbors, and the leftmost node sent messages to the rightmost node. When any or all of the relay nodes can be eavesdroppers, it has been shown in [24] that it is possible to achieve end-to-end secure and reliable communication by utilizing nested lattice codes. Kalamkar, S.S. et. al. in [32] investigated the problem of secure cooperative communication with the help of a wireless EH untrusted node. To realize the positive secrecy rate, destination-aided cooperative jamming was used. Analytical expressions were derived for the secrecy outage probability and the ergodic secrecy rate to evaluate the secrecy performance in [32].
The goal of this paper is to solve the security problem in a CIoT network where a wireless EH untrusted node is used to relay the IoT device's information. Underlay spectrum sharing is adopted by the CIoT network to relieve the stress of spectrum scarcity. As long as the interference threshold constraint is satisfied, the IoT device and the relay can access the primary spectrum, and the capability of spectrum sensing is not required. Although the IoT device and the relay may have strict energy constraints, the controller could have adequate energy supply. Therefore, destination-aided cooperative jamming is used to provide secure transmission. Together with the source signal, this jamming signal is also used for energy harvesting at the relay.

System Model
The considered CIoT network is shown in Figure 1, where an IoT network works as the secondary network, and the primary network has a primary receiver P. The primary transmitter is located far away from the IoT network as in [10,33]. Therefore, there is no interference from the primary transmitter to the IoT network. In the secondary IoT network, an IoT device S (e.g., sensor) tries to transmit to the destination D (e.g., controller) through an EH untrusted relay node R. The direct link between S and D is unavailable. Although the untrusted relay helps the secondary transmission, S and D try to prevent information leakage to the relay. Each node is equipped with a single antenna and works in half-duplex mode. Channel reciprocity is assumed as in [32]. It is assumed that all links experience independent and quasi-static Rayleigh fading, and the channel remains constant during the period of T [32]. The channel power gain is given by h c 2 , which has exponential distribution with mean g c , i.e., where h c represents the link between S − R, D − R, S − P, D − P or R − P, the subscript c can be SR, DR, SP, DP, and RP accordingly, and f |h c | 2 (x) is the probability density function of random variable |h c | 2 . For secondary transmissions, the interference with the primary receiver P is required to be under the interference threshold Γ. Assume that the secondary nodes know the statistic channel information between them and the primary receiver [36]. As in [31,37], the relay uses the harvested energy completely for the transmission. PS and TS based receiver-architecture are used at R, and the receiver architecture for the separated information and energy receiving is shown in Figure 2. With PS, the information receiver and the energy receiver are both in on mode for a duration of T. The relay splits the received power for two purposes: one part for energy harvesting and the remaining part for information processing. With TS, the relay splits the time of T, and switches between the status of energy harvesting and information processing.

+ Energy receiver
Information receiver Figure 2. Architecture for the separated information and energy receiver [25].
It should be pointed out that R is untrusted, and it may attempt to decode the source information while relaying the information. In the following, we will give secure relaying schemes based on PS and TS policies. Unless otherwise stated, the notations are consistent in this paper.

Secure Schemes Based on PS Policy
As shown in Figure 3, a transmission period of T for the PS policy is divided into two phases with equal durations. In the first phase, S and D transmit simultaneously to R with power P S and P D respectively. The jamming signal transmitted by D is used not only as an interference but also as an energy source to R. R uses ρ (0 < ρ < 1) of the received power for energy harvesting and the rest (1 − ρ) of the received power for information processing. ρ is the power splitting ratio. By exploiting the harvested energy, R amplifies and forwards the received information to D in the second phase. An intuitive secure scheme based on PS policy (Int-PS) is given as follows.
where η ∈ (0, 1] is the energy transform efficiency, whose value depends on the energy harvesting circuit design of R. The terms P S |h SR | 2 and P D |h DR | 2 in (2) represent the power received at R from S and D, respectively. Then, R uses the harvested energy to forward the source information to D in the second phase, and the transmit power of R becomes R uses the remaining (1 − ρ) of the received signal in the first phase for information processing. Denote this part of signal as y R , and y R is expressed as where x S is the information signal of unit power, x D is the jamming signal with unit power transmitted from D, n R is the additive white Gaussian noise (AWGN) at R, and n R ∼ CN (0, σ 2 R ). The untrusted relay may try to intercept the information message x S of S. Based on (4), the signal to interference and noise ratio (SINR) at R can be given as Similarly, the received signal y p1 at the primary user P is where n P1 is the AWGN at P in the first phase, n P1 ∼ CN (0, σ 2 P1 ). The received power of interference plus AWGN at P is given as In the second phase, R amplifies y R as x R = βy R , and forwards where (8) can be cancelled by D since the jamming signal x D was sent by D itself. After the self-interference cancellation, the remainging signal y D at D becomes The signal to noise (SNR) at D can be written as Substituting β in (10), the SNR at D is rewritten as Finally, we can get the instantaneous power interference to P in the second phase as where σ 2 P2 is the power of the noise at P in the second phase.

Probability of Successfully Secure Transmission of Int-PS
Since R is untrusted, the instantaneous secrecy rate R S of the secondary IoT network can be written as [38] where [x] + = max(x, 0). In the CIoT network, P SST represents the probability of successfully secure transmission. Note that "the successfuly secure transmission" represents that only when the total interference power at the primary user is under the interference threshold can the source transmit its message to the destination, while the secrecy rate is greater than zero. Therefore, P SST of the CIoT network is defined as where Γ is the interference threshold of P.
From the expressions of R PS S , P Int−PS

I1
, and P Int−PS

I2
, we can find out that the event P Int−PS I1 ≤ Γ is independent from the events R PS S > 0 and P Int−PS I2 ≤ Γ, respectively. Thus, the expression of P Int−PS SST can be written as In the following, we will calculate P r (P Int−PS I1 ≤ Γ) and Pr(R PS S > 0, P Int−PS I2 < Γ) separately: where X 1 = P S |h SP | 2 , X 2 = P D |h DP | 2 , and u = Γ − σ 2 P1 . Since X 1 and X 2 are exponentially distributed random variables with rate parameter λ 1 and λ 2 , the probability density function of X 1 + X 2 is calculated as where λ 1 = 1/(P S g SP ), λ 2 = 1/(P D g DP ).
Using (17) in (16), we can get By evaluating the integral in (18), we can get The second term of the right side of (15) can be calculated as follows: where It is challenging to obtain a closed-form solution for the double integral (20); however, the problem can be numerically solved through computer simulation. Combining (19) and (20), P SST of Int-PS can be obtained.

Precoded Secure Scheme Based on PS Policy
From the derivation of P Int−PS SST , we can see that, as the channel quality between the IoT nodes gets better, the chance of outage in the second phase increases, which would degrade P SST . In order to eliminate this effect, a precoded secure scheme based on PS policy (Pre-PS) is proposed to eliminate the influence of the channels.

Energy Harvesting and Information Processing of Pre-PS
In the precoded scheme, the EH relay broadcasts training signals so that both S and D estimate the channels between them and R. The transmit signals from S and D are For the precoded secure scheme, the transmit power at R becomes P H = ηρ(P S + P D ). (22) (1 − ρ) of the received signal in the first phase is used for information processing at R, and it can be written as Based on (23), the SI NR at R can be written as Similarly, the received signal at P is written as and the instantaneous interference at P is given as In the second phase, amplify-and-forward relaying protocol is used at R, and the transmit signal of R is expressed as x R = βy R , where β = P H (1−ρ)(P S +P D )+σ 2 R . After performing interference self-cancellation, the received signal y D at D becomes and the received SNR at D is Similarly, we can get the received power of interference plus AWGN at P as In the following, we will formulate the P Pre−PS SST in two steps. Firstly, where where θ = In addition, where λ 6 = 1/g SR . Substituting (33) in (32) and exchanging the order of integration, we get By making use of the method of partial fraction expansion, 3 and 4 can be reduced as u 0 exp(−θ(λ 2 y + λ 3 )) y − (λ 6 /λ 1 + u) dy = exp(−θ(λ 3 + λ 6 λ 2 /λ 1 + λ 2 u))[ei(λ 2 λ 6 θ/λ 1 ) − ei(λ 2 λ 6 θ/λ 1 + λ 2 θu)], where ei(x) is the exponential integral, and ei(x) = − ∞ −x (exp(−t)/t)dt. By substituting (36) into (34) and combining similar terms, we can get where E 1 = ei(−λ 3 θ) − ei(−λ 2 θu − λ 3 θ) and E 2 = ei(λ 6 λ 2 θ/λ 1 ) − ei((λ 6 /λ 1 + u)λ 2 θ), respectively. Therefore, the analytical expression of P Pre−PS SST is obtained as follows: where a = λ 3 λ 6 /λ 1 , b = λ 3 /λ 2 + λ 6 /λ 1 + u.

Secure Schemes Based on TS Policy
The TS-policy-based relaying protocol is shown in Figure 4, where the first τT duration (0 < τ < 1) is used by R to harvest energy from the received signals, while the rest (1 − τ)T duration is further split into two equal subslots, each of duration (1 − τ)T/2. τ is the time splitting ratio. In the first subslot, S transmits the information, and D transmits a jamming signal simultaneously. In the second subslot, R amplifies and forwards the received signal to D. An intuitive secure scheme based on TS policy (Int-TS) is illustrated as follows.

Energy Harvesting and Information Processing of Int-TS
For the TS policy described above, the harvested energy E H at R is given as Then, this harvested energy is used by R to forward the information, and the transmit power is In the first subslot, S and D transmit to R at the same time. Both the information signal and jamming signal are received by R, which can be expressed as Based on (41), the received SINR at R can be written as (42) Similarly, the received signal y P1 at P is written as and the instantaneous interference power to P is In the second subslot, R forwards the amplified version x R = βy R to D, where . By subtracting the self-interference term, the resultant received signal The SNR at D can be written as Finally, the instantaneous interference power to P in the second subslot can be expressed as

Probability of Successfully Secure Transmission of Int-TS
The instantaneous rate of the TS policy is calculated by where the coefficient (1 − τ)/2 denotes the effective time of information transmission. Referring to the intuitive scheme based on PS policy, P Int−TS SST can be expressed as Note that the probability of the event P Int−TS I1 ≤ Γ has been acquired in (19), and where , respectively. As in Section 4.1.2, it is difficult to solve the above integral due to the complexity of the integrand function.

Precoded Secure Scheme Based on TS Policy
Owing to the AF protocol, the intuitive secure scheme based on TS policy encounters the same problem as the intuitive secure scheme based on PS policy. That is, the chance of outage in the second subslot increases as the channel quality of the link between R and S (D) improves. Therefore, taking into consideration of the channel influence, we propose the precoded scheme based on TS policy (Pre-TS) in the following.

Energy Harvesting and Information Processing of Pre-TS
For Pre-TS, the transmit power at R is given as while the received signal at R is given by Based on (52), the SINR at R can be written as Similarly, we denote the received signal at P as In addition, the instantaneous interference power plus the noise at P is given as In the second subslot, R forwards the amplified version x R = βy R to D, where β = P H P S +P D +σ 2 R . Then, the received signal at D is written as Thus, by a series of simplifications, the SNR at D eventually becomes Similarly, the instantaneous interference power plus the noise at P in the second subslot can be expressed as

Probability of Successfully Secure Transmission of Pre-TS
Imitating the formulation of P SST for Pre-PS, the expression of P Pre−TS SST can be written as where . The detailed derivation follows the same steps as in section 4.2.2. Thus, we skip the process here for brevity.

Discussion and Simulations
Numerical results are presented in this section to investigate the secrecy performance of the CIoT network where an untrusted wireless EH relay is used to help the secondary transmission. We discuss the influence of different system parameters on the probabilities of successfully secure transmission of the intuitive and precoded secure schemes based on PS and TS policies. Unless otherwise explicitly specified, simulation parameters are set as η = 0.5, σ 2 D = σ 2 R = σ 2 P1 = σ 2 P2 = σ 2 , Γ/σ 2 = 23 dB, g SP = g DP = g RP and g SR = g DR . Let α = g SR /g SP . We define the transmit SNR of S and D for intuitive secure schemes as P S /σ 2 = 20dB and P D /σ 2 = 20 dB, respectively.

Comparison between Int-PS and Pre-PS
In this subsection, the influence of power splitting factor ρ on P SST is discussed for the intuitive and precoded secure schemes based on PS policy. The channels are assumed independently identically distributed, and g c = 1. For a certain transmission, the transmit SNR for the precoded secure schemes is denoted as P i /σ 2 |h iR | 2 (i ∈ {S, D}). The average transmit SNR is referred to the ratio of the average transmit power to the noise power for the duration of T, which represents the average power consumption.
In Figure 5, the influence of ρ on P SST of the precoded and intuitive schemes based on PS policy is given, and the average power consumption is also discussed. First, we can find out from Figure 5a that the closed form expression of P SST of Pre-PS coincides with the simulation result perfectly. For the transmissions of Pre-PS, P i /σ 2 i |h iR | 2 (i ∈ {S, D}) is set to be 17 dB. We can see from Figure 5b that the average transmit SNR of Pre-PS at D during T is almost the same as that of Int-PS, which is 20 dB. The average transmit SNR of Pre-PS at S increases as ρ increases, and approaches 20 dB when ρ > 0.6. From Figure 5, we find out that Pre-PS outperforms Int-PS in terms of P SST when the average power consumptions of both are similar. In addition, it is necessary to state that P SST of Pre-PS decreases dramatically and becomes worse than Int-PS when ρ approaches zero. This is mainly because the probability of the event P I2 ≤ Γ decreases dramatically and converges to zero when the value of ρ goes to zero, which can be found easily from (31).
In Figure 6, the influence of different channel qualities on P SST is shown and the average power consumption is discussed. In the simulation , g SR and g RD increases so that α increases. We can see from Figure 6a that the analytical result of Pre-Ps is in excellent agreement with the simulation result of Pre-PS. The value of P SST of Pre-PS increases and converges to 1 quickly as α increases, while the situation is opposite for Int-PS. The reason is as follows. The increasing of α means better channel condition for the S − R and R − D links. As the transmit SNR for Int-PS is fixed, better channel quantity of S − R and R − D links would result in higher probability of interrupting the primary receiver in the second phase, which makes P SST get worse for Int-PS. In Pre-PS, the transmit power from S and D is adjusted according to the channel quality of S − R and R − D links, respectively. Therefore, the average transmit power from S and D of Pre-PS decreases as α increases as shown in Figure 6b. When α becomes larger, it is less possible to interfere the primary receiver in the first phase, and P SST of Pre-PS increases accordingly.

Discussion on the Effect of Power Splitting Ratio
From the above simulation results, we find out that Pre-PS outperforms Int-PS in terms of P SST under the similar average power consumption, and P SST is not sensitive to the changes of ρ. Since P SST only reflects the probability that a positive secrecy rate (Rs) is achieved under the primary interference constraint, although P SST almost stays the same when ρ > 0.2, it is interesting to see whether there is a certain ρ to maximize the achievable secrecy rate while maintaining the maximum P SST . Therefore, in Figure 7, we study the effect of ρ on the achievable secrecy rate of Pre-PS in the CIoT network.
As depicted in Figure 7, it is clear that the average Rs for ρ = 0.5 is better than that for ρ = 0.9, while the value of P SST keeps the same for ρ = 0.5 and ρ = 0.9. In the simulations, the optimal ρ is obtained by computer searching. Specifically, for each α, searching the optimal value of ρ to maximize Rs while satisfying the interference constraints. The average Rs for the optimal ρ is the best among those for different values of ρ. We should notice that the average Rs for ρ = 0.5 is almost the same as that for the optimal ρ when α < 10, and it is slightly worse than the optimal Rs when α becomes even larger. Therefore, in the following simulations regarding Pre-PS, ρ is set to 0.5.

Comparison between Int-TS and Pre-TS
In this subsection, we will compare Int-TS and Pre-TS in terms of P SST , and discuss the influence of the time splitting factor τ and the channel gain factor α on P SST . The transmit SNRs at S and D are denoted as for Int-PS and 2|h DR | 2 σ 2 for Pre-PS, respectively. In Figure 8a, we compare P SST versus τ for both Int-TS and Pre-TS, in which simulation and analytical results about P SST are coincident for Pre-TS. Figure 8b shows the average power consumption during T at S and D for both Int-TS and Pre-TS. From Figure 8, one can see that Pre-TS outperform Int-TS in terms of P SST when the average power consumption of both is similar. When ρ approaches zero, P SST of Pre-TS decreases dramatically and becomes worse than that of Int-TS. This is mainly because the probability of the event P I2 ≤ Γ converges to zero when the value of ρ converges to zero, which can be seen easily from (59). From Figure 8a, we can see that there is an initial increase in P SST of Int-TS and Pre-TS as τ increases from zero, and then a fall in P SST when τ further increases from 0.4. The reason is that the relay harvests more energy as τ increases, and this in turn increases the relay's transmit power. In this way, the information reception at the destination is improved and the received signal strength at the relay is degraded. However, once τ crosses a certain value, higher transmit power from the relay may break the primary interference constraint, and the poor signal strength at the relay delivers a negative effect on the secrecy rate. In the following simulations, τ = 0.3 is used for Int-TS and Pre-TS. The influence of α on P SST is discussed in Figure 9a, and the average transmit power consumptions by S and D are given in Figure 9b. A similar situation as in Figure 6 can be found in Figure 9, where P SST increases as α increases for Pre-TS and decreases as α increases for Int-TS. This phenomenon can be explained in a similar way as in Figure 6. Since the transmit SNR for Int-TS is fixed, better channel quantity of S − R and R − D links would result in a higher possibility of interrupting the primary receiver in the second phase, which makes P SST get worse for Int-TS. However, the transmit power from S and D of Pre-TS is adjusted according to the channel quality of S − R and R − D links, respectively, so that the average transmit power of Pre-TS decreases as α increases, as shown in Figure 9b. Therefore, it is less possible to interfere the primary receiver in the first phase when α becomes larger, and P SST of Pre-TS increases as α increases. From Figure 9b, we can see that D always consumes more power than S for both Int-TS and Pre-TS, since it has to transmit power for energy harvesting in the period of τT.

Comparison between Pre-PS and Pre-TS
From the above discussion, we can see that the precoded secure scheme is better than the intuitive secure scheme based on both PS and TS policies. In this subsection, we compare the precoded schemes based on PS policy and TS policy, and mainly focus on the effects of the splitting factor ρ, τ, and interference temperature threshold Γ.
As shown in Figure 10a, P SST initially increases and converges to a certain value eventually with the increase of ρ for Pre-PS. While for TS policy, P SST decreases gradually when τ is greater than a specified value. However, the maximum achievable values of P SST for Pre-PS and Pre-TS are the same. In addition, one can see that larger interference tolerance at the primary receiver results in better performance of P SST . It can be found in Figure 10b that less power consumption happens at S for Pre-TS as the splitting factor increases. When Pre-PS and Pre-TS achieve the same maximum value of P SST , the power consumption of S of Pre-TS is obviously lower than that of Pre-PS. Therefore, Pre-TS is more desirable than Pre-PS considering the energy constraint of the IoT device.

Conclusions
We have investigated the secrecy performance of a CIoT network where the secondary system utilizes a wireless EH untrusted node to help the transmission of the IoT device. Since the secondary destination can be equipped with adequate power supply, different secure schemes based on destination-aided jamming have been designed. The secrecy performance of the proposed secure schemes are evaluated in terms of P SST , which is defined as the probability that the interference constraint of the primary user is satisfied and the secrecy rate is positive. The closed form of P SST for the precoded secure schemes based on PS and TS policies have been derived. The simulation results are coincident with the derived closed-form expressions perfectly, which validate the theoretical analysis presented in this paper. The numerical results reveal that, under similar transmit power consumption, the precoded secure schemes outperform the intuitive secure schemes in terms of P SST . The precoded secure scheme based on TS policy is more energy efficient than that based on PS policy. Some useful design insights can be found from the numerical study of P SST under different system parameters. For example, P SST based on PS policy is not sensitive to the PS ratio ρ when ρ > 0.2, and an optimal ρ maximizing the achievable secrecy rate can be found under the P SST constraint. The time splitting ratio τ in the TS policy shows both beneficial and harmful influences on the secure performance, and the optimal τ in the TS policy that maximizes P SST can be found.
As we know, an IoT network consists of a great number of IoT devices. In this paper, the secrecy performance is investigated for a fundamental scenario where a single secondary communication link is considered. It is of interest and importance to investigate practical scenarios where numerous IoT devices are expected. After we have evaluated the secrecy performance of the fundamental scenario, we can further study more practical scenarios that could involve power allocation and user scheduling designs. In our future work, we plan to study the secure communication of multiple IoT devices and secure multi-hop communication in an IoT network.

Conflicts of Interest:
The authors declare no conflict of interest.

Abbreviations
The following abbreviations are used in this manuscript:

IOT
The