Search Results (18)

In this paper, we present a multi-sensor platform for predictive maintenance featuring hybrid long-range (LoRa) and 5G connectivity. This hybrid approach combines LoRa’s low-power transmission for energy efficiency with 5G’s real-time data capabilities. The hardware platform integrates multiple sensors to monitor machine health parameters, with data analyzed on the device using pre-trained AI models to assess the machine’s condition. Inferences are transmitted via LoRa to the operator for maintenance scheduling, while a cloud application tracks and stores sensor data. Periodic sensor data bursts are sent via 5G to update the AI model, which is then delivered back to the platform through over-the-air (OTA) updates. We provide a comprehensive overview of the hardware architecture, along with an in-depth analysis of the data generated by the sensors, and its processing methodology. However, the data analysis and the software for ventilation control and its predictive capabilities are not the focus of this paper and are not presented. Full article

Embedded systems, particularly when integrated into the Internet of Things (IoT) landscape, are critical for projects requiring robust, energy-efficient interfaces to collect real-time data from the environment. As these systems become complex, the need for dynamic reconfiguration, improved availability, and stability becomes increasingly important. This paper presents the design of a framework architecture that supports dynamic reconfiguration and “on-the-fly” code execution in IoT-enabled embedded systems, including a virtual machine capable of hot reloads, ensuring system availability even during configuration updates. A “hardware-in-the-loop” workflow manages communication between the embedded components, while low-level coding constraints are accessible through an additional abstraction layer, with examples such as MicroPython or Lua. The study results demonstrate the VM’s ability to handle serialization and deserialization with minimal impact on system performance, even under high workloads, with serialization having a median time of 160 microseconds and deserialization having a median of 964 microseconds. Both processes were fast and resource-efficient under normal conditions, supporting real-time updates with occasional outliers, suggesting room for optimization and also highlighting the advantages of VM-based firmware update methods, which outperform traditional approaches like Serial and OTA (Over-the-Air, the ability to update or configure firmware, software, or devices via wireless connection) updates by achieving lower latency and greater consistency. With these promising results, however, challenges like occasional deserialization time outliers and the need for optimization in memory management and network protocols remain for future work. This study also provides a comparative analysis of currently available commercial solutions, highlighting their strengths and weaknesses. Full article

Although the U.S. makes up only 5% of the global population, it accounts for approximately 31% of public mass shootings. Gun violence and mass shootings not only result in loss of life and injury but also inflict lasting psychological trauma, cause property damage, and lead to significant economic losses. We recently developed and published an embedded system prototype for detecting gunshots in an indoor environment. The proposed device can be attached to the walls or ceilings of schools, offices, clubs, places of worship, etc., similar to smoke detectors or night lights, and they can notify the first responders as soon as a gunshot is fired. The proposed system will help to stop the shooter early and the injured people can be taken to the hospital quickly, thus more lives can be saved. In this project, a new custom dataset of blank gunshot sounds is recorded, and a deep learning model using both time and frequency domain features is trained to classify gunshot and non-gunshot sounds with 99% accuracy. The previously developed system suffered from several security and privacy vulnerabilities. In this research, those vulnerabilities are addressed by implementing secure Message Queuing Telemetry Transport (MQTT) communication protocols for IoT systems, better authentication methods, Wi-Fi provisioning without Bluetooth, and over-the-air (OTA) firmware update features. The prototype is implemented in a Raspberry Pi Zero 2W embedded system platform and successfully tested with blank gunshots and possible false alarms. Full article

The increasing connectivity and complexity of automotive systems require enhanced mechanisms for firmware updates to ensure security and integrity. Traditional methods are insufficient for modern vehicles that require seamless over-the-air (OTA) updates. Current OTA mechanisms often lack robust security measures, leaving vehicles vulnerable to attacks. This paper proposes an innovative approach based on the use of decentralized identifiers (DIDs) and distributed ledger technology (DLT) for secure OTA firmware updates of on-vehicle software. By utilizing DIDs for unique vehicle identification, as well as verifiable credentials (VCs) and verifiable presentations (VPs) for secure information exchange and verification, the solution ensures the integrity and authenticity of software updates. It also allows for the revocation of specific updates, if necessary, thereby improving overall security. The security analysis applied the STRIDE methodology, which enabled the identification of potential threats, including spoofing, tampering, and privilege escalation. The results showed that our solution effectively mitigates these threats, while a performance evaluation indicated low latency during operations. Full article

The rapid development and deployment of autonomous vehicles (AVs) present unprecedented opportunities and challenges in the transportation sector. While AVs promise enhanced safety, efficiency, and convenience, they also introduce significant cybersecurity vulnerabilities due to their reliance on advanced electronics, connectivity, and artificial intelligence (AI). This review examines the current state of cybersecurity in autonomous vehicles, identifying major threats such as remote hacking, sensor manipulation, data breaches, and denial of service (DoS) attacks. It also explores existing countermeasures including intrusion detection systems (IDSs), encryption, over-the-air (OTA) updates, and authentication protocols. Despite these efforts, numerous challenges remain, including the complexity of AV systems, lack of standardization, latency issues, and resource constraints. This review concludes by highlighting future directions in cybersecurity research and development, emphasizing the potential of AI and machine learning, blockchain technology, industry collaboration, and legislative measures to enhance the security of autonomous vehicles. Full article

The capacity to update firmware is a vital component in the lifecycle of Internet of Things (IoT) devices, even those with restricted hardware resources. This paper explores the best way to wirelessly (Over The Air, OTA) update low-end IoT nodes with difficult access, combining the use of unicast and broadcast communications. The devices under consideration correspond to a recent industrial IoT project that focuses on the installation of intelligent lighting systems within ATEX (potentially explosive atmospheres) zones, connected via LoRa to a gateway. As energy consumption is not limited in this use case, the main figure of merit is the total time required for updating a project. Therefore, the objective is to deliver all the fragments of the firmware to each and all the nodes in a safe way, in the least amount of time. Three different methods, combining unicast and broadcast transmissions in different ways, are explored analytically, with the aim of obtaining the expected update time. The methods are also tested via extensive simulations, modifying different parameters such as the size of the scenario, the number of bytes of each firmware chunk, the number of nodes, and the number of initial broadcast rounds. The simulations show that the update time of a project can be significant, considering the limitations posed by regulations, in terms of the percentage of airtime consumption. However, significant time reductions can be achieved by using the proper method: in some cases, when the number of nodes is high, the update time can be reduced by two orders of magnitude if the correct method is chosen. Moreover, one of the proposed methods is implemented using actual hardware. This real implementation is used to perform firmware update experiments in a lab environment. Overall, the article illustrates the advantage of broadcast approaches in this kind of technology, in which the transmission rate is constant despite the distance between the gateway and the node. However, the advantage of these broadcast methods with respect to the unicast one could be mitigated if the nodes do not run exactly the same firmware version, since the control of the broadcast update would be more difficult and the total update time would increase. Full article

The escalating advancement in Software-Defined Vehicles (SDVs) necessitates a formidable strategy for firmware updates, where traditional methods often fall short of guaranteeing absolute integrity. Although decentralization has been explored in studies for firmware integrity verification using blockchain technology, it lacks comprehensive validation in the context of automotive over-the-air (OTA) updates. By recognizing the limitations of current practices and the partial validation of decentralized approaches, such as blockchain, in the automotive sector, our study introduces a novel mechanism for firmware over-the-air (FOTA) updates. This mechanism is grounded in the widely adopted message queuing telemetry transport (MQTT) protocol, integral to the Internet of Things (IoT) domain, and leverages Merkle tree-based blockchain verification to fortify the fidelity and efficiency of firmware updates. Our proposed solution not only prioritizes the stability crucial to automotive OTA updates but also ensures that performance is not compromised. This dual focus on reliability and efficiency represents a significant stride forward in the development of secure, scalable SDV firmware update protocols. Full article

As the scale and complexity of software for industrial equipment increases, the risk of defects being introduced into the software also increases. Over-the-air (OTA) technology eliminates software defects by regularly updating and maintaining the software equipment. However, downloading an upgraded file is time-consuming. The differential compression algorithm can rapidly complete OTA software upgrades. To solve the low-efficiency problem of suffix array sorting in the BsDiff algorithm, a fusion algorithm based on the suffix array induced sorting and BsDiff methods was proposed to reduce the time consumption in the OTA upgrade process. The execution of the difference algorithm in the cloud was simulated using bench experiments. Subsequently, the function and performance of the proposed algorithm were experimentally evaluated. The results showed that the optimized algorithm could save more than 35% of the time compared to the original algorithm, which improved the OTA upgrade efficiency to a certain extent. Full article

The automotive industry is evolving, with software becoming a vital part of vehicles. Conventional automakers are shifting to software-centric entities, embracing over-the-air (OTA) updates and service-centric models. To move software-driven vehicles, the vehicle must also be electrified. Several automobile manufacturers are electrifying vehicle parts, and recently, a gear shift selector for automatic transmissions was adapted from mechanical to electronic. However, as conventional mechanical systems are modified to electrical systems, problems such as shift delay and accuracy emerge. This study addresses these problems that emerge in the electronic system type of automatic transmission, including a gear shift selector developed to electrify automobiles. Accordingly, we first analyze the structure of automatic transmission systems, then define the operation sequence. Next, a novel position control algorithm based on a disturbance observer is proposed to reduce shift delay and increase accuracy. The proposed algorithm operates harmoniously with the vehicle control unit (VCU). To verify the proposed algorithm, a hardware-in-the-loop simulation (HILS) was developed to experiment with vehicle shifting using a commercial electronic gear shift selector. Moreover, the proposed control algorithm for gear shifting in an automatic transmission was analyzed using experimental results obtained by assuming a specific driving situation in the HILS. Full article

Modern terminals are developing toward intelligence and ubiquitous connection. Such ICTs (intelligent connected terminals) interact more frequently with the outside world and expose new attack surfaces. IDSs (intrusion detection systems) play a vital role in protecting ICT security. Multi-attack IDSs that can cover both intra-terminal and inter-terminal networks are a promising research direction for improving detection accuracy and the strength of security protection. However, a major challenge is the frequent dynamic signature updates across the network boundary, which cause significant computational overheads and result in losses in detection performance. In light of this, we propose a novel IDS framework based on OTA (over-the-air) signature updates to implement multi-attack detection. It updates the attack signatures of the target ICTs and adds the new attack signatures to the signature database in order to minimize the local memory storage and computing resources. It employs a CNN (convolutional neural network) based on an auto-encoder to achieve multi-attack detection, which can ensure the detection accuracy of multi-attacks with the multiple classification function. We evaluated our framework on four types of real-world ICT attack data, drawing comparisons with four widely used IDS schemes, and demonstrated the non-negligible superiority of our scheme over all benchmarks in terms of accuracy, recall, precision, and F1-score. Our work represents an important step toward an IDS that can detect multi-attacks in both intra-terminal and inter-terminal networks. Full article

Over-the-air (OTA) updating is a critical mechanism for secure internet of things (IoT) systems for remotely updating the firmware (or keys) of IoT devices. Message queue telemetry transport (MQTT) is a very popular internet of things (IoT) communication protocol globally. Therefore, MQTT also becomes popular in facilitating the OTA mechanism in many IoT platforms, such as the Amazon IoT platform. In these IoT platforms, the MQTT broker acts as the message broker and as an OTA server simultaneously; in these broker-based OTA architectures, it is quite common that an IoT application manager not only uploads the new firmware/software to the broker but also delegates his signing authority on the firmware/software to the same broker. If the broker is secure and trusted, this OTA model works well; however, it incurs lots of security concerns if the broker is not fully trusted or if it is curious. Many MQTT deployments do not own their own brokers, but rely on a third-party broker, which sometimes is a freeware program or is maintained by a curious third party. Therefore, a secure OTA process should protect privacy against these brokers. This paper designs a novel MQTT-based OTA model in which an IoT application manager can fully control the OTA process through an end-to-end (E2E) channel. We design the model using MQTT 5.0’s new features and functions. The analysis shows that the new model greatly enhances security and privacy properties while maintaining high efficiency. Full article

In recent years, since edge computing has become more and more popular, its security issues have become apparent and have received unprecedented attention. Thus, the current research concentrates on security not only regarding devices such as PCs, smartphones, tablets, and IoTs, but also the automobile industry. However, since attack vectors have become more sophisticated than ever, we cannot just protect the zone above the system software layer in a certain operating system, such as Linux, for example. In addition, the challenges in IoT devices, such as power consumption, performance efficiency, and authentication management, still need to be solved. Since most IoT devices are controlled remotely, the security regarding system maintenance and upgrades has become a big issue. Therefore, a mechanism that can maintain IoT devices within a trusted environment based on localhost or over-the-air (OTA) will be a viable solution. We propose a mechanism called STBEAT, integrating an open-source project with ARM TrustZone to solve the challenges of upgrading the IoT system and updating system files more safely. This paper focuses on the ARMv7 architecture and utilizes the security stack from TrustZone to OP-TEE under the STM32 board package, and finally obtains the security key from the trusted application, which is used to conduct the cryptographic operations and then install the newer image on the MMC interface. To sum up, we propose a novel software update strategy and integrated ARM TrustZone security extension to beef up the embedded ecosystem. Full article

The Internet of Things (IoT) is being deployed to provide smart solutions for buildings, logistics, hospitals, and many more. It is growing with billions of connected devices. However, with such tremendous growth, maintenance and support are the hidden burdens. The devices deployed for IoT generally have a light microcontroller, low-power, low memory, and lightweight software. The software, which includes firmware and applications, can be managed remotely via a wireless connection. This improves flexibility, installation time, accessibility, effectiveness, and cost. The firmware can be updated constantly to remove known bugs and improve the functionality of the device. This work presents an approach to update firmware over-the-air (OTA) for constrained IoT devices. We used Narrowband IoT (NB-IoT) as the wireless communication standard to communicate between the managing server and devices. NB-IoT is one of the most promising low power wide area (LPWA) network protocols that supports more than 50k devices within a cell using a licensed spectrum. This work is a proof of concept demonstrating the usage of NB-IoT to update firmware for constrained devices. We also calculated the overall power consumption and latency for different sizes of the firmware. Full article

The vehicle-embedded system also known as the electronic control unit (ECU) has transformed the humble motorcar, making it more efficient, environmentally friendly, and safer, but has led to a system which is highly dependent on software. As new technologies and features are included with each new vehicle model, the increased reliance on software will no doubt continue. It is an undeniable fact that all software contains bugs, errors, and potential vulnerabilities, which when discovered must be addressed in a timely manner, primarily through patching and updates, to preserve vehicle and occupant safety and integrity. However, current automotive software updating practices are ad hoc at best and often follow the same inefficient fix mechanisms associated with a physical component failure of return or recall. Increasing vehicle connectivity heralds the potential for over the air (OtA) software updates, but rigid ECU hardware design does not often facilitate or enable OtA updating. To address the associated issues regarding automotive ECU-based software updates, a new approach in how automotive software is deployed to the ECU is required. This paper presents how lightweight virtualisation technologies known as containers can promote efficient automotive ECU software updates. ECU functional software can be deployed to a container built from an associated image. Container images promote efficiency in download size and times through layer sharing, similar to ECU difference or delta flashing. Through containers, connectivity and OtA future software updates can be completed without inconveniences to the consumer or incurring expense to the manufacturer. Full article

This paper aims to show that it is possible to improve security for over the air update functionalities in an automotive scenario through the use of a cryptographic scheme, called “Attribute-Based-Encryption” (ABE), which grants confidentiality to the software/firmware update done Over The Air (OTA). We demonstrate that ABE is seamlessly integrable into the state of the art solutions regarding the OTA update by showing that the overhead of the ABE integration in terms of computation time and its storage is negligible w.r.t. the other overheads that are introduced by the OTA process, also proving that security can be enhanced with a minimum cost. In order to support our claim, we report the experimental results of an implementation of the proposed ABE OTA technique on a Xilinx ZCU102 evaluation board, which is an automotive-oriented HW/SW platform that is equipped with a Zynq UltraScale+ MPSoC chip that is representative of the computing capability of real automotive Electronic Control Units (ECUs). Full article