Lecture3 - IoT Protocol Model Quiz

Questions and Answers

Which of the following is NOT considered a layer in the IoT Simplified Model?

Communication layer

Application layer

Device layer

Network layer (correct)

What is a primary reason traditional IT cloud computing models are unsuitable for IoT?

Universal device compatibility

Enhanced security protocols

High latency in connections (correct)

Improved cloud storage capabilities

Which protocol is specifically designed for resource-constrained devices in the IoT?

Hypertext Transfer Protocol (HTTP/HTTPS)

Transport Control Protocol (TCP)

Message Queuing Telemetry Transport (MQTT) (correct)

Constrained Application Protocol (CoAP) (correct)

Which of the following is a characteristic of Zigbee?

Based on IEEE 802.15.4 standard

Which of the following technologies operates at the device layer of the IoT Protocol Model?

Bluetooth Low Energy (BLE)

What is the primary function of the Coordinator in a Zigbee network?

To set up and manage the network

What is one advantage of using a mesh network over a star network?

Enhanced range and reliability through signal-hopping

Which type of device in a Zigbee network has reduced functionality and operates on battery power?

End-device

Which characteristic of Zigbee networks contributes to their power efficiency?

Limitation to low-power devices

Which of the following accurately describes the Constrained Application Protocol (CoAP)?

An open standard intended for small, constrained, intermittently powered devices

What are the three layers of the IoT Protocol Model?

Application layer, Communication layer, Device layer.

Why is storing and analyzing sensor data in the cloud impractical for IoT systems?

Due to limited bandwidth, high latency, and unreliable network backhaul.

Name a protocol used in the Application layer of the IoT Protocol Model that supports low-power devices.

ZigBee.

Explain how MQTT differs from HTTP/HTTPS in the context of IoT.

MQTT is a lightweight publish-subscribe protocol designed for resource-constrained devices, while HTTP/HTTPS is more robust for data transmission.

What is a characteristic of CoAP that makes it suitable for constrained devices in M2M networks?

CoAP is specialized for transmission of data by constrained devices, allowing efficient communication.

ZigBee uses high-power digital radios based on the IEEE 802.15.4 standard.

False

Latency can be very low in last-mile IoT networks, making them reliable.

False

The Constrained Application Protocol (CoAP) is designed for data transmission by constrained devices on M2M networks.

True

Storing and analyzing all sensor data in the cloud is practical for IoT systems.

False

Message Queuing Telemetry Transport (MQTT) is a lightweight publish and subscribe messaging protocol for resource-constrained devices.

True

Study Notes

IoT Protocol Model

• Traditional IT Cloud Computing Model is not suitable for IoT due to limited bandwidth, high latency, unreliable network backhaul, and impracticality of storing and analyzing sensor data in the cloud.

IoT Protocol Model - Simplified Model

• The course utilizes a combination of the functional layers of the IoT simplified model, overlaid with the TCP/IP model.

IoT Protocol Model - Application Layer

• ZigBee: Low-power, wireless personal area networks (WPANs) based on IEEE 802.15.4 standard. Supports mesh networks with up to 65,000 nodes, operating on 2.4 GHz.
• Hypertext Transfer Protocol (HTTP/HTTPS): Robust application protocols for data retrieval and posting.
• Message Queuing Telemetry Transport (MQTT): Lightweight messaging protocol for resource-constrained devices using TCP. It facilitates a publish and subscribe mechanism.
• Constrained Application Protocol (CoAP): Specialized protocol designed for data transmission by constrained devices on Machine-to-Machine (M2M) networks.

ZigBee

• Pros: Better remotes, secure, stable networks, multi-device, power-efficient, cost-effective
• Cons: Requires a hub, limited range, not every smart device supports Zigbee
• Different Roles: Coordinator (sets up the network, one per network), Router (full function devices, powered, non-battery, repeat/forward signal), End-Device (reduced function, battery powered, not repeat/forward signals)

CoAP

• Open IETF standard since June 2014.
• Based on web standards, integrates easily with HTTP.
• Designed for small, constrained, embedded, occasionally sleeping devices.
• Used by LoRaWAN, Sigfox, and NB-IoT - Low-power wide-area network (LPWAN) protocols for transmitting small payloads over long distances at low transfer rates.

IoT Protocol Model - Device Layer

• IEEE 802.15.4: Wireless networking technology for low-rate wireless personal area networks (LR-WPANs), facilitating communication between devices in various industrial and commercial environments.
• Advantages: Low cost, ease of implementation, reliable data transfer, short-range operation, very low power consumption.
• Disadvantages: Interference and multipath fading due to lack of frequency-hopping approach. Unbounded latency and susceptibility to interference.
• Device Classes:
  • Full Function Device (FFD): Supports any topology, capable of becoming a network coordinator, can communicate with any other device.
  • Reduced Function Device (RFD): Limited to star topology, cannot become a network coordinator, communicates only with a network coordinator.

Bluetooth Low Energy (BLE)

• Also known as Bluetooth Smart or Bluetooth 4.0.
• Operates in the 2.4 GHz ISM band like Bluetooth.
• Stays in sleep mode constantly, except during connection initiation.
• Used for applications with low data exchange requirements.

Near Field Communication (NFC)

• Based on RFID, offering faster data rates than UART or I2C.
• Effective for communication between devices on the same board or within a few feet.
• Similar security vulnerabilities as SPI and other serial communication methods.
• Attack Surface: Extracting sensitive information, Joint Test Action Group (JTAG) vulnerabilities.

Joint Test Action Group (JTAG)

• A protocol for testing and debugging.
• Attacker Exploitation: Reverse engineer microcontroller logic, extract firmware, potentially load malicious firmware.
• Specialized boards can assist with the process after gaining access to JTAG pins.

IoT Device Software Components

• Embedded Systems: Designed for specific functions within larger systems.
  • Controlled by a microcontroller, programmable for sensor-specific operations.
  • Sensors: Detect and trigger alarms based on predefined thresholds (e.g., smoke, motion, gas, temperature).
  • Microcontroller: Displays information on a screen, communicates with other computer equipment for monitoring.

Embedded Systems (Cont.)

• Microprocessors vs. Microcontrollers:
  • Both may share the same CPU.
  • Microcontrollers are self-contained, including features like flash memory, RAM, serial communications, and peripherals within the integrated circuit.

Operating Systems

• Embedded Operating System: Simplified operating systems, potentially directly programmed with machine code for the CPU. Stripped down versions of Linux are commonly used.
• Debugging: Different from typical PC software debugging.
  • PC: Development and debugging occur on the same processor.
  • Embedded System: Software is built outside the target environment. JTAG port is used for troubleshooting.

Compiled or Interpreted Code

• Compiled Code:
  • Source code is written in a text format and converted (compiled) into machine code for execution by the processor.
  • Compilation must be complete before the program is usable.
  • Changes require recompilation.
  • Examples: C, C++, Rust, Visual Basic.
• Interpreted Code:
  • Each instruction is executed sequentially by the interpreter, translating into machine code for the processor.
  • Debugging occurs at runtime.
  • Examples: Python, JavaScript, Perl, PHP.

Vulnerability Comparison of Compiled and Interpreted Code

• Interpreted code: More vulnerable due to text format storage, making modification easier for attackers.
• Compiled code: Potentially vulnerable if attackers use debuggers to replace machine code instructions with malicious code.
• Digital signatures: Compiled binaries can be digitally signed to verify integrity and prevent alterations.

Debug/Boot Mode

• Used to resolve system problems.
• Accessed through a keystroke combination or JTAG port if attackers have board access.
• Bypass authentication in these modes, posing security risks.
• Provides potential access to the system and opportunities to install backdoors.

Common IoT Operating Systems

• Busybox: Open-source, Linux-based operating system. Provides a command-line interface with a set of programs.
• Android Embedded: Lightweight Linux version primarily used in mobile devices, suitable for IoT applications. Prioritizes power efficiency and supports common IoT device processors.
• Commercial Options: VxWorks, Windows 10 IoT, ARM Mbed.

Hardware Security - FCC Database

• Investigate the FCC Database to examine hardware security aspects.

Chapter Summary

• IoT Device Hardware Components: OWASP has identified vulnerabilities for each attack surface within IoT systems.

IoT Simplified Model

• The IoT Simplified Model uses a combination of functional layers overlaid with the TCP/IP model.
• The model has three layers: Application, Communication, and Device.

IoT Protocol Model - Application Layer

• Zigbee is a suite of protocols based on the IEEE 802.15.4 wireless standard. It uses low-power digital radios for communication.
• Hypertext Transfer Protocol (HTTP/HTTPS) is a robust application protocol for getting and posting data.
• Message Queuing Telemetry Transport (MQTT) is a lightweight publish and subscribe messaging protocol designed for resource-constrained devices.
• Constrained Application Protocol (CoAP) is a specialized application protocol designed for data transmission on M2M networks.

Zigbee

• Zigbee enables communication in low-power, wireless personal area networks (WPANs).
• Zigbee devices use the IEEE 802.15.4 protocol, operating on the 2.4 GHz frequency.
• Zigbee networks can have up to 65,000 nodes.
• Zigbee devices have different roles: Coordinator, Router, and End-Device.
• Coordinator sets up the network.
• Router can repeat and forward signals.
• End-Device is battery-powered and has limited functionality.

IoT Protocol Model - Communication Layer

• Thread uses IPv6 for routing over an IEEE 802.15.4 wireless network.
• Transport Control Protocol (TCP) guarantees data delivery through synchronization and acknowledgment messages.
• UDP is a lightweight, unreliable transport protocol with no guaranteed data delivery.
• RPL is a routing protocol for low-power and lossy networks.
• IPv6 has a 128-bit addressing space with a vast number of unique addresses.
• 6LoWPAN is an IETF standard for IPv6 Low-power Wireless devices in a Personal Area Network, allowing IPv6 to conform to the IEEE 802.15.4 standard.

IoT Device Hardware Components

• Hardware vulnerabilities include physical access, reverse engineering, and insecure hardcoding.
• Attackers could extract sensitive information through physical access.
• Joint Test Action Group (JTAG) protocol can be used to reverse engineer the microcontroller logic and extract firmware.

IoT Device Software Components

• Embedded systems are designed for specific functions within larger systems.
• Embedded systems use microcontrollers and sensors.
• Embedded systems can be programmed using compiled or interpreted code.
• Compiled code is converted into machine code, while interpreted code is executed instruction by instruction.
• Interpreted code is more vulnerable to modifications due to its text format.

Debug/Boot Mode

• Debug/boot mode allows access to the system for debugging and troubleshooting.
• Attackers could exploit debug/boot mode to bypass authentication and gain access to the system.

Common IoT Operating Systems

• IoT devices often use trimmed-down versions of operating systems.
• Open source operating systems like Busybox and Android Embedded are commonly used.
• Commercial options like VxWorks, Windows 10 IoT, and ARM Mbed are also available.

Chapter Summary

• The chapter explores the structure and security of IoT systems.
• Hardware and software components, protocols, and vulnerabilities are discussed.
• The chapter also highlights the importance of security considerations for IoT devices.

IoT Protocol Model

• The IoT Protocol Model uses a combination of functional layers and TCP/IP model.
• Application Layer: includes protocols like Zigbee, HTTP, HTTPS, MQTT, and CoAP.
• Communication Layer: includes protocols such as Thread, TCP, UDP, RPL, and IPv6.
• Device Layer: includes protocols such as 6LoWPAN, IEEE 802.15.4, Bluetooth Low Energy (BLE), Wi-Fi, Near Field Communication (NFC), and Cellular.

Zigbee

• A suite of protocols based on IEEE 802.15.4 wireless standard.
• Uses low-power digital radios.
• Supports mesh networks with up to 65,000 nodes, communicating using radio transceivers.
• Operates on the IEEE 802.15.4 protocol, over 2.4 GHz.
• Low power consumption limits transmission distances to 10–100 meters.

Zigbee - Pros and Cons

• Pros: Better remotes, secure, stable networks, multi-device, power-efficient, cost-effective.
• Cons: Requires a hub, limited range, not all smart devices support Zigbee.

Message Queuing Telemetry Transport (MQTT)

• A lightweight publish and subscribe messaging protocol.
• Designed for resource-constrained devices.
• Uses TCP.

Constrained Application Protocol (CoAP)

• Specialized application protocol designed for transmission of data by constrained devices on M2M networks.
• Open IETF standard since June 2014.
• Based on web standards and integrates easily with HTTP.
• Designed for small, constrained, embedded, occasionally sleeping devices.

Routing Protocol for Low-Power and Lossy Networks (RPL)

• Creates a Destination Oriented Directed Acyclic Graph (DODAG).
• Contains a single path from each leaf node to the root.
• All nodes forward traffic to the root node.
• The root node handles Destination Advertisement Object (DAO) and DODAG Information Requests (DIS).
• RPL nodes can be stateless.

6LoWPAN

• Stands for IPv6 Over Low-Power Wireless Personal Area Network.
• Encapsulates long IPv6 headers in small IEEE802.15.4 packets.
• Supports addresses of different lengths, low bandwidth, and different topologies.
• Designed for power consumption, low cost, scalable networks, mobility, unreliability, and extended downtime.

IEEE 802.15.4

• Standard for low-rate wireless personal area networks that is meant to be used by low-cost, low-speed devices.

Bluetooth Low Energy (BLE)

• Wireless personal area network protocol using the 2.4 GHz radio frequency.
• Provides reduced power consumption without sacrificing range.

Wi-Fi

• Collection of IEEE 802.11 standards for wireless local area networks (WLANs) operating in the 2.4 GHz and 5 GHz frequencies.

Near Field Communication (NFC)

• Collection of protocols for device-to-device communications when the devices are very close to one another.

Cellular

• Collection of cellular technologies covered by the 3rd Generation Partnership Project (3GPP) such as 4th generation (4G), LTE, and 5th generation (5G).

Joint Test Action Group (JTAG)

• A protocol used for testing and debugging.
• Attackers can potentially use this to:
  • Reverse engineer logic for the microcontroller.
  • Extract the firmware and possibly load malicious firmware.

Embedded Systems

• Designed for specific function within a larger system.
• All operations are controlled by a microcontroller.

Embedded Systems - Software Components

• Microcontroller can be programmed for the sensors unique to the installation.
• Sensors such as smoke, motion, gas, and temperature sensors trigger an alarm if exceeding the thresholds set for the specific sensor.
• Microcontroller can display information on a screen, communicate with other computers for monitoring.

Embedded Systems - Microprocessors

• A microprocessor and microcontroller might have the same CPU.
• Microcontroller-based system is self-contained, including flash memory, RAM, serial communications, and other peripherals.

Embedded Operating System

• Can be programmed directly using the machine code for the CPU.
• Stripped down versions of Linux are commonly used.
• Debugging process is different than typical PC software debugging; developers use the JTAG port to track down software issues.

Compiled vs Interpreted Code

• Compiled Code: Source code is written in a format that is readable with a text editor and then converted (compiled) into machine code.
  • Examples: C, C++, Rust and Visual Basic.
• Interpreted Code: Each instruction is executed one after another and the interpreter translates the instruction into a form of machine code.
  • Examples: Python, JavaScript, Perl, and PHP.

Compiled vs Interpreted Code - Vulnerability

• Interpreted code is easier to modify by attackers because it is stored in a text format.
• Compiled code can be altered by attackers using a debugger, potentially replacing machine code instructions with malicious code.
• Digital signatures can be used to verify that a compiled code hasn’t been altered.

Debug/Boot Mode

• Can sometimes be accessed using a keystroke combination.
• Attackers can use the JTAG port to gain access.
• Authentication can be bypassed while in debug/boot mode.
• Attackers could potentially install backdoors.

Common IoT Operating Systems

• IoT devices typically use a trimmed down version of an operating system.
• Options include:
  • Busybox: Open source, uses a Linux kernel. Provides a set of programs that can be executed from the command line.
  • Android Embedded: Lightweight Linux version primarily used in mobile devices but can be used for IoT devices. Designed to reduce power consumption and works with common processors used in IoT devices.
  • Commercial options: VxWorks, Windows 10 IoT, and ARM Mbed.

Hardware Security

• OWASP has compiled a list of vulnerabilities that should be addressed for each attack surface within the IoT system.

Description

This quiz explores the IoT Protocol Model, covering essential aspects such as limitations of the traditional IT cloud computing model and the application layer protocols like ZigBee, HTTP/HTTPS, MQTT, and CoAP. Dive into the intricacies of these protocols and their roles in supporting efficient IoT functionality.