Andrew A. Adekunle

Simulating and modelling the impact of security constructs on latency for open loop control

Open loop control has commonly been used to conduct tasks for a range of Industrial Control Systems (ICS). ICS however, are susceptible to security exploits. A possible countermeasure to the active and passive attacks on ICS is to provide cryptography to thwart the attacker by providing confidentiality and integrity for transmitted data between nodes on the ICS network; however, a drawback of applying cryptographic algorithms to ICS is the additional communication latency that is generated. The proposed solution presented in this paper delivers a mathematical model suitable for predicting the latency and impact of software security constructs on ICS communications. The proposed model has been tested and validated against a software simulated open loop control scenario, the results obtained indicate on average a 1.3 percentage difference between the model and simulation.

A Cluster-Based Approach to Consensus Based Distributed Task Allocation

This paper presents a novel extension to the Consensus-Based Bundle Algorithm (CBBA), which we have named Cluster-Formed Consensus-Based Bundle Algorithm (CFCBBA). CF-CBBA is designed to reduce the amount of communication required to complete a distributed task allocation process, by partitioning the problem and processing it in parallel clusters. CF-CBBA has been shown, in comparison with baseline CBBA, to require less communication when allocating tasks. Three key aspects of task allocation have been investigated, (a) the time taken to allocate tasks, (b) the amount of communication necessary to satisfy the requirements of distributed task allocation algorithms such as CBBA, and (c) the efficiency with which a collection of tasks (a mission) is completed by a group of robots (a collective).

Study of two security constructs on throughput for Wireless Sensor multi-hop Networks

With the interconnection of devices becoming more widespread in society (e.g. internet of things), networked devices are used in a range of environments from smart grids to smart buildings. Wireless Sensor Networks (WSN) have commonly been utilised as a method of monitoring a set processes. In control networks WSN have been deployed to perform a variety of tasks (i.e. collate and distribute data from an event to an end device). However, the nature of the wireless broadcast medium enables attackers to conduct active and passive attacks. Cryptography is selected as a countermeasure to overcome these security vulnerabilities; however, a drawback of using cryptography is reduced throughput. This paper investigates the impact of two software authenticated encryption with associated data (AEAD) security constructs on packet throughput of multiple hop WSN, being counter with cipher block chaining and message authentication code (CCM) and TinyAEAD. Experiments were conducted in a simulated environment. A case scenario is also presented in this paper to emphasise the impact in a real world context. Results observed indicate that the security constructs examined in this paper affect the average throughput measurements up to three hops.

Balancing throughput and latency for an aerial robot over a wireless secure communication link

With the requirement for remote control of unmanned aerial vehicles (UAV) becoming more frequent in scenarios where the environment is inaccessible or hazardous to human beings (e.g. disaster recovery); remote functionality of a UAV is generally implemented over wireless networked control systems (WNCS). The nature of the wireless broadcast allows attackers to exploit security vulnerabilities through passive and active attacks; consequently, cryptography is often selected as a countermeasure to the aforementioned attacks. This paper analyses simulation undertaken and proposes a model to balance the relationship between throughput and latency for a secure multi-hop communication link. Results obtained indicate that throughput is more influential up to two hops from the initial transmitting device; conversely, latency is the determining factor after two hops.

An efficient authenticated-encryption with associated-data block cipher mode for wireless sensor networks

This paper begins by presenting an analysis of the current generic schemes utilising block cipher design techniques for the provision of authenticated encryption with associated data (AEAD) security services in communication protocols. Such protocols are commonly applied in wireless sensor networks. The conclusions of this analysis are used in the design of a resourceful AEAD construct, which we term Simultaneous Combined Mode Algorithm (SCMA). Using software simulation we show that our construct can achieve improvements in processing energy requirement, processing latency and data throughput when benchmarked against the analysed schemes.

On Efficient Data Integrity and Data Origin Authentication for Wireless Sensor Networks Utilising Block Cipher Design Techniques

Analysis of the generic attacks and countermeasures for block cipher based message authentication code algorithms (MAC) in sensor applications is undertaken; the conclusions are used in the design of two new MAC constructs Quicker Block Chaining MAC1 (QBC-MAC1) and Quicker Block Chaining MAC2 (QBC-MAC2). Using software simulation we show that our new constructs point to improvements in usage of CPU instruction clock cycle and energy requirement when benchmarked against the de facto Cipher Block Chaining MAC (CBC-MAC) based construct used in the TinySec security protocol for wireless sensor networks.

A novel block cipher design paradigm for secured communication

Unmanned aerial vehicles (UAV) are commonly used to conduct tasks (e.g. monitor and surveillance) in various civilian applications from a remote location. Wireless communications (i.e. radio frequency) are often used to remotely pilot the UAV and stream data back to the operator. The characteristics of the wireless communication channel allows attackers to monitor and manipulate the operation of the UAV through passive and active attacks. Cryptography is selected as a countermeasure to mitigate these threats; however, a drawback of using cryptography is the impact on the real-time operation and performance of the UAV. This paper proposes the Permutation Substitution Network (PSN) design paradigm with an instance presented which is the Alternative Advanced Encryption Standard (AAES) and analysis of its performance against the standardised Substitution Permutation Network (SPN) design paradigm the Advanced Encryption Standard (AES). Results indicate that using the PSN paradigm is a feasible approach in comparison to the SPN design paradigm.

A Resourceful Combined Block Cipher Mode of Operation for Packetised Network Communication

In this paper a combined block cipher mode of operation is presented that provides an efficient authenticated encryption with associated-data (AEAD) security service for packet-based network communication. Using software simulation we show that our construct, called CYPHER-C3, achieves improvements in processing energy requirement, processing latency and packet throughput when benchmarked against the NIST recommended Counter with Cipher Block Chaining Message Authentication Code (CCM) scheme and the de facto wireless sensor network TinySec-AE scheme.

SUPERMAN: Security Using Pre-Existing Routing for Mobile Ad hoc Networks

The flexibility and mobility of Mobile Ad hoc Networks (MANETs) have made them increasingly popular in a wide range of use cases. To protect these networks, security protocols have been developed to protect routing and application data. However, these protocols only protect routes or communication, not both. Both secure routing and communication security protocols must be implemented to provide full protection. The use of communication security protocols originally developed for wireline and WiFi networks can also place a heavy burden on the limited network resources of a MANET. To address these issues, a novel secure framework (SUPERMAN) is proposed. The framework is designed to allow existing network and routing protocols to perform their functions, whilst providing node authentication, access control, and communication security mechanisms. This paper presents a novel security framework for MANETs, SUPERMAN. Simulation results comparing SUPERMAN with IPsec, SAODV, and SOLSR are provided to demonstrate the proposed frameworks suitability for wireless communication security.

The Affect of Two Cryptographic Constructs on QoS and QoE for Unmanned Control Vehicles

Unmanned control vehicles are used for a variety of scenarios where the user can conduct a task from a remote location, scenarios include surveillance, disaster recovery and agricultural farming. The operation of unmanned vehicles is generally conducted over a wireless communication medium. The nature of the wireless broadcast allows attackers to exploit security vulnerabilities through passive and active attacks, consequently, cryptography is often selected as a countermeasure to the aforementioned attacks. This paper analyses simulation undertaken to identify the affect of cryptographic constructs on the Quality of Service (QoS) and Quality of Experience (QoE) of controlling an unmanned vehicle. Results indicate that standardised AEAD cryptographic approaches can increase the additional distance travelled by a unmanned vehicle over multiple hops communications up to 110 meters per second.