Ida Maria Savino

An algorithm for reconnecting wireless sensor network partitions

In a Wireless Sensor Network, sensor nodes may fail for several reasons and the network may split into two or more disconnected partitions. This may deteriorate or even nullify the usefulness and effectiveness of the network. Therefore, repairing partitions is a priority. In this paper we present a method to repair network partitions by using mobile nodes. By reasoning upon the degree of connectivity with neighbours, a mobile node finds the proper position where to stop in order to re-establish connectivity. Factors influencing the method performance are singled out and criteria for their selection are discussed. Simulations show that the proposed method is effective and efficient notwithstanding packet loss.

An efficient key revocation protocol for wireless sensor networks

In this paper, we present a scalable and secure protocol for key revocation in wireless sensor networks. The protocol guarantees an authenticated distribution of new keys that is efficient in terms of storage, communication and computing overhead. The proposed protocol reduces the number and the size of rekeying messages. It achieves the necessary level of confidentiality and authenticity of rekeying messages by only using symmetric ciphers and one-way functions. Hence, the protocol results scalable, and particularly attractive for large and/or highly dynamic groups

S2RP: a Secure and Scalable Rekeying Protocol for Wireless Sensor Networks

Nowadays, small, low-cost sensor nodes are being widely used to build self-organizing, large-scale, wireless networks for various applications, such as environmental surveillance, health monitoring and so on. Given its unique features, protecting a wireless sensor network is a difficult challenge. In this paper, we present S2RP, a secure and scalable rekeying protocol for sensor networks. S2RP aims at a trade-off between security and resource consumption while it guarantees an authentic distribution of keys that preserves both forward and backward security. The proposed protocol is efficient in terms of communication overhead as it reduces the number and the size of rekeying messages. It is efficient in terms of computation overhead as it guarantees the necessary level of confidentiality and authenticity of rekeying messages by only using symmetric ciphers and one-way hash functions. It follows that S2 RP meets the reduced capabilities of sensor nodes, results scalable, and particularly attractive for large and/or highly dynamic groups

LARK: A Lightweight Authenticated ReKeying Scheme for Clustered Wireless Sensor Networks

Group communication has proven a powerful paradigm for designing applications and services in Wireless Sensor Networks (WSNs). Given the tight interaction between WSNs and the physical world, a security infringement may translate into a safety infringement. Therefore, in order to fully exploit the group communication paradigm we need to secure it. Traditionally, this requirement has been formalized in terms of backward and forward security and fulfilled by means of rekeying. In WSNs, group rekeying becomes particularly a complex problem because communication takes place over an easily accessible wireless medium and because sensor nodes have severe limitations in terms of computing, storage, energy, and tamper-resistance capabilities for cost reasons. In this article we present a Lightweight Authenticated ReKeying (LARK) scheme for clustered WSNs. LARK guarantees backward and forward security, is scalable in terms of communication overhead, and efficient in terms of computing overhead for key authentiticy verification. LARK achieves security, efficiency, and scalability by exploiting two basic well-known mechanisms, namely key graph and key chain, and integrating them in an original way. LARK supports a general group model where groups can be hierachical and partially overlapping. In contrast to other WSN group rekeying schemes, LARK considers grouping a tool for designing and implementing applications and services rather than for network management. Consequently, LARK receives a group topology reflecting the application needs and manages rekeying at single-group level. In the article we describe LARK, formally argue that it meets the backward and forward security requirements, and, finally, evaluate its performance in terms of communication, computing, and storage overhead in limited-resources sensor nodes.

Heterogeneous Wireless Multirobot System

A scalable platform for decentralized traffic management of a multi-agent system has been proposed. Safety of the platform is achieved with a cooperative conflict avoidance policy. Security of communications among vehicles with respect to potential external adversaries is obtained through use of cryptographic keys and rekeying policies. A prototypical implementation of the architecture has been described, and some experimental results have been reported.

Tolerating, Malicious Monitors in Detecting Misbehaving Robots

This paper considers a multi-agent system and focuses on the detection of motion misbehavior. Previous work by the authors proposed a solution, where agents act as local monitors of their neighbors and use locally sensed information as well as data received from other monitors. In this work, we consider possible failure of monitors that may send incorrect information to their neighbors due to spontaneous or even malicious malfunctioning. In this context, we propose a distributed software architecture that is able to tolerate such failures. Effectiveness of the proposed solution is shown through preliminary simulation results.

Repairing network partitions in Wireless Sensor Networks

The failure of sensor nodes could hinder the usefulness and the effectiveness of a WNS. In this paper we present a method to repair network partitioning by using a mobile node. By reasoning upon the degree of connectivity with neighbours, the mobile node finds the position where to deploy new sensor nodes in order to restore the network connectivity. Factors influencing the algorithm performance are discussed. Simulations show that the proposed method is effective and efficient not withstanding packet loss.

A Security Architecture for Reconfigurable Networked Embedded Systems

Nowadays, networked embedded systems (NESs) are required to be reconfigurable in order to be customizable to different operating environments and/or adaptable to changes in operating environment. However, reconfigurability acts against security as it introduces new sources of vulnerability. In this paper, we propose a security architecture that integrates, enriches and extends a component-based middleware layer with abstractions and mechanisms for secure reconfiguration and secure communication. The architecture provides a secure communication service that enforces application-specific fine-grained security policy. Furthermore, in order to support secure reconfiguration at the middleware level, the architecture provides a basic mechanism for authenticated downloading from a remote source. Finally, the architecture provides a rekeying service that performs key distribution and revocation. The architecture provides the services as a collection of middleware components that an application developer can instantiate according to the application requirements and constraints. The security architecture extends the middleware by exploiting the decoupling and encapsulation capabilities provided by components. It follows that the architecture results itself reconfigurable and can span heterogeneous devices. The security architecture has been implemented for different platforms including low-end, resource-poor ones such as Tmote Sky sensor devices.