Matthias Wählisch

RIOT OS: Towards an OS for the Internet of Things

The Internet of Things (IoT) is characterized by heterogeneous devices. They range from very lightweight sensors powered by 8-bit microcontrollers (MCUs) to devices equipped with more powerful, but energy-efficient 32-bit processors. Neither a traditional operating system (OS) currently running on Internet hosts, nor typical OS for sensor networks are capable to fulfill the diverse requirements of such a wide range of devices. To leverage the IoT, redundant development should be avoided and maintenance costs should be reduced. In this paper we revisit the requirements for an OS in the IoT. We introduce RIOT OS, an OS that explicitly considers devices with minimal resources but eases development across a wide range of devices. RIOT OS allows for standard C and C++ programming, provides multi-threading as well as real-time capabilities, and needs only a minimum of 1.5 kB of RAM.

Information centric networking in the IoT: experiments with NDN in the wild

This paper explores the feasibility, advantages, and challenges of an ICN-based approach in the Internet of Things. We report on the first NDN experiments in a life-size IoT deployment, spread over tens of rooms on several floors of a building. Based on the insights gained with these experiments, the paper analyses the shortcomings of CCN applied to IoT. Several interoperable CCN enhancements are then proposed and evaluated. We significantly decreased control traffic (i.e., interest messages) and leverage data path and caching to match IoT requirements in terms of energy and bandwidth constraints. Our optimizations increase content availability in case of IoT nodes with intermittent activity. This paper also provides the first experimental comparison of CCN with the common IoT standards 6LoWPAN/RPL/UDP.

Backscatter from the data plane - Threats to stability and security in information-centric network infrastructure

Information-centric networking (ICN) raises data objects to first class routable entities in the network and changes the Internet paradigm from host-centric connectivity to data-oriented delivery. However, current approaches to content routing heavily rely on data-driven protocol events and thereby introduce a strong coupling of the control to the data plane in the underlying routing infrastructure. In this paper, threats to the stability and security of the content distribution system are analyzed in theory, simulations, and practical experiments. We derive relations between state resources and the performance of routers, and demonstrate how this coupling can be misused in practice. We further show how state-based forwarding tends to degrade by decorrelating resources. We identify intrinsic attack vectors present in current content-centric routing, as well as possibilities and limitations to mitigate them. Our overall findings suggest that major architectural refinements are required prior to global ICN deployment in the real world.

Towards detecting BGP route hijacking using the RPKI

Prefix hijacking has always been a big concern in the Internet. Some events made it into the international world-news, but most of them remain unreported or even unnoticed. The scale of the problem can only be estimated. The Resource Publication Infrastructure (RPKI) is an effort by the IETF to secure the inter-domain routing system. It includes a formally verifiable way of identifying who owns legitimately which portion of the IP address space. The RPKI has been standardized and prototype implementations are tested by Internet Service Providers (ISPs). Currently the system holds already about 2% of the Internet routing table. Therefore, in theory, it should be easy to detect hijacking of prefixes within that address space. We take an early look at BGP update data and check those updates against the RPKI---in the same way a router would do, once the system goes operational. We find many interesting dynamics, not all can be easily explained as hijacking, but a significant number are likely operational testing or misconfigurations.

Global serverless videoconferencing over IP

In recent years the capabilities of the common Internet infrastructure have increased to an extent where data intensive communication services may mature to become popular, reliable applications. Videoconferencing over IP can be seen as such a highly prominent candidate. However, heavy infrastructure and complicated call handling hinder acceptance of standard solutions.This paper presents a more lightweight framework--both communication scheme and conferencing software--to overcome these deficiencies. A simple, ready-to-use global location scheme for conference users is proposed. First practical experiences are reported.

A FAST WAVELET-BASED VIDEO CODEC AND ITS APPLICATION IN AN IP VERSION 6-READY SERVERLESS VIDEOCONFERENCING SYSTEM

The purpose of this paper is twofold: On the one hand, we propose a fast wavelet-based video codec which is implemented into a real-time video conferencing tool. The proposed codec uses temporal frame difference coding, a computationally low-complex 5/3 tap wavelet transform, and a fast entropy coding scheme based on Golomb–Rice codes. On the other hand, we present an application of the video conferencing tool in a serverless peer-to-peer IP-based communication framework. For mobile communication we propose a simple, ready-to-use location scheme for video conference users in a global network.

Between underlay and overlay: On deployable, efficient, mobility‐agnostic group communication services

Purpose – This paper aims to discuss problems, requirements and current trends for deploying group communication in real‐world scenarios from an integrated perspective.Design/methodology/approach – The Hybrid Shared Tree is introduced – a new architecture and routing approach to combine network – and subnetwork‐layer multicast services in end‐system domains with transparent, structured overlays on the inter‐domain level.Findings – The paper finds that The Hybrid Shared Tree solution is highly scalable and robust and offers provider‐oriented features to stimulate deployment.Originality/value – A straightforward perspective is indicated in the paper for a mobility‐agnostic routing layer for future use.

A Distributed Test System Architecture for Open-source IoT Software

In this paper, we discuss challenges that are specific to testing of open IoT software systems. The analysis reveals gaps compared to wireless sensor networks as well as embedded software. We propose a testing framework which (a) supports continuous integration techniques, (b) allows for the integration of project contributors to volunteer hardware and software resources to the test system, and (c) can function as a permanent distributed plugtest for network interoperability testing. The focus of this paper lies in open-source IoT development but many aspects are also applicable to closed-source projects.

Topology Authentication in RPL

The Routing Protocol for Low-Power and Lossy Networks (RPL) is a proposed standard by the Internet Engineering Task Force (IETF). Although RPL defines basic security modes, it is still subject to topology attacks. VeRA is an authentication scheme which protects against attacks, based on the version number and rank. This work presents two rank attacks which are not mitigated by VeRA. In the first attack, the adversary can decrease its rank arbitrarily. Hence, it can impersonate even the root node. In the second attack, the adversary can decrease its rank to that of any node within its access range. We present an enhancement of VeRA to mitigate the first attack. Additionally, a basic approach for mitigating the second attack is introduced.

Towards an Ecosystem for Reproducible Research in Computer Networking

Reproducibility is key to rigorous scientific progress. However, many publications in the computer networks community lack support for reproducibility. In this paper, we argue that the lack is mainly rooted in the additional effort that authors need to spend, without expecting sufficient benefits. Based on our experience in both authoring reproducible research and reproducing publications, we propose an ecosystem that incentivizes authors and reproducers to invest additional effort. This ecosystem consists of various building blocks, which can be combined into venue-specific profiles. A key building block is the Reproducibility Challenge, which we suggest to co-locate with the annual SIGCOMM conference to leverage reproducibility research in practice.