Changes between Version 14 and Version 15 of SCU


Ignore:
Timestamp:
Oct 6, 2010, 9:34:49 AM (14 years ago)
Author:
fornasiero
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • SCU

    v14 v15  
    1111
    1212Updating the code running on Wireless Sensor Network (WSN) nodes is a necessary service, which can be used to remove bugs or to add new functionalities after the sensors have been deployed.
     13
    1314In open, public, untrusted, or even hostile environments, protecting the code update operation against adversarial interference is an essential requirement. Otherwise, an insecure code update may provide an adversary with a backdoor rendering any security mechanism useless, and may even become a serious risk for the owner.
     15
    1416There are mainly three security aspects to be considered in the desing of a Secure Code Update (SCU) mechanism. First, a SCU mechanism shall only allow the load of authentic code images into the nodes' memory. Second, a SCU mechanism must detect the dissemination of a modified or corrupted code image as early as possible. The need is to avoid unnecessary energy consumption due to the propagation of a corrupted image over multiple hops and to the re-transmission of its pages. Finally, a SCU mechanism must keep the secrecy of a code image being disseminated. The need is to prevent eavesdroppers from gaining information on the content of the code image.
    1517
     
    4951
    5052* First of all, open a shell console in this folder and init the environment variables executing
    51 
     53{{{
    5254        source init_variables.sh
    53 
     55}}}
    5456* Then you can compile the tools used for Secure Code Update, executing
    55 
     57{{{
    5658        java net.tinyos.signet.SecureSynapseInterface -compile-tools
    57 
     59}}}
    5860* Now the nodes of the network can be deployed,  i.e., the keys necessary for security operations must be installed in the nodes' external flash memory, and the Synapse bootloader along with SecureSynapse must be installed in the nodes' application flash memory. The command to execute is
    59 
     61{{{
    6062        java net.tinyos.signet.SecureSynapseInterface -deploy <auth. security param.> <T-TimeSA T parameter> <encryption security param> <DoS protection security param> [-keep-keys] [-use-authentication] [-use-encryption] [-use-dos-protection]
    61 
    62         A typical setting is -deploy 80 30 128 128 -use-authentication -use-encryption -use-dos-protection.
    63 
    64         This command will generate the keys, and install all necessary stuff on the nodes detected by motelist command. The keys will be stored in the following files: $HOME/synapse-secret-keys.xml , $HOME/synapse-public-keys.bin .
     63}}}
     64        A typical setting is {{{ -deploy 80 30 128 128 -use-authentication -use-encryption -use-dos-protection}}}.
     65
     66        This command will generate the keys, and install all necessary stuff on the nodes detected by motelist command. The keys will be stored in the following files: {{{$HOME/synapse-secret-keys.xml}}} , {{{$HOME/synapse-public-keys.bin}}} .
    6567        These nodes will be given an id starting from 1, in order of serial number.
    6668
    6769
    6870* Now all nodes can be disconnected from the pc, keeping the base station connected. If more than 1 nodes are connected, the one with the minimum serial number will be used as a base station. The command to execute in order to start the dissemination is
    69        
     71{{{     
    7072        java net.tinyos.signet.SecureSynapseInterface -dissem <application path> <block size> <application id> [-use-key-refresh [-low-overhead]] [-format-nodes] [-format-bs] [-use-authentication] [-use-encryption] [-use-dos-protection]
    71 
    72         Block size MUST currently be set to 800 to match Synapse configuration. Application path points to the directory containing the "build" directory of the application to disseminate. Application ID is a hexadecimal, 16-bit long, user-defined ID. If "-use-key-refresh" option is given, some keys are disseminated in order to replace the keys used for the signature. If "-low-overhead" option is given, just a fraction of the keys are updated, in order to minimize the overhead.
    73         Nodes must be formatted after deployment, using the "-format-nodes" option. The base station must be formatted at least the first time, using the option "-format-bs".
     73}}}
     74        Block size MUST currently be set to 800 to match Synapse configuration. Application path points to the directory containing the "build" directory of the application to disseminate. Application ID is a hexadecimal, 16-bit long, user-defined ID. If {{{-use-key-refresh}}} option is given, some keys are disseminated in order to replace the keys used for the signature. If {{{-low-overhead}}} option is given, just a fraction of the keys are updated, in order to minimize the overhead.
     75        Nodes must be formatted after deployment, using the {{{-format-nodes}}} option. The base station must be formatted at least the first time, using the option {{{-format-bs}}}.
    7476
    7577        So a typical setting for the first invocation of this command is
    76 
     78{{{
    7779        java net.tinyos.signet.SecureSynapseInterface -dissem <app path> 800 1 -format-bs -format-nodes -use-authentication -use-encryption -use-dos-protection
    78 
     80}}}
    7981        The application to disseminate will be transfered to the base station node, SecureSynapse will be installed and first of all the nodes will be formatted, then the dissemination will start. When the dissemination finishes, the disseminated application will be loaded.
    8082