200 likes | 379 Views
Challenges of Implementing Cyber-Physical Security Solutions in Body Area Networks. Ayan Banerjee, Krishna Venkatasubramanian, Sandeep Gupta Dept. of Computer Science and Engineering School of Computing and Informatics Arizona State University Tempe, Arizona. Body Area Networks (BAN). EEG.
E N D
Challenges of Implementing Cyber-Physical Security Solutions in Body Area Networks Ayan Banerjee, Krishna Venkatasubramanian, Sandeep Gupta Dept. of Computer Science and Engineering School of Computing and Informatics Arizona State University Tempe, Arizona
Body Area Networks (BAN) EEG Sensors EKG BP • A network of low capability sensors (physiological, environmental and activity monitoring) • Sensors communicate with each other through wireless media • Base Station is a gateway for the sensors to the internet SpO2 Base Station Base Station Environmental sensors Physiological sensors Activity sensors Motion Sensor
Security in BAN • Why ? • BANs deal with sensitive information • Wireless media open to security breaches • Requirements • Integrity • Confidentiality • Authentication • Plug-n-Play • Non intrusive and low deployment overhead • Traditional Schemes not applicable • Can a cyber–physical approach provide the solution?
Cyber-Physical Security Use this to provide security Low Capability The term Cyber-physical implies interaction of computing world with the physical environment Interaction through sensing Feedback Signal Processing Cryptographic primitives Cyber-Physical Security
Related Work • The idea of using signals from environment to provide security was first proposed in [1] and [2] • [3] proposed an algorithm to generate security keys from localized measurements of Inter Pulse Interval signals. • In our previous work [4] we proposed a secure key agreement protocol PKA (Physiological value based Key Agreement) • S. Cherukuri, K. Venkatasubramanian, and S. K. S. Gupta. BioSec: A Biometric Based Approach for Securing Communication in Wireless Networks of Biosensors Implanted in the Human Body. pages 432–439, Oct 2003. In Proc. of Wireless Security & Privacy Workshop 2003. • K. Venkatasubramanian and S. K. S. Gupta. Security for Pervasive Health Monitoring Sensor Applications. pages 197–202, Dec 2006. In Proc. of the 4th Intl. Conf. on Intelligent Sensing & Information Processing. • C. C. Y. Poon, Y.-T. Zhang, and S.-D. Bao. A Novel Biometrics Method To Secure Wireless Body Area Sensor Networks for Telemedicine And M-Health. IEEE Communications Magazine, 44(4):73–81, 2006. • K. K. Venkatasubramanian, A. Banerjee, and S. K. S. Gupta. Plethysmogram-based secure inter-sensor communication in body area networks. Military Communications Conference, 2008. MILCOM 2008. IEEE, pages 1-7, Nov. 2008.
Contributions • Study the feasibility of implementation of CPS in BAN • Implement PKA – CPS in FPGA • Implementation challenges of CPS in the resource constrained environment of a BAN • Approach • PKA overview • Design Goals for implementation • Implementation details • Trade-offs in design goals
cfi,di PKA PV PV SENSOR 2 SENSOR 1 Sensing Sensing Time Time FFT Values FFT Values FFT FFT Index Index Peak Values Peak Values Peak Detection Peak Detection Index Index Quantize Quantize Fs = [fs1 fs2 …….. fsn] Fr = [fr1 fr2 …….. frn] p(fs1) Polynomial Generation and evaluation p(fs2) p(fsn) fs1 fsn fs2 Adding Chaff • Extensive experiments with Plethysmogram data • Data obtained from 10 volunteers • Data collected using Smith Medical pulse oximeter boards • Processing done in MATLAB environment Receive Vault R Transmit Vault Lagrangian Interpolation p(x) Receive Acknowledgement Transmit Acknowledgement
Design Goals • Accuracy: • Signal Processing require complex computation • Resource poor sensors in BAN force a lot of approximations • Approximations should not lead to loss of security • Minimum Resource Usage: • Resource limited BAN • Successful operation of a CPS would require resource utilization within limits • Latency: • Applications are often time critical • CPS may not provide high overheads
Implementation Details FFT Peak Detection Quantization Sender • Challenges • Floating Point representation • FFT implementation • Peak Detection • Polynomial Convolution Polynomial Evaluation Chaff Point Mixing Vault FFT Peak Detection Quantization Receiver Lagrangian Interpolator Vault
32 bit Integer Decimal Part N 00…….10110.111010010……0 Shift Left by 7 bits Decimal Part 32 bit Integer 01110100.10……0010 27 XN Remove decimal point and ignore decimal part 1011010110101101110100 32 bit Integer Floating Point Representation • Maximum Positive integer represented is 225 . • Overflow during polynomial evaluation and convolution may occur. • Strategies to overcome overflow : • Division before addition • Scaling down large numbers • IEEE 754 Floating Point Unit too resource expensive • Simpler implementation of Floating Point Unit required
Peak Detection 32 bit Comparator RegA Coeff3 Coeff2 Coeff1 A>B On block indicates clock input On block indicates reset that resets on 0 RegB Anywhere else indicates a connection Indicates 32 bit word Clock Slope Detector Threshold Detector 32 bit Comparator 32 bit Positive Edge Triggered Shift Register Bank 32 bit Subtractor RegB B-A RegA Threshold 12
Quantization Levels RegA RegA L1 Lm L2 Compute Levels L1 RegA L2 Ln Feature Generation & Vault Management Polynomial Evaluation Coefficient RegA Projections Calculate xn Multiplier Adder Chaff Point Generation & Mixing Features, Projections Chaff Points Vault Random Number Generator Mix
p+1 coefficients of polynomial A Lagrangian Interpolation p zeros BankA 0 0 0 32 bit Multiplier 32 bit Multiplier 32 bit Multiplier 32 bit Multiplier 32 bit Multiplier 32 bit Multiplier 32 bit Multiplier 32 bit Adder 32 bit Adder 32 bit Adder 32 bit Adder 32 bit Adder 32 bit Adder 32 bit Adder 0 BankB 0 0 p zeros p+1 coefficients of polynomial B Clock BankC 2p+1 coefficients of resultant polynomial C = convolution(A,B)
VHDL features compared with Matlab features Plot of the FFT coefficients calculated by VHDL and by Matlab 14 1 VHDL MATLAB MATLAB 0.9 VHDL 12 0.8 10 0.7 0.6 8 Peak Values FFT coefficient values 0.5 6 0.4 4 0.3 0.2 2 0.1 0 0 0 20 40 60 80 100 120 140 160 0 20 40 60 80 100 120 140 160 Peak Index FFT coefficient Index Compliance with design goals • Accuracy: • FFT computation percentage difference = 0.94 % • Peak detection had inaccuracies but it did not harm the operation of the protocol
Compliance with design goals • Minimal Resource Usage: • Memory footprint of a VHDL implementation as the number of bits that are being used by all the variables that are declared in the implementation. • Available memory footprint = 28 MB (XC18V02) Spartan 2 family • Latency: • The total time taken for the execution of PKA at the sender side is 32.2 msec and that on the receiver side is 59 msec after the measurement phase of the physiological signal (assuming 20 MHz clock).
Trade Offs Trade Offs • Accuracy vs. Minimal Resource Usage • IEEE 754 floating point unit not implemented • Limiting resource utilizations causes reduction in accuracy • We could set any polynomial order in Matlab benchmark however in the FPGA implementation there are restrictions. • Security complexity trade-off. • Latency vs. Minimal Resource Usage • Parallelized FFT implementation not considered • Single butterfly structure used for FFT operation • Latency increased (NlogN clock cycles required)
Conclusions • We showed the feasibility of implementation of CPS in BAN • Propose generic design goals • We bring out the implementation challenges of CPS in a BAN • Discuss trade-offs between the design goals • Implement PKA in motes
Software Implementation Inherent similarity in capabilities No support for floating point operations No support for Signal processing applications Advantages Only algorithmic specification of components suffice Has 32 bit fixed point ALU (gate level specification of components not required) Disadvantages Severely depleted of resources implementation Low RAM (10 KB) – efficient storage of chaff points necessary Low clock speed (8 MHz) Design decisions taken for VHDL are also applicable here. 20