A Secure and Reliable S mart Home Guoping
A Secure and Reliable S mart Home Guoping Wang Department of ECE Purdue University Fort Wayne
Presentation Outline: ● ● ● Project Objective Introduction to Io. T Project Requirements Contraints Components for the project ● Secure Features ● Summary ● Future Research 2
Project objective: The goal of the project was to create a Secure and Reliable Io. T Smart House that can monitor specific criteria, as well as control specific devices. The user will be notified of specified changes in the monitored data. 3
Internet of Things: The Internet of Things (Io. T) is the internetworking of physical devices, vehicles (also referred to as "connected devices" and "smart devices"), buildings, and other items —embedded with electronics, software, sensors, actuators, and network connectivity that enable these objects to collect and exchange data. Io. T allows objects to be controlled and gather information remotely across the already established network. 4
Project Requirements: ● A Smart Home with the capability of monitoring the state of the house ● Users should be able to easily make use of the Smart Home through a web application ● The ability to notify the user of changes in the house state ● The ability to control devices within the Smart Home from the web ● Data sent to and from the Smart Home should be 5
Constraints Implemented Smart Devices: ● ● Humidity Sensor Temperature Sensor Motion Detector Light Control System Backups: ● Battery Power 6
Component Definition Hardware Server Web Application Raspberry Pi Model B Mosquitto (MQTT) HTML/Javascript ● Control and monitor each sensor independently ● Send data to server for user access ● Ensure secure and accurate data transmission ● Fast and efficient message format ● MQTT libraries available for efficient programing ● Enables user to access real time information 7
System Boundary 8
Interface Requirements Government Regulations ● FCC regulations to be followed Internet ● Ensure secure and reliable data transmission Power Grid ● Provide battery backup to limit down time Sensor Interface ● System that allows sensors to work together 9
Design Verification and Validation ● Initial testing hardware - Raspberry Pi, Cloud MQTT, web client sample ● Goal is to establish a system where each component is controlled by the web client ● Successfully able to turn devices on and off with the appropriate commands ● Validation of design required us to prove that the system is able to adapt to technological change 10
Top Level Functional Requirements Create an IOT Smart Home System that can measure and control sensors Allow communication between devices and users Enable user to access current data ● Interconnected system of devices ● Raspberry Pi with sensors ● MQTT server ● Web application 11
●Raspberry Pi Allows multiple programs to be run at once Simplementation of even large systems Many GPIO connection pins 12
Mosquitto Open Source, Free Great degree of control Efficient message format 13
●Web application HTML/Javascript Libraries available for MQTT protocol Very easy to edit using notepad or notepad++ Universal, runs on most web browsers regardless of OS Small filesize 14
Planned Build Components connected together in an Internet of Things network: ● Sensors measure data to send to server ● Server controls flow of data between devices ● Web application connected to server to receive data and allow device control 15
Final Build ● Raspberry Pi, breadboard, and devices all within a single container ● Server implemented in separate Raspberry Pi ● Web client local to user, communicates with server through web 16
Device Hub Casing ● Wood casing to contain and protect devices ● Apertures for motion sensor and camera ● Wall power routed in through back ● Water sensor routed through top ● Sound sensor, RF transmitter, and power relay are internal ● Latch and hinged top for device access 17
Io. T System Diagram ● MCU Platform: Devices within the Smart Home ● Middle. Ware: MQTT Mosquitto server ● User App: HTML web interface 18
Test Execution Hardware: Software: ● Test accuracy of sensors ● Test camera quality ● Test RF transmission ● Test power loss detection and battery backup ● Test latency of device control ● Test and adjust volume of data ● Test user verification system ● Test system under high 19 load
Verification Results ● Water detection, RF transmission, power control, and camera worked completely to specification ● Motion sensor and sound sensor encountered various issues in sensitivity throughout testing ● Images and videos were perfectly sent with a time delay but had to be compressed below 2 MB 20
Secure Features: ● Firewall: The Raspberry Pi runs in Linux-based Raspbian Operating System. The firewall feature is activated which blocks certain kinds of network traffic, forming a barrier between a trusted an untrusted network. For our application, only Ports 8883 and 8884 are enabled for the communication. The port 8883 is for encrypted MQTT and 8884 is for MQTT encrypted with client certification required. Only certain ports are open and only certain applications are allowed. The 21 firewall can be easily configured and turned on and off.
Secure Features: ● Client Authentication : The MQTT broker is configured to require a valid username and password from a client before a connection is permitted. Both the Raspberry Pi and mobile APPs need to provide correct combinations of user name and password to establish a connection. The username/password combination is transmitted in clear text and is not secure without some form of transport encryption. However, this approach does provide an easy way of restricting access to a 22 broker and is probably the most common form of
Secure Features: ● Client Certification : For high level of security, TLS client certification is adopted in this Smart Home system. This is the most secure method of client authentication but also the most difficult to implement in a regular embedded system. Since Linux OS is used on the edge device, it is relatively easy to implement. ● TLS security is a part of the TCP IP protocol and not part of MQTT, and it provides an encrypted pipeline through which MQTT message can flow. The TLS certification provides an encryption of all MQTT message instead of 23
Secure Features: ● Payload Encryption : If necessary, Payload encryption can be used to encrypt/decrypt MQTT message. Payload encryption is done at the application layer and not by MQTT broker. The data is encrypted end to end and not just between the client and the broker, however, the payload encryption will add significant overhead for the communication. In our system, Payload encryption is not employed. 24
Secure Features: ● Overall, by combing Linux firewall, client user name and password, TLS encryption, this Smart Io. T system is secure and meet industrial standard. 25
Summary ● An Io. T Smart Home using off-the-shelf Raspberry Pi, with the combination of various sensors (gas, motion, sound, water, etc) and actuators (Outlet control, camera, etc) is introduced in this paper. ● Data to be monitored are: temperature, humidity, movement, water, and power. An outlet, camera, and microphone can be controlled by the user from any mobile device. ● The user will be notified in any change in the monitored data, if it changes beyond their given range. The device also works while power is out in the house; which means a battery back-up and Internet hot spot can be included as well. ● The transmission of data is secure and reliable with firewall configuration, client authorization and certification, payload encryption, etc. 26
Future Research: ● Instead of using Raspberry Pi as front-end, Ti secure embedded Launchpad will be used which is more secure. Ti Launchpad is a bare-metal EM platform which is widely used in industry. ● Android and/or Io. S App developed instead of using HTML/Javascript for back-end 27
Questions? 28
- Slides: 28