Thesis

Secure and bandwidth efficient industrial IoT networks

Creator
Rights statement
Awarding institution
  • University of Strathclyde
Date of award
  • 2023
Thesis identifier
  • T16617
Person Identifier (Local)
  • 201768919
Qualification Level
Qualification Name
Department, School or Faculty
Abstract
  • The Internet of Things (IoT) and industrial integration have recently become increasingly popular and investigated among researchers for industrial and consumer-based applications. Industrial Internet of Things (IIoT) presents an opportunity for industrial applications especially those in challenging environments to be provisioned remotely and more efficiently at a cheaper cost within the shortest time interval. As the journey to industrial digital transformation continues to increase, many wireless technologies have been used to deploy IoT solutions that have shown evidence of security, interoperability, latency, throughput, and bandwidth challenges. Based on recent events, these challenges are increasing when implementing IoT, especially in an industrial context with legacy communication and control infrastructure and result in data loss, overwhelming network resources, loss of access control, and total disruption of network performance. IoT-based cellular networks are more widely used as they have overcome some of these challenges through technology evolution from GSM to 5G. Most cellular network versions are not designed for constrained IoT devices and are very expensive for large-scale deployment. In this thesis, the areas of contribution focus on security, protocols, bandwidth, and cost based on different test network scenarios. The performance of different licensed and unlicensed Low Power Wide Area Networks (LPWAN) test network scenarios is investigated. Focusing on Low Range Wide Area Networks (LoRaWAN) and Narrowband Internet of Things (NB-IoT) designed for massive machine-type constrained IoT applications, testbeds of LoRaWAN and NB-IoT were designed, implemented and their performances compared based on sensor networks QoS parameters such as power utilisation, throughput, latency, and security. On average, NB-IoT outperformed LoRaWAN on data throughput, latency and security. NB-IoT consumed an excess of 2 mAh of power for joining the network and 1.7 mAh more for a 44 byte uplink message compared to Lo-RaWAN. With the maximum throughput of 264 bps at 837 ms measured latency, NB-IoT outperformed LoRaWAN and proved robust for machine-type communications. When sending between 29 - 48 bytes, the average throughput varied between 115 bps to 264 bps between the UE and the server. At 50 bytes retransmission of data payload, the successful transmission rate decreased and, in most cases, resulted in unsuccessful transmission. The concept of Transport Layer Security (TLS) and Internet Protocol Security (IPSec) for securing IIoT infrastructure is presented based on the testbed at Strathclyde Power Network Demonstration Centre (PNDC), where novel bandwidth-efficient authentication and encryption mechanisms for utility network are contributed. In the case of IPSec test network scenaro, the tests delivered an overhead of 25%. An increase of 15% against the 10% suggested in the literature. TLS with AES of 128-bit contributed 25% of additional overhead compared to IPsec for each analogue or digital command. From these findings, an analysis of the cost implications of introducing extra security layers is presented to guide the efficient use of scarce network resources like bandwidth. The cost of using IPSec to secure the industrial protocol connection between RTU and the router is higher than that of OpenVPN and is estimated at 45% with respect to bandwidth overhead. For each of the OpenVPN-based transmitted packets, 40 - 44 bytes of overhead were added via User Datagram Protocol (UDP), whereas IPSec added 60 - 68 bytes. The overhead of TLS keep-alive messages, IPsec, TCP connections, and IEC 104 consume more than 50% of the bandwidth (based on configuration and application). The security features evaluated added overhead of roughly 2-3 folds of the current data rate by the Distributed Network Operators (DNOs), for both levels of security (i.e. TLS and IPsec).
Advisor / supervisor
  • Irvine, James, 1968-
Resource Type
DOI
Embargo Note
  • This thesis is currently held under moratorium due to a third party copyright issue. If you are the author of this thesis lease contact the library to resolve this issue.

Relazioni

Articoli

Thumbnail Titolo Data caricata Visibilità Azioni
file details File 2023-06-19 Privato