PIVOT

Privacy-Integrated design and Validation in the constrained IoT

Publications

  1. P. Kietzmann, T. C. Schmidt, and M. Wählisch, “A Guideline on Pseudorandom Number Generation (PRNG) in the IoT,” ACM Comput. Surv., vol. 54, no. 6, pp. 112:1–112:38, Jul. 2021,


    Abstract: Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resources, deterministic real-time operations, and frequent lack of a user interface. In this paper, we revisit the generation of randomness from the perspective of an IoT operating system (OS) that needs to support general purpose or crypto-secure random numbers. We analyse the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experiments for measuring performance give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.


    
                 @article{ksw-gpngi-21,
      author = {Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{A Guideline on Pseudorandom Number Generation (PRNG) in the IoT}},
      journal = {ACM Comput. Surv.},
      volume = {54},
      number = {6},
      pages = {112:1--112:38},
      month = jul,
      year = {2021},
      publisher = {ACM},
      address = {New York, NY, USA},
      theme = {iot},
      url = {https://dl.acm.org/doi/10.1145/3453159}
    }
    
               

  2. C. Gündogan, C. Amsüss, T. C. Schmidt, and M. Wählisch, “Reliable Firmware Updates for the Information-Centric Internet of Things,” Proc. of 8th ACM Conference on Information-Centric Networking (ICN). ACM, New York, pp. 59–70, Sep. 2021.


    Abstract: Security in the Internet of Things (IoT) requires ways to regularly update firmware in the field. These demands ever increase with new, agile concepts such as security as code and should be considered a regular operation. Hosting massive firmware roll-outs present a crucial challenge for the constrained wireless environment. In this paper, we explore how information-centric networking can ease reliable firmware updates. We start from the recent standards developed by the IETF SUIT working group and contribute a system that allows for a timely discovery of new firmware versions by using cryptographically protected manifest files. Our design enables a cascading firmware roll-out from a gateway towards leaf nodes in a low-power multi-hop network. While a chunking mechanism prepares firmware images for typically low-sized maximum transmission units (MTUs), an early Denial-of-Service (DoS) detection prevents the distribution of tampered or malformed chunks. In experimental evaluations on a real-world IoT testbed, we demonstrate feasible strategies with adaptive bandwidth consumption and a high resilience to connectivity loss when replicating firmware images into the IoT edge.


    
                 @inproceedings{gasw-rfuii-21,
      author = {G{\"u}ndogan, Cenk and Ams{\"u}ss, Christian and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Reliable Firmware Updates for the Information-Centric Internet of Things}},
      booktitle = {Proc. of 8th ACM Conference on Information-Centric Networking (ICN)},
      publisher = {ACM},
      address = {New York},
      location = {Virtual},
      year = {2021},
      month = sep,
      pages = {59--70},
      url = {https://doi.org/10.1145/3460417.3482974},
      theme = {iot|icn}
    }
    
               

  3. M. S. Lenders, T. C. Schmidt, and M. Wählisch, “Fragment Forwarding in Lossy Networks,” IEEE Access, vol. 9, pp. 143969–143987, Oct. 2021,


    Abstract: This paper evaluates four forwarding strategies for fragmented datagrams in the IoT on top of the common CSMA/CA MAC implementation for IEEE 802.15.4: hop-wise reassembly, a minimal approach to direct forwarding of fragments, classic end-to-end fragmentation, and direct forwarding utilizing selective fragment recovery. Additionally, we evaluate congestion control mechanisms for selective fragment recovery by increasing the feature set of congestion control. Direct fragment forwarding and selective fragment recovery are challenged by the lack of forwarding information at subsequent fragments in 6LoWPAN and thus require additional data at the nodes. We compare the four approaches in extensive experiments evaluating reliability, end-to-end latency, and memory consumption. Our findings indicate that direct fragment forwarding should be deployed with care, since higher packet transmission rates on the link layer can significantly reduce its reliability, which in turn can even further reduce end-to-end latency because of highly increased link layer retransmissions. Selective fragment recovery can compensate this disadvantage but struggles with the same problem underneath, constraining its full potential. Congestion control for selective fragment recovery should be chosen so that small congestion windows that are growable together with fragment pacing are used. In case of less fragments per datagram, pacing is less of a concern, but the congestion window has an upper bound.


    
                 @article{lsw-ffln-21,
      author = {Lenders, Martine S. and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Fragment Forwarding in Lossy Networks}},
      journal = {IEEE Access},
      year = {2021},
      volume = {9},
      month = oct,
      pages = {143969-–143987},
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      code = {https://github.com/anr-bmbf-pivot/IEEE-Access-6LoWPAN-2021},
      file = {../papers/lsw-ffln-21.pdf},
      url = {https://doi.org/10.1109/ACCESS.2021.3121557},
      theme = {iot|manet},
      note = {early access}
    }
    
               

  4. L. Lanzieri, P. Kietzmann, T. C. Schmidt, and M. Wählisch, “Poster Abstract: Third Party Authorization of LwM2M Clients,” Proc. of the Int. Conf. on Internet of Things Design and Implementation (IoTDI). ACM, New York, NY, USA, pp. 263–264, 2021.


    Abstract: Communication scenarios between IoT client nodes within an authenticated and authorized regime comprise emerging use cases for modern edge applications in the IoT, but unfortunately are not supported by current management schemes such as LwM2M. In this poster, we propose an authorization mechanism for LwM2M clients for gaining access to resources hosted by other clients. Access rights are issued by LwM2M servers. We introduce a new LwM2M interface and new LwM2M objects with minimal backwards-compatible changes to the core specification.


    
                 @inproceedings{lksw-tpalc-21,
      author = {Lanzieri, Leandro and Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Poster Abstract: Third Party Authorization of LwM2M Clients}},
      booktitle = {Proc. of the Int. Conf. on Internet of Things Design and Implementation (IoTDI)},
      pages = {263--264},
      year = {2021},
      publisher = {ACM},
      address = {New York, NY, USA},
      location = {Virtual},
      file = {https://dl.acm.org/doi/pdf/10.1145/3450268.3453512},
      theme = {iot|nsec}
    }
    
               

  5. C. Gündogan, C. Amsüss, T. C. Schmidt, and M. Wählisch, “Group Communication with OSCORE: RESTful Multiparty Access to a Data-Centric Web of Things,” Proc. of the 46th IEEE Conference on Local Computer Networks (LCN). IEEE Press, Piscataway, NJ, USA, pp. 399–402, Oct. 2021.


    Abstract: Content replication to many destinations is common in the IoT. IP multicast has proven inefficient due to a missing layer-2 support by IoT radios and its synchronous end-to-end transmission, which is susceptible to interference. Information-centric networking (ICN) introduced hop-wise multiparty dissemination of cacheable content, which proves valuable for lossy networks. Even Named-Data Networking (NDN), a prominent ICN, suffers from a lack of deployment. We explore a multiparty content distribution in an information-centric Web of Things built on CoAP. We augment CoAP proxies by request aggregation and response replication, which together with caches enable asynchronous group communication. Further, we integrate object security with OSCORE into the CoAP multicast proxy system for ubiquitous caching of certified content. We compare NDN, CoAP, and our data-centric approach in testbed experiments. Our findings indicate that multiparty content distribution with CoAP proxies performs equally well as NDN, while remaining compatible with the protocol world of CoAP.


    
                 @inproceedings{gasw-gcorm-21,
      author = {G{\"u}ndogan, Cenk and Ams{\"u}ss, Christian and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Group Communication with OSCORE: RESTful Multiparty Access to a Data-Centric Web of Things}},
      booktitle = {Proc. of the 46th IEEE Conference on Local Computer Networks (LCN)},
      month = oct,
      year = {2021},
      pages = {399--402},
      publisher = {IEEE Press},
      address = {Piscataway, NJ, USA},
      location = {Edmonton, Canada},
      url = {https://doi.org/10.1109/LCN52139.2021.9525000},
      theme = {iot|icn}
    }
    
               

  6. J. Alamos, P. Kietzmann, T. C. Schmidt, and M. Wählisch, “DSME-LoRa – A Flexible MAC for LoRa,” Proc. of 29th IEEE International Conference on Network Protocols (ICNP 2021), Poster Session. IEEE, Piscataway, NJ, USA, Nov. 2021.


    Abstract: LoRa is a popular technology that enables long-range wireless communication (kilometers) at low energy consumption. The transmission exhibits low throughput and underlies duty cycle restrictions. Long on-air times (up to seconds) and range are susceptible to interference. In parallel, common LoRa-devices are battery driven and should mainly sleep. LoRaWAN is the system that defines the LoRa PHY, MAC, and a complete vertical stack. To deal with the above limitations, LoRaWAN imposes rigorous constraints, namely, a centralized network architecture that organizes media access, and heavily reduced downlink capacity. This makes it unusable for many deployments, control systems in particular. In this work, we combine IEEE 802.15.4 DSME and LoRa to facilitate node-to-node communication. We present a DSME-LoRa mapping scheme and contribute a simulation model for validating new LoRa use-cases. Our results show 100% packet delivery and predictable latencies irrespective of network size.


    
                 @inproceedings{aksw-dfml-21,
      author = {Alamos, Jose and Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{DSME-LoRa -- A Flexible MAC for LoRa}},
      booktitle = {Proc. of 29th IEEE International Conference on Network Protocols (ICNP 2021), Poster Session},
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      year = {2021},
      month = nov,
      theme = {iot}
    }
    
               

  7. C. Gündogan, T. C. Schmidt, M. Wählisch, C. Scherb, C. Marxer, and C. Tschudin, “Information-Centric Networking (ICN) Adaptation to Low-Power Wireless Personal Area Networks (LoWPANs),” RFC Editor, IRTF, RFC 9139, Nov. 2021.


    Abstract: This document defines a convergence layer for Content-Centric Networking (CCNx) and Named Data Networking (NDN) over IEEE 802.15.4 Low-Power Wireless Personal Area Networks (LoWPANs). A new frame format is specified to adapt CCNx and NDN packets to the small MTU size of IEEE 802.15.4. For that, syntactic and semantic changes to the TLV-based header formats are described. To support compatibility with other LoWPAN technologies that may coexist on a wireless medium, the dispatching scheme provided by IPv6 over LoWPAN (6LoWPAN) is extended to include new dispatch types for CCNx and NDN. Additionally, the fragmentation component of the 6LoWPAN dispatching framework is applied to Information-Centric Network (ICN) chunks. In its second part, the document defines stateless and stateful compression schemes to improve efficiency on constrained links. Stateless compression reduces TLV expressions to static header fields for common use cases. Stateful compression schemes elide states local to the LoWPAN and replace names in Data packets by short local identifiers. This document is a product of the IRTF Information-Centric Networking Research Group (ICNRG).


    
                 @techreport{rfc9139,
      author = {G{\"u}ndogan, Cenk and Schmidt, Thomas C. and W{\"a}hlisch, Matthias and Scherb, Christopher and Marxer, Claudio and Tschudin, Christian},
      title = {{Information-Centric Networking (ICN) Adaptation to Low-Power Wireless Personal Area Networks (LoWPANs)}},
      type = {{RFC}},
      number = {9139},
      institution = {RFC Editor, IRTF},
      month = nov,
      year = {2021},
      url = {http://www.rfc-editor.org/info/rfc9139},
      theme = {icn|iot}
    }
    
               

  8. C. Gündogan, C. Amsüss, T. C. Schmidt, and M. Wählisch, “Content Object Security in the Internet of Things: Challenges, Prospects, and Emerging Solutions,” IEEE Transactions on Network and Service Management (TNSM), vol. 18, no. 1, pp. 538–553, Mar. 2022,


    Abstract: Content objects are confined data elements that carry meaningful information. Massive amounts of content objects are published and exchanged every day on the Internet. The emerging Internet of Things (IoT) augments the network edge with reading sensors and controlling actuators that comprise machine-to-machine communication using small data objects. IoT content objects are often messages that fit into single IPv6 datagram. These IoT messages frequently traverse protocol translators at gateways, which break end-to-end transport and security of Internet protocols. To preserve content security from end to end via gateways and proxies, the IETF recently developed Object Security for Constrained RESTful Environments (OSCORE), which extends the Constrained Application Protocol (CoAP) with content object security features commonly known from Information Centric Networking (ICN). This paper revisits the current IoT protocol architectures and presents a comparative analysis of protocol stacks that protect request-response transactions. We discuss features and limitations of the different protocols and analyze emerging functional extensions. We measure the protocol performances of CoAP over Datagram Transport Layer Security (DTLS), OSCORE, and the information-centric Named Data Networking (NDN) protocol on a large-scale IoT testbed in single- and multi-hop scenarios. Our findings indicate that (a) OSCORE improves on CoAP over DTLS in error-prone wireless regimes due to omitting the overhead of maintaining security sessions at endpoints, (b) NDN attains superior robustness and reliability due to its intrinsic network caches and hop-wise retransmissions, and (c) OSCORE/CoAP offers room for improvement and optimization in multiple directions.


    
                 @article{gasw-cosit-22,
      author = {G{\"u}ndogan, Cenk and Ams{\"u}ss, Christian and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Content Object Security in the Internet of Things: Challenges, Prospects, and Emerging Solutions}},
      journal = {IEEE Transactions on Network and Service Management (TNSM)},
      year = {2022},
      month = mar,
      volume = {18},
      number = {1},
      pages = {538–-553},
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      url = {https://doi.org/10.1109/TNSM.2021.3099902},
      theme = {iot|icn|nsec}
    }
    
               

  9. S. Pélissier, M. Cunche, V. Roca, and D. Donzes, “Device re-identification in LoRaWAN through messages linkage,” Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks. 2022.


    Abstract: In LoRaWAN networks, devices are identified by two identifiers: a globally unique and stable one called DevEUI, and an ephemeral and randomly assigned pseudonym called DevAddr. The association between those identifiers is only known by the network and join servers, and is not available to a passive eavesdropper. In this work, we consider the problem of linking the DevAddr with the corresponding DevAddr based on passive observation of the LoRa traffic transmitted over the air. Leveraging metadata exposed in LoRa frames, we devise a technique to link two messages containing respectively the DevEUI and the DevAddr, thus identifying the link between those identifiers. The approach is based on machine learning algorithms using various pieces of information including timing, signal strength, and fields of the frames. Based on an evaluation using a real-world dataset of 11 million messages, with ground truth available, we show that multiple machine learning models are able to reliably link those identifiers. The best of them achieves an impressive true positive rate of over 0.8 and a false positive rate of 0.001.


    
                 @inproceedings{pelissier_device_2022,
      series = {{WiSec} '22},
      title = {Device re-identification in {LoRaWAN} through messages linkage},
      booktitle = {Proceedings of the 15th {ACM} {Conference} on {Security} and {Privacy} in {Wireless} and {Mobile} {Networks}},
      author = {Pélissier, Samuel and Cunche, Mathieu and Roca, Vincent and Donzes, Didier},
      year = {2022},
      keywords = {location, peer reviewed, conference, bluetooth, Android, bluetooth-low-energy, permission, scanning, vulnerability, mes\_publis, mes publis},
      url = {https://dl.acm.org/doi/10.1145/3507657.3528556},
      file = {https://dl.acm.org/doi/pdf/10.1145/3507657.3528556}
    }
    
               

  10. J. Hugon, M. Cunche, and T. Begin, “RoMA: Rotating MAC Address for privacy protection.” SIGCOMM 2022 - 36th Conference of the ACM Special Interest Group on Data Communication – Poster Session, Aug. 2022. doi: 10.1145/3546037.3546055.


    
                 @misc{hugon:hal-03778273,
      title = {{RoMA: Rotating MAC Address for privacy protection}},
      author = {Hugon, Johann and Cunche, Mathieu and Begin, Thomas},
      url = {https://hal.inria.fr/hal-03778273},
      note = {Poster},
      howpublished = {{SIGCOMM 2022 - 36th Conference of the ACM Special Interest Group on Data Communication -- Poster Session}},
      year = {2022},
      month = aug,
      doi = {10.1145/3546037.3546055},
      keywords = {802.11 ; Privacy ; MAC address ; virtual interface ; Wi-Fi ; tracking ; MAC address randomization},
      pdf = {https://hal.inria.fr/hal-03778273/file/Poster_Virtual_Interface.pdf},
      hal_id = {hal-03778273},
      hal_version = {v1}
    }
    
               

  11. L. Lanzieri, P. Kietzmann, T. C. Schmidt, and M. Wählisch, “Secure and Authorized Client-to-Client Communication for LwM2M,” Proc. of ACM/IEEE Int. Conf. on Information Processing in Sensor Networks (IPSN ’22). IEEE, Piscataway, NJ, USA, pp. 158–170, May 2022.


    Abstract: Constrained devices on the Internet of Things (IoT) continuously produce and consume data. LwM2M manages millions of these devices in a server-centric architecture, which challenges edge networks with expensive uplinks and time-sensitive use cases. In this paper, we contribute two LwM2M extensions to enable client-to-client (C2C) communication: (i) an authorization mechanism for clients, and (ii) an extended management interface to allow secure C2C access to resources. We analyse the security properties of the proposed extensions and show that they are compliant with LwM2M security requirements. Our performance evaluation on off-the-shelf IoT hardware shows that C2C communication outperforms server-centric deployments. First, LwM2M deployments with edge C2C communication yield a  90% faster notification delivery and  4× greater throughput compared to common server-centric scenarios, while keeping a small memory overhead of  8%. Second, in server-centric communication, the delivery rate degrades when resource update intervals drop below 100 ms.


    
                 @inproceedings{lksw-saccl-22,
      author = {Lanzieri, Leandro and Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Secure and Authorized Client-to-Client Communication for LwM2M}},
      booktitle = {Proc. of ACM/IEEE Int. Conf. on Information Processing in Sensor Networks (IPSN '22)},
      pages = {158--170},
      year = {2022},
      month = may,
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      location = {Milan},
      theme = {iot|nsec},
      url = {https://doi.org/10.1109/IPSN54338.2022.00020},
      file = {https://arxiv.org/pdf/2203.03450.pdf}
    }
    
               

  12. L. Boeckmann, P. Kietzmann, T. C. Schmidt, and M. Wählisch, “Poster Abstract: Offloading Crypto Processing with RIOT,” Proc. of ACM/IEEE Int. Conf. on Information Processing in Sensor Networks (IPSN ’22), Poster Session. IEEE, Piscataway, NJ, USA, pp. 535–536, May 2022.


    Abstract: Secure elements allow for offloading complex crypto operations from embedded devices to external, protected hardware. In this poster, we present a concept for transparently accessing multiple secure elements behind a unified API as a feature of an IoT OS.


    
                 @inproceedings{bksw-ocpwr-22,
      author = {Boeckmann, Lena and Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Poster Abstract: Offloading Crypto Processing with RIOT}},
      booktitle = {Proc. of ACM/IEEE Int. Conf. on Information Processing in Sensor Networks (IPSN '22), Poster Session},
      pages = {535–536},
      year = {2022},
      month = may,
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      location = {Milan},
      theme = {iot|nsec}
    }
    
               

  13. J. Alamos, P. Kietzmann, T. C. Schmidt, and M. Wählisch, “WIP: Exploring DSME MAC for LoRa – A System Integration and First Evaluation,” 23rd IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM). IEEE, Piscataway, NJ, USA, pp. 169–172, Jun. 2022.


    Abstract: LoRa is a popular wireless technology that enables low-throughput (bytes) long-range communication (km) at low energy consumption (mW). Its transmission, though, is on one side prone to interference during long on-air times, and on the other side subject to duty cycle restrictions. LoRaWAN defines a MAC and a vertical stack on top of LoRa. LoRaWAN circumvents the above limitations by imposing a centralized network architecture, which heavily reduces downlink capacity and prevents peer-to-peer communication. This makes it unusable for many deployments. The Deterministic and Synchronous Multichannel Extension (DSME) of IEEE 802.15.4e benefits of time-slotted communication and peer-to-peer communication and has the potential to overcome LoRaWAN limitations. In this work, we implement DSME on top of LoRa in the open source IoT OS RIOT and open the field for first evaluation experiments on real hardware. Initial results indicate that DSME-LoRa not only enables reliable peer-to-peer communication for constrained IoT devices, but also scales with an increasing number of nodes.


    
                 @inproceedings{aksw-edmls-22,
      author = {Alamos, Jose and Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{WIP: Exploring DSME MAC for LoRa -- A System Integration and First Evaluation}},
      booktitle = {23rd IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM)},
      pages = {169–172},
      year = {2022},
      month = jun,
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      location = {Belfast, UK},
      file = {https://arxiv.org/pdf/2112.09403},
      url = {},
      theme = {iot}
    }
    
               

  14. P. Kietzmann, J. Alamos, D. Kutscher, T. C. Schmidt, and M. Wählisch, “Long-Range ICN for the IoT: Exploring a LoRa System Design,” Proc. of 21th IFIP Networking Conference. IEEE Press, Piscataway, NJ, USA, pp. 1–9, Jun. 2022.


    Abstract: This paper presents LoRa-ICN, a comprehensive IoT networking system based on a common long-range communication layer (LoRa) combined with information-centric networking (ICN) principles. We have replaced the LoRaWAN MAC layer with an IEEE 802.15.4 Deterministic and Synchronous Multi-Channel Extension (DSME). This multifaceted MAC layer allows for different mappings of ICN message semantics, which we explore to enable new LoRa scenarios. We designed LoRa-ICN from the ground-up to improve reliability and security and to reduce dependency on centralized components in LoRa IoT scenarios. We have implemented a feature-complete prototype in a common network simulator to validate our approach. Our results show design trade-offs of different mapping alternatives in terms of robustness and efficiency.


    
                 @inproceedings{kaksw-liiel-22,
      author = {Kietzmann, Peter and Alamos, Jose and Kutscher, Dirk and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Long-Range ICN for the IoT: Exploring a LoRa System Design}},
      booktitle = {Proc. of 21th IFIP Networking Conference},
      location = {Catania, Italy},
      pages = {1-9},
      year = {2022},
      month = jun,
      publisher = {IEEE Press},
      address = {Piscataway, NJ, USA},
      file = {https://arxiv.org/pdf/2204.11040.pdf},
      theme = {iot|icn}
    }
    
               

  15. M. S. Lenders, C. Amsüss, C. Gündogan, T. C. Schmidt, and M. Wählisch, “DNS Queries over CoAP (DoC),” IETF, IETF Internet Draft – work in progress 00, Sep. 2022.


    Abstract: This document defines a protocol for sending DNS messages over the Constrained Application Protocol (CoAP). These CoAP messages are protected by DTLS-Secured CoAP (CoAPS) or Object Security for Constrained RESTful Environments (OSCORE) to provide encrypted DNS message exchange for constrained devices in the Internet of Things (IoT).


    
                 @techreport{draft-core-doc,
      author = {Lenders, Martine S. and Ams{\"u}ss, Christian and G{\"u}ndogan, Cenk and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{DNS Queries over CoAP (DoC)}},
      type = {IETF Internet Draft -- work in progress},
      institution = {IETF},
      number = {00},
      month = sep,
      year = {2022},
      url = {https://datatracker.ietf.org/doc/draft-ietf-core-dns-over-coap/},
      theme = {iot|nsec}
    }
    
               

  16. P. Kietzmann, J. Alamos, D. Kutscher, T. C. Schmidt, and M. Wählisch, “Delay-Tolerant ICN and Its Application to LoRa,” Proc. of 9th ACM Conference on Information-Centric Networking (ICN). ACM, New York, pp. 125–136, Sep. 2022.


    Abstract: Connecting long-range wireless networks to the Internet imposes challenges due to vastly longer round-trip-times (RTTs). In this paper, we present an ICN protocol framework that enables robust and efficient delay-tolerant communication to edge networks. Our approach provides ICN-idiomatic communication between networks with vastly different RTTs. We applied this framework to LoRa, enabling end-to-end consumer-to-LoRa-producer interaction over an ICN-Internet and asynchronous data production in the LoRa edge. Instead of using LoRaWAN, we implemented an IEEE 802.15.4e DSME MAC layer on top of the LoRa PHY and ICN protocol mechanisms in RIOT OS. Executed on off-the-shelf IoT hardware, we provide a comparative evaluation for basic NDN-style ICN [60], RICE [31]-like pulling, and reflexive forwarding [46]. This is the first practical evaluation of ICN over LoRa using a reliable MAC. Our results show that periodic polling in NDN works inefficiently when facing long and differing RTTs. RICE reduces polling overhead and exploits gateway knowledge, without violating ICN principles. Reflexive forwarding reflects sporadic data generation naturally. Combined with a local data push, it operates efficiently and enables lifetimes of >1 year for battery powered LoRa-ICN nodes.


    
                 @inproceedings{kaksw-dial-22,
      author = {Kietzmann, Peter and Alamos, Jose and Kutscher, Dirk and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Delay-Tolerant ICN and Its Application to LoRa}},
      booktitle = {Proc. of 9th ACM Conference on Information-Centric Networking (ICN)},
      publisher = {ACM},
      address = {New York},
      location = {Osaka, Japan},
      year = {2022},
      month = sep,
      pages = {125--136},
      file = {https://arxiv.org/pdf/2209.00863},
      url = {https://doi.org/10.1145/3517212.3558081},
      theme = {iot|icn}
    }
    
               

  17. M. Rottleuthner, T. C. Schmidt, and M. Wählisch, “Dynamic Clock Reconfiguration for the Constrained IoT and its Application to Energy-efficient Networking,” International Conference on Embedded Wireless Systems and Networks (EWSN’22). ACM, New York, USA, pp. 168–179, Oct. 2022.


    Abstract: Clock configuration takes a key role in tuning constrained general-purpose microcontrollers for performance, timing accuracy, and energy efficiency. Configuring the underlying clock tree, however, involves a large parameter space with complex dependencies and dynamic constraints. We argue for clock configuration as a generic operating system module that bridges the gap between highly configurable but complex embedded hardware and easy application development. In this paper, we propose a method and a runtime subsystem for dynamic clock reconfiguration on constrained IoT devices named ScaleClock. ScaleClock derives measures to dynamically optimize clock configurations by abstracting the hardware-specific clock trees. The ScaleClock system service grants portable access to the optimization potential of dynamic clock scaling for applications. We implement the approach on the popular IoT operating system RIOT for two target platforms of different manufacturers and evaluate its performance in static and dynamic scenarios on real devices. We demonstrate the potential of ScaleClock by designing a platform-independent DVFS mechanism that enables RIOT to autonomously adapt the hardware performance to requirements of the software currently executed. In a use case study, we manage to boost energy efficiency of constrained network communication by reducing the MCU consumption by 40% at negligible performance impact.


    
                 @inproceedings{rsw-dcrci-22,
      author = {Rottleuthner, Michel and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Dynamic Clock Reconfiguration for the Constrained IoT and its Application to Energy-efficient Networking}},
      booktitle = {International Conference on Embedded Wireless Systems and Networks (EWSN'22)},
      location = {Linz, AT},
      pages = {168–179},
      month = oct,
      year = {2022},
      publisher = {ACM},
      address = {New York, USA},
      file = {https://arxiv.org/pdf/2102.10353.pdf},
      theme = {iot}
    }
    
               

  18. L. Boeckmann, P. Kietzmann, L. Lanzieri, T. C. Schmidt, and M. Wählisch, “Usable Security for an IoT OS: Integrating the Zoo of Embedded Crypto Components Below a Common API,” International Conference on Embedded Wireless Systems and Networks (EWSN’22). ACM, New York, USA, pp. 84–95, Oct. 2022.


    Abstract: IoT devices differ widely in crypto-supporting hardware, ranging from no hardware support to powerful accelerators supporting numerous of operations including protected key storage. An operating system should provide uniform access to these heterogeneous hardware features, which is a particular challenge in the resource constrained IoT. Effective security is tied to the usability of cryptographic interfaces. A thoughtful API design is challenging, and it is beneficial to re-use such an interface and to share the knowledge of programming embedded security widely. In this paper, we integrate an emerging cryptographic interface into usable system-level calls for the IoT operating system RIOT, which runs on more than 200 platforms. This interface supports ID-based key handling to access key material in protected storage without exposing it to anyone. Our design foresees hardware acceleration on all available variants; our implementation integrates diverse cryptographic hardware and software backends via the uniform interface. Our performance measurements show that the overhead of the uniform API with integrated key management is negligible compared to the individual crypto operation. Our approach enhances the usability, portability, and flexibility of cryptographic support in the IoT.


    
                 @inproceedings{bklsw-usioi-22,
      author = {Boeckmann, Lena and Kietzmann, Peter and Lanzieri, Leandro and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Usable Security for an IoT OS: Integrating the Zoo of Embedded Crypto Components Below a Common API}},
      booktitle = {International Conference on Embedded Wireless Systems and Networks (EWSN'22)},
      location = {Linz, AT},
      pages = {84–95},
      month = oct,
      year = {2022},
      publisher = {ACM},
      address = {New York, USA},
      file = {https://arxiv.org/abs/2208.09281},
      theme = {iot|nsec}
    }
    
               

  19. S. Balakrichenan, I. Ayoub, and B. Ampeau, “PKI for IoT using the DNS infrastructure,” 2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA), pp. 1–8, 2022, doi: 10.1109/PKIA56009.2022.9952253.


    Abstract: The main challenge facing IoT today is security. The constrained nature of IoT devices deprives them of using modern security solutions. This leads them to use aged and more vulnerable security mechanisms that expose them to high risks. When compared to more powerful devices, constrained IoT devices cannot use the Public Key Infrastructure with X.509 certificates to establish secure sessions. Moreover, the idea of self-signed certificates and having one trusted CA does not seem that popular. The Domain Name System (DNS) using the DNS-based Authentication of Named Entities protocol (DANE) and DNS’s security extensions (DNSSEC) can help create the sought-after Public Key Infrastructure (PKI) for IoT. With a concrete example, this article explains how DNS can deliver IoT PKI functions based on DANE, backed by DNSSEC.


    
                 @article{sba-pkia-22,
      author = {Balakrichenan, Sandoche and Ayoub, Ibrahim and Ampeau, Beno\hat{i}t},
      title = {{PKI for IoT using the DNS infrastructure}},
      journal = {2022 IEEE International Conference on Public Key Infrastructure and its Applications (PKIA)},
      year = {2022},
      month = {},
      volume = {},
      number = {},
      pages = {1-8},
      publisher = {IEEE},
      address = {},
      file = {https://hal.science/hal-03798465},
      doi = {10.1109/PKIA56009.2022.9952253},
      theme = {IoT|DNS}
    }
    
               

  20. I. Ayoub, G. Berthaud-Müller, S. Balakrichenan, K. Khawam, and B. Ampeau, “The DNS to Reinforce the PKIX for IoT Backend Servers: Implementation and Evaluation,” 14th IFIP Wireless and Mobile Networking Conference, pp. 80–84, Oct. 2022, doi: 10.23919/WMNC56391.2022.9954304.


    Abstract: The current Public Key Infrastructure depends on binding names to public keys via X.509 certificates. Such certificates are issued by certificate authorities (CAs). This model requires Transport Layer Security (TLS) clients to store dozens of trusted CA certificates and has proved to sometimes suffer from security breaches. The DNS-Based Authentication of Named Entities (DANE) protocol is designed to use DNS to bind certificates or keys to domain names by adding TLSA resource records (RRs) to zones. DANE utilizes DNSSEC to guarantee the integrity and authenticity of DNS responses. Besides servers, TLS clients could also have TLSA RR and be verified via DANE, allowing mutual authentication between clients and servers. In this paper, we implement DANE and perform mutual authentication between IoT backend servers. Our use case is a mutual authentication process between LoRaWAN’s Join and Network servers. We study the latency introduced by mutual authentication via DANE and compare it to traditional CA. The results show that DANE could be used to perform mutual authentication and that DNS caching compensates for the latency it introduces.


    
                 @article{ayoub-ifip-22,
      author = {Ayoub, Ibrahim and Berthaud-M{\"u}ller, Ga{\"e}l and Balakrichenan, Sandoche and Khawam, Kinda and Ampeau, Beno{\^i}t},
      title = {{The DNS to Reinforce the PKIX for IoT Backend Servers: Implementation and Evaluation}},
      journal = {14th IFIP Wireless and Mobile Networking Conference},
      year = {2022},
      month = oct,
      volume = {},
      number = {},
      pages = {80-84},
      publisher = {IEEE},
      address = {},
      file = {https://hal.science/hal-03798669/},
      doi = {10.23919/WMNC56391.2022.9954304},
      theme = {IoT|DNS}
    }
    
               

  21. J. Alamos, P. Kietzmann, T. C. Schmidt, and M. Wählisch, “DSME-LoRa: Seamless Long Range Communication Between Arbitrary Nodes in the Constrained IoT,” Transactions on Sensor Networks (TOSN), vol. 18, no. 4, pp. 1–43, Nov. 2022,


    Abstract: Long range radio communication is preferred in many IoT deployments as it avoids the complexity of multi-hop wireless networks. LoRa is a popular, energy-efficient wireless modulation but its networking substrate LoRaWAN introduces severe limitations to its users. In this paper, we present and thoroughly analyze \acrshortdsme-LoRa, a system design of LoRa with IEEE 802.15.4 \glsdsme as a \acrshortmac layer. \glsdsme-LoRa offers the advantage of seamless client-to-client communication beyond the pure gateway-centric transmission of LoRaWAN. We evaluate its feasibility via a full-stack implementation on the popular RIOT operating system, assess its steady-state packet flows in an analytical stochastic Markov model, and quantify its scalability in massive communication scenarios using large scale network simulations. Our findings indicate that \glsdsme-LoRa is indeed a powerful approach that opens LoRa to standard network layers and outperforms LoRaWAN in many dimensions.


    
                 @article{aksw-dslrc-22,
      author = {Alamos, Jose and Kietzmann, Peter and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{DSME-LoRa: Seamless Long Range Communication Between Arbitrary Nodes in the Constrained IoT}},
      journal = {Transactions on Sensor Networks (TOSN)},
      year = {2022},
      month = nov,
      volume = {18},
      number = {4},
      pages = {1–43},
      publisher = {ACM},
      address = {New York, USA},
      file = {https://arxiv.org/pdf/2206.14077.pdf},
      url = {https://dl.acm.org/doi/10.1145/3552432},
      theme = {iot},
      note = {Invited for journal presentation track at ACM SenSys'22}
    }
    
               

  22. G. Gagnon, S. Gambs, and M. Cunche, “RSSI-Based Fingerprinting of Bluetooth Low Energy Devices,” 20th International Conference on Security and Cryptography - SECRYPT. pp. 242–253, Aug. 2023. Accessed: Aug. 24, 2023. [Online].


    Abstract: Digital Library


    
                 @inproceedings{gagnon_rssi-based_2023,
      title = {{RSSI}-{Based} {Fingerprinting} of {Bluetooth} {Low} {Energy} {Devices}},
      isbn = {978-989-758-666-8},
      url = {https://www.scitepress.org/Link.aspx?doi=10.5220/0012139600003555},
      booktitle = {20th International Conference on Security and Cryptography - SECRYPT},
      urldate = {2023-08-24},
      author = {Gagnon, Guillaume and Gambs, Sébastien and Cunche, Mathieu},
      month = aug,
      year = {2023},
      pages = {242--253}
    }
    
               

  23. H. Petersen, J. Brodbeck, T. C. Schmidt, and M. Wählisch, “IPv6 over Bluetooth Advertisements: An alternative approach to IP over BLE,” Proc. of Embedded Wireless Systems and Networks (EWSN’23). ACM, New York, USA, Sep. 2023.


    Abstract: The IPv6 over Bluetooth Low Energy (BLE) standard defines the transfer of IP data via BLE connections. This connection-oriented approach provides high reliability but increases packet delays and requires substantial overhead to manage BLE connections. To overcome these drawbacks we present the design and implementation of IPv6 over BLE advertisements, a standard-compliant connection-less approach. We deploy our proposal on low-power IoT hardware and comparatively measure key network performance metrics in a public testbed. Our results show that IP over BLE advertisements offers network performance characteristics complementary to IP over connection-based BLE, trading lower reliability for shorter latency.


    
                 @inproceedings{pbsw-ibaaa-23,
      author = {Petersen, Hauke and Brodbeck, Janos and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{IPv6 over Bluetooth Advertisements: An alternative approach to IP over BLE}},
      booktitle = {Proc. of Embedded Wireless Systems and Networks (EWSN'23)},
      location = {Rende,IT},
      pages = {},
      month = sep,
      year = {2023},
      publisher = {ACM},
      address = {New York, USA},
      file = {https://arxiv.org/pdf/2210.06236.pdf}
    }
    
               

  24. J. Alamos, T. C. Schmidt, and M. Wählisch, “6LoRa: Full Stack IPv6 Networking with DSME-LoRa on Low Power IoT Nodes,” Proc. of Embedded Wireless Systems and Networks (EWSN’23). ACM, New York, USA, Sep. 2023.


    Abstract: Long range wireless transmission techniques such as LoRa are preferential candidates for a substantial class of IoT applications, as they avoid the complexity of multi-hop wireless forwarding. The existing network solutions for LoRa, however, are not suitable for peer-to-peer communication, which is a key requirement for many IoT applications. In this work, we propose a networking system – 6LoRa, that enables IPv6 communication over LoRa. We present a full stack system implementation on RIOT OS and evaluate the system on a real testbed using realistic application scenarios with CoAP. Our findings confirm that our approach outperforms existing solutions in terms of transmission delay and packet reception ratio at comparable energy consumption.


    
                 @inproceedings{asw-6fsi-23,
      author = {Alamos, Jose and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{6LoRa: Full Stack IPv6 Networking with DSME-LoRa on Low Power IoT Nodes}},
      booktitle = {Proc. of Embedded Wireless Systems and Networks (EWSN'23)},
      location = {Rende,IT},
      pages = {},
      month = sep,
      year = {2023},
      publisher = {ACM},
      address = {New York, USA},
      file = {https://arxiv.org/pdf/2307.03649.pdf},
      url = {},
      theme = {iot}
    }
    
               

  25. M. S. Lenders, C. Amsüss, C. Gündogan, M. Nawrocki, T. C. Schmidt, and M. Wählisch, “Securing Name Resolution in the IoT: DNS over CoAP,” Proceedings of the ACM on Networking (PACMNET), vol. 1, no. CoNEXT2, pp. 6:1–6:25, Sep. 2023,


    Abstract: In this paper, we present the design, implementation, and analysis of DNS over CoAP (DoC), a new proposal for secure and privacy-friendly name resolution of constrained IoT devices. We implement different design choices of DoC in RIOT, an open-source operating system for the IoT, evaluate performance measures in a testbed, compare with DNS over UDP and DNS over DTLS, and validate our protocol design based on empirical DNS IoT data. Our findings indicate that plain DoC is on par with common DNS solutions for the constrained IoT but significantly outperforms when additional standard features of CoAP are used such as block-wise transfer or caching. With OSCORE, we can save more than 10 kBytes of code memory compared to DTLS and retain the end-to-end trust chain with intermediate proxies, while leveraging features such as group communication or caches. We also discuss a compression scheme for very restricted links that reduces data by up to 70%.


    
                 @article{lagns-snrid-23,
      author = {Lenders, Martine S. and Ams{\"u}ss, Christian and G{\"u}ndogan, Cenk and Nawrocki, Marcin and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Securing Name Resolution in the IoT: DNS over CoAP}},
      journal = {Proceedings of the ACM on Networking (PACMNET)},
      month = sep,
      volume = {1},
      number = {CoNEXT2},
      pages = {6:1--6:25},
      year = {2023},
      publisher = {ACM},
      address = {New York, NY, USA},
      file = {https://arxiv.org/pdf/2207.07486.pdf},
      url = {https://doi.org/10.1145/3609423}
    }
    
               

Previous Work

The following list gives a short overview about previous publications of the PIVOT group, which stimulated this project.

  1. M. Rottleuthner, T. C. Schmidt, and M. Wählisch, “Sense Your Power: The ECO Approach to Energy Awareness for IoT Devices,” ACM Transactions on Embedded Computing Systems, vol. 20, no. 3, pp. 24:1–24:25, Mar. 2021,


    Abstract: Energy constrained sensor nodes can adaptively optimize their energy consumption if a continuous measurement is provided. This is of particular importance in scenarios of high dynamics such as with energy harvesting. Still, self-measuring of power consumption at reasonable cost and complexity is unavailable as a generic system service. In this paper, we present ECO, a hardware-software co-design that adds autonomous energy management capabilities to a large class of low-end IoT devices. ECO consists of a highly portable hardware shield built from inexpensive commodity components, and software integrated into the RIOT operating system. RIOT supports more than 200 popular microcontrollers. Leveraging this flexibility, we assembled a variety of sensor nodes to evaluate key performance properties for different device classes. An overview and comparison with related work shows how ECO fills the gap of in situ power attribution transparently for consumers and how it improves over existing solutions. We also report about two different real-world field trials, which validate our solution for long-term production use.


    
                 @article{rsw-sypea-21,
      author = {Rottleuthner, Michel and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Sense Your Power: The ECO Approach to Energy Awareness for IoT Devices}},
      journal = {ACM Transactions on Embedded Computing Systems},
      pages = {24:1--24:25},
      volume = {20},
      number = {3},
      month = mar,
      year = {2021},
      publisher = {ACM},
      theme = {iot},
      url = {https://doi.org/10.1145/3441643},
      file = {http://ilab-pub.imp.fu-berlin.de/papers/rsw-sypea-21.pdf}
    }
    
               

  2. P. Kietzmann, L. Boeckmann, L. Lanzieri, T. C. Schmidt, and M. Wählisch, “A Performance Study of Crypto-Hardware in the Low-end IoT,” Proc. of 18th International Conference on Embedded Wireless Systems and Networks (EWSN). ACM, New York, 2021.


    Abstract: In this paper, we contribute a comprehensive resource analysis for widely used crypto primitives across different off-the-shelf IoT platforms, and quantify the performance impact of crypto hardware. This work builds on the newly designed crypto subsystem of the IoT operating system RIOT, which provides seamless crypto support across software and hardware components. Our evaluations show that (i) hardware-based crypto outperforms software by considerably over 100\,%, which is crucial for nodal lifetime. Despite, the memory consumption typically increases moderately. (ii) Hardware diversity, driver design, and software implementations heavily impact resource efficiency. (iii) External crypto-chips operate slowly on symmetric crypto-operations, but provide secure write-only memory for private credentials, which is unavailable on many platforms.


    
                 @inproceedings{kblsw-pschl-21,
      author = {Kietzmann, Peter and Boeckmann, Lena and Lanzieri, Leandro and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{A Performance Study of Crypto-Hardware in the Low-end IoT}},
      booktitle = {Proc. of 18th International Conference on Embedded Wireless Systems and Networks (EWSN)},
      year = {2021},
      publisher = {ACM},
      address = {New York},
      theme = {nsec|iot},
      file = {http://ilab-pub.imp.fu-berlin.de//papers/kblsw-pschl-21.pdf},
      slides = {../slides/kblsw-pschl-21.pdf},
      video = {https://youtu.be/Aqp-AassudM},
      code = {https://github.com/inetrg/EWSN-2021}
    }
    
               

  3. C. Gündogan, C. Amsüss, T. C. Schmidt, and M. Wählisch, “IoT Content Object Security with OSCORE and NDN: A First Experimental Comparison,” Proc. of 19th IFIP Networking Conference. IEEE, Piscataway, NJ, USA, pp. 19–27, 2020.


    Abstract: The emerging Internet of Things (IoT) challenges the end-to-end transport of the Internet by low power lossy links and gateways that perform protocol translations. Protocols such as CoAP or MQTT-SN are degraded by the overhead of DTLS sessions, which in common deployment protect content transfer only up to the gateway. To preserve content security end-to-end via gateways and proxies, the IETF recently developed Object Security for Constrained RESTful Environments (OSCORE), which extends CoAP with content object security features commonly known from Information Centric Networks (ICN). This paper presents a comparative analysis of protocol stacks that protect request-response transactions. We measure protocol performances of CoAP over DTLS, OSCORE, and the information-centric Named Data Networking (NDN) protocol on a large-scale IoT testbed in single- and multi-hop scenarios. Our findings indicate that (a) OSCORE improves on CoAP over DTLS in error-prone wireless regimes due to omitting the overhead of maintaining security sessions at endpoints, and (b) NDN attains superior robustness and reliability due to its intrinsic network caches and hop-wise retransmissions.


    
                 @inproceedings{gasw-icoso-20,
      author = {G{\"u}ndogan, Cenk and Ams{\"u}ss, Christian and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{IoT Content Object Security with OSCORE and NDN: A First Experimental Comparison}},
      booktitle = {Proc. of 19th IFIP Networking Conference},
      pages = {19--27},
      publisher = {IEEE},
      address = {Piscataway, NJ, USA},
      year = {2020},
      file = {http://ilab-pub.imp.fu-berlin.de/papers//papers/gasw-icoso-20.pdf},
      awards = {Best Paper Award},
      code = {https://github.com/inetrg/IFIP-Networking-2020},
      video = {https://youtu.be/QfBzYZBF3Ek},
      theme = {iot|icn|nsec}
    }
    
               

  4. P. F. Tehrani, J. H. Schiller, T. C. Schmidt, and M. Wählisch, “On Economic, Societal, and Political Aspects in ICN,” Proceedings of the 7th ACM Conference on Information-Centric Networking. ACM, New York, NY, USA, pp. 155–157, 2020.


    Abstract: Information-centric networking (ICN), as an antithesis of host-centric networking, denotes a paradigm shift in communication networks. It introduces names to the network layer and favors de-localized content instead of addresses and hosts. ICN is an attempt to design a network tailored to demands of users who only care about data. The simplicity of this basic premise, however, turns out to be rather deceptive; a pitfall in waiting on the path of ICN to wide-scale deployment. Surely users care about data, but they also care about trust, accountability, private communication, and everything else that the current Internet provides beside mere content. This paper is a first attempt in pinpointing the missing non-technical aspects that are crucial to success of ICN as a viable replacement for the Internet.


    
                 @inproceedings{tssw-espai-20,
      author = {Tehrani, Pouyan Fotouhi and Schiller, Jochen H. and Schmidt, Thomas C. and W\"{a}hlisch, Matthias},
      title = {{On Economic, Societal, and Political Aspects in ICN}},
      booktitle = {Proceedings of the 7th ACM Conference on Information-Centric Networking},
      pages = {155--157},
      year = {2020},
      publisher = {ACM},
      address = {New York, NY, USA},
      file = {http://ilab-pub.imp.fu-berlin.de/papers/tssw-espai-20.pdf},
      video = {https://youtu.be/nUitAUfWVF4},
      slides = {https://conferences.sigcomm.org/acm-icn/2020/assets/3-DP-3-Tehrani-Poster-1d32d058142db0e4d0235ec123719607bc4982e3cfcc420e09b5c7414f8b48a7.pdf},
      theme = {iot|icn}
    }
    
               

  5. C. Gündogan, C. Amsüss, T. C. Schmidt, and M. Wählisch, “Toward a RESTful Information-Centric Web of Things: A Deeper Look at Data Orientation in CoAP,” Proc. of 7th ACM Conference on Information-Centric Networking (ICN). ACM, New York, pp. 77–88, Sep. 2020.


    Abstract: The information-centric networking (ICN) paradigm offers replication of autonomously verifiable content throughout a network, in which content is bound to names instead of hosts. This has proven beneficial in particular for the constrained IoT. Several approaches, the most prominent of which being Named Data Networking, propose access to named content directly on the network layer. Independently, the IETF CoAP protocol group started to develop mechanisms that support autonomous content processing and in-network storage. In this paper, we explore the emerging CoAP building blocks and how they can give rise to an information-centric network architecture for a new RESTful Web of Things. We discuss design options and measure characteristic performances of different network configurations, which deploy CoAP proxies and OSCORE content object security, and compare with NDN. Our findings indicate an almost continuous design space ranging from plain CoAP at the one end to NDN on the other.


    
                 @inproceedings{gasw-triwt-20,
      author = {G{\"u}ndogan, Cenk and Ams{\"u}ss, Christian and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Toward a RESTful Information-Centric Web of Things: A Deeper Look at Data Orientation in CoAP}},
      booktitle = {Proc. of 7th ACM Conference on Information-Centric Networking (ICN)},
      publisher = {ACM},
      address = {New York},
      location = {Montreal, CA},
      year = {2020},
      month = sep,
      pages = {77--88},
      file = {http://ilab-pub.imp.fu-berlin.de/papers/gasw-triwt-20.pdf},
      video = {https://youtu.be/S2x5UU4jVzA},
      slides = {https://conferences.sigcomm.org/acm-icn/2020/assets/4-3-gundogan-3cff810c07ebd9e3fe4d2734cb9cdecf26f94d1f6db608e669eee8d44182f977.pdf},
      theme = {iot|icn|nsec}
    }
    
               

  6. M. S. Lenders, C. Gündogan, T. C. Schmidt, and M. Wählisch, “Connecting the Dots: Selective Fragment Recovery in ICNLoWPAN,” Proc. of 7th ACM Conference on Information-Centric Networking (ICN). ACM, New York, pp. 70–76, Sep. 2020.


    Abstract: In this paper, we analyze the benefits of integrating 6LoWPAN Selective Fragment Recovery (SFR) in ICNLoWPAN. We present a solution that allows for immediate fragment forwarding—a key feature of SFR—in combination with ICN caching. For this a \emphVirtual Reassembling Endpoint (VREP) is proposed which acts transparently as an SFR fragment forwarder while simultaneously collecting them. Once a datagram is complete, it is exposed to the content cache, effectively making the VREP the new fragmenting endpoint. Our proposal complies with current specs defined in the IETF/IRTF. Furthermore, we offer considerations to combine the reverse path forwarding schemes of both SFR and ICNLoWPAN and assess drawbacks and benefits. In preliminary experiments, we evaluate the network performance of combining ICNLoWPAN with SFR and VREP.


    
                 @inproceedings{lgsw-cdsfr-20,
      author = {Lenders, Martine S. and G{\"u}ndogan, Cenk and Schmidt, Thomas C. and W{\"a}hlisch, Matthias},
      title = {{Connecting the Dots: Selective Fragment Recovery in ICNLoWPAN}},
      booktitle = {Proc. of 7th ACM Conference on Information-Centric Networking (ICN)},
      publisher = {ACM},
      address = {New York},
      location = {Montreal, CA},
      year = {2020},
      month = sep,
      pages = {70--76},
      file = {http://ilab-pub.imp.fu-berlin.de//papers/lgsw-cdsfr-20.pdf},
      video = {https://youtu.be/kUvN8Av6XyE},
      slides = {https://conferences.sigcomm.org/acm-icn/2020/assets/4-2-Lenders-95914dded8a7bb44263954b97ca0852844e1545baeb945af72c3ca6576df2d5b.pdf},
      theme = {iot|icn|manet}
    }