diff --git a/2-related-work.tex b/2-related-work.tex index 0722797..f29dcbd 100644 --- a/2-related-work.tex +++ b/2-related-work.tex @@ -1,3 +1,18 @@ \section{Related Work}\label{related} -Wireless sensor and actor networks are a crucial elements of today's effort to support and implement \textit{Industry 4.0} architectures and modern manufacturing processes. Small programmable logic controllers (PLC) and cloud computing are enabler but also drivers of these new manufacturing paradigms\cite{Nigappa:2016eb}. Thus, the networked interconnection of everyday objects, the automation of home appliances and environmental metering and monitoring based on sensor and actor networks controlled by ESP-based chipsets are subject of current research. In \cite{DiNisio:2015fg}, a low-cost multipurpose wireless sensor network using \textit{ESP8266} PLCs is introduced. The usage of \textit{ESP8266} PLCs in combination with Raspberry PI acting as base station for the sensors is discussed in \cite{Thaker:2016fi}. The article \cite{Kodali:2016hc} presents a home automation solution based on a \textit{MQTT} message queue with \textit{ESP8266}-based sensors and actors. The control of smart bulbs with PLCs is summarized in \cite{Walia:2016bj}. Unfortunately, soft ware update mechanisms are not addressed in these publications. The importance of regular security updates for today's infrastructures is summarized in \cite{beresford2016whack}. An approach of decentralized software updates in Contiki-based IoT environments are introduced in \cite{Ruckebusch:2016vo}. In \cite{Weisbach:2016bs}, a software update solution for devices able to execute a Java Virtual Machine (JVM) is introduced. Both solutions are not applicable for small MCU devices. In \cite{Mansour:2012fu}, a diagnoses and update system for embedded software of electronics control units in vehicles is introduced. Secure firmware updates targeted for the automotive industry is introduced in \cite{Nilsson:2008ik}. Furthermore, a secure The \textit{Over the Air} programming capabilities of the \textit{ESP8266} PLCs are described in \cite{Gore:2016ue}. +Wireless sensor and actor networks are a crucial elements of today's effort to support and implement \textit{Industry 4.0} architectures and modern manufacturing processes. +Small programmable logic controllers (PLC) and cloud computing are enabler but also drivers of these new manufacturing paradigms\cite{Nigappa:2016eb}. +Thus, the networked interconnection of everyday objects, the automation of home appliances and environmental metering and monitoring based on sensor and actor networks controlled by ESP-based chipsets are subject of current research. +In \cite{DiNisio:2015fg}, a low-cost multipurpose wireless sensor network using \textit{ESP8266} PLCs is introduced. +The usage of \textit{ESP8266} PLCs in combination with Raspberry PI acting as base station for the sensors is discussed in \cite{Thaker:2016fi}. +The article \cite{Kodali:2016hc} presents a home automation solution based on a \textit{MQTT} message queue with \textit{ESP8266}-based sensors and actors. +The control of smart bulbs with PLCs is summarized in \cite{Walia:2016bj}. +Unfortunately, soft ware update mechanisms are not addressed in these publications. +The importance of regular security updates for today's infrastructures is summarized in \cite{beresford2016whack}. +An approach of decentralized software updates in Contiki-based IoT environments are introduced in \cite{Ruckebusch:2016vo}. +In \cite{Weisbach:2016bs}, a software update solution for devices able to execute a Java Virtual Machine (JVM) is introduced. +Both solutions are not applicable for small MCU devices. +In \cite{Mansour:2012fu}, a diagnoses and update system for embedded software of electronics control units in vehicles is introduced. +Secure firmware updates targeted for the automotive industry is introduced in \cite{Nilsson:2008ik}. +Furthermore, a secure The \textit{Over the Air} programming capabilities of the \textit{ESP8266} PLCs are described in \cite{Gore:2016ue}. + diff --git a/6-1-build_and_deploy.tex b/6-1-build_and_deploy.tex index e8c6c53..f9e12d8 100644 --- a/6-1-build_and_deploy.tex +++ b/6-1-build_and_deploy.tex @@ -54,7 +54,7 @@ Figure~\ref{lst:create_device_socket} shows the complete device specific code us Device device: constexpr const char NAME[] = "socket"; -constexpr const uint16_t GPIO = 12; // general purpose I/O +constexpr const uint16_t GPIO = 12; // General purpose I/O OnOffFeature socket(&device); Device* getDevice() { @@ -88,7 +88,7 @@ The two resulting firmware image files are both provided for download via \texti Figure~\ref{lst:linker_script} shows the only difference between the two linker scripts, where \texttt{\$\{SLOT\}} must be replaced with the slot number according to the current build. \begin{figure}[htbp] -\begin{lstlisting}[basicstyle=\ttfamily\scriptsize] +\begin{lstlisting}[basicstyle=\ttfamily\scriptsize] update_key_pub.bin: echo -n "$(UPDATE_KEY)" | \ ecdsakeygen -p | \ @@ -108,7 +108,7 @@ To create the meta-information file, the current version identifier is written t After the build, the signatures for both firmware images are created and attached to the file. \begin{figure}[htbp] -\begin{lstlisting}[basicstyle=\ttfamily\scriptsize] +\begin{lstlisting}[basicstyle=\ttfamily\scriptsize] irom0_0_seg : org = ( 0x40200000 // The memory mapping address + 0x2010 // Bootloader code and config diff --git a/6-2-update_mechanism.tex b/6-2-update_mechanism.tex index d09ce8e..94210f5 100644 --- a/6-2-update_mechanism.tex +++ b/6-2-update_mechanism.tex @@ -25,7 +25,7 @@ Using the same files for flashing and updating allows better debugging by elimin Figure~\ref{lst:choosing_rom} shows the algorithm used to determine the download address and reconfigure the bootloader. \begin{figure}[htbp] -\begin{lstlisting}[basicstyle=\ttfamily\scriptsize] +\begin{lstlisting}[basicstyle=\ttfamily\scriptsize] #define URL_ROM(slot) (( URL "/" DEVICE ".rom" slot )) // Select rom slot to flash diff --git a/esper-ota.bib b/esper-ota.bib index 29165ad..12fec2a 100755 --- a/esper-ota.bib +++ b/esper-ota.bib @@ -1,223 +1,222 @@ @MISC(ESP8266, - author="ESPRESSIF", - title="{ESP8266} Overview", - note={{URL: }\url{http://www.espressif.com/en/products/hardware/esp8266ex/overview}, [accessed: 2017.05.22]}, + author="ESPRESSIF", + title="{ESP8266} Overview", + note={{URL: }\url{http://www.espressif.com/en/products/hardware/esp8266ex/overview}, [accessed: 2017.05.22]}, ) @MISC(maglab, - author="{Magrathea Laboratories e.V.}", - title="Magrathea Laboratories - Creating new Worlds", - note={{URL: }\url{https://maglab.space/}, [accessed: 2017.05.22]} + author="{Magrathea Laboratories e.V.}", + title="Magrathea Laboratories - Creating new Worlds", + note={{URL: }\url{https://maglab.space/}, [accessed: 2017.05.22]} ) @MISC(HASS, - author="{Home Assistant}", - title="Awaken your home", - note={\url{http://home-assistant.io/}, [accessed: 2017.05.22]} + author="{Home Assistant}", + title="Awaken your home", + note={\url{http://home-assistant.io/}, [accessed: 2017.05.22]} ) @MISC(ESPer, - author="ESPer", - title="ESPer - Space Automation Firmware for ESP8266", - note={{URL: }\url{https://git.maglab.space/esper/esper}, [accessed: 2017.05.22]} + author="ESPer", + title="ESPer - Space Automation Firmware for ESP8266", + note={{URL: }\url{https://git.maglab.space/esper/esper}, [accessed: 2017.05.22]} ) @MISC(ESP-01s, - author="SparkFun", - title="{WiFi Module - ESP8266}", - note={{URL: }\url{https://www.sparkfun.com/products/13678}, [accessed: 2017.05.22]} + author="SparkFun", + title="{WiFi Module - ESP8266}", + note={{URL: }\url{https://www.sparkfun.com/products/13678}, [accessed: 2017.05.22]} ) @MICS(Sming, - author="Sming", - title="{Sming - Open Source framework for high efficiency native ESP8266 development}", - note={{URL: }\url{http://sminghub.github.io/Sming/about/}, [accessed: 2017.05.22]} + author="Sming", + title="{Sming - Open Source framework for high efficiency native ESP8266 development}", + note={{URL: }\url{http://sminghub.github.io/Sming/about/}, [accessed: 2017.05.22]} ) @MISC(make, - author="{The IEEE and The Open Group}", - title="The Open Group Base Specifications Issue 6 - make - maintain, update, and regenerate groups of programs", - note={{URL: }\url{http://pubs.opengroup.org/onlinepubs/009695399/utilities/make.html}, [accessed: 2017.05.22]} + author="{The IEEE and The Open Group}", + title="The Open Group Base Specifications Issue 6 - make - maintain, update, and regenerate groups of programs", + note={{URL: }\url{http://pubs.opengroup.org/onlinepubs/009695399/utilities/make.html}, [accessed: 2017.05.22]} ) @MISC(MQTT, - author="{OASIS Standard Incorporating}", - title="MQTT Version 3.1.1 Plus Errata 01", - note={{URL: }\url{http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html}, [accessed: 2017.05.22]} + author="{OASIS Standard Incorporating}", + title="MQTT Version 3.1.1 Plus Errata 01", + note={{URL: }\url{http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/errata01/os/mqtt-v3.1.1-errata01-os-complete.html}, [accessed: 2017.05.22]} ) @MISC(HTTP_1.1, - author="{The Internet Society}", - title="Hypertext Transfer Protocol -- HTTP/1.1", - note={{URL: }\url{https://www.w3.org/Protocols/rfc2616/rfc2616.html}, [accessed: 2017.05.22]} + author="{The Internet Society}", + title="Hypertext Transfer Protocol -- HTTP/1.1", + note={{URL: }\url{https://www.w3.org/Protocols/rfc2616/rfc2616.html}, [accessed: 2017.05.22]} ) @MISC(ESP8266_Memory_Map, - author="{ESP8266 community wiki}", - title="ESP8266 Memory Map", - note={{URL: }\url{http://www.esp8266.com/wiki/doku.php?id=esp8266_memory_map}, [accessed: 2017.05.22]} + author="{ESP8266 community wiki}", + title="ESP8266 Memory Map", + note={{URL: }\url{http://www.esp8266.com/wiki/doku.php?id=esp8266_memory_map}, [accessed: 2017.05.22]} ) @MISC(rBoot, - author="Richard Antony Burton", - title="An open source bootloader for the ESP8266", - note={{URL: }\url{https://github.com/raburton/rboot}, [accessed: 2017.05.22]} + author="Richard Antony Burton", + title="An open source bootloader for the ESP8266", + note={{URL: }\url{https://github.com/raburton/rboot}, [accessed: 2017.05.22]} ) @MICS(drone, - author="Drone", - title="Drone is a Continuous Delivery platform built on Docker, written in Go", - note={{URL: }\url{https://github.com/drone/drone}, [accessed: 2017.05.22]} + author="Drone", + title="Drone is a Continuous Delivery platform built on Docker, written in Go", + note={{URL: }\url{https://github.com/drone/drone}, [accessed: 2017.05.22]} ) @MICS(git, - author={{git -- everything-is-local}}, - title="git - a free and open source distributed version control system", - note={{URL: }\url{https://git-scm.com}, [accessed: 2017.05.22]} + author={{git -- everything-is-local}}, + title="git - a free and open source distributed version control system", + note={{URL: }\url{https://git-scm.com}, [accessed: 2017.05.22]} ) @MICS(sonoff, - author={{ITEAD}}, - title="Sonoff Smart-home", - note={{URL: }\url{https://www.itead.cc/smart-home.html}, [accessed: 2017.05.22]} + author={{ITEAD}}, + title="Sonoff Smart-home", + note={{URL: }\url{https://www.itead.cc/smart-home.html}, [accessed: 2017.05.22]} ) @article{Ruckebusch:2016vo, -author = {Ruckebusch, Peter and De Poorter, Eli and Fortuna, Carolina and Moerman, Ingrid}, -title = {{GITAR - Generic extension for Internet-of-Things Architectures enabling dynamic updates of network and application modules.}}, -journal = {Ad Hoc Networks}, -year = {2016} + author = {Ruckebusch, Peter and De Poorter, Eli and Fortuna, Carolina and Moerman, Ingrid}, + title = {{GITAR - Generic extension for Internet-of-Things Architectures enabling dynamic updates of network and application modules.}}, + journal = {Ad Hoc Networks}, + year = {2016} } @article{Gore:2016ue, -author = {Gore, S and Kadam, S and Mallayanmath, S}, -title = {{Review on Programming ESP8266 with Over the Air Programming Capability}}, -journal = {International Journal of {\ldots}}, -year = {2016} + author = {Gore, S and Kadam, S and Mallayanmath, S}, + title = {{Review on Programming ESP8266 with Over the Air Programming Capability}}, + journal = {International Journal of {\ldots}}, + year = {2016} } @article{Nigappa:2016eb, -author = {Nigappa, Karjagi and Selvakumar, J}, -title = {{Industry 4.0: A Cost and Energy efficient Micro PLC for Smart Manufacturing}}, -journal = {Indian Journal of Science and Technology}, -year = {2016}, -volume = {9}, -number = {44}, -month = nov + autor = {Nigappa, Karjagi and Selvakumar, J}, + title = {{Industry 4.0: A Cost and Energy efficient Micro PLC for Smart Manufacturing}}, + journal = {Indian Journal of Science and Technology}, + year = {2016}, + volume = {9}, + number = {44}, + month = nov } @inproceedings{Walia:2016bj, -author = {Walia, Navjot Kaur and Kalra, Parul and Mehrotra, Deepti}, -title = {{An IOT by information retrieval approach: Smart lights controlled using WiFi}}, -booktitle = {2016 6th International Conference - Cloud System and Big Data Engineering (Confluence)}, -year = {2016}, -pages = {708--712}, -publisher = {IEEE} + autor = {Walia, Navjot Kaur and Kalra, Parul and Mehrotra, Deepti}, + title = {{An IOT by information retrieval approach: Smart lights controlled using WiFi}}, + booktitle = {2016 6th International Conference - Cloud System and Big Data Engineering (Confluence)}, + year = {2016}, + pages = {708--712}, + publisher = {IEEE} } @inproceedings{Thaker:2016fi, -author = {Thaker, Tejas}, -title = {{ESP8266 based implementation of wireless sensor network with Linux based web-server}}, -booktitle = {2016 Symposium on Colossal Data Analysis and Networking (CDAN)}, -year = {2016}, -pages = {1--5}, -publisher = {IEEE} + autor = {Thaker, Tejas}, + title = {{ESP8266 based implementation of wireless sensor network with Linux based web-server}}, + booktitle = {2016 Symposium on Colossal Data Analysis and Networking (CDAN)}, + year = {2016}, + pages = {1--5}, + publisher = {IEEE} } @inproceedings{DiNisio:2015fg, -author = {Di Nisio, A and Di Noia, T and Carducci, C Guarnieri Calo and Spadavecchia, M}, -title = {{Design of a low cost multipurpose wireless sensor network}}, -booktitle = {2015 IEEE International Workshop on Measurements and Networking (M{\&}N)}, -year = {2015}, -pages = {1--6}, -publisher = {IEEE} + autor = {Di Nisio, A and Di Noia, T and Carducci, C Guarnieri Calo and Spadavecchia, M}, + title = {{Design of a low cost multipurpose wireless sensor network}}, + booktitle = {2015 IEEE International Workshop on Measurements and Networking (M{\&}N)}, + year = {2015}, + pages = {1--6}, + publisher = {IEEE} } @inproceedings{Kodali:2016hc, -author = {Kodali, Ravi Kishore and Soratkal, SreeRamya}, -title = {{MQTT based home automation system using ESP8266}}, -booktitle = {2016 IEEE Region 10 Humanitarian Technology Conference (R10-HTC)}, -year = {2016}, -pages = {1--5}, -publisher = {IEEE} + autor = {Kodali, Ravi Kishore and Soratkal, SreeRamya}, + title = {{MQTT based home automation system using ESP8266}}, + booktitle = {2016 IEEE Region 10 Humanitarian Technology Conference (R10-HTC)}, + year = {2016}, + pages = {1--5}, + publisher = {IEEE} } @inproceedings{Weisbach:2016bs, -author = {Weisbach, Martin and Taing, Nguonly and Wutzler, Markus and Springer, Thomas and Schill, Alexander and Clarke, Siobhan}, -title = {{Decentralized coordination of dynamic software updates in the Internet of Things}}, -booktitle = {2016 IEEE 3rd World Forum on Internet of Things (WF-IoT)}, -year = {2016}, -pages = {171--176}, -publisher = {IEEE} + autor = {Weisbach, Martin and Taing, Nguonly and Wutzler, Markus and Springer, Thomas and Schill, Alexander and Clarke, Siobhan}, + title = {{Decentralized coordination of dynamic software updates in the Internet of Things}}, + booktitle = {2016 IEEE 3rd World Forum on Internet of Things (WF-IoT)}, + year = {2016}, + pages = {171--176}, + publisher = {IEEE} } @techreport{RFC6234, - author = {D. Eastlake and T. Hansen}, - title = {US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)}, - howpublished = {Internet Requests for Comments}, - type = {RFC}, - number = {6234}, - year = {2011}, - month = {May}, - issn = {2070-1721}, - publisher = {RFC Editor}, - institution = {RFC Editor}, - url = {http://www.rfc-editor.org/rfc/rfc6234.txt}, - note = {\url{http://www.rfc-editor.org/rfc/rfc6234.txt}}, + author = {D. Eastlake and T. Hansen}, + title = {US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)}, + howpublished = {Internet Requests for Comments}, + type = {RFC}, + number = {6234}, + year = {2011}, + month = {May}, + issn = {2070-1721}, + publisher = {RFC Editor}, + institution = {RFC Editor}, + url = {http://www.rfc-editor.org/rfc/rfc6234.txt}, + note = {\url{http://www.rfc-editor.org/rfc/rfc6234.txt}}, } @misc{barker2016nist, - title={NIST Special Publication 800--57 Part 1, Revision 4}, - author={Barker, Elaine and Dang, Quynh}, - year={2016} + title={NIST Special Publication 800--57 Part 1, Revision 4}, + author={Barker, Elaine and Dang, Quynh}, + year={2016} } @techreport(bsi, - author = {{Federal Office for Information Security}}, - title = {Cryptographic Mechanisms: Recommendations and Key Lengths}, - howpublished = {Online}, - type = {BSI – Technical Guideline}, - number = {BSI TR-02102-1}, - year = {2017}, - month = {February}, - publisher = {Federal Office for Information Security, P.O.B. 20 03 63, 53133 Bonn, Germany}, - institution = {Federal Office for Information Security}, - note={{URL: }\url{https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf}, [accessed: 2017.05.22]} + author = {{Federal Office for Information Security}}, + title = {Cryptographic Mechanisms: Recommendations and Key Lengths}, + howpublished = {Online}, + type = {BSI – Technical Guideline}, + number = {BSI TR-02102-1}, + year = {2017}, + month = {February}, + publisher = {Federal Office for Information Security, P.O.B. 20 03 63, 53133 Bonn, Germany}, + institution = {Federal Office for Information Security}, + note={{URL: }\url{https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf}, [accessed: 2017.05.22]} ) @inproceedings{bernstein2006curve25519, - title={Curve25519: new Diffie-Hellman speed records}, - author={Bernstein, Daniel J}, - booktitle={International Workshop on Public Key Cryptography}, - pages={207--228}, - year={2006}, - organization={Springer} + title={Curve25519: new Diffie-Hellman speed records}, + author={Bernstein, Daniel J}, + booktitle={International Workshop on Public Key Cryptography}, + pages={207--228}, + year={2006}, + organization={Springer} } @inproceedings{Mansour:2012fu, - author = {Mansour, Karim and Farag, Wael and ElHelw, Mohamed}, - title = {{AiroDiag: A sophisticated tool that diagnoses and updates vehicles software over air}}, - booktitle = {2012 IEEE International Electric Vehicle Conference (IEVC)}, - year = {2012}, - pages = {1--7}, - publisher = {IEEE} + author = {Mansour, Karim and Farag, Wael and ElHelw, Mohamed}, + title = {{AiroDiag: A sophisticated tool that diagnoses and updates vehicles software over air}}, + booktitle = {2012 IEEE International Electric Vehicle Conference (IEVC)}, + year = {2012}, + pages = {1--7}, + publisher = {IEEE} } @inproceedings{Nilsson:2008ik, - author = {Nilsson, D K and Larson, U E}, - title = {{Secure Firmware Updates over the Air in Intelligent Vehicles}}, - booktitle = {ICC 2008 - 2008 IEEE International Conference on Communications Workshops}, - year = {2008}, - pages = {380--384}, - publisher = {IEEE} + author = {Nilsson, D K and Larson, U E}, + title = {{Secure Firmware Updates over the Air in Intelligent Vehicles}}, + booktitle = {ICC 2008 - 2008 IEEE International Conference on Communications Workshops}, + year = {2008}, + pages = {380--384}, + publisher = {IEEE} } @inproceedings{beresford2016whack, - title={Whack-A-Mole Security: Incentivising the Production, Delivery and Installation of Security Updates}, - author={Beresford, Alastair R}, - booktitle={IMPS@ ESSoS}, - pages={9--10}, - year={2016} + title={Whack-A-Mole Security: Incentivising the Production, Delivery and Installation of Security Updates}, + author={Beresford, Alastair R}, + booktitle={IMPS@ ESSoS}, + pages={9--10}, + year={2016} } -