Dr. Daniel Gavilanes Aray, director of the Technological Center of the Fundación Universitaria Iberoamericana (Iberoamerican University Foundation, FUNIBER), participates in a study that presents a formal security model of the RPL routing protocol, based on Petri nets, in order to protect the data and privacy of users in the Internet of Things (IoT) system.
The Internet of Things has revolutionized the way devices connect and interact intelligently. This system integrates electronic devices, computing and mechanical machines with advanced sensing and response capabilities, facilitating services with minimal human intervention. The fundamental purpose of IoT is to improve the quality of human life, however, achieving optimal interaction with these smart devices depends on efficient and secure protocols.
Low-power, lossy networks (LLNs) are characterized by being devices with limited resources, such as memory, processing power and batteries, in addition to facing high packet loss and low data rates. Another challenge they face is the large volume of data they handle, which can lead to congestion and delays in transmission. These networks, often used in wireless sensor networks, differ from conventional networks due to their inherent constraints. To ensure their real-time operation, it is essential to address these limitations by developing routing protocols.
The routing protocol for low-power, low-loss networks such as RPL is a widely used standard in IoT systems operating under IPv6 protocol. This protocol is essential for efficient data transmission between devices, but its security is a constant concern. IoT applications are especially vulnerable to various security threats, including availability issues, privacy and malware attacks. Therefore, the study focused on formal modeling of the RPL protocol to evaluate security schemes and propose a solution.
Formal modeling is a design strategy that employs mathematical models to create and analyze hardware and software systems in detail prior to actual construction. This approach uses mathematical proofs to complement system evaluations, ensuring correct operation. As systems become more complex, safety becomes an essential aspect, and formal modeling provides additional assurance by ensuring that the system behaves as expected.
The study proposes the use of colored Petri nets, a mathematical tool that allows graphical representation and analysis of concurrent systems, to formalize and verify both secure and non-secure modes of the RPL protocol. This methodology proved to be effective in protecting against unauthorized key variations and version number changes in routing. In addition, it not only identifies potential vulnerabilities in the protocol, but also provides a framework for improving the security of other communication protocols within the IoT ecosystem.
In this way, developers can implement corrective measures before devices are deployed in the real world. This ability to foresee and fix security issues is crucial for the development of a more secure and reliable IoT system.
The study not only improves the understanding of the RPL protocol, but also lays the foundation for future studies on IoT communication security. By employing formal modeling techniques, such as colored Petri nets, it opens a promising avenue for ensuring that interconnected devices can operate securely and efficiently, protecting the integrity of the personal and business data they handle.
If you want to learn more about this study, click here.
To read more research, consult the UNEATLANTICO repository.
The Iberoamerican University Foundation (FUNIBER) offers the Master in Strategic Management in Information Technology. A program that develops students’ skills to propose organizational, technological, commercial and financial innovations in order to ensure competitiveness in companies. Join technological innovation by studying this master’s degree and take your professional career to the next level!