1
Home Automation Solutions for SecureWSN

Corinna SCHMITT1 and Marvin WEBER2

1Research Institute CODE, Universität der Bundeswehr München, Neubiberg, Germany

2MNM-Team, Ludwig Maximilians Universität München, Munich, Germany

Today, many different devices are connected and form small networks that are an integral part of the Internet of Things (IoT) (Rose et al. 2015; ITU 2016). Such networks are typically designed for individual solutions to serve a particular purpose. In the private sector, the most common application of such networks are seen in smart home scenarios. Constrained devices (Bormann et al. 2020) are used to monitor environmental data in order to trigger actions depending on analysis results. Well-known examples are closing/opening windows and shades or activating/deactivating lights and fans. In literature such scenarios are counted to the IoT subarea of cyber-physical systems (CPS) and due to a close impact to the residents of homes a secure environments is essential.

SecureWSNs (Schmitt 2020) are a powerful framework supporting different hardware and operating systems in the data collection process. Furthermore, they provide many services to residents in order for them to monitor environmental data (e.g. temperature, brightness, and humidity) within their home. To control network access, a fine-grained access management solution is integrated alongside resource-specific security protocols for required communication of components. Until now the system only supports monitoring of environmental data and lacks integration and controlling of actors establishing a comfortable zone to live at home fulfilling the concept of a CPS (Pahl 2014). As involved components usually work wirelessly, it is necessary to have full control of the network itself. Therefore, a secure solution to integrate actors (e.g. fans or lights) communicating over different standards (e.g. Bluetooth or ZigBee (Schmitt 2019)) into the deployed network is necessary. Furthermore, only authorized users should have the opportunity to configure the devices accordingly.

This chapter summarizes the current situation, concerns and requests of smart home users, which are categorized and discussed to establish the design requirements for a SecureWSN establishing a prototyped CPS. Consequently, a SecureWSN is presented in detail with special focus on: (a) secure integration of two actors using different communication standards; and (b) handling the configuration of them while respecting privacy concerns (Porambage et al. 2016) of residents. In order to allow only network owners to integrate actors into the system, and configure them, a credentials check is performed on the gateway component CoMaDa. If this check is passed successfully, the network owner is able to integrate the actors into the CPS. Furthermore, configuration details can be specified. Here, thresholds can be set when an actor (e.g. fan or lamp) should be activated or deactivated. Such thresholds can be modified during runtime in order to react to requirements (i.e. still too warm) immediately and flexible. In order to check if the actor works appropriately, two graphical user interfaces are available. The evaluation provided in this chapter is a proof of operation. Overall, it has to be kept in mind that home automation solutions might introduce risks and threats to an existing system, but this is overcome here by: (i) integration of several security checks for verification of ownership; and (ii) providing the user with a detailed and step-wise introduction for setting the system up. Besides these, the home owner receives (iii) physical security for the home by putting lights on when not at home or automatically cooling down the interior if it is too hot or vice versa, as well as monitoring the total smart environment.

1.1. Introduction

Smart homes have been gaining increasing attention and have become more widespread by promising to deliver more cost-effective, energy efficient heating, enhanced security solutions, or autonomic adoption to personal preferences. Another driver is the ability to control the lights, media center and many other appliances without a switch but a smart voice assistant instead. Devices that enable these features are becoming more and more affordable, new product categories are yet to be developed and whole new product ranges to be explored. One such example is the "Ring Always Home Cam", an indoor drone, released by Amazon in September 2020 (Bünte 2020). This device monitors home security by patrolling the property room by room, notifying absent residents about potential security threats.

Home automation (HA) can be seen as being part of a smart home, allowing it to perform actions autonomously to fulfill specified goals such as keeping the temperature at a certain level, closing the windows when it rains, or dropping the shades when the sun shines. However, most of the commercially available product solutions leverage several drawbacks such as the requirement to use the vendor-provided cloud for controlling and automating devices or the incompatibility of different manufacturer appliances or protocols. The enforced cloud-connection, in particular, may deter those who are privacy conscious given the nature of the data collected and how it is used by the vendors is not known (Bernheim Brush et al. 2011; Dague 2017).

In order to enable monitoring and collection of environmental data, multiple sensors (also known as nodes) are combined to form a wireless sensor network (WSN). These WSNs are mostly built of constrained devices, meaning those with limited processing, storage and power resources. A SecureWSN (Schmitt 2020) is a framework consisting of three components: (1) The WSN component, which collects environmental data; (2) the CoMaDa1 component, which configures and manages the deployed WSN and handles receiving data; and (3) WebMaDa2, which provides the backend infrastructure of the framework and a web-based framework for mobile access. It makes it possible to create and maintain a WSN in a secure manner, enabling data gathering of multiple nodes within a network, featuring secure data transmission and additionally providing rich functionality for aggregating, monitoring, and visualizing the sensors data. WebMaDa follows the idea of a cloud-based approach but, due to its configuration in the WSN network, the owner has complete control of their network and settings without any involvement from the WebMaDa administrator, including the "right to be forgotten" if requested. Thus, WebMaDa is more secure than a classic cloud service provider. Additionally, if a user does not want to use or integrate a cloud connection, and does not rely on the remote service offered by WebMaDa, the system is also fully functional without the WebMaDa integration. Different node hardware running various supported operating systems (OSs) can be used to feed the system with environmental data, including temperature, humidity, noise or brightness measurements (Schmitt et al. 2013; Schmitt 2020).

The remainder of this chapter3 is structured as follows: section 1.2 presents all required background knowledge for the home automation solution, HAIFA. This ranges from the characteristics of a SecureWSN where the solution is integrated, common communication standards and machine-to-machine protocols, the monitor-analyse-plan-execute-knowledge (MAPE-K) model that is applied, as well as hardware and libraries used. Section 1.3 presents insights into the design decisions for the realized home automation solution HAIFA for a SecureWSN. Here, functional and architectural requirements are specified, the envisioned architecture introduced and further decisions justified. Section 1.4 discusses the actual implementation of HAIFA, broken down into the requisite parts. In section 1.5 the implementation is evaluated before drawing conclusions.

1.2. Background

This section introduces the background information required to understand the design decisions made in section 1.3. First, the SecureWSN framework that the HAIFA is integrated into is explained. Second, important home automation concepts are introduced, including protocols for publish/subscribe mechanisms (i.e. MQTT and CoAP), the fundamental MAPE-K model for triggering interaction between sensors and actuators, and related hardware and projects.

1.2.1. SecureWSN

Figure 1.1 illustrates the different components and their involvement in building the SecureWSN framework to monitor environments in smart homes/buildings with constrained devices (Schmitt 2020). The collecting network is a WSN built of different types of constrained devices that use different operating systems - TinyOS, Contiki and RIOT OS (TinyOS 2021; Contiki-NG 2020; RIOT OS 2021) - and can be accessed via two components. These components are graphical user interfaces (GUI) called CoMaDa and WebMaDa, which offer the user an effective platform following the click mentality to configure and monitor the deployed network (Schmitt 2019).

For the developed home automation solution HAIFA, the WSN component is assumed to be a black box and only delivers environmental data such as temperature or humidity. These values are used as input for HAIFA to trigger actuators (e.g. a fan or lamp). Thus, in the following, only CoMaDa and WebMaDa are described in more detail, as these are the locations where the implementation of HAIFA is placed.

1.2.1.1. CoMaDa...