Secure and bandwidth efficient industrial IoT networks

  • Stephen Okwudili Ugwuanyi

Student thesis: Doctoral Thesis

Abstract

The Internet of Things (IoT) and industrial integration have recently become increasingly popular and investigated among researchers for industrial and consumer-based applications. Industrial Internet of Things (IIoT) presents an opportunity for industrial applications especially those in challenging environments to be provisioned remotely and more efficiently at a cheaper cost within the shortest time interval. As the journey to industrial digital transformation continues to increase, many wireless technologies have been used to deploy IoT solutions that have shown evidence of security, interoperability, latency, throughput, and bandwidth challenges. Based on recent events, these challenges are increasing when implementing IoT, especially in an industrial context with legacy communication and control infrastructure and result in data loss, overwhelming network resources, loss of access control, and total disruption of network performance. IoT-based cellular networks are more widely used as they have overcome some of these challenges through technology evolution from GSM to 5G. Most cellular network versions are not designed for constrained IoT devices and are very expensive for large-scale deployment. In this thesis, the areas of contribution focus on security, protocols, bandwidth, and cost based on different test network scenarios. The performance of different licensed and unlicensed Low Power Wide Area Networks (LPWAN) test network scenarios is investigated. Focusing on Low Range Wide Area Networks (LoRaWAN) and Narrowband Internet of Things (NB-IoT) designed for massive machine-type constrained IoT applications, testbeds of LoRaWAN and NB-IoT were designed, implemented and their performances compared based on sensor networks QoS parameters such as power utilisation, throughput, latency, and security. On average, NB-IoT outperformed LoRaWAN on data throughput, latency and security. NB-IoT consumed an excess of 2 mAh of power for joining the network and 1.7 mAh more for a 44 byte uplink messagecompared to Lo-RaWAN. With the maximum throughput of 264 bps at 837 ms measured latency, NB-IoT outperformed LoRaWAN and proved robust for machine-type communications. When sending between 29 - 48 bytes, the average throughput varied between 115 bps to 264 bps between the UE and the server. At 50 bytes retransmission of data payload, the successful transmission rate decreased and, in most cases, resulted in unsuccessful transmission. The concept of Transport Layer Security (TLS) and Internet Protocol Security (IPSec) for securing IIoT infrastructure is presented based on the testbed at Strathclyde Power Network Demonstration Centre (PNDC), where novel bandwidth-efficient authentication and encryption mechanisms for utility network are contributed. In the case of IPSec test network scenaro, the tests delivered an overhead of 25%. An increase of 15% against the 10% suggested in the literature. TLS with AES of 128-bit contributed 25% of additional overhead compared to IPsec for each analogue or digital command. From these findings, an analysis of the cost implications of introducing extra security layers is presented to guide the efficient use of scarce network resources like bandwidth. The cost of using IPSec to secure the industrial protocol connection between RTU and the router is higher than that of OpenVPN and is estimated at 45% with respect to bandwidth overhead. For each of the OpenVPN-based transmitted packets, 40 - 44 bytes of overhead were added via User Datagram Protocol (UDP), whereas IPSec added 60 - 68 bytes. The overhead of TLS keep-alive messages, IPsec, TCP connections, and IEC 104 consume more than 50% of the bandwidth (based on configuration and application). The security features evaluated added overhead of roughly 2-3 folds of the current data rate by the Distributed Network Operators (DNOs), for both levels of security (i.e. TLS and IPsec).
Date of Award18 May 2023
Original languageEnglish
Awarding Institution
  • University Of Strathclyde
SupervisorJames Irvine (Supervisor) & Robert Atkinson (Supervisor)

Cite this

'