Abstract
IoT devices are ubiquitous in modern society. These devices are often constrained by computational power, memory, and energy consumption. DTLS is a protocol that is widely used by IoT devices, including critical industrial IoT systems, as the transport layer for secure and authenticated communication. In this paper we create a formal model of DTLS in Uppaal SMC and show how statistical model checking can be used to analyse, evaluate, and optimise energy consumption for the protocol. In particular we model and analyse different network scenarios, and show how energy consumption is highly dependent on the specific usage scenario. Based on this, we propose and analyse solutions to reduce energy consumption in common scenarios. Finally, we extend our model with an active attacker trying to drain as much energy as possible from the target system by (ab)using DTLS. Analysing and preventing such Denial of Service attacks is essential for critical systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This use case along with the others in this paper are simplified versions of actual scenarios encountered by Seluxit, our industrial partner.
- 2.
The full models are available at https://github.com/Goggon/DTLS_Paper_Models.
References
Banerjee, U., Juvekar, C., Fuller, S.H., Chandrakasan, A.P.: eeDTLS: energy-efficient datagram transport layer security for the internet of things. In: Proceedings of the IEEE Global Communications Conference (GLOBECOM 2017), pp. 1–6 (2017). https://doi.org/10.1109/GLOCOM.2017.8255053
Behrmann, G., David, A., Larsen, K.G.: A tutorial on Uppaal. In: Bernardo, M., Corradini, F. (eds.) SFM-RT 2004. LNCS, vol. 3185, pp. 200–236. Springer, Cham (2004). https://doi.org/10.1007/978-3-540-30080-9_7
David, A., et al.: Statistical model checking for stochastic hybrid systems. In: Proceedings of the First International Workshop on Hybrid Systems and Biology (HSB 2012), pp. 122–136 (2012). https://doi.org/10.4204/EPTCS.92.9
David, A., Larsen, K.G., Legay, A., Mikucionis, M., Poulsen, D.B.: Uppaal SMC tutorial. Int. J. Softw. Tools Technol. Transf. 17(4), 397–415 (2015). https://doi.org/10.1007/S10009-014-0361-Y
Dolev, D., Yao, A.C.: On the security of public key protocols. In: Proceedings of the 22nd annual IEEE Symposium on the Foundations of Computer Science, pp. 350–357 (1981)
Fiterau-Brostean, P., Jonsson, B., Merget, R., de Ruiter, J., Sagonas, K., Somorovsky, J.: Analysis of DTLS implementations using protocol state fuzzing. In: 29th USENIX Security Symposium, (USENIX Security 2020), pp. 2523–2540 (2020)
Fiterau-Brostean, P., Jonsson, B., Sagonas, K., Tåquist, F.: DTLS-fuzzer: a DTLS protocol state fuzzer. In: 15th IEEE Conference on Software Testing, Verification and Validation (ICST 2022), pp. 456–458 (2022). https://doi.org/10.1109/ICST53961.2022.00051
Gamatié, A., Sassatelli, G., Mikucionis, M.: Modeling and analysis for energy-driven computing using statistical model-checking. In: Proceedings of the Design, Automation & Test in Europe Conference & Exhibition, (DATE 2021), pp. 980–985 (2021). https://doi.org/10.23919/DATE51398.2021.9474224
Haroon, A., Akram, S., Shah, M.A., Wahid, A.: E-lithe: a lightweight secure DTLS for IoT. In: 2017 IEEE 86th Vehicular Technology Conference (VTC-Fall) (2017). https://doi.org/10.1109/VTCFall.2017.8288362
Kim, J.Y., Holz, R., Hu, W., Jha, S.: Automated analysis of secure internet of things protocols. In: Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017), pp. 238–249 (2017).https://doi.org/10.1145/3134600.3134624
Koch, C.B., Thesbjerg, K.L., Gehlert, L.B., Jørgensen, M.P.H., Rusbjerg, S.K., Møller, T.: IoT power consumption & DTLS modelling. Student report, Department Computer Science, Aalborg University (2024). https://github.com/Goggon/DTLS_Paper_Models
Maleh, Y., Ezzati, A., Belaïssaoui, M.: DoS attacks analysis and improvement in DTLS protocol for internet of things. In: Proceedings of the International Conference on Big Data and Advanced Wireless Technologies (BDAW 2016), pp. 54:1–54:7 (2016). https://doi.org/10.1145/3010089.3010139
Rescorla, E.: The transport layer security (TLS) protocol version 1.3. RFC 8446 (2018). https://doi.org/10.17487/RFC8446, https://www.rfc-editor.org/info/rfc8446
Tsoukaneri, G., Garcia, F., Marina, M.: Narrowband IoT device energy consumption characterization and optimizations. In: Proceedings of the International Conference on Embedded Wireless Systems and Networks (EWSN 2020), pp. 1–12. Junction Publishing (2020). https://ewsn2020.conf.citi-lab.fr/
Wognsen, E.R., Hansen, R.R., Larsen, K.G.: Battery-aware scheduling of mixed criticality systems. In: Margaria, T., Steffen, B. (eds.) ISoLA 2014. LNCS, vol. 8803, pp. 208–222. Springer, Cham (2014). https://doi.org/10.1007/978-3-662-45231-8_15
Younes, H.L.S.: Verification and planning for stochastic processes with asynchronous events. Ph.D. thesis, Carnegie Mellon (2005)
Acknowledgments
This work has been partially supported by both Innovation Fund Denmark and the Digital Research Centre Denmark (DIREC) through the bridge project Secure Internet of Things (SIoT); and also through the VILLUM Investigator grant S4OS (Scalable analysis and Synthesis of Safe, Secure and Optimal Strategies for Cyber-Physical Systems).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Gehlert, L.B. et al. (2024). Modelling and Analysis of DTLS: Power Consumption and Attacks. In: Haxthausen, A.E., Serwe, W. (eds) Formal Methods for Industrial Critical Systems. FMICS 2024. Lecture Notes in Computer Science, vol 14952. Springer, Cham. https://doi.org/10.1007/978-3-031-68150-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-68150-9_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-68149-3
Online ISBN: 978-3-031-68150-9
eBook Packages: Computer ScienceComputer Science (R0)