Iot Tech Neo

UNIT Ill
loT : Design Met~~dology

CHAPTER ·J ,.. ;,
..
I.
II
Syllabus l
I
'· ... •i,•. !, .. .. ". /)!:
loT Design Methodology : Steps, Basics of loT Networking, Networking : Components, dnternet
Structure, Connectivity Technologies, loT Communicati9n ·.~ od.~I~ .~~~;. 1.9~~~,r,p_u~tio,n '. ~Pis,
Sensor Network
Four pillars of loT : M2M, SCADA, WSN, RFID
c~~·e St~di·~r ,H:~m·~ Autdmation using'loT c~;m·unicatidn rnociei~'ind.io'f ·~~rilunicati~h APrf '
. l. -·~
3.1 Introduction ........... ,.::....................._. .................s•• ,.-, ........ ... . ...... . ............... :, ... :;• •••••,i:,::"·"···.'··;·... ::i<':!.,,....,.................,.;...... 3-3
3.2 .loT Design Methodology ..._. ...............................................................................t :".'M~};.;.:t~ft.;:;-.Kf.:;.....................3-3
ua. Explain the various steps ill loT design melh<?9.<:>logy'? . (SPPU- Mar 18, Ma 18, 4 Marks ...... :,: ..........:..... 3-3.
3.2.1 · Purpose ~nd R.equirernents Spllcillcation ..,.,.........._.., ....._. .......,.,....,..:......;,,,......,.1:;.;•.,..;:.,.·...:;,._;..!:·. ;.._. ....... ............ . 3-3
.. \ .
ua. Explain purpose. and fequi.reme11ts specifica\i9n~ step 9f loT~y;;t~rn. d.l!lsign m~Jh.mlogy, l;90sider smart loT :
• based home aujomation·systen;i.as;al).example.
1
(SPPU- Mar 18, Ma 19, 5 Marks)
. . .,;· .. ,,._. . .......... ........ 3.3 .
. •• " : 1 , ,.:•1' '. ~--• : ~ I .-,:,J"1~i.,;: f / }f ~- ., .. -::,: I'•• 'I
3.2.2 Pr?c~ss Specificalion ......_. ......:..............:···:·.. _. ..:::··:···_-........._. ..::·: ...... _._. ......:-., ................................1_._.,.,,... ...,.,;..;:...... 3-4
ua. Explai.n process fO~~I s~ecj~~}~?'-1 ,s}~p.,t;>!_!oT li~S\rl".,d~~!~(i,'!l~tr.od~loJ!Yt. (:(l~S~~r,s~~!~l- ba~.~d home
automation .system as.an example ., .......................................:-rr,:•·i•.... '°.,.. '.........3-4
3.2.3
ua.
. .. " .• I •• ' -
· Domain M~I Specification ·.·::······ .................. :.. :::···:·..:·::··· .. :·:··:··:·:·:· ..·::·:··..::·:··:::::··::.:.: ...;.:1~,vt;..·..:::ii:7
··- ·· . ......... ... ,.; H.
<..
.... . \if ,l.
3-4
Explatn domain f!lOdfll
, . , .. , :
spe_cifi~ti9n step ~f·.loT
. . . :'f,·~~ .. :_'•'.'i.-~--~
liY~tem de.~ig~."l~tCT9dology,
.. . ~.,, -
c.o.nside,<:,~~-r:\.loT•bas~.
,,,: . t .,, l~i, ,• · . · · ,..:. . ? 11 .. J : •'I..,,, , b ~,:,+\ _.;: . ~
home
. ..... ,..,
automation system as an example. •..............................................,................... 3-4

. ... . . . ./·. ~\:: .:.~:: t-..r· .-_.
·J .2.4 Information MQd.el Spe.cifi~tion..,...,.........:...,..........................;,··..·· .. - ·.........,,..............,.,............._., ..........,....... 3-5
" '.. . . . :. ' -- - ~· . . . ...., :1 :·-- :,_-·_1_,. ··- ,· ..... ,;·, '_J.,_ : i-: ::··,.,. \i•: -~-\ ,
ua. Explain information model specification step of loT system design methodology, consider smai:t loT - based
.,, • . - I. . . .. ... . \:, ·· :.:i ·;-:,w-J,5,>1!} -:...
home automation system as an examp e. (SPPU-Mar 18, 5 Marks) .......................................................·... 3-5
,·
3.2.5 Service Specifications .........................................................................................,........:................................... 3-6
UO. What is the importance of service specificaUon loT design methodology. . •....... .3-6
3.2.6 loT Level Specific~lion ...................................................................................................., ................................. 3-6
3.2.7 Functional View Specification ............................................................. '............................................................. 3.7
UC. Explain Functional view specification step ol loT system design methodology, consider smart' loT-based
home automation system as an exampl ............................................ 3-7
32.8 Operational View Specification ......... ,.............................................................................................................. 3-8
32.9 Device and Component Integration .............................................................................................,................... 3-9
3.2.10 Application Development .........................................................................................:......:.:...,..;.,.,:.. :·............. 3-·10
"11emet of Things & Embedded Systems (SPPU-Sem .5-Co,np)
3.3 Basics of loT Netwooong _ _ _ ·--··--·-· -···-···-·· ·--·······- ·-···-··-··... --.-··--·- ..........- ......... 3-10
3.4 Ne.'Wori(ing Components·--··-·- ..·-······ ..............- ........... - .................................................................... .................. 3· 11

......................... 3· 1I
3.4.1 Functional Components of loT ·--.. ·········-············.. ·········· ...................................................
...................................... 3· 11
3.5 ln!emet Structure ........- .................... ·-···-······· ....................................................................
............................ ... 3· 13
3.6 Connectivity Technologies ......--··-·· ....... _................. .......... - ...................................................
.................................... 3· 16
3.7 lo T Communication Models ......................................................................................................
ua. List various loT communication models. ti-i44•0Mttli:fJMffi:fij ......................................................... 3• t6
............. 3- 16
3.7 .1 Request· Response Communication Model .................................................. ,..................................
.. ............. 3· 17
3.7.2 Publish-Subscribe Communication Model .....................................................................................
ua. What is Publish-Subscnbe Communication Model ft.i44•0U1Jt4iMtrJflj. ........................................ 3· 17

......... 3•17
3.7.3 Push-Poll Communication Model ............ - ........................................ ...................................................
............... 3· 18
3.7.4 Exdusive Pair Communication Model ...... - ................. ..................................... .................... ...........
T ................. .................... 3-18
3.8 loT Communicalion APls - ..................................................................................... ...............
ua. Compare REST4>ased commonicatioo aod Web Socket communicatioo API .

J. 3· 18
...................... .. 3· 18
3.8.1 REST-based Communication APls ...................................................... :.................................
... ................ . 3· 19
3.8.2 WebSockel-based Communicatioo API .................................................................... .................
ua. With the help of appropriate diagram explain WebSocket-based communication APls
...................... 3·19
tSPPU- Dec. 19. 3 Marks) ................. .................................................................... ................
Sensor Networlc ....................~ ...........................................:................. ......... .................................
......... ....................... 3-20
3.9
....... 3-20
3.9.1 Wireless Sensor Netwonc.. ................................. :................................................... .................................
................................................. 3-21
3.10 Four pillars of JoT .............·--··-···-··· · ...................................... "..................................
ua. Draw and explain the fOUf pillars of loT paradigms : ..... :......... :......................... 3·21
... ·........................... .. 3-21
3.10.1 M2M .................___ ......................................................................................................
__ ................- ... 3·21
ua. Explain M2M (the internet of device) pillar ot loT. (SPPU- Dec. 18, 4 Marks) ... ··......... _.
................................ 3-22
3.10.2 RFID ...................... - ......................................................................................................
......................... 3-24
3.10.3 WSN ............. -····-···· ......................- .....................................................................................
. 3-24
ua. Explain WSN (the internet of transducers) pi~ar of loT (SPPU - Dec. 19, 3 Marks) ..................................
3.1 0.4 SCA D--- ----- -- -·--- ........·-·-···...·--........... _ .. 3-25
ua. W?iat is SCADA ? What are lhe different ~ocks of $CADA (SPPU - Ma 18, 5 Marks) ............................. 3-25
·......... 3-32
(• ChaJ)l:er Ends. ................... ·-··············~···········.. ···· .. ····--·······--····················································· ··.......
(SPPU-New Syllabus w.d academic year 21-22) (PS-35) ~ Tech-Neo Publications__A SACHIN SHAH Venture
=============------:---:-:----:---:-::--=~~-~-:-- ~
Internet °' T · & Embedded Systems (SPPU-Sem.5-ComJ)) ) ... Pa e no. 3-3
- . .
_!!~~J~.•~-_!1Nn~~O~D~U~CTl!!_£0N!!_::_
·· ;,~ - .:..
· -~_::. ::~.:,_ _;::;_ ..,.;... ------- ---- ~
1
• In chapter 2 we have studied about IoT, PhJ,·si·cal design of IoT, logical design of loT, diffr rent '1
application and deployment oflevels of IoT.
· ·
' ~
• hall
So the Designing loT systems can be a complex and c engmg · task IoT systems involve interactions
·
· . . ~
between vanous components such as loT de,.1ces, · ne twor k resources• web services, analvt1cs•
compooeot.s, application and database servers.
The role of loT designer is to design IoT system to keeping specific products/services in mio d .
• The proposed methodology have reduced design, testing and maintenance time, better interoperability
and reduced complexity ofloT System.
i- - - - -..- - -.- -.-_.-\.--: - ~-,- - ---.;;-.-\- -- ~ ~, ~ -,.-: ~ 7 - - ~ - ~.. ~ :- .- .: : ~ ,-~ : .- - - .- - - - - - - - - - - - - - - - ~

1
~
m~thtidol6gyff,-;,~:.·:1'."f_i~_::'"'i;:': ":..·-:-,···
,- UQ: hpfc3rn the' various steps ~r1-1or'disign 0
- - - - - - - - - - - - _._. _....._. ___ ._ ~, _-:_ . ..:.•~· -1.· -,·-'-a:. _ ._.._.,_....,.. __ ._... _ .i ----··----·---•-"'o io '--·-..~-·-·-...._..... --.
1
loT Design Methodology that includes :
~
1. Purpose and Requirements Specification 2. Process Specification
3. Domain Model Specification 4. Information Model Specification
5. Sen·ice Speci.ficatiollS 6. loT Level Specification
7. Functional \'iew Specification 8. Operational View Specification ~
9. 0Pvice and C.-0mponenl Integration 10.Application Development
To explain e~·ery step of loT design methodology we will consider one example, loT based Weather ~
Monitorin g System.
~
~ · l.2.1 Purpose and Requirements Specifica<ion
.J
I
The first step in loT system design methodology. I~ this step it defines the purpose, behavior and
requirements of the system. This step also defines the
(1) Data collection requirements (2) Data analysis requirement
(3) System management requirements (4) Data privacy and security requirements
(5) User interfaces requirements
Consider our example loT based Weather Monitoring System, the purpose and requirement of
system are:
(1) Purpose : Purpose of this system is to collect data on environmental conditions such as temperature,
pn-.s:.--ure, humidity and light in an mea using multiple end nodes.
(2) Beha,iou r: Weather alert can be sent to the subscribed users with the help of such application .
(3) Data collection requirements : The end nodes send the data to the cloud where the data is
aggregated and analyzed.
(SPP'J--New Syllabus w.e.f academic year 21-22) (PS-35)

1§1 Tech-Neo P\Jblications.JI SACHIN SHAH '✓enture
lnternrt "' Th1n9s & [ nthl'<1\11•d Sy:~lt~fn!i (Sf 'l'U ~.orn 5.1,pt!tp) (loT n,,,,,rJ11 ~l!tlt<tlt, !'!J'/)·•· 1'~?'.' ~) (3v-:i).
1
Ll11•11 '"' flrtillyz,·d :111 1I Vlil 1Jalw·d by

(•I) I} a,;. ·
' n•11111n•m1•111
... ..n na Iys1s • • l'Olif•!'il'd in till' doud
• ,• Tl1 L, dnt·1 C/1 11
rloud h.1::ed applic.1t1,111 s
~ 3. 2.2 Process Specification

.- - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - -
1 UQ. Expldin process model specif,cat,on step of loT system design methodology.
1
<onsider smart loT- based home automation system as an example
(SPPU - Mar 18, 5 Marks)
----- -- -- -------- ----- ------------------- --
• This step is used to document, analyze and explain the decision-
to
making logic and formulas . This step ·is used_ create output data
~ from process input data. So the process specificati~n is d~fined_with __
the help of use cases. ·
• f\lain objective of this step is to flow down and specify 11c11Fig. J.2.1 .:.~se case or W,eather
regulatory/engineering requirements ~d proce~ Monitoring System··
. .
Fig. 3.2. l shows th~ process specification for the weather Monitorin~ sys~m. In -this process
specification the sensors are read after fixed intervals and the sensor measurements are stored.
~ 3.2.J Domain Model Specification
The third step of loT design methodology is domain model specification. In this -$1ep it describes ~~:_
main concepts, entities and objects which are used design the system. It also defines the attribu~s of the
- obje~~-d relationships bet~een th~m:. The Entities, Obfects and C~ncepts .include· th~ following sub
entities like Physical entity~Virt~al entity, Device, Resource, Service.
(1) Physical Entity : Physical Entity is a discrete and identifiable' entity in the physical environment
information o·r actuation. For example, a room, a light, an appliance, a car, etc. _are physical entities.
(2) Virtual Entity: In the digital world Virtual Entity is a representation of the Physical Entity. For each
Phy~ical Entity, there is a Virtual Entity in the domain model.
(31 Device : An interaction between Physical Entities and Virtual Entities is providing with the help of
device. Devices are either attached to Physical Entities or placed near Physical Entities. To gather
information about the physical entities or actuation on physical devices are used.
(4) Resource: Resources are soil.ware components which can be either "on-device" or "network-resources".
(5) Service : An interface for interacting with the Physical Entity is providing by service. Services access
the resources hosted on the device or the network resources to obtain information about the Physical
Entity or perform actuation upon the Physical Entity.
In our example in domain model specification,
• The physical entity is the environment. It monitors the environmental condition .
• So there is a virtual entity for the environment.
• Devices include temperature 11ensor, pressure 11cnsor, humidity seru1or, light sensor and single-board
minicomputer.
(SPPU -New Syllabus w.e.f academic year 21 -22) (PS -35) ~ Tech-Neo Publications..A SACHIN SHAH Venture
Intern'!! o! Things & Embedded Systems (SPPU-Sem.5-Comp) (loT: Design Methodol!?9J.22a:J_~_"?_ (~-S)_
• Resources are software components which can be either on-device or network-resources.

Services include the controller service. The role of controller service is to monitors the temperature
pressure, humidity and light. It also sends th~ readings to the obtain the services from the proccs~
specification and information model.
• The Fig. 3.2.2 shows detail structure repre_sentation of {1_0µ1ain J.Tlodel specifi~ation.. . . ..
I
u·ser
Invoke/Subscribe a
Human. •
User-- • • •
I
i
- 'ASSodafe<t·· · (;l -,.,; ·" .. ·
with ..<· Vu1ual Relates to · .Phyaical ·. Monitors
' " Entity ' : ., .. . ,. E.r>!i!Y_,
Exposes
Environment Environment
Resource Associated w~h

Unil
Network
Resoi,ce
Drive ·
Resoi.ce
Hosts
. ~ · ', •: ··.· Ma,iconiP~r ·. '' ·

I
Allached to·... · . · Allacheo to
___.,.. Aggregation .
Teqj. 1.- Preiiure · Humidity.'·, -{-1.lgtit ,. ··,
- Generalization/Specialization
Sensor .' ~nso, _Sensor . . ··-Sensor :. , •
·,✓ -~ :.·:-. l: f •. '• ~• . ~.-.·

11e21Fig. 3.2.2 :·Domain model specification o(Weat~er
. ... .
¥,oni,toring System .\
a l.2.4 Information Hodel Specification
• In information model specification the structure of all the information -u fthe IoT·system is defined. It
-also defines the attributes and relatio~hip between the~. B~t it does· hht 'd~~cribe that how the
•.
information is represented or stored.
-•~
I
·• - - -• _.,. _ _ - • ___..-
'· ... ,:·• ..... .,, . '
. ;! . • f . I f •
t • In this step the structure is represented with help of class diagram. The following Fig. 3.2.3 is class
t diagram of Wealher Monitoring System.
(SPPU-New Syllabus w.e.f ilcademic year 21 -22) (PS-JS) Ii} Tech-Neo l>ublications...A SACHIN SHAH Venture
lnlemet of Thin & Embedded S ems SPPIJ.Sem 5-Comp
Virtual Enllly
Envitonment
Ent,tyType
Environment
I·,
.\,.
';
I I Attnbute: State Attribute: Stale · Attribute: State Altnbute: State
~I Attribute Na~:
AtlrrbuteName: 'AttributeName: · ·Attr1buteName.
light
I
temperature : pressure humidily
has has
has has
value valu e
value value
Humidity: val light: val
,Temperature: val Pressure: val ·
;,
..I ,t
;,I (1C3}Fig. 3.2.3 : Information Model Specification or Weather Monitoring Sy, tem
j ,! I
:,,! '
'!
B. l.2.5 Service Specifications
i
\· I
I r~f}~~;~-~c~f€af!;~-f~-:-~-~:-:-? ~-.' ~:~:~·,:)~:.:~:_:.·~.;};~~.---:~--~---:~:·--~-~---.~- ~::·~,r~-_::.·~:~{:
,,' ' l L GQ:. Descn'be vari0<1s services in lo'I system. . . · · · ' ,.
I I ·- . • . - . . . ,
i UQPNhat is-the importance• of service specificatioo loTdesign ,n.etnodology.• - -.. (SPPU - May 19, 4 Ma~ s)
!. "•..- •..•":.·"· • -• -- -· •.- ·• - •• •- L--:i"~- - .,..._ ..--t_ .._. >• • •• - ~ ·• •- . _ _.. - - - - •- •• ·• - ¾ - ....~ ... _,. _ ~ . ".,,;" -1 .;,• - - - - - - --- ~_ ,.._ . - • - - -- - • - • - • _ .,,
:,
• In service specification step it define the services in IoT System, service types, service inputs/outputs,
service endpoints, service schedules, service preconditions and service effects.
• In previous steps process speci.licat ion and
information model, identify the states and Service
attributes. So for each state and attribute we define
a service. These services either change the state or Name: Controller
· ·· Type: Native .
attribute values or retrieve the current mode.
• In our example Weather Monitoring System there
t11,, is only one service name is controller service.
.' I
''
: .I
I
• The controller service runs as a native service on ·
the device. It monitors temperature, pressure, ;· Output ----- • t.
.- Schedule ~',
,.,,,.
humidity and light once every 15 seconds.

Temperature
• The REST service to store these measurements in - Pressure ..· Interval: _,:,.,
the cloud which is called by controller service. Humidity
i Light
, Every 1 ssec::
• The Fig. 3.2.4 shows Controller service specification ...-_ _ ___,
diagram of Weather Monitoring System which
consist of service name, schedule and output as f1Ct1Fig. 3.2.4 : Controller serYict speci(JCation or
well as relationship between them. Weather Monitoring System .
'B. l.2.6 lot level Speciraadon
(SPPU-New Syllabus w.d academic year 21-22) (PS-35)

Iii Tech-Neo Publications.~ SACHIN SHAH Venture
r
I 1oT· D,)s1 n Methof1n1r..-..., p
Internet of Th. & Embedded S stems SPPU-Sem 5-C .... ~ no. (3--7)
LDCAI
• In previous unit we already studied
deployment levels of IoT system. I
I
I
• The sixth step loT design REST
Co!'Tll'T1Ul101t0n
methodology decides the ,?eployment
'
level of IoT System. So this is
important step of loT design
c-
methodology, There are six . Con1n>llo<
deployment levels. out which we have

to select deployment as . per __our
system.
• So our example fits into level 6. The
Fig. 3.2.5 shows the deployment Ie~el
of Weather Monitoring System. Monl1Df1"!>
Nodes
• The system consists of multiple

nodes. These. ~odes placed _ in 11 csiFig. 3.2.5 : Deployment Level of Weathe! -~lonitoring System
different locations for monitoring ,
temperature, humidity and pressure iri an area. j
• The end nodes are consist of various sensors. The application -is cloud based application so the endl
Dr
nodes send the data to the cloud and the data is stored in a cloud database.
• The analysis of data is done in the cloud to· aggregate the data and make predictions .
a l.2.7 Functional View Specification.
In functional specification step the functions of loT System grouped into various functional groups.
There arc different function groups which provide func~i?nalities for interacting with the concepts defined in
Domain model specification. The Functional View include the following functional Groups (FG)
1. -Device : The device FG contains devices for monitoring ~d cont~ol.. For Example,· SCB, light sensor,
relay switch.
2. Communication : This group handles the communication for the IciT system. The communication FG
includes the communication protocols and . communication API. Th_e commonication protocol is the
backbone -of IoT systems and enables network connectivity. For Example, 802.ll; IPv~s. TCP and
HTTP, Communication API REST/WebSocket . .
3. Services : The Servire FG includes various services involved iq loT system." For example, Device
monitoring, Device control services, Data publishing services and Services for device'iiiscoveiy.
4. Management : This FG includes all functionalities that are needed to configure and the IoT manage
system. For example application management, database management and device man~ement.
5. Security : This FG defines security mechanisms for the IoT system. For example authentication,
authorization. data security etc.
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35) ~ Tech-Nee Publications...A SACHIN SHAH Venture
Internet of Things & Embedded SyS1ems (SPPU-Sem 5-Comp)
(loT: Design Methodology}... Page no. (3-81
6. Appli cation : This FC includes an application that provides an interfac
e to the users. It is also used to
control and monitor various aspcctil of the IoT systems .
TI1c r'1 g. 3 2.6 shows the ~lapping deployment level to functional groups
for the weath<' r monitvring
;;y~trm
Loc•I Clou d
,.._____, , I
Observer
Node
I
REST
Communa uoo
Web App. Applicalion Database

5e,,,., • Server
Analybc:s S•nrlces Security

Centraltzed Componen t
~~
Controller
~~ Authenti•
cac on
Communic ation
Database Authort•
Mgmt zation
B Devices
t.AoNtormg
Compubng
NOdes
· Devices
pc,1Fii:. J.2.6 : Mapping deployment le,·el to fonctional groups for the weather
m?nitoring system
In above di agram
• loT device maps lo the Device FG and manage ment FG (Device Mgmt.)
• Database maps to the Database FG (Database Mgmt.) and Security FG.
• Hc~11urcrs maps to the Device FG and Communication FG.
• Conlrnllt•r Scn ·ice and Web service maps to the Service FG.
• Analytics compon ent maps lo the Application FG.
• Oh:-crvl'r node ma ps to the Application FG.
• Applirnti,m maps to the Application FG, Management FG and Securit

y FG.
~ l.2.8 Operational View Spedfiation
--
~
·.••:·\,; _··~--· ·.·.~- ~ : -~--< -•/:;.: :•-::-:-r'.':
- -- -- -- - --- - - - -_•.~.:..:. - :,;, ~:,:,_,_.,._.··.,::
: GQ. Explaintn detail operational viewspecification.
·- -- - --- - - -- - ---- - - - - - - ---- - --_--- -,-..
- ·_-: ,._~;.- ,
In this sl.t'p, it defines the various option~ suitable to the lo'.!' system
dep~~yrnent and operati on. These
ran bl- a st-rvire hosting options, s_to~age opti~n_:;. device options, applica
tion hosti_ng op~ions, etc.
Opt' rational view Weathe r Monitoring System is as follows:
I. Computing Device- : Raspberry Pi, Tempe rature, Pressur e, Light and

Humidi ty Sensor.
2. Communication APls : REST service API
-- . ·- ---- -- - -- - - - - - ~ - - - - -- - - - - -
(SPi' U· !liew Syllabus w.e I acadt-mlC year 21 -22) (PS -35)
~ Tech-Nee Publications...A SACHIN SHAH Venture
Internet ol Thinos & Embedded Systems (SPPU-Sem.5-Comp} · (loT: Desil)n Mcthodo f~~9~ no_J_~~
3. Communication Protocol : Link Layer - 802.11, Network Layer· 1Pv4/IPv6, Transport TCP, Application
- HTIP.
4. Native Service : controller service
5. Web Application: Django Web"Application, Application Server - Django App Server, Database Server _
Xively Cloud Storage, Ana!ytics: Hadoop, Observe~- Cloud App, Mobile App.
6. Security: A~thenticatio
.
n: Web App,
. - .. .
patabase,
:. . . Authqi:izatio
. . •. . . APP,
n: We~ .
patabase
'
7. Management : Django App Managepient Database Management - MySQL DB Management, Dev ice
Management - Raspberry Pi device Manage
. . : ~L:. ~ ., . .
'& l.2.9 Device and Compon~nt 1.ntegration
• 7 , i '' . :·~:·.;., .. : . . :. i.. . . ' ,... '
l • . _. . ,. '. f
. ~ . _·• ·..· . _.,. .. ,, ."". .. ' , , --~1
-._ -- • . •
'.·:} ~ :· ~-" ·· . ,
I . . • , I ."' , . :;. '
r GQ. What is device and ccimponenffnt~ratio'nf·,.-,.. -+•:i,,·.1--•,··.::-••!th<u.,~:i~r,;.,}·,·.;_:;:tJ:'::\:~,i;.:',,,:!'.'.'" •;~ -~':°''''··

~ -· - - - ~ :; - - ,
·- - - - - -·------• - ___:~.;, .:.' _.. ._:::.:.:.;:.;.::.--.·:,.
. ,.
._;_:~~:=.:;~'.-~,.: .~;:-:;.:.-::_·.,ifh.-
' ··~ :, ·,,.· ;-. _..
;.::; ~Q/~::-~~::;::~~-~::.: ·~:-:.~_. .~,,.·.·. :;.._ ~--· ··.;,
·.i •·' ")I . '..._: , ;. .~ ·..
.• • .
• The ninth step in the IoT design methodology is the integration of the devices and components.
• The schematic diagram of the weather rnonit;i>ring system.is shown
.'
bel~VI:'.: ,_ . .J.. i• •;
• • ; • ~ • " I " • , l 1 ' • • l
, r IH !)j ~ 30:>8V
. ..... • J; • •• •.• .
Unit
. . .. .... .. ..ii ....
••••• a:: •••••..
.... .. ... .
......
'
. .
•
I
. .
•
.- I
.....··•. ...
i. ....
.... ... ... ... ...i .....
.
•
...
...
•
I
I
... .. ...
•
,
'
•
I
I
I
I . •
I •
•
I ~
., ;
ii
. -
·
~
.
.. .. ... "'..°.•·.,. ....
!
- -~
• • • • • • • • •.;i ••
:~--~
.
••
.. .
,.....
-~~:- ..1,: .•.-11~~----
......
..
•• •
;,.
",\• ~
•.:,ma::
::;~,
. ~~
.. .
-
. . ..
·'-'
.. .
~
-~
~lW ....
.. '
~~~t;.
t;~
...... .. ........-:
.. :....•.... ·..1~
~··•,':"'•·; . :
....
' '
~~ .. ~ -. ' ..
}t~;.;::.::.:_ .,
..•..•..• ..•-Cl ....••
• • • • It ••
6f)jli...4! .
.... ;~t½:
;~~•~{>_ •
-:: 'J .•
.... .. .....
·:-: 1 ··-~
~ ~. .....: . i ..
..
... . ;_
·.
.
.. .. .
:.=I ~-= =
.. .. .... ..=~••.
::::.
. . . . .... .
........ .... ........ ............... ... ..
.... .. .... ..a....
r llf!>l
... . 3 :>1 w
., ' ~
(1C7lFtg. 3.2.7: Devitt and Component Integration or Weather Monlto~~g,s_yste~·,
• The devices and components used in this example are Raspberry Pi .minicomputer, temperature.sensor,
humidity sensor, pressure sensor and LDR sensor.
(SPPU-New Syllabus w.e.f aca~mic year 21-22) (PS-35) ~ Tech-Neo Publications...A SACHIN SHAH Venture
I Internet of ~ngs & Embedded Systems (SPPU-Sem.5-Comp)
'a. l.2.10 Appliation Development

(loT: Des9~ othodology).... Page ~ - (3-10}
This is the last step of loT design methodology. In this we develop the loT system.
* :-l.J '.:<_; BMICS ..·of

.
.IOT NETWORKING
_,. ·- · . ,'
• We know that that IoT has evolved a lot. An IoT as a very complex system involving sensors, actuators,
networks, local area, wide area internet and different servers, different algorithms, machine learning
. and so on.
All these executing together to make the system function as one single entity.
• ~ IoT based system consist of physical objects and th~t are fitted with different sensors. These sensors
basically sense different physical event or information ~hat is occurring around them.
• These sensor are fitted things, sensors actuators and different other devices. These are one component
of the loT.
• I
These components become different nodes in the netwo~k
:
or individual nodes in the network.
• These nodes communicate with one another and the in.formation that is sensed by these sensors is sent
to the other sensor nodes or the destination nodes.
• So this information has to flow through the local network and then, if the destination is ou'tside this
local network, then it is sent through the internet. i
• We are talking about an IoT which is basically internet based IoT. So the flow of information is through
the internet or some other wide area network.
i .
• Finally, it is arrive at the intended destination node fotj further processing.
• i
• There can be some analytic engine which is running oriI some ba-ckend• server·to: make
.,
the analytics and
decision can be made for actuation. i
• So there · different protocols that are used for sopiething •different ·puq,~ses i~ . IoT. The IoT
communication -protocol con~ept already explained in p~evious unit also details about these protocols we ·
will see in next unit. . .. j . .
• So, when we talk about IoT network we consider followmg points.
I
1. Network architecture
. is communication
. between IoT
I device. and the outside ,vorld. ·
2. Correct choice of communication technology indi~ates the IoT device ·hardware requirement and
~~ I
!
3. IoT based application single .network paradigm is not sufficient to address all the needs of IoT
device.
4. Complexity of netw~rks in that we have to consideti the issues like
• Growth of networks
.. Interfacing among devices
• Network Management
• Heterogeneity in network
i'
,,
,, J • Protocol standardization with network.
I
i
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35) ~ Tech-Nee, Publications...A SACHIN SHAH Venture
Internet of Thin s & Embedded S ems SPPV-Som 5-Com
• In previous section we discussed about basics of loT

networking. Now in this section for IoT system, we
will discuss networking components. '..< Local Wetworl(
"·
• The following Fig. 3.4.1 shows the IoT based ,,# ,: '
- lot
... ·•,:.~·
.. (. ·t•·~ ·,
. . IE'-----~ .,~. lnttrnet
Networking component. ··'components''.
:'"; .,. . ,,::{•j;~ -:~
• We have different things. Thes:e things can be
.::Bickenc Services-'·
different physical objects which are fitted with , ,t,...., . ......
different sensors. For example things like telephones,

lightning systems, cameras, different other scanner,
sensors like the temperature sensor and so on. 11c,iFig. 3.4.l : Basic loT Comp<-nenl5
. .
• These things are able to communicate with one
another with the help ofwirel~~~ technolo~es like Zigbee, Bluetooth, Wi-Fi and so on_.
• This informati~n from these devices, will pass through· a local nErtwork and from a ·local network, they
will go through the internet.
• -· These data are basically sent to the back.end services concerning different server's processors to run
different analytics and.then based on that different devices can be actuated.
'B.. l.4. t Functional Componenu of loT
For building IoT system following functional component are important.

L Component for interactipn and communica~on with other IoT ,devices .-.
2. . Component for processing ~d analysis of operations.
3. ·Component for internet interaction
4. . Component for handling ~eb services of application.
5. Component to integrate application service.
6. User interface to access IoT.
Internet is interconnection of worldwide computers in the form of a network. The user can access the
knowledge from other computers. The internet is also defined as a network of networks. There art different
variety of public networks like LANs, WANs, and MANs.
Structure of the i.JJ.ternet
The structure of internet is divided into three parts.
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35) ~ Tech-Neo Publications...A $ACHIN SHAH Venture
r
iI •
ln1ernet ol Thin9s & Embedded Systems (SPPU-Sem.5-Comp)
I. In ternet Addres s
(loT: Design MclhodoiO<JY) ...Pa9':_'!_0. (3_
-12)
r • Ccmpu ters connected to the interne t means that the systems arc
connected to comput ers' worldwide
►
network . It is necessa ry lo that each machine/device has its own
or unique address . Addresses of the
interne t are in the form "xx:x.xxx.xxx.x.xx," where each "xxx" ranges
from 0-256. The structu re of the
interne t add ress is also known as an Interne t Protocol address . Fig.
3.5. l shows the conned.ion between
two comput ers using the interne t
Communica lion Communicalion .

Device 1 Device 2
Fig. 3.5.1 : Computers Connection through Internet .
• Using lnteme t Service Provide r (ISP) a client connects the comput

er with the interne t.· The ·c1i~nt's
. ' . . , :~ .. '
;-•
system is allocate d a tempor ary interne t protocol address till the
~ommunication . However, if someone
.
with interne t using a local area networ k (LAN), the client is probabl .
y assigne d to a perman ent, interne t
.' :I.
protocol. ~t the lime of conn~ction, the system will have a unique
interne t. protocol address , Throug h ~
comma nd ~-Ping" to ensure the· interne t connection on the ·system
I• . This facility is available on: all the ·.
'
Microsoft. Windows operati ng systems and sometimes on a flavor of
.· . Unix
.... ' OS
. ,·". .
2. Protoco l Stack and Packets
• As the device is connected to the interne t with a uniqu·e ·address . The next thing,
whatis the proi:'edure .
to commu nicate the device with the system at another encl? For
underst anding purp:ise,· we :·are •·
conside ring an exampl e. As we discussed in Fig. 3.5.1 one 0
system holds an IP ciddress',' fe., :

• : ,
173.196.95.98, and the second system contain s an IP address , i.e., 162.194 l .
.60.98. Suppose cliin~ ~ant to·'

send a message "Hello XYZ" to another . In this example medium of
co~mun ication is wire that ~rm.~cts _:·
"Your comput er• to the interne t.
•' .. ', ~ ·:... . .
. . .
• If you are using ISP facilities, then the message will be communicated
via phone line of.ISP. In Uiat
cai-e, the first messag e will be encrypt ed in digital form: All the
alphanu meric charact ers will be ··
c~nverted into an electronic signal. The electronic signal will be
delivered to the other ccmp~~ ~-ruid · ·
then again decrypt ed into the origina l form as received on the second
IP system.
3. Complete Infrastr ucture
The framew ork of the interne t consists of multiple interconnected

large networks. That large networks
railed as Networ k Service Providers (NSPs). The interne t structu re
is built up of packets .and routers.
Addresses are embedd ed in the headers of packets .
(SPPU-New Syllabus w e.f academic ~ar 21 -22) (PS-35) ~ TPCh-Neo Publications...A SACHIN SHAH Venture
Internet of Things & Embedded Systems (SPPU-Sem.5-Comp)
~ ·l.6 • · · CONNECTIVllYJ:ECHNQLOGIES · · ,. ( I. ,fP
f -· . · . . _. : -·- :-- - .- -:-··- ~...~-: :"" - -~-- :-.--:-.. ~.- -. ~ ~ - - - .~--r-.-;..-:,. - -,:- ,; ~.·-:- ~ - - .,-.- - :.. .... - ... __
· · •
- - - - .. - - - - - - - --- - --- - - - - - - - - --- - -- -·-·- - - - - - - - - ---- :. -: - -- ---- -----.
. .
1 GQ. . What are different COl'!nectivity technologies
-
used for loT system.
• In previous section we have understood different basic

concepts that are involved in the -networking' as'pects •of •, ;, r -'.": , ·.. Applica~lon Layer ·· · ·: ·•
IT HTTP, COAP, Web Sockets, MOTT, ~1-'PP,
o · · ', '" 1. :-.:·· -'",. ,: · . DDS, AMQP
~-·, i~ ..tw.s ,:seCtiol_l.' ·We. will,discuss

different· connectivity· ·:,!. ,--~------~---,..,...--..
technologies used in IoT system. As we know that IoT Transport Layer
,·,, ,.9-;.~Jc~,co.~ ~,i,~~ w.j~~- eac~ ..o~.ter,.in 3;-,I\~~':\'9.~~cl9r. ·:r·L_➔ .,..,..,.-· .,,__ .,,c_~.. -,.,.,._--rc_P_..,..u_o_P-=--,--.,.;....-'..J·
this communication we need some :protocols. There are ;.);,',:fr·:•·;. ·Ne~rk lay~r' ;· i.,.,;, --~\:
various protocols avail3:ble for . lot system. These '
1Pv4, 1Pv6, 6Lo'NPAN . .;. ,_,y. ••
protocols are used to establish comroµnication between a ,, ,
nodedeviceandserver.ov~;,t~e-jI _1.t~JJ].E}tl"'•··n• l" ·--t· · ·,c,, -~--. ·: · · ..J ~.- :._-,--:

;,
'·. \ \ .· ·,, .. - ·~•···. ~; :.-· ; ·, 1
' t . 1 1, ,.. ,,-,,",l •~
._ ~•. ~... :,.A . · •.i-,;• . f. I •I • , l • .. :.1., ,_ ,:,_ , . .., ;: • ·,."-• ·~ : ,''i : y '1.: t l \ •. J .,J.·'
. ,. ·,..,. ·· - · ~,- ' .· .•

0
Th I'. Jl · fi h h Link Layer

• . . ~-. ~9 ~wµig ., g s.. ows,.•t e, ~tructure ..of .different '· : . .
.·..
,1,t .:
,.S02. ··
' ·,
3-Ethemet-802,16" · , ,1Afimax. ·. · ••,. ·.• · •.
.. . 802.11•WFi!.
•... .. • •. ,~.-, ,,,.1:h , ,,-, . ., •·.•.,.•!.";.; , .. ,, , .,, .. , :,· , ,
__ ,., , , , / ,-._ 3
protocols _used in va:.1?,~.., }~f.;.~:'j;~e: -~ ,- ~s~~:~~)~e . ; ~ .:,.:~:~02._15.4LR-~AN, 2G/3_G/LT~~H\Jl_ar_:-'.:;,•_.::
protocols m each :layer short. · ,; ·: .. : ··, · · · ·· · · .. ·· · · :· · ·-· ·
-Y~ ~•- ~~-· · , ••-:: 1 .:: ·1 i':, ·:'~ ·:: :, ' -' ,,. .,-~;
: ..• = • \j ,. ,
., .. .. ·· · · ' · · ··· · · · ·1i~1Fig. 3:6.l ; I~T Protocols ·
· ,· ~~- • •.; :,·. · ~• . · - ·•· • •
~ ~(a) . Application Lc1y~r .
. ,,...)R~~;l:~X.~f•.,Pf.,Otof.?ls .;~r~-R-~ h~Jbg d~~.~ c~,1\_~e,~e~t Qy~i: -th,~..netwqrt~9L~e l~wer layer protocols
using the ,applica,tion m~rface. The protocols HTTP, COAP, Web Socket, XMPP, MQfl',.D0S, ru:i~ AMQP
are us~~ application layer. 1ii'.·this section we will <14~~s~ e~ch protocol. __ -~ :· . . . . . .
. '. . . . ..~ _:;; : ,.: h:"'-{ ;-::.:, ' : !ti ! ~:•;l -,;,: :
. . .: !-~!f)f..fl.! ~;(J'·~:f,· J.
(1) HTTP
• . HTI'P stands for Hypertext Transfer Protocol(H'ITP)
(2). COAP
.: ,j .,_ 1· •.
.• COAP ~tands for Constrained Application Protocol (COAP)

.. - · --- .:. ~-· ·- · . ..... ....... . -- -
• •'
'•: , •r:.rd
.• . COAP is used for Machine to machine (M2M) applications. . , ., ;, ..r.: ·· i,
• \ .• • • • • ' ••. •, ... • ,, , . . . . . . . . , .. . .-,, • 't
,• . COAP is used.3:5 web transfer"protocolJor IoT and uses request-response model, · ~-'.·, :
• COAP uses client -server architecture
• COAP also provides methods for communication such as GET; POST, PUT·ilnd DELETE.
·•~. ,
(3) Web Socket
• Web socket is a TCP tYPe of communication protocols.
(~PPU-New Syllabus w.e.l academic year 21-22) (PS-35) ~ Tech-Neo Publications•.A SACl-l.lN SHAH Venture
rn
./"
•
•
(loT: Design M e t ~) .. ..Pa']8 no. ( 3•14)
Before Communication it establishes a connection for transferring the data packets.

Web socket allows full-duplex communication over single socket.
(4) MQTT
I • MQ'IT stands for Message Queue Telemetry Transport(MQTI)

·,
i • MQ'IT is a light-weight messaging protocol
I. I • MQ'IT is based on publish-subscribe model where publishers create topics to which subscribers can
l i
i I
use.
I
I • MQ'IT is suited for constrained environments where devices have limited processing, low memory
r
J;\.! and n/w bandwidth require~ent.
.. ·.1
(5) XMPP
' I • .
;,t[' • XMPP stands for Extensible messaging and presence protocol {XMPP)
·I
• XMPP is used for Real time communication and stre.a ming XML data between network entities
111
11 • XMPP used for applications such as Multi-party chat and voice/video calls.
:i·
• Like IITPP and COAP, MQ'IT uses client server architecture .
1,
!
I( (6) DDS
;1
• DDS stands for Data Distributionservice(DDS)
I
• DDS is a data-centric middleware standard :for devic'e-to-device or . machine-to-machine
communication. I
I
i •
• Like MQTT,DDS uses Publish subscribe model

i. ;
:.\ • DDS Provides Quality-of-service control and configurable reliability.
(7) AMQP
• AMQP stands for Advanced Messaging Queuing Prof:ocol (AMQP)

• AMQP is used for business messaging.
• AMQP supports both point-to-point and publisherls~bscriber models, routing and que~. Broker
here receives messages from_publishers and route 1them,over connections-to consumers through
'I
messaging queues.
.I q> (b) Transport Layer
i
; i
'.
• I
,· I
I
• Transport layer protocols provide end-to-end message transfer -capability independent of the
underlying network. This layer is also used to control the flow of data ~egments and handle· the
error control
• Transport layer protDcol provides communication either connection oriented or connection less.
(1) TCP
• TCP stands for Transmission Control Protocol(TCP).
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35)

[§;] Tech-Nee, Publicalions..A SACHIN SHAH Venture
(loT: Desi no 3-15
& Embedded S terns (SPPU-Sem.5-ComP)
Internet of Thi
it establishes the counection prior to lh
TCP is connection oriented protocol that means . . k e
• fog devices ma nctwor
communication that occurs between th' e compu 1
hi b defines how computers send packets c,f data lo
• TCP works with the Internet Protocol (lp)• w c ·
each other. .
th fl d error control mechamsm. It also supports the
.
TCP is a reliable protocol as 1t follows e ow an
acknowledgment mechanism
(2) UDP
• UDP stands for User Datagram Protocol (UDP.) .

·red to establish the connection to
• UDP is a connectionless protocol that means protocol no t reqw
transfer data. ·
UDP transfers data quickly as connection esta~lishment phase talces time.
• UDP is less reliable as comP.ared TCP bec~use it is connection less protocol and does not support
retransmission of data or removal of duplicate packets.
a- (c) Network Layer

- ~ - . - - -: -~ ~ :-: ~, ~-~ - ~ ~ ,: ..-: : ~-;:.::-~~ -: : -~.~: ~-- ~-- ~-- - -- ·- ~- - , ..
1·~·GQ
·:-~:_·~.::{::})\;;. ~/-~_::\:_ ~_.-;
--:~;.:::=✓~~li.fi~;~\ffi}i:.-~
.. What-1s ·d1ffe~ence·qetwee.n·IP,y4 and lWS.:"-~ . . .-,~•z.t,;'.~~, ....-:..t, -;2;:, :-.; i:'. ·,,it , ~.,, ....;--•.,,,~-"- -·- :"" ·..,
•~,.::.--:.:-~-'.!; :.... -~,. .:;:_r ~•-·.;;....._.,.~<t.:'i_•:-~..,-::.-¢,._..:_t.:=:-:~ ~~4!.-::~'~~~t-:..~ ~~~ ~~ . ~: . ,: :, . . _ _ ,_, ,,.. .,,.._ - - -- - - - - - • - - - - - - •
._.._,,
Network layer is responsible for sending datagram's _from source n_etwork to destination network. Host
addreSsin.g schemes is managed by IP ad~s~~- . .1 = -~
(1) 1Pv4
• IPv4 stands for Internet Protocol Version 4 (IPv4)

• IPv4 is an IP address that is 32 bit long which provides 2 32 addresses distributed in classes A to E.
• IPv4 is connection less protocol doesn't.guarantee delivery.o f packets.-
•.· _,:.
(2) IPv6
• IPv6 stands for Internet Protocol Version 6 (IPv6)

• 1Pv6 is a successor ciflPv4. It uses 128 •bits for an IP address.
.. . . , : : -
• 1Pv6 uses three types of address-'Uoicastaddresses; Multi~t addresses ao.'d Anycast addresses.
(J) 61.oWPAN
~ ·.
• 6LoWPAN stands for lPv6 Low Power Wireless Personal Area Network.
• Low power devices and low processing capability uses this protocol for network communication.
' .
• It operates 2.4 GHz frequency and data rate is 250 kb/s
G' ( d) Link Layer
;~~t-:'!~~~~ ~~~~J.i;~~~ ~!.":;:~:Sl-~~ -c ~;,i'~~~~i~-~~'!~-~ ~ff~~~r:~--.;_~;

i'-.~ ,'" tn~~~~~. ~~~::::-
~ ,--"' .~...~ ~ ~ ~~ ~-r;~j-i:..j•·~
- ~ - - - - - - - - • - - - _"ij 11--- - - - - •• .. ___ - _ - __ - '!:"- ~ _ .., .:,,:,;:,_ ..;·-;_ ._.; - ~
~;;~t~:,.I~~"!:.· .:~
Link layer protocol is determined that how the data is physically sent -0ver the network through
physical medium. .
The physical medium can be a copper wire, pair cable, radio waves or ~axial cable et/ Let's take ·a look
at some of the protocol in details.
I
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35) ~ Tech-Neo Publications...A $ACHIN SHAH Venture
Internet of Things & Embedded Systems (SPPU-Sem 5-Comp) (loT Desiqn MethodolorJY) ... Page no. (3-18)
B.. l . 7 .4 Exdusive Pair Communication Hodel '. Request Sends for Connection Setup .. ~--
·•
·
• Exclusive Pair communication model is a bi- Response for A~ptmg Request
directional, fully duplex communication.
• It uRes a persistent connection between the client Message from Client tc Server
and server. It means once the connection is setup Clien t Server
Message from Server J Client
it remains open until the client sends a request to
close the connection.
• Once the connection is setup client and server
ConnecbOn Close Request , ..
can send messages to each other. Connecbon Close Re$p()nse
._.,,. ,. :,
- -..-.
. ~· -
'11~-r_:• """
• Exclusive pair is a stateful communication model
and the server is aware of all the open (1C1l)Fig. 3.7.4: Exclusivt Pair Communication Mod~~ .
connections.
The Fig. 3.7.4 shows the communication between cLent and server· using exclusive -pair communication
model. ' . • ' I•
: GQ. Yfh~t a/~:lo! co~m~nicat½>n.~Pls! · .. . : . : ._:_ :_ ,>~ 1'.·-·\·'.;}·~:~?-~J:~,: ~-;'.?:~\l!-/ :lf~;(i >t:i\{;1,fGJ(!
, UQ. ..COmpaie REST-based.communication a'nd WebSod:et comr,iiinicatiorl'APL:;'.!}~'.-:'.':::--t • ;,
,_ - - - - - - ·- - - - - - - - - - - - .: - · ~ ~ - - - - - .; ·- ·...;-.,:,··:.: ~ ~:. - .;. .::: _·~ :,.:.~ ~ ,;.,·;..- -.;;; -:,;_.3,~;: -- -r~ ~~ ----__.~~ •..,,.. _. ._.,.,
In this soction we will study two communication APis that are mostly used in IoT based application.
Ilr fore that we will see wbat is APT.
' What is an IoT API?
• The application program or programming interface, :ir API, is ties together the conoocted "things" of the
'1 ntemet of Things."'
• IoT APis are provides the interaction between an loT device and the internet and/or -other elements ·
within the network.
~ 3.8.1 REST-based Communication APls

• Rrpresentational State Transfer (REST) is a set o:· architectural style by which 1ou can design _web
service~ and web APis.
• The.'-<: Aris focus on a system's resources and how resource states are addressed and transferred.
• REST APis follow the request-response commu.nicat~ n model described in previou3 i;ection.
• M"st of the APl.s works over HTIP which consists of HTTP command.
• The following Fig. 3.8. l shows REST communication flow .
Reso.,,cea
HTTP?ackat '.
URI URI •-~
Consist of
HTTP CH Iil HTTP Command HTTPSerwt Rep,esentalion
.' REST Payload
' Resourcn •
(1c1•1fig. lll: REST cc;mmunication Dow
(SPPU-l'llew Syllabus w.e.f academtC year 21-22) (PS-35)

~ Tech-Neo Publications...A SACHIN SHAH Venture ·
r
Internet of Things & Errt-e<t:led Systems {SPPU-Sem 5-Comp) (loT: Design Mclhodolnn ) p
. . . _ -::.~Y ... a!l~- ~
• The Fig. 3.8.2 shows the commun1cat1on between client and server using REST.
I I
Client I I
Server
Request with Payload
Response
Request with Payload
Response
{IC1S)Fig. 3.8.2 : Client Server communication using REST

',, I
REST based APis foJows the following characteristics or constraints.

1. ~lient~Se rver..:_:1:'11~ _p~ciple behind the cli~nta~erver c~~,t.raint !S th_e/ eP.~~atfon of co,n~r11:5..~li~nts 0
shoy.ld not be wcrry about storage of data in server. Similarly, the server should· not be worry about the
, • •, ' ,I , 1,, ·r
I
user interface of the clienl So s~parately client and server to be independently d~~eloped ~d updated.
2. Statele~s· : Each request from ·client side must contain all th'e·irifo~ation necessar/to understand the,·
. request. So as ()fr request server sends response .. ,. ,, UniJ
3. Cache-able : Cache constraint can be labeled as cache-able.·or non-cache-able.. If a response is cache-·
fil1
able, then a client cache is given the right to reuse that res1>9nse .dI ata
• ' '.· .... , • : . •''
for later,
.~ :
equivalent requests. ·To
•• ; • I • •·
DI
eliminate some interactions.
~. • ' • ' • •
improve efficren-::y and scalability Caching can partially or completely

.. ~ ' . .
- . ; ; .,;' \ )
4. Layered System ~ Layered system constraint, define the· behavior of components such that each
·component cannot see beyond the immediate layer. it means a client cannot tell whether it is connected ·
directly to the
e£d seryer, or to an intermediary along the way.
5. Uniform . Interface -: The cpmmunii;atjon betwe~n _a cliert ,~d, a server _~µs_t .~~J uniform _this
~~trafut.is ac~~ed by using Uniform Interface c~ns.traint. Resou~~ are ide;_ti_fi~ _;'~the requests by
URis in web bL~ system and which is unifonn.
6. Code on.demu.d : This constraint' provides provide executable code or scripts for clients to execute
in
1
their context. Tiis Constraint is the only one that is optional. ' '· ' ; I
... !.•' .. . ...

a ··1.a:2 WebSodcet•based Communladon API rclient:f ,· .. j;ServerJ
Request to Setup Connection
Response br Acc;epling Connection
Data Frame
• WebSocket; APLs ~ bi-directional~-·. full duplex
communica
. - servers.
tion iletween clients and . Data frame
• WebSocket AP"'..s follows -the exclusive pair Connection Close Request

communication :nodel. " .-
Connection Clo• Response
• Unlike Request • Response APls such as REST,
the WebSocket _APis do not require a new
connection to bE setup for each ~ e to be · tioa API
flCNIFig. J.1.3 : Wd,Sockd-based Commun.ca
sent.
. lilrech-Neo PubJications..A SACHIN SHAH Venture

(SPPU-New Syllabus w.e.f academic year n-22) (PS-3S)
Internet of Things & Embedded Systems (SPPU-Sem .5-Comp)
• Client to Lhe server com~unication through lhe WcbSocket communication begin, with
a connectio~
setup request.
• The following Fig. 3.8.3 shows the client sen.·er communication using WcbSocket.
• WebSocket communication starts with the connection setup from client to server.
• After the connection setup the client and server can send data or messages to each other
in full-duplex
mode.
• Advantages of using WebSocket APis is it reduce the network traffic and latency
as there is no
overhead for connection setup and terminat ion requests for each message.
• WebSocket APis is suitable for IoT applications that have low latency or high throughp ut
• I
requirements.
• Sensor network is a very importan t technology and one of the most importan t enablers
of loT th.at is
used for building loT.
• Sensors, transduc ers, actuators these are all very importan t things fonmder standing ofloT
systems.
• Sensors connect with one another; we can obtain importan t information continuously,
in real time
'
remotely, from a larger environment. This is the benefit-o f sensor .network.
• In sensor networks we have individual sensors, whi~h are embedded in somethin g known
. ' . . .
as sensor
devices or sensor nodes, or ~metime s 'also known as sensor modes.
• So, these modes or nodes or devices they have one of their .components which is the sensor,
and they
have other components as well.
• So, these components taken together they com.prise that particula r node or the device
which can help
them to communicate.
• One device communicates with another de~ce, that deyice communicates with another device.
the third
device with a fourth, fourth with the first.and so on.
• As we know that we _have different types of.topologies.,We can have all sorts of topologie
s that we have
already heard of in networks
• But in case of sensor networks we can use a·star topology. .
£1 J.9.1 Wireless Sensor Network

i ~tF.tion
1 i . Finding Unit
•,. I I~''
- . ~ . Sensing Unit.
. • -':'t- ,J
• A Wireless Sensor Network (WSN) is a distribut ed ! {~f-~: Transceiver '
AOC "''J j:::
device with sensors deploy over an area. , ~g;:::-:::-:----·-____....;::::::::: :::;::::;
• In WSN sensor nodes are capable of work together I lwt.- - ~. :-: Proc.uor ~
• . -- ~
with one another ad measurin g the condition of their ; 19 ~ .. Slonige J
surrounding environmenL ' Ri~~~==================::::::::~~g
• In WSN · we have different units. The following I
Fig. 3.9.1 shows component of WSN.
lfi d
Po- ·.,
1icn1Flg. 3.9.t : Basic Ci>mponents of \\1~1ess
• In WSN, the first thing required is sensing unit. The Sl'nsor Node
(SPPU-New Syllabus w.eJ academic year 21-22) (PS-35)

[§;I Tech-Neo Publications...A SACHIN SHAH Venture
........
;.,::,,,
'••.a.a.: . ;
' \'·,'. ! ~··...... -:~i-,
.~- ...-,.. ,:t r~--
toT : Desrgn Mt:!t!Odo~ ~a {, · ::::~i:~;>·:
Internet of ThinqS & Embedded Systems SPPl}-Sem.5-C omp rto. 31-21 \ .'·J
. h • al phenomena. For example lempernt .. . ·
. . . h articular P ysic . . ti.re se , 1
sensing wut b3tncally senses t e p . . A I w11idity sensor will be sens1nK the h ~so~
would be sensing the temperature flu ctuations, l u1111dity l
. . ..1 b
fluctuations .
infonnalion which 1s Set1SL'u y sensor.
TI1en next unit is processing unit. It is usNi to process • . .
• th different nodes. So with the help of trn1ts··,
Third is communication to take pl.ace between ese ,,c,ver
•
devices communication take place. ·
• Then a next unit is the analog digital converter .

. . ·t ·t . r des things such as battery and so on, which is going to ;>o wl'r
• At last the umt 1s the power um , 1 me u
these devices.
. · ·. d h ther optional units such as the location finding systems
• So, these are the different umts an we ave o
for example, GPS etcetera. ·
• The four pillars of IoT are !d2M (Machine_~o M_achine), RFID (Radio Frequency ldentificati.on), WSN
0
(Wireless Se~or Network) ~d SCADA (Superyisory Control and Data Acquisition) .
• In next section we will see details·about each pillar.
a 3.10.1 H2M
• M2M literally means 'Machine to Machine' communication .
• M2M enables flow of data between machines which monitors data by means of sensors .
• At other end gathered data is extracts the information and processes it.
• M21\f mostly ~es cellular wireless-networks,· sometimes wired or hyb~d, to connect to central server
(software program).
• M2M also called as a Subset ofloT.- .
The following-Table 3.10.1 shows the M2M applications as per Industry.· ·

·:· ' Table 3.10.1
1. Automotive Ptissenger -~ehicle anti theft I recovery, monitoring /maintenance,

safety I control. entertainme nt
2. Transportation -~~mariagement, asset tracking, telematics, manufacturir.g and
(SPPU--New Syllabus w.e.f academic year 21-22) (P5-3S)

~ Tech-Neo Publications...A SACHIN SHAH Verture
·1
Internet of Thrngs & Embe<lded Systems (SPPU-Sem 5-Comp) (ioT· Design Methodok:>g)....Page no (3-22)
Sr. No. Industry/ Vertical 1\12.M applications

..
Smart metering, smart grid, Electric line monitoring, gas /oil I water
3. Utilities/ Energy
pipeline monitoring.
Commercial and home security monitoring, Surveillance

4. Security
applications, Fire alarm, Police/ medical afert
-
Point of sale (POS), ATM, Kiosk, Vending machines, digital signage
5. Fina ncia l
and hand.held terminals
Remote monitoring of patient after surgery ie-health), remote

6. Healthcare
diagnostics, medication reminders, Tele-m~~cine
-
Highway, bridge, traffic management, homeland security, poli~, fire
7. Publ ic Safety
and emergency services. -
• For example, if your train is cancelled due to poor weather, a smart alarm clock w:mld determine the
extra Lime you'll need to t.ake a different route, and wake you up early enough_so that yo~'re not late for
work.
• Another example M2M is Smart Home, a connected thermostat can automatically switch the heating on
when room temperature falls below a certain point. You might also have a remote-locking system
cnohling you to open the door to a visitor via your smart phone if you're not at home.
• Key feAtures of M2M communication system are given below:
(a) Low Mob1lily (b) Time Controlled
(c) 1'ime Tolerant (d) Packet Switched·
(e) Online small Data Transmissions (0 Monitoring

I (h) Location Specific Trigger
(g) Low Power Con.-:umption
1· a l.10.2 RFID
• S,,tond pillar of loT is RFID that is Radio Frequency Identification.

• This RFID tag is a simplified, low-<:ost, disposable contactless smartcard.
• RFID ~s include a chip that stores a static number (ID) and attributes of the tagged object. It also
include antenna that enables the chip to transmit the store number to a reader.
• An RFlD system involves hardware known as readers and tags, as well as RFID software or RFID
middleware.
• Uses radio frequency to re.ad and capture information stored on a tag attached to an object.
• A la~ can be read from up to several feet away and does not need to be within direct line-of-sight of the
reader to be tracked.
• It uses NFC lNext Field Communication protocol), IC (Integrated Circuit) Cards, and Radio Waves.
• RFID mostly used in many industries for tasks such as personal tracking, access ccntrol, supply chain
management and so on.
(SPPU -New Syllabus w.e.1 iK.Jdt'ITIIC ~ilf 21 -22) (PS-35) Ii] Tech-Neo Publications...A SACHIN SHAH Venture
Internet of Things & Embedded Systems (SPPU-Sem.5-Comp) (loT: Destgn Methodology) .... P;i~~.@:2J}
~
• The following Fig. 3. 10.1 shows the architecture of RFlD.
Backend
i - - - ~ Database
Tags Gateway • ---c ~,Application.·
.,,.•.-._: i - - - ~ Database·
.
t·~.:~. ·:_.:.:;:~,. . ;,_,:.t:... .... \ :
User lnte_rfc!.<;~.
t1C1e)Fig. 3.10.1 ·: A General Overview or JlFID Architectu~

• • ·, :. • ' • ' •: , ,...l . j • ~
• Firstly items tags are scanned by reader; Secondly in- backend transm,it~d ·data ·co'rr1ing thro_ugh
antenna are being recognized by RFID based system PC. • ,· · . · •. · ·
• Gateway acts as middleware communication between items; read~r a ~ystem: database: At th~ end it
Un
filters out and store data in RFID database. Also it checks th_e dat!l fault and r~leyll?! operation.
h:I
IGi" RFID. applications
:.· .' .'J •
II
Following Table 3.10.2 show_s RFID applications used in different domain; -
Table 3.10.2
1. Manufacturing and Processing Inventory and pr~~c~n ·process-monit(_)ring , Warehouse

order fulfilment · ,.. .·, · · · ·· · ·, ·
2. Supply Chain Management Inventory trackin,g systems, Logistics management ,

3. Retail Inventory control and customer insight, Auto checkout
with reverse logistics
4. Security Access control.,
Theft co·ntrol/prevention '·' ··
5. Location Tracking Traffic move~e~i control and parking :m.,anageD:l~~t ,
Wildlife/Liyestock monitoring and tracking
Q> The working example of RFID application
• A RFID base Attendance System: RFID system is used to marinatin~ -~d .checking database for
• • •, ' •• • •
I
• ..,- I
members ofan institution.

• The basic idea involves each person of the institution having ID card.· So when this card is swiped
against
•
the reader, the person's information is matched with the existing s~te~ in· the database and
I •
his/ her attendance is marked. ·
• RFID is considered as a non specific short range device. It can uae freque~cy ~ without a license.
The categories of frequency range are as follows. ·
(SPPU-New Syllabus w.eJ academic year 21-22) (PS-35) ~ Tech-Neo Publications...A SACHlN SHAH Venture
Internet of Things & Embedded Syst
ems (SPPU-Sem 5-C o~t =>
LF : 125 kHz · 134 , 2 kliz : low frcqucncic11,
HF : 13.SG MHz. : high frcqt1encics,
UHF : 860 MH z• 960 MH z : ultr a high frequcncicR,
SHF : 2.45 GHz : supe r high frequencies
• The following Tab le 3.10.3 shows the
RFID applicalioos as per frequency
rang e .
Table 3.10.3
.. ...
"
RFID\·. :.;r ·--·.. ... .....
!: . . •'
.., .... . <:.... ..
.- • ... • ~
· · ·. · .'.,Key- :Ap plic atio
' .::,t . "", _n s ' . .. '., , Sta nda rd,
125 kHz (LF)
Inexpensive passive RFID tags for iden
tifying anim als ISO 18000-2
13.56 MHz (HF)
Inexpensive passive RFID tags for
identifying OBJ ECT S, ISO 14443
Libr ary books
400 MHz (UHF) For rem ote control for vehicle cent er
locking syst ems ISO 18000-7
868 MH z, 915 MHz, ¥or active & passive RFI D _for logistics
922 MH z (UHF) in Europe, USA, ISO 18000-2
Aus trali a
2.45 GHz (MW)
ISM ban d used for active & pass
ive RFID tags, Tem p ISO 18000-2
Sen sors , GPS
5.8 GHz (MW ) Use d for long-reading Ran ge passive
and active RFID tags ISO 18000-2
for vehicle identifi~ation, Highway toll
:, collection
~ a J.tO .J WSN '
• Wir eles s Sen sor N/w t sens es and

gath ers data
usin g sens ors whi ch are spat ially dist
ributed.
• WSN collect this data into a centralized
location with the help of wired
/ wireless
connection
• Recently with the development of WS
~, it led to
dist ribu ted wire less sens or and · Tier 2 - Deliver
actu ator
netw orks (WSANs) that are capa ble
observing
the physical world.
• Bas ed on obse rvat ion it mak es the

decision and Tier 1 • Compute
perf orm ed the app ropr iate act.ion.
• Wireless Sen sor netw ork consist
of three
elem ents , Sen sors , Wireless com
munication Tier o • Sense
modules and Ope n Sou rce API.
• The development of WSNs was
mot ivat ed by
mili tary appl icat ions for exam ple c1c1111''igh3.l0.2: Sensor network arch itec
batUcfield turt
surveillance.
• -The.WSN is consist of nodes from a fuw l.o several hundred or even
thou sand .
(SPPU·New Syllabus w.e.f ac,demic year 21·2
2) (P5•35) lil Tech-Neo Publications...A SACHIN SHAH Venture
Internet of Things & Embedded Systems (SPPU-Sem.5-Comj')
• · Each node connected to one or several sensors.

- . arts· .
(toT· Design Methodology) ... .P!9.~ ) .
d·o tran:-ceiver with an antcrma,. a microccntrolle

-
• Sensor network node consists of sevcrn1 P • •1 rn 1 r,
an electronic circuit for interfacing with the sens,>rs, and an cncrb'Y source.
• The architecture of a typical sensor network is shown in Fig. 3.10.2 •

· I ta twork to an advanced multihop me:sh
• The topology used in WSNs can vary from a s1mp e s r ne
network with a gateway sensor node connected w1t · h a rem ote central server·
~ Wireless Sensor Networks Applications
1. Forest Fire Detection

2. Weather Monitoring System
3. Military Surveillance System
4. Manofacturing process control in large industries.
5. Smart Building system to control indoor climate.
• For example consider Natural Environment Protection System
• Objectives - Detect and prevent forest fires. Detect flames, heat and gases that help to identify lhP. . 4
molecules of chemical compounds generated during combustion (CO and CO2). With GPS, allow the ]]
•
exact geo location of the nodes.
Prevention - After installing the WSN, the network can also acquire the daily values for temperature
)
I I
and relative humidity in order to determine the likelihood of a fire in each zone under surveillance.
• Alarm - Send an alarm indicating the status of the fire or the probability level and the area.
LS. l.10.4 SCADA
:~~~~~~~~q~}~P~~:W~t.~r~.th~.tl~ff~;~~~iocks),JS~DA ·!.'·:~:-::>~'):::~~;\~::'·r,i;y-s~~·;'~:iJ}.~ - - - .- - - - - - . - - - :
• SCADA is Supervisory Control and Data Acquisition.
• SCADA is used to connect, monitor and control equipment's using short range network inside a building
or an industrial plant.
• SCADA is software used to
control the hardware. For 8-8--1
I
I
e.x~mple PLC, drives, s~rvers, :
sensors and also obtain the data :· ·sMaster
cADA _ _.,. >4--·scADA
RTu .· Sensot
which is stored on the personal
computer or Human Machine ••
I
I
Interface (HMI). :
• SCADA . uses BacNet
.,. HMI
I RTU ·J• I:sensoq •
· (communication protocol), CanBus
(tC20)Fig. 3.10.3 : SCADA Architecture
and Wired Field Buses (Industrial
Computer Network Protocols).
{SPPU-N8 Syllabus w.e.f academic year 21-22) {PS-35) ~ Tech-Neo Publications...A $ACHIN SHA~ Venture
I
1
Internet of Things & Embeddt."d Systems (SPPU-Sem .5-Comp)
(loT: Dcstgn Methodo~y) .. . Pa7~ no . .(~61
• The architectu re ofSCADA System is shown below.
As shown in Fig. 3.10.3 SCADA system consist of following key elements
I. Se nsors : There are two types of sensors analog and digital. Different sensors are use like temperatu
re,
hu midity, current, motion, and water applications. For data acquision sensors are attached with RTUs
to take measu rements.
2. RTU- Remote Terminal Unit: RTU connects to sensor in the process as well as SCADA master using
communica tion network. They deliver various parameter s to central station (SCADA master) to
be
managed by them.
3. RMI! Human Machine Interface :· HMI _is interaction on h~an operators and machines. HMI is
tools that presents process data to a human operator and through this the human operator monitors
and controls the process.
4. SCADA Master : SCADA master consist of programm able controls, multiprotocol support and provides
0
human interface. It takes inputs from sensors through RTUs and ~~trols various ~pplications. SCADA
master provides various display formats like graphs, tabular and other ·r o~.' It also provides
email/paging based on certain conditions .
5. Commun ication medium/n etwork : It is work as interfaces to connect SCADA master with SCADA
RTIJs .
~ SCADA Applicatio ns
SCAD A has following major applications of use.
I. Electric Utilities - Manage Current, voltage, circuit breaker, power grid.
2. Water and Sewage - Monitor and control water level, water. flow and water pipe pressure.
3. Building - Control heating, ventilation, air conditioning, visualization, lighting and. building access
systems.
4. Mass Transit - regulation of electricity, track and locate buses, trains
5. Railways /Roadway s - Control traffic signal lights
Case Study : Home Automatio n using loT communication models and IoT communication APis
• Step I : Purpose and Requirem ent Specifica tion

Purpose : A home automatio n system that allows controlling of the lights in a home remotely using a web
application .
Behavior : The home automatio n system should have auto and manual modes.
In auto mode, the system measures the light level in the room and switches on the light when it
gets dark.
In manual mode, the system provides the option of manually and remotely switching on/off the light.
System Managem ent Requirem ent : The system should provide remote monitoring and
control
functions .
Data Analysis Requirement.a: System should perform l~l analyais of data.
. --
(SPPU ·NN Syllabus w.e.f academic year 21-22) (PS-35) [ii Tech-Neo Publications...A SACHIN SHAH Venture
) (loT: Design Melhodology) .... Page no. (3-2?}_
Internet of Things & Embedded Systems (SPPU-Sem.5-Comp
on device, but acts remotely without manual

Application Deplo ymen t Requ ireme nt : Deployed locally
interv ention .
must be available
Secur ity Requ ireme nt: Authenti~ation to Use the ~stem
t Step 2 : Proce ss Speci ficati on

i~d b~sed on and derived from the
In this step, the use_cases of the IoT syst~m are.formally descr
H~nie Automatidn system use case diagram is
purpose and requiremen t specifications. So for. our. example .•,
shown below.
;
·--:
. .• J
Auto·· -:-
Unit
fill
Ill
State-On State-Off·
Level-Low Level-High 0
State: 0~. : State: Off-; ; siate: 01t

11~1Fig. J:19.~ : Use Case of Home Aul!J~l~QD System_.. 'i
·.c n:.
,:. ' · .. .
• Step 3 : Doma in Mode l Speci ficati on
described _as foll!'.!ws .
Domain model specification elements for Home autom~tion System • ~ • ' • . • ' • ?
Physi cal Entit y :.a room, a light,.an appliance · '-~ . ·:_'.,
y~ical Entity in the digital world. For :eac;~r,

Virtual Entity : Virtual Entity is a representation of UieJ'h
1
Entity , ther~ is a Virtual Entity in the domain model.. ..

Physical
fhysical E~tities and Virtual Entities. For ou. r
Devic e: Device provides a. medium for interactions between . . . . .
example devices are minicomputer, sensor and actuator

be either •on-device~-o~ ~net~ork-reso urces".
Ueso urce: Re.sources are software compon~ts which can - :.··, : ·;•r~• • •: •;,
~~ -.. ~
,the Physical Entity. Servic es access the
Sen; ce : Services provide an interface for interacting with ' . ', . . . ;._:·... ,
.
obtain information about the. Phys i~ EJ1?ty o~
resoun:~ hosted on the device or the network resources to . . · ,, ,
perform actuation upon the Physical Entity.
in Fig.3.1 0.5.
-~
The Domain Model specification for Home Automation System shown
. (SPPU•New Sylla~ w.d academic year 21-22) (PS-35) litl Tech-Neo ~ -SACHIN SHAH Venture
Internet of Things & Embedded Systems (SPPU-Sem 5-Comp) (loT· Design Mcthodology)....Page no. (3-28)
u- lnt~,act w~h
!
1 I
Active Human
.,--•---·-: t________J f
Digital
App
User
Ser,lce
As:OOated
.i·-······1.
E~poses
wit~
Wtuat
Entijy i Relale&lo
·'
Physical
Entity Monil01$
·~ Room ! Room
i
Resource
Virtual .·
Entity • ,.
...i Relates to
, _Physical ~
.., Ent~y
!I ri ~Appliance :· ·· Appliance f
Acton
!
I II
Network·
ResotJree
On Drive'
Resource
Hosts
I "''~ Device : ·~;
Minicomputer
Attached to f Attached to
I I
· se~o/' ~A~lua~;
---
---+ Agg~tion
Generalizaf ion/Specializalion LOR .• .: .
r
,. ,~· .
L.
..
f, Relay.';·
·:..·u ,h.. •;J,•
(1C22)Fig. 3.105 : Domain Model Specification of Home Antomation System
• · Step 4 : Information Model Specificatio n

.' ·virtual Entity:_,,,
Information model adds more ,.- Room ·:
• • ,;_-.__ _ _f_n_R_o_om
_ _ _ _--4~·:EritiiyTy~~J;l
details to the Virtual Entities by
EnlityType: Roo~. .... i:' . ·Appliance ,:,.-;:
✓;s
defining their attributes and Id: Room1 ;: .'.~
: ~.:.-.
f >;-, Id: Ught1 '·1

..
••',,
relations with the help of class >~I- ;,..~ , • .:
/,R(?Qmld: Room:t:i
~
diagram.
::., • Attribute: .-: ': ''!J-
::r·•,.. Attribute:
. ..'
Home automation System- ": lighHevel ' '. ~ :: State :'
:·Allributl!Namrl.' i!9i'ttributeNam
There are two virtual entities- .. lightlevel :-::
,AllributeType:";. '!f
. . .
lightState i
Typ ''
Light Appliance (light state), ,.. level . .
!i
Room (light level)
ttt:zllF"ag. 3.10.6 : Class diagram or Home Automation System
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35) ~ Tech-Neo Pubfications...A SACHIN SHAH Venture
(loT: Oe~t~ Mc thodot~J _Pa 9
lnlemel ol Things & Embedded Systems (SPPU -Sem 5-Comp) -- "== <)~13-29\
~
• Step 5 : Service Specification
There are three types of services used in Horne Automation System.
l. Mode Service: It sets the mode auto or manual or retrieves the current mode.
2. State Service : Sets the light appliance state to on/ofT or retrieves the current light state.
3. ~ontroller Service : In auto mode, the controller service monitors the light level and switches the
light on/off and updates the status in database. In manual mode, the controller service ' rctrie ves the
current state from the database and switches the light on/off
Service specification is shown below with help of process specification and information modt:I
specification.
---------► Mode Service
Auto Manual '
Level-low ... Level-High State-On Stats-Off •
.
:,State: On':,' ,_.State: Off_
;;' ·state: On,·: · State: Off;:,
- . .:.:
. ;; Virtual Entity:·~;- ..:_, Virtual Entity·~,;

. i'.'. : Room ·:'-' :, Room :f.f
-;,., In Room
·,. · ·,. ... ·..J+----....;_.:..:..:......;__ _ _.J~"'".':EnlityType:··~-\
-~Type:
-,. Roohi· i ,,. · ..
: · Appliance ··,;-:
{ : Id: Room1 . :i Id: Light1 :•: :
,
! ..• . ,... ....
~,·. . :~oomld: R~1\
•··c· . • A.. "'b·UIC

..-·. ' ·
."",- Wt . ... . ,
:~ ,·Attribute:
.J;','. Light-level ~·::;:
•- .. State ... /~
::AttributeNa~;;-, \'AttributeNam~:t
:._;i Lightl..evel· ·: ~
"' :-~:i
; :· LightState
;: ..
--~·1-----'--• State S«vlce
"·¥
·• AttnbuteType:·..;
{ ~ttributeTy~:._:.
·.: ~ · level :.~ ·_.. state .··,.. ...·,~
Controller Service
ltc:NlFtg. 3.10.7: Information Model SN¥ifi ti

r - - JCa on or Home Automation System
(SPPU-New SyDabus w.eJ academic year 21-22) (PS-35)
Iii Tech-Neo Publications..J\ SACHIN SHAH Venture
t Step 6 : loT Level Specification

Decide the deployment level of loT System. The deployment level of
the home automation loT system is level-1.
t Step 7 : Functional View Specification
• The r'unctional View (FV) defines the functions of the IoT systems
grouped into various Functional Groups (FGs). The following
Fig. 3.10.9 shows Functional · view specification of Home
Rosouroe
Automation System.
1. IoT device maps to the Device FG (sensors, actuators devices,

computing devices) and the Management FG (device management)
0
2. Resources map to ·the Device FG (on:device resource) and
Communication FG (Communication AP is and Protocols) (1C2S)Fig.3.10.8: Deployment
Level of Home Automation
3. Controller service maps to the Services FG (native Service). Web System
Service map to Services FG (web Services)
Local Cloud
I Appllcallon
. ,. ~ • ~ .., 'i ~ l ~ • ••"'•
.::~ :,r;,
.a"'pticalion . ,·. · • Database·.
App. .,,_.,... ~ . ...., . •.., . .
REST/V\lebSocket - ·:::. Se_rver _· -.. Server ..
Communication • .,.:.,.. · . . .... · •·f.~-....~;i•
.. .. $e.c.u,rJty:·:;
I ·:~~S~WebSo ~~::::j=~-::::::.jEc~s~~~~~fr~;::::::::==:r .-._: ·
.--+--
·Authenli-:
Database ... cation ,
Device
0
Monibring Node
(1C21)f"ag. 3.10.9: Functional View Specification of Home Automation System
4. Web services map to Services FG (web services)

5. Database maps to the Management FG (database management) and Security FG (Database Security)
(SPPU-New Syllabus w.e.f academic year 21-22) (PS-35) ~ Tech-Neo Publications...A SACHIN SHAH Venture
lnte11'1el of Things & Embedded Systems (SPPU-Sem.5-Comp) (loT: Oes~n Met~ J ... P~e no. {~31l
6. Application maps- to the Application FG (web application, applicalion and dalabase servers).
Management FG (App management) and Security FG (app Security)
t Step 8 : Operational View Specification

.. ·''
.
Operational View specificatioil.S for,the hoqie automation example are:
-
• Devices: Computing devi~e (Raspberry Pi), light dependent resistor (s~nsor), relay S\V]tch (actuator).
- ";! . · ·- •• ~ ; ,t.' .
• Communication APls: REST APis ....

. ..,,:
• Communication •·Protocols :. Link Layer: - 802.11, Network Lay~t -_tlPv4/IPv6,Transport TCP,
Application - HTTP.
Services
·! ...: ·"
\
~- --~-~ t
(1) Controller Sem~ ;;Host:~d~~n·device: i~pie~ented in Python and run a~ a native service.
• ~- ':/:{~·:· ...... , ' .. '.10:''.· :.. ·• ', :~
,. ~> •.~-~·;·
(2) Mode service - ~ST-ful ~e~ service, hosted on device, implemented witfg~_ango~R~ST Framew,ork.
,, :• . . ' .' ,
(3) State service - REST-ful ~eb ~e~ce, ~osted on device, implemented with Dj.ang~-REST F~a~;~ork. I
~
Application
.. ,
I
- . . \ . i:-.
(1) Web Application
.
- Django
. Weq.....Application,
.
(2) Application Server - Django App_Serve~,
(3) Database Server - MySQL ·.
Security
. ;_
(1) Authentication: Web App, Database
(2) Authorization: Web App, Database
Management
(1) Application Management - Django App Management
(2) Database Management - MySQLDB .Management
{3) Device Management- Raspberry Pi-device Manage
t Step 9: De,ice and Component~gra tion

. . .
The following Fig. 3.10.11 shows device and component interaction diagram for Home Automation
System.
(S?PU-New Syllabus w.e1 academic year 21-22) (PS-35} 1§1 Tech-Neo Publica~ SACHIN SHAH Venture
Internet of Things & Embedded Systems (SPPU-Sem.5-Comp) (loT: Desig~ <!9.Y) .. Pago no.J ~-'32)
. . . : f ... .. .. .
... ..... ..··g
ABC OE "' F G H I J
: : : .. .
. . .
• . ..., ...
. ~, ... . ... ...
.. •........,., .... .. .•
·~
• •'1 ••
~
. ........ . ...
• .. • • • I; • ~ •
•. • ..• • J • •
....
~
' ....
.. .. :·i ··0~•=::· · ......
. . ,·
. :P:. ::
-~ ·-:~ --..,,>;·
\ _____________t1r~
·.,_. _': "·1·:;;;.:': -~\ ~ :: ·:::: 1- =:::: .....
': ~-~·: ',t: _
.........
:
.,;.·•· ~····
_;';;,t
..
ti
t,f~j~;.J~:1:~~..\i ~' . . . .. ....· ..::::
:: .::::1 ...
... ... ..
~.:..s; .=i-~?l.!:ot■
. ~-·f., ';·
,. ' .~ ·.:>
::;:. r,~:-•--~-~
;.
.,~=. ::::1
.
. .
. .
. .
.
...... ...... . :::::
...
.... . . . ...
\ .:•ire '¢.
:.:
. ... .. ......
:":
-~·c-;•7j;t
..
. . . ...
,..•-'\" •·
).~ : 'i
~•hJ:, . •
...
.
..
.• .•...• • . • • ·.• 1. ..
· > .?; . ·. .;. . ... ·· Ii 1 · ... ...
.
..
......
Ol'Y«
'.".'ftif!i \
';'oo· ;~f:IOI( .
:~~••(~l"'1: '-----...1-:,I:.I ·.:,J..1-:.• .:• .:• .:• • .•••• ...
1 ·. : .: : :
:1:, ! : : ! .: : : : . .
.,. ···-
•I• ·• • ,.
.. I • , • e•.... . .
♦ ♦ • • •
• • • _ ....i,...-.t- -Qi
:I: . .. . . . ... . .. ..
: : : _•I • •• • •
• 1•
• 1•
.• • • • ..
........ ... •.~

• • •
....
• • .. ...
.• , Jj . . . .
.... .
. - ••••
• 1.. - • • • • • • ••••
ABC OE FGHI J
(1C%7)Fig.3.10.11 : Component and Device.Interaction of.Home Antom:ition

System
• Step 10: Applic ation Development
• The final step in the 1oT design methodology is to .develop .the IoT application.
• Home Automation application has controls for mode and light.
I
(1C211Fag. 3.10.12: Application Development of Home Automation System
Chapter Ends...
□□□
UNIT 6
Security in loT
CHAPTER 6
Syllabus
Introduction, Vulnerabilities of loT, Security Requirements,Challenges for Secure loT, Threat Modeling.
Key elements of loT Security: ldentity establishment, Access control, Data and message secur1ty,
Non-repudiation and availability, Security model for loT, Challenges in designing i0T applications,
Lightweight cryptography.
Case Studies : Home Intrusion Detection.
6.1 What Is lnternet Of Things (|0T) Security ?. 6-3
6.2 Vulnerabilities of loT 6-3

List andExplain Vulnerabilities of loT (SPPU-Dec 18. Mav/June1 8 ) i . 6-3
6.3 Security Requirements. 6-4
6.4 IOT security Challenges 6-6
UQ. What are the challeges for securing IOT. (SPPU - May June 184 Marks). 6-6
6.5 What is Threat Modeling?. 6-8
6.5.1 The Threat Modeling Process. 6-8
6.5.2 Need of Security Threat Modeling... 6-9
6.5.3 Ten Threat Modeling Methodologies 6-9
6.6 Key Elerments of Security ... .6-11
6.7 Data vs. User Security Models. .6-12
6.7.1 INTEGRITY. .6-12

6.7.2 PRIVACY .6-13
6.7.3 Data Privacy ....... .6-13

6.8 Security challenges within the loT .... 6-14
6.8.1 Physical Limitations of Devices and Communications ..6-14
6.8.2 Heterogeneity, Scale, and Ad-hoc nature. ...6-14

6.8.3 Authentication and ldentity Management. 6-15
6.8.4 Authorisation and Access Control. 6-15
6.8.5 Implementation, Updating, Responsibility, and Accountability.. 6-15
Internet of Things &Embedded Systems (SPPU-Sem 5-Comp) (Socurityin lo)..Page no. (6-2)
6.86 Security issues in Health, Well-being, and Recreation 6-16
68.7 Security issues in Connected and autonomous vehicles... 6-16
6.88 Security issues in Industry 4.0 6-16
6.8.9 Security issues in Logistics 6-16
68.10 Security issues in Smart Grid. .6-16
6.8.11 Security issues in Homes, Buildings, and Offices .... 6-16
6.9 Challenges in designing IOT application. .6-17
6.9.1 Connectivity. 6-17
6.9.2 Security and Privacy 6-18
6.9.3 Flexibility and Compatibility.... ... 6-18
6.9.4 Data Collection and Processing. 6-19
6.10 Lightweight Cryptography.. .6-20

6.10.1 Requirements for Lightweight Cryptography. 6-20
6.10.2 Symmetric Key and Public Key Cryplographies 6-20
6.10.3 Trends in Lightweight Cryptography... .6-21
6.11 Case study :Home Intrusion Detection 6-22
6.11.1 General System Design. 6-22
6.11.2 Hardware Design 6-23
6.11.3 Software Design. 6-23
6.11.4 System Setup. 6-25
Chapter Ends. 6-25
(SPPU-NewSyllabuS wef academic year 21-22)\(P5-35) GTech-Neo Publications..A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp)
(Security in loT)..Page no. (6-3)
H 6.1 WHAT IS INTERNET OF THINGS (IOT) SECURITY ?

routine security assessment., flaws are
Securing the IoT network has always been a major issue. In
Several IoT appliances/devices cannot be
discovered in software, even in the old codes which are well-used.
be at risk. Moreover, IoT Sensors which collects
patched with security fixes as a result almost all device will
Extreme highly sensitive data, what you
the data from these IoT Devices are also amassing in several cases.
devices to connect to the internet exposes them
say, and what you do at your home for example, permitting
secured. Hackers are now actively aiming loT
to several serious vulnerabilities if they are not appropriately
lack of security makes them vulnerable and
devices such as routers and webcams because their inherent
easy to compromise.
H 6.2 VULNERABILITIES.OF.IOT
GQ. Explain Vulnerabilities ofloT

(SPPU -Dec 18, May/June 13)
UQ List and.Explain Vulnerabilities of loT
.credentials (usernames and
Weak, guessable'passwords : Most IoT.devices come:with preset
are often publicly
passwords) that are provided by. the <manufacturer. These default credentials
IoTdevices are secured,
available and can be easily broken through brute-force attacks. To ensure new
IT administrators must set up new login criteria before deploying them in liv enyironments.
networking
Unsecuredi network services One of the icore features of IoT devices involves
internet connection.
capabilities that allow endpoints to communicate amongst themselves over a secure
becompromised and
When insecure network services are running on a device, seHsitive data can
authentication proesses can be:bypassed. ; 2is3,3
Unhealthy loT ecosystemsWhen IoT devices are integrated withcentralized 'management

vilnkia
platforms and legacy systems, users can ünknowingly introdücesecurity at the
t D6 C5i, Rnrotocols and
application layer. These inclüde compromised authentication controls, weak encryption
unoptimized input/output filtering.
Inefficient update mechanisms : To prevent IoT devices from being compromised, companies must
made available. Without a trusted
be able to send real-time updates to each endp0nt as so0n as tneye naae V
form of firmware validation, patch delivery and security monitoring, IoT devices could be running
outdated versions with glaring code vulnerabilities.
:
Lack of privacy protections : IoT devices often. collect, and store users' personal. information, which
may be compromised if hackers are able.-to. bypass built-in security, features and authentication
protocols. The broader IoT system - including data stores and API interfaces can also be leveraged to
steal sensitive data unless properly secured.
Improper data transfer and storage: Even the most robust IoT equipment-can be exploited ifuaers
fail to encrypt data within their IT ecosystems. Sensitive information can be stolen at the point of
collection, while it's in transit or during processing. This accounts for why access controls are considered
UNIT
a top priority when managing a fleet of interconnected IoT devices.
End S
(SPPU-New Syllabus w.e.facademic year 21-22)(P5-35)
Tech-NeoPublication..A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Security in loT)..Page no.(6-4)
6.3 SECURITY REQUIREMENTS
GQ. Expiain security requirements of I0T.

Best Secure Coding Practices Should be Followed : Developers must take steps to ensure that
devices and service's do not contain vulnerabilities in the implementation. For example, steps should be
taken to avoid memory corruption vulnerabilities such as buffer overflows and. integer
overflow/underflow. The OWASP top 10 should be avoided in web applications and other secure coding
best practices should be followed.
Use of TLS for all Network Communications : All communications on a networking stack with a
medium that is shared with other device not part of this deployment (e.g., Ethernet, WiFi)must use at
least TLS1.0, and should use at least TLS 1.2. All ciphers to be used must provide at least 128 bits of
effective strength. RC4 and DES may not be used. Clients must verify certificates on connection. Clients
and servers should be able to accept the use of a public certificate authority (CA), a private CA, or a
deployment-specific CA. If devices or services require a console interface, SSHv2 máy be used instead of
TLStoprotect the communications channel. RSA keys and DH groups must be at least 2048 bits in size.
Verified Firmware Updates : All firmware updates must be cryptographically signed, and devices
must verify the signature on update. The signature must be performed using asymmetric cryptography
and the private key must not be present on any device.
Scalable Process for Firmware Updates : Allfirmware updates must be deployable on a large scale.
In particular, there must not be any step requiring per-device manual intervention. Firmware update
processes should allow applying a firmware to a subset of devices to allowa staged rollout as well as
support the ability to rollback if an issue is found.
Strong Authentication Mechanisms : AIl access to configuration settings, firmware updates.and
sensitive data in any device or service must be protected by strong authentication. Examples of strong.
authentication include usernames and passwords transmitted over TLS (provided that passwords must
be properly hashed using a technique such as scrypt, berypt, or Argon2), client certificate validation, or
challenge-response authentication mechanisms.
Unique MAC Addresses : At all times that a device is present on a wired ethernet or WiFi network
(IEEE 802.3 and 802.11), it must use a unique MAC address, and that MAC address must be stable
across reboots and configuration changes. MAC addresses must comply with all IEEE 802 standards for
EUI-48 addressing.
No Communication With third-party Servers : Devices and services must not communicate with
any third-party server outside of the Google network, except for explicitly appröved connections. Core
network services (DHCP, DNS, NTP, etc.) can be expected to be provided within the network, and
application-specificcommunications should take place between devices and services hosted within the
Google network. Required connections must meet all other requirements.
No Hardcoded Credentials : Devices and services must not have hardcoded credentials ("backdoors").
Any process for a factory reset or lost password on a device must include a physical presence test, such
as pressing a button or connecting a jumper. All credentials that allow access to the device must be
documented and must be user configurable.
(SPPU-New Syllabus w.e.f academic year 21-22)(PS-35) Lal Tech-Neo Publications..A SACHIN SHAH Venture
(SPPU-Sem.5-Comp) (Security in loT)... Page no. (6-5)
Internet of Things & Embedded Systems
used to represent the identity of
Unique & Replaceable Certificates : Any cryptographic credential
server or a client credential for authentication)
the device or service (whether as a TLS certificate for a replaceable
private key and certificate must be
must use a unique private key and certificate, and this
business need. Devices and services should allow the
in the event of expiration, compromise, or other
use of an arbitrary CA for signing these certificates.
(Note that this does not apply to certificates never
verification of a firmware update or a verified
presented outside of the device, such as those used for
boot process.)
services for use in loT
Commitment to Security Updates : Vendors providing devices and
a timely fashion. Updates should
deployments must make a commitment to release security updates in
updates should include a deadline of 30 days.
come as soon as practical, but a commitment to security
Any issues discovered by Google must be
Security issues must not be outstanding longer than 90 days.
issue no later than 90 days after it
subject to our disclosure policy which calls for public disclosure of an
lifetime that is reasonable for the expected
is reported to the vendor. This commitment should have a
installation duration of the device.
functioning of the device or
Minimum Service Exposure : Any service not required for the proper
unnecessary exposure of services like
service must not be exposed on anetwork interface. In particular,
services must not have undocumented extra
telnet, ttp, or database servers must be avoided. Exposed
functionality that may pose a security risk.
the use of WPA2. WPA2-PSK must be
WiFi Must Use WPA2 : Any WiFi connections must support
must be compliant with IEEE
supported, and WPA2-EAP should be supported. Implementations
supported cipher suites, passphrase
802.11i. There must not be any device-imposed limitations on the
lengths, or other security features of the implementation.
4.0 or higher. Bluetooth
Bluetooth Security : Devices supporting Bluetooth must support Bluetooth
must provide a scure pairing
interfaces providing a PAN profile or access to configuration interfaces
mechanism.
Time Protocol-(NTP) server.
Sync Clocks with NTP : All device clocks must be synced to a Network
for events occurring.on the
This ensures proper certificate validation for TLS, proper log timestamps
obtained via DHCP options
device, and results in lower administrative overhead. NTP servers must be
be compliant with IETF RFC59)5.
or user-configurable hostname. The NTP implementation should
No External Network Connectivity : Devices and services must not
provide network connectivity
cellular network connectivity,
that would bypass network firewalls. This includes, but is not limited to,
communications.
VPN connections to third-party endpoints, or.other techniques for tunneling
Non-WiFi wireless interfaces
Use of Non-WiFi Wireless Interfaces : Many loT devices make use of
must not
in the 900 MHz or 2.4 GHz ISM bands, including technologies like 802.15.4. Such interfaces
traffic
directly route traffic between the non-WiFi interface and a WiFi or wired ethernet interface. Any
should be proxied through an application-layer proxy to minimize the risk of maliciously crafted packets
on the shared network. These interfaces must take reasonable steps to provide confidentialiy and
integrity of communications. These interfaces must also use the minimum amount of power necessary
for the task ahead to minimize the range of wireless signals, such as making options available to tune
power for the particular installation. Options to disable specific interfaces should be present.
(SPPU-New Syllabus w.e.f academic year 21-22)(P5-35) Tech-Neo Publications..A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Security in loT) Page no. (6-6)
Identification and Delivery of Open Source Components : Any open-source software compon 2nts
must be identified with the name of the project, license, and version being used. Any components wuh a
copyleft license (e.g.,GPL) must have source included at the time of delivery.
Graceful Degradation: In the event of a lack of network connectivity or other communications
failure, the device must degrade into a reasonable state that maintains security. The device must not
tall back to unencrypted or unauthenticated communications, but should function locally in a manner
appropriate for the type of device.
Test Resilience : All devices must be able to handle network traffic conditions that are artifically
generated for testing, such as security tests and authentication retries. This includes arbitrary netv/ork
traffic, including that which leaves hung connections or sends unexpected traffic. Should said traffic
exceed the capacity of the tested device, the device should gracefully degrade its functionalities and
automatically resume normal operation when the traffic is back to normal.
H 6.4 J0T SECURITY CHALLENGES
GQ Explain Seçurity Challenges of IOT
iUQ. What are the challeges for securing QT (SPPU -May /June 18 4 Marks)
1, The Rise Of Botnets

In recent years, there has been an increase of botnets among loT devices. A botnet exists when hackers
remotely control internet-connected devices and use them for illegal purposes. An enterprise could have
their devices co-opted as part of a botnet without any knowledge of it. The problem is that many
organizations lack real-time security solutions to track this.
2. More IoT Devices
Afew years ago,security professionals were focused solely on protecting mobile devices and compuzers.
Today, there is a proliferation of IoT devices. There are over 7 billion devices around, and that number
could increase to 20 billion by 2020. More loT devices mean increased security vulnerabilities acrose the
enterprise, and it is a growing challenge for security professionals.
3 Lack Of Encryption
Although encryption is a great way to prevent hackers from accessing data, it is also one of the leading
IoT security challenges. These devices lack the storage and processing capabilities that would be fc und
on a traditional computer.The result is an increase in attacks where hackers can easily manipulate the
algorithms that weredesigned for protection. Unless an enterprise resolves thisissue, encryption won't
be a security asset.
4 Outdated Legacy Security
In addition to the vulnerabilities of the loT devices, the other concern is with interconnected legacy
systems. In an enterprise with a growing number of loT devices, legacy technologies might seem out of
place. Abreach of an loT device could also result in a breach of a legacy system that lacks modern
security standards.
(SPPU-New Syllabus w.efacademic year 21-22)(PS-35) Tech-Neo Publications.A SACHIN SHAH Venture
Inteme! c Things &Embedded Systems (SPPU-Sem.5-Comp) (Security inloT)...Page no (6-7)
5. Weak Default Passwords
Mary IoT devices come with original default passwords that are weak. Although it i_ recommended that
you change the passwords, some IT leaders fail to take this simple step. Aweak, easy-to-guess password
couid leave an IoT device vulnerable to a brute force attack. This is issue so prevalent that California
banned default passwords in 2018.
6. Uneliable Threat Detection Methods
Enterprises have numerous methods of detecting data breaches, which involve-spotting common
indicators, monitoring user activity, and other security protocols. However, due to the growing number
of IbT devices and the complexities of each device normal threat dedication methods could be less
reliable and more of a challenge.
7. SmallScale Attacks In IoT
Although security professionals are focused on preventing large scale attacks, it is actually the _mal
scale attacks th¡t could be among the more serious loT security challenges. Small scale attacks are
more difficult to detect and could easily occur without an enterprise being aware of it. Hackers can
breach common enterprise technologies such as printers and cameras.
8. Phishing Attacks
Phishing is alréady a security concern across all enterprise technologies, and loT devices represent the
latest attack vector. Hackers could send a signal to an IoT device that triggers numerous complications.
Although it is one of the most common forms of security attacks, and it can be stopped, many
organizations fail to properly train their workers about the latest phishing threats.
9. Inability To Predict Threats
Security professionals need to be proactive in order to prevent IoT security breaches before they occur.
However, some enterprises might lack a robust management system that could monitor ractivity and
provide insights into potential threats. Without this type of solution, an enterprise won't have the
cap[bilities to spot potential breaches ahead of time.
10. Infrequent Updates
Software. updates is one way that IT professionals ensure that computers and mobile devices are as
secure as can be. Some loT devices may lack the amount of software updates that other technologies
may receive. In addition, enterprises struggle to provide critical security updates to IoT devices in the
field.
11. IoT Financial-Related Breaches
With some enterprises using loT devices for electronic payments, there is always a risk for à hacker to
breach and steal the money. Some organizations are integrating machine learning or blockchain to stop
finæncial fraud before it happens to an internet-connected device. However, not every organization has
ried this solution yet.
UNIT
VI
End S
(SPP J-NEw Syllabus w.e.f academic year 21-22)(P5-35) Tech-Neo Publications.A SACHIN SHAH Venture
Intemet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Security in loT)..Page no. (6-8)
12. User Privacy

internal users). This is
Enterprises must protect user data (that goes for both a company's external and
employers. When a
especially a concern because many workers are using loT devices provided by their
take a big hit, which
breach happens and private data is compromised, an enterprise's reputation would
ignored.
is why this is one of the top IoT security challenges that can't be
6.5 WHAT IS THREAT MODELING?
GQ Explain threat modeling

Threat modeling is a method of optimizing network security by locating vulnerabilities, identifying
objectives, and developing countermeasures to either prevent or mitigate the effects of cyber-attacks
against the system.
While security teams can conduct threat modeling at any point during development, doing it at the
start of the project is best practice. This way, threats can be identified sooner 'and dealt with before they
become an issue.
It's also important to ask the following questions :
What kind of threat model needs building? The answer requires studying data flow transitions,
architecture diagrams, and data classifications, so you get a virtual model of the network you're
trying toprotect.
What are the pitfalls? Here is where you research the main threats to your network and
applications.
What actions should be taken to recover from a potential cyberattack? You've identified the
problems now; it's time to figure out some actionable solutions.
Did it work? This step is a follow-up where you conduct a retrospective to monitor the quality,
feasibility, planning, and progress.
6.5.1 The Threat Modeling Process
Threat modeling consists of defining an enterprise's assets, identifying what function each application
serves in the grand scheme, and assembling a security profile for each application. The process
continues with identifying and prioritizing potential threats, then documenting both the harmful events
and what actions to take to resolve them.
Or, to put this in lay terms, threat modeling is the act of taking a step back, assessing your
organization's digital and network assets, identifying weak spots, determining what threats exist, and
coming up with plans toprotect or recover.
It may sound like a no-brainer, but you'd be surprised how little attention security gets in some sectors.
We're talking about a world where some folks use the term PASSWORD as their password or leave
their mobile devices unattended. In that light, it's hardly surprising that many organizations and
businesses haven't even considered the idea of threat modeling.
(SPPJ-New Syllabus wef academic year 21-22)(P5-35) a Tech-Neo Publications...A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Security in loT)...Page no (6-9)
a 6.5.2 Need of Security Threat Modeling
GQ. Why Do We Need Security Threat Modeling?
Just how bad is the cybersecurity situation that we need to create things like threat modeling to help
combat it?
41
Cybercrime has exacted a heavy toll on the online community in recent years, as detailed in this piece
by Security Boulevard, which draws its conclusions from several industry sources. Amongmedia-enabled
other things,
the report says that data breaches exposed 4.1 billion records in 2019 and that social
cybercrimes steal $3.25 billion in' annual global revenue.
According to KnowBe4's 2019 Security Threats and Trends report, 75 percent of businesses consider
insider threats to be a significant concern, 85 percent of organizations surveyed reported being targeted
by phishing and social engineering attacks, and percent of responders cite email phishing scam3 as the
largest security risk.
As a result of these troubling statistics, spending on cybersecurity products and services is expected to
surpass $1 trillion by 2021.
Cybercrime is happening all the time, and no business, organization, or consumer is safe. Security
breaches have increased by 11% since 2018, and awhopping 67 percent since 2014. Smart organizations
and individuals will take advantage of any reliable resources to fight this growing epidemic, arnd sound
threat modeling designing for security purpo_es is essential to accomplish this
a 6.5.3 Ten Threat Modeling Methodologies
There are as many ways to fight cybercrime as ther are types of cyber-attacks. For instance, here are
ten popular threat modeling methodologies used today.
1. STRIDE
A
methodology developed by Microsoft for threat modeling, it offers a mnemonic for identifying security
threats in six categories :
Spoofing:An intruder posing as another user, component, or other system feature that contains
an identity in the modeled system: .
Tampering: The altering of data within a system to achieve a malicious goal.
Repudiation : The ability of an intruder to deny that they performed some malicious activity, due
to the absence of enough proof.
Information Disclosure: Exposing protected data to a user that isn<t authorized to see it.
Denial of Service : An adversary uses illegitimate means to exhaust services needed to provide
service to users.
Elevation of Privilege : Allowing an intruder to execute commands and functions that they aren't
allowed to.
(SPPU-New SyilabuS w.e.f academic year 21-22)(P5-35) Tech-NeoPublications.A SACHIN SHAH Venture
internet of Things &Embedded Systems (SPPU-Sem 5-Comp) (Security in icT)..Page no. (6-10)
2 DREAD
Proposed for threat modeling, but Microsoft dropped it in 2008 due to inconsistent ratings. Openstack
and many other organizations currently use DREAD. It's essentially a way to rank and assess security
risks in five categories:
Damage Potential:Ranks the extent of damage resulting from an exploited weakness.
Reproducibility : Ranks the ease of reproducing an attack
Exploitability : Assigns a numerical rating to the effort needed to launch the attack.
Affected Users A value representing how many users get impacted if an exploit becomes wicely
available.
Discoverability : Measures how easy it is to discover the threat.
3. P.A.S.T.A
This stands for Process for Attack Simulation and Threat Analysis, a seven-step, risk-centric
methodology. It offers a dynamic threat identification, enumeration, and scoring process..Once experts
create a detailed analysis of identified threats, developers can develop an asset-centric mitigation
strategy by analyzing the application through an attacker-centric view.
4. Trike
Trike focuses on using threat models as a risk management tool. Threat models, based on requirement
models, establish the stakeholder-defined "acceptable" level of risk assigned to each asset class.
Requirements model analysis yields a threat model where threats are identified and given risk values.
The completed threat model is then used to build a risk model, factoring in actions, assets, roles, and
calculated risk exposure.
5. VAST
Standing for Visual, Agile, and Simple Threat modeling, it provides actionable outputs for the specific
needs of various stakeholders such as application architects and developers, eybersecurity personael,
etc. VAST offers a unique application and infrastructure visualization plan so that the creation and use
of threat models don't require any specialized expertise in security subject matters.
6. Attack Tree
The tree is a conceptual diagram showing how an asset, or target, could be attacked, consisting of a root
node, with leaves and children nodes added in. Child nodes are conditions that must be met to make the
direct parent node true. Each node is satisfied only by its direct child nodes. It also has "AND" and "OR"
options, which represent alternative steps taken to achieve these goals.
7. Common Vulnerability Scoring System (CVSS)
This method provides a way to capture a vulnerability's principal characteristics and assigning a
numerical score (ranging from 0-10, with 10 being the worst) showing its severity. The score is then
translated into a qualitative representation (e.g., Low, Medium, High, and Critical). This representazion
helps organizations effectively assess and prioritize their unique vulnerability management processes,
(SPPU-New Syliabus wefacademic year 21-22)(PS-35) Tech-Neo Publications.A SACHIN SHAH Verture
Internet of Things & Embeddec Systems (SPPU-Sem.5-Comp) (Socurity in loT)..Paqe no (6-11)
8. T-MAP
T-MAP is an approach commonly used in Commercial Off the Shelf (COTS) systems to calculate attack
path weights. The model incorporates UML class diagrams, including access class, vulnerability, target
assets, and affected value.
9. 0CTAVE
The Operationally Critical Threat, Asset, and Vulnerability, Evaluation (0CTAVE),process is arisk
based strategic assessment and planning method. OCTAVE focuses, on assesing organizational risks
only and does not address technological risks. OCTAVE has three phases:
Building asset-based threat profiles, (Organizational evaluation)
ldentifying infrastructure vulnerabilities. (Information infrastructure evaluation)
Developing and planning a security strategy. (Evaluation of,risks to the company's, critical, assets
and decisioD making.)
10. Quantitative Threat Modeling Method

several pressing
This hybrid method combines attack trees, STRIDE,and CVSS methods. It addresses seve
issues with threat modeling for cyber-physical systems that contain complex interdependenciesin their
components. The first step is building components' attack trees for the STRIDE átgories. These trees
illustrate the dependencies. in the atack categories and low-level component attributes. Then the CVSS
method is applied, calculating the scores for all-the tree's components.
There are several ways to assess security threats, whict"is"great as the threats are real"and will
continue as hackers develop. n¹w ways to conduct their dark activities. t2g2
H 6.6 KEY ELEMENTS OF SECURITY
GQ. Expalin key element of security
Authentication
Access Control
Data and Message Security

Prevention from denial of taking part in a transaction
Identity Establishment
Secure Entity Identification or Authentication
Authentication is identity establishment between communicating devices of,entities.y, ri 3i) xz#
Entity can be a single user, a set of users, an entire organization or some networking deviceng
ldentity establishment is ensuring that origin of electronic document &message is corretly identified
Access Control - Also known as access authorization
Principles is to determine who should be able to access what
Prevents unauthorized use of resources
UNIT
To achieve access control, entity which trying togain access must be authenticated first VI
(SPPU-New Syllabus w.e.f academic year 21-22)\(PS-35) End S
Tech-Neo Publications..A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Security in loT)..Page no. (6-12)
According to authentication, access rights can be modified to the individual
Data and Message Security
Related with source authenticity, modification detection and confidentiality of data
Combination of modification &confidentiality of message is not enough for data integrity
But origin of authenticity is also important
Location privacy is equally important risk in IoT
Should not be any way for attacker to reveal identity or location information of device March 16,
2018Parag Achaliya, SNJB's CoE, Chandwad (Nashik)28
Non-repudiation and Availability
Non-repudiation is the security services for point-to-point communications
Process by which an entity is prevented from denying a transmitted message
So when message is sent, receiver can prove that initiating sender only sent that message
Sender can prove that receiver got message
To repudiate means to deny March 16, 2018Parag Achaliya, SNJB's CoE, Chandwad (Nashik)29
Non-repudiation and Availability
Availability is ensured by maintaining all h/w, repairing immediately whenever require
Also prevents bottleneck occurrence by keeping emergence backup power systems
And guarding against malicious actions like Denial of Service (DoS) attack
> 6.7 DATA VS. USER SE CURITY MODELS:
lmagine a scenario where a user on your customer service team places a spreadsheet containing
customer Personally ldentifiable Information like Social Security Numbers or other sensitive records onto a
globally accessible shared folder. When it comes to User Centric Model: this woulda't be a problem, everyone
has the proper rights to access that file. So when it comes to IoT it works well if more device are connected
in the network. Data Security Model: this is a huge problem as sensitive information is now available to
every intern, contractor or "coasting through their tenure until they take a new job at your biggest
competitor" employee with network access. This scenario makes plain the big dependency of a Data Security
approach:data classification. More in the IoTs and organizations.
a 6.7.1 INTEGRITY
It is easy to define integrity of data but far less easy to ensure it. Only accurate and up-to-date data has
data integrity. Any person or organization that stores data needs it to have integrity. Methods [2]that
can be used to give the best chance of achieving data integrity is not covered in this paper. In a simple
way, data integrity: a requirement for data to be accurate and up to date. Integrity protection includes
preservation against sabotage and the use of counterfeit units or components. Another critical factor
that influences data integrity is the robustness and fault tolerance capabilities of the IoT System.
Sensor networks, such as RFID solutions, face also other issues that limit their capability to overcome
integrity problems as many of their components spend most of the time without being attended to.
Attackers can either modify the data while it is stored in the node or when it travels through the
network. Read and write protections as well as authentication methods are common solutions tothese
1SSues.
(SPPU-New Syllabus w.e.f academic year 21-22)(P5-35) A Tech-Neo Publications..A SACHIN SHAH Venture
internet of Things & Embedded Systems (SPPU-Sem.5-Comp) (Security in loT)..Page no. (6-13)
Data integrity is also ensured by password-based solutions, which brings into account the shortcomings
the
of password protection, such as vulnerabilities related to password length and randomness. Also,
resources found in common IoT systems do not support typical cryptographic solutions because of the
limited resources available. Integrity for the Internet of Things not only is required to be guarded from
external sources but also for internal processes, such as service integrity.
Operating systems rigid process separation, known as Multi Level Security (MLS), help devices to avoid
unauthorized modifcation from code running with high privileges. Nevertheless, MLS approaches have
not been deployed widely as in some cases can be considered as expensive as well as not compatible
with other loTs software. Other approaches to guarantee integrity use hash values which are stored
externally to avoid compromises. Hardware solutions have also been proposed for integrity purposes, a
challenge-based solution is mentioned in by the use of symmetric or asymmetric keys known as Trusted
Platform Module (TPM). Process integrity is also required by IoT devices, process integrity relies on the
device, communication, and algorithm implementation integrity.
6.7.2 PRIVACY
Data privacy is a requirement for data to be available only to aut.horized users. Data privacy is about
keeping data private rather than allowing it to be available in the public domain. The term 'data
amount
prnvacy' may be applied to a person or an organization. Each individual has an almost limitless
of data associated with their existence. Assuming that an individual is not engaged in criminal or
subversive activities, he or she should be in control of which data about himself or herself is made
public and which data remains private.
An organization can have data that is private to the organization, such as the minutes of management
meetings and financial reports and business plans. For an individual there is little chance of data
privacy if there is not a legal framework in place to penalize offenders who breach this privacy. Such
laws are referred to as data protection laws and that depend on the particular country. The major
aspects of data protection laws relate to personal, therefore private, data that an individual supplies to
an organization. The data is supplied to allow the organization to use it but only for purposes
understood and agreed by the individual.
Data protection laws oblige organizations to ensure the privacy and the integrity of this data.
Unfortunately having laws does not guarantee adherence to them but they do act as a deterrent if
wrong-doers can be subject to legal proceedings. The IoTs are not bound by the protection laws and
privacy because it uses its now environment and it directly connected to the device in the environment
using the internet.
6.7.3 Data Privacy
GQ. What is Data Prvacy?

GQ. Explain what is Data Privacy.
Data Privacy is the branch of information security dealing with the proper handling of data concerning
consent, notice, sensitivity, and regulatory concerns.
Practical data privacy problems often revolve around:
1. Whether or how data can be shared with third parties.
2. Ifdata can legally be collected or stored.
(SPPU-New Syllabus wef academic year 21-22)(P5-35) Tech-Neo Publications.A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem 5-Comp) (Socurity in loT) Page no (6-14)
H 6.8 SECURITY CHALLENGESWITHIN THE IOT
GQ. Explain Security challenges within the loT
As the IoT expands and becomes more interwoven into the fabric of our everyday lives, as well 3s
becoming an increasingly important component of our critical national infrastructure, securing it3
systems becomes vital.
The securing of systems can be based upon a number of principles, from the CIA of information security
(confidentiality, integrity, and availability), tothe five pillars of information assurance (onfdentiality,
integrity, availability, auth.enticity, and non- repudiation) and the Parkerian. Hexad (conf.dentiality,
integrity, availability, authenticity, possession, and utility) (Parker 1998). Research articles ciscussing
security considerations relating to cyber-physical (as opposed to information) and IoT syste ms vary in
which principles they adopt.
The majority of researchers restrict consideration to the CIA. The Parkerian Hexad, whilst originally
the
offered as an improvement to overcome the limitations of the CIA, is often rejected; indeed,
usefulness of the Hexad remains the subject of debate among security professionals (Feruza and Kim
2007). Others go beyond these earlier principles and include robustness, reliability , safety, resilience,
performability,and survivability (see for example Sterbenz et al. 2010). It is certainly worth onsidering
all of these components of security, especially in complex cyber-physical systems such as the LoT.
understanding that the
However, for this piece we use the three broadest categories. of the CIA,
most significant
compromises may be of physical as well as information assets. We discuss some of the
must be
challenges, highlighting which principles are under threat of compromise. However, i:
recognised that this is not an exhaustive list of the security challenges
a 6.8.1 Physical Limitations of Devices andCommunicacions
and
In any application area, IoT devices are usually embedded with low power and low area processors,
even to the smallest
it has been recogmised that 'the Internet Protocol could and should be applied
devices' (Mulligan 2007).
CPU.
Constraints on IoT devices limit the ability to process information at speed - there is a limited
satisfy
memory, and energy budget. This means that challenging forms of security are required wt.ich
consumption.
the competing goals of strong performance and minimal resource
6.8.2 Heterogeneity, Scale, and Ad-hoc nature
It has been recognised that the high level of heterogeneity (Sicari et al. 2015; Misra, Maheswaran, and
Hashmi 2016), compounded by the large scale of IoT systems, will magnify security thr:ats to the
current intemet. Roman, Najera, and Lopez (2011) notes that heterogeneity has 'great inf.1ence over
the protocol and network security services that must be implemented in the IoT"
Security solutions have to cope with entities with varying hardware specifications, and nee to provide
authentication and authorisation of IoT nodes (Malina et al. 2016), as well as key agreement (Suo et al.
2012).
(SPPU-New Syilabus wefacademic year 21-22)(P5-35) lTech-Neo Publications.A SACHINSHAH Venture

internet of Things &Embedded Systems (SPPU-Sem.5-Como) (Security in loT)..Page no. (6-15)
The heterogeneity of the IoT means it cannot be assumed that all devices can present a full protocol
stack. Further, the potential number of services and service execution options, along with the need to
handle heterogeneous resources, requires service management; these challenges will have an adverse
impact on the security of IoT systems
6.8.3 Authentication and ldentity Management
Identity management concerns the unique identification of objects, and authentication then validates
the identity relationship between two parties (Mahalle et al. 2010). The CERP report (Vermesan et al.
2011) recognises that further research is needed in the 'development, convergence and interoperability
of technologies for identification and authentication that can operate at a global scale'.
Authentication within the IoT is critical, since without appropriate authentication the confidentiality,
integrity, and availability of systems can be compromised. This is because if an adversary can
authenticate as a legitimate user, they will have access to any data that the user has, and can see
(compromising confidentiality), modify (compromising integrity), and delete or restrict availability
(compromising availability) in the same way that the user can
a 6.8.4 Authorisation and Access Control
It has been recognised that there is a need to exercise access control over [the Internet of Things] at the
edge of the network in the device or, at least, a local access controller for the device' (Cerf 2015). There
is an important role in establishing whether the user, once identified and validated, has permission to
access the requested resources (Abomhara and Koien 2014):sri;a
Access control requires communication between entities (often restricted to. software. entities rather
than human, since users impact on the system through the software entities that they control) to
request and grant access.
There are various models for access control such as Discretionary Access: Control. (DAC- where an
administrator determines who can access resources); role-based.accèss.control (RBAC -allowing access
based on the role that the requester holds); and attribute-based access control (ABAC - where.rights
are granted through policies which evaluate the attributes of the user,iresource. requested and the
environment from which the request is made).
a 6.8.5 Implementation, Updating, Responsibility, and Accountability
It is vital, though often overlooked in discussion, that the implementation and. updating of security
protection must be both manageable and low cost. loT systems can be geographically remote, and
involve sensors and actuators in extreme and challenging environments. To. protect the cyber. security of
the system it is vital that any vulnerabilities are addressed as soon as they are discovered. As such,
there is a need for remote access to allow these system updates.
The latest software patches could be installed dynamically, and the»process managed'through cloud
assisted frameworks; however, designing a secure mechanism for dynamic installation is a challenging
task (Maglaras et al. 2016). It must also be recognised that updates can change the functionality of
devices, and these changes may not always be aligned with user expectations (Rose, Eldridg, and
Chapin 2015). For this reason, in cases where a user has responsibility or control over 'äpplying a patch,
they may decide against updating if they feel the risk of compromise oútweighà the iegative impact on UNIT
functionality (Cavusoglu, Cavusoglu, and Zhang 2008).
End Se,
(SPPU-New Syllabus w.e.f academic year 21-22)\(P5-35) a Tech-Neo Publications..A SACHIN SHAH Venture
(Securityin loT)...Page no.(6-16)
The Dyn attack in 2016 was illustrative of the significant impact a botnet of the likes of unpatched
printers, IP cameras, residential gateways, and baby monitors can have in conducting a distributed
denial of service attack. This leads to another significant challenge regarding responsibility, liability,
and accountability in the LoT.
& 6.8.6 Security issues in Healch, Well-being, and Recreation
Recently, there have been an increasing number of attacks where the victims have been hospitals.
There have been a myriad of potential and actual attacks on individual connected devices, including
drug delivery systems, electronic health implants, insulin pumps, and pacemakers.
However, recent years have seen attacks being discovered that are unprecedented in their scale and
surface. In particular, the MEDJACK attack (Storm 2015), first discovered by Trend Micro, impacted on
blood gas analysers, computerised tomogram apparatus, magnetic resonance imaging systems, and
X-ray machines. Attacks have been carried out that targeted communications protocols as well as
devices.
6.8.7 Security issues in Connected and autonomous vehicles
The connected and autonomous vehicles (CAV) area is complex and involves many different sensors,
actuators, infrastructure, communications protocols, and services.
Thes services vary from small, simple services running on only a few components, through to global
services involving significant parts of the critical national infrastructure. This work cannot encompass
all of the types of system and potential and implemented attacks.
However, it is possible tohighlight some of the most significant attacks.
6.8.8 Security issues in Industry 4.0
Industry 4.0 has been heralded as a transformational move that brings together data, connectivity, and
autonomy to create the Fourth Industrial Revolution. However, there exist a number of signifcant
threats to these cyber-physical systems. Significant cyber-physical attacks have been reported over a
number of years, and there are likely a significant number of attacks that are not reported, or even
discovered.
Examples include the Maroochy Water Services attack in Australia in 2000, in which the sewerage
system encountered a series of faults where the pumps were not running when they were supposed to
be and alarms were disabled. This was further aggravated by a loss of communication from the central
computer with various pumping stations. Similarly, Stuxnet had a rapid and significant impact on the
Iranian nuclear industry. More recent attacks include the 2014 attack on a German steel mil, and
disruptions to the Ukrainian energy network
a 6.8.9 Securicy issues in Logistics
The loT appears to offer significant efficiency and business opportunity in logistics. There are various
application scenarios, which inevitably creates a large attack surface. One recognised attack is the
manipulation of embedded data, either by malicious substitution of tags or by modification of tag
information (Misra, Maheswaran, and Hashmi 2016). Whilst logistics are often thought of as part of the
road network, it should be recognised that logistics also involve rail, air, and sea.
(SPPU-New Syllabus w.e.f academic year 21-22) (P5-35) la Tech-Neo
ech Publications..A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem 5-Comp)
(Security in loT) Page no (6-17)
A particular valnerability concerns the modification of ship details including position, course care
flagged country, peed, name, and MMSI (Mobile Maritime Service Identity) status (Balduzzi, Pasta Bnd
Wilhoit 2014). T further intensify an attack. the creation of fake vessels with all the same details of ax
existing vessel can be exploited, forexample, having an Iranian vessel with nuclear cargo appear off the
coast of the US. This compromises the confidentiality and integrity of the system
A 6.8.10 Security issues in Smart Grid
Attacks on critical national infrastructure for energy, such as the reported attack by China and Russia
on the United States (see Misra, Maheswaran, and Hashmi 2016), and the attacks on Ukraine have
been discussed extensively in white papers, academic papers (see Liang et al. 2017) for example, and
the wider press.
These attacks are predominantly (though it may be argued not exclusively) attempting to disrupt
availability in these cyber physical systems. However, there are a number of other attacks known
within Smart Grid technologies.
A 6.8.11 Security issues in Homes, Buildings, and Offices
There is a vast range of devices for the smart home promising intelligent resource efficiency through
remote and instant access and control. Whilst such devices and services offer economic and functional
benefits, they do increase security risks. The key risks that such devices represent are to confidentiality
and privacy. Some issues, such as how energy consumption can provide inferences for profiling, have
been discussed previously. So, too, have the use of connected home devices and their contribution to the
Dyn attack.
The types of devices that have been compromised already include cameras, printers, doorbells, weighing
scales, and recently, in the UK in particular, home routers, among many others. Whilst lack of
availability of these devices is inconvenient, when the power of all devices is combined into a botnet, the
global impact can be significant.
6.9 CHALLENGES IN DESIGNING 10TAPPLICATION
GQExplain Challengesin designing iot application

A 6.9.1 Connectivity
Connectivity is the first concerning issue, i.e. how to connect devices to the internet and the cloud
computing platform. However, to a great extent, this is determined by the device application
environment and the type of communication infrastructure provided to these devices.
For example, if you need to develop a smart home device, such as an online toaster, you may access a
Wi-Fi home router or a ZigBee/Z-Wave loT router. Therefore, your device must support one or more
transmission media. However, in some environments, such as the agriculture loT or smart cars, access
tothe Wi-Fi network is unavailable, and the mobile network may be your only choice for
connection.
Therefore, you must balance your choice and make design decisions based on possibilities provided by
every option and investment. For example, it may be expensive to transmit data through a cellular
network to the cloud service, but you may determine to select the function first mode or the blocxchain
mode to build an loT ecosysten that is less dependent on cloud computing.
(SPPU-New Syllabus w.e.facademic year 21-22)(P5-35) Tech-Neo Publications..A SACHIN SHAHVenture

internet of Things & Embedded Systems (SPPU-Sem.5-Comp) (Securityin loT)...Page no. (6-18)
Of course, you also need to know that IoT is still a technology at its early stage and may undergo
significant changes or modifications. Too many uncertainties and competition trends exist. Therefore,
technologies in use today may become outdated in the future.
On the other hand, as compared to computers and smartphones that may be quickly replaced by new
products, loT devices have a longer life cycle. For example, a smart refrigerator must work for at least
five to ten years. Therefore, you must develop a plan to ensure that your device can maintain its
connectivity and adapt to new technologies when IoT begins to take shape in the future.
6.9.2 Security and Privacy
loT security has always been a controversial issue. The first challenge to be considered is that security
and privacy of IoT are fundamentally different from the network security that we've known. The
following lists some key points for security design that are considerable :
1. Physical Security :IoT devices are often located in open fields and are unattended and physically
unprotected. You must ensure that they will not be maliciously tampered with by a vicious
organization, breached by hackers, or operated using a flat-head screwdriver. Also, you must
protect data that gets stored on the devices in any form. Although it is costly to embed a security
protection component on every IoT device, it is still important to encrypt data on these devices.
2. Security of Data Exchange : Data protection is also important because data must get
transmitted from the loT sensors and devices to the gateway, and then to the cloud. Therefore, use
of encrypted transfer protocols is a must. In addition to encryption, you must also consider the
authentication and authorization to ensure IoT security.
3. Security of Cloud Storage : Data stored in the cloud is equally fragile as other parts of the loT
ecosystem. Your platform should be able to protect data stored in the cloud. Protection measures
include appropriate encryption, access control, and so on.
4. Update :Security vulnerabilities always exist no matter how much effort youpay to enhance your
product code and hardware. In this case, you must first have a plan to fix errors and quickly release
patches, instead of leaving the errors unfixed for a long period of time. Next, you must provide
customers with a direct and secure method to fix errors. Currently, it is popular to update online
devices over the air, but you must ensure that the above method itself will not become a security
vulnerability.
Regarding privacy, you must know that data collected by IoT devices are easily subject to restrictions on
laws and regulations. For example, a fitne_s tracker can collect a lot of user information, which is
protected by HIPAA in the United States. This means if you store this type of information on the cloud
server, the data must comply with related laws and regulations.
As a rule of thumb, you'd better anonymize customer data to avoidstoring personal identity information
in the cloud. This rule defends you against legal punishments when incidents occur.
A 6.9.3 Flexibility and Compatibility
As the loT pattern is continuously changing. you must ensure that your product can support future
technologies. However, it requires a balance between software and hardware when designing your
product
PPU-New Syllabus wefacademic year 21-22)(P5-35) Tech-Neo Publications..A SACHIN SHAH Venture
internet of "hings &Embedded Systems (SPPU-Sem.5-Comp) (Securityin loT)...Page no (6-19)
Devekoping dedicated hardware for your device helps your device achieve the optimum performance, but
may also restrict product update. On the other hand, selecting appropriate storage and computing
resources and operating systems (such as Linux, Brillo, or Windows loT) tailored for IoT may cause
degradation of performance, but it allows you to expand your device, use new functions, and fix bugs
using patches.
Some vendors may try to provide appropriate APls and SDKs whenever possible to allow the developing
personnel to add functions for their IoT devices. A good example is Amazon Echo. This IoT tool can
implement tke expansion in 1000 different directions using programming.
You must a.so consider compatibility when designing IoT products. Ensure that your loT device can get
seamlessly integrated with users' loT ecosystem, withost.increasingcomplexity or bringing any
setbacks to existing. experience. For. this reason, you need to consider both software and hardware.
An ideel situation is th¡t consumers should not be.fored to inastal a néw application just because they
purchasé a new smart device for their homes: Apple HomeKit and Samsung SmartThings are two
typicel examples, Both allow the developing persónnel to:provide new loT. functions for users in
environments that users are familiar with.
A 6.9.4 Datá, Collection and Processing
In addition to security and privacy, ýou müst 'also pYoperly plai how to process all collected data. You
must rst evaluate the amount 8f processedand colleted datato control'the size of your cloud storage
and m.eat your platferm requirements.
What iseven more important is how you are going
i
tÑ pYoceas the collecteddata. loT data is as precious
as gold, but it is useless if i t gets storede on your' server without getting properly processed. Therefore,
you ust figure out the skills and tools that can best, utilize ýour data. These tools include recruiting
data experts and adopting appropriate analysis. and machine learning to extract operable insight
information from the collected data.
IoT data car complete multiple practical functions; including 2 %
1. Supplement Existing Data: Most enterprises already håve extensivedata about their customers
before they migrate their services to föT: Integrating the existing data with data collected by loT
yi,nrtunties
devices can bring new business insights and more for generating revenues.
2. Analyze and Further Divide: Users Data collected by loT devices can alsg-tell you a lot of
infcrmalion aboat customers' preferences and characteristics. Analyzing and classifying loT data
can help enterprises better learn their customers' requirements and preferences, and enable them
to resolve related problems in a wiser manner.
3. Find Opportunities to Improve Products :Correct analysis of IoT data helps enterprises find
out functions that should and should not get added to products, and functions that should be
corrected to improve the production eficiency and ease-of-use. In this way, enterprises can add
appropriate functions to future products and update software accordingly.
UNIT
VI
End Sen
(SPPU-New Syllabus w.e.f academic year 21-22)(P5-35) a Tech-Neo Publications., ASACHIN SHAH Venture
(Security in loT)...Page no (6-20)
>6.1o LIGHTWEIGHT CRYPTOGRAPHY
GQ Explain LIGHTWeight Cryptography
a 6.10.1 Requirements for Lightweight Cryptography

The following factors on the implementation are required for lightweight cryptography.
Size (circuit size, ROM/RAM sizes)
Power
Power consumption
Processing speed (throughput, delay)
The first factor determining the possibility of implementation in a device is the size. Power is especially
important with the RFID and energy harvesting devices while the power consumption is important with
battery-driven devices. A high throughput is necessary for devices with large data transmissions such
as a camera or a vibration sensor, while a low delay is important for the real-time control processing of
a car-control system, etc.
Since the power is greatly dependent on the hardware such as the circuit size or the processor in use,
the size becomes the reference point for the lightness of the encryption method and also for the power.
The power consumption is dependent on the processing speed because of the execution time, so the
number of computations that determines the processing speed becomes the index of the lightness. The
throughput depends greatly on the parallel processing capability.
With regard to security, since encryption is the technological point of origin of the overall system
security the lightweight cryptography needs to adopt a method that is evaluated as having a sufficient
security level of modern cryptography. Even when the block length and/or secret key length are set
shorter than for the standard cryptography by prioritizing the ease of implementation (such as via
64-bit block and 80-bit secret key, for example,) it is stillrequired to correctly apply a proven method.
N6.10.2 Symmetric Key and Public Key Cryptographies
Cryptography can roughly be divided into symmetric key and public key (asymmetric key)
cryptographies. The symmetric key cryptography uses the same secret key for encryption and
decryption. With the processing that is relatively lightiweight, it is used in data encryption and
authentication.
On the other hand, public key cryptography uses a secret key in decryptioni and a public key different
from the secret key in encryption, and it is quite difficult to guess the secret key from the public key.
The computational complexity of the public key cryptography is typically as high as more than 1,000
times that of the symmetric key cryptography, but this technology is used in sharing the secret key used
in symmetric key cryptography and the digital signature, thanks to the asymmetrical property.
With asystem such as a plant or car- control system, it may be possible to embed the secret keys shared
by the devices in advance. In such a case, secure and efficient data protection can be implemented using
symmetric key cryptography alone. On the other hand, with a system that performs encrypted
communications dynamically with unspecified parties such as an inter-vehicle communication system,
the use of public key cryptography is effective.
(SPPU-New Syllabus w.e.f academic year 21-22)(P5-35) Tech-Neo Publications.A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem 5-Comp) (Secunity in loT).Page no (6-21)
We tocus mainly on the symmetric key cryptography that can be widely applied to devices that are
functions such
Subject to severe resource restrictions. The symmetric kev cryptography consists of core
as block or stream ciphers (cryptographic primitives) and methods to apply the core function to a packet
called the block cipher mode of operation for encryption and/or authentication.
Fig. 6.10.1 shows an example of the block cipher mode of operation used for the authenticatin (called
CBC-MAC: cipher block chaining message authentication code). To render acryptography lightweight,
it is required to improve the efficiency of the block cipher mode of operation as well as the cryptographie
primitives.
1block
Data (Divided into blocks)
Block'n
Plain text Block1 Block 1
Encryption Encryption Encryption |Encryption
|Cipher text Authentication tag is sent together with data. ALthentication Tag|
The receiving party generates a tag similarly
and checkit to the received ta,
Block Cipher An example of message authentication: C8C
(F1)Fig. 6.10.1 : An Example of block cipher mode of operation

6.10.3 Trends in Lightweight Cryptography
R&D of lightweight cryptography was begun around 2004 with a project in Europe and it ha_ recently
been reactivated via the M2MIoT process. The international standard ISOIEC 29192 "Lightweight
Cryptography" was established at ISO/TEC JTC /SC 27.The U.S. National: Institute of Standards and
Technology (NIST) that issues guidelines on cryptographic technologies initiated the Lightweight
Cryptography Project in 2013 and announced a public call for applications of lightweight eryptographies
in 2017.
PRESENT is a block cipher regarded as being the precursor of lightweight cryptography. it was
published in 2007 and has been registered in ISO/IEC 29192. It has asmall circuit size thát enables
implementation in the RFID tag, which is not possible sing the standard AES encryption. The U.S.
National Security Agency (NSA) published lightweight block cipher SIMON/SPECK that features a
very small ROM size suitable to a constrained microprocessor (2013) and proposed its addition to
ISOEC 29192 with the aim of achieving international standardization.
Ablock cipher mode of operation that can achieve both encryption and message authentication is called
"authenticated encryption." Considering the importance of false data detection in loT, it is expected that
encryption willmean authenticated encryption in the future. Even 'when the same block cipher is used,
the efficiency and the security vary considerably depending on how it is implemenzed as an
authenticated encryption. There exist NIST-recommended authenticated encryptions called the AES.
CCM/GCM, but considering the importance of authenticated encryption and the progress in research,
next-generation authenticated encryptions of lighter weight and higher security are desirable. Under
these circumstances, an international authenticated encryption competition called CAESAR
(Competition for Authenticated Encryption: Security, Applicability, and Robustness) was started with
NIST's support in 2014 and there were 60 submissions. Candidates have been narrowed down every
year in accordance with the algorithm characteristics and functions, and the final selection will be
published by the end of 2017.
(SPPU-New Syllabus w.e.f academic year 21-22)(P5-35) Tech-NeoPublications..A

le SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Securityin loT)..Page no. (6-22)
In Japan, the CRYPTREC (Cryptography Research and Evaluation Committee) assesses electronic
government-recommended ciphers and monitors the trends of cryptographic technologies. Its
Lightweight Cryptography WG has been developing its activities since 2013. These include the
evaluation of the implementation of representative block ciphers, as well as security surveys and
research into the effective use of lightweight cryptographies.
6.11 CASE STUDY: HOME INTRUSION DETECTION
GÌ Explain Horme INtrsion Detection
A 6.11.I General System Design

Arrival of Activate the Nottication
intruder hardware module to user
Power
Camera supply
PIR
sensor
Email User
Inttuder Arduino Raspperry pi
Alarm
Fig. 6.11.1
In designing a systerm, the first step is to develop the architecture of the system. Firstly, the scenario of
possible intruder entry and how the warning informs need to be considered. The possible intruder
scenario can be seen in the "Arrival of Intruder" section in Fig. 6.11.1: In this research, we assume the
intruder to enter the house from the front door. As the intruders arrive/enter, the PIR Sensor located
near the front door detects the motion of the intruders. The PIR sensor reads every movement that
passes through the detection range of the PIR sensor, i.e., approximately 4-7 m. In the process of motion
detection, the system will read continuously until a movement is found.
Start
If there is a movement, then the system will activate the
camera. The generated images are then stored in the Movement
system directory. After the photo capture and storage detection
process, the system will activate the function for human No
No
detection. In human detection, we use the HOG and SVM Any
movement?
methods. Features of the photo are extracted using HOG Any
and then a classification of features is performed by using Yes people?
SVM. SVM matches the features of the photos with Take picture Yes
features in the dataset. If human presence is detected in
Active
the photo, then the system will activate the buzzer as an buzzer
alarm and send an email notification. If the-re is no People
detection
human presence detected in the picture, then the system
Send email
will re-read the movement or return to the initial process.
The complete systerm workflow is shown in Fig. 6.11.2.
End
Fig. 6.11.2 :System workflow
SPPU New Syllabus wefacademic year 21-22)(P5-35) aTech-Neo Publications..A SACHIN SHAH Venture
Internet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Security in loT)...Page no. (6-23)
6.11.2 Hardware Design
This section outlines the hardware design. The hardware design includes the selection of electronics
equipment and the integration of all of components. Fig. 6.11.3 shows the hardware design for our
security monitoring system. Meanwhile, the specifñcations of every component are presented in
Table 6.11.1. The number in Fig.6.11.3 corresponds to the order of component in Table 6.11.1.
For processing module, we use Raspberry Pi 3 model B. This board is equipped with wireless LAN
module for communication. Arduino is used to collect the signal from PIR sensor through jumper cable.
Arduino is connected to Raspberry Pi via USB cable. To capture the picture, USB webcam is mounted to
the Raspberry Pi 3 via USB cable.
To release warning, buzzer module is connected to Raspberry Pi 3 through GPIO port. The Raspberry Pi
3 is also connected to the internet so that the system has the ability to send an email notification.
Table 6.11.l : Hardware specification
No Name Description
1 PIR Sensor PIR Sensor for movement detection
2 Arduino Arduino Uno
3 Camera Using webcam camera USB 2.0 (Logitech c525) for take picture
4 Raspberry Pi Using Raspberry Pi 3 ModelB, ARM Cortex-A53 12 GHZ, 1GB RAM, 802.11n
3 wireless LAN. In this Raspberry Pi 3image processing has been installed
(OpenCV)
5 Buzzer Passive buzzr for alarm
(3-*
Fig. 6.11.3 : Hardware architecture % 37.!
6.11.3 Software Design

After the hardware design, software was then designed. Firstly, we create ause case diagram as shown in
Fig. 6.11.4.The user starts activating the system in Rasp-berry Pi 3. UNIT
VI
End S
(SPPU-New Syllabus w.e.f academic year 21-22)(P5-35) Tech-Neo Publications.A SACHIN SHAH Venture
Intemet of Things &Embedded Systems (SPPU-Sem.5-Comp) (Securityin loT)..Page no. (6-24)
Algorithm: Motion Detection in Arduino
Declare : S/stem
Pin, pirState, val := 0, CActivate the systom (Take a photo
Algorithm: <<extend> <ertend
1 While val <> ldo <extend>>
2 If pin := HIGH
Detect People detecton
3 If pirState := LOW movement
4 val := 1 User
<<extend>2 i<cextend>>
5 pirState := HIGH
6 Else Send email Acivate the a'arm
7. IF pirState := HIGH
8 val := 0
Fig. 6.11.4 :Use case diagram
9 pirState := LOW
10. End While
Listing 1. Pseudo Code of Software in Arduino

Movement detection is handled by PIR Sensor and Arduino sends the true or false value to Raspberry
Pi 3. Photo captured is triggered after Arduino sends the data. Raspberry Pi 3 controls the camera.
Fig. 6.11.5 shows the software architecture.
Arduino
PIR sensor Raspbian stretch
|Opencv 3
Movement
detection Active Send
Capture
imags |HOG +SVM buzzerl email
Fig. 6.11.5: Software architecture

This diagram shows the position or location of each application fùnction on the hardware that will be
installed and arranged from the application. HOG and SVMiare also installed in Raspberry Pi 3. HOG
is used to extract the features of human objects in the image. In the first step, the HOG method will
convert RGB image (red, green, blue) to grayscale image.
Then, gamma normalization will be done to calculate the result of the square root of each channel (red,
green and blue channel). Then, the gradient value of each pixel will be calculated by dividing it into
8x 8 cells. The next process is to detérmine the number of orientation bin that will be used in the
histogram (spatial orientation,binning).
After that, the normalization process of block 16 x 16 is done to cells to overcome the lighting changes.
In this process there are blocks that overlap due to their shifting cells. The final process is to calculate
the HOG feature vector. The resulted HOG feature will be processed using the SVM method to
determine whether the feature is a human feature or not. The full process of human detection can be
seen in the Fig. 6.11.6.
(SPPU-New Syllabus wef academic year 21-22)\(P5-35) a Tech-Neo Publications.A SACHIN SHAH Venture
Internet of Things& Embedded Systems (SPPU-Sem.5-Comp) (Security in lo)..Page no (6-25)
Start
Nomallze Compute Woighted vo

Bnput image gamma and
gradients into spatial and
clOur onenaion ce
Collect Conttast
Personnon normalize over
perdon Unear SVM iHOG's over
dassificaton -deteotion overlapping
.window spatial block
Start
Fig. 6.11.6: Human detection process

6.11.4 System Setup
l. PIR Sensor on Arduino : Programming for motion detection, using PIR sensor is performed on
Arduino IDE application. The source code is then embedded into Arduino by connecting the Arduino
with a computer using a USB cable and the programs are downloaded to Arduino.
2. Raspberry Pi 3
(a) Raspbian Stretching. OpenCV and Python : The operating system used for Raspberry Pi 3 is
Raspbian Stretch. This operating system can be downloaded on the official.Raspberry site. This
operating system operates on 32GB MicroSD. The type of MicroSD used is MicroSD Class 10 which
is commonly used on Android. smartphones After Raspbian Strech is installed, the applications
required on Raspberry Pi 3are OpenCV and Python to run HOG and SVM, For the computer vision
library, opencv 3.3.0, opencv_contrib and Python3.0 is used in this research.
(b) Camera : The webcam camera function uses the fswebcam library. Then the..sh file is created with
a program script.The resulting photo is 640 x 480 pixels and the FPS parameter 15. The purpose of
the low-resolution setting is toperform the photo process quickly, ie., less than 1 sec.
(c) Alarm:The Alarm function on the Raspberry Pi 3 already supports the
gpiozero pin interface.
Therefore, the alarm can be used immediately.
(d) E-mail : To send an emnail using SMTP, some configurations are conducted. In this study, two
emails with the Gmaíl domain ís utilized. The first e-mail address is
rpiserverxxx@gmail.com, used
as server initialization photo was obtained. The photo is stored .by the system in the
temporary
folder, namely directory /home/pi/Home Security/images.
Chapter Ends..
O00
UNI
End

Iot Tech Neo

Uploaded by

Copyright:

Available Formats

You might also like

Iot Tech Neo

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Iot Tech Neo

Uploaded by

Copyright:

Available Formats

UNIT Ill

loT : Design Met~~dology

'· ... •i,•. !, .. .. ". /)!:

automation system as an example. •..............................................,................... 3-4

3.4 Ne.'Wori(ing Components·--··-·- ..·-······ ..............- ........... - .................................................................... .................. 3· 11

ua. What is Publish-Subscnbe Communication Model ft.i44•0U1Jt4iMtrJflj. ........................................ 3· 17

ua. Compare REST4>ased commonicatioo aod Web Socket communicatioo API .

3.1 0.4 SCA D--- ----- -- -·--- ........·-·-···...·--........... _ .. 3-25

i- - - - -..- - -.- -.-_.-\.--: - ~-,- - ---.;;-.-\- -- ~ ~, ~ -,.-: ~ 7 - - ~ - ~.. ~ :- .- .: : ~ ,-~ : .- - - .- - - - - - - - - - - - - - - - ~

loT Design Methodology that includes :

(SPP'J--New Syllabus w.e.f academic year 21-22) (PS-35)

Ll11•11 '"' flrtillyz,·d :111 1I Vlil 1Jalw·d by

rloud h.1::ed applic.1t1,111 s

~ 3. 2.2 Process Specification

~ 3.2.J Domain Model Specification

• Resources are software components which can be either on-device or network-resources.

Resource Associated w~h

. ~ · ', •: ··.· Ma,iconiP~r ·. '' ·

·,✓ -~ :.·:-. l: f •. '• ~• . ~.-.·

a l.2.4 Information Hodel Specification

humidity and light once every 15 seconds.

'B. l.2.6 lot level Speciraadon

(SPPU-New Syllabus w.d academic year 21-22) (PS-35)

deployment levels. out which we have

• The system consists of multiple

a l.2.7 Functional View Specification.

Web App. Applicalion Database

Analybc:s S•nrlces Security

• Applirnti,m maps to the Application FG, Management FG and Securit

I. Computing Device- : Raspberry Pi, Tempe rature, Pressur e, Light and

r GQ. What is device and ccimponenffnt~ratio'nf·,.-,.. -+•:i,,·.1--•,··.::-••!th<u.,~:i~r,;.,}·,·.;_:;:tJ:'::\:~,i;.:',,,:!'.'.'" •;~ -~':°''''··

(1C7lFtg. 3.2.7: Devitt and Component Integration or Weather Monlto~~g,s_yste~·,

'a. l.2.10 Appliation Development

* :-l.J '.:<_; BMICS ..·of

• In previous section we discussed about basics of loT

different sensors. For example things like telephones,

'B.. l.4. t Functional Componenu of loT

For building IoT system following functional component are important.

variety of public networks like LANs, WANs, and MANs.

Structure of the i.JJ.ternet

The structure of internet is divided into three parts.

Communica lion Communicalion .

• Using lnteme t Service Provide r (ISP) a client connects the comput

system holds an IP ciddress',' fe., :

173.196.95.98, and the second system contain s an IP address , i.e., 162.194 l .

.60.98. Suppose cliin~ ~ant to·'

3. Complete Infrastr ucture

The framew ork of the interne t consists of multiple interconnected

~ ·l.6 • · · CONNECTIVllYJ:ECHNQLOGIES · · ,. ( I. ,fP

• In previous section we have understood different basic

~-·, i~ ..tw.s ,:seCtiol_l.' ·We. will,discuss

nodedeviceandserver.ov~;,t~e-jI _1.t~JJ].E}tl"'•··n• l" ·--t· · ·,c,, -~--. ·: · · ..J ~.- :._-,--:

. ,. ·,..,. ·· - · ~,- ' .· .•

Th I'. Jl · fi h h Link Layer

~ ~(a) . Application Lc1y~r .

• . HTI'P stands for Hypertext Transfer Protocol(H'ITP)

.• COAP ~tands for Constrained Application Protocol (COAP)

• Web socket is a TCP tYPe of communication protocols.

Before Communication it establishes a connection for transferring the data packets.

;t-:'! J.i;~ ~!.":;:~:Sl-~~ -c ~;,i'~~~~i~-~~'!~-~ ~ff~~~r:~--.;_~;