Samy El-Tawab scite author profile

The Internet of Things (IoT) has become a popular subject in the technology industry and will soon reach the popularity level of smartphones. With the rapid technological advancements of sensors, Wireless Sensor Networks (WSNs) has become the main technology for IoT. We investigated the security of WSNs in an environmental monitoring system with the goal to improve the overall security. We implemented a Secure Temperature Monitoring System (STMS), which served as our investigational environment. Our results revealed a security flaw found in the bootstrap loader (BSL) password used to protect firmware found in the MSP430 MCU. We demonstrated how the BSL password could be brute forced in a matter of days. Furthermore, to our knowledge we illustrated the first sample of how an attacker can reverse engineer firmware and obtain WSN cryptographic keys. Our sample provides a step-by-step procedure on how to reverse engineer MSP430 firmware. We contributed a solution to improve the BSL password and better protect firmware found in the MSP430 chips. The Secure-BSL software we contributed allows the randomization of the BSL password. Our solution guarantees brute force times in a matter of decades. The impractical brute force time assures the security of firmware and prevents future reverse engineering tactics. In addition, our Secure-BSL software supports two-factor authentication, therefore adding another layer of security. The two-factor authentication feature allows developers to specify a user-defined passphrase to further protect the MSP430 MCU. Our research serves as proof that any security implemented in a WSN environment is broken if an attacker has access to firmware found in sensor devices.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Samy El-Tawab

Automatic Incident Detection in Intelligent Transportation Systems Using Aggregation of Traffic Parameters Collected Through V2I Communications

Security analysis of an IoT system used for indoor localization in healthcare facilities

WiFi Sensing System for Monitoring Public Transportation Ridership: A Case Study

Energy monitoring and control using Internet of Things (IoT) system

Improving the security of wireless sensor networks in an IoT environmental monitoring system

Contact Info

Product

Resources

About