2026
- Data Offloading for Mobile Unmanned Systems – Evaluation of Throughput and Latency in a Private 5G NetworkBertram Schütz, Felix Bott, Robert Hollig, Olaf Stenzel, Jan Bauer, and Steffen GreiserIn Accepted for the 2nd International Conference on Drones and Unmanned Systems (DAUS), 2026
This paper investigates data offloading for mobile unmanned systems in private 5G networks. The presented evaluation is based on real-world measurements in a modernized industrial facility, using an unmanned ground vehicle. The results indicate, that the service requirements for uplink and downlink throughput are mostly met, while latency is still partially an issue for real-time data offloading and online processing.
@inproceedings{schuetz2026offloading, title = {{Data Offloading for Mobile Unmanned Systems -- Evaluation of Throughput and Latency in a Private 5G Network}}, author = {Sch\"utz, Bertram and Bott, Felix and Hollig, Robert and Stenzel, Olaf and Bauer, Jan and Greiser, Steffen}, year = {2026}, booktitle = {Accepted for the 2nd International Conference on Drones and Unmanned Systems~(DAUS)}, address = {Salzburg, Austria}, google_scholar_id_ = {}, } - On the Potential of Public Network Dual-Use for Medium Altitude Long Endurance Remotely Piloted Aircraft Systems (MALE RPAS)Gunnar Schneider, Michael Rachner, Jan Bauer, and Bertram SchützIn Accepted for the 2nd International Conference on Drones and Unmanned Systems (DAUS), 2026
Medium Altitude Long Endurance (MALE) Remotely Piloted Aircraft Systems (RPASs) operate at an altitude of approximately 12 km with a long operational life up to 40 h. In Terms of efficiently transmitting sensor and situation information, a robust and broadband communication link is crucial for enabling new applications such as transmission of high-definition ISR (Intelligence, Surveillance, Reconnaissance) data. Traditional tactical data links offer high robustness but deliver low data rates and incur high costs per node, making scaling distributed sensor networks difficult. This work aims to assess whether the civilian communication technologies can meet the requirements of MALE RPASs in a tactical environment, using the NATO Anglova scenario as a representative example. To this end, we analyze the extent to which the European Aviation Network and 5G-Non-Terrestrial Networks can be used and represent an open, cost-effective alternative to open up new operational possibilities – in particular through the dual use of civilian technologies with applications in sensor and communication relay payloads. Our results indicate significant potential for civil-driven technologies, although further detailed modeling and field testing are required.
@inproceedings{schneider2026malerpas, title = {{On the Potential of Public Network Dual-Use for Medium Altitude Long Endurance Remotely Piloted Aircraft Systems (MALE RPAS)}}, author = {Schneider, Gunnar and Rachner, Michael and Bauer, Jan and Sch\"utz, Bertram}, year = {2026}, booktitle = {Accepted for the 2nd International Conference on Drones and Unmanned Systems~(DAUS)}, address = {Salzburg, Austria}, google_scholar_id_ = {}, }
2025
- Trust in the Deep: a Survey on Authenticating Acoustic Underwater CommunicationLuisa Lux, Elmar Padilla, and Jan BauerIn Proceedings of the IEEE Virtual Conference on Communications (VCC), 2025
The increasing capabilities of underwater sensing and wireless networking have led to a growing range of applications in both civilian and military domains. As these underwater systems become more pervasive, the integrity of the collected sensor data – and consequently the authenticity of the communicating entities and the messages exchanged – becomes critical for ensuring trust in the data, its interpretation, and eventually in the envisioned concept of a transparent ocean. Over the past decade, various approaches have been proposed to ensure authentication in underwater acoustic communication ,ranging from adaptations of traditional cryptographic mechanisms to novel physical-layer techniques tailored to the underwater environment. This paper provides an overview of these developments, systematically analyzing their advantages and limitations in light of the unique challenges posed by underwater acoustic communication.
@inproceedings{lux2025uacauth, title = {{Trust in the Deep: a Survey on Authenticating Acoustic Underwater Communication}}, author = {Lux, Luisa and Padilla, Elmar and Bauer, Jan}, year = {2025}, booktitle = {Proceedings of the IEEE Virtual Conference on Communications~(VCC)}, address = {virtual}, pdf_ = {lux2025uacauth.pdf}, doi_ = {} } - MAC Aggregation over Lossy Channels in DTLS 1.3In Proceedings of the 33rd IEEE International Conference on Network Protocols (ICNP), 2025
Aggregating Message Authentication Codes (MACs) promises to save valuable bandwidth in resource-constrained environments. The idea is simple: Instead of appending an authentication tag to each message in a communication stream, the integrity protection of multiple messages is aggregated into a single tag. Recent studies postulate, e.g., based on simulations, that these benefits also spread to wireless, and thus lossy, scenarios despite each lost packet typically resulting in the loss of integrity protection information for multiple messages. In this paper, we investigate these claims in a real deployment. Therefore, we first design a MAC aggregation extension for the Datagram Transport Layer Security (DTLS) 1.3 protocol. Afterward, we extensively evaluate the performance of MAC aggregation on a complete communication protocol stack on embedded hardware. We find that MAC aggregation can indeed increase goodput by up to 50 % and save up to 17 % of energy expenditure for the transmission of short messages, even in lossy channels.
@inproceedings{wagner2025dtls, title = {{MAC Aggregation over Lossy Channels in DTLS 1.3}}, author = {Wagner, Eric and Heye, David and Bauer, Jan and Serror, Martin and Wehrle, Klaus}, year = {2025}, booktitle = {Proceedings of the 33rd IEEE International Conference on Network Protocols~(ICNP)}, address = {Seoul, South Korea}, doi = {10.1109/ICNP65844.2025.11192339} } - Seeing is Believing – a Practical Study of Cyber Attacks on Maritime Navigation SystemsFrederik Basels, Philipp Sedlmeier, Elmar Padilla, and Jan BauerIn Proceedings of the 3rd International Special Track on Maritime Communication and Security (MarCaS) of the 50th IEEE Conference on Local Computer Networks (LCN), 2025
The maritime transportation system is the backbone of global trade and the economy. At the same time, the legacy IT and communication systems onboard modern cargo ships with their integrated bridge systems are increasingly vulnerable to cyber attacks, as researchers have repeatedly demonstrated. Despite the growing threat, progress on securing maritime systems remains slow. One major obstacle is the protracted standardization process, which delays the deployment of effective countermeasures. Another, however, is the limited awareness – and resulting inaction – among maritime stakeholders regarding the potentially fatal impact of cyber attacks on bridge systems and navigation decisions. In this paper, we therefore compile known academic cyber attacks targeting ship IT and apply them to a representative, real-world ship navigation bridge to highlight its vulnerabilities and raise stakeholder awareness. We also share insights and lessons learned from our implementation.
@inproceedings{basels2025marcas, title = {{Seeing is Believing -- a Practical Study of Cyber Attacks on Maritime Navigation Systems}}, author = {Basels, Frederik and Sedlmeier, Philipp and Padilla, Elmar and Bauer, Jan}, year = {2025}, booktitle = {Proceedings of the 3rd International Special Track on Maritime Communication and Security~(MarCaS) of the 50th~IEEE Conference on Local Computer Networks~(LCN)}, address = {Sydney, NSW, Australia}, doi = {10.1109/LCN65610.2025.11146370} } - CAIBA: Multicast Source Authentication for CAN Through Reactive Bit FlippingIn Proceedings of the 2025 IEEE 10th European Symposium on Security and Privacy (EuroS&P), 2025
Controller Area Networks (CANs) are the backbone for reliable intra-vehicular communication. Recent cyberattacks have, however, exposed the weaknesses of CAN, which was designed without any security considerations in the 1980s. Current efforts to retrofit security via intrusion detection or message authentication codes are insufficient to fully secure CAN as they cannot adequately protect against masquerading attacks, where a compromised communication device, a so-called electronic control units, imitates another device. To remedy this situation, multicast source authentication is required to reliably identify the senders of messages. In this paper, we present CAIBA, a novel multicast source authentication scheme specifically designed for communication buses like CAN. CAIBA relies on an authenticator overwriting authentication tags on-the-fly, such that a receiver only reads a valid tag if not only the integrity of a message but also its source can be verified. To integrate CAIBA into CAN, we devise a special message authentication scheme and a reactive bit overwriting mechanism. We achieve interoperability with legacy CAN devices, while protecting receivers implementing the AUTOSAR SecOC standard against masquerading attacks without communication overhead or verification delays.
@inproceedings{wagner2025caiba, title = {{CAIBA: Multicast Source Authentication for CAN Through Reactive Bit Flipping}}, author = {Wagner, Eric and Basels, Frederik and Bauer, Jan and Zimmermann, Till and Wehrle, Klaus and Henze, Martin}, year = {2025}, booktitle = {Proceedings of the 2025 IEEE 10th European Symposium on Security and Privacy~(EuroS\&P)}, address = {Venice, Italy}, doi = {10.1109/EuroSP63326.2025.00045} } - Investigating the Impact of Communication Delays and Bandwidth Restrictions on Remote Operations of Unmanned SystemsJan Bauer, Alexander Klein, Bertram Schütz, and Jannis StoppeIn Proceedings of the 1st International Conference on Drones and Unmanned Systems (DAUS), 2025—
Best Paper Award — While autonomy of unmanned systems is advancing rapidly, human oversight remains essential due to legal and operational constraints, making communication a critical factor. This paper explores the impact of communication delays and bandwidth limitations on the remote operation of those systems, focusing on long-range offshore underwater missions conducted with extra-large unmanned underwater vehicles as mobile operation platforms. In such scenarios, communication impairments, such as delays, jitter, bandwidth restrictions, and packet loss, can severely affect human remote control of the system. We address this challenge in the context of uncrewed underwater vehicles, which often rely on multi-hop communication via buoys to extend the range of remote control, and propose a methodology to empirically investigate the communication impact. Through preliminary experiments with remotely operated vehicles, we collect real-world data for further analysis and simulation.
@inproceedings{bauer2025commimpact, title = {{Investigating the Impact of Communication Delays and Bandwidth Restrictions on Remote Operations of Unmanned Systems}}, author = {Bauer, Jan and Klein, Alexander and Sch\"utz, Bertram and Stoppe, Jannis}, year = {2025}, booktitle = {Proceedings of the 1st International Conference on Drones and Unmanned Systems~(DAUS)}, address = {Granada, Spain}, note = {--- $:trophy:$ Best Paper Award ---}, doi = {http://dx.doi.org/10.13140/RG.2.2.18747.94240} } - Potential Analysis of Software Obfuscation to Protect Unmanned Systems against Forensic AnalysisNiklas Bergman, Elmar Padilla, and Jan BauerIn Proceedings of the 1st International Conference on Drones and Unmanned Systems (DAUS), 2025
This paper addresses the growing need to protect unmanned systems (UxVs) from forensic analysis, particularly in hostile scenarios where systems are captured and reverse-engineered by adversaries. While UxVs play critical roles in both civilian and military applications, their vulnerability to software extraction however poses significant risks, especially in the context of AI-based algorithms used for sensor data analysis. Existing legal protections are insufficient, particularly in military contexts, highlighting the need for technical defense mechanisms. We explore software obfuscation as a complementary solution to safeguard sensitive algorithms and software architecture. The paper provides an overview of current obfuscation techniques, introduces a modular and automated obfuscation framework, and assesses its costs and effectiveness in preventing forensic analysis through performance measurements and an initial user study. The findings demonstrate the potential of obfuscation as a robust strategy for enhancing the security of UxVs against adversarial capture.
@inproceedings{bergmann2025obfuscation, title = {{Potential Analysis of Software Obfuscation to Protect Unmanned Systems against Forensic Analysis}}, author = {Bergman, Niklas and Padilla, Elmar and Bauer, Jan}, year = {2025}, booktitle = {Proceedings of the 1st International Conference on Drones and Unmanned Systems~(DAUS)}, address = {Granada, Spain}, doi = {10.13140/RG.2.2.18747.94240} }
2024
- Exploring Anomaly Detection for Marine Radar SystemsAntoine Saillard, Konrad Wolsing, Klaus Werhle, and Jan BauerIn Proceedings of the 10th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS) in conjunction with the 29th European Symposium on Research in Computer Security (ESORICS), 2024
Marine radar systems are a core technical instrument for collision avoidance in shipping and an indispensable decision-making aid for navigators on the ship’s bridge in limited visibility conditions at sea, in straits, and harbors. While electromagnetic attacks against radars can be carried out externally, primarily by military actors, research has recently shown that marine radar is also vulnerable to attacks from cyberspace. These can be carried out internally, less “loudly”, and with significantly less effort and know-how, thus posing a general threat to the shipping industry, the global maritime transport system, and world trade. Based on cyberattacks discussed in the scientific community and a simulation environment for marine radar systems, we investigate in this work to which extent existing Intrusion Detection System (IDS) solutions can secure vessels’ radar systems, how effective their detection capability is, and where their limits lie. From this, we derive a research gap for radar-specific methods and present the first two approaches in that direction. Thus, we pave the way for necessary future developments of anomaly detection specific for marine navigation radars.
@inproceedings{saillard2024radarnomaly, title = {{Exploring Anomaly Detection for Marine Radar Systems}}, author = {Saillard, Antoine and Wolsing, Konrad and Werhle, Klaus and Bauer, Jan}, year = {2024}, booktitle = {Proceedings of the 10th Workshop on the Security of Industrial Control Systems \& of Cyber-Physical Systems~(CyberICPS) in conjunction with the 29th European Symposium on Research in Computer Security~(ESORICS)}, address = {Bydgoszcz, Poland}, doi = {10.1007/978-3-031-82349-7_24} } - Dude, Where’s That Ship? Stealthy Radio Attacks Against AIS BroadcastsFelix Klör, Jan Bauer, Sachar Paulus, and Michael RademacherIn Proceedings of the 2nd International Special Track on Maritime Communication and Security (MarCaS) of the 49th IEEE Conference on Local Computer Networks (LCN), 2024
The Maritime Transportation System (MTS) is the foundation of global trade, a crucial pillar of our economy’s supply chains, but also critical to energy and food security. At the same time, it is increasingly exposed to new types of threats. These include attacks from the cyber and electromagnetic spectrum against various information and telecommunications systems on board vessels as the backbone of the MTS. The radio-based Automatic Identification System (AIS) is one of these systems, used to monitor ship routes and for traffic planning, and supports collision avoidance on the vessel side. The technical vulnerabilities of the system have long been known and caution is therefore advised. Conventional attacks are usually easy to recognize, so that disruptions to operations can occur, but serious damage can be limited. In this paper, however, we present a novel radio-based attack on AIS that enables to selectively suppress identification messages of individual ships and thus to manipulate the situational awareness on the vessel’s bridge in a stealthy manner, which can have catastrophic impacts in critical situations. We demonstrate the technical feasibility of this attack in a laboratory environment with real hardware and, by elaborating this vulnerability, we are contributing to increasing the resilience of the maritime domain against evolving hybrid threats.
@inproceedings{kloer2024aisjamming, title = {{Dude, Where's That Ship? Stealthy Radio Attacks Against AIS Broadcasts}}, author = {Kl\"or, Felix and Bauer, Jan and Paulus, Sachar and Rademacher, Michael}, year = {2024}, booktitle = {Proceedings of the 2nd International Special Track on Maritime Communication and Security~(MarCaS) of the 49th IEEE Conference on Local Computer Networks~(LCN)}, address = {Caen, France}, doi = {10.1109/LCN60385.2024.10639674} } - Demo: Maritime Radar Systems under Attack. Help is on the Way!Frederik Basels, Konrad Wolsing, Elmar Padilla, and Jan BauerIn Proceedings of the 49th IEEE Conference on Local Computer Networks (LCN), 2024
For a long time, attacks on radar systems were limited to military targets. With increasing interconnection, cyber attacks have nowadays become a serious complementary threat also affecting civil radar systems for aviation traffic control or maritime navigation. Hence, operators need to be enabled to detect and respond to cyber attacks and must be supported by defense capabilities. However, security research in this domain is only just beginning and is hampered by a lack of adequate test and development environments. In this demo, we thus present a maritime Radar Cyber Security Lab (RCSL) as a holistic framework to identify vulnerabilities of navigation radars and to support the development of defensive solutions. RCSL offers an offensive tool for attacking navigation radars and a defensive module leveraging network-based anomaly detection. In our demonstration, we will showcase the radars’ vulnerabilities in a simulative environment and demonstrate the benefit of an application-specific Intrusion Detection System.
@inproceedings{basels2024radardemo, author = {Basels, Frederik and Wolsing, Konrad and Padilla, Elmar and Bauer, Jan}, title = {{Demo: Maritime Radar Systems under Attack. Help is on the Way!}}, year = {2024}, booktitle = {{Proceedings of the 49th IEEE Conference on Local Computer Networks (LCN)}}, address = {Caen, France}, doi = {10.1109/LCN60385.2024.10639793} } - By-Design Risk Mitigation for Large Uncrewed Underwater Vehicles (UUV)Sebastian Ritz, Anna Loewe, Jan Bauer, and Martin KurowskiIn Proceedings of the European Workshop on Maritime Systems Resilience and Security (MARESEC), 2024
In the age of technological advancement and the constant evolution of Uncrewed Underwater Vehicles (UUVs) with ever-increasing scopes, applications, and autonomy, it is crucial to identify and manage potential risks at the design stage to ensure their safety and efficiency. Such risk management is more important, in particular, given the increasing demand for monitoring and securing critical maritime infrastructure.This paper presents a generic set of ideas of how risks can be mitigated for large and extra-large UUVs. A risk ranking matrix, a result of a Hazard Identification Study (HAZID) study for those UUVs, forms the basis for developing methodologies and systems to mitigate the identified risks and hazards. This is done for the three main systems, i.e., mechanical system, energy system, and autonomy, as well as for the orthogonal topic of cyber security. Each system and its subsystems have their risk classification and need specialized techniques to mitigate the risks to a tolerable level considering costs and probability.
@inproceedings{ritz2024uuvrisk, title = {{By-Design Risk Mitigation for Large Uncrewed Underwater Vehicles (UUV)}}, author = {Ritz, Sebastian and Loewe, Anna and Bauer, Jan and Kurowski, Martin}, year = {2024}, booktitle = {Proceedings of the European Workshop on Maritime Systems Resilience and Security~(MARESEC)}, address = {Bremerhaven, Germany}, doi = {10.5281/zenodo.14214260} } - Threat Analysis for Novel Underwater Vehicles: Insights from the Perspective of Cyber SecurityAlexander Nies, Konrad Wolsing, and Jan BauerIn Proceedings of the European Workshop on Maritime Systems Resilience and Security (MARESEC), 2024
In complex underwater operations, the offshore subsea industry can benefit greatly from a novel class of extralarge uncrewed underwater vehicles due to their increasing autonomy and adaptability. However, their reliance on IT, reliable communication, and sensor information poses significant cyber security challenges exacerbated by rising maritime incidents. This study systematically analyzes the cyber attack surface of those underwater vehicles, assessing and ranking potential threats, and identifying critical system components. The research contributes by design to the definition of tailored security requirements. Our threat analysis creates the basis for simulation and test environments that foster the development of appropriate security measures in order to defend against the growing threats from cyberspace and the electromagnetic spectrum.
@inproceedings{nies2024threatanalysis, title = {{Threat Analysis for Novel Underwater Vehicles: Insights from the Perspective of Cyber Security}}, author = {Nies, Alexander and Wolsing, Konrad and Bauer, Jan}, year = {2024}, booktitle = {Proceedings of the European Workshop on Maritime Systems Resilience and Security~(MARESEC)}, address = {Bremerhaven, Germany}, doi = {10.5281/zenodo.14214969} } - Cybersicherheit für die Schifffahrt — mit einer Schiffsbrücke als Test- und EntwicklungslaborPhilipp Sedlmeier, Jan Bauer, Anisa Rizvanolli, and Ole JohnIn Proceedings of the 20th BSI German IT Security Congress, 2024
Angriffe auf kritische Infrastrukturen, wie zum Beispiel auf die Energieversorgung, die Informations- und Kommunikationstechnologie, aber auch auf die Transport- und Logistikbranche finden nicht erst seit heute auch im Cyberspace statt. Die geopolitischen Veränderungen der letzten Zeit haben die Verletzlichkeit dieser Infrastrukturen jedoch besonders deutlich gemacht. Dies gilt auch f¨ ur die maritime Logistik, beziehungsweise Schiffe als deren unverzichtbares Rückgrat. Die fortschreitende Digitalisierung und Vernetzung der Systeme an Bord von Schiffen erfordern daher Maßnahmen, mit dem erhöhten Risiko für Cyberangriffe umzugehen. Diese Maßnahmen umfassen nicht nur die Entwicklung geeigneter Schutzmaßnahmen, sondern auch Methoden zur Erkennung von Angriffen, zur gründlichen Erprobung existierender Komponenten auf der Brücke und im Maschinenraum, und zu speziellem Training für die Schiffsbesatzung. F¨ ur all diese Aspekte ist eine Testumgebung von Vorteil, welche die echten Bedingungen möglichst originalgetreu abbildet und es ermöglicht, Cyberangriffe einfach und benutzerfreundlich durchzuspielen. Trotz des Bedarfs für eine solche Umgebung sind “Trainingspl¨ atze”, die solche Anforderungen erfüllen, nur spärlich gesät. Es wird deshalb ein Labor präsentiert, das reale Schiffsbrücken-Hardware mitsamt dazugehöriger Antennenplattform mit digitalen Hilfsmitteln kombiniert, um Test- und Trainingsszenarien für die maritime Cybersicherheit zu entwickeln. Darin wird untersucht, wie die Schiffsbrücke cybersicher gestaltet werden kann.
@inproceedings{sedlmeier2024macy, title = {{Cybersicherheit für die Schifffahrt — mit einer Schiffsbrücke als Test- und Entwicklungslabor}}, author = {Sedlmeier, Philipp and Bauer, Jan and Rizvanolli, Anisa and John, Ole}, year = {2024}, booktitle = {Proceedings of the 20th BSI German IT Security Congress}, address = {virtually hosted in Bonn, Germany}, }
2023
- SoK: Evaluations in Industrial Intrusion Detection ResearchOlav Lamberts, Konrad Wolsing, Eric Wagner, Jan Pennekamp, Jan Bauer, Klaus Wehrle, and 1 more authorJournal of Systems Research, 2023
Industrial systems are increasingly threatened by cyberattacks with potentially disastrous consequences. To counter such attacks, industrial intrusion detection systems strive to timely uncover even the most sophisticated breaches. Due to its criticality for society, this fast-growing field attracts researchers from diverse backgrounds, resulting in 130 new detection approaches in 2021 alone. This huge momentum facilitates the exploration of diverse promising paths but likewise risks fragmenting the research landscape and burying promising progress. Consequently, it needs sound and comprehensible evaluations to mitigate this risk and catalyze efforts into sustainable scientific progress with real-world applicability. In this paper, we therefore systematically analyze the evaluation methodologies of this field to understand the current state of industrial intrusion detection research. Our analysis of 609 publications shows that the rapid growth of this research field has positive and negative consequences. While we observe an increased use of public datasets, publications still only evaluate 1.3 datasets on average, and frequently used benchmarking metrics are ambiguous. At the same time, the adoption of newly developed benchmarking metrics sees little advancement. Finally, our systematic analysis enables us to provide actionable recommendations for all actors involved and thus bring the entire research field forward.
@article{lamberts2023sok, title = {{SoK: Evaluations in Industrial Intrusion Detection Research}}, author = {Lamberts, Olav and Wolsing, Konrad and Wagner, Eric and Pennekamp, Jan and Bauer, Jan and Wehrle, Klaus and Henze, Martin}, year = {2023}, journal = {Journal of Systems Research}, volume = {3}, number = {1}, doi = {10.5070/SR33162445} } - XLab-UUV – A Virtual Testbed for Extra-Large Uncrewed Underwater VehiclesKonrad Wolsing, Antoin Saillard, Elmar Padilla, and Jan BauerIn Proceedings of the 1st International Workshop on Maritime Communication and Security (MarCaS) in conjunction with the 48th IEEE Conference on Local Computer Networks (LCN), 2023
Roughly two-thirds of our planet is covered with water, and so far, the oceans have predominantly been used at their surface for the global transport of our goods and commodities. Today, there is a rising trend toward subsea infrastructures such as pipelines, telecommunication cables, or wind farms which demands potent vehicles for underwater work. To this end, a new generation of vehicles, large and Extra-Large Unmanned Underwater Vehicles (XLUUVs), is currently being engineered that allow for long-range, remotely controlled, and semi-autonomous missions in the deep sea. However, although these vehicles are already heavily developed and demand state-of-the-art communication technologies to realize their autonomy, no dedicated test and development environments exist for research, e.g., to assess the implications on cybersecurity. Therefore, in this paper, we present XLab-UUV, a virtual testbed for XLUUVs that allows researchers to identify novel challenges, possible bottlenecks, or vulnerabilities, as well as to develop effective technologies, protocols, and procedures.
@inproceedings{wolsing2023xlabuuv, title = {{XLab-UUV -- A Virtual Testbed for Extra-Large Uncrewed Underwater Vehicles}}, author = {Wolsing, Konrad and Saillard, Antoin and Padilla, Elmar and Bauer, Jan}, year = {2023}, booktitle = {Proceedings of the 1st International Workshop on Maritime Communication and Security~(MarCaS) in conjunction with the 48th IEEE Conference on Local Computer Networks~(LCN)}, address = {Daytona Beach, FL, USA}, doi = {10.1109/LCN58197.2023.10223405} } - Phish & Ships and Other Delicacies from the Cuisine of Maritime Cyber AttacksJan Bauer, Joris Kutzer, Philipp Sedlmeier, Anisa Rizvanolli, and Elmar PadillaIn Proceedings of the European Workshop on Maritime Systems Resilience and Security (MARESEC), 2023
Attacks on our critical infrastructures in the areas of water and energy supply, information and communication technology, but also transportation are increasing worldwide and the incidents have long since moved beyond their physical origins into cyberspace. Recent geopolitical changes have further raised awareness of the vulnerability of our fragile infrastructures and highlighted the urgent need to protect them from cyber threats. This also applies to the maritime transportation system, with its ships as elementary assets. Hence, the advancing digitization and interconnectivity on board maritime vessels require security measures to counteract this increasing risk of cyber attacks. These measures include the conception and development of effective prevention mechanisms, but also techniques for attack detection, in-depth testing of existing bridge components, as well as specialized training for the ship’s personnel. Especially for the latter, an environment is required that reflects real-world conditions and allows to perform cyber attacks, e.g., phishing campaigns, in a user-friendly way. Despite the need for such an environment, there are few training grounds that meet these requirements in practice. In this paper, we therefore present a laboratory that combines real bridge hardware equipment with digital cyber security tools in order to develop test and training scenarios with respect to maritime cyber security.
@inproceedings{bauer2023phishnships, title = {{Phish \& Ships and Other Delicacies from the Cuisine of Maritime Cyber Attacks}}, author = {Bauer, Jan and Kutzer, Joris and Sedlmeier, Philipp and Rizvanolli, Anisa and Padilla, Elmar}, year = {2023}, booktitle = {Proceedings of the European Workshop on Maritime Systems Resilience and Security~(MARESEC)}, address = {virtual}, doi = {10.5281/zenodo.8406034} } - Specialties of HAZID-Study for Large Unmanned Underwater VehiclesSebastian Ritz, Anna Loewe, and Jan BauerIn Proceedings of OCEANS 2023 – Limerick, 2023
This paper scopes the specialties of a hazard identification study for large and extra-large unmanned undersea vehicles (UUVs). A generic node/function structure is derived from different large and extra-large UUV designs, partially own vehicle designs from research projects, and partially from commercial vehicles. For each node, a short overview of its components and the proper function or operations is defined. A set of guide words is used to prompt a hazard discussion for each node, which identifies unwanted functions, resulting in potential hazards and unmitigated consequences. Related to the SafeMASS-Report from DNV, this work concentrates on selected topics of the bridge-related function on voyage, control & monitoring, and abnormal situations. For unmanned vehicles without any person on board, these three topics become more important for underwater vehicles with very limited connectivity or temporary disruptions of communication whereby an operator in a remote-control center could only be provided with rough vehicle or mission states. Therefore, vehicle control, whether in hard- or software, must handle most tasks belonging to the considered functions automatically or autonomously. Hence, the most appropriate reactions of the system to unwanted system behavior must be implemented. This HAZID study could, on the one hand, be used as background for such an implementation, and on the other hand, it is used to verify the implemented actions on the risks and hazards.
@inproceedings{ritz2023hazid, title = {{Specialties of HAZID-Study for Large Unmanned Underwater Vehicles}}, author = {Ritz, Sebastian and Loewe, Anna and Bauer, Jan}, year = {2023}, booktitle = {Proceedings of OCEANS 2023 -- Limerick}, address = {Limerick, Ireland}, doi = {10.1109/OCEANSLimerick52467.2023.10244358} } - Detecting Maritime GPS Spoofing Attacks Based on NMEA Sentence Integrity MonitoringJulian Spravil, Christian Hemminghaus, Merlin Rechenberg, Elmar Padilla, and Jan BauerMDPI Journal of Marine Science and Engineering, 2023
Today’s maritime transportation relies on global navigation satellite systems (GNSSs) for accurate navigation. The high-precision GNSS receivers on board modern vessels are often considered trustworthy. However, due to technological advances and malicious activities, this assumption is no longer always true. Numerous incidents of tampered GNSS signals have been reported. Furthermore, researchers have demonstrated that manipulations can be carried out even with inexpensive hardware and little expert knowledge, lowering the barrier for malicious attacks with far-reaching consequences. Hence, exclusive trust in GNSS is misplaced, and methods for reliable detection are urgently needed. However, many of the proposed solutions require expensive replacement of existing hardware. In this paper, therefore, we present MAritime Nmea-based Anomaly detection (MANA), a novel low-cost framework for GPS spoofing detection. MANA monitors NMEA-0183 data and advantageously combines several software-based methods. Using simulations supported by real-world experiments that generate an extensive dataset, we investigate our approach and finally evaluate its effectiveness.
@article{spravil2023gpsspoofing, title = {{Detecting Maritime GPS Spoofing Attacks Based on NMEA Sentence Integrity Monitoring}}, author = {Spravil, Julian and Hemminghaus, Christian and von Rechenberg, Merlin and Padilla, Elmar and Bauer, Jan}, year = {2023}, journal = {MDPI Journal of Marine Science and Engineering}, volume = {11}, number = {5}, doi = {10.3390/jmse11050928} }
2022
- Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and DatasetKonrad Wolsing, Antoine Saillard, Jan Bauer, Eric Wagner, Christian Sloun, Ina Berenice Fink, and 3 more authorsIn Proceedings of the 47th IEEE Conference on Local Computer Networks (LCN), 2022
Shipboard marine radar systems are essential for safe navigation, helping seafarers perceive their surroundings as they provide bearing and range estimations, object detection, and tracking. Since onboard systems have become increasingly digitized, interconnecting distributed electronics, radars have been integrated into modern bridge systems. But digitization increases the risk of cyberattacks, especially as vessels cannot be considered air-gapped. Consequently, in-depth security is crucial. However, particularly radar systems are not sufficiently protected against harmful network-level adversaries. Therefore, we ask: Can seafarers believe their eyes? In this paper, we identify possible attacks on radar communication and discuss how these threaten safe vessel operation in an attack taxonomy. Furthermore, we develop a holistic simulation environment with radar, complementary nautical sensors, and prototypically implemented cyberattacks from our taxonomy. Finally, leveraging this environment, we create a comprehensive dataset (RadarPWN) with radar network attacks that provides a foundation for future security research to secure marine radar communication.
@inproceedings{wolsing2022radar, title = {{Network Attacks Against Marine Radar Systems: A Taxonomy, Simulation Environment, and Dataset}}, author = {Wolsing, Konrad and Saillard, Antoine and Bauer, Jan and Wagner, Eric and van Sloun, Christian and Fink, Ina Berenice and Schmidt, Mari and Wehrle, Klaus and Henze, Martin}, year = {2022}, booktitle = {Proceedings of the 47th IEEE Conference on Local Computer Networks~(LCN)}, doi = {10.1109/LCN53696.2022.9843801} } - Guiding Ship Navigators through the Heavy Seas of CyberattacksMerlin Rechenberg, Nina Rößler, Mari Schmidt, Konrad Wolsing, Florian Motz, Michael Bergmann, and 2 more authorsIn Proceedings of the European Workshop on Maritime Systems Resilience and Security (MARESEC), 2022
In the maritime sector, which is increasingly exposed to threats from cyberspace, not only on-shore systems are prone to cyberattacks but also maritime systems onboard vessels have serious vulnerabilities and can therefore become easy targets. Nevertheless, in practice, there is still a lack of network-based Intrusion Detection Systems (NIDSs) for those systems to appropriately protect against possible attacks by providing alarms and instructions supporting bridge crews. For this reason, we present a Cyber Incident Monitor (CIM) as a security framework consisting of a NIDS and a nautical human machine interface (HMI). While the NIDS can detect several known attack vectors in maritime networks, the HMI provides tailored guidance for nautical operators to adequately respond in the event of a cyberattack.
@inproceedings{vonrechenberg2022cim, title = {{Guiding Ship Navigators through the Heavy Seas of Cyberattacks}}, author = {von Rechenberg, Merlin and R\"o{\ss}ler, Nina and Schmidt, Mari and Wolsing, Konrad and Motz, Florian and Bergmann, Michael and Padilla, Elmar and Bauer, Jan}, year = {2022}, booktitle = {Proceedings of the European Workshop on Maritime Systems Resilience and Security~(MARESEC)}, address = {Bremerhaven, Germany}, doi = {10.5281/zenodo.7148793} } - Keeping the Baddies Out and the Bridge Calm: Embedded Authentication for Maritime NetworksLucca Ruhland, Mari Schmidt, Jan Bauer, and Elmar PadillaIn Proceedings of the International Symposium on Networks, Computers and Communications - Trust, Security, and Privacy (ISNCC-TSP), 2022— Best Paper Award —
Integrated bridges of today’s vessels are complex and distributed maritime systems that interconnect versatile electronic equipment. However, digitized vessels have long ceased to be isolated systems and are thus increasingly vulnerable to cyber attacks. In this context, integrity and authentication of the communication onboard is crucial. Therefore, we introduce MARMAC, a low-cost solution to retrofit authentication of nautical communication. MARMAC is based on symmetric cryptography and extends the prevalent IEC61162-450 protocol enabling a backward-compatible solution which mitigates common attacks. Using a specific gatekeeper approach, MARMAC can prevent unauthenticated messages from being processed that could otherwise affect the nautical situational awareness on the bridge. Our approach is evaluated using real network traffic in a laboratory testbed with low-cost hardware, highlighting its feasibility and potential to secure existing maritime systems.
@inproceedings{ruhland2022marmac, title = {{Keeping the Baddies Out and the Bridge Calm: Embedded Authentication for Maritime Networks}}, author = {Ruhland, Lucca and Schmidt, Mari and Bauer, Jan and Padilla, Elmar}, year = {2022}, booktitle = {Proceedings of the International Symposium on Networks, Computers and Communications - Trust, Security, and Privacy~(ISNCC-TSP)}, address = {Shenzhen, China}, note = {--- $:trophy:$ Best Paper Award ---}, doi = {10.1109/ISNCC55209.2022.9851819} } - Take a Bite of the Reality Sandwich: Revisiting the Security of Progressive Message Authentication CodesEric Wagner, Jan Bauer, and Martin HenzeIn Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2022
Message authentication guarantees the integrity of messages exchanged over untrusted channels. However, to achieve this goal, message authentication considerably expands packet sizes, which is especially problematic in constrained wireless environments. To address this issue, progressive message authentication provides initially reduced integrity protection that is often sufficient to process messages upon reception. This reduced security is then successively improved with subsequent messages to uphold the strong guarantees of traditional integrity protection. However, contrary to previous claims, we show in this paper that existing progressive message authentication schemes are highly susceptible to packet loss induced by poor channel conditions or jamming attacks. Thus, we consider it imperative to rethink how authentication tags depend on the successful reception of surrounding packets. To this end, we propose R2-D2, which uses randomized dependencies with parameterized security guarantees to increase the resilience of progressive authentication against packet loss. To deploy our approach to resource-constrained devices, we introduce SP-MAC, which implements R2-D2 using efficient XOR operations. Our evaluation shows that SP-MAC is resilient to sophisticated network-level attacks and operates as resources-conscious and fast as existing, yet insecure, progressive message authentication schemes.
@inproceedings{wagner2022spmac, title = {{Take a Bite of the Reality Sandwich: Revisiting the Security of Progressive Message Authentication Codes}}, author = {Wagner, Eric and Bauer, Jan and Henze, Martin}, year = {2022}, booktitle = {Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks~(WiSec)}, doi = {10.1145/3507657.3528539} } - Anomaly Detection in Maritime AIS Tracks: A Review of Recent ApproachesKonrad Wolsing, Linus Roepert, Jan Bauer, and Klaus WehrleMDPI Journal of Marine Science and Engineering, 2022
The automatic identification system (AIS) was introduced in the maritime domain to increase the safety of sea traffic. AIS messages are transmitted as broadcasts to nearby ships and contain, among others, information about the identification, position, speed, and course of the sending vessels. AIS can thus serve as a tool to avoid collisions and increase onboard situational awareness. In recent years, AIS has been utilized in more and more applications since it enables worldwide surveillance of virtually any larger vessel and has the potential to greatly support vessel traffic services and collision risk assessment. Anomalies in AIS tracks can indicate events that are relevant in terms of safety and also security. With a plethora of accessible AIS data nowadays, there is a growing need for the automatic detection of anomalous AIS data. In this paper, we survey 44 research articles on anomaly detection of maritime AIS tracks. We identify the tackled AIS anomaly types, assess their potential use cases, and closely examine the landscape of recent AIS anomaly research as well as their limitations.
@article{wolsing2022ais, title = {{Anomaly Detection in Maritime AIS Tracks: A Review of Recent Approaches}}, author = {Wolsing, Konrad and Roepert, Linus and Bauer, Jan and Wehrle, Klaus}, year = {2022}, journal = {MDPI Journal of Marine Science and Engineering}, volume = {10}, number = {1}, doi = {10.3390/jmse10010112} }
2021
- SIGMAR: Ensuring Integrity and Authenticity of Maritime Systems using Digital SignaturesChristian Hemminghaus, Jan Bauer, and Konrad WolsingIn Proceedings of the International Symposium on Networks, Computers and Communications - Trust, Security, and Privacy (ISNCC-TSP), 2021
Distributed maritime bridge systems are customary standard equipment on today’s commercial shipping and cruising vessels. The exchange of nautical data, e.g., geographical positions, is usually implemented using multicast network communication without security measures, which poses serious risks to the authenticity and integrity of transmitted data. In this paper, we introduce digital SIGnatures for MARitime systems (SIGMAR), a low-cost solution to seamlessly retrofit authentication of nautical data based on asymmetric cryptography. Extending the existing IEC 61162-450 protocol makes it is possible to build a backward-compatible authentication mechanism that prevents common cyber attacks. The development was successfully accompanied by permanent investigations in a bridge simulation environment, including a maritime cyber attack generator. We demonstrate SIGMAR’s feasibility by introducing a proof-of-concept implementation on low-cost and low-resource hardware and present a performance analysis of our approach.
@inproceedings{hemminghaus2021sigmar, title = {{SIGMAR: Ensuring Integrity and Authenticity of Maritime Systems using Digital Signatures}}, author = {Hemminghaus, Christian and Bauer, Jan and Wolsing, Konrad}, year = {2021}, booktitle = {Proceedings of the International Symposium on Networks, Computers and Communications - Trust, Security, and Privacy~(ISNCC-TSP)}, address = {Dubai, UAE}, doi = {10.1109/ISNCC52172.2021.9615738} } - When a BRAT fools your bridge: A Cyber Security Test Environment for Integrated Bridge SystemsIn Demo at 46th IEEE Conference on Local Computer Networks (LCN), 2021
Despite the increase of cyber threats in the maritime domain, there is a serious lack of adequate security testing in maritime systems engineering. To address this gap, we present a holistic, simulative testing environment to instrument cyber attacks and devices for automated testing on soft- and hardware level, which can be integrated already in the development phase. Our environment consists of a network attack tool targeting bridge systems of seagoing vessels as well as various security components allowing to evaluate the impact of an attack and to develop effective countermeasures to protect maritime systems. In our demonstration, we will exemplarily showcase prominent cyber attacks against safe navigation, introduce possible security means, and discuss potential use cases.
@inproceedings{vonrechenberg2021bratdemo, title = {{When a BRAT fools your bridge: A Cyber Security Test Environment for Integrated Bridge Systems}}, author = {von Rechenberg, Merlin and Schmidt, Mari and Hemminghaus, Christian and Bauer, Jan and Padilla, Elmar}, year = {2021}, booktitle = {Demo at 46th IEEE Conference on Local Computer Networks~(LCN)}, address = {virtually hosted in Edmonton, Alberta, Canada}, } - Offene Software-Plattform für Dienstleistungsinnovationen in einem Wertschöpfungsnetz in der LandwirtschaftStephan Scheuren, Jan Bauer, Fabian Gehrs, Hans-Peter Grothaus, Maximilian Jatzlau, Andreas Lauer, and 3 more authors2021
In dem vom Bundesministerium für Bildung und Forschung geförderten Verbundprojekt ODiL wurde eine offene Plattform zur integrierten, skalierbaren, vernetzten und sicheren Repräsentation, Kommunikation und Bearbeitung von Daten und Diensten im Umfeld von Landwirtschaftsbetrieben entwickelt, prototypisch implementiert und demonstriert. Mit dieser Plattform vernetzen sich Akteure in landwirtschaftlichen Wertschöpfungsnetzen, um Dienste, Anforderungen und Daten gezielt und selektiv zu teilen und sicher auszutauschen. Dabei können sie ihre vorhandenen Maschinen und Informationssysteme weiter nutzen. Neben den mit einer Vernetzung einhergehenden Themen der Interoperabilität bzw. Datendurchlässigkeit und der Datensicherheit spielt in ODiL bei diesem Austausch auch die Durchsetzung der Datenhoheit der jeweiligen Akteure eine wichtige Rolle. Die technische Konzeption und Entwicklung der Plattform wurde begleitet von rechtswissenschaftlichen und akzeptanztheoretischen Untersuchungen. In diesem Beitrag werden die durchgeführten Arbeiten des Verbundvorhabens beschrieben und deren Ergebnisse zusammengefasst.
@inbook{Scheuren2021odil, author = {Scheuren, Stephan and Bauer, Jan and Gehrs, Fabian and Grothaus, Hans-Peter and Jatzlau, Maximilian and Lauer, Andreas and L{\"o}pmeier, Michel and Niesse, Ulrike and Vogel, Paul}, editor = {Beverungen, Daniel and Schumann, Jan Hendrik and Stich, Volker and Strina, Giuseppe}, title = {{Offene Software-Plattform f{\"u}r Dienstleistungsinnovationen in einem Wertsch{\"o}pfungsnetz in der Landwirtschaft}}, booktitle = {{Dienstleistungsinnovationen durch Digitalisierung: Band 2: Prozesse -- Transformation -- Wertsch{\"o}pfungsnetzwerke}}, year = {2021}, publisher = {Springer}, isbn = {978-3-662-63099-0}, doi = {10.1007/978-3-662-63099-0_12} } - MCSL: A Cyber Security Test Environment for Bridge SystemsChristian Hemminghaus, Mari Schmidt, and Jan BauerIn Proceedings of the European Workshop on Maritime Systems Resilience and Security (MARESEC), 2021
Despite the increase of cyber threats in the maritime domain, there is a serious lack of adequate security testing in maritime systems engineering. To address this gap, we present a holistic, simulative testing environment to instrument cyber attacks and devices for automated testing on soft- and hardware level, which can be integrated already in the development phase.
@inproceedings{hemminghaus2021mcsl, title = {{MCSL: A Cyber Security Test Environment for Bridge Systems}}, author = {Hemminghaus, Christian and Schmidt, Mari and Bauer, Jan}, year = {2021}, booktitle = {Proceedings of the European Workshop on Maritime Systems Resilience and Security~(MARESEC)}, address = {Bremerhaven, Germany}, } - BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime SystemsChristian Hemminghaus, Jan Bauer, and Elmar PadillaInternational Journal on Marine Navigation and Safety of Sea Transportation (TransNav), 2021— Best Paper Award —
Today’s shipping industry is largely digitalized and networked, but by no means immune to cyber attacks. As recent incidents show, attacks, particularly those targeting on the misleading of navigation, not only pose a serious risk from an economic perspective when disrupting maritime value chains, but can also cause collisions and endanger the environment and humans. However, cyber defense has not yet been an integral part of maritime systems engineering, nor are there any automated tools to systematically assess their security level as well-established in other domains. In this paper, we therefore present a holistic BRidge Attack Tool (BRAT) that interactively offers various attack implementations targeting the communication of nautical data in maritime systems. This provides system engineers with a tool for security assessments of integrated bridge systems, enabling the identification of potential cyber vulnerabilities during the design phase. Moreover, it facilitates the development and validation of an effective cyber defense.
@article{hemminghaus2021brat, title = {{BRAT: A BRidge Attack Tool for Cyber Security Assessments of Maritime Systems}}, author = {Hemminghaus, Christian and Bauer, Jan and Padilla, Elmar}, year = {2021}, journal = {International Journal on Marine Navigation and Safety of Sea Transportation~(TransNav)}, volume = {15}, number = {1}, note = {--- $:trophy:$ Best Paper Award ---}, doi = {10.12716/1001.15.01.02} }
2020
- An Open Source IoT Framework for a Distributed Modular Low-Cost Laser-Based Sensing PlatformIn Proceedings of IEEE Sensors, 2020
The transformation of laser-based optical sensors into industrial environments is a time-consuming and costly process, since not only laser safety measures and structural limitations, but also digital infrastructures must be carefully considered. We have therefore developed a modular photonics platform, which is characterized by the possibility of rapid adaptation to individual conditions and is, thus, particularly suitable for agile prototyping. This paper is dedicated to the challenge of implementing a modular Internet of Things (IoT) framework on the basis of existing open source software to offer applicability without a deep background in computer science. The primary approach revolves around the established combination of Node-RED with MQTT. Furthermore, the incorporation of the IoT concept can be seen as a valuable addition in physics. As a first step, we implemented our IoT framework for an initial version of the sensing platform creating the foundation for a basic photoelectric sensor.
@inproceedings{bauer2020optocubes, title = {{An Open Source IoT Framework for a Distributed Modular Low-Cost Laser-Based Sensing Platform}}, author = {Bauer, Jan and Toschke, Yannic and Tessmer, Alexander and Bourdon, Björn and Aschenbruck, Nils and Imlau, Mirco}, year = {2020}, booktitle = {Proceedings of IEEE Sensors}, address = {virtual}, doi = {10.1109/SENSORS47125.2020.9278656} } - Towards a low-cost RSSI-based Crop MonitoringJan Bauer and Nils AschenbruckACM Transactions on Internet of Things (TIOT), 2020
The continuous monitoring of crop growth is crucial for site-specific and sustainable farm management in the context of precision agriculture. With the help of precise in situ information, agricultural practices, such as irrigation, fertilization, and plant protection, can be dynamically adapted to the changing needs of individual sites, thereby supporting yield increases and resource optimization. Nowadays, IoT technology with networked sensors deployed in greenhouses and farmlands already contributes to in situ information. In addition to existing soil sensors for moisture or nutrient monitoring, there are also (mainly optical) sensors to assess growth developments and vital conditions of crops. This article presents a novel and complementary approach for a low-cost crop sensing that is based on temporal variations of the signal strength of low-power IoT radio communication. To this end, the relationship between crop growth, represented by the leaf area index (LAI), and the attenuation of signal propagation of low-cost radio transceivers is investigated. Real-world experiments in wheat fields show a significant correlation between LAI and received signal strength indicator (RSSI) time series. Moreover, influencing meteorological factors are identified and their effects are analyzed. Including these factors, a multiple linear model is finally developed that enables an RSSI-based LAI estimation with great potential.
@article{bauer2020rssicrop, title = {{Towards a low-cost RSSI-based Crop Monitoring}}, author = {Bauer, Jan and Aschenbruck, Nils}, year = {2020}, journal = {ACM Transactions on Internet of Things~(TIOT)}, volume = {1}, number = {4}, doi = {10.1145/3393667} } - CryptoCAN — Ensuring Confidentiality in Controller Area Networks for AgricultureTill Zimmermann, Jan Bauer, and Nils AschenbruckIn Proceedings of the Jahrestagung des Fachbereichs "Sicherheit — Schutz und Zuverlässigkeit" der GI (SICHERHEIT), 2020
The Controller Area Network (CAN) bus is widely used in existing machinery. Facing more and more vertical integration with more complex devices and integration into public communication networks, its nature as a broadcast-only system without security measures poses serious risks to conĄdentiality of transmitted data. In this paper, we propose a Lightweight, Length Preserving and Robust Confidentiality Solution (LLPR-CS) to retroĄt encryption in existing systems, while maintaining full interoperability with these systems. The overhead of our approach is negligible. Therefore, it can be used with existing hardware. By reinterpreting unused bits in the CAN frame format of the ISO 11898 standard, it is possible to build a fully transparent encrypted tunnel in non-conĄdential network parts, while keeping the ability to decrypt all traffic in an out-of-band-system without knowledge of speciĄc cryptographic state details. By conducting a performance evaluation, we highlight the beneĄts of LLPR-CS and discuss its advantages compared to existing approaches.
@inproceedings{zimmermann2020cryptocan, title = {{CryptoCAN — Ensuring Confidentiality in Controller Area Networks for Agriculture}}, author = {Zimmermann, Till and Bauer, Jan and Aschenbruck, Nils}, year = {2020}, booktitle = {Proceedings of the Jahrestagung des Fachbereichs "Sicherheit — Schutz und Zuverl\"assigkeit" der GI~(SICHERHEIT)}, address = {G\"ottingen, Germany}, doi = {10.18420/sicherheit2020_06} }
2019
- Processing and Filtering of Leaf Area Index Time Series Assessed by In-Situ Wireless Sensor NetworksElsevier Computers and Electronics in Agriculture, 2019
A precise and up-to-date situational awareness of crop conditions is important for precision farming. The temporally continuous monitoring of relevant crop parameters has recently been shown to assist in a large number of applications. In this context, the leaf area index (LAI) is a key parameter. However, continuous LAI monitoring using traditional assessment methods is hardly possible and very expensive. For this reason, low-cost sensors based on Wireless Sensor Network (WSN) technology have been developed and interconnected to agricultural in situ sensor networks that seem promising for LAI assessment. In this paper, an approach for the processing and filtering of distributed in situ sensor data for a credible LAI estimation is proposed. This approach is developed based on a long-term WSN deployment in experimental plots with different wheat cultivars (Triticum aestivum L.) and water regimes. Non-negligible environmental impacts on radiation-based LAI assessment are also taken into account. A comparative analysis with a conventional LAI instrument shows that WSNs with adequately processed data gathered by low-cost sensors have the potential to produce credible LAI trajectories with high temporal resolution, that fit the dynamic crop growth process. Moreover, they are also shown to be able to detect yield-limiting trends and even to differentiate between individual wheat cultivars. Hence, those WSNs enable new applications and can greatly support modern crop management, cultivation, and plant breeding.
@article{bauer2019lai2, title = {{Processing and Filtering of Leaf Area Index Time Series Assessed by In-Situ Wireless Sensor Networks}}, author = {Bauer, Jan and Jarmer, Thomas and Schittenhelm, Siegfried and Siegmann, Bastian and Aschenbruck, Nils}, year = {2019}, journal = {Elsevier Computers and Electronics in Agriculture}, volume = {165}, article = {104867}, publisher = {Elsevier}, doi = {10.1016/j.compag.2019.104867} } - CAN’t – An ISOBUS Privacy Proxy for Collaborative Smart FarmingIn Proceedings of the 38th IEEE International Performance Computing and Communications Conference (IPCCC), 2019
Smart Farming is driven by the emergence of precise positioning systems and Internet of Things technologies which have already enabled site-specific applications, a sustainable resource management, and interconnected machinery. Nowadays, agricultural machines and implements are equipped with multiple embedded sensors and actors continuously producing extensive data streams. For data communication on such machinery, ISOBUS, an internal vehicle bus, is used. ISOBUS is based on the machine’s Controller Area Network(CAN). However, neither CAN nor ISOBUS communication takes privacy or data sovereignty issues into account. With increasing interconnectivity of agricultural machines and their integration into farm management systems, those issues become more and more serious. In this paper, we briefly present the architecture of our modular privacy framework CAN’t. Using off-the-shelf hardware, a special proxy is prototypically implemented that allows to purposefully filter and manipulate CAN data streams for the sake of privacy. The feasibility and possibilities of our approach are described in this paper. By means of a customized video game, a live demonstration will additionally show the effect of the proposed privacy filters.
@inproceedings{helmke2019cant, title = {{CAN’t -- An ISOBUS Privacy Proxy for Collaborative Smart Farming}}, author = {Helmke, Ren\'{e} and Bauer, Jan and Bothe, Alexander and Aschenbruck, Nils}, year = {2019}, booktitle = {Proceedings of the 38th IEEE International Performance Computing and Communications Conference~(IPCCC)}, address = {London, England, UK}, doi = {10.1109/IPCCC47392.2019.8958765} } - Crypto CAN’t – Confidentiality and Privacy for CAN/ISOBUS Networks in Precision AgricultureIn Demo at the 44th IEEE Conference on Local Computer Networks (LCN), 2019
Modern agricultural machines and implements are equipped with numerous embedded sensors, producing extensive machine and environmental data, which often contains personal and privacy-sensitive information. Data streams are transmitted via ISOBUS, an internal vehicle bus that relies on the Controller Area Network (CAN) standard. However, neither ISOBUS nor CAN take privacy aspects into account. Thus, particularly with respect to the increasing interconnectivity of machinery, serious privacy concerns arise. In this paper, we briefly introduce our modular privacy framework CAN’t that allows to purposefully filter, manipulate, and encrypt CAN data streams for the sake of privacy in the context of Precision Agriculture. The demo will present an open source prototype, realized using low-cost off-the-shelf hardware. Its technical feasibility and its benefits will be showcased by exemplary privacy filters applied to personal or business information, using both a commercial ISOBUS simulator and a custom simulator based on a video game.
@inproceedings{bauer2019cantdemo, title = {{Crypto CAN’t -- Confidentiality and Privacy for CAN/ISOBUS Networks in Precision Agriculture}}, author = {Bauer, Jan and Helmke, Ren\'{e} and Zimmermann, Till and Bothe, Alexander and L\"opmeier, Michel and Aschenbruck, Nils}, year = {2019}, booktitle = {Demo at the 44th IEEE Conference on Local Computer Networks~(LCN)}, address = {Osnabr\"uck, Germany}, } - RFID-assisted Continuous User Authentication for IoT-based Smart FarmingAlexander Bothe, Jan Bauer, and Nils AschenbruckIn Proceedings of the IEEE International Conference on RFID - Technology and Applications (RFID-TA), 2019
Smart Farming is driven by the emergence of precise positioning systems and Internet of Things technologies which have already enabled site-specific applications, sustainable resource management, and interconnected machinery. Nowadays, so-called Farm Management Information Systems (FMISs) enable farm-internal interconnection of agricultural machines and implements and, thereby, allow in-field data exchange and the orchestration of collaborative agricultural processes. Machine data is often directly logged during task execution. Moreover, interconnection of farms, agricultural contractors, and marketplaces ease the collaboration. However, current FMISs lack in security and particularly in user authentication. In this paper, we present a security architecture for a decentralized, manufacturer-independent, and open-source FMIS. Special attention is turned on the Radio Frequency Identification (RFID)-based continuous user authentication which greatly improves security and credibility of automated documentation, while at the same time preserves usability in practice.
@inproceedings{bothe2019rfid, title = {{RFID-assisted Continuous User Authentication for IoT-based Smart Farming}}, author = {Bothe, Alexander and Bauer, Jan and Aschenbruck, Nils}, year = {2019}, booktitle = {Proceedings of the IEEE International Conference on RFID - Technology and Applications~(RFID-TA)}, address = {Pisa, Italy}, doi = {10.1109/RFID-TA.2019.8892140} } - CAN’t track us: Adaptable Privacy for ISOBUS Controller Area NetworksElsevier Computer Standards & Interfaces, 2019
Today’s shipping industry is largely digitalized and networked, but by no means immune to cyber attacks. As recent incidents show, attacks, particularly those targeting on the misleading of navigation, not only pose a serious risk from an economic perspective when disrupting maritime value chains, but can also cause collisions and endanger the environment and humans. However, cyber defense has not yet been an integral part of maritime systems engineering, nor are there any automated tools to systematically assess their security level as well-established in other domains. In this paper, we therefore present a holistic BRidge Attack Tool (BRAT) that interactively offers various attack implementations targeting the communication of nautical data in maritime systems. This provides system engineers with a tool for security assessments of integrated bridge systems, enabling the identification of potential cyber vulnerabilities during the design phase. Moreover, it facilitates the development and validation of an effective cyber defense.
@article{bauer2019cant, title = {{CAN’t track us: Adaptable Privacy for ISOBUS Controller Area Networks}}, author = {Bauer, Jan and Helmke, Ren\'{e} and Bothe, Alexander and Aschenbruck, Nils}, year = {2019}, journal = {Elsevier Computer Standards \& Interfaces}, volume = {66}, article = {103344}, publisher = {Elsevier}, doi = {10.1016/j.csi.2019.04.003} }
2018
- Design and Implementation of an Agricultural Monitoring System for Smart FarmingJan Bauer and Nils AschenbruckIn Proceedings of the IEEE Internet of Things Vertical and Topical Summit for Agriculture – Tuscany (IOT Tuscany), 2018
The integration of modern information technologies into industrial agriculture has already contributed to yield increases in the last decades. Nowadays, the emerging Internet of Things (IoT) along with Wireless Sensor Networks (WSNs) with their low-cost sensors and actors enable novel applications and new opportunities for a more precise, site-specific, and sustainable agriculture in the context of Smart Farming. In this paper, we present a holistic agricultural monitoring system, its design, and its architectural implementation. The system primarily focuses on in-situ assessment of the leaf area index (LAI), a very important crop parameter. Moreover, we introduce real-world challenges and experiences gained in various deployments. Finally, first results are exemplarily demonstrated in order to briefly address the potential of our system.
@inproceedings{bauer2018design, title = {{Design and Implementation of an Agricultural Monitoring System for Smart Farming}}, author = {Bauer, Jan and Aschenbruck, Nils}, year = {2018}, booktitle = {Proceedings of the IEEE Internet of Things Vertical and Topical Summit for Agriculture -- Tuscany~(IOT~Tuscany)}, address = {Monteriggioni (Siena), Italy}, doi = {10.1109/IOT-TUSCANY.2018.8373022} } - Dezentraler Marktplatz in einer offenen, dezentralen Software-Plattform für landwirtschaftliche DienstleistungenJan Bauer, Fabian Gehrs, Maximilian Jatzlau, and Stephan ScheurenIn Proceedings of the 38th GIL-Jahrestagung - Digitale Marktplätze und Plattformen (GIL), 2018
Die Digitalisierung ermöglicht eine betriebsübergreifende Vernetzung der Akteure in landwirtschaftlichen Prozessen und Dienstleistungen. Für einen sicheren Datenaustausch und die Durchsetzung der Datenhoheit aller Akteure wird derzeit eine offene, dezentrale Software-Plattform in dem Forschungsprojekt ODiL entwickelt. Dieser Beitrag beschreibt den dezentralen Marktplatz der Plattform, der für das Anbieten, Suchen und die Anbahnung landwirtschaftlicher Dienstleistungen vorgesehen ist. Dabei wird zwischen öffentlichen und vertraulichen Daten von Angeboten unterschieden. Vertrauliche Daten werden nur direkt zwischen beteiligten Akteuren und nur bei gegenseitigem Einverständnis ausgetauscht. Die Einigung auf eine Dienstleistung sowie der Austausch aller notwendigen Informationen können über die Software-Plattform oder auf traditionellem Weg geschehen.
@inproceedings{bauer2018odil, title = {{Dezentraler Marktplatz in einer offenen, dezentralen Software-Plattform für landwirtschaftliche Dienstleistungen}}, author = {Bauer, Jan and Gehrs, Fabian and Jatzlau, Maximilian and Scheuren, Stephan}, year = {2018}, booktitle = {Proceedings of the 38th GIL-Jahrestagung - Digitale Marktplätze und Plattformen~(GIL)}, address = {Kiel, Germany}, }
2017
- Measuring and Adapting MQTT in Cellular Networks for Collaborative Smart FarmingJan Bauer and Nils AschenbruckIn Proceedings of the 42nd IEEE Conference on Local Computer Networks (LCN), 2017
In distributed Smart Farming applications, a reliable communication is often crucial, in particular during collaborating operations. In rural areas, the network connectivity via Public Land Mobile Networks is, however, not always sufficient. Network disruptions may occur hindering reliable transmissions. For the delivery of periodic sensor data streams of agricultural machines, several modern communication frameworks adopt the Message Queue Telemetry Transport (MQTT). Although MQTT is built on top of TCP, a reliable delivery, even of important data, cannot generally be guaranteed in rural environments. Due to handovers and spatial dead zones, this is in particular the case when clients are mobile. This paper presents a case-study-based performance evaluation of MQTT regarding a reliable data transmission in real-world scenarios with mobile clients. Therefore, we investigate both links, publisher to broker and broker to subscriber, separately. By doing so, we show that both links significantly benefit from a suitable parameterization of MQTT. Moreover, for many data streams in the considered scenario, the default FIFO queuing strategy of MQTT is not always the most suitable approach to cope with network disruptions. Hence, we implemented LIFO queuing as well as a novel hybrid approach in MQTT as a proof-of-concept and evaluated its impact.
@inproceedings{bauer2017mqtt, title = {{Measuring and Adapting MQTT in Cellular Networks for Collaborative Smart Farming}}, author = {Bauer, Jan and Aschenbruck, Nils}, year = {2017}, booktitle = {Proceedings of the 42nd IEEE Conference on Local Computer Networks~(LCN)}, address = {Singapore}, doi = {10.1109/LCN.2017.81} } - Improving Energy Efficiency of MQTT-SN in Lossy Environments Using Seed-based Network CodingBertram Schütz, Jan Bauer, and Nils AschenbruckIn Proceedings of the 42nd IEEE Conference on Local Computer Networks (LCN), 2017
This paper presents an energy-efficient solution to overcome packet loss in Wireless Sensor Networks (WSNs) by adding seed-based Random Linear Network Coding to MQTT for Sensor Networks (MQTT-SN). Whereas most sensors integrated in common WSN devices consume little energy, using the radio is costly. To increase battery lifetime, devices try to minimize their radio uptime, while still satisfy timeliness and reliability of delivered data. The proposed approach uses an optimized seed-based intrasession Network Coding scheme for Forward Error Correction to shorten the sensor node’s radio uptime, reducing its power consumption. The presented approach is conform to the MQTT-SN specification and, thus, interoperable with existing systems. Since the implementation is based on the application layer, it is seamlessly deployable via Over-The-Air-Programming. The presented evaluation is based on collected traces from a real-world WSN deployment in the context of Precision Agriculture. Radio uptime and power consumption measurements in an experimental testbed confirm the achieved benefits.
@inproceedings{schuetz2017mqttsn, title = {{Improving Energy Efficiency of MQTT-SN in Lossy Environments Using Seed-based Network Coding}}, author = {Sch\"utz, Bertram and Bauer, Jan and Aschenbruck, Nils}, year = {2017}, booktitle = {Proceedings of the 42nd IEEE Conference on Local Computer Networks~(LCN)}, address = {Singapore}, doi = {10.1109/LCN.2017.87} } - A Privacy Preserving Mobile Crowdsensing Architecture for a Smart Farming ApplicationLars Huning, Jan Bauer, and Nils AschenbruckIn Proceedings of the ACM Workshop on Mobile Crowdsensing Systems and Applications in conjunction with the 15th ACM Conference on Embedded Networked Sensor Systems (SenSys), 2017
Smart Farming refers to the act of utilizing modern information and sensor technology in conventional industrial farming. An important plant parameter that can be estimated by sensor technology in the context of Smart Farming is the leaf area index (LAI) which is a key variable used to model processes such as photosynthesis and evapotranspiration. Nowadays, leveraging the enhanced sensor peripherals of current devices and their computing capabilities, smartphone applications present a fast and economical alternative to estimate the LAI compared to traditional methods. This paper exemplarily extends such an application, namely Smart fLAIr, with features of Mobile Crowdsensing (MCS) in order to create a system for a crowd-sensed LAI enabling an increased spatio-temporal resolution of LAI estimations. Besides the system design, this paper conducts a threat analysis for user privacy in the application-specific scenario which can be transferred to general Smart Farming scenarios. As a consequence, a perturbation based privacy mechanism is developed and applied in conjunction with a Trusted Third Party (TTP) architecture to ensure user privacy. Subsequently, its impact is demonstrated. Moreover, the energy consumption of the extended Smart fLAIr application is evaluated showing negligible additional costs of the proposed MCS extension.
@inproceedings{huning2017smartflair, title = {{A Privacy Preserving Mobile Crowdsensing Architecture for a Smart Farming Application}}, author = {Huning, Lars and Bauer, Jan and Aschenbruck, Nils}, year = {2017}, booktitle = {Proceedings of the ACM Workshop on Mobile Crowdsensing Systems and Applications in conjunction with the 15th ACM Conference on Embedded Networked Sensor Systems~(SenSys)}, address = {Delft, The Netherlands}, doi = {10.1145/3139243.3139250} }
2016
- On the Potential of Wireless Sensor Networks for the In-Situ Assessment of Crop Leaf Area IndexElsevier Computers and Electronics in Agriculture, 2016
A precise and continuous in-situ monitoring of bio-physical crop parameters is crucial for the efficiency and sustainability in modern agriculture. The leaf area index (LAI) is an important key parameter allowing to derive vital crop information. As it serves as a valuable indicator for yield-limiting processes, it contributes to situational awareness ranging from agricultural optimization to global economy. This paper presents a feasible, robust, and low-cost modification of commercial off-the-shelf photosynthetically active radiation (PAR) sensors, which significantly enhances the potential of Wireless Sensor Network (WSN) technology for non-destructive in-situ LAI assessment. In order to minimize environmental influences such as direct solar radiation and scattering effects, we upgrade such a sensor with a specific diffuser combined with an appropriate optical band-pass filter. We propose an implementation of a distributed WSN application based on a simplified model of light transmittance through the canopy and validate our approach in various field campaigns exemplarily conducted in maize cultivars. Since a ground truth LAI is very difficult to obtain, we use the LAI-2200, one of the most widely established standard instruments, as a reference. We evaluate the accuracy of LAI estimates derived from the analysis of PAR sensor data and the robustness of our sensor modification. As a result, an extensive comparative analysis emphasizes a strong linear correlation (r^2 = 0.88, RMSE = 0.28) between both approaches. Hence, the proposed WSN-based approach enables a promising alternative for a flexible and continuous LAI monitoring.
@article{bauer2016lai, title = {{On the Potential of Wireless Sensor Networks for the In-Situ Assessment of Crop Leaf Area Index}}, author = {Bauer, Jan and Siegmann, Bastian and Jarmer, Thomas and Aschenbruck, Nils}, year = {2016}, journal = {Elsevier Computers and Electronics in Agriculture}, volume = {128}, publisher = {Elsevier}, doi = {10.1016/j.compag.2016.08.019} } - Fast LAI Retrieval with Smart fLAIrIn Proceedings of the 4th Mobile App Competition in conjunction with the 22nd ACM International Conference on Mobile Computing and Networking (MobiCom), 2016
The exploration and monitoring of bio-physical crop parameters enabled by modern sensor technology in the context of smart farming is crucial for a sustainable agriculture. The leaf area index (LAI) is one of the most important parameters which serves as an indicator for the vital condition of plants. This proposal presents Smart fLAIr, a smartphone application developed for a reliable in-situ LAI estimation. It leverages a non-destructive, radiation-based approach using the smartphone’s Ambient Light Sensor (ALS) and offers a cost-efficient alternative to commercial plant canopy analyzers. Without special hard- and software requirements and due to a focus on simplicity and ease of use, a wide scientific user group, that is interested in a feasible LAI acquisition, is reached by the application.
@inproceedings{bauer2016smartflair_demo, title = {{Fast LAI Retrieval with Smart fLAIr}}, author = {Bauer, Jan and Siegmann, Bastian and Jarmer, Thomas and Aschenbruck, Nils}, year = {2016}, booktitle = {Proceedings of the 4th Mobile App Competition in conjunction with the 22nd ACM International Conference on Mobile Computing and Networking~(MobiCom)}, address = {NYC, New York, USA}, } - Towards in-situ Sensor Network assisted Remote Sensing of Crop Parameters: PosterIn Proceedings of the 17th ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2016
Remote sensing data acquired from satellites are a vital information source for precision agriculture to assess current crop conditions. Field measurements of plant parameters, like the leaf area index (LAI), serve as a crucial basis to validate parameter maps derived from satellite images. Traditionally, in-situ LAI measurements are collected manually. Therefore, the assessment is cost-intensive and the temporal availability of measurements is limited. Measurements provided by small sensor devices organized in a wireless sensor network (WSN) are a low-cost alternative to manual field measurements. They allow a precise LAI determination with high temporal resolution at many different locations in a field or even an entire region. These information are highly demanded for the validation of spatial information on crop conditions derived from image data acquired by modern satellites like Sentinel-2.
@inproceedings{bauer2016laiposter, title = {{Towards in-situ Sensor Network assisted Remote Sensing of Crop Parameters: Poster}}, author = {Bauer, Jan and Siegmann, Bastian and Jarmer, Thomas and Aschenbruck, Nils}, year = {2016}, booktitle = {Proceedings of the 17th ACM International Symposium on Mobile Ad Hoc Networking and Computing~(MobiHoc)}, address = {Paderborn, Germany}, doi = {10.1145/2942358.2942408} } - Smart fLAIr: a Smartphone Application for Fast LAI Retrieval using Ambient Light SensorsIn Proceedings of the 11th IEEE Sensors Applications Symposium (SAS), 2016
The efficiency of precision agriculture fundamentally depends on the exploration of bio-physical and bio-chemical plant parameters and the assessment of current crop conditions. The leaf area index (LAI) represents one of the most important crop parameters and is defined as the ratio of foliage area to ground area. It is widely-used in agriculture and agronomy as it indicates yield-limiting processes. In this paper, we present Smart fLAIr (fast LAI retrieval), a novel smartphone application for a low-cost in-situ LAI estimation. This estimation is based on the gap fraction analysis, a widespread indirect and non-destructive methodology. For that purpose, Smart fLAIr leverages the smartphone’s internal Ambient Light Sensor (ALS). However, in order to improve the gap fraction accuracy, we enhance the ALS by a diffuser cap combined with an optical band-pass filter. Our prototype is implemented on the Android platform with a focus on usability aspects and its practicability. Conducting a comparative analyses with a commercial instrument, we successfully evaluated this prototype for maize canopies. The convincing performance of our approach in terms of accuracy and stability highlights the potential of Smart fLAIr as a valuable alternative for in-situ LAI assessment.
@inproceedings{bauer2016smartflair, title = {{Smart fLAIr: a Smartphone Application for Fast LAI Retrieval using Ambient Light Sensors}}, author = {Bauer, Jan and Siegmann, Bastian and Jarmer, Thomas and Aschenbruck, Nils}, year = {2016}, booktitle = {Proceedings of the 11th IEEE Sensors Applications Symposium~(SAS)}, address = {Catania, Italy}, doi = {10.1109/SAS.2016.7479880} }
2014
- On the Potential of Wireless Sensor Networks for the In-Field Assessment of Bio-Physical Crop ParametersIn Proceedings of the 9th IEEE International Workshop on Practical Issues In Building Sensor Network Applications (SenseApp) in conjunction with the 39th IEEE Conference on Local Computer Networks (LCN), 2014
The exploration of bio-physical crop parameters is fundamental for the efficiency of smart agriculture. The leaf area index (LAI) is one of the most important crop parameters and serves as a valuable indicator for yield-limiting processes. It contributes to situational awareness ranging from agricultural optimization to global economy. In this paper, we investigate the potential of Wireless Sensor Networks (WSNs) for the in-field assessment of bio-physical crop parameters. Our experiences using commercial off-the-shelf (COTS) sensor nodes for the indirect and nondestructive LAI estimation are described. Furthermore, we present the design of our measurement architecture and results of various in-field measurements. By directly comparing the results achieved by WSN technology with those of a conventional approach, represented by a widely used standard instrument, we analyze whether bio-physical crop characteristics can be derived from WSN data with a desired accuracy. Moreover, we propose a simple approach to significantly enhance the accuracy of COTS sensor nodes for LAI estimation while, at the same time, reveal open challenges.
@inproceedings{bauer2014wsn4crop, title = {{On the Potential of Wireless Sensor Networks for the In-Field Assessment of Bio-Physical Crop Parameters}}, author = {Bauer, Jan and Siegmann, Bastian and Jarmer, Thomas and Aschenbruck, Nils}, year = {2014}, booktitle = {Proceedings of the 9th IEEE International Workshop on Practical Issues In Building Sensor Network Applications~(SenseApp) in conjunction with the 39th IEEE Conference on Local Computer Networks~(LCN)}, address = {Edmonton, Alberta, Canada}, doi = {10.1109/LCNW.2014.6927698} } - Adaptive Data Transport and Management for Wireless Sensor NetworksJan BauerIn Presentation at the 19th VDE/ITG Fachtagung Mobilkommunikation (Mobilkomtagung), 2014
@inproceedings{bauer2014mobilkomtagung, title = {{Adaptive Data Transport and Management for Wireless Sensor Networks}}, author = {Bauer, Jan}, year = {2014}, booktitle = {Presentation at the 19th VDE/ITG Fachtagung Mobilkommunikation~(Mobilkomtagung)}, address = {Osnabr\"uck, Germany}, }
2013
- Extending ODMRP for On-Site Deployments in Disaster Area ScenariosJonathan Kirchhoff, Jan Bauer, Raphael Ernst, Christoph Fuchs, Sascha Jopen, and Nils AschenbruckIn Proceedings of the 32nd IEEE International Performance Computing and Communications Conference (IPCCC), 2013
One of the primary application scenarios for mobile wireless multi-hop networks are disaster areas. However, these pose specific challenges for routing, such as mobility and highly unpredictable links. The main applications for disaster area networks - group-based voice communication and group-oriented, map-based tracking - can be realized using multicast groups. Thus, we decided to implement ODMRP for disaster area deployments. In several disaster area maneuver on-site deployments, we identified the need for extensions, making the protocol more suitable for real-world deployments. In this paper, we propose three extensions to ODMRP: (1) link quality based routing, (2) prioritization of control messages, and (3) overhead reduction mechanisms. In simulations as well as in real-world measurements, we show the benefit of the extensions proposed.
@inproceedings{kirchhoff2013tacnet, title = {{Extending ODMRP for On-Site Deployments in Disaster Area Scenarios}}, author = {Kirchhoff, Jonathan and Bauer, Jan and Ernst, Raphael and Fuchs, Christoph and Jopen, Sascha and Aschenbruck, Nils}, year = {2013}, booktitle = {Proceedings of the 32nd IEEE International Performance Computing and Communications Conference~(IPCCC)}, address = {San Diego, CA, USA}, pdf_ = {.pdf}, doi = {10.1109/PCCC.2013.6742790} } - BonnSens: A Mesh-based Command and Control Sensing System for Public Safety ScenariosNils Aschenbruck, Jan Bauer, Raphael Ernst, Christoph Fuchs, and Sascha JopenIn Demo at the Conference on Networked Systems(NetSys/KIVS), 2013
Tactical and mission critical networking in public safety scenarios is strongly emerging. In these scenarios, different kind of sensor information, e.g. GPS, vital, and environmental data, needs to be transported from mobile units over a wireless network to a centralized command point in order to increase situational awareness. Hence, for command and control robust communication networks are required. These networks must be reliable even when all infrastructure has been destroyed. Wireless multi-hop networks are supposed to meet the requirements of spontaneous deployment, independence of any kind of existing infrastructure, and robustness in the sense of self-organization and self-healing by their very definition. These networks have been a topic in research for more than a decade now. Recently, real-world tests and deployments provided valuable insights concerning challenges and future research directions and enable the research community to run tests in static real-world networks. However, concerning public safety requirements, these testbeds lack significant aspects: No spontaneous deployment, no or at least no mobility typical for public safety, and no typical applications and traffic. Due to these characteristics, developing algorithms and protocols for these scenarios as well as deploying public safety networks is a huge challenge. To overcome this challenge, we developed BonnSens a prototype based on commercial off-the-shelf (COTS) hardware. The prototype comprises typical public safety applications and is spontaneously deployable. Furthermore, this prototype enabled us to perform on-site evaluations with real public safety end-users by deploying the prototype in disaster area maneuvers. In our demo, we will demonstrate our COTS-based prototype.
@inproceedings{aschenbruck2013bonnsens, title = {{BonnSens: A Mesh-based Command and Control Sensing System for Public Safety Scenarios}}, author = {Aschenbruck, Nils and Bauer, Jan and Ernst, Raphael and Fuchs, Christoph and Jopen, Sascha}, year = {2013}, booktitle = {Demo at the Conference on Networked Systems(NetSys/KIVS)}, address = {Stuttgart, Germany}, } - BonnSens: A Mesh-based Command and Control Sensing System for Public Safety ScenariosJan Bauer, Nils Aschenbruck, Raphael Ernst, Christoph Fuchs, and Sascha JopenPIK – Praxis der Informationsverarbeitung und Kommunikation, 2013
@article{bauer2013bonsens, title = {{BonnSens: A Mesh-based Command and Control Sensing System for Public Safety Scenarios}}, author = {Bauer, Jan and Aschenbruck, Nils and Ernst, Raphael and Fuchs, Christoph and Jopen, Sascha}, year = {2013}, journal = {PIK -- Praxis der Informationsverarbeitung und Kommunikation}, volume = {36}, number = {1}, doi = {10.1515/pik-2012-0066} }
2012
- Let’s Move: Adding Arbitrary Mobility to WSN TestbedsIn Proceedings of the 21st International Conference on Computer Communication Networks (ICCCN), 2012
Research in the area of Wireless Sensor Networks (WSNs) has been immense during the last years. Since highly resource-constrained, WSNs pose specific challenges to the design and implementation of protocols and algorithms. In order to test, compare, and verify the intended functionality of new approaches, performance evaluations must be conducted in a sound and credible manner. Instead of simulative evaluation, the WSN research community has mostly shown a preference towards experimental evaluation. Being especially important for the evaluation of routing protocols, node mobility is one of the more complex features to facilitate in testbeds. Robots have been the most common means for moving nodes so far, which, however, introduces more costs and limits reproducibility, scalability, and mobility patterns. We present a new software-based approach that essentially combines mobility modeling with link control. Mobility patterns taken from the mobility scenario generator BonnMotion are converted and replayed to create a virtual dynamic topology. Our approach drastically reduces costs, makes mobility reproducible and scalable, and enables the use of a variety of mobility models.
@inproceedings{aschenbruck2012letsmove, title = {{Let's Move: Adding Arbitrary Mobility to WSN Testbeds}}, author = {Aschenbruck, Nils and Bauer, Jan and Bieling, Jakob and Bothe, Alexander and Schwamborn, Matthias}, year = {2012}, booktitle = {Proceedings of the 21st International Conference on Computer Communication Networks~(ICCCN)}, address = {Munich, Germany}, doi = {10.1109/ICCCN.2012.6289190} } - Selective and Secure Over-The-Air Programming for Wireless Sensor NetworksIn Proceedings of the 6th International Workshop on Wireless Mesh and Ad Hoc Networks(WiMAN 2012) in conjunction with the 21st International Conference on Computer Communication Networks (ICCCN), 2012
The growing range of Wireless Sensor Network (WSN) applications, their long-life and large-scale design, as well as various deployment fields necessitate the feasibility of remote maintenance and reprogramming of in-situ sensor nodes. The network-wide dissemination of program code is not appropriate in every WSN due to the heterogeneity of sensor hardware, the diversity of sensing tasks, and the event and location dependency of software. Thus, a flexible and group-wise selective Over-The-Air Programming (OTAP) is required in these scenarios. Furthermore, securing the OTAP protocol is imperative in order to prevent unauthorized and malicious reprogramming attempts. In this paper, we introduce SenSeOP, a selective and secure OTAP protocol for WSNs. For this purpose, the proposed protocol uses multicast transfer supported by asymmetric cryptography. We evaluate the performance of our approach in real testbeds, compare it with state-of-the-art protocols, and show that this approach enables efficient and reliable wireless reprogramming.
@inproceedings{aschenbruck2012senseop, title = {{Selective and Secure Over-The-Air Programming for Wireless Sensor Networks}}, author = {Aschenbruck, Nils and Bauer, Jan and Bieling, Jakob and Bothe, Alexander and Schwamborn, Matthias}, year = {2012}, booktitle = {Proceedings of the 6th International Workshop on Wireless Mesh and Ad Hoc Networks(WiMAN 2012) in conjunction with the 21st International Conference on Computer Communication Networks~(ICCCN)}, address = {Munich, Germany}, doi = {10.1109/ICCCN.2012.6289278} } - A Security Architecture and Modular Intrusion Detection System for WSNsIn Proceedings of the 9th International Conference on Networked Sensing Systems (INSS), 2012
Wireless Sensor Networks (WSNs) are deployed in a wide range of application scenarios. These typically involve monitoring or surveillance of animals or humans, infrastructure, or territories. Since security as well as privacy play an increasingly important role in these contexts, sensor nodes and sensor networks need to be protected from spurious environmental effects and malicious attacks. In addition to attacks known from conventional wireless networks, the specific properties of WSNs lead to new kinds of attack. Moreover, countermeasures are subject to strict resource limitations of the motes and, therefore, have to be light-weight and effective at the same time. In this paper, we first present a comprehensive security architecture for WSNs, consisting of different attack types (including WSN-specific attacks) and countermeasures. Second, we propose a modular Intrusion Detection System (IDS) as a framework for this architecture. Finally, we give details on selected modules and discuss practical implementation issues.
@inproceedings{aschenbruck2012wsnarch, title = {{A Security Architecture and Modular Intrusion Detection System for WSNs}}, author = {Aschenbruck, Nils and Bauer, Jan and Bieling, Jakob and Bothe, Alexander and Schwamborn, Matthias}, year = {2012}, booktitle = {Proceedings of the 9th International Conference on Networked Sensing Systems~(INSS)}, address = {Antwerp, Belgium}, doi = {10.1109/INSS.2012.6240521} }
2011
- Demo: A Mesh-based Command and Control Sensing System for Public Safety ScenariosNils Aschenbruck, Jan Bauer, Raphael Ernst, Christoph Fuchs, and Jonathan KirchhoffIn Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems (SenSys), 2011
Public safety organizations need robust communication networks to transmit different kind of sensor information. These networks must be reliable even when all infrastructure has been destroyed. Wireless multi-hop networks (such as Mobile Ad-Hoc Networks (MANETs), Wireless Sensor Networks (WSNs), and Wireless Mesh Networks (WMNs)) are supposed to meet the requirements of (1) spontaneous deployment, (2) being independent of any kind of existing infrastructure, and (3) robustness in the sense of self-organization and self-healing by their very definition. These networks have been a topic in research for more than a decade now. Recently, real-world tests and deployments provide valuable insights concerning challenges and future research directions. There are different mesh and WSN testbeds (e.g., [4, 9, 10]) enabling the research community to run tests in static real-world networks. However, concerning public safety requirements, there are significant differences: (1) No spontaneous deployment, (2) no or at least no mobility typical for public safety, (3) no typical applications and traffic for public safety scenarios. Due to these characteristics, developing algorithms and protocols for public safety scenarios and deploying public safety networks is a huge challenge. To overcome this challenge, we developed a prototype based on commercial off-the-shelf (COTS) hardware. The prototype comprises typical public safety application and is spontaneously deployable. Furthermore, this prototype enables us to perform evaluations with real public safety endusers, e.g. by deploying the prototype in maneuvers. In our demo, we will demonstrate our COTS-based prototype.
@inproceedings{aschenbruck2011mesh, title = {{Demo: A Mesh-based Command and Control Sensing System for Public Safety Scenarios}}, author = {Aschenbruck, Nils and Bauer, Jan and Ernst, Raphael and Fuchs, Christoph and Kirchhoff, Jonathan}, year = {2011}, booktitle = {Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems~(SenSys)}, address = {Seattle, Washington}, doi = {10.1145/2070942.2071007} } - Poster: Deploying a Mesh-based Command and Control Sensing System in a Disaster Area ManeuverNils Aschenbruck, Jan Bauer, Raphael Ernst, Christoph Fuchs, and Jonathan KirchhoffIn Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems (SenSys), 2011
Wireless multi-hop networks meet the requirements of disaster area scenarios by their definition. Recently, different mesh and Wireless Sensor Network (WSN) testbeds were deployed. However, these deployments do not meet the specific characteristics of disaster area scenarios. Developing algorithms and protocols for public safety scenarios and deploying public safety networks is a huge challenge. We have developed BonnSens a commercial off-the-shelf (COTS)-based prototype of a mesh-based command and control sensing system for public safety scenarios. In this poster, we present experiences as well as first measurement results from an on-site deployment in a disaster area maneuver. Overall, our goal is to see which approaches are applicable for public safety networks and where further specific challenges are.
@inproceedings{aschenbruck2011tacnetposter, title = {{Poster: Deploying a Mesh-based Command and Control Sensing System in a Disaster Area Maneuver}}, author = {Aschenbruck, Nils and Bauer, Jan and Ernst, Raphael and Fuchs, Christoph and Kirchhoff, Jonathan}, year = {2011}, booktitle = {Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems~(SenSys)}, address = {Seattle, Washington}, doi = {10.1145/2070942.2070977} } - WSNLab – A Security Testbed and Security Architecture for WSNsIn Demo at the 36th IEEE Conference on Local Computer Networks (LCN), 2011
A Wireless Sensor Network (WSN) consists of small, resource-constrained computing devices (so-called motes) that perform physical measurements (e.g., temperature, vibration) in a distributed manner. The motes form a self-adaptive multi-hop network to transport the measured data to a sink. The data may be pre-processed and fused in the network. Furthermore, WSNs often provide capabilities using a reverse channel for sensor control and management as well as flashing of motes and Over-The-Air Programming (OTAP). WSNs are deployed in a steadily growing plethora of application areas. Especially their deployment in the industrial, military, public safety, and medical domains renders security in these networks an issue of high relevance. There is a need for a real-world security testbed for the evaluation of WSN security measures. Given such a lab, a security architecture for WSN can be developed, implemented, and evaluated. The rest of this abstract is structured as follows: The testbed is described in Section II. Next, we present a threat analysis and security architecture for WSNs (Section III). In the demo, we will show our WSN testbed as well as the Intrusion Detection System (IDS).
@inproceedings{aschenbruck2011wsnlab, title = {{WSNLab -- A Security Testbed and Security Architecture for WSNs}}, author = {Aschenbruck, Nils and Bauer, Jan and Bieling, Jakob and Bothe, Alexander and Schwamborn, Matthias}, year = {2011}, booktitle = {Demo at the 36th IEEE Conference on Local Computer Networks~(LCN)}, address = {Bonn, Germany}, } - WSNLab – A Security Testbed for WSNsIn Demo at the 6th Future Security Research Conference, 2011
As the research of Wireless Sensor Networks (WSNs) focuses more and more on real-world scenarios (such as public safety), security issues become increasingly important. Beside attacks known from conventional (wireless) networks, resource constrains are a core challenge and also a possible vulnerability. The goal of the security testbed, build in the project WSNLab, is to develop and evaluate security measures for WSNs. For this purpose, a light-weight security architecture is specified. Furthermore, selected attacks and countermeasures are implemented and evaluated in the testbed.
@inproceedings{aschenbruck2011wsnlab2, title = {{WSNLab -- A Security Testbed for WSNs}}, author = {Aschenbruck, Nils and Bauer, Jan and Bieling, Jakob and Bothe, Alexander and Schwamborn, Matthias}, year = {2011}, booktitle = {Demo at the 6th Future Security Research Conference}, address = {Berlin, Germany}, } - Parametrization of Terrestrial Ad-Hoc Routing Protocols for Tactical Underwater NetworksNils Aschenbruck, Jan Bauer, Raphael Ernst, and Elmar PadillaIn Proceedings of the International Workshop on Tactical Mobile Ad Hoc Networking in conjunction with the 12th ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), 2011
Wireless underwater communication establishes a wide field of applications in oceanography, military, and industry. Acoustic communication is the enabling technology to connect underwater devices. For networking these devices ad- equate routing protocols are needed. But, there are fundamental differences between terrestrial radio-based and underwater acoustic communication. Thus, existing terrestrial routing protocols cannot be simply applied in Underwater Acoustic Networks (UANs) without adaptations. In this paper, we focus on this adaptation as well as the performance evaluation of terrestrial ad-hoc routing protocols for UANs. For this purpose, we select representative proactive and reactive routing approaches and introduce reasonable parametrizations of these protocols. Finally, we evaluate their performance through extensive simulations in different scenarios.
@inproceedings{aschenbruck2011uac, title = {{Parametrization of Terrestrial Ad-Hoc Routing Protocols for Tactical Underwater Networks}}, author = {Aschenbruck, Nils and Bauer, Jan and Ernst, Raphael and Padilla, Elmar}, year = {2011}, booktitle = {Proceedings of the International Workshop on Tactical Mobile Ad Hoc Networking in conjunction with the 12th ACM International Symposium on Mobile Ad Hoc Networking and Computing~(MobiHoc)}, address = {Paris, France}, }
2010
- Optimizing ODMRP for Underwater NetworksIn Proceedings of the Military Communications Conference (MILCOM), 2010
Underwater networks have attracted significant attention over the last few years. They can be used in scenarios like environmental monitoring and mine countermeasure but may also be part of modern marine warfare. A prominent example is Anti Submarine Warfare (ASW) with multistatic sonars. These networks may be sparse with potentially long distances between single nodes such that direct communication is not always possible. Furthermore, long propagation delays and shadowzones have a negative impact on the communication channel. A solution to overcome these challenges is to realize a multi-hop network by using ad-hoc routing. A well known protocol from terrestrial networks is the On-Demand Multicast Routing-Protocol (ODMRP). In this paper, we present an optimization for ODMRP, named Route-Discovery-Suppression, to improve its performance for the deployment in underwater networks. We evaluate the performance through simulations in different scenarios and show its impact in comparison to other routing protocols.
@inproceedings{bauer2010uwodmrp, title = {{Optimizing ODMRP for Underwater Networks}}, author = {Bauer, Jan and Aschenbruck, Nils and Ernst, Raphael and Padilla, Elmar and Martini, Peter}, year = {2010}, booktitle = {Proceedings of the Military Communications Conference~(MILCOM)}, address = {San Jose, CA, USA}, doi = {10.1109/MILCOM.2010.5680458} }