-
Model CBOR Serialization for Federated Learning
Authors:
Koen Zandberg,
Mayank Gulati,
Gerhard Wunder,
Emmanuel Baccelli
Abstract:
The typical federated learning workflow requires communication between a central server and a large set of clients synchronizing model parameters between each other. The current frameworks use communication protocols not suitable for resource-constrained devices and are either hard to deploy or require high-throughput links not available on these devices. In this paper, we present a generic messag…
▽ More
The typical federated learning workflow requires communication between a central server and a large set of clients synchronizing model parameters between each other. The current frameworks use communication protocols not suitable for resource-constrained devices and are either hard to deploy or require high-throughput links not available on these devices. In this paper, we present a generic message framework using CBOR for communication with existing federated learning frameworks optimised for use with resource-constrained devices and low power and lossy network links. We evaluate the resulting message sizes against JSON serialized messages where compare both with model parameters resulting in optimal and worst case serialization length, and with a real-world LeNet-5 model. Our benchmarks show that with our approach, messages are up to 75 % smaller in size when compared to the JSON alternative.
△ Less
Submitted 25 January, 2024;
originally announced January 2024.
-
U-TOE: Universal TinyML On-board Evaluation Toolkit for Low-Power IoT
Authors:
Zhaolan Huang,
Koen Zandberg,
Kaspar Schleiser,
Emmanuel Baccelli
Abstract:
Results from the TinyML community demonstrate that, it is possible to execute machine learning models directly on the terminals themselves, even if these are small microcontroller-based devices. However, to date, practitioners in the domain lack convenient all-in-one toolkits to help them evaluate the feasibility of executing arbitrary models on arbitrary low-power IoT hardware. To this effect, we…
▽ More
Results from the TinyML community demonstrate that, it is possible to execute machine learning models directly on the terminals themselves, even if these are small microcontroller-based devices. However, to date, practitioners in the domain lack convenient all-in-one toolkits to help them evaluate the feasibility of executing arbitrary models on arbitrary low-power IoT hardware. To this effect, we present in this paper U-TOE, a universal toolkit we designed to facilitate the task of IoT designers and researchers, by combining functionalities from a low-power embedded OS, a generic model transpiler and compiler, an integrated performance measurement module, and an open-access remote IoT testbed. We provide an open source implementation of U-TOE and we demonstrate its use to experimentally evaluate the performance of various models, on a wide variety of low-power IoT boards, based on popular microcontroller architectures. U-TOE allows easily reproducible and customizable comparative evaluation experiments on a wide variety of IoT hardware all-at-once. The availability of a toolkit such as U-TOE is desirable to accelerate research combining Artificial Intelligence and IoT towards fully exploiting the potential of edge computing.
△ Less
Submitted 22 August, 2023; v1 submitted 26 June, 2023;
originally announced June 2023.
-
Femto-Containers: Lightweight Virtualization and Fault Isolation For Small Software Functions on Low-Power IoT Microcontrollers
Authors:
Koen Zandberg,
Emmanuel Baccelli,
Shenghao Yuan,
Frédéric Besson,
Jean-Pierre Talpin
Abstract:
Low-power operating system runtimes used on IoT microcontrollers typically provide rudimentary APIs, basic connectivity and, sometimes, a (secure) firmware update mechanism. In contrast, on less constrained hardware, networked software has entered the age of serverless, microservices and agility. With a view to bridge this gap, in the paper we design Femto-Containers, a new middleware runtime whic…
▽ More
Low-power operating system runtimes used on IoT microcontrollers typically provide rudimentary APIs, basic connectivity and, sometimes, a (secure) firmware update mechanism. In contrast, on less constrained hardware, networked software has entered the age of serverless, microservices and agility. With a view to bridge this gap, in the paper we design Femto-Containers, a new middleware runtime which can be embedded on heterogeneous low-power IoT devices. Femto-Containers enable the secure deployment, execution and isolation of small virtual software functions on low-power IoT devices, over the network. We implement Femto-Containers, and provide integration in RIOT, a popular open source IoT operating system. We then evaluate the performance of our implementation, which was formally verified for fault-isolation, guaranteeing that RIOT is shielded from logic loaded and executed in a Femto-Container. Our experiments on various popular microcontroller architectures (Arm Cortex-M, ESP32 and RISC-V) show that Femto-Containers offer an attractive trade-off in terms of memory footprint overhead, energy consumption, and security
△ Less
Submitted 7 October, 2022;
originally announced October 2022.
-
Femto-Containers: DevOps on Microcontrollers with Lightweight Virtualization & Isolation for IoT Software Modules
Authors:
Koen Zandberg,
Emmanuel Baccelli
Abstract:
Development, deployment and maintenance of networked software has been revolutionized by DevOps, which have become essential to boost system software quality and to enable agile evolution. Meanwhile the Internet of Things (IoT) connects more and more devices which are not covered by DevOps tools: low-power, microcontroller-based devices. In this paper, we contribute to bridge this gap by designing…
▽ More
Development, deployment and maintenance of networked software has been revolutionized by DevOps, which have become essential to boost system software quality and to enable agile evolution. Meanwhile the Internet of Things (IoT) connects more and more devices which are not covered by DevOps tools: low-power, microcontroller-based devices. In this paper, we contribute to bridge this gap by designing Femto-Containers, a new architecture which enables containerization, virtualization and secure deployment of software modules embedded on microcontrollers over low-power networks. As proof-of-concept, we implemented and evaluated Femto-Containers on popular microcontroller architectures (Arm Cortex-M, ESP32 and RISC-V), using eBPF virtualization, and RIOT, a common operating system in this space. We show that Femto-Containers can virtualize and isolate multiple software modules, executed concurrently, with very small memory footprint overhead (below 10%) and very small startup time (tens of microseconds) compared to native code execution. We show that Femto-Containers can satisfy the constraints of both low-level debug logic inserted in a hot code path, and high-level business logic coded in a variety of common programming languages. Compared to prior work, Femto-Containers thus offer an attractive trade-off in terms of memory footprint, energy consumption, agility and security.
△ Less
Submitted 3 November, 2021; v1 submitted 10 June, 2021;
originally announced June 2021.
-
Quantum-Resistant Security for Software Updates on Low-power Networked Embedded Devices
Authors:
Gustavo Banegas,
Koen Zandberg,
Adrian Herrmann,
Emmanuel Baccelli,
Benjamin Smith
Abstract:
As the Internet of Things (IoT) rolls out today to devices whose lifetime may well exceed a decade, conservative threat models should consider attackers with access to quantum computing power. The SUIT standard (specified by the IETF) defines a security architecture for IoT software updates, standardizing the metadata and the cryptographic tools-namely, digital signatures and hash functions-that g…
▽ More
As the Internet of Things (IoT) rolls out today to devices whose lifetime may well exceed a decade, conservative threat models should consider attackers with access to quantum computing power. The SUIT standard (specified by the IETF) defines a security architecture for IoT software updates, standardizing the metadata and the cryptographic tools-namely, digital signatures and hash functions-that guarantee the legitimacy of software updates. While the performance of SUIT has previously been evaluated in the pre-quantum context, it has not yet been studied in a post-quantum context. Taking the open-source implementation of SUIT available in RIOT as a case study, we overview post-quantum considerations, and quantum-resistant digital signatures in particular, focusing on lowpower, microcontroller-based IoT devices which have stringent resource constraints in terms of memory, CPU, and energy consumption. We benchmark a selection of proposed post-quantum signature schemes (LMS, Falcon, and Dilithium) and compare them with current pre-quantum signature schemes (Ed25519 and ECDSA). Our benchmarks are carried out on a variety of IoT hardware including ARM Cortex-M, RISC-V, and Espressif (ESP32), which form the bulk of modern 32-bit microcontroller architectures. We interpret our benchmark results in the context of SUIT, and estimate the real-world impact of post-quantum alternatives for a range of typical software update categories. CCS CONCEPTS $\bullet$ Computer systems organization $\rightarrow$ Embedded systems.
△ Less
Submitted 11 June, 2021; v1 submitted 10 June, 2021;
originally announced June 2021.
-
Minimal Virtual Machines on IoT Microcontrollers: The Case of Berkeley Packet Filters with rBPF
Authors:
Koen Zandberg,
Emmanuel Baccelli
Abstract:
Virtual machines (VM) are widely used to host and isolate software modules. However, extremely small memory and low-energy budgets have so far prevented wide use of VMs on typical microcontroller-based IoT devices. In this paper, we explore the potential of two minimal VM approaches on such low-power hardware. We design rBPF, a register-based VM based on extended Berkeley Packet Filters (eBPF). We…
▽ More
Virtual machines (VM) are widely used to host and isolate software modules. However, extremely small memory and low-energy budgets have so far prevented wide use of VMs on typical microcontroller-based IoT devices. In this paper, we explore the potential of two minimal VM approaches on such low-power hardware. We design rBPF, a register-based VM based on extended Berkeley Packet Filters (eBPF). We compare it with a stack-based VM based on WebAssembly (Wasm) adapted for embedded systems. We implement prototypes of each VM, hosted in the IoT operating system RIOT. We perform measurements on commercial off-the-shelf IoT hardware. Unsurprisingly, we observe that both Wasm and rBPF virtual machines yield execution time and memory overhead, compared to not using a VM. We show however that this execution time overhead is tolerable for low-throughput, low-energy IoT devices. We further show that, while using a VM based on Wasm entails doubling the memory budget for a simple networked IoT application using a 6LoWPAN/CoAP stack, using a VM based on rBPF requires only negligible memory overhead (less than 10% more memory). rBPF is thus a promising approach to host small software modules, isolated from OS software, and updatable on-demand, over low-power networks.
△ Less
Submitted 9 December, 2020; v1 submitted 24 November, 2020;
originally announced November 2020.
-
Low-Power IoT Communication Security: On the Performance of DTLS and TLS 1.3
Authors:
Gabriele Restuccia,
Hannes Tschofenig,
Emmanuel Baccelli
Abstract:
Similarly to elsewhere on the Internet, practical security in the Internet of Things (IoT) is achieved by combining an array of mechanisms, at work at all layers of the protocol stack, in system software, and in hardware. Standard protocols such as Datagram Transport Layer Security (DTLS 1.2) and Transport Layer Security (TLS 1.2) are often recommended to secure communications to/from IoT devices.…
▽ More
Similarly to elsewhere on the Internet, practical security in the Internet of Things (IoT) is achieved by combining an array of mechanisms, at work at all layers of the protocol stack, in system software, and in hardware. Standard protocols such as Datagram Transport Layer Security (DTLS 1.2) and Transport Layer Security (TLS 1.2) are often recommended to secure communications to/from IoT devices. Recently, the TLS 1.3 standard was released and DTLS 1.3 is in the final stages of standardization. In this paper, we give an overview of version 1.3 of these protocols, and we provide the first experimental comparative performance analysis of different implementations and various configurations of these protocols, on real IoT devices based on low-power microcontrollers. We show how different implementations lead to different compromises. We measure and compare bytes-over-the-air, memory footprint, and energy consumption. We show that, when DTLS/TLS 1.3 requires more resources than DTLS/TLS 1.2, this additional overhead is quite reasonable. We also observe that, in some configurations, DTLS/TLS 1.3 actually decreases overhead and resource consumption. All in all, our study indicates that there is still room to optimize the existing implementations of these protocols.
△ Less
Submitted 10 December, 2020; v1 submitted 24 November, 2020;
originally announced November 2020.
-
Connecting the World of Embedded Mobiles: The RIOT Approach to Ubiquitous Networking for the Internet of Things
Authors:
Martine Lenders,
Peter Kietzmann,
Oliver Hahm,
Hauke Petersen,
Cenk Gündoğan,
Emmanuel Baccelli,
Kaspar Schleiser,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
The Internet of Things (IoT) is rapidly evolving based on low-power compliant protocol standards that extend the Internet into the embedded world. Pioneering implementations have proven it is feasible to inter-network very constrained devices, but had to rely on peculiar cross-layered designs and offer a minimalistic set of features. In the long run, however, professional use and massive deploymen…
▽ More
The Internet of Things (IoT) is rapidly evolving based on low-power compliant protocol standards that extend the Internet into the embedded world. Pioneering implementations have proven it is feasible to inter-network very constrained devices, but had to rely on peculiar cross-layered designs and offer a minimalistic set of features. In the long run, however, professional use and massive deployment of IoT devices require full-featured, cleanly composed, and flexible network stacks.
This paper introduces the networking architecture that turns RIOT into a powerful IoT system, to enable low-power wireless scenarios. RIOT networking offers (i) a modular architecture with generic interfaces for plugging in drivers, protocols, or entire stacks, (ii) support for multiple heterogeneous interfaces and stacks that can concurrently operate, and (iii) GNRC, its cleanly layered, recursively composed default network stack. We contribute an in-depth analysis of the communication performance and resource efficiency of RIOT, both on a micro-benchmarking level as well as by comparing IoT communication across different platforms. Our findings show that, though it is based on significantly different design trade-offs, the networking subsystem of RIOT achieves a performance equivalent to that of Contiki and TinyOS, the two operating systems which pioneered IoT software platforms.
△ Less
Submitted 9 January, 2018;
originally announced January 2018.
-
Powering the Internet of Things with RIOT: Why? How? What is RIOT?
Authors:
Emmanuel Baccelli,
Kaspar Schleiser
Abstract:
The crucial importance of software platforms was highlighted by recent events both at the political level (e.g. renewed calls for digital data and operating system "sovereignty", following E. Snowden's revelations) and at the business level (e.g. Android generated a new industry worth tens of billions of euros yearly). In the Internet of Things, which is expected to generate business at very large…
▽ More
The crucial importance of software platforms was highlighted by recent events both at the political level (e.g. renewed calls for digital data and operating system "sovereignty", following E. Snowden's revelations) and at the business level (e.g. Android generated a new industry worth tens of billions of euros yearly). In the Internet of Things, which is expected to generate business at very large scale, but also to threaten even more individual privacy, such aspects will be exacerbated. The need for an operating system like RIOT stems from this context, and this short article outlines RIOT's main non-technical aspects, as well as its key technical characteristics.
△ Less
Submitted 11 March, 2016;
originally announced March 2016.
-
A Case for Time Slotted Channel Hop** for ICN in the IoT
Authors:
Oliver Hahm,
Cédric Adjih,
Emmanuel Baccelli,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
Recent proposals to simplify the operation of the IoT include the use of Information Centric Networking (ICN) paradigms. While this is promising, several challenges remain. In this paper, our core contributions (a) leverage ICN communication patterns to dynamically optimize the use of TSCH (Time Slotted Channel Hop**), a wireless link layer technology increasingly popular in the IoT, and (b) m…
▽ More
Recent proposals to simplify the operation of the IoT include the use of Information Centric Networking (ICN) paradigms. While this is promising, several challenges remain. In this paper, our core contributions (a) leverage ICN communication patterns to dynamically optimize the use of TSCH (Time Slotted Channel Hop**), a wireless link layer technology increasingly popular in the IoT, and (b) make IoT-style routing adaptive to names, resources, and traffic patterns throughout the network--both without cross-layering. Through a series of experiments on the FIT IoT-LAB interconnecting typical IoT hardware, we find that our approach is fully robust against wireless interference, and almost halves the energy consumed for transmission when compared to CSMA. Most importantly, our adaptive scheduling prevents the time-slotted MAC layer from sacrificing throughput and delay.
△ Less
Submitted 27 February, 2016;
originally announced February 2016.
-
Old Wine in New Skins? Revisiting the Software Architecture for IP Network Stacks on Constrained IoT Devices
Authors:
Hauke Petersen,
Martine Lenders,
Matthias Wählisch,
Oliver Hahm,
Emmanuel Baccelli
Abstract:
In this paper, we argue that existing concepts for the design and implementation of network stacks for constrained devices do not comply with the requirements of current and upcoming Internet of Things (IoT) use cases. The IoT requires not only a lightweight but also a modular network stack, based on standards. We discuss functional and non-functional requirements for the software architecture of…
▽ More
In this paper, we argue that existing concepts for the design and implementation of network stacks for constrained devices do not comply with the requirements of current and upcoming Internet of Things (IoT) use cases. The IoT requires not only a lightweight but also a modular network stack, based on standards. We discuss functional and non-functional requirements for the software architecture of the network stack on constrained IoT devices. Then, revisiting concepts from the early Internet as well as current implementations, we propose a future-proof alternative to existing IoT network stack architectures, and provide an initial evaluation of this proposal based on its implementation running on top of state-of-the-art IoT operating system and hardware.
△ Less
Submitted 6 February, 2015;
originally announced February 2015.
-
The Role of the Internet of Things in Network Resilience
Authors:
Hauke Petersen,
Emmanuel Baccelli,
Matthias Wählisch,
Thomas C. Schmidt,
Jochen Schiller
Abstract:
Disasters lead to devastating structural damage not only to buildings and transport infrastructure, but also to other critical infrastructure, such as the power grid and communication backbones. Following such an event, the availability of minimal communication services is however crucial to allow efficient and coordinated disaster response, to enable timely public information, or to provide indiv…
▽ More
Disasters lead to devastating structural damage not only to buildings and transport infrastructure, but also to other critical infrastructure, such as the power grid and communication backbones. Following such an event, the availability of minimal communication services is however crucial to allow efficient and coordinated disaster response, to enable timely public information, or to provide individuals in need with a default mechanism to post emergency messages. The Internet of Things consists in the massive deployment of heterogeneous devices, most of which battery-powered, and interconnected via wireless network interfaces. Typical IoT communication architectures enables such IoT devices to not only connect to the communication backbone (i.e. the Internet) using an infrastructure-based wireless network paradigm, but also to communicate with one another autonomously, without the help of any infrastructure, using a spontaneous wireless network paradigm. In this paper, we argue that the vast deployment of IoT-enabled devices could bring benefits in terms of data network resilience in face of disaster. Leveraging their spontaneous wireless networking capabilities, IoT devices could enable minimal communication services (e.g. emergency micro-message delivery) while the conventional communication infrastructure is out of service. We identify the main challenges that must be addressed in order to realize this potential in practice. These challenges concern various technical aspects, including physical connectivity requirements, network protocol stack enhancements, data traffic prioritization schemes, as well as social and political aspects.
△ Less
Submitted 25 June, 2014;
originally announced June 2014.
-
Information Centric Networking in the IoT: Experiments with NDN in the Wild
Authors:
Emmanuel Baccelli,
Christian Mehlis,
Oliver Hahm,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
This paper explores the feasibility, advantages, and challenges of an ICN-based approach in the Internet of Things. We report on the first NDN experiments in a life-size IoT deployment, spread over tens of rooms on several floors of a building. Based on the insights gained with these experiments, the paper analyses the shortcomings of CCN applied to IoT. Several interoperable CCN enhancements are…
▽ More
This paper explores the feasibility, advantages, and challenges of an ICN-based approach in the Internet of Things. We report on the first NDN experiments in a life-size IoT deployment, spread over tens of rooms on several floors of a building. Based on the insights gained with these experiments, the paper analyses the shortcomings of CCN applied to IoT. Several interoperable CCN enhancements are then proposed and evaluated. We significantly decreased control traffic (i.e., interest messages) and leverage data path and caching to match IoT requirements in terms of energy and bandwidth constraints. Our optimizations increase content availability in case of IoT nodes with intermittent activity. This paper also provides the first experimental comparison of CCN with the common IoT standards 6LoWPAN/RPL/UDP.
△ Less
Submitted 20 August, 2014; v1 submitted 25 June, 2014;
originally announced June 2014.
-
Spontaneous Wireless Networking to Counter Pervasive Monitoring
Authors:
Emmanuel Baccelli,
Oliver Hahm,
Matthias Wählisch
Abstract:
Several approaches can be employed to counter pervasive monitoring at large scale on the Internet. One category of approaches aims to harden the current Internet architecture and to increase the security of high profile targets (data centers, exchange points etc.). Another category of approaches aims instead for target dispersal, i.e. disabling systematic mass surveillance via the elimination of e…
▽ More
Several approaches can be employed to counter pervasive monitoring at large scale on the Internet. One category of approaches aims to harden the current Internet architecture and to increase the security of high profile targets (data centers, exchange points etc.). Another category of approaches aims instead for target dispersal, i.e. disabling systematic mass surveillance via the elimination of existing vantage points, thus forcing surveillance efforts to be more specific and personalized. This paper argues how networking approaches that do not rely on central entities -- but rather on spontaneous interaction, as locally as possible, between autonomous peer entities -- can help realize target dispersal and thus counter pervasive monitoring.
△ Less
Submitted 11 February, 2014;
originally announced February 2014.
-
Proceedings of the 3rd MANIAC Challenge, Berlin, Germany, July 27 - 28, 2013
Authors:
Emmanuel Baccelli,
Felix Juraschek,
Oliver Hahm,
Thomas C. Schmidt,
Heiko Will,
Matthias Wählisch
Abstract:
This is the Proceedings of the 3rd MANIAC Challenge, which was held in Berlin, Germany, July 27 - 28, 2013.
This is the Proceedings of the 3rd MANIAC Challenge, which was held in Berlin, Germany, July 27 - 28, 2013.
△ Less
Submitted 8 January, 2014; v1 submitted 6 January, 2014;
originally announced January 2014.