design for dependability of wireless sensor networks
TRANSCRIPT
Design for dependability of Wireless Sensor Networks
La conception pour la dependabilitédes réseaux de capteurs
José Machado da SilvaFaculdade de Engenharia,
U. Porto, Portugal
Réseaux de Capteurs: Impacts et Défis pour la SocietéÉcole d’Eté – Université de Bejäia
Engineering studentsUndergraduate – ~ 6200PhD – 754
Teaching staff – 604
Students/teaching staff ratio – 14.5
International students on PhDprogrammes – 139
Cooperation with international universities – 526
Dissertations undertaken within mobility programs (2009/2010) – 40
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 3
Pont Hintz Ribeiro, 4 Mars 2001
Réseaux de Capteurs: Impacts et Défis pour la Societé
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 4
Critical infrastructures require monitoring mechanisms that enable usto detect failures and attacks as early as possible.
Power cut, affected ~700x106 people, August 2012
Réseaux de Capteurs: Impacts et Défis pour la Societé
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 5
the usefulness of WSNs to monitor critical infrastructures is primarilydetermined by the dependability of the WSN itself.
Outline
Introduction to dependabilityAspects and characteristics of WSN to be addressed to improve their dependabilityExample of faults detection in WSNTest of a pressure sensor in an abdominal aortic stent-graft
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 6
Dependability
Attributes analysis
Availability
Security
Reliability
Maintainability
Risks
Defects
Failures
Errors
Means to achieve
dependability
Prevention
Detection
Fault tolerance
Techniques to be employed
Built-In-Self-Test (BIST)
Built-In-Self-Repair (BISR)
Reconfiguration
Data Fusion
Sensor node architecture components
PROCESSINGSUB-SYSTEM
COMMUNICATIONSUB-SYSTEM
SENSINGSUB-SYSTEM
POWER MGMT.SUB-SYSTEM
ACTUATIONSUB-SYSTEM
Limited Lifetime
Require Supervision
Limited Memory
Slow Processing
Lossy, slow Transmission
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 8
Failures may happen and attacks may be targeted at any layer of theWSN architecture from the node hardware and operating system, through the networking protocol stack, up to the middleware and service layers.
Challenges to achieving reliabilitywireless communicationconstrained resources
Available power resources; processing speed; storage capacity; communication bandwidth; harsh environment
Making systems long-livedAllow reconfigurationLocalized algorithms used to prevent single points of failureLow duty cycle operation designs
Design for Dependability of WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 9
Long lifetimes - Energy efficiency
Low and predictable DelayTens of ms for discrete manufacturingSeconds for process controlTens of seconds to minutes for asset monitoring
Scalability – Up to 100 sensors/actuators in areas of few m2
Robustness – A large WSN, with sufficient node capacity, admits losing nodes to hardware failure without the entire system failing by means of redundancy, re-routing and preventive maintenance.
requires information on the probable node failure rates at field conditionssensor devices are planned to be unattended for long periods without maintenancedesign for testability of the nodes’ hardware
Design for Dependability of WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 10
Design for Dependability of WSNMany sensor networks have mission-critical tasks; reliability needs to be taken into account at design time.
safety, secrecy, securitydeducing information from surroundings is possibleinformation leakage results in privacy breacheswireless communication facilitates packet sneaking in by an adversary.
Reliability in message deliveryLost messages may compromise the correct behavior of the monitoring system
sent packetssuccessreceived packets .. NoPNo ×=
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 11
Design for Dependability of WSN
Errors may result from the interaction of hardware, software and the environment – sensor node electronics are subject to stress
environmental contaminants and conditions (temperature, temperature changes, and humidity, vibration) ripple voltage, and overvoltage.Power-up (heat) and shutdown (cool) generate thermo-mechanical stresses.
Quality and reliability are not freebut poor quality and reliability usually cost more than good quality and reliability.
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 12
Resistance of individual nodes against failures and attacks
intrusion detection and prevention, separation of critical parts of the system, software-based remote code attestation.
Dependability of the networking layerrobust network topologies, secure and reliable transport of data, prevention of traffic analysis.
Dependable and persistent distributed data storage service within the network
network-failure and attack resistant.
Design for Dependability of WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 13
FeaturesSelf-calibrationSelf-diagnosticsAbility to compensate for variations and ambient conditions
MonitorEventsInteraction
Intelligent sensorsHaving adequate information from which the sensor can assure the validity of the measurement and the ability to communicate with the other intelligent devices in the system
Information redundancy (retransmission, erasure codes), route fix
Sensor node architecture abilities
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 14
Task leveltrade-off functionality for reduced computations
Algorithm levelcollaborative signal processing and coordinated communications
Protocol levelpower aware routing and selective multicasting
Physical levelradio power control and dynamic bandwidth management
Energy Conservation in WSNs
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 15
G. Anastasi, M. Conti, M. di Francesco, A. Pasarella, “Energy Conservation inWireless Sensor Networks: A Survey”, Ad Hoc Networks, vol. 7, no. 3, May 2009, Elsevier.
Event triggered activity1. Microphones detect bird call2. Algorithms estimate bird location3. Camera with bird in field of view captures photograph
Communication - the most energy demandingcomponent on a typical sensor nodeProcessing vs. communication
Compute an 8-bit 1024 FFT 80 nJ [Wang JSSC05]
RF Tx/Rx of an 8 bit sample (20 m) 32 nJ [Cook ISSCC06]
Energy Conservation in WSNs
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 16
Wireless protocols efficiency
A Comparative Study of Wireless Protocols: Bluetooth, UWB, ZigBee, and Wi-FiThe 33rd Annual Conference of the IEEE Industrial Electronics Society (IECON), 2007
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 17
802.15.4 low-power consumption / low data rate (979 nJ/bit)
802.11b high-power consumption / high data rate (112 nJ/bit)
Use multiple radios to implement “wake-on-wireless”, where a low power radio is used to wake up a high power radio.
T. Pering, V. Raghunathan, and R. Want. Exploiting radio hierarchies for power-efficient wireless device discovery and connection setup. In VLSID ’05, 2005.D. Lymberopoulos, N. B. Priyantha, M. Goraczko, F. Zhao, “Towards EnergyEfficient Design of Multi-Radio Platforms for Wireless Sensor Networks”, SPOTS’08,2008
Wireless protocols efficiency
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 18
Wireless linkReceived signal strength
- On the Extended Relationships Among EVM, BER and SNR as Performance Metrics, 4th International Conference on Electrical and Computer Engineering ICECE 2006.- Measurement–Based Physical Layer Modeling for Wireless Network Simulations5th IEEE Int.Symp. Modeling, Analysis, and Simulation of Computer and Telecommunications Systems (MASCOTS‘07)
( )nBERPER −−= 11
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 19
“ … up to 90% of all innovations are driven by electronics and software”.
H.-G. Frischkorn. Automotive software – the silent revolution. Automotive Software Workshop, San Diego, CA, Jan 2004.
The ISO 26262 standard for functional safety in automotive electronics highly recommends that fault injection be included as part of the dependability analysis of critical systems.
ISO/DIS 26262: Road vehicles – Functional safety, volume 4–6. International Organization for Standardization, Geneva, Switzerland, 2009.
Design for Dependability of WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 20
The errors induced by faults form identifiable patterns.Error patterns
corresponding to faults are evident in, and can be derived from,system metrics.allow faults to be distinguished by type, persistence, etc.
Controllability – able to define experimental parameters accurately, in time (e.g., fault activation-trigger and duration), space (e.g., fault location) and value (e.g., fault type).Observability – The effect(s) of a fault should be readily apparent. Observations must be made at each node and compared with respect to the time, space and value domains.Repeatability
Testability of WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 21
Failure of WSN modules (such as communication and sensing module) due to (fault dictionary)
fabrication process problems, environmental factors, enemy attacks and so on; battery power depletion; out of the communication range
Faulty nodespermanente: remain faulty until being replaced,static: new faults are generated during fault detection.
Testability of WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 22
Self-detection / passive detectionSensor nodes run their own fault detection operations (e.g. remaing energy; status of sensor)Eventually communication is not used
Active detectionFault detection run at the network level – in-cell update cycleCommunication between cell manager and cell membersE.g., if a cell does not send an acknowledge in given time it is declared faulty
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 23
Hard fault – sensor node cannot communicate with other nodes because of the failure of a certain module Soft fault – the failed node can continue to work and communicate with other nodes but the data sensed / transmitted is not correct.Fault detection:
Good node is considered good – PGGFaulty node is considered faulty – PFFFaulty node is considered good – PFGGood node is considered faulty – PGF
Fault detection accuracy = PGG + PFF
p – the probability of a node’s failure
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 24
Fault recoveryAwake sleeping sensor nodes or introduce new sensor nodes to replace the faulty onesA sensor node may be appointed as a backup cell manager to replace this one in case it fails
E.g. if the manager detects a fault in itself (passive detection) it sends a message to communicate that it is going downThe backup manager assumes management and the other sensor nodes communicate with this new manager
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 25
Neighbor nodes: two nodes within a single hop’s communication scope.
Neighbor(Si), Nb(Si) - The set of all neighbours of node Si
Num(Nb(Si)) - the total number of neighbors of node Si
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 26
Si
mti: measure of Si @ instant t
θ1, θ2 ; predefined threshold levelscij={0/good,1/faulty}: test between Si and Sj,
mti – mt
j ≤ θ1 → cij= 0∆dmij
∆ti = - ≤ θ2 → cij= 0∆ti= ti+1-ticij=cji
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 27
S2; m2
S1; m1
S3; m3
S4; m4
S5; m5
S6; m6
S7; m7
S8; m8
S9; m9
S10; m10ti ti+1
θ1S4
S1
S3
Peng Jiang, A New Method for Node Fault Detection in Wireless Sensor Networks, Sensors 2009, 9, 1282-1294.
Ti: ={LG, LF, AG, AF}LG, likely good if
LF, probably faulty otherwise
AG, actual good if
AF, actual faulty otherwise
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 28
( )∑ ∑
∈
<)( 2
)(
SiNbSj
SiNbNumcij
for Nb(Si)
set cij=0;
for s=1:N
if |dmijt|> θ1cij=1,
else
if |∆dmij∆ti |> θ2cij=1,
endif
next
( )∑ ∑
=∧∈
=<LGTSiNbSj
LGT
j
jSiNbNum
cij)( 2
)(
If Ti=LG and Tj is not LG, for all j, then:Ti = AG; Ti = AF, otherwise
k average number of neighbors of each node
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 29
( )
( ) ( ) ( )
( )
( ) ( )∑
∑
∑
∑
−
=
−
−
=
−
−
=
−
−
=
−
−−=
−=
⎪⎩
⎪⎨⎧
+
+=−−=
−=
1
0glg
1
0flg
1
0glf
1
0flf
11
1
,21
,1211
1
m
j
iikik
m
j
jkjjk
m
j
jkjjk
m
i
iikik
ppcpP
ppcpP
oddkk
evenkkmppcpP
ppcpP
x = Num(Nb(Si)) initially diagnosed as possibly normal (LG).y is the number of AG nodes initially diagnosed as (LG) in x nodes.
Fault detection in WSN
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 30
( )⎪⎩
⎪⎨⎧
+
+=
oddxx
evenxxn
,21
,12
( )
( )
⎟⎠
⎞⎜⎝
⎛+⎟⎠
⎞⎜⎝
⎛⎟⎠
⎞⎜⎝
⎛=
⎟⎠
⎞⎜⎝
⎛+⎟⎠
⎞⎜⎝
⎛⎟⎠
⎞⎜⎝
⎛−=
⎟⎠
⎞⎜⎝
⎛+⎟⎠
⎞⎜⎝
⎛⎟⎟⎠
⎞⎜⎜⎝
⎛−=
⎟⎠
⎞⎜⎝
⎛+⎟⎠
⎞⎜⎝
⎛⎟⎟⎠
⎞⎜⎜⎝
⎛=
∑∑∑∑
∑∑∑∑
∑∑∑∑
∑∑∑∑
=
−−
=
−−−
−
=
−
=
=
−−
=
−−−
−
=
−
=
=
−−
=
−−−
−
=
−
=
=
−−
=
−−−
−
=
−
=
k
a
akaak
xk
a
axkaaxk
n
z
zzxzx
k
x
xk
k
a
akaak
xk
a
axkaaxk
n
z
zzxzx
k
x
xk
k
a
akaak
xk
a
axkaaxk
n
y
yxyxk
k
x
xk
k
a
akaakf
xk
a
axkaaxk
n
y
yxyxk
k
x
xk
PPcPPPcPPccpP
PPcPPPcPPccpP
PPcPPPcPPccpP
PPcPPPcPPccpP
0flfglfflf
0flfglf
1
0flgglg
1FF
0flfglfglg
0flfglf
1
0flgglg
1GG
0flfglfglf
0flfglf
1
0flgglg
1GF
0flfglflg
0flgglf
1
0flgglg
1FG
1
1
Reliable vital signals monitoringresults from a clinical trial indicate that sensing is the primary source of unreliability
patient movement, improper sensor placement, sensor disconnections
- Reliable Clinical Monitoring using Wireless Sensor Networks: Experiences in a Step-down Hospital Unit, Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems , SenSys '10.
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 31
Smart cardiovascular medical device
Cluster of capacitive pressure sensors Maximizes the system sensitivity to leakages
SensorLC resonant circuit with oscillating frequency sensitive to pressure variations
ReceiverDelivers energy and detects sensors’ resonance frequencies through an inductive coupling link
Frequency band 12.5 MHz to 20.0 MHz (allocated for medical applications)
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 32
Readout Stimulus Sensor’s response
Smart cardiovascular medical device
Square wave (100 kHz)
Time (μs)
Am
plitu
de (V
)
vdif
Am
plitu
de (V
)
Time (μs)
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 33
Detecting multiple sensors
Smart cardiovascular medical device
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 34
Smart cardiovascular medical deviceLikely faults in the pressure sensor
Capacitor Defects
Effects on Measurements
Stuck capacitorLeads to a constant resonant frequency
measurement
Reduction of capacitor’s
nominal measurement
range
Allows detecting pressure deviations but in a narrow
range, these measurements could still be taken as admissible
Large deviation of capacitor’s nominal value
Could lead to a false defective stent-graft
detection (e.g. a leaking stent-graft)
Collapsed capacitor
Shows no oscillation frequency
Bending of the structure
Deviation of the inductance and capacitor
values
Aging of the structure
Increase of inductor resistance
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 35
Fault detection
1 ≡ 1 • From the transmitted power data the quality factor (Q) can be obtained
• Using the measured fosc and Q, the k and Rs values are estimated
Smart cardiovascular medical device
Smart cardiovascular medical device
1 2
21 2
Sensor faults detection
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 37
Block Diagram
Telemetry System Signal Acquisition Data Modeling
frequency sweep after QRS detection measure transmitted power and impedance
Transmitted Power (P) and Impedance (ZL)
Extraction of sensor’s components nominal
values for fault detection
Ls, Rs, Cs
QRS Detection
Power (P) Impedance (ZL)
Smart cardiovascular medical device
Cristina Oliveira, José Machado da Silva, Fault Detection System for a Stent-Graft Endoleakage Monitor18th International Mixed-Signals, Sensors and Systems Test Workshop (IMS3TW), 2012
Results
Extracted Rs and Cs are higher than calculations, because during the assembly of the A–CNTs onto the flexPCB using a special conductive glue extra parasitic capacitance and resistance are inserted. The antenna’sinductance measured with a network analyzer prior to the assembly of the A–CNTs is 18.08 μH. The antennais not purely inductive, since the overlap of the top and bottom coils introduces a significant seriescapacitance, which causes the difference in the inductance value.
Smart cardiovascular medical device
A Textiles Embedded Body Sensor Network
ObjectiveSensor modules interconnected withtextile conductive yarns capture EMGand kinematic activity signals from thelower limbsSend aggregated information to anexternal processing unit.
CPM
Sensor
José Machado da Silva et all, “A Wearable Sensor Network for Human Locomotion Data Capture – The conductive yarns infrastructure”. 9th International Conf. on WearableMicro and Nano Technologies for Personalized Health, 2012
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 40
A Textiles Embedded Body Sensor Network
Characteristics
• Tx/Rx at 10Mbps;• Pulse modulation;• PLC;• Line fault detection;• Energy Efficient;• Line impedance
independent functionality.
Pulse Generator
(Tx)
SchmittTrigger
(Rx)
LDO
Fault DetectionCircuitry
Pulse Generator
(Tx)
SchmittTrigger
(Rx)
LDO
Fault DetectionCircuitry
Data inData in
Data outData out
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 41
A Textiles Embedded Body Sensor Network1º PrototypeData Acquisition
• Acceleration• Angular rate• Surface EMG
Status• First prototypes concluded and validated• Second prototypes just received– ¼ of PCB Area– Stitching PCB
Sensor V2 EMG V2
30 mm
60 m
m
sEMG (Textile Electrodes) Acceleration
CPMEMGSensor
System Layout
2º Prototype
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 42
Test and calibration of wired sensorsA proprietary I2C based test infrastructure
SCPS – Setup, Capture, Process, Scan
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 43
José Machado da Silva 7/12/2013 / p. 44
Design for dependability of Wireless Sensor Networks
Many steps have been taken, but there’s still a long way to go!
Design for Dependability of WSN
Buttyan, L.; Gessner, D.; Hessler, A.; Langendoerfer, Peter, "Application of wireless sensor networks in critical infrastructure protection: challenges and design options," Wireless Communications, IEEE , vol.17, no.5, pp.44,49, October 2010Lee, M.H.; Choi, Y.H. Fault detection of wireless sensor networks. Comput. Commun. 2008, 31, 3469-3475.Nakamura, E.F.; Figueiredo, C.M.S.; Nakamura, F.G.; Loureiro, A.A.F. Diffuse: A topologybuilding engine for wireless sensor networks. Signal Processing, 2007, 87, 2991-3009.Gao, J.L.; Xu, Y.J.; Li, X.W. Weighted-median based distributed fault detection for wireless sensor networks. J. Softw. 2007, 18, 1208-1217.Wang, T.Y.; Chang, L.Y.; Dun, D.R.; Wu, J.Y. Distributed fault-tolerant detection via sensor fault detection in sensor networks. In Proceedings of the IEEE 10th International Conference on Information Fusion, Quebec, Canada, 2007; pp. 1-6.Koushanfar, F.; Potkonjak, M.; Sangiovanni-Vincentelli, A. On-line fault detection of sensor measurements. In Proceedings of the IEEE, Sensors. IEEE Press: Toronto, 2003; Vol. 2, pp. 22-24.A. Willig, Recent and Emerging Topics in Wireless Industrial Communications: a Selection, IEEE Transactions on Industrial Informatics, Vol. 4, N. 2, May 2008.R. Zurawski, Networked Embedded Systems: An Overview, Chapter 1 in Networked Embedded Systems (R. Zurawski, Editor), pp. 1.11-1.16, CRC Press, 2009
Bibliography
José Machado da Silva Design for Dependability of WSN 7/12/2013 / p. 45