Trustworthy and Resilient Time Synchronization in Wireless Sensor Networks

Abstract

Wireless sensor networks have received a lot of attention recently due to its wide applications. Accurate and synchronized time is crucial in many sensor network applications due to the need for consistent distributed sensing and coordination. A number of time synchronization schemes have been proposed recently to address the resource constraints in sensor networks. However, all these techniques cannot survive malicious attacks in hostile environments.

This dissertation includes three secure time synchronization techniques, secure single-hop pair-wise time differences, fault-tolerant cluster-wise time synchronization, and secure and resilient global time synchronization, to achieve time synchronization in different scopes of sensor networks. First, we develop a secure single-hop pair-wise time synchronization technique that provides time difference between two neighbor nodes using hardware-assisted, authenticated medium access control (MAC) layer timestamping. This technique can effectively defeats external attacks that attempt to mislead single-hop pairwise time synchronization. Moreover, it can handle high data rate such as those produced by MICAz motes.

Second, we propose a fault-tolerant cluster-wise time synchronization scheme to provide a common clock among a cluster of nodes, where the nodes in the cluster can communicate through broadcast. This scheme guarantees an upper bound of time difference between normal nodes in a cluster, provided that the malicious nodes are no more than one third of the cluster. Unlike the traditional fault-tolerant time synchronization approaches, the proposed technique does not introduce collisions between synchronization messages, nor does it require costly digital signatures.

Third, we develop two secure and resilient global time synchronization schemes: level-based time synchronization and diffusion-based time synchronization. The basic idea of both schemes is to provide redundant ways for one node to synchronize its clock with another far-away node, so that it can tolerate partially missing or false synchronization information provided by compromised nodes. Both schemes achieve global time synchronization based on a model where all the sensor nodes synchronize their clocks to some common source, which is assumed to be well synchronized to an external clock. The level-based scheme builds a level hierarchy in the sensor network, and then synchronizes the whole network level by level. The diffusion-based scheme allows each node to diffuse its clock to its neighbor nodes after it has been synchronized. Both schemes are secure against external attacks and resilient against compromised nodes. We adapt a novel use of the uTESLA broadcast authentication protocol for local authenticated broadcast, reducing the message overhead as well as the message collisions. We implement a secure and resilient global time synchronization protocol, TinySeRSync, on MICAz motes running TinyOS and perform a thorough evaluation through field experiments in a network of 60 MICAz motes. The evaluation results indicate that TinySeRSync is a practical system for secure and resilient global time synchronization in wireless sensor networks.