Secure Language-Based Adaptive Service Platform (SLAP) for Large-Scale Embedded Sensor Networks

1
Secure Language-Based Adaptive Service Platform
(SLAP) for Large-Scale Embedded Sensor Networks

• David Culler
• Eric Brewer Dave Wagner
• Shankar Sastry Kris Pister
• University of California, Berkeley

2
OEP will deliver to you...

• An Open, interesting, flexible, low-power
  experimental wireless sensor/actuator platform
• early in the program
• 6 months, then 30 months
• at significant scale
• 100 tiny nodes per kit
• With a novel event-driven tiny component OS
• easily customized to particular applications
• FSM programming environment for distributed
  control algorithms and applications
• Powerful adversarial simulation environment
• Empirical test-bed facility
• and develop a challenge application

3
Composition of the Team

• David E Culler (PI). Networked systems
  architecture, OS, PL. NOW, Active Messages, TAM,
  dataflow.
• Eric Brewer. SW Arch. Scalable Services. Inktomi,
  Ninja, BARWAN, infopad.
• David Wagner. Security, PL. Twofish, WEP, Janus.
• Shankar Sastry. Distributed Control, Robotics,
  Game theory.
• Kris Pister. MEMS, low-power design,
  microrobotics. SmartDust.
• Collaboration with Intel Berkeley Lab, crossbow.

4
Flexible, low-power wireless platform

• secondary storage

• power reg monitor

• packaging

5
Current Prototype

• system board
• ATMEL 4Mhz, 8bit MCU, 512 bytes RAM, 8K pgm flash
• 900Mhz Radio (RF Monolithics) 1-100 ft. range
• ATMEL network pgming assist
• Radio Signal strength control and sensing
• I2C EPROM (logging)
• Base-station ready
• stackable expansion connector
• all ports, i2c, pwr, clock
• sensor boards
• basic photo, temp proto
• vibrations (2d acc, temp, LIGHT)
• accelerometers
• magnetometers
• tiny weather station (temp,light,hum,press)
• current, temp, light
• power controller
• 15 mA peak, 15uA standby

6
Platform Roll-Out

• Phase 1 _at_ 6 months gt algorithm studies
• inch-scale, low-power, 900 MHz wireless,
  sense/act nodes
• TinyOS event-driven system environment
• 100 nodes base-stations, tinyOS, tools for lt
  25K
• Jan. 2002 Tutorial Workshop
• Phase 2 30 months gt composition of algs
• similar physical scale and numbers
• ARM power, Bluetooth phy
• integrated system
• Secure NEST OS
• FSM programming with resilient aggregation
• Tutorial Workshop
• Phase 3 40 months ultra-low power design study

7
SW Platform

• Tiny event-driven component OS
• allows NEST abstractions to emerge and each level
• Language-based robustness and optimization
• eg., critical path and jitter analysis
• inter-component transformations
• narrow interface with simple IDL
• Tiny networking
• power-aware appln-specific ad hoc routing, MAC,
  transmission control
• in network aggregation
• in situ programming
• Algorithm building blocks
• Local multicast
• event-driven reception
• intelligent pruning of retransmission
• non-blocking execution

8
Tiny OS Concepts

• Scheduler Graph of Components
• constrained two-level scheduling model threads
  events
• Component
• Commands,
• Event Handlers
• Frame (storage)
• Tasks (concurrency)
• Constrained Storage Model
• frame per component, shared stack, no heap
• Rich expression of concurrency
• Very lean multithreading
• Efficient Layering

Events
Commands
send_msg(addr, type, data)
power(mode)
init
Messaging Component
Internal State
internal thread
TX_packet(buf)
Power(mode)
TX_packet_done (success)
init
RX_packet_done (buffer)
9
TinyOS Application Component Graph
Route map
router
sensor appln
application
Active Messages
Radio Packet
Serial Packet
packet
Temp
photo
SW
HW
Example ad hoc, multi-hop routing of photo
sensor readings
UART
Radio byte
ADC
byte
clocks
RFM
bit
entire 3.5 kb typical comp 100s b
10
Programming Environment Tools

• Provide support for event-driven programming,
  composition, debugging visualization in the
  small (node) and large (collection)
• Emulation gt simulation gt real devices
• identical APIs, range of visibility, and reality
• Debugging and visualization tools
• geared toward many interacting nodes
  event-centric development
• Application-Specific Virtual Machines
• analogous to query-plan vs query-processing
  engine
• FSM-based programming abstractions
• Macrocomputing

11
FSM-based Software Approach

• Fundamentally, we are not computing, we are
  moving data intelligently
• threads are a computing abstraction, FSMs are a
  protocol abstraction
• use FSMs as the base then add some computing
• natural high concurrency
• natural handling of events, exceptions, and the
  environment
• tools for understanding stability (e.g markov
  models, game theory, control theory)
• composition is separate from creation
• late bind the callee in a separate step called
  "composition"

12
Macrocomputing

• Program a large, unstructured collection in
  aggregate
• Single program, multiple data
• but errors and probabilistic behavior
• unstructured collection
• global variables that reflect collections
• need to handle error propagation
• scatter/gather for collections?
• online query processing?
• multi-WEbS abstractions

13
Security

• Individual nodes may be compromised, but hard to
  get large fraction of nodes.
• Attacks introduce another form of unreliability
  in the data.
• Lightweight encryption/decryption,
  authentication.
• Novel protocols to support aggregate operations,
  eg., broadcast, w/o shared root key
• Resilient aggregation

14
Resilient Aggregators

• operate in the face of faulty nodes, intermittent
  communication, and security attacks
• ex max is not resilient, nine-tile is.
• develop algebra of resilient aggregators
• Random sampling as implementation
• foundation for security model
• easy to attack a node
• hard to attack large fraction of the nodes

15
Simulation

• Large-scale NEST simulator
• very large number of small nodes
• integrated with event-driven OS design for
  efficiency
• checkpointing
• Adversarial simulation mode
• Detecting composition bugs and scaling bugs
• Target failure search for bugs
• test race conditions automatically
• pick orders that consume resources
• more efficient than random-walk testing
• simulator is an adversary
• guided search
• Hybrid simulator/testbed

16
Test-bed Kits

• in situ programming/upgrade and debugging
• synchronized logging (trace extraction)
• passive monitoring
• data collection

17
Challenge App pursuer/evader contest
active markers

• Terrain with obstacles
• not accurately mapped

obstacles

• UAVs (pursuers) capable of
• flying between obstacles
• seeing a limited region
• placing active markers

UAVs

• Active Markers
• form sensor field

• Evader capable of
• moving between obstacles (possibly actively
  avoiding detection)

evader
18
Closed-loop at many levels

• Within a node
• behavior adapts to available energy, physical
  measurements, network condition
• Across the network
• discovery and routing, transmission rate and
  schedule
• adopting roles,
• Within the middleware components
• synchronization, scheduling
• On the vehicle
• direction, stability, probabalistic map building
• Among the vehicles
• competitive, hidden markov decision processes

19
Intermediate Applications

• active space starter
• steerable cameras and other fixed assets
• mobile agents with transponders
• stationary (partially) sensor field
• interactive control loop
• flocks of moving vehicle intermediate

20
Integration Linkages

• Receive platform wish-list till aug. freeze
• Major tutorial workshop to deliver platform and
  train at 6 and 30 months
• SW platform releases every 6 months
• Intermediate SW platform releases
• Push platform kits so middleware developed AND
  tested in your labs at scale with real limits
• Group email archive, calendar, etc
• http//groups.yahoo.com/group/NESTtinyOEP
• mailto NESTtinyOEP_at_yahoogroups.com
• Sequence of application development forums

21
Specific Problems addressed

• Unattended, low-power, small form-factor
  connected devices deployed in large number
• Tiny OS for comm/sense/control
• Power Constrained Networking, Security
• Programming environment and tools
• component analysis and optimization
• FSM programming composition
• Resilient Aggregation
• Macrocomputing programming the collection
• Analysis and testing of integrated distributed
  systems
• Pursuer/Evader challenge in fine-grain
  distributed control