Title: Secure Language-Based Adaptive Service Platform (SLAP) for Large-Scale Embedded Sensor Networks
1Secure Language-Based Adaptive Service Platform
(SLAP) for Large-Scale Embedded Sensor Networks
- David Culler
- Eric Brewer Dave Wagner
- Shankar Sastry Kris Pister
- University of California, Berkeley
2OEP will deliver to you...
- An Open, interesting, flexible, low-power
experimental wireless sensor/actuator platform - early in the program
- 6 months, then 30 months
- at significant scale
- 100 tiny nodes per kit
- With a novel event-driven tiny component OS
- easily customized to particular applications
- FSM programming environment for distributed
control algorithms and applications - Powerful adversarial simulation environment
- Empirical test-bed facility
- and develop a challenge application
3Composition of the Team
- David E Culler (PI). Networked systems
architecture, OS, PL. NOW, Active Messages, TAM,
dataflow. - Eric Brewer. SW Arch. Scalable Services. Inktomi,
Ninja, BARWAN, infopad. - David Wagner. Security, PL. Twofish, WEP, Janus.
- Shankar Sastry. Distributed Control, Robotics,
Game theory. - Kris Pister. MEMS, low-power design,
microrobotics. SmartDust. - Collaboration with Intel Berkeley Lab, crossbow.
4Flexible, low-power wireless platform
5Current Prototype
- system board
- ATMEL 4Mhz, 8bit MCU, 512 bytes RAM, 8K pgm flash
- 900Mhz Radio (RF Monolithics) 1-100 ft. range
- ATMEL network pgming assist
- Radio Signal strength control and sensing
- I2C EPROM (logging)
- Base-station ready
- stackable expansion connector
- all ports, i2c, pwr, clock
- sensor boards
- basic photo, temp proto
- vibrations (2d acc, temp, LIGHT)
- accelerometers
- magnetometers
- tiny weather station (temp,light,hum,press)
- current, temp, light
- power controller
- 15 mA peak, 15uA standby
6Platform Roll-Out
- Phase 1 _at_ 6 months gt algorithm studies
- inch-scale, low-power, 900 MHz wireless,
sense/act nodes - TinyOS event-driven system environment
- 100 nodes base-stations, tinyOS, tools for lt
25K - Jan. 2002 Tutorial Workshop
- Phase 2 30 months gt composition of algs
- similar physical scale and numbers
- ARM power, Bluetooth phy
- integrated system
- Secure NEST OS
- FSM programming with resilient aggregation
- Tutorial Workshop
- Phase 3 40 months ultra-low power design study
7SW Platform
- Tiny event-driven component OS
- allows NEST abstractions to emerge and each level
- Language-based robustness and optimization
- eg., critical path and jitter analysis
- inter-component transformations
- narrow interface with simple IDL
- Tiny networking
- power-aware appln-specific ad hoc routing, MAC,
transmission control - in network aggregation
- in situ programming
- Algorithm building blocks
- Local multicast
- event-driven reception
- intelligent pruning of retransmission
- non-blocking execution
8Tiny OS Concepts
- Scheduler Graph of Components
- constrained two-level scheduling model threads
events - Component
- Commands,
- Event Handlers
- Frame (storage)
- Tasks (concurrency)
- Constrained Storage Model
- frame per component, shared stack, no heap
- Rich expression of concurrency
- Very lean multithreading
- Efficient Layering
Events
Commands
send_msg(addr, type, data)
power(mode)
init
Messaging Component
Internal State
internal thread
TX_packet(buf)
Power(mode)
TX_packet_done (success)
init
RX_packet_done (buffer)
9TinyOS Application Component Graph
Route map
router
sensor appln
application
Active Messages
Radio Packet
Serial Packet
packet
Temp
photo
SW
HW
Example ad hoc, multi-hop routing of photo
sensor readings
UART
Radio byte
ADC
byte
clocks
RFM
bit
entire 3.5 kb typical comp 100s b
10Programming Environment Tools
- Provide support for event-driven programming,
composition, debugging visualization in the
small (node) and large (collection) - Emulation gt simulation gt real devices
- identical APIs, range of visibility, and reality
- Debugging and visualization tools
- geared toward many interacting nodes
event-centric development - Application-Specific Virtual Machines
- analogous to query-plan vs query-processing
engine - FSM-based programming abstractions
- Macrocomputing
11FSM-based Software Approach
- Fundamentally, we are not computing, we are
moving data intelligently - threads are a computing abstraction, FSMs are a
protocol abstraction - use FSMs as the base then add some computing
- natural high concurrency
- natural handling of events, exceptions, and the
environment - tools for understanding stability (e.g markov
models, game theory, control theory) - composition is separate from creation
- late bind the callee in a separate step called
"composition"
12Macrocomputing
- Program a large, unstructured collection in
aggregate - Single program, multiple data
- but errors and probabilistic behavior
- unstructured collection
- global variables that reflect collections
- need to handle error propagation
- scatter/gather for collections?
- online query processing?
- multi-WEbS abstractions
13Security
- Individual nodes may be compromised, but hard to
get large fraction of nodes. - Attacks introduce another form of unreliability
in the data. - Lightweight encryption/decryption,
authentication. - Novel protocols to support aggregate operations,
eg., broadcast, w/o shared root key - Resilient aggregation
14Resilient Aggregators
- operate in the face of faulty nodes, intermittent
communication, and security attacks - ex max is not resilient, nine-tile is.
- develop algebra of resilient aggregators
- Random sampling as implementation
- foundation for security model
- easy to attack a node
- hard to attack large fraction of the nodes
15Simulation
- Large-scale NEST simulator
- very large number of small nodes
- integrated with event-driven OS design for
efficiency - checkpointing
- Adversarial simulation mode
- Detecting composition bugs and scaling bugs
- Target failure search for bugs
- test race conditions automatically
- pick orders that consume resources
- more efficient than random-walk testing
- simulator is an adversary
- guided search
- Hybrid simulator/testbed
16Test-bed Kits
- in situ programming/upgrade and debugging
- synchronized logging (trace extraction)
- passive monitoring
- data collection
17Challenge App pursuer/evader contest
active markers
- Terrain with obstacles
- not accurately mapped
obstacles
- UAVs (pursuers) capable of
- flying between obstacles
- seeing a limited region
- placing active markers
UAVs
- Active Markers
- form sensor field
- Evader capable of
- moving between obstacles (possibly actively
avoiding detection)
evader
18Closed-loop at many levels
- Within a node
- behavior adapts to available energy, physical
measurements, network condition - Across the network
- discovery and routing, transmission rate and
schedule - adopting roles,
- Within the middleware components
- synchronization, scheduling
- On the vehicle
- direction, stability, probabalistic map building
- Among the vehicles
- competitive, hidden markov decision processes
19Intermediate Applications
- active space starter
- steerable cameras and other fixed assets
- mobile agents with transponders
- stationary (partially) sensor field
- interactive control loop
- flocks of moving vehicle intermediate
20Integration Linkages
- Receive platform wish-list till aug. freeze
- Major tutorial workshop to deliver platform and
train at 6 and 30 months - SW platform releases every 6 months
- Intermediate SW platform releases
- Push platform kits so middleware developed AND
tested in your labs at scale with real limits - Group email archive, calendar, etc
- http//groups.yahoo.com/group/NESTtinyOEP
- mailto NESTtinyOEP_at_yahoogroups.com
- Sequence of application development forums
21Specific Problems addressed
- Unattended, low-power, small form-factor
connected devices deployed in large number - Tiny OS for comm/sense/control
- Power Constrained Networking, Security
- Programming environment and tools
- component analysis and optimization
- FSM programming composition
- Resilient Aggregation
- Macrocomputing programming the collection
- Analysis and testing of integrated distributed
systems - Pursuer/Evader challenge in fine-grain
distributed control