wireless sensor network reliability and security in factory automation: a survey

IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART C: APPLICATIONS AND REVIEWS, VOL. 42, NO. 6, NOVEMBER 2012 1243

Wireless Sensor Network Reliability and Security inFactory Automation: A Survey

Kamrul Islam, Weiming Shen, Senior Member, IEEE, and Xianbin Wang, Senior Member, IEEE

Abstract—Industries can benefit a lot from integrating sensorsin industrial plants, structures, machinery, shop floors, and othercritical places and utilizing their sensing and monitoring power,communicating and processing abilities to deliver sensed informa-tion. Proper use of wireless sensor networks (WSNs) can lower therate of catastrophic failures, and improve the efficiency and pro-ductivity of factory operations. Ensuring reliability and providingadequate security in these crucial services provided by WSNs willreinforce their acceptability as a viable and dependable technologyin the factory and industrial domain. In this paper, we examinethe reliability and security challenges of WSNs and survey theirpracticality for industrial adoption. We discuss the unique char-acteristics that distinguish the factory environment from the rest,elaborate on security and reliability issues with their respective so-lution measures, and analyze the existing WSN architectures andstandards. A number of challenges and interesting research issueshave emerged from this study and have been reported for furtherinvestigation.

Index Terms—Cryptography, factory automation, reliability,security, wireless sensor networks (WSNs).

I. INTRODUCTION

IN today’s world, industries, companies, and manufacturersare faced with constant and increased supplies of products,

and growing demands for services. In order to improve processefficiencies, deliver quality products, and ensure timeliness andaccuracy of systems, intelligent and low-cost automation of in-dustrial processes are crucial. Although industries have beenusing sensors for a while for the purpose of providing controland real-time support, most of them are based on expensive andcomplex wired solutions [1]. Wireless sensor networks (WSNs)in factory automation bring an array of advantages over wiredsystems in terms of ease of deployment of sensor networks,elimination of the need of complex, expensive, and often verydifficult installation of wired systems, flexibility in placing sen-sors in sensitive and critical positions, lower operating costsin the harsh factory environment, data redundancy, packet er-

Manuscript received November 1, 2011; revised February 1, 2012; May 31,2012; accepted June 15, 2012. Date of current version December 17, 2012. Thispaper was recommended by Associate Editor K. Hall.

K. Islam was with the Department of Electrical and Computer Engineering,University of Western Ontario, London, ON N6A 3K7, Canada, and with theCanada, London, ON, Canada, N6G 4X8. He is now with Phoenix InteractiveDesign Inc., London, ON N6B 3P2, Canada. (e-mail: [email protected]).

W. Shen is with the National Research Council, Canada, London, ON, Canada,N6G 4X8 (e-mail: [email protected]).

X. Wang is with the Department of Electrical and Computer Engineering,University of Western Ontario, London, ON N6A 3K7, Canada (e-mail: [email protected]).

Digital Object Identifier 10.1109/TSMCC.2012.2205680

rors and large-scale deployment, and so on. Furthermore, theself-configuring and self-organizing capabilities of WSNs makethem an ideal choice for ensuring energy-efficient services andreliable management at hazardous plants, assembly lines, andhigh-asset protection applications [2], [3].

The atmosphere of a typical factory or a manufacturing plantcan be uniquely characterized by conditions such as the rotationof machinery, tools’ mobility, metallic frictions and reflections,equipment noise generated from equipments, boiler, and enginevibrations, humidity and temperature fluctuations, the unprece-dented presence of obstacles, co-channel interference, and so on.These stringent situations may render the wired systems imprac-tical in certain industry applications and demand the isolationof cables. The use of redundant wires to enhance reliability ofoperations in case of failure adds extra complexity which is ex-acerbated when certain machines, tools, or equipment connectedby wires need to be relocated. Due to these factors, wireless so-lutions appear as the most attractive and viable solution in thisdomain.

In this paper, we provide a short survey on reliability andsecurity issues of WSNs in industrial automation and controlsystems. As wireless networks are intended to replace wired so-lutions in factory applications in order to provide uninterrupted,reliable, secure, time-critical and quality services, control andreal-time monitoring, substantial effort is required to analyze thereliability and security issues of WSNs in the face of the harshindustrial environment. In Section II, general characteristics ofWSNs are briefly described followed by some WSN applica-tions in the industrial and factory environment in Section III.Section IV elaborates on reliability issues that exist in the harshindustrial conditions and that can interfere with wireless net-works and some relative solution measures are outlined. Wediscuss about the need for security, security issues, and char-acterize different attacks and their countermeasures in SectionV. A number of cryptographic methods currently used in thewireless environment along with existing security paradigmsand standards are discussed in Sections VI and VII, respec-tively. Some research problems have been identified from thissurvey and presented in Section VIII, followed by conclusionsin Section IX.

II. CHARACTERISTICS OF WIRELESS SENSOR NETWORKS IN

FACTORY AUTOMATION

WSN [50], [51] are comprised of a large number of tiny,energy-constrained sensor nodes with weak processors and asmall amount of memory. An individual sensor node is com-posed of sensor circuitry to measure, e.g., temperature or hu-midity, a microcontroller, a wireless transceiver, and an energy

1094-6977/$31.00 © 2012 IEEE

1244 IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART C: APPLICATIONS AND REVIEWS, VOL. 42, NO. 6, NOVEMBER 2012

supply, most often a battery. While each individual node haslimited computational capabilities, the nodes can communicatewirelessly and perform collaborative signal processing tasks.

In the following, we review some unique characteristics thatare inherent to any WSNs [6].

Resource Constraints: Nodes in a WSN are typically batterypowered and have limited processing and computational capa-bilities coupled with less available memory. These constraintsforce researchers to look for alternatives ways, unlike traditionalmeasures to design secured systems, to design and implementsecurity algorithms and techniques in WSNs.

Harsh Environments and Dynamic Topology: In industrialenvironments, the topology and connectivity of the deployednetwork may not be stable because of the possibility of linkand node failures. Nodes can malfunction and lose connectivitybecause of harsh conditions present in the factory environmentsuch as the presence of obstacles, RF interference, vibrationcaused by motors, humidity levels and variations in temperature,dirt and dust, etc. [13]. Besides, they are also vulnerable to phys-ical damage and tampering if deployed in a less secured area.

Quality of Service and Other Issues: Quality of Service (QoS)refers to “the collective effect of service performance which de-termines the degree of satisfaction of a user of the service” [7]which can be further enhanced to “well defined and controllablebehavior of a system with respect to quantitative parameters”[8]. Diverse applications of WSNs in factories and industriesproducing different goods require customized QoS. In WSNs,QoS requirement will possibly be different than in wired net-work systems because of WSN characteristics mentioned earlier.

Another issue is the requirement of time sensitivity, i.e., time-critical data should reach the base station at near real time [6]depending on the level of urgency such as machine failures orunusual events. Furthermore, as link and node failures are notuncommon to WSNs, ensuring timeliness in reporting data tothe sink is a challenging endeavor. In addition, due to the den-sity and physical proximity of sensors in the network topology,redundancy arises in the data collected by nearby sensors. Thissituation might affect the uniqueness of data collected and sentto the base station if proper data aggregation techniques arenot followed to alleviate this. However, most important is theaggregated data received by the base station as this informa-tion will be the basis for taking appropriate actions in case ofan emergency. Since power-constraint sensors generally do notsend data collected from “events” happening in the field directlyto the base, there might be some difference between what thebase receives as aggregated data and what is actually occurring.

III. SAMPLE WIRELESS SENSOR NETWORK

INDUSTRIAL DEPLOYMENTS

Companies, process industries, and manufacturing plants areincreasingly relying on information gained from networks ofsensors installed at key points throughout the factory or fieldsite. This technology is gaining momentum as it does not involvecomplex infrastructures or procedures to do monitoring, sensing,and measuring data from inaccessible areas. A wide spectrum ofindustries, such as oil pipelines and refineries, pharmaceutical

and chemical companies, food and beverage manufacturers, andpower plants, are deploying wireless networks to monitor non-trivial activities, such as air pressure, electrical current, weightload, fuel levels, temperature, corrosion, pipe flow, seismic ac-tivity [87] along with data regarding the machine’s state, andefficiency which are critical to the effective and efficient safeoperation of the corresponding processes.

Through detecting random and/or unusual events, collect-ing and analyzing periodic data and samples, generating alarmsand notifying controllers, estimating and tracking states of ma-chines, instruments, and equipments, etc. [1], [49], this tech-nology allows people to remotely acquire control and access ofreal-time data and make decisions based on the information pro-duced by the network. Existing process control and managementsystems and other wired and wireless devices can be combinedwith sensor networks and possibly integrated with the Internetto easily control and manipulate systems from anywhere and atanytime.

Some interesting applications of WSNs that are mentionedin [95] include straightforward cable replacement of wired sen-sors to make room for the temperature and vibration measuringsensors, motor vibration monitoring sensors, [88]–[91], [93], ascertain locations in the physical space make wiring impossi-ble or require cable isolation. WSNs are used to enable condi-tion monitoring systems such as reporting (periodic) state in-formation of small motors and machine tool performance [92]statistics. In these deployments, the sensors support machinerymaintenance by detecting unusual and rare conditions and gen-erating alarms for taking immediate actions if abnormal eventsoccur and sending the measurements to the sink or controller.In addition, WSNs enable new in situ motor analysis opportuni-ties previously not possible with wired sensors including agent-based steady-state motor analysis and on-board oil analysis [94].Complex and risky systems, such as in nuclear power plants,take advantage of wireless networks for more accurate multi-sensor machinery diagnostics and prognostics monitoring [96].Machine health monitoring using wireless sensors has becomecommonplace in the factory domain. Ramamurthy et al. [97]mention the usage of wireless networks where RF identificationtags are used to enable secure access to a technician equippedwith a mobile computer.

Applications of WSNs to machine tool monitoring includ-ing temperature measurement sensors for end-mill inserts andvibration-based condition monitoring for tool breakage havebeen cited in [98] and [94], respectively. In addition, wirelessnetworks offer new opportunities, such as multisensor data fu-sion methods, to estimate tool wear using vibration monitoringof the spindle and workpiece. Wireless sensing of current, volt-age, and acoustic emission signals is reported [99].

A technique to enhance reliability and throughput of indus-trial networks has been proposed [100]. The authors exploit timeand frequency diversity in IEEE 802.15.4 industrial networkswith the goal of providing real-time guarantees, with increasedreliability and throughput. In their work, reliability is ensuredthrough retransmissions, while assuming predictable mediumaccess and real-time analysis admission control. Miskowiczand Koscielnik [101] study reliability in data transmission

ISLAM et al.: WIRELESS SENSOR NETWORK RELIABILITY AND SECURITY IN FACTORY AUTOMATION: A SURVEY 1245

using analytical modeling of probabilities of failures of trans-missions in the industrial domain. It provides a systematic ap-proach to estimate the desired reliability of the message deliveryin such domain and configure the appropriate number of re-tries. On the other hand, Fischione et al. [102] ensure a desiredpacket delivery and delay probabilities, while minimizing theenergy consumption of the network in industrial control appli-cations. The protocol is based on randomized routing, mediumaccess control, and duty cycling jointly optimized for energyefficiency. The design approach relies on a constrained opti-mization problem, whereby the objective function is the energyconsumption and the constraints are the packet reliability anddelay.

IV. RELIABILITY ISSUES IN THE INDUSTRIAL DOMAIN

The reliability, accuracy, and time criticality [37] of data gen-erated and transmitted in wireless networks are probably themost critical factors that need to be ensured in any industrialenvironments. As sensor networks carry, share, and transmitfactory-specific, sensitive, and important data, it is essential toguarantee that accurate data are measured, reliably transmitted,and received by the destination in a timely manner. Meetingdeadlines of data communications is extremely important inindustrial automation [34]–[36], where unwanted delay or fail-ure of communication can cause havoc in the production line,disrupt service, lead machine failure or damage, or even jeopar-dize the lives of people working. On the other hand, misreadingdata, sharing, and transmitting, it can have similar impact sincemachinery is assumed to be precisely controlled by the accu-racy of timely data. Since the wireless channel is random andtime varying, the classical deterministic performance measureslike the worst case transmission times should be replaced byprobabilistic measures to design a reliable wireless system. Inaddition, introducing sufficient redundancy in terms of numberof sensors to sense and route data for certain tasks can guaranteemessage reception on time. A detailed discussion about proba-bilistic measures and the analysis of transmissions times can befound in [38]–[41].

Characteristics of the Industry Environment: Wireless net-works used in the industrial domain are expected to performtheir operations smoothly under such a broad range of stringentoperations conditions [43], [44]. As to the sensing networks de-signed for such purposes must consider the issues of co-channelinterference, signal loss, or fading due to metallic machinery,the presence of obstacles; the effects of variations of operatingtemperature, pressure, and humidity; and the impact of noiseand vibrations generated from engines; boilers, rotations of ma-chinery, airborne contaminants, etc., on the sensing and datacommunications ability of the network.

Interference is a big problem in the industry. It is causedby a multitude of sources and can easily affect the wireless net-work by disrupting communications since wireless technologiesuse unlicensed bands. Interference happens when the detectionof an original signal generated from a node of the networkis corrupted by another signal originating from other sources.The potential sources of interference include the presence of

TABLE ISOURCES OF INTERFERENCES [1]

TABLE IISECURITY SUITES SUPPORTED BY 802.15.4 [26]

nearby power lines, welders, and powerful induction motors(that generate magnetic interference and are usually referredto as broadband interferences as these signals have high en-ergy), the existing wireless RF devices and interconnectionswith wired systems [21], [42], vibrations and noise generatedfrom metallic frictions, multipath signal reflections, intentionalsignal jamming by malicious users, and so on.

There exist other sources of narrow-band interference, such aslow-energy signals, generated from test and medical equipment,UPS systems, and cellular phones. Such interference causes sig-nal corruption, which forces the sender to retransmit the datapackets repeatedly making the system vulnerable to failure ordisasters as the machine’s health may be controlled and moni-tored by stringent time requirements. This depletes the valuablebattery energy of the nodes through retransmissions. In orderto ensure reliability, more research effort and investigation isrequired to precisely understand the source, nature, and charac-teristics of interference. Some common sources of broadbandand narrow-band signals in the industry domain are given inTable I.

In the factory environment, when an event occurs, often thedecision to take appropriate action by the base depends on thereliable and accurate detection and estimation of the event’sfeatures and the collective reports of all the nodes observingthe event. As sensors are scheduled to wake up and sleep toconserve their energy, essentially the decision of the base sta-tion depends on the scheduling, locations and coordination of


these nodes, and their signal processing task. [44]. There areapplications in industry that require the sensors to be placedin critical locations (e.g., moving parts of a machine), functionunder harsh conditions to extract information and fuse them,detect complex conditions, and so on, which render the taskof frequently changing or recharging batteries difficult in fac-tory automation. Tradeoffs between stringent time deadlines,the reliability and fidelity of data, and the energy minimiza-tion of the heterogeneous sensors (that is, when different nodeshave varying energy levels, processing capabilities, and sensingmodalities [45]) should be carefully considered for smooth andefficient network management.

In the following, we elaborate on some of the possible mea-sures that are currently in use to improve the data communica-tions reliability of WSNs:

Handling Interference: Spread spectrum modulation tech-niques, in which the bandwidth of the original signal is deliber-ately spread in the frequency domain, are standard ways to han-dle interference since they are naturally resistant to interferenceand jamming and offer secure communications and multiple ac-cess capability. In the wireless environment, two main spreadspectrum techniques are used: the direct-sequence spread spec-trum (DSSS) and frequency-hopping spread spectrum (FHSS).With their relative advantages and disadvantages, they are suit-able to different applications and environment settings. DSSShas the advantage of providing higher capacities than FHSS,but it is more sensitive and influenced by environment fac-tors (mainly signal reflection) and works best with larger datapacket messages in low to medium narrow-band interferenceenvironments.

On the other hand, FHSS is robust and can resist interferencefrom spurious RF signals much better than DSSS and noises,reflections, and other radio stations have little effect. As a re-sult, FHSS is a perfect choice for high interference atmospherebecause of its strong resistance to heavy interference and its ef-fectiveness in successfully transmitting small packet messagesand data intensive applications. There are strategies that can beincorporated with this radio modulation technique to improvethe link quality and stability in industrial environments. Foursuch strategies are channel diversity, path diversity, temporaldiversity, and increased transmit power [1].

Multipath Technique: The multipath routing technique is anatural and robust way to increase reliability which comes atthe cost of energy. Data packets generated from the senderare routed via several paths with increased confidence that atleast one packet will reach the destination even if there arefailures in other routes. If signals in one path are blocked byobstacles and cannot propagate, the data may still be transmit-ted through other paths. In mesh networks, multiple paths areused to deliver a single message to guarantee its reliability to99.9 [82].

Diversity Technique: Different radios may be utilized for op-eration of various ranges with a view to switch to differentfrequencies in case certain frequencies fail to operate due tointerference. In addition, a sensor’s radio transceiver can be ca-pable of changing its transmission power to achieve differenttransmission ranges [80].

Synchronization and Identification Technique: Time synchro-nization techniques are used [83], [84] to synchronize all thenodes by time stamping the data with a global clock. This tech-nique is suitable for small networks. For special applications,the process data are also location-stamped [80], [81].

Redundancy: Redundancy could play a vital role in estab-lishing highly reliable communications systems by making surethat there will always be stand-by sensors which can take overin case some of them fail. In addition to that, since individ-ual sensor readings can be distorted or lost due to surround-ing noise and interference and can cause false alarms, it is notsufficient to rely on single sensor readings. In such scenarios,redundancy seems to be the most viable and only solution.To increase reliability in data communications and provide ahigh degree of confidence in successfully transmitting pack-ets, components in WSNs are made redundant, for example,dual gateways are highly recommended for increased reliability.However, redundancy can also be achieved through the useof multiple frequencies at the expense of additional hard-ware/software capability.

Nodes can also be equipped with additional transmission ca-pabilities. For example, nodes will have the ability to switch toa high-speed transmission mode to transmit messages directlyor just by one hop to the base or controller (which makes the de-cision) to avoid delay, when rerouting data on other paths takesmore time or communication is interrupted by obstacles. Addi-tional precautions can be taken to monitor the sensor themselvesto make sure they are all active, healthy, and capable of providingthe desired services (e.g., generating alarms, messages, commu-nicating with other nodes, etc.). Proper measures or responsiveactions must be carried out when certain nodes fail or packetlosses occur which in turn affect the normal functioning ofthe network. Several postactive countermeasures are mentionedin [80] including replacing the dead or damaged nodes, imple-menting fault tolerance methods, formatting new routing paths,adjusting the transmission power and sampling rates, commis-sioning the device into a fail-safe mode, etc. [85], [86].

V. SENSOR NETWORK SECURITY

A. Need for Secure Wireless Sensor Networks in Industry

Manufacturers are increasingly taking advantage of infor-mation received from wireless networks monitoring, collectingand analyzing important data about expensive and complex ma-chinery and their states, and sophisticated control and processmanagement systems. This technology allows the engineers toacquire, interact, and control the real-time data of wireless sen-sor and actuator networks of the factory at anytime. Moreover,the adoption of multiple network technologies in a single en-vironment is becoming common today. Such networks are rou-tinely connected with the back-end enterprise software as wellas the Internet web services [1]. At the same time, the verynature of the wireless medium opens up security, reliability,and privacy issues. The integration of such a wide range of de-vices, networks, and different technologies, together with theInternet, leaves no room for not seriously considering the state-of-the art security issues, architectures, protection, and defense


mechanisms in WSNs. Thus, the traditional security threats, at-tacks, and defense mechanisms that exist for wired and othercomputer and communications networks also may possibly ap-ply for wireless networks if energy consideration is not of primeconcern.

Basically security, reliability, and privacy are all intertwined.The need to guarantee information privacy and security in-creases proportionately with reliability since enhancing relia-bility requires more cooperation, interaction, and involvementof surrounding sensors or other networks which may not betrusted. As the network is expected to carry, share, and transmitsensitive and nontrivial data, it is essential, in the absence ofproper security measures, to ensure that data are protected at alltimes since the potential attackers can eavesdrop, interfere, anddisrupt the wireless communication.

Without protection mechanisms, the network could malfunc-tion and degrade the QoS, introduce unpredictable delay, or evenhalt production hampering product delivery. Besides, sensorscan be captured and reprogrammed by adversaries to produceand communicate incorrect or false data readings, such as vi-brations, temperatures, rotations, and movements of parts whichcould seriously disrupt production, damage machines or equip-ment, cause explosions, and endanger lives. In addition, becauseof a lack of proper security, sensors can be made to run out ofenergy by making them continuously busy with sensing, dis-seminating, and transmitting false data which eventually leadsto the network being disabled.

In order to provide complete security to the network, securitymust be integrated into every node of the system; otherwise,an insecure network component could be a point of attack andcould render the whole system inoperable [9]. That is why se-curity must prevail in every aspect of the design of any WSNapplication requiring a high level of security. It is obvious thatwithout any protective mechanism, the network could sufferfrom attacks or malfunctions that disrupt the services providedby the sensor network [12]. Care should be exercised in identify-ing possible threats and attacks such as eavesdropping, injectionand/or modification of data packets, and applying the standardmethods of protection against them.

B. Security Objectives

Security objectives of electronic information are determinedbased on the kinds of threats and vulnerabilities that can be in-flicted. While vulnerability deals with the opportunity to causedamage because of a logical design or implementation flaw, athreat arises from an attacker trying to find and exploit the vul-nerability in order to inflict damage [52]. When dealing withsecurity in WSNs, the following are some essential security re-quirements that are often measured to compare the performanceof various secured systems.

1) Confidentiality: The confidentiality objective refers to pre-venting the disclosure of information to unauthorized per-sons, parties, or systems. Confidentiality secures the net-work by preventing untrustworthy parties from accessingthe data generated (e.g., domain-specific information, suchas product recipes or plant performance) and transmitted

in the network. In other words, an eavesdropper shouldnot be able to extract the content of a confidential mes-sage [4], [5].

2) Integrity: The integrity objective refers to preventing falsi-fication, modification of data transmitted in the network byunauthorized/untrusted persons or systems. More specifi-cally, in the automation system, this applies to informationsuch as product recipes, sensor values, or control com-mands. This objective includes defense against informa-tion modification via message injection, message replay,and message delay on the network. Violation of integritymay cause safety issues, i.e., equipment or people may beharmed [52].

3) Authenticity: Authentication is the act of confirming thetrue identity of a system user or entity and mapping ofthis identity to a system-internal principal (e.g., valid useraccount) by which this user is known to the system. Inother words, authentication distinguishes between legiti-mate and illegitimate users in a system [4], [5], [52].

4) Freshness: Freshness could mean data freshness and keyfreshness. It concerns whether the data produced in thesystem are recent and ensures no adversary generates oldmessages. This is important in the context of industrysince sensors often sense and transmit time-varying dataand time criticality must be ensured for the smooth andsafe functioning of the system.

5) Availability: Availability refers to ensuring that unautho-rized persons or systems cannot deny access system of re-sources to authorized users. For automation systems, thisrefers to all the IT elements of the plant, like control sys-tems, safety systems, operator workstations, engineeringworkstations, manufacturing execution systems, as wellas the communication systems between these elementsand to the outside world. In simple words, the availabil-ity of services ensures that only authorized entities canaccess data, services, and other available resources whenrequested. Violation of availability, which is also knownas denial of service (DoS), may not only cause damagebut may also affect safety issues as operators may lose theability to monitor and control the process [52].

6) Nonrepudiability: Nonrepudiability refers to the state thata service that provides proof of the integrity and originof data, i.e., an authentication that with high assurancecan be asserted to be genuine. This security objective isrelevant to establish accountability and liability. In thecontext of automation systems, this is most important withregard to regulatory requirements, e.g., U.S. Food andDrug Administration approval. Violation of this securityobjective has typically legal/commercial consequences,but no safety implications [52].

C. Characteristics of Attacks in Wireless Sensor Networks

Although the security objectives mentioned earlier are genericin the sense that they can be applied to both wired and wirelesssolutions, the wireless nature of the communication betweensensors and devices makes these objectives more vulnerable,


as there is no apparent physical boundary of the transmissionmedium [13]. However, based on a specific need, function andenvironment industries can select the possible security objec-tives that need to be ensured. Among the attacks that can bemounted on such wireless systems, we briefly elaborate on afew of them. In the following, we discuss potential attacks andtheir general defense mechanisms, which in fact is applicable inany WSN applications whether it be industrial or manufacturingplants, home and environment monitoring, medical and health,military battlefield, and so on.

Attacks are mainly categorized into two types: outside andinside attacks. In an outside attack, an outsider adversary orattacker is not a participant of the network, while an insideattack consists of attacking nodes by running malicious code inthem [13].

1) Eavesdropping: Eavesdropping is an outside attack wherean adversary can choose to passively eavesdrop on thenetwork communication and steal the data. Through pas-sive eavesdropping, adversaries apparently eliminate theirpresence in the network and make such attacks difficult todetect. The goal of such an attack is to violate the confiden-tiality of the communications by intercepting the networkand sniffing or listening to the routing packets.In some cases, instead of completely being passive, aneavesdropper can use advanced techniques to send queriesto see what is going on in the network or try to determinethe content of the packets in order to gain more infor-mation [54]. Moreover, an adversary can actively influ-ence the communication channel by disrupting, jamming,or modifying the network packets and/or inserting falsepackets into the network. Jamming happens at the physicallayer which may cause interference at different frequen-cies in an intermittent or constant manner that can makecommunication impossible.Detection and Prevention: Using a sufficiently strong en-cryption and decryption technique, one can obtain soundprotection against eavesdropping. Proper authenticationand integrity mechanisms can ward off such active eaves-dropping. On the other hand, standard defense againstjamming include various forms of spread spectrum (e.g.,DSSS and FHSS) and frequency-hopping communica-tions and maintaining a low-duty cycle, locating the jam-ming area, rerouting transmissions, etc. [63].

2) Denial of Service: WSNs can suffer from the DoS at-tacks which occur when attackers use PC or laptops totransmit signals in order to interfere with the RFs beingused by the network. Such a DoS can also be visible atthe data link layer where, in order to disrupt the commu-nication protocols whether it be industry standards suchas IEEE 802.15.4 or ZigBee, attacks are committed bytransmitting a continuous stream of messages with a viewto generating collisions. These collisions lead sensors toretransmit messages indefinitely and render them inoper-ative by exhausting battery power. As a result, the sensorsconsume their valuable computational resources, such asbandwidth, and processor time. Other problems includedisruption of configuration information, such as routing

information, an obstruction of the communication mediabetween the intended users so they can no longer commu-nicate adequately.Detection and Prevention: A probabilistic measure tocounter collisions is to rely on random back-offs whichdecreases the rate of collisions. As reported in [63], one ofthe most promising solutions for reducing collisions is ratelimiting in medium access control and using small framesizes. The authors in [65]–[67] present several mecha-nisms that identify such malfunctioned and misbehavingnodes based on the rating of how well they are performingservices as requested [64] and help routing protocols avoidthem. Virtual currency systems [68]–[70] use currency topay to nodes (payment is made by the sender) who for-ward the messages of sender nodes. The advantage of thismethod is that it discourages nodes to flood packets in thesystems.In [107] and [108], Zhou et al. propose novel algo-rithms that detect internal attacks by using both mes-sage and route redundancy during route discovery. Theroute-discovery messages are protected by pairwise secretkeys between a source and destination and some inter-mediate nodes along a route established by using public-key cryptographic mechanisms. An optimal routing algo-rithm [107] with a routing metric combining both require-ments on a node’s trustworthiness and performance hasalso been presented.

3) Node Compromise: Node compromise is one of the majorproblems in WSNs that leads to inside attacks. It is akind of act by which a legitimate node in the networkis captured and compromised, i.e., reprogrammed by anadversary. In situations where it is not feasible for anadversary to physically capture and reprogram nodes in thenetwork, he/she can use a laptop, which is more powerfulin terms of computing and radio power, to communicatewith sensors and insert malicious code without movingto their locations or physically touching them. With this,a compromised node running malicious code, disguisedas a legitimate node, continuously seeks to find ways todisrupt the communication and paralyze the network [53].However, a node compromise attack is severe when thebase node is compromised.The malicious activities commonly done by a compro-mised node include stealing secrets from the encrypteddata, reporting wrong and misleading information to thenetwork, reporting other legitimate nodes as compromisednodes, launching different routing attacks, and so on. Allthese attacks are very difficult to detect and encryptionmethods have little effect to counter them. This is becausethese compromised nodes still hold at least some legiti-mate secret cryptographic keys used in the network. Chanand Perrig [57] document a number of attacks that can belaunched using nodes compromised in WSNs.Detection and Prevention: The best way to counter nodecompromise is to utilize code testing schemes [71], [72],which employ an optimal program verification process toverify the memory of a sensor node by calculating the hash


values of randomly selected memory regions. Anothermethod suggested in [73] detects nodes compromised bycomparing the previous position of the nodes with theircurrent positions, assuming that node compromise must bedone by physically capturing a node, and reprogrammingand, then, redeploying it in the network.

4) Selective Forwarding: Numerous types of attacks havebeen mentioned [15], [28] in the network layer. WSNsare sometimes vulnerable to an attack known as selectiveforwarding, where a malicious or reprogrammed node canforward or drop certain packets and ensure that they arenot propagated. This malicious activity, in turn, producesunpredictable routing behavior in the network. In a moresubtle form of this attack, the adversary can selectivelyforward nodes to prove itself as a legitimate node in thenetwork. A selective forwarding attack is particularly tar-geted to sensor networks due to their multihop nature.Detection and Prevention: Karlof and Wagner [28] pro-pose a multipath routing scheme to provide protectionagainst selective routing; however, the drawback has in-creased consumption of node power due to the existenceof multiple routes for a single message transfer. Yu andXiao [78] present a distributed detection scheme that usesmultihop acknowledgments from intermediate nodes toraise alarms in the network. There are a number of inter-esting techniques [74]–[77] to protect the network fromthis attack mostly focusing on identifying intermediatemisbehaving nodes and avoiding them.

5) Sybil Attack: In Sybil attack [15], a single malicious nodecan assume the identities of multiple nodes in order toappear and function as distinct nodes. By becoming partof the network with different identities, this adversary canoverhear communications or act maliciously and controlthe network. Since a malicious node can pose as multipleidentities, it can disguise itself to be in more than oneplace at once. This way it shows its different identitiesto nodes in the network and can significantly reduce theeffectiveness of fault tolerant schemes such as distributedstorage [10], dispersity [11], multipath [31], and topol-ogy [32], [33], [58]. This type of attack makes geographicrouting protocols fail as location-aware routing often re-quires nodes to exchange their positions [28].Detection and Prevention: One possible way to counterthe Sybil attack is through link layer encryption and au-thentication using a globally shared key (possibly predis-tributed) by which adversaries are prevented from joiningthe network [28]. Newsome et al. [79] distinguish differ-ent variants of this attack and propose several methodsto identify these attacks, including radio resource testing,key validation for random key predistribution, positionverification, and registration.

6) Sinkhole and Wormhole Attacks: Sinkhole attack [15] isa type of attack where a malicious node attracts networkpackets toward it by spreading false routing informationto its neighbors in order to cause selective forwardingof packets which, in turn, reshape the network’s routingbehavior. The adversary lures traffic by advertising the

existence of a high-quality routing path to its neighbors.To do this, a laptop with a powerful antenna can be usedto send a strong signal to reach the base station possibly inone hop. As nodes are lured to send their packets throughthe malicious node, it can suppress or modify packets asit wishes. Since packets are destined for the base station,a compromised node just need to convince its neighborswith a high-quality routing path to the base.In a wormhole attack [15], an attacker receives packets atone point in the network, tunnels them to another pointin the network, and, then, replays them into the networkfrom that point creating confusion in routing, aggregation,and other important decisions made by the nodes. In thisattack, an adversary acts as a forwarding node betweentwo legitimate nodes which may be far away and givethem the impression that they are neighbors, leading themto quickly dissipate their valuable energy.Detection and Prevention: One possible solution to over-come wormhole and sinkhole attacks is to have everynode use a unique symmetric shared key with the base.Wormhole and Sinkhole attacks are more stringent thanthe Sybil attack (and selective forwarding) and findinga strong countermeasure for them is difficult. Designinggood routing protocols, such as multipath [31] routing, canbe helpful to minimize the effect of such attacks. Anotherpossibility is to let nodes themselves verify each other’sidentify (possibly through the shared key between a nodeand the base station) and establish a shared key betweenthem using Needham–Schroeder [14]-like protocols [28].

7) Physical Attack and Detection and Prevention: Last butnot the least type of attack is the physical attack of thenode itself. It deals with the ability of the attacker to gainphysical access to sensors. This physical access opensup a number of attacks including destroying or stealingthe nodes, removing them from their original locations,inserting malicious code, and retrieving secret informationsuch as cryptographic keys, etc. Tamper-proof hardwareis sometimes seen as a viable option to protect the sensors,but this is expensive and may not be very effective againstthe attacker.

VI. CRYPTOGRAPHIC METHODS

Cryptographic methods are key to ensure that most of thesecurity objectives, such as confidentiality, integrity, authenti-cation, and nonrepudiability, are met. Cryptographic algorithmsare employed for secure data storage and secure transmis-sion [52]. For secure data transmission, security measures needto be incorporated in each participating node in the network.For comprehensive overviews of cryptographic algorithms andprotocols, see [55] and [56]. In this section, we provide a shortreview of some of the existing cryptographic algorithms used inwireless networking systems (and also in wired networks).

Cryptography is the basic encryption method that is usedin security implementation in data and information commu-nication. There are two types of cryptography, namely, sym-metric and asymmetric. Symmetric encryption algorithms are


characterized by the fact that the decryption key is identical tothe encryption key or the keys can be transformed to one anothervia simple functions. Asymmetric or public-key cryptography,on the other hand, uses different keys to encrypt and decryptmessages. Asymmetric key cryptography, such as RSA, ellipticcurve cryptography, require more computation power and mem-ory than the symmetric key cryptography, e.g., advanced en-cryption standard (AES) block cipher, data encryption standard(DES), and RC4 [59]. Symmetric key cryptography is difficultfor key deployment and management [58]. However, in the con-text of WSNs, symmetric key cryptography seems to be the bestchoice because sensors cannot afford to dedicate their limitedenergy to implement complex and resource-oriented public-keycryptography [58].

In symmetric key cryptography, the key must be exchangedin advance between the sender and receiver in a secure mannerand must be kept secret. Considering security, key manage-ment is very important, especially in symmetric cryptographystructure, and is the basis of establishing a secure communica-tions infrastructure between sensors. However, the sensor net-work dynamic structure, easy node compromise, and the self-organization property add to the difficulty of key managementand bring broad research issues in this area. Most symmetricschemes use key predistribution to ease the difficulty of keymanagement [58]. There is a plethora of literature discussingthe relative merits and demerits of different key managementschemes in the wireless network. An excellent survey on thistopic can be found in [17].

Symmetric key algorithms can be divided into stream ciphersand block ciphers. Stream ciphers combine input data bitwise orbytewise with a key stream, while block ciphers transform inputdata blockwise in a key-dependent way [52]. There are a widerange of symmetric algorithms with different characteristics.Some examples of popular and well-respected symmetric algo-rithms include RC4, DES, and AES (Rijndael). RC4 is a popularstream cipher with bytewise processing [59] that can be easilyimplemented on weak processors such as 8-bit processors. DESis a block cipher defined as the U.S. standard for encryption in1977 [60]; however, it is not very stable and is breakable due tothe relatively short key length (56 bits). A later version of DESwas developed with the introduction of longer key (three timesthe size of the DES key), which is called the triple DES [61], tomake the scheme stronger. AES is the current U.S. standard forencryption [62] which is at least as secure as triple DES. It hasgained popularity in sensor networks because it is much faster,consumes less resources, and is suitable for different processorword lengths. The AES comes with 128-bit blocks and its keysize is 128, 192, or 256 bit. A key size of 128 bit is consideredstrong enough today.

VII. SECURITY PARADIGMS FOR WIRELESS

SENSOR NETWORKS

To provide security solutions in the industrial automation, anumber of successful technologies or standards have alreadybeen introduced among which 802.15.4 Factory Automation

MAC Layer [20]–[23], ZigBee [19], WirelessHART [24], [25],ISA100.11a [16], and security protocols SPINS are noteworthy.

A. IEEE 802.15.4 Standard

The IEEE 802.15.4 standard has been designed as an indus-try standard to focus on short-distance data range, low data rate,energy efficiency, and low cost. This standard makes use of theAES-128 (128-bit keys and 128-bit block size) algorithm. Theuse of this algorithm provides a robust, state-of-the-art messageframe security. The 802.15.4 standard provides a suite of linklayer protocols which includes several basic security servicesand has three modes of operation, namely, access control list(ACL), secured, and unsecured modes. The services of the linklayer include access control, message integrity, message confi-dentiality, and replay protection [15].

ACL is a simple security mode in which individual nodesmaintain a list of trusted devices with which they can communi-cate and all others are ignored. ACL does not provide any kind ofcryptographic security. On the other hand, in the secured mode,this standard provides a suite of security protocols includingmessage integrity, message confidentiality, and reply protection.Basically, the specification defines a set of eight security suiteswith different security properties such as no security, encryptiononly (AES-CTR), authentication only (AES-CBC-MAC), andencryption and authentication (AES-CCM) [26]. Applicationscan satisfy their security requirements by setting appropriateparameters as described by the standard. If no parameters areset, the default is no security enabled. Message confidentialityensures that only legitimate users in the network can have accessto the information originating and flowing through the network.Access control and message integrity prevent unauthorized par-ties from participating in the network and provide mechanismsby which users can detect message tampering (message mod-ification, insertion of fake messages, etc.) and reject messagesfrom adversaries.

To ensure message authentication and integrity, a message au-thentication code (MAC) is appended to each message sent. ThisMAC is viewed as a cryptographically secure checksum of themessage. Computing the MAC requires senders and receiversshare a secret key. Depending upon the secret key, the sendercomputes a MAC and adds it to the message it sends [9]. Onthe other end, the receiver sharing the secret key recalculates theMAC and accepts the message if and only if the received and thecomputed MACs are the same. The success of this idea heavilyrelies on the strength of MAC which is generally difficult to forgewithout a secret key. This security measure prevents the adver-sary from modifying a valid message and making it acceptableto a receiver without the knowledge of a shared secret key [26].The 802.15.4 standard defines a number of security suites basedon using the AES (Advanced Encryption Standard) symmetriccryptographic algorithm and providing different level of services(as shown in Table II). For example, AES-CTR provides onlyencryption, AES-CBC-MAC provides authentication, whereasAES-CCM combines both encryption and authentication. Thestrength of AES depends on the number of bits used in the


encryption algorithm, the strongest is the AES-CCM-128 whichuses 128 bit key block, while AES-CCM-64 uses 64-bit [26].

B. ZigBee

ZigBee is an industry standard designed to build a data linklayer suitable for use in very low-power wireless communi-cations. ZigBee has a number of excellent security elementsincluding applying security mechanisms to data frames to routethem to their intended destinations and secure key exchangeand authentication procedures. It implements two extra securitylayers on top of IEEE 802.15.4, namely, the Network and theApplication security layers.

ZigBee uses the concept of “trust center,” which is essentiallya centralized control mechanism that manages the security ofthe network. Basically, the trust center is the ZigBee networkcoordinator which has three roles to play. It authenticates a de-vice that wants to join the network. It maintains and distributesthe keys and enables end-to-end security between devices. Thetrust center works both in the Residential and the Commercialmodes [27]. In the Residential mode, with low security require-ments, the center will allow devices to join the network but doesnot establish or distribute keys with the devices in the network.In the Commercial mode, along with authenticating devices, italso establishes, distributes, maintains, and updates keys in thenetwork devices.

In order to implement these security features, ZigBee usesthree kind of keys: master, link, and network keys [15]. Masterkeys are preinstalled in each node. Their function is to keepconfidential the link keys exchange between two nodes in theKey Establishment Procedure. Link keys are unique betweeneach pair of nodes. These keys are managed by the applicationlevel, and are used to encrypt all the information between each ofthe two devices. Although this idea of using link keys providessubstantial security, memory requirements per node increases ifthe number of sensors is larger. Network key is a unique 128-bitkey shared among all the devices in the network and generatedby the trust center. Each node has to get this key in order to jointhe network.

Guo et al. [106] provide an experimental study of interfer-ence impacts on ZigBee-based communications inside a build-ing which aims to highlight the issues affecting the coexistenceof ZigBee systems in the presence of different interferences. Anexperimental study of ZigBee-based wireless communicationhas been presented over a period of time with WiFi, BlueTooth,and microwave ovens. Results are shown for several differentlink configurations.

C. WirelessHART

The WirelessHart standard has been introduced by the HARTfoundation which provides highly secure, open, standard-basedwireless solutions for process automation, plant, and equip-ment monitoring, workforce productivity, and plant manage-ment [13]. Each WirelessHART network includes three mainelements: field devices, gateways, and network and securitymanagers. Field devices are basically wireless nodes that areconnected to process or plant equipment around the facility to

sense, process, and transmit data. Gateways acting as bridgesthat enable communication between these devices and host ap-plications are connected to a high-speed backbone or other exist-ing plant communications network. Network and security man-agers are responsible for configuring the gateways and fielddevices using HART commands, functions, event notifications,and diagnostic tools, etc. [25]. Furthermore, the network man-ager also configures the field devices and maintains the wholenetwork through scheduling communications, managing routingtables, monitoring network health, and receiving queries fromhost applications which are then sent to the network to obtaininformation.

On the other hand, the security manager provides protectionto the network from intrusion and attacks by generating ses-sion keys and network keys and collaborates with the networkmanager to distribute and maintain the keys. It has a good de-fense mechanism by which security is ensured in the network. Itcontrols devices’ access to the network resource and utilizes anauthentication, authorization, and accounting (AAA) protocolto coordinate access to the wireless network resources with theexisting IT security infrastructure [25]. All wireless communi-cations between the client device and the wireless network areencrypted utilizing AES 128-bit encryption preventing unautho-rized eavesdropping or data manipulation of any of the commu-nications. This allows for centralized control of users access tothe wireless network and can control the users authorization toaccess resources on the wired networks.

WirelessHART prevents intrusion through the following ways[25]. It uses individual device session keys to ensure end-to-endmessage authenticity, data integrity, receipt validation, and se-crecy through data encryption. The AES-128 encryption algo-rithm is implemented for all communications within the fielddevice in the network and the gateway. Strong security defenseis achieved for message authentication and verification throughhop-by-hop MAC calculations with the expense of adding andrecomputing MAC at every node in the route. WirelessHartalso provides the mechanism to use ACL, where devices aregiven permission to join the network via the gateway/networkmanager with ACL entry which includes their globally uniqueHART address.

D. International Society of Automation 100.11a

ISA-100.11a is a Wireless Standard [16], [18] for industrialautomation, process control, and related applications developedby the International Society of Automation (ISA) 100 standardscommittee which is part of the ISA organization. This technol-ogy standard is designed to provide reliable and secure wirelessoperation for noncritical monitoring, alerting, supervisory con-trol, and open-loop- and closed-loop control applications. Thestandard defines the protocol suite, system management, andsecurity specifications for low-data-rate wireless connectivitywith fixed, portable, and moving devices supporting limitedpower-consumption requirements.

ISA 100.11a supports monitoring and process control wherelatencies on the order of 100 ms can be tolerated [16]. It lever-ages the security standard of 802.15.4 and adds security features


TABLE IIICOMPARISON OF SECURE ROUTING PROTOCOLS [109]

in all layers (not only in medium access control and physicallayers). Harsh environments in the factory domain, where equip-ment moves, conditions change, and frequency diversity exists,emphasize the need to consider the effect of frequency diversityto limit interference. There are mainly two frequency diversityschemes, namely, channel hopping and channel blacklisting thatare used in a wireless domain. The ISA 100.11a standard sup-ports both frequency hopping and channel blacklisting in orderto provide an efficient response against interference. Confiden-tiality of information is achieved through the ISA 100.11a stan-dard by using the 128-bit AES algorithm coupled with differentkeys.

E. SPINS

SPINS [30] is a suite of security protocols optimized anddesigned by Perrig et al. to be used for WSNs. It is built upontwo building blocks, called secure network encryption protocol(SNEP) and timed streaming loss-tolerant authentication pro-tocol (μTESLA) both having different purposes. Running ontop of TinyOS, SNEP provides data confidentiality through en-cryption, two-party authentication, data freshness, and integrityusing MAC, while μTESLA is designed, with resource limita-tions of WSNs in mind, to provide broadcast authentication.

SNEP achieves semantic security (a kind of security featurethat prevents an adversary from learning or even inferring par-tial information about an encrypted message in transit) througha clever use of counters shared by the sender and receiver. Thecounter value is used to offer authentication and data freshnessas well as provide semantic security. The counter value is suf-ficiently long enough to repeat within the lifetime of a node.Another major advantage of SNEP is that it requires only 8 byteof overhead per message which is crucial for power-constraintWSNs.

Authenticating broadcast data is very important in any net-work. μTESLA [29] is designed to provide asymmetric cryp-tography of authenticated data through delayed disclosure ofsymmetric keys. μTESLA requires that the base station and thesensors be loosely time synchronized and that each node knowsthe upper bound of synchronization error. Interestingly, whenthe base station broadcasts an authenticated data packet to thenetwork, it keeps the MAC key secret which is used to computethe MAC on the packet. After receiving the packets, the sen-sors buffer them for a period of time knowing that the key isonly known to base and will be later received, synchronize theirclocks (using the maximum error), and wait for the MAC key tobe disclosed by the base station. When the base sends the MAC

key to the nodes, they can verify the correctness of the key anduse it to authenticate the packet stored in the buffer [9].

However, while μTESLA is an attractive scheme in theory,the requirement of time synchronization can be stringent whichcan raise complications. For example, the problem of choosingthe time period between key disclosures has no straightforwardsolution [15].

Since no protocols are strong enough to cover all the desiredproperties equally well, a relative comparison among them mayhelp us choose the best ones that provide expected results. Therelative performance levels of different secure routing protocolsare provided in Table III.

Another radio technology, which is called the ultrawideband,whose unique characteristics, i.e., very low energy levels forshort-range high-bandwidth communications, can be an mech-anism to deal with industrial conditions. Because of very shortimpulses emitted in periodic sequences and short-range wirelesscommunication, this technology is mainly used for sensor datacollection, precision location, and object tracking applications.

VIII. RESEARCH CHALLENGES

Here, we highlight some of the challenging research issuesraised from our survey and make an attempt to provide somedirection. Ensuring adequate security in WSNs is an ongoingchallenge due to the sensors’ severe resource constraints andtheir demanding deployment environments based on applica-tions. The unique properties of WSNs present a number ofimportant tradeoffs in terms of the sensor’s energy consump-tion and maintaining sufficient security measures. We need toanalyze and determine the exact security requirements of thefactory environment considering its distinctive characteristics,which is different than the environments and security needs ofa military battlefield, shopping center, or mall.

At the basic level, considering the physical security of thenetworks and their components, some research effort shouldbe driven to figure out the protective measure needed to makethe nodes tamper proof and resistant to withstand relativelyhigh temperature, humidity, and pressure. In addition, to dealwith the harsh physical conditions of the factory environment,researchers should pay particular attention to the signal gener-ation characteristics, e.g., modulation and coding schemes ofthe devices such that signals are robust and less susceptible tointerference and can adapt the conditions of operation and datacollection requirements.

Another important issue is to consider the robustness and re-silience of WSNs which are concerned with the strength of thenetwork to provide an acceptable level of security if some nodes


are compromised and the ability of the network to operate de-spite attacks. Efficient mechanisms should be sought to quicklydetermine whether certain nodes are compromised and if so,they should be identified and taken care of without seriouslyaffecting the normal functioning of the network.

In general, secure routing protocols provide little or no secu-rity features which are susceptible to many types of attack thattarget on routing disruption. Existing secure routing protocols intraditional networks can be investigated to see whether they canfit to WSNs. One interesting avenue of research could be find-ing ways to accommodate routing energy-efficient protocols thatcan easily adapt and work seamlessly in the face of link and/ornode failures. At the same time, care should be taken to preventadversaries from knowing about the topology of the network.Adopting multipath routing only when the regular routing pathis corrupted by the presence of compromised nodes is a goodway to circumvent malicious nodes (it is better to eliminate such“bad” nodes); otherwise, frequent and unnecessary dependenceon multipath routing can affect the energy consumption of thesensors.

There is some concern about secure distributed data storagein WSNs which states that in case of unfavorable circumstances(e.g., if a node is aware that its some of its neighbors are com-promised) when it is hard to transmit sensitive data to the base,there must be mechanisms to store the data in the node for areasonable period of time before being sent to the base. This isespecially important in the industrial environment, where everypiece of information about the condition or state of machinery,tools, or equipment is significant. Having powerful nodes withenough memory may be a good idea. However, this opens upan interesting tradeoff between the requirement of the amountof memory to store such additional data and the cost of nodeswith extra memory since hundreds or thousands of nodes maybe deployed depending upon applications.

On the flip side, it may happen that some neighbors may failto forward data due to malfunction; in that case, the sendingnode may have to rely on other nodes to relay its data whichmay belong to different networks. These nodes are expectednot to be able to decipher the information passed on to it forrelay. This raises another important tradeoff where data shouldbe flexible enough to be aggregated while in transit among theauthenticated nodes in the network and need to be sufficientlyencrypted while being relayed by, possibly, nodes from othernetwork.

WSNs are susceptible to different intrusions. It would be in-teresting to devise distributed and efficient ways in terms ofcommunication, memory, and energy requirements to monitorand analyze potential anomalies at certain concentration points.Other ongoing directions include consideration of using asym-metric protocols (public-key cryptography) where most of thecomputational burden falls on the base station.

Light-weight WSN protocols are essential for the develop-ment of fast responding network adaptation and relay routes forsecurity and reliability enhancement. Several new theoreticalapproaches, such as multipath routing, diversity of frequen-cies, and identification of nodes with a global clock and differ-ent transmission capabilities, can be taken into account. WSN

security enhancement through link and network adaptation[104] and transmitter–receiver specific interaction, enabled bythe concurrent control channel at the physical level, is an inter-esting avenue. This can be further strengthened by adopting anetwork design through the multiobjective optimization of theWSN with data integrity and user authenticity [103], [105].

IX. CONCLUSION

In this paper, we have made an attempt to provide a survey onthe issue of reliability and security of WSNs in factory automa-tion. We have discussed several security problems and reliabil-ity issues that are present in WSNs considering the industry’sunique conditions including process management, work flow,interference, equipment and machinery placement, and move-ment. These factors stress the need to carefully design robustand secure protocols suitable for factories, plants, and manu-facturing processes. A number of existing industry standard so-lutions have been studied along with their mechanisms to dealwith various attacks and threats. Although the existing securityparadigms, as outlined by the standards (for example, ZigBee),seem to be sufficient to counter main attacks, they leave the ac-tual design and implementation details to the users. In addition,there are still interesting problems left for future investigation,some of which are highlighted in this paper, especially, the reli-ability of data communications, jamming and collision attacks,and other relevant security issues. Traditional complex cryp-tographic algorithms (e.g., public-key cryptography) that seemeffective at handling most security issues may not be suitablefor sensors because of less power and processing capabilities.Thus, future research in this direction would be to develop newprotocols which will be able to effectively counter most of thesecurity problems.

ACKNOWLEDGMENT

The authors would like to express their gratitude and acknowl-edge to Auto21 for the support to conduct this research.

REFERENCES

[1] K. Low, W. Win, and J. Meng, “Wireless sensor networks for industrialenvironments,” in Proc. Comput. Modelling, Control Autom., Int. Conf.Intell. Agents, Web Technol., Internet Commerce, 2005, pp. 271–276.

[2] I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “Wirelesssensor networks: A survey,” Comput. Netw., vol. 38, no. 4, pp. 393–422,2002.

[3] U.S. Department of Energy, Office of Energy Efficiency and RenewableEnergy, “Industrial wireless technology for the 21st Century,” 2002.

[4] A. S. Tanenbaum, Computer Networks, 4th ed. Englewood Cliffs, NJ:Prentice–Hall, 2003.

[5] W. Stallings, Cryptography Network Security- Principles Practices, 3rded. Upper Saddle River, NJ: Prentice–Hall, 2003.

[6] N. Li, N. Zhang, S. Das, and B. Thuraisingham, “Privacy preservationin wireless sensor networks: A state-of-the-art survey,” Ad Hoc Netw.,vol. 7, no. 8, pp. 1501–1514, 2009.

[7] International Telecommunication Union. (2009). E.800—Terms and def-inition related to quality of service and network performance includingdependability. [Online]. Available: http://www.itu.int

[8] J. Schmitt, Heterogeneous Network Quality of Service Systems. Nor-well, MA: Kluwer, 2001.

[9] D. Boyle and T. Newe, “Security protocols for use with wireless sensornetworks: A survey of security architectures,” presented at the ICWMCWireless Mobile Commun., Guadeloupe, French Caribbean, 2007.


[10] M. Castro and B. Liskov, “Practical byzantine fault tolerance,” in Proc.3rd ACM/USENIX OSDI, 1999, pp. 173–186.

[11] A. Banerjea, “A taxonomy of dispersity routing schemes for fault tolerantreal-time channels,” Proc. Eur. Conf. Multimedia Appl. Services Techn.,1996, pp. 129–148.

[12] A. Perrig, J. Stankovic, and D. Wagner, “Security in wireless sensornetworks,” Commun. ACM, vol. 47, no. 6, pp. 53–57, 2004.

[13] D. Christin, P. Mogre, and M. Hollick, “Survey on wireless sensor net-work technologies for industrial automation: The security and quality ofservice perspectives,” Future Internet vol. 2, no. 2, pp. 96–125, 2010.

[14] R. Needham and M. Schroeder, “Using encryption for authenticationin large networks of computers,” Commun. ACM, vol. 21, no. 12, pp.993–999.

[15] M. Healy, T. Newe, and E. Lewis, “Security for wireless sensor networks:A survey,” in Proc. IEEE Sens. Appl. Symp., 2009, pp. 80–85.

[16] International Society of Automation. (2009). Wireless Systems for In-dustrial Automation: Process Control and Related Applications, ISA-100.11a-2009. [Online]. Available: http://www.isa.org

[17] Y. Xiao, V. Rayi, B. Sun, X. Du, F. Hu, and M. Galloway, “A surveyof key management schemes in wireless sensor networks,” Comput.Commun., vol. 30, no. 11–12, pp. 2314–2341, 2007.

[18] A. Willig, “Recent and emerging topics in wireless industrial communi-cations: A selection,” IEEE Trans. Ind. Informat., vol. 4, no. 2, pp. 102–124, May 2008.

[19] P. Baronti, P. Pillai, V. Chook, S. Chessa, A. Gotta, and Y. Hu, “Wirelesssensor networks: A survey on the state of the art and the 802.15.4 andZigBee standards,” Comput. Commun., vol. 30, pp. 1655–1695, 2007.

[20] Telecommunications and Information Exchange Between Systems, Localand Metropolitan Area Networks, Specific Requirements, Part 11: Wire-less LAN Medium Access Control (MAC) and Physical Layer (PHY),Specifications, IEEE Standard 802.11-2012, 2007.

[21] A. Willig, K. Matheus, and A. Wolisz, “Wireless technology in industrialnetworks,” Proc. IEEE, vol. 93, no. 6, pp. 1130–1151, Jun. 2005.

[22] Telecommunications and Information Exchange Between Systems, Lo-cal and Metropolitan Area Networks, Specific Requirements, Part 15.1:Wireless Medium Access Control (MAC) and Physical Layer (PHY) Spec-ifications for Wireless Personal Area Networks (WPANS), IEEE Standard802.15.1-2005, 2002.

[23] Telecommunications and Information Exchange between Systems, Lo-cal and Metropolitan Area Networks, Specific Requirements, Part 15.4:Wireless Medium Access Control (MAC) and Physical Layer (PHY) Spec-ifications for Low Rate Wireless Personal Area Networks (LR-WPANs),IEEE Standard 802.15.4-2011, 2007.

[24] A. Kim, F. Hekland, S. Petersen, and P. Doyle, “When HART goes wire-less: Understanding and implementing the Wireless HART standard,” inProc. IEEE Int. Conf. Emerging Technol. Factory Autom., 2008, pp. 899–907.

[25] HART Communication Foundation. (2009). Why WirelessHART? Theright standard at the right time. [Online]. Available: http://www.hartcomm.org

[26] N. Sastry and D. Wagner, “Security considerations for IEEE 802.15.4networks,” in Proc. ACM Workshop Wireless Security, 2004, pp. 32–42.

[27] ZigBee Alliance. (2006). ZigBee Security Specification Overview[Online]. Available: http://www.zigbee.org

[28] C. Karlof and D. Wagner, “Secure routing in wireless sensor networks:Attacks and countermeasures,” Proc. IEEE Int. Workshop Sensor Netw.Protocols Appl., May 2003, pp. 113–127.

[29] A. Perrig, R. Canetti, J. Tygar, and D. Song, “The TESLA broadcastauthentication protocol,” RSA Cryptobytes, vol. 5, no. 2, pp. 2–13, 2002.

[30] A. Perrig, R. Szewczyk, J. Tygar, and D. Culler, “SPINS: Security pro-tocols for sensor networks,” Wireless Netw., vol. 8, no. 5, pp. 521–534,2002.

[31] K. Ishida, Y. Kakuda, and T. Kikuno, “A routing protocol for findingtwo node-disjoint paths in computer networks,” in Proc. Int. Conf. Netw.Protocols, 1992, pp. 340–347.

[32] Y. Xu, J. Heidemann, and D. Estrin, “Geography-informed energy con-servation for ad hoc routing,” Proc. 7th Annu. ACM/IEEE Int. Conf.Mobile Comput. Netw., 2001, pp. 70–84.

[33] B. Chen, K. Jamieson, H. Balakrishnan, and R. Morris, “Span: An energy-efficient coordination algorithm for topology maintenance in ad hocwireless networks,” ACM Wireless Netw. J., vol. 8, no. 5, pp. 481–494,2002.

[34] J. Moyne and D. Tilbury, “The emergence of industrial control networksfor manufacturing control, diagnostics, and safety data,” Proc. IEEE,vol. 95, no. 1, pp. 29–47, Jan. 2007.

[35] J. Thomesse, “Fieldbus technology in industrial automation,” Proc. IEEE,vol. 93. no. 6, pp. 1073–1101, Jun. 2005.

[36] R. Zurawski, The Industrial Communication Technology Handbook..Boca Raton, FL: CRC Press, 2005.

[37] J. Jasperneite and P. Neumann, “Measurement, analysis and modeling ofreal-time source data traffic in factory communication systems,” in Proc.IEEE Int. Workshop Factory Commun., 2000, pp. 327–334.

[38] L. Ozarow, S. Shamai, and A. Wyner, “Information theoretic consider-ations for cellular mobile radio,” IEEE Trans. Veh. Technol., vol. 43,no. 2, pp. 359–378, May 1994.

[39] R. Berry and R. Gallager, “Communication over fading channels withdelay constraints,” IEEE Trans. Inf. Theory, vol. 48, no. 5, pp. 1135–1149, May 2002.

[40] M. Hamdaoui and P. Ramanathan, “A dynamic priority assignment tech-nique for streams with (m, k)-firm deadlines,” IEEE Trans. Comput.,vol. 44, no. 12, pp. 1443–1451, Dec. 1995.

[41] M. Hamdaoui and P. Ramanathan, “Evaluating dynamic failure proba-bility for streams with (m, k)-firm deadlines,” IEEE Trans. Comput.,vol. 46, no. 12, pp. 1325–1337, Dec. 1997.

[42] J.-D. Decotignie, “Interconnection of wireline, wireless fieldbuses, and” i, The Industrial Information Technology Handbook. R. Zurawski,Ed. Boca Raton, FL: CRC Press, 2005.

[43] L. Ruizhong, W. Zhi, and S. Youxian, “Wireless sensor networks solu-tions for real time monitoring of nuclear power plant,” in Proc. WorldCongress Intell. Control Autom., 2004, pp. 3663–3667.

[44] J. Taylor and A. Sayda, “An intelligent architecture for integrated controland asset management for industrial processes,” in Joint Int. Symp. Intell.Control 13th Mediterranean Conf. Control Autom., 2005, pp. 4350–4357.

[45] P. Jiang, H. Ren, L. Zhang, Z. Wang, and A. Xue, “Reliable applicationof wireless sensor networks in industrial process control,” in Proc. 6thWorld Congr. Intell. Control Autom., 2006, pp. 99–103.

[46] H. Karl and A. Willig, Protocols and Architectures for Wireless SensorNetworks. Chichester, U.K.: Wiley, 2005.

[47] G. Pottie and W. Kaiser, Principles of Embedded Networked SystemsDesign. Cambridge, U.K.: Cambridge Univ. Press, 2005.

[48] S. Iyengar and R. Brooks, Eds., Distributed Sensor Networks. BocaRaton, FL: CRC Press, 2005.

[49] F. Zhao and L. Guibas, Wireless Sensor Networks: An Information Pro-cessing Approach. Amsterdam, The Netherlands: Elsevier, 2004.

[50] I. F. Akyildiz and I. H. Kasimoglu, “Wireless sensor and actor networks:research challenges,” Ad Hoc Netw., vol. 2, pp. 351–367, 2004.

[51] A. Willig, “Wireless sensor networks: Concept, challenges, approachesand applications,” in Verbandszeitschrift des O sterreicischen Verbandesfur Elektrotechnik und Informationstechnik, 2006.

[52] D. Dzung, M. Naedele, T. Von Hoff, and M. Crevatin, “Security forindustrial communication systems,” Proc. IEEE, vol. 93, no. 6, pp. 1152–1177, Jun. 2005.

[53] E. Shi and A. Perrig, “Designing secure sensor networks,” IEEE WirelessCommun., vol. 11, no. 6, pp. 38–43, Dec. 2004.

[54] M. Anand, E. Cronin, M. Sherr, M. Blaze, Z. Ives, and I. Lee, “Sensornetwork security: More interesting than you think,” in Proc. 1st USENIXHotSec, 2006, pp. 25–30.

[55] B. Schneier, Applied Cryptography, 2nd ed. New York: Wiley, 1996.[56] W. Mao, Modern Cryptography: Theory Practice. Upper Saddle River,

NJ: Prentice–Hall, 2003.[57] H. Chan and A. Perrig, “Security and privacy in sensor networks,” Com-

puter, vol. 36, no. 10, pp. 103–105, 2003.[58] X. Chen, K. Makki, K. Yen, and N. Pissinou, “Sensor network security: A

survey,” IEEE Commun. Surveys Tuts., vol. 11, no. 2, pp. 52–73, SecondQuarter 2009.

[59] R. Rivest, The RC4 Encryption Algorithm (Proprietary). RSA Data Se-curity Inc., 1992.

[60] Data Encryption Standard, FIPS Pub. 46, 1977.[61] Data Encryption Standard, FIPS Pub. 46–3, 1977.[62] Specification of the Advanced Encryption Standard (AES), FIPS Pub.

197, 2001.[63] A. Wood and J. A. Stankovic, “Denial of service in sensor networks,”

IEEE Comput., vol. 35, no. 10, pp. 54–62, Oct. 2002.[64] S. Marti, T. Giuli, K. Lai, and M. Baker, “Mitigating routing misbehavior

in mobile ad hoc networks,” in Proc. 6th Annu. Int. Conf. Mobile Comput.Netw., 2000, pp. 255–265.

[65] P. Michiardi and R. Molva, “Core: A collaborative reputation mechanismto enforce node cooperation in mobile ad hoc networks,” in Proc. Adv.Commun. Multimedia Security, 2002, pp. 107–121.


[66] S. Buchegger and J.-Y. L. Boudec, “Nodes bearing grudges: Towardsrouting security, fairness, robustness mobile ad hoc networks,” in Proc.10th Euromicro Workshop Parallel, Distrib. Network-Based Process.,2002, pp. 403–410.

[67] P. Michiardi and R. Molva, “Simulation-based analysis of security expo-sures in mobile ad hoc networks,” in Proc. Eur. Wireless Next GenerationWireless Networks: Technologies, Protocols, Services Appl., 2002.

[68] L. Blazevic, L. Buttyan, S. Capkun, S. Giordano, J.-P. Hubaux, and J.-Y.L. Boudec, “Self-organization in mobile ad hoc networks: The approachof terminodes,” IEEE Commun. Mag., vol. 39, no. 6, pp. 166–174, Jun.2001.

[69] L. Buttyan and J.-P. Hubaux, “Nuglets: A virtual currency to stimulatecooperation in self-organized mobile ad hoc networks,” Swiss FederalInst. Technol., Zurich, Switzerland, Tech. Rep. DSC/2001/001, 2001.

[70] S. Zhong, J. Chen, and Y. R. Yang, “Sprite: A simple, cheat-proof, credit-based system for mobile ad hoc networks,” in Proc. 22nd Annu. JointConf. IEEE Comput. Commun., 2003, pp. 1987–1997.

[71] A. Seshadri, A. Perrig, L. Doorn, and P. Khosla, “SWATT: Software-based attestation for embedded devices,” in Proc. IEEE Symp. SecurityPrivacy, 2004, pp. 272–282.

[72] A. Seshadri, M. Luk, A. Perrig, L. Doorn, and P. Khosla, “SCUBA:Secure code update by attestation in sensor networks,” in Proc. 5th ACMWorkshop Wireless Security, 2006, pp. 85–94.

[73] H. Song, L. Xie, S. Zhu, and G. Cao, “Sensor node compromise detection:The location perspective,” Proc. Int. Conf. Wireless Commun. MobileComput., 2007, pp. 242–247.

[74] S. Kaplantzis, A. Shilton, N. Mani, and Y. Sekercioglu, “Detecting selec-tive forwarding attacks in wireless sensor networks using support vectormachines,” in Proc. Intell. Sensors Sensor Networks Inf. Process., 2007,pp. 335–340.

[75] H. Sun, C. Chen, and Y. Hsiao, “An efficient countermeasure to theselective forwarding attack in wireless sensor networks,” in Proc. IEEETENCON, 2007, pp. 1–4.

[76] K. Ioannis and T. Dimitriou, “Toward intrusion detection in sensor net-works,” in Proc. 13th Eur. Wireless Conf., 2007, pp. 1–7.

[77] H. Young, L. Tae, and H. C, “Fuzzy-based reliable data delivery forcountering selective forwarding in sensor networks,” in Proc. UIC, 2007,pp. 535–544.

[78] B. Yu and B. Xiao, “Detecting selective forwarding attacks in wirelesssensor networks,” in Proc. 2nd Int. Workshop Security Syst. Netw., 2006,pp. 1–8.

[79] J. Newsome, E. Shi, D. Song, and A. Perrig, “The Sybil attack in sensornetworks: Analysis and defenses,” in Proc. 3rd Int. Symp. Inf. Process.Sensor Netw., 2004, pp. 259–268.

[80] G Zhao, “Wireless sensor networks for industrial process monitoring andcontrol: A survey,” Netw. Protocols Algorithms, vol. 3, no. 1, pp. 46–63.

[81] M. Antoniou, M. Boon, P. Green, P. Green, and T. York, “Wirelesssensor networks for industrial processes,” in Proc. Sens. Appl. Symp.,2009, pp. 13–18.

[82] DUST NETWORKS. (Oct. 2011). [Online]. Available: http://www.dustnetworks.com/node/203

[83] J. Elson and K. Romer, “Wireless sensor networks: A new regime for timesynchronization,” Comput. Commun. Rev., vol. 33, no. 1, pp. 149–154,2003.

[84] HART Communication Foundation. (Oct. 2011). [Online]. Available:http://www.hartcomm.org

[85] T. Banerjee, B. Xie, and D. P. Agrawal, “Achieving fault tolerance in dataaggregation in wireless sensor networks,” Global Telecommun. Conf.,2007, pp. 926–930.

[86] C. Tuan, Y. Wu, W. Chang, and W. Huang, “Fault tolerance by quar-tile method in wireless sensor and actor networks,” in Proc. Int. Conf.Complex, Intell. Software Intensive Syst., 2010, pp. 758–763.

[87] Secure Wireless Plant. (May 2012). [Online]. Available: http://www.cisco.com/web/strategy/manufacturing/secure-wireless-plant.html

[88] T. Kevan, “Upgrading a steel mill wirelessly,” in Wireless Sens. Mag.,2005.

[89] T. Kevan, “Shipboard machine monitoring for predictive maintenance,”in Wireless Sens. Mag., 2006.

[90] L. Krishnamurthy, R. Adler, P. Buonadonna, J. Chhabra, M. Flanigan,N. Kushalnagar, L. Nachman, and M. Yarvis, “Design and deploymentof industrial sensor networks: Experiences from a semiconductor plantand the north sea,” 3rd Int. Conf. Enbedded Netw. Sensor Syst., 2005, pp.64–75.

[91] G. Gbur, W. Wier, T. Bark, and B. Baldwin, “Wireless vibration moni-toring in a US coal-fired plant,” Insight, vol. 48, no. 8, p. 456, 2006.

[92] B. Lu, T. Habetler, R. Harley, J. Gutierrez, and D. Durocher, “Energyevaluation goes wireless,” IEEE Ind. Appl. Mag., vol. 13, no. 2, pp. 17–23, Mar./Apr. 2007.

[93] V. Jagannath and B. Raman, “WiBeaM: Wireless bearing monitoringsystem,” in Proc. 2nd Int. Conf. Commun. Syst. Softw. Middleware, 2007,pp. 1–8.

[94] V. Sundararajan, A. Redfern, W. Watts, and P. Wright, “Distributed mon-itoring of steady-state system performance using wireless sensor net-works,” presented at the ASME Int. Mech. Eng. Congr., Anaheim, CA,2004.

[95] P. Wright, D. Dornfeld, and N. Ota, “Condition monitoring in end-millingusing wireless sensor networks,” Trans. NAMRI/SME, vol. 177, no. 36,pp. 1–8, 2008.

[96] A. Jardine, D. Lin, and D. Banjevic, “A review on machinery diagnosticsand prognostics implementing condition-based maintenance,” Mech.Syst. Signal Process., vol. 20, no. 7, pp. 1483–1510, 2006.

[97] H. Ramamurthy, B. Prabhu, R. Gadh, and A.M. Madni, “Wireless in-dustrial monitoring and control using a smart sensor platform,” IEEESensors J., vol. 7, no. 5, pp. 611–618, May 2007.

[98] P. Wright, D. Dornfeld, R. Hillaire, and N. Ota, “Tool temperature mea-surement and its integration within a manufacturing system,” Trans.NAMRI/SME, vol. 34, pp. 63–70, 2006.

[99] N. Ghosh, Y. Ravi, A. Patra, S. Mukhopadhyay, S. Paul, A.R. Mohanty,and A. Chattopadhyay, “Estimation of tool wear during CNC millingusing neural network-based sensor fusion,” Mech. Syst. Signal Process.,vol. 21, no. 1, pp. 466–479, 2007.

[100] K. Kunert, M. Jonsson, and E. Uhlemann, “Exploiting time and frequencydiversity in IEEE 802.15.4 industrial networks for enhanced reliabilityand throughput,” in Proc. IEEE Int. Conf. Emerging Technol. FactoryAutom., 2010. pp. 1–9.

[101] M. Miskowicz and D. Koscielnik, “Modeling end-to-end reliability inbest-effort networked embedded systems,” in Proc. Int. Conf. EmergingTechnol. Factory Autom., 2010, pp. 1–4.

[102] P. Fischione, C. Bonivento, A. Johansson, and K. Sangiovanni-Vincent,“Breath: An adaptive protocol for industrial control applications usingwireless sensor networks,” IEEE Trans. Mobile Comput., vol. 10, no. 6,pp. 82–838, Jun. 2011.

[103] F. Liu, X. Wang, and H. Tang, “Robust physical layer authenticationusing inherent properties of channel impulse response,” in Proc. IEEEMilitary Commun. Conf., Nov., 2011, pp. 538–542.

[104] X. Wang, H. Li, and H. Lin, “A new adaptive OFDM system with pre-coded cyclic prefix for dynamic cognitive radio communications,” IEEEJ. Sel. Areas Commun., vol. 29, no. 2, pp. 431–442, Feb. 2011.

[105] X. Wang, F. Liu, D. Fan, H. Tang, and P. Mason, “Continuous physicallayer authentication using a novel adaptive OFDM system,” in Proc.IEEE Int. Conf. Commun., 2011, pp. 1–5.

[106] W. Guo, W. M. Healy, and M. Zhou, “An experimental study of inter-ference impacts on ZigBee-based wireless communication inside build-ings,” in Proc. IEEE Int. Conf. Mechatronics Autom., Xi’an, China, Aug.2010, pp. 1982–1987.

[107] M. Yu, M. Zhou, and W. Su,“A secure routing protocol against Byzan-tine attacks for MANETs in adversarial environment,” IEEE Trans. Veh.Technol., vol. 58, no. 1, pp. 449–460, Jan. 2009.

[108] C. Zhang, M. Zhou, and M. Yu, “Ad hoc network routing and security:A review,” Int. J. Commun. Syst., vol. 20, pp. 909–925, 2007.

[109] Y. Wang, G. Attebury, and B. Ramamurthy, “A survey of security issuesin wireless sensor networks,” IEEE Commun. Surveys Tuts., vol 8, no. 2,pp. 2–23, Second Quarter 2006.

Kamrul Islam received the Ph.D. degree in com-puter science from Queen’s University, Kingston,ON, Canada, in 2010.

He is currently a Software Engineer with PhoenixInteractive Design Inc., London, ON, Canada, spe-cialized in ATM software. Prior to joining PhoenixInteractive Design, he was a Researcher with Queen’sUniversity, for about a year and then moved toLondon to continue as a Postdoctoral Researcherwith the University of Western Ontario and Na-tional Research Council, Canada, from May 2011 to

November 2011. His main research areas include wireless sensor networks,computational geometry, algorithms, and approximation algorithms. He hasmore than 25 publications on these topics.


Weiming Shen (M’98–SM’02) received the B.Sc.and M.Sc. degrees in mechanical engineering fromthe Northern Jiaotong University, Beijing, China, in1983 and 1986, respectively, and the Ph.D. degree insystem control from the University of Technology ofCompiegne, Compiegne, France, in 1996.

From 1986 to 1992, he was a Lecturer in mechan-ical engineering with the Northern Jiaotong Univer-sity. He has also held positions with MediReport,Paris, France, and the Department of Mechanical andManufacturing Engineering, University of Calgary.

He is currently a Senior Research Scientist with the National Research CouncilCanada, Ottawa, ON, Canada, and an Adjunct Professor in software engineeringwith the University of Western Ontario, London, ON. Since 1992, he has beeninvolved in research on intelligent software agents and their applications to col-laborative engineering design and intelligent manufacturing. He has publishedtwo books and more than 300 papers in scientific journals and international con-ferences, and co-edited six books and 16 conference proceedings in the relatedareas.

Dr. Shen is a Co-Chair of the Technical Committee on Computer SupportedCooperative Work in Design with the IEEE Systems, Man and Cybernetics So-ciety. He currently serves as an Associate Editor for the IEEE TRANSACTIONS

ON SYSTEMS, MAN, AND CYBERNETICS—PART C: APPLICATIONS AND REVIEWS

and the IEEE TRANSACTIONS ON AUTOMATION SCIENCE AND ENGINEERING.

Xianbin Wang (S’98–M’99–SM’06) received thePh.D. degree in electrical and computer engineeringfrom the National University of Singapore, Singa-pore, in 2001.

He is currently an Associate Professor with theUniversity of Western Ontario, London, ON, Canada,and a Canada Research Chair in Wireless Communi-cations. Prior to joining the University of Western On-tario, he was with Communications Research CentreCanada as a Research Scientist/Senior Research Sci-entist between July 2002 and December 2007. From

January 2001 to July 2002, he was a System Designer with STMicroelectron-ics, where he was responsible for system design for DSL and Gigabit Ethernetchipsets. In 2000, he was with Institute for Infocomm Research, Singapore (for-merly known as the Centre for Wireless Communications), as a Senior R&Dengineer. He has more than 150 publications on various communication sys-tem design issues, including around 130 IEEE Journal and Conference papers,15 granted and pending patents, and several standard contributions. His mainresearch areas include wireless communications and related applications, in-cluding adaptive and cognitive communications, wireless infrastructure-basedposition location, wireless security, and wireless resource allocation.

Dr. Wang is an IEEE Distinguished Lecturer. He was the recipient of threeIEEE Best Paper Awards. He currently serves as an Associate Editor for theIEEE WIRELESS COMMUNICATIONS LETTERS, the IEEE TRANSACTIONS ON VE-HICULAR TECHNOLOGY and the IEEE TRANSACTIONS ON BROADCASTING. Hewas also an Editor for the IEEE TRANSACTIONS ON WIRELESS COMMUNICA-TIONS between 2007 and 2011. He was involved in many IEEE conferencesincluding Global Communications Conference, International Conference onCommunications, Wireless Communications and Networking Conference, Ve-hicular Technology Conference, and International Conference on Multimediaand Exposition, on different roles such as Symposium Chair, Track Chair, Tech-nical Program Committee Chair, and Session Chair.

wireless sensor network reliability and security in factory automation: a survey

Documents