KILAVI Wireless Communication Protocol for the Building Environment – Security Issues Hannu Sikkilä, Mikael Soini, Petri Oksa, Lauri Sydänheimo, and Markku Kivikoski Abstract — Asymmetric key cryptosystems are unsuitable for use in the resource constrained sensor nodes and typically the biggest challenge in all symmetric security systems is how to exchange the initial encryption key safely. In many communication protocols, this is carried out without any security procedure or the challenge has been left to the application developer to solve. If an adversary receives this first insecure message, the security of the whole network is threatened. This is a very serious security problem especially in wireless and dynamic systems such as KILAVI where new off-the-shelf devices are attached to the system. KILAVI contains special security procedures to authenticate new devices safely into the system with easy and fast registration. For encryption, KILAVI uses the RC5 algorithm in a counter (CTR) mode. The length of encrypted and plain messages is the same due to the counter mode, an important quality when minimizing the power consumption in wireless data transfer. 1 Index Terms — Security, Key management, Sensor networks, Building automation.
I. INTRODUCTION Wireless systems are the most convenient method of communicating in home automation networks [2]. On the other hand, wireless communication causes many challenges related to data security and there are many passive and active threats. An attacker for instance, can listen to a used communication channel and capture possibly sensitive information. Normally, security threats must be situated in the vicinity of the building, because used transmit powers are about 1-10 mW (range up to 10 m). The utilization of sensors in systems such as homes requires mechanisms that ensure the authenticity, integrity and confidentiality of the transmitted data. A pairwise key establishment enables security services to achieve secure communication between the nodes. 1
This work was supported by Tekes and European Regional Development Fund (ERDF) under ILTa project. H. Sikkilä is with the TUT Rauma Research Unit, 26100 Rauma, Kalliokatu 2, FINLAND (e-mail:
[email protected]). M. Soini is with the Tampere University of Technology (TUT) Rauma Research Unit, Kalliokatu 2, 26100 Rauma, FINLAND (e-mail:
[email protected]). P. Oksa is with the TUT Rauma Research Unit, Kalliokatu 2, 26100 Rauma, FINLAND (e-mail:
[email protected]). L. Sydänheimo is with the TUT Rauma Research Unit, Kalliokatu 2, 26100 Rauma, FINLAND (e-mail:
[email protected]). M. Kivikoski is with the Tampere University of Technology, Electronics Institute, 33101 Tampere, FINLAND (e-mail:
[email protected]).
1-4244-0216-6/06/$20.00 ©2006 IEEE
However, the resource constraints of sensor nodes make it unfeasible to use traditional pairwise key establishment techniques such as public key cryptography. Instead, methods which are suitable for tiny hardware platforms are needed. When using symmetric crypto systems, the biggest problem is the key pre-distribution. Unfortunately many developed schemes and solutions are quite complex and impractical [13], [14]. Home automation is an application field which needs simple and secure techniques. This paper presents security systems for the KILAVI communication protocol which has been developed for low-power and low data rate wireless communication in a building environment. The rest of this paper is organized as follows. The next section presents the KILAVI communication protocol and security threats in sensor networks. Section III concentrates on the design requirements of the security system. Section IV introduces used notation. Section V introduces the RC5 algorithm. Section VI presents a KILAVI security system and summarizes it. Section VII proposes a related piece of work. II. WIRELESS SENSOR NETWORKS IN THE BUILDING ENVIRONMENT
A. KILAVI Protocol The KILAVI communication protocol offers a wireless communication interface for all kinds of control and measurement devices in a building environment [2]. A KILAVI network links together building control and monitoring applications into an intelligent self-configurable system that can be easily controlled and monitored by the consumer through wireless and wired interfaces either locally or remotely. A KILAVI network consists of master (MN), intermediate (IN) and sensor nodes (SN). MN manages communication in the network, handles security issues, carries out node registration, and initiates the device control and monitoring tasks. Intermediate nodes are sensor/control nodes with data relaying capability that may be used to implement a multi-hop network. Power scarce sensors are primarily kept in the sleep state to minimize power consumption. Sensors wake up only to transfer or query data. To keep nodes simple and communication overhead light, INs do not need information about the network infrastructure. INs make a decision based on the received message structure whether they should forward, store or
decline the message. Other important KILAVI properties presented are dynamic new node attachment and the reconfiguration of the network. Network reconfiguration takes place if there is a node failure or network operability can be optimized to, for example prevent network congestion or power scarce node failure. B. Security threats in sensor networks Naturally there are the same security challenges in wireless networks as in wired. In addition, wireless communication entails many other difficulties related to data security. The broadcast nature of wireless communication messages makes the wireless medium intrinsically insecure due to the possibility of eavesdropping, the denial of service attacks, middleman intrusion and other types of attacks to the network. A sensor network needs a security system that can maintain the secrecy, authenticity, integrity and freshness of messages [5]. Sensor networks are subjected to many limitations compared with other networks. The limited computation and power resources of the sensor often make it impractical to use public key cryptosystems, such as Diffie-Hellman key agreement [15] or RSA signatures [16]. On a Palm Pilot, for example, the generation of a signature with a 1024 bit RSA key requires approximately 36 seconds [17]. Sensor nodes are vulnerable to physical capture. Nodes may be situated in places where somebody can access them and it is very difficult to make them tamper-resistant [13]. Furthermore, many resources, such as memory, bandwidth and transmission power, are limited and incur many limitations for example to cryptographic keys and algorithms [13], [14]. III. DESIGN REQUIREMENTS From a security viewpoint, wireless home automation is a very interesting application area. Many operations need strong security and yet energy and performance resources are limited. This is typical for sensor networks and approved designs from this area are used [1], [3], [11]. A. New device registration Typically, the biggest challenge in all symmetric security systems is how to exchange the initial encryption key safely. In many communication protocols, this is carried out without any security procedure or the challenge has been left to the application developer to solve [3], [8]. If an adversary receives this first insecure message, the security of the whole network is threatened. This is a very serious security problem especially in wireless and dynamic systems such as KILAVI where new off-the-shelf devices are attached to the system. One solution to this problem is to exchange the primary key through physical contact [5]. KILAVI contains special security procedures to authenticate new devices safely into the system with easy and fast registration. In practice, this means that a new device receives a primary key from the registering device
(RD) that is synchronized with the network master node. This means that communication in the new network is immediately secure. B. Data confidentiality A wireless home automation network should not leak sensor readings or other information to neighbouring networks or adversaries. In many applications, nodes communicate with sensitive messages. A very common approach to prevent sensitive data from falling into the wrong hands is to encrypt the data with symmetric cryptography. In this case data is encrypted and decrypted with the same secret key. KILAVI uses the RC5 encryption algorithm in a counter (CTR) mode. In KILAVI it is also possible to use only MAC (Message Authentication Code) for authenticity and integrity checking without encryption. RC5 is patented by RSA Security, valid in US. However, RC5 is easily replaced with other block ciphers like MISTY1, Rijndael or Skipjack. MISTY1 in particular can be a good choice for the home automation environment [18]. C. Message authentication and integrity History has proven that using encryption without authentication is insecure [8]. Data authentication allows a receiver to verify that the message really was sent by the claimed sender. Integrity allows a receiver to verify that the message was not altered by an adversary. Integrity is also achieved through data authentication, which is a stronger property. In the one-to-one communication case, message authentication and integrity are provided by including a message authentication code (MAC) with each packet. When a message with the correct MAC arrives, the receiver knows that it must have been sent by the sender. This style of authentication cannot be applied to a broadcast setting. Authenticated broadcasts are not important in the KILAVI network, so this paper does not contain a solution to the problem. D. Data freshness and replay protection Nodes in home automation networks send measurements and controls over time, so it is important to know that each message is fresh. Data freshness implies that the data is recent, and ensures that no adversary has replayed old messages. As mentioned before RC5 in CRT-mode is used and this offers data freshness and replay protection. E. Performance A system using cryptography will incur extra demands on the processor and memory as well as increased overhead in the length of messages sent. These factors must be minimized in order to ensure that the network remains usable. Increased message length decreases power consumption and reduces operating time.
F. Ease of use A system developed for home automation must be very easy to use. Use must not become more complicated due to security reasons. Furthermore, application development must stay sufficiently simple. APIs must be the same as normal, security parameters and the entire system must be simple enough to use and understand. Transparency is a crucial player in the design procedure.
implementations in [18]. TABLE 1. PARAMETERS OF THE RC5 [1]. Parameter
Description
w
The word size, in bits. The standard value is 32 bits; allowable values are 16, 32, and 64. RC5 encrypts a two-word block so that the plaintext and ciphertext blocks are each 2w bits long. The number of rounds. Allowable values of r are 0, 1, …, 255. The number of bytes in the secret key K. Allowable values of b are 0, 1, …, 255.
r
IV. NOTATION
b
The following notation is used to describe security protocols in this paper. D1 | D2 C IDA K
denotes the concatenation of data D1 and D2. is 32 bits long counter value. is the 32 bits long identity of node A. denotes the primary key which is delivered via special registration device (RD). Ke denotes the symmetric encryption key which is shared between two nodes. Kmac denotes the symmetric MAC key which is shared between two nodes. MACK[M] is the MAC (message authentication code) of message M created by key K. is the encryption of message M by key K. {M}K is a nonce generated by node A. A nonce is a NA one time random bit-string. V. RC5 ALGORITHM A. Features The RC5 encryption algorithm is a symmetric block cipher designed by Professor Ronald Rivest of MIT and first published in December 1994 [10]. The RC5 is analyzed by RSA Laboratories [9]. It is a parameterized algorithm, with a variable block size, a variable number of rounds, and a variable-length secret key, so the user can explicitly manipulate the trade-off between higher speed and higher security. RC5 is suitable for hardware or software implementations; the encryption and decryption algorithms are exceptionally simple. Encryption is based on only three operations: additions, XOR (exclusive-or), and rotation. Another distinguished feature of RC5 is the heavy use of data-dependent rotations [1]. B. Parameters RC5 is a parameterized algorithm, and it can be presented as RC5-w/r/b [1]. Parameters are shown in Table 1. RC5 is not intended to be secure for all possible parameters value [1]. On the other hand, choosing too large parameter value would delay execution in vain. C. Implementation The description of the encryption and key expansion algorithm is given in the pseudo-code, for example, in [1]. It is recommended to use as much existing source code as possible. Lav, Doumen, and Hartel have evaluated different
VI. KILAVI SECURITY SYSTEM This section represents how KILAVI security system realizes security requirements given in the section 3. Designed architecture is simple because intermediate nodes (IN) do not need to handle messages and keys are between end points. A. Security levels KILAVI includes three different security levels (A-C) shown in Table 2. When a system has flexible security, it is possible to design devices which operate with minimum energy consumption. TABLE 2. KILAVI SECURITY LEVELS. Level
MAC
Encryption
Comments
A
yes
yes
B
yes
no
C
no
no
Offers maximum security. This level is used to transmit private data. Offers adequate security to most applications without data encryption. No security. The simplest devices, e.g. power-scarce sensor nodes (SNs), use this level.
Level A offers maximum security, data is encrypted and message authentication and integrity is checked with MAC. Message confidentiality is necessary only when there is something to keep secret. So, security level B offers only authentication. Level C does not offer security at all. B. Secure device registration Secure primary key distribution. Typically the biggest challenge in all symmetric security systems is how to exchange the initial encryption key safely. If an adversary receives this first insecure message, the security of the whole network is threatened. KILAVI uses the special registration device (RD) on the initial key exchange and the secure registration. The whole process is shown in Fig. 1.If security is not required, the new device registration occurs without the RD and all communication is insecure in this case. The primary key distribution starts when the registration device (RD) is connected to the master node (MN). The MN generates n pieces of primary keys and keys are copied to the memory of the RD via serial cable or e.g. IrDA-interface (Infrared Data Association) (A). After that the RD is
plugged into the new device, which receives one primary key and the key is removed from the memory of the RD (B). If using IrDA, RD works like a remote-control. When the primary key is delivered successfully, nodes can send and receive registration messages authenticated with primary key K (C). It is possible to register n pieces of nodes after RD synchronization, after which new synchronization is needed.
C. Key exchanging The encryption key Ke and the MAC key Kmac can be derived from the primary key K by using the Challenge and Response protocol (C&R) [6]. C&R is a simple protocol that can authenticate and negotiate keys in an ad hoc scheme. Key exchanging also makes possible the use of shared primary keys [6]. First MAC key Kmac was obtained by means of the secure registration process above. Key exchanging procedure (Fig. 3) is started by MN when necessary.
Message M1 Fig. 1. The primary key exchanging and the secure registration process.
Key set-up. Our key set-up is based on a primary key K, safely shared by the master node and the network node (IN or SN). Because using the same encryption key for a long time may incur a cryptanalytic risk [7], KILAVI security system uses two different keys and a special key exchanging system to increase security. MAC key Kmac is used to calculate message authentication codes and the encryption key Ke is used to encrypt messages. Both keys are derived from the primary key K. The key derivation process is presented in the next section. The primary key K is used only in registration and key exchanging processes. There is one primary key Ki per node Mi. Shared primary keys are essentially acceptable, but reduce security. Thus MAC and encryption keys are always node-specific. Secure registration process. A secure registration process starts when a new node has received a primary key K from the registration device (RD) and the master node (MN) is set to the registration mode. The procedure is shown in Fig. 2.
Type Contents Registration Request IDB | ID A | NA Registration IDA | IDB | NA | NB | MACK [ID A | Challenge IDB | NA | NB] M3 Registration IDB | ID A | NB | MACK[IDB | ID A | Response NB] M4 Registration IDA | IDB | NA | MACKmac[ID A | IDB Confirmation | NA] 1 M5 Registration IDB | ID A | NB | MACKmac[IDB | ID A Acknowledgement | NB] 1 Fig. 2. Secure registration process. 1 Kmac = MACK [N A | NB]
M2
Type Key Request (Ke or Kmac) Key Challenge
Contents IDB | ID A | NA
IDA | IDB | NA | NB | MACKmac[ID A | IDB | NA | NB] M3 Key Response IDB | ID A | NB | MACKmac[IDB | ID A | NB] Fig. 3. Key negotiation protocol of the KILAVI security system. Ke (or Kmac) = MACK[NA | NB]
Node A first sends a request message (M1) to node B. Node B replies with a message (M2) as a challenge to node A. When node A receives this message, it proves its authenticity by sending the message (M3) back to node B. The result of this procedure is encryption key Ke or MAC key Kmac which is derived only from random numbers generated by node A and B. The key type appears from the message type. Both keys are only between node A and node B. D. RC5 in the counter mode To achieve freshness and other good properties, KILAVI uses a counter mode (CTR) of the RC5 algorithm, described in Chapter III. In addition CTR-mode is especially suitable for dynamic systems such as KILAVI because of good resynchronization properties [18]. Due to the counter, the same plaintext produces different ciphertext at different times. CTR-mode also makes it possible to use the same function for both encryption and decryption [3], shown in Fig. 4.
Message M1 M2
Messages M2 and M3 are used to authenticate a new device and messages M1, M4, and M5 constitute an actual registration process. After the process, a new node is hooked up and ready for secure operation. Another result of the registration procedure is the first MAC key, which is used in later MAC calculations.
Fig. 4. Encrypting and decrypting in CTR-mode.
Code space is saved because the cipher does not need a decryption function at all. More importantly, the cipher in CTR-mode works as a stream cipher and thus encrypting does not increase the size of the messages. This is a significant issue because data transmission and reception is very expensive in terms of energy. Block ciphers in counter mode use sequence numbers C
as the input to the algorithm (Fig. 4). Nodes sustain counters which are increased by some constant, typically one after each block encryption. In order that message decryption is possible, the counter values of the receiver and the sender must be synchronized. Counter values are encrypted to produce the key stream, which are XOR-ed with the plaintext to produce the ciphertext. For decryption, the ciphertext is XOR-ed with the key stream to produce the plaintext. In this way, the same function is used for both the encryption and decryption process and cipher does not increase the size of the messages. The reference [12] summarizes the advantages of CTR. − High speed implementation. CTR is fully parallelizable and also pre-processing can be used to increase speed. − Simplicity. With CTR-mode, both encryption and decryption depend only on the encrypting algorithm. An inverse function need not be implemented. − Arbitrary length of the messages. − The low rate of error propagation. Compared with other algorithm modes [11], advantages can be achieved naturally and without weakening security. E. Counter synchronization Encrypting and decrypting in CTR-mode requires synchronized counters for proper operation. The synchronization procedure is shown in Fig. 5.
Message M1 M2 M3
Type Contents Ctr Request IDB | ID A | C Ctr Reply IDA | IDB | C | MACKmac[IDA | IDB | C] Ctr IDB | ID A | NA | MACKmac[IDB | ID A | NA] Confirmation Fig. 5. Counter synchronization procedure.
First node A sends a new counter value C with a request message (M1) to node B. Node B replies with a message (M2) to node A. Node A checks that MAC is calculated properly. Node A sends confirmation by message (M3) to node B and finally node B checks the authentication code. F. MAC-function A secure message authentication code is needed as discussed in chapter III. Limited code space of sensor nodes is saved by re-using the block cipher when realizing MACfunction [3]. KILAVI uses the well-known and wellunderstood CBC-MAC shown in Fig. 6. CBC-MAC is calculated from the invariable message fields which are divided into blocks (x1, x2, …, xn). The size of each block is determined from the size of the MAC-code. If the last block (xn) is shorter than the others, it is zero expanded to the same length. Blocks are inputted to the block cipher one at a time and the first one is called block x1. The encrypting key is primary key K. The result of the first encrypting cycle is XOR-ed with block x2 and this is inputted to the block
cipher again. The process continues until all blocks are examined. The output of the last stage serves as the authentication code.
Fig. 6. CBC-MAC. The output of the last stage serves as the authentication code.
G. Summary RC5 includes two interesting features. The first one is the heavy use of data-dependent rotations. Analysis shows that rotations are helpful for preventing differential and linear cryptanalysis [9]. The second feature is the simplicity of the cipher and this makes analysis easier. Choosing the right parameters RC5 can offer good security. RC5 with 12 rounds and 32-bit word size gives roughly the same security as DES [9]. Nominal choices of parameters are RC5-32/12/16 [1]. A summary of the KILAVI security system with RC5 is presented in Table 3 below. TABLE 3. SUMMARY OF THE KILAVI SECURITY PARAMETERS. RC5, CTR-mode Encrypting algorithm 32 bits (4 bytes) Word size (w) 64 bits (8 bytes) Block size (2w) 12 The number of rounds (r) 128 bits (16 bytes) Key length (b) 32 bits (4 bytes) Counter length 32 bits (4 bytes) MAC length
The word size w is 32-bit. As discussed in Chapter V, values 16, 32 and 64 are possible. Because in this kind of environment, nodes have limited resources, a 16-bit word size can be well-designed too. The value 64 is too high for this application. The number of rounds r is a second parameter of RC5. KILAVI uses the value 12. Choosing a larger number of rounds presumably provides an increased level of security, but as seen [1], it also increases memory usage and execution time. The key length is a third parameter of RC5. This flexibility allows a trade-off between speed and security. KILAVI uses value 128, which is adequate for home automation applications. A natural choice for the counter length is 32 bits. The value is not transmitted with messages, so the only important thing is that the counter value does not repeat. A 32-bit counter offers enough different values. The security of CBC-MAC is directly related to the length of the MAC and a suitable value is 32 bits [8]. VII. RELATED WORK This section proposes some systems which realize security for wireless sensor networks.
TinySec is a security layer developed for wireless sensor networks. This is a generic security library that applications developers can easily integrate into their applications of sensor networks. ZigBee is a high level communication protocol designed to use digital radios based on the IEEE 802.15.4 standard [19]. ZigBee has been designed for various applications requiring low data rates and low power consumption and it is not necessarily the best choice in the home automation field. SPINS is a well-known security suite for sensor networks [3] and it includes two protocols, SNEP (Sensor Network Encryption Protocol) and µTESLA. SNEP provides confidentiality, authentication and freshness whereas µTesla provides authenticated broadcast. Although SNEP is quite close to our work, it is unfortunately a little incomplete and e.g. key-pre-distribution is not implemented. Key-distribution schemes for wireless home automation networks are found in [13], [14]. Evaluation of different protocols and comparison of block ciphers are found in [18], [4].
[13] H. Chan, A. Perrig, and D. Song, “Random Key Predistribution Schemes for Sensor Networks,” in Proceedings of the 2003 IEEE Symposium on Security and Privacy, pp. 197-213, May 2003. [14] M.G. Sadi, D.S. Kim, and J.S. Park, “GBR: Grid Based Random Key Predistribution for Wireless Sensor Network,” in Proceedings of the 11th International Conference on Parallel and Distributed Systems, pp. 310-315, July 2005. [15] W. Diffie and M.E. Hellman, “New Directions in Cryptography,” IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644645, November 1976. [16] R.L. Rivest, A. Shamir, and L.M. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communication of the ACM, Vol. 21, No. 2, pp. 120-126, February 1978. [17] M. Brown, D. Cheung, D. Hankerson, J. L. Hernandez, M. Kirkup, and A. Menezes, “PGP in Constrained Wireless Devices,” in Proceedings of the 9th USENIX Security Symposium, August 2000. [18] Y.W. Law, J. Doumen, and P. Hartel, “Benchmarking Block Ciphers for Wireless Sensor Networks,” in IEEE International Conference on Mobile Ad-hoc and Sensor Systems, pp. 407-456, October 2004. [19] ZigBee Alliance. ZigBee specification, versio 1.0. ZigBee Standards Organization, 205. 378 pp.
REFERENCES
Mikael N. K. Soini (S´03) was born in Uusikaupunki, Finland, on November 23, 1979. He received his M. Sc. degree in electronics from Tampere University of Technology (TUT), Tampere, Finland, in 2002. He is currently Research group manager at TUT, Institute of Electronics, Rauma Research Unit. His research interests are focused in the area of wireless data communication.
[1]
R.L. Rivest. (1997, March). The RC5 Encryption Algorithm. MIT Laboratory for Computer Science. [Online]. Available: http://theory.lcs.mit.edu/~rivest/Rivest-rc5rev.pdf [2] M. Soini, H. Sikkila, L. Sydanheimo, and M. Kivikoski, ”KILAVI Wireless Communication Protocol for the Building Environment – Network Issues,” in Proceedings of the 10th IEEE International Symposium of Consumer Electronics (ISCE2006), St. Petersburg, Russia, June 29-July 1, 2006. [3] A. Perrig, R. Szewczyk, V. Wen, D.Culler, and J. D. Tygar, “SPINS: Security Protocols for Sensor Networks,” in 7th Annual ACM International Conference on Mobile Computing and Networks (MobiCom 2001), pp. 189-199, July 2001. [4] G. Guimaraes, E. Souto, D. Sadok, and J. Kelner, “Evaluation of Security Mechanisms in Wireless Sernsor Networks,” in Proceedings of the System Communications 2005, pp. 428-433, August 2005. [5] A. Wacker, T. Heiber, and H Cermann, “A Key-Distribution Scheme for Wireless Home Automation Networks,” in Consumers Communications and Networking Conference, pp. 47-52, January 2004. [6] A.J. Menezes, P.C. van Oorschot, and S.A. Varstone, Handbook of Applied Cryptography. CRC Press, 1997. [7] G. Jolly, M.C. Kuşçu, P. Kokate, and M. Younis, “A Low-Energy Key Management Protocol for Wireless Sensor Networks,” in IEEE International Symposium on Computers and Communication, pp. 335340, 2003. [8] C. Karlof, N. Sastry, and D. Wagner, “TinySec: A Link Layer Security Architecture for Wireless Sensor Networks,” in Proceedings of the Second ACM Conference on Embedded Networked Sensor Systems, November 2004. [9] B.S. Kaliski and Y.L. Yin. (1998, September). On the Security of the RC5 Encryption Algorithm. RSA Laboratories Technical Report TR602 Version 1.0. [Online]. Available: http://grc.com/r&d/rc5report.pdf [10] R.L. Rivest, “The RC5 Encryption Algrotihm,” in Proceedings of the 2nd Workshop on Fast Software Encryption, pp. 86-96, 1995. [11] B. Schneier, Applied Cryptography: protocols, algorithms, and source code in C, 2nd Ed. United States of America: John Wiley & Sons, Inc., 1996. [12] H. Lipmaa, P. Rogaway, and D. Wagner. (2000). Comments to NIST concerning AES Modes of Operations: CTR-Mode Encryption. Symmetric Key Block Cipher Modes of Operation Workshop. [Online]. Available: http://www.cs.ucdavis.edu/~rogaway/papers/ctr.pdf
Hannu M. Sikkilä was born in Alajärvi, Finland, on October 20, 1982. He works currently towards the M. Sc. degree and acts as Research assistant at TUT, Institute of Electronics, Rauma Research Unit. His research interests are focused on embedded systems and secure data transfer for home environment.
Petri T. Oksa was born in Pori, Finland, on September 1, 1972. He received the M.Sc. in electrical engineering from Tampere University of Technology (TUT), Pori, Finland, in 2005. He is currently a researcher at TUT, Institute of Electronics, Rauma Research Unit. His research interests are in the field of wireless data transmission for building environments. Lauri T. Sydänheimo was born in Tampere, Finland, on February 19, 1959. He received the M.Sc. and Doctor of Technology degrees in electrical engineering from Tampere University of Technology (TUT), Tampere, Finland, in 1997 and 2005, respectively. He is currently a Senior Researcher at TUT, Institute of Electronics, Rauma Research Unit where he runs day-to-day operations. His research interests are focused on wireless data communication and radio frequency identification. Markku Kivikoski (S´77-M´82) was born in Tampere, Finland, on May 13, 1952. He received the Diploma Engineer (M.Sc.), the Licentiate of Technology, and the Doctor of Technology degrees in electrical engineering from Tampere University of Technology (TUT), Tampere, Finland, in 1976, 1980, and 1985, respectively. From 1976 to 1984, he was Assistant, Head Assistant, Research Scientist, Laboratory Engineer, Senior Research Scientist, and acting Associate Professor at TUT. From 1984 to 1988, he was R&D Manager, Head of Section, and Technical Director with Hollming Ltd. Electronics. From 1988 to 1994, he was at Technical Research Centre of Finland (VTT) Professor and Director of Machine Automation Laboratory, and Research Professor and Head of Machine Automation Research. In 1994, he was appointed by invitation to the Professor Chair of Industrial Electronics with TUT. Since 1996 he has also been Head of Institute of Electronics at TUT. In 1998, he became the Head of Department of Electrical Engineering, and further in 2002, he was elected the Vice Rector, TUT. From 2001 to 2003 he has served on the Research Council for Natural Sciences and Engineering, the Academy of Finland. His research interests include wireless data transfer for industrial environment, electromagnetic compatibility, embedded real-time systems, and mechatronics.
