Module: IoT Systems Security Module code: UFCF8P-15-M1Assessment Specification DocumentLightweight Authentication System for Micro:Bit IoT DeviceModule AssessmentTable 1 summarizes the module assessment component and their respective ratios.Table 1: Module Assessment Weighting percentage between componentsComp A: 60Comp B: 40Comp A: E-portfolioElement WeightA.1 Individual E-portfolio24% (40% of the component, i.e., 24 out of 60)A.2 Group Work (Demo and E-portfolio)36% (60% of the component)Comp B:Element WeightGroup Presentation40 (100% of the component) SpecificationAs shown in Table 1, this is related to component A.2 of the module assessment and contributesto 36% of the module final mark. The aim is to implement and demonstrate a lightweight IoTdevice authentication system using a pair of Micro:bits. Those devices have been provided foreach student by the University. This is a group assessment, in which you are going to work ingroups of 3. However, each student will need to provide an individual submission onBlackboard (BB) that illustrates the whole work and the individual contribution. Further detailson group arrangements will be discussed during the teaching sessions. Working on thisassignment will help you to understand concepts of IoT security, programming for embeddedModule: IoT Systems Security Module code: UFCF8P-15-M2systems and IoT devices using the C programming language. It will also help you developcommunication and team working skills, as invaluable transferable skills in your future careers.For this task, you need to implement an authentication system and encrypted datacommunication between two Micro:bits using either the proprietary radio communication(uBit.radio), or Bluetooth Low Energy (BLE). This includes the following steps:1. Define 3 ‘commands’, and a single PIN code that should be shared by the two devices. Noticethat PIN code here just refers to a shared secret code, not necessary a code to be typed in. Youmay simply define the PIN inside your code and you do not have to require typing them (hardcoded PIN). You are free to choose the format and the size of the PIN. A ‘command’ here isdefined as any action that can be performed using a Micro:bit device, or simply launched by itand executed by another device (e.g., a computer connected to it). Using the first Micro:bit(sender), the user can select the command using the Micro:bit buttons and your system shouldencrypt the command with AES (aes_enc) and transmit the it to the other Micro:bit.2. The second Micro:bit (receiver), should be able to receive the encrypted message, decrypt it(aes_dec), and then authentically identify the “command” and execute it.More precisely, you should implement the following simple protocol:Sender• Generate a random salt.• Generate a data protection key, using the shared pin and salt as follows:dpk=sha256(pin+salt). pin+salt here refer to any combination function of your choice ofpin and salt such as arithmetic addition, string appending (concatenation), etc.Module: IoT Systems Security Module code: UFCF8P-15-M3• Use AES to encrypted the command cipher=aes_enc(command, dpk). The command hereis the message that identify the command. It is up to you to define its format if needed,and any parameter may also be included if needed.• Send the (cipher, salt) to the receiver Micro:bit via radio or BLE.Receiver• Receive cipher and salt.• Generate a data protection key, using the shared pin and salt, dpk=sha256 (pin+salt).• Decrypt the cipher, command=aes_dec(cipher, dpk).• Run the command.The commands to be implemented are open to your choice, based on the functionality offeredby the Micro:bit. You may use the Micro:bit LED display, or display on a computer screen usingthe device serial port. However, you are strongly encouraged to design more elaboratecommands. It is important that any commands you implement can be demonstrated in thedemo. Be creative.NB: A single AES block should be sufficient to fit your commands. In all cases, you are not askedto use any AES inter block dependency mode (AES-ECB is enough).DeliverablesThe deliverable of this part of the assessment is the group portfolio, which includes.• A 5-minute video that illustrates all the functionality of your system. Please use a common crossplatform video format for this (e.g., MP4).• All source code files should be provided, clearly organised and commented.Module: IoT Systems Security Module code: UFCF8P-15-M4• A README document that briefly describes your system, the commands, format of messages, etc.(maximum 500 words).• “My-contribution” document: A document including a very short paragraph (max 200 word),describing your individual contribution. This is the only component of the submission that differsbetween group members. Otherwise, all members of a group should submit exactly the samedocuments for to this part of the assessment. Please use standard formats (.doc, text, or .pdf).Please submit your documents as a single zip file on BB, and name it using the following format:your-name_your-group-number.zip, where your-name and group-number refer to your surnameand assessment group number respectively.NB: Although this is a group work, please notice you need to submit individually on BB. Pleasecoordinate, be synchronized, and make sure all the group members submit exactly the samedocuments for this part (except the “my-contribution” document). In case of any problem in agroup, please let us know ASAP, don’t wait until the submission deadline. Please also notice it isvery important you accurately submit the version of the code that you use in the demo.Marking CriteriaTable 2 describes the different marking criteria. By functionality, it is meant to clearly show thatthe authentication system enables the sender to send the commands and the receiver torecognize and run them, no matter how simple the commands are.Your demo should demonstrate that upon launching the command from the sender, it will bereceived on the other side and the appropriate command is executed. It is obvious that thecommand should be encrypted and decrypted using the scheme given above. You may not beable to show all this encryption details in the demo, but your docs, source code, and presentationlater on will reflect this. If you decide to go for more elaborated commands, you may associate itwith a very simple display (at the receiver) upon recognizing the command, e.g., displaying theModule: IoT Systems Security Module code: UFCF8P-15-M5command number. This will allow you to maximize the points related to functionalityindependently from the progress on the elaborated commands.You will need to submit your work via Blackboard by Thursday 6th May 2021.Table 2: Marking Criteria 0-45-89-1213-18Functionality:out 18 points.Hash code maybesuccessfullycalculated at thesender but themessage notencrypted.Both hashfunction andencryptionsuccessful, butnot thecommunication.All done from thesender.Communicationimplemented but thereceiver cannotdecrypt the message.All theauthenticationprocess completedand the commandsare executed.0-34-67-910-12Commandsdesign: out of12 points.Very elementarycommands (e.g.,simple display).One of thecommands ismore advanced.two of the commandsare more advanced.All commands areadvanced.0-23-45-6InternalDocumentation:out of 6 points.Little orInconsistentdocuments.Internal documentation consistent andproperly describing the solution.Outstanding Internaldocumentation.
