the internet of things: messaging protocolscs.unibo.it/projects/iot/sessionprotocols.pdf · 2018....

TheInternetofThings:MessagingProtocols

[email protected]

MASTERDEGREEINCOMPUTERSCIENCEDEPARTMENTOFCOMPUTERSCIENCEANDENGINEERING,UNIVERSITYOFBOLOGNA,ITALY

[email protected]

Coursewebsite:h8p://www.cs.unibo.it/projects/iot/

2

IoTProtocolStack

THEINTERNETOFTHINGS:MESSAGINGPROTOCOLS L.BONONI,M.DiFELICE,DEPARTMENTOFCOMPUTERSCIENCEANDENGINEERING,UNIVERSITYOFBOLOGNA,ITALY

3

IoTProtocolStack


IEEE802.3 IEEE802.11 IEEE802.15 IEEE802.16 OTHERS

IPv4andIPv6+6LoWPAN

TCP UDP

MQTT CoAP AMQP HTTP OTHERS

PHY/MACPROTOCOLS

NETWORKPROTOCOLS

TRANSPORTPROTOCOLS

MESSAGINGPROTOCOLS

4

IoTMessagingProtocols


² Session/ApplicaWonLayerProtocols1.  ProvidingtheabstracXonof“message”(elementaryunitofdata

communicaXonamongIoTend-points).2.  ProvidingprimiWvesfordatacommunicaWon/messageexchange

totheupper-layerIoTapplicaXons.3.  ImplemenXngspecificnetworkingparadigms(e.g.publish-subscribe

orrequest-response).4.  ProvidingaddiXonalreliabilityorsecuritymechanisms.5.  SomeXmesadaptaXonofpre-exisWng(notnaXvelyM2M)soluWons

5



² Session/ApplicaWonLayerProtocols…WHICHprotocols?

Ø  HTTPØ  MQTTØ  CoAPØ  AMQPØ  XMPP(notcoveredhere)Ø  DDS(notcoveredhere)Ø  …

WewilltalkmoreaboutHTTPforM2McommunicaXonslaterinthiscourse(whendiscussingabouttheWebofThings).Inanycase,itcannotbe

consideredanIoT-naXveprotocol…

6

TheMQTTProtocol


² MessageQueuingTelemetryTransportProtocol(MQTT)²  LightweightmessagingprotocoldesignedforM2M(machineto

machine)telemetryinresource-constrainedenvironments.²  ProposediniXallybyAndyStanford-Clark(IBM)andArlen

Nipperin1999forconnecXngOilPipelinetelemetrysystemsoversatellite.

²  ReleasedRoyaltyfreein2010andasOASISstandardin2014² MQTT(currentspecificaXon3.1/3.1.1)² MQTTforSensorNetworks(MQTT-SN)

7

TheMQTTProtocol


² TheMQTTprotocolimplementsapublish-subscribemessagingmechanism,involvingthreemainactors:²  Publishersàproducedataandsendthemtoabroker.²  Subscribersàsubscribetoatopicofinterest,andreceive

noXficaXonswhenanewmessageforthetopicisavailable.²  Brokeràfilterdatabasedontopicanddistributethemto

subscribers.

ONE-TO-MANYCOMMUNICATION

BROKER

PUBLISHER

SUBSCRIBER1

SUBSCRIBER2

PUBLISH

SUBSCRIBE

SUBSCRIBE

{CLIENTs

8

TheMQTTProtocol


BROKER

PUBLISHER

SUBSCRIBER1

SUBSCRIBER2

PUBLISH

SUBSCRIBE

²  Atopicdefinesthemessagecontext(e.g.temperaturedata).²  NodirectcommunicaWonbetweenclients(thedatamessagesare

alwaysforwardedviathebroker).²  Rolesarepurelylogical:thesamedevicecanserveasPublisher

(onatopic),andSubscriber(onadifferenttopic).

ARCHITECTURALREMARKS

SUBSCRIBE

9

TheMQTTProtocol


² MQTTControlPacketFormat

FIXED VARIABLE PAYLOAD

FixedHeader(only2bytes!) OpXonal,variablesize

OpXonal,binaryencoded,variablesizeupto256MB

²  TheFIXEDheadercontainsthepackettype,thesizeofthepayload,andthelevelofQualityofService(seenextslides).

14differentcommands:

CONNECT,CONNACK,PUBLISH,PUBACK,PUBREC,PUBREL,PUBCOMP,SUBSCRIBE,SUBACK,UNSUBSCRIBE,

UNSUBSCRIBEACK,PINGREQ,PINGRESP,DISCONNECT

10

TheMQTTProtocol


² MQTTControlPacketFormat

FIXED VARIABLE PAYLOAD

²  TheVariableheadercontainstheaddiXonalparametersbasedonthecommandtype.Forinstance,theheaderofthePUBLISH/SUBSCRIBEmessagecontainstheTOPICfield.

²  TheTOPICisastringfield,withoutaspecificformat,justnamingconvenWons(see[1]).

topic=temperature

topic=temperature/kitchen/ topic=temperature/kitchen/sensor1

PLAINNAMING

HIERARCHIALNAMING(TOPICNAME+TOPICFILTER)

11

TheMQTTProtocol


² MQTTisbuiltontopoftheTCPprotocolØ  In-orderdelivery,connecXon-oriented,ACKeretranmissions.Ø  ..butalsolongerTSPheadersizeandhighercomplexity.Ø  MQTT-SNàusesUDP,supportstopicIDs(insteadofnames).

²  MQTTkeepstheTCPconnecXonbetweenaclientandabrokeropenaslongaspossible,bymeansofPINGREQmessages.

CONNECT

CONNACK

PINGREQPINGRESP

PUBACK

PUBLISH…. ….

OPENTHECONNECTION

KEEPTHECONNECTIONOPEN

PUBLISHDATAPUBLISHER BROKER

12

TheMQTTProtocol


² DespiteusingTCP,MQTTmessagescansWllbelost…1.  TCPguaranteesdeliveryonasinglelink(agentàbroker,orviceversa),

whataboutpublisheràsubscriberdelivery?2.  Whataboutifthereceiveristemporarilydownwhileasenderis

a8empXngtosendamessage?

² MQTTclientscanrequestthreelevelofQualityofService(QoS)tothebroker:² QoSLevel0(fire&forget)àdefaultQoSlevel,clientsdonotstoremessagesanddonotreceiveACKsfrombroker,samedeliveryguaranteesthanTCP.² QoSLevel1(deliveratleastonce)àseenextslide(10)² QosLevel2(deliverexactlyonce)àseenextslide(11)

13

TheMQTTProtocol


² MQTTQoSLevel1(Deliveratleastone)

MQTTTutorial:h8p://www.steves-internet-guide.com/understanding-mq8-qos-levels-part-1/

1.  Theclientsendsamessageandwaitsforanacknowledgement(PUBACK)fromthereceiver.

2.  IfthePUBACKisreceived,theclientdeletesthemessagefromtheoutboundqueue.

3.  Otherwise,itresendsthemessageatregularintervalwiththeDUPflagsetto1,WllaPUBACKisreceived.

ThereceivermightreceivethesamedatamulWpleWmes!

14

TheMQTTProtocol


² MQTTQoSLevel2(Deliverexactlyonce)

MQTTTutorial:h8p://www.steves-internet-guide.com/understanding-mq8-qos-levels-part-1/

1.ThesendersendsamessageandwaitsforanACK(PUBREC)2.ThereceiversendsaPUBRECmessage3.Ifthesenderdoesn’treceiveanACK(PUBREC)itwillresendthemessagewiththeDUPflagset.4.WhenthesenderreceivesanACKmessagePUBRECitthensendsamessagereleasemessage(PUBREL).5.Ifthesenderdoesn’treceivethePUBRELitwillresendthePUBRECmessage5.WhenthereceiverreceivesPUBREL,itcannowprocessthedata.6.Thereceiverthensendapublishcomplete(PUBCOMP).7.Ifthesenderdoesn’treceivethePUBCOMPmessageitwillresendthePUBRELmessage.8.WhenthesenderreceivesthePUBCOMPtheprocessiscompleteanditcandeletethemessagefromtheoutboundqueue(finally!).

15

TheMQTTProtocol


² MQTTQoSLevel:evaluaWonresults

StefanMijovic,ErionShehu,ChiaraBurau,“ComparingApplicaXonLayerProtocolsfortheInternetofThingsviaExperimentaXon”,Proc.ofiEEERTSI2016

PROTO

COLEFFICIEN

CY(*

)

(*)raXobetweenapplicaXonbytesandoverheadbytes

ROUNDTR

IPTIM

E(RTT)

16

TheMQTTProtocol


² MQTTQoSlevelscanbecoupledwithaddiWonalsehngsatthebrokerside,inordertoensuredeliveryofmessagesalsoinpresenceofclientdisconnecXons.1.   RETAINEDmessage:Thebrokerstoresthelastmessagefora

specifictopic.Eachclientthatsubscribestothattopicwillreceivethemessageimmediatelyawersubscribing.Foreachtopiconlyoneretainedmessagewillbestoredbythebroker.

(AIM)Anewlyconnectedsubscriberswillreceivethelatestupdateimmediatelyandshouldn’thavetowaitWllnextPUBLISHacWon.

17

TheMQTTProtocol


² MQTTQoSlevelscanbecoupledwithaddiWonalsehngsatthebrokerside,inordertoensuredeliveryofmessagesalsoinpresenceofclientdisconnecXons.2.   PERSISTENTsession:Thebrokerstoresalltherelevant

informaXonaboutclients,like:allsubscripXons,orallQoS1-2datanotconfirmedsincetheclientwasoffline.

(AIM)AclientshouldexplicitlygetmessagesfortheXmeitisoffline…clearly,increasingtheresourceuWlizaWon(CPU/HD)atthebrokerside!

18

TheMQTTProtocol


² MQTTprovidessome(basic)securitymechanismsfordataconfidenWalityandclientauthenWcaWon,whichmainlyrelyonexternalinfrastructuresoronlowerlayersoluXons.CLIENTAUTENTICATION

ClientauthenXcaXoncanbeperformedinthreeways:

² ClientIDs:everyMQTTclientneedsaunivoqueidenXfier.² UsernameandPassword:MQTTdoesnotprovideencrypXonmechanisms,needoftransportlayer(TLS)ornetwork(IPsec)soluXons.² CerWficates:provided/managedbythird-partyauthoriXes.

(TOPICACL)BasedonClientID,thebrokercanrestrictaccesstospecifictopics.

MQTTTutorial:h8p://www.steves-internet-guide.com/mq8-security-mechanisms/

19

TheMQTTProtocol


² MQTTprovidessome(basic)securitymechanismsfordataconfidenWalityandclientauthenWcaWon,whichmainlyrelyonexternalinfrastructuresoronlowerlayersoluXons.DATACONFIDENTIALIY

DataconfidenXalitycanbeimplementedintwoways(COMPLEMENTARY):

² TSP-levelEncrypWon:notapartofMQTT,usesTLS/SSLprotocolandencryptsTCPdatasegmentsàrefersonlytotheclientàbrokerlink.

² APP-levelEncrypWon:notapartofMQTT,payloadencrypXonmustbeprovidedbytheapplicaXonàcanbeusefulforend-to-endsecurity(publisheràsubscriber),butdoesnotprotectthepasswordneededforthebrokeraccess.

MQTTTutorial:h8p://www.steves-internet-guide.com/mq8-security-mechanisms/

20

TheMQTTProtocol:DEMO


PUBLISHER

(FishinoUNOboard)

BROKER

(MOSQUITTO)(WI-FIlink) (WI-FIlink)

SUBSCRIBER

(Laptop)

MOSQUITTOàOpensourceMQTT(1.3/1.3.1)brokerimplementaXonMulX-playorm,VersionsavailableforLinux/Ubuntu,MacOSX,WindowsDownloadat:h8ps://mosqui8o.org

apt-get install mosquitto mosquitto-client

21



MOSQUITTOBroker:h8ps://mosqui8o.org

² MQTTclientuXliXes:mosquitto_pubemosquitto_sub

user@hostTest:$mosquitto_pub–t“Temperature/Kitchen”–m“34.5”

MESSAGEPUBLISHING

MESSAGESUBSCRIBING

user@hostTest:$mosquitto_sub–t“Temperature/Kitchen”34.5

user@hostTest:$mosquitto_sub–t“#”34.5

user@hostTest:$mosquitto_sub–t“Temperature/+”34.5

Topicname Topiccontent

22



MOSQUITTOBroker:h8ps://mosqui8o.org

² MQTTclientuXliXes:mosquitto_pubemosquitto_sub

user@hostTest:$mosquitto_pub–t“Temperature/Kitchen”–m“34.5”

MESSAGEPUBLISHING

MESSAGESUBSCRIBING

user@hostTest:$mosquitto_sub–t“Temperature/Kitchen”34.5

user@hostTest:$mosquitto_sub–t“#”34.5

user@hostTest:$mosquitto_sub–t“Temperature/+”34.5

Topicname Topiccontent

WILDCARDS(inTOPICname)²  +singlelayerofhierarchy²  #allremaininglevelsof

hierarchy(onlythefinalpart)ü  Temperature/1/2/valueü  Temperature/+/+/valueü  Temperature/#

23



[1]MOSQUITTOBrokerConfiguraWon:h8ps://mosqui8o.org/man/mosqui8o-conf-5.html

² Mosqui8oconfiguraXonfile:/etc/mosquitto/mosquitto.conf

#Enable/disablepersistence,i.e.messagesavingsonbrokersidepersistencetruepersistence_location/var/lib/mosquitto/

#Enable/disableauthenticationallow_anonymousfalsepassword_files/etc/mosquitto/mosquitto_pwd

#Logbrokeractivitieslog_destfile/var/log/mosquitto/mosquitto.log

#Presenceofduplicates(onlyforQoS0and1)allow_duplicate_messagesfalse

EXAMPLE,SEE[1]forthecompletefileformat

24



[1]IoTDISI-UNIBOCoursewebsite:h8p://www.cs.unibo.it/projects/iot/

² MQTTatPublisherside(FishinoUNO,butshouldworkalsoonanyArduino*devices):

booleanpublishData(charclientID,char*topic,char*payload){booleanconnected=clientMQTT.connected();if(!connected)connected=clientMQTT.connect(clientID);if(connected){

boolresult=clientMQTT.publish(topic,payload);clientMQTT.loop();returnresult;}elseSerial.println(F("MQTTBrokernotavailable"));return(false);}

Completecodeavailableat[1]

25



² MQTTatPublisherside(FishinoUNO,butshouldworkalsoonanyArduino*devices):

#include<PubSubClient.h>PubSubClientclientMQTT;voidsetup(){

…clientMQTT.setClient(client);

clientMQTT.setServer(”192.168.1.200",1883);}voidloop(){

…publishData(“MyClientID”,”MyTopic”,”MyMessage”);

}

Completecodeavailableat[1]

[1]IoTDISI-UNIBOCoursewebsite:h8p://www.cs.unibo.it/projects/iot/

MOSQUITTOBrokerIPAddress

MOSQUITTOBrokerIPPort

26





27

TheCOAPProtocol


² ConstrainedApplicaWonProtocol(CoAP)² Messagingprotocolforusewithconstrainednodesand

constrained(e.g.,low-power,lossy)networks.²  DifferentlyfromMQTT,CoAPimplementsarequest-response

interacWonmodel(similartotheHTTPprotocol).²  RESTfularchitectureforCostrainedEnvironments(CoRE).²  EachresourceisaddressedbyanURI(UniformResourceIdenXfier).

SERVER CLIENT

REQUEST(GETTEMPERATURE)

REPLY(VALUE:20.5)

COAPSpecificaWons:h8ps://tools.iey.org/html/rfc7252#secXon-4.8

28

TheCOAPProtocol


² CoAPoperaXonscanbeLOGICALLYsplitintwosub-layers:²  Requests/responsesàclient-serverRESTfulinteracXons² MessagesàparadigmimplementaXon+reliabilitymechanisms

APPLICATION

UDPPROTOCOL

REQUESTs/RESPONSEs

MESSAGES

CoAP

FourtypesofCoAPmessages:CONFIRMABLE(CON),NON-CONFIRMABLE(NON),ACK,RESET

²  AcXons/methodsrequestedonaresource:GET,POST,PUT,DELETE²  PossibleresponsestoanacXonrequested:SUCCESS,CLIENTERROR,SERVERERROR

29

TheCOAPProtocol


² ExamplesofCoAPmessageexchanges.

SERVER

CLIENT

CON[0x7a10]GET/temperature

ACK[0x7a10]

…Timepasses…

CON[0x23bb]Token0x7a10Value“25.5”

ACK[0x23bb]

SERVER

CLIENT

NON[0x7a11]GET/temperature

Token0x74

NON[0x23bc]Token0x74Value“25.5”

REQUEST/RESPONSEUSINGCONFIRMABLE

MESSAGESREQUEST/RESPONSE

USINGNONCONFIRMABLE

MESSAGES

30

TheCOAPProtocol


² EachresourceisaddressedbyanURI(UniformResourceIdenXfier).

coap://dante.cs.unibo.it/temperature/serverRoom

² BasedontheUDPprotocol(butopXonalmechanismscanbeusedforenhancedreliability,i.e.Confirmablemessages+Retransmissions)

² AsynchronousRequest/Responseparadigm² Different(Shorter)PacketHeader(seenextslide)² ServiceDiscoveryandProxymechanisms

DIFFERENCESCOMPAREDTOTHEHTTPPROTOCOL

31

TheCOAPProtocol


² CoAPMessageHeader(fixed-size4-byteheader)Messagetype:CON,NON,ACK,RST IndicatesRequestmethodorResponsecode

MessageID:matchesCON

andACKmessages

ValueusedtocorrelateaRequestand

withthecorrespondingResponse.

32

TheCOAPProtocol


² CoAPimplementssomelightweightreliabilitymechanisms:Ø  DuplicatedetecWonforbothConfirmable(CON)andNon-

Confirmable(NON)messagesØ  Simplestop-and-waitretransmissionreliabilitywith

exponenWalback-offforConfirmablemessages

²  The sender retransmits the Confirmable message at exponenXally increasing intervals,unXlitreceivesanACK(orRSTmessage)orrunsoutofa8empts.

RandomValueà[ACK_TIMEOUT:ACK_TIMEOUT*ACK_RANDOM_FACTOR]Ø  ACK_TIMEOUTisdoubledateachretransmission,XllMAX_NUMBER_ATTEMPTSØ  ACK_RANDOM_FACTORisanode-specificvalue,usedtoavoiddistributedsynchronizaXons

33

TheCOAPProtocol


² TheOBSERVEmechanismallowsimplemenXngadatasubscripWonmechanism(similartoMQTT,butwithoutthebroker).1.  Theclientrequestsaresource(GET)withtheObserveOpXonfield. 2.  Theserveraddtheclienttothelistofobserversoftheresource3.  Ateachchangeofthetargetresource,theservernoXfiesallitsobservers

SERVERCLIENT

NON[0x7a10]Observe:0GET/temperatureToken:1234aa

NON[0x8b12]Value:34.4Token:1234aa



COAPSpecificaWons(DRAFT):h8ps://tools.iey.org/html/draw-iey-core-observe-08#page-6

34

TheCOAPProtocol


² AserverisusedbyaclientknowingaURIthatreferencesaresourceinthenamespaceoftheserver.²  AlternaXvely,clientscanusemulWcastCoAPrequests(onthedefaultport

5683)the"AllCoAPNodes"mulXcastaddresstofindCoAPservers²  MulXcastrequestsareNOTConfirmable(i.e.noACKmessagesaresent).²  IfaserverdoesdecidetorespondtoamulXcastrequest,itshouldback-off

(i.e.waitarandomperiodbeforesendingthereply)

GET“./well-known/core

CLIENT

SERVER1

SERVER2

35

TheCOAPProtocol


² CoAPonlysupportsalimitedsubsetofHTTPfuncXonality,² However,cross-protocolproxymechanismscanguaranteeseamlessHTTP-CoAPinteracWons(besideprovidingdatacaching).

HTTPGET/temperature(CoAP)CONGET/temperature

(CoAP)ACK

(CoAP)CONValue:23.4

(CoAP)ACK

HTTP200OK“Value:23.4”

CACHEDATA

CLIENT SERVER

PROXY

36

TheCOAPProtocol


² CoAPreliesonlower-layerprotocolsforsecuringtheclient-servercommunicaWon.²  MessageencrypXonprovidedatTSPLayer(DTLS–DatagramTransport

LayerSecurity)oratthenetworkLayer(IPSec).

²  AsCoAPrealizesasubsetofthefeaturesinHTTP/1.1,thesecurityconsideraXonsofHTTParealsoperXnenttoCoAP.InaddiXon,CoAPpresentssomeuniquevulnerabiliWes(see[1]fordetails):

1.  Proxiesarebytheirverynatureman-in-the-middle.2.  RiskofmessageamplificaXonandDDoSaqacks.3.   IPspoofingduetothelackofahandshakeinUDP.

[1]COAPSpecificaWons,SecurityconsideraWons:h8ps://tools.iey.org/html/rfc7252#page-80

37

TheCoAPProtocol:DEMO


SERVER

(FishinoUNOboard)

CLIENT

(COPPER)(WI-FIlink)

https://addons.mozilla.org/en-US/firefox/addon/copper-270430/

FirefoxPluginsupporXngCoAPURIscheme,andenablingCoAPRequests-ResponsesinteracXonsviabrowser

38





39

TheAMQPProtocol


² AdvancedMessageQueuingProtocol(AMQP)²  Open-standardprotocolformessage-orientedapplicaWons.²  Itsupportssysteminteroperabilityindistributedenvironments.²  BasedonTCPprotocolwithaddiXonalreliabilitymechanisms

(at-most-once,at-least-onceoronce-delivery).²  Itsupportsbothpoint-to-pointcommunicaWonandpublish-

subscribecommunicaWonparadigms(likeMQTT).²  Programmableprotocol:severalenXXesandrouXngschemes

areprimarilydefinedbyapplicaXons.²  SeveralfuncXonaliXes:see[1]foracompleteprotocolillustraXon.

[1]AMQPProtocolOASISSpecificaWons:h8p://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-overview-v1.0-os.html

40

TheAMQPProtocol


² TheAMQParchitectureinvolvesthreemainactors:publishers,subscribers,andbrokers.

[1]AMQPProtocolTutorial:h8ps://www.rabbitmq.com/tutorials/amqp-concepts.html

PUBLISHER SUBSCRIBER

PUBLISHERSUBSCRIBER

EXCHANGE

QUEUE

QUEUE

AMQPBROKER

PUBLISH

ROUTE CONSUME

41

TheAMQPProtocol




CLIENT

CLIENT

BROKER INTERNET BROKER

CLIENT CLIENT

NETWORK1 NETWORK2

²  TheAMQPArchitecturenaXvelysupportssystemintegraWonand message-orientedcommunicaWonovertheInternet.

Firewall

Firewall

42

TheAMQPProtocol




² Queues:applicaXon-specificmessagebuffers² Exchanges:owencomparedtopostofficesormailboxes,takeamessageand

routeitintozeroormorequeues² Bindings:RulesfollowedbytheexchangefortherouXngprocess

AMQPEnWWes(withinthebroker):

²  DirectExchange:deliversmessagestoqueuesbasedonthemessagerouXngkey²  FanoutExchange:deliversmessagestoallofthequeuesthatareboundtoit²  TopicExchange:deliversmessagestooneormanyqueuesbasedontopicmatching²  Headersexchange:deliversmessagesbasedonmulXplea8ributesexpressedasheaders

43

TheAMQPProtocol


² TheAMQPprotocoldefinestwotypesofmessages:²  Baremessages,thataresuppliedbythesender.²  Annotatedmessages,thatareseenatthereceiver.

E.Ahmed,I.Yaqoob,A.Gani,M.ImraniandM.Guizani,Internetofthingsbasedsmartenvironments:stateoftheart,taxonomy,andopenresearchchallenges,IEEEWirelessCommunica]ons,2016

Theheaderconveysthedeliveryparametersincluding:durability,priority,Xmetolive,firstacquirer,deliverycount

44

ProtocolComparison


MESSAGEOVERHEADvsMESSAGESIZE RESOURCEUSEDvsPOWERCONSUMPTION

N.Naik,ChoiceofEffecXveMessagingProtocolsforIoTSystems:MQTT,CoAP,AMQPandHTTP,Proc.ofIEEEISSE,2017

45

ProtocolComparison


BANDWIDTHvsLATENCY STANDADISATIONvsIoTUSAGE


46

ProtocolComparison


PROVISIONINGvsSECURITY QoSvsINTEROPERABILITY


the internet of things: messaging protocolscs.unibo.it/projects/iot/sessionprotocols.pdf · 2018....

Documents