Using Wireless Sensors to Secure International Shipping Containers

Project Report: Using Wireless Sensors to Secure International Shipping Containers

Sean Barbeau Sanket Korgaonkar Zuzanna Miernik Zane Reynolds Adam Richter

Introduction to Homeland Security CIS 6930-004 Spring 2005 March 8, 2005 1 Problem

Currently, 90 percent of the world’s cargo moves by container Figure 1. Each year, nearly 50 percent of the value of all U.S. imports arrives via 16 million containers. Each of these containers is transported over many modes of transportation, including sea vessels, rail cars, and trucks. Often, there is a breakdown in safety and security either in transit or at intermodal stations, as containers must be stored temporarily until they are transferred. Since during transfer the station or transporter is responsible for the security of the containers, the quantity and quality of safety and security-related measures can vary widely during the trip from source to destination Figure 2. Currently, over $50 billion is lost in cargo theft each year 55. With the current threat of terrorist incidents, the U.S. cannot allow the integrity of these containers to be compromised. Many hazardous and sensitive materials can be among the cargo, and only a single point of entry in one container is necessary to accomplish a terrorist act. Not only could these materials be used as a potential weapon of mass destruction, but explosives or other chemical or biological agents could easily be placed inside of these compromised containers creating a portable weapon that would be delivered to its target by our own transportation system. The current estimated damage from a terrorist attack on a major U.S. port is $1 trillion in economic damage along with a large loss of life 55. The Deparment of Homeland Security (DHS) has recognized this problem in the National Strategy for Homeland Security (NSHS) and lists the task “Increase the security of international shipping containers” as one of the major initiatives in the area of Border and Transportation Security 44. Additionally, as part of H.R. 2443 “The Coast Guard and Maritime Transportation Act of 2004”, the government has mandated the use of security sensors in international shipping to reduce the risk of incidents such as cargo theft, undetected hazardous material spills, and terrorist acts 55. Figure 1. Multi-modal international shipping container. Src: http://www.maritimesecurityexpo.com/whitepapersarticles/MTI-Container%20Security.pdf

Figure 2. Movement of international shipping containers. Src: http://www.energyvortex.com/files/RAE_Sys._Securing_the_Supply_Chain.pdf

Due to the extremely high volume of containers that are transported across the United States, repeated intrusive inspections of each piece of cargo are unfeasible. As stated in the NSHS, “we …must promote the efficient and reliable flow of people, goods, and services across borders, while preventing terrorists from using transportation conveyances or systems to deliver implements of destruction” 44. The current cost to ship 30 tons of goods from Asia to the west coast of the United States is approximately $1,600 55. This inexpensive and fast service has allowed international trade to thrive in recent years. The methods used to secure these containers must not interfere with current shipping methods but must protect the integrity of the container from threats that could do significant damage to the overall economic nature of the United States. Therefore, the only solution is to assure that containers maintain their initial integrity from the moment they leave their source location to when they reach their destination. This report provides a detailed evaluation of three wireless sensor technologies that can be used to secure international shipping containers.

2 Scenarios

We considered three separate scenarios utilizing wireless sensor technologies to secure international shipping containers.

W ireless S e ns or N et w ork

W ire le ss S e ns ors

Container Management Network Figure 3. Scenario 1 concept (left) using RFIDs; Scenario 2 concept (right) ZigBee or MeshNet.

Scenario 1 is a self-contained secure container using Radio Frequency identification (RF ID) technology Figure 3. This scenario will allow a container to electronically carry its own “history” that can be queried by a reader at ports or in transit. When queried either by a handheld reader or by a stationary port or vehicle-installed reader, the container will report its unique identification number along with incident history information that can include intrusion, chemical spills, and various other reports. The main advantages of this technology are that it’s inexpensive, has been widely tested, and is currently being used in the shipping industry. The main disadvantage of RF IDs is that there would not be an instant notification of an incident. The incident would most likely first be discovered when the cargo is being unloaded from the vehicle to the port. When dealing with terrorist events this warning would most likely be too late to prevent severe economic damage and loss of life. The second two scenarios create a communication-enabled container Figure 4.

) s ) 1 4 . 1 . 5 2 1 . 0 2 8 ( 0 8 t ( e n e e h D s b I e g F i M R Z Rating 1- Low; 3- Med; Preliminary Scenario Requirements (1-5) 5- High

Durability (Survivability) Weather Extremes 3 4 4 4 Sensitivity to Vibration 4 4 4 4 Sensitivity to physical impact 4 4 4 4 Reliability Probability for equipment failure 3 4 4 3 Will partial system failure prevent general operation? 4 2 4 4 Performance Power requirements 2 5 4 1 Battery Lifespan 4 5 4 1 Tamper Resistance 5 1 5 5 Ease of integration with existing supply chain 4 4 4 4 Scalability 4 3 5 5 Potential for interference with existing radio technology 5 4 4 1 Potential for blocked transmitter on container 4 4 4 4 Auditability 4 5 5 5 Shipment Transparency 5 3 5 5 Time elapsed before notification of event 5 1 5 5 Reliance on untrusted Human intervention 5 2 5 5 Cost effectiveness Cost per container 5 5 5 1 Cost per port 5 3 5 1 Cost per vehicle 5 5 5 1 Total 278 363 267

Figure 4. Suitability matrix evaluating Scenario 1 (RF IDs), Scenario 2 (ZigBee), and Scenario 3 (MeshNet). Scenario 2 uses the “ZigBee” wireless technology which is based on the IEEE 802.15.4 standard, and scenario 3 uses the “MeshNet” wireless technology which is based on the IEEE 802.11s standard. Both scenarios create a container that can instantly report an incident such as an intrusion to all involved parties, including ports, vehicles, and the shipping and receiving businesses. The nodes in the networks created by these two technologies can be both clients and routers, forming a self-healing network that functions with a decentralized, dynamic topology. In case of node failures, communication can be routed through other nearby functional nodes without interruption. The resulting network is extremely versatile and flexible. Each technology has its own advantages and disadvantages. “ZigBee” is fairly inexpensive, robust, standardized, and requires very little power to operate. However, ZigBee only allows low-bandwidth transmissions and only a handful of tests have been performed applying this particular technology to protecting international shipping containers. The “MeshNet” technology promises to introduce broadband networking technology that can be used over long ranges. However, this technology is not yet standardized and still very immature. There have been no field tests performed that apply this technology to securing international shipping containers.

A detailed comparison of each of these three scenarios can be seen in Figure 4. The following three sections discuss each technology in detail.

3 RF IDs

3.1 Technology

Radio Frequency Identification (RF ID) technology is a short to mid range technology used to identify goods or people. There are two components to the technology: a tag [Figure 5], which can be either passive or active, and a reader [Figure 5]. The tag is held by the object that is to be identified. An active tag has its own power source (battery) and therefore has a longer read range and more capacity for data storage than passive tags, which use the energy from the reader to power a short-range brief transfer. The reader is then placed at a strategic position where the object to be identified will pass within range of the reader. When the tag enters the range of the reader, data can be transferred between the two devices. This data will include identification information for the tag along with any other relevant data that the tag is carrying. The reader can also write to the tag, and may write information such as the last date and time that the tag was read.

Figure 5. Sample of an RF ID reader (above) and tags (below). Src: http://www.exim21.com/security/rf70.php

An RFID system consists of the following three parts: an RF tag, an RF tag reader, and a back- end database that associates records with the tag data collected by the readers. RFID, which is the acronym for radio frequency identification tags, are classified as passive (cannot update their own locations), or active. Passive tags do not require batteries to operate, and are hence robust, reliable, and low-cost. They obtain their operational power by harvesting energy from the reader’s communication signal, and they then use that energy to power internal functionality and communication with the reader. Active tags require batteries to operate, but they provide a greater read range and greater throughput. Active tags’ power source enables them to perform complex functions and communications with the readers as well as to communicate with other tags. Readers cover the entire area within a supply chain space, often overlapping. This overlap used to cause reader collisions until the development and implementation of anti-collision algorithms 521619.

Many RFID tags are based on a frequency standard of 13.56 MHz, with a starting read distances on the order of 1 cm. Research has showed that high-performance implementations can achieve a throughput of 800 tags per second at a range of close proximity to a range of greater than 10 meters without the need for line-of-sight interrogation. (The RFID sensors are known as interrogators.) The interest is in the frequency range is 860-956 MHz, which falls in the ultra high frequency range and is aimed at passive tags for low cost use in the supply chain market. RFID’s benefit is that these systems enable non-contact reading from a distance and at any orientation, and they are highly effective for use in environments where traditional bar codes are infeasible. Additionally, low cost transponders offer multi-read capabilities, reasonable data storage capability (average of 64 Kbits), and a wide range of data transfer rates 5346.

These tags have several advantages over the use of traditional bar codes, which are as follows:  RFID tags do not require line-of-sight access to perform a read  Reader range is larger than that of bar codes  Multiple tags can be read simultaneously  RFID’s can store more data 19

RFID systems for the supply chain emphasize tagging of pallet, cases, and even individual items as found necessary. This makes it a great choice because such unique identifiers ensure no ambiguity. They use a 96-bit electronic product code field corresponding to objects, hence ensuring absolute uniqueness. Such tags can also store user information while in service. The readers communicate with such tags using a radio frequency signaling to obtain the identifier and any other data stored on the tag. The tags are comprised of integrated circuits connected to antennae, which are queried by the readers 5316. 3.2 Trade Study

"Smart" cargo containers are necessary to deter terrorist attacks and speed the flow of goods into the U.S. 60. In order to address the issue of tampering with cargo containers, General Electric (GE) started a security initiative to create a security sensor for containers 2. The first partner they sought in this effort was the largest cargo container producer called, China International Marine Container (CIMC). Together, they developed a secure container called the Tamper Evident Security Containers (TESC). These new containers utilize numerous new locking mechanisms and, more importantly, wireless sensors called Container Security Devices (CSD).

Container Security Devices were developed in two forms, integrated and retrofit. The retrofit device is installed and protected inside the container on the corner post. It’s small to ensure that it does not occupy cargo space and it is located near the door so that anytime the door is opened or closed, the sensor in the device records the event.

The CSD operates on a process involving: arming, logging, and disarming. After a container is loaded, it is sealed and the CSD is armed using a unique encrypted arming key 58. This allows the sensor to know when to start logging events. During the trip from its initial loading to its destination, the sensor is scanned approximately four times: loading, embarkation, debarkation, and unloading. The events are stored, using a time date stamp, within the device. When the CSD comes within a reader, if the container has been compromised, an alarm is sent to relevant authorities and the container can be halted, quarantined, and inspected 121.

Due to the unforeseeable needs of shipping vendors, the CSD was created with expansion ports 2122. These ports allow for extra sensor devices to be added for radioactive, explosive, and narcotic materials. Being expandable is important to homeland security because terrorist activities can take any form. Being able to detect potential abuse is important.

The cost of the device is very low, approximately $100. The device was designed with cost in mind so that it will be more likely to be purchased by users. By making the device highly affordable, it is more likely that it will be implemented on a large scale. Another benefit is the devices ease of installation. According to GE security, the device can be installed in ten seconds, without the use of tools or container modification. The devices can be moved from old containers to new ones and can be reused for the containers useful life.

As mentioned above, the device is read by handheld of fixed wireless readers in four locations. The readers are very economical, and the allow CSD arming and status checking at ranges up to 100 meters.

Modulation Scheme Direct Sequence Spread Spectrum (DSSS), 23 MHz (broadband) Data bit rate 1MB/sec Reading range 30m, (can be tuned up to 100m) Reading Speed 22 mpg (36 km/h) Security protocol Challenge/Response, IETF RFC 2104 Data Memory 2 KB read/write, e.g. B/L no, container no. Event log Memory 32 KB clear/readable, e.g. alarms, door open/closed Battery Lithium/SOCI2 type AA (10 years) Sensor Duty cycle 0.03% Temperature range -40 to 70 degrees Celsius Size 190 x 90 x 42 mm Weight 230 g

Table 1. RF ID specifications 23.

Another way that GE is trying to create user acceptance is through the use of the CommerceGuard information network 21. CommerceGuard was created to track all logging instances and posts them to a database. This is useful to vendors because they can more accurately approximate billing information and container usage. In addition, the vendor will build knowledge that can be used for supply, factory, and transportation planning.

CommerceGuard is stored on secure servers and was created with the ability to integrate with government information systems. Encrypted information is sent over the internet to ensure that the data is secure during transmission.

According to the article, “GE Tests Cargo Container Security System” by Frontline Solutions, GE’s CSD’s have been tested 5: GE's security business and China International Marine Containers Group (CIMC) have completed a commercial field test of a cargo container secured with radio frequency identification (RFID) and sensor technology. More than 15 security breach attempts on two continents were properly detected and communicated during the test.

The Tamper Evident Secure Container (TESC) integrates GE's CommerceGuard container security device in a standard maritime container. All Set Marine Security AB licensed the security technology to GE, and Unisys Corp. provided integration services and managed the test. CIMC is the world's largest manufacturer of shipping containers.

The TESC system combines physical enhancements and an electronic integrated container security device (iCSD). The security device includes a magnetic sensor that monitors changes in the field around it, and is integrated into the container door. The RRD component is based on 2.4-GHz technology.

The system includes a data port so that additional types of devices, such as temperature or radiation sensors, can be integrated. GE has also developed tracking devices that can be installed on a legacy container fleet.

Unisys tracked 18 GE containers from Guangdong, China, which were transported to Hong Kong by truck. From there, the containers were shipped by boat to Los Angeles/Long Beach, then trucked to their final destination. A fixed reader in Los Angeles disarmed the devices. Unisys attempted more than 15 different security breaches in mainland China, Hong Kong, and the United States. Twelve of the containers were not tampered with, but Unisys conducted five scripted break-ins on the others, and one container was opened by customs officials. The devices recorded all the breaches, with no false alarms. "As the containers pass the intermodal points where we've placed readers, status is communicated back to the data center," said James Petrizzi, GE's vice president for engineering. "There would be a first-responder system in place at the port, and alerts could go to the shipper and end destination."

By tracking containers at these different nodes, shippers and customers could be alerted to delays and problems in transit. "You could set up an alert-based system for exceptions," said Peter Regan, vice president for global visible commerce at Unisys. "It could then be integrated with supply chain management systems, and could even leverage data from RFID tags."

RFID is also being used by retailers like Wal-Mart, Target, and Gillette to monitor distribution 13. RFID chips beat bar codes by reducing human error and opportunities for theft, business executives said. Bar codes require a level of human interaction for scanning that RFID chips do not 8.

Although, from the article above, it is obvious that GE has created a product that will only be moderately successful in the field. To implement the CSD for homeland security, it is important to have real time monitoring capabilities. RFID does not provide real time monitoring capabilities.

3.3 Literature Review

The RFID technology applies to asset tracking, specifically to the tracking of cargo transported aboard ships traveling between continents. It is an important factor in ensuring the security of the transported goods, as well as a deterrent of terrorism against the homeland, which could be facilitated by the use of cargo as a means of delivery. This literature review will discuss the overall trends in the growth of the RFID technology as it focuses on the current state of the art and the challenges ahead, and it will give a detailed analysis of the current research in RFID’s that has been driving the development of this technology.

The RFID tag is the state of the art in the aspect that, given the internet, the information contained in the tag, such as the location and status of the goods, has the potential of being made available worldwide to manufacturers, distributors, and retailers simultaneously. In fact, it has become the motivation for retailers such as Wal-Mart, as well as for the U.S. Department of Defense to mandate the use of RFID by their top suppliers beginning in 2005 53.

Going back less than a year, numerous research and innovations have been proposed to the TFID tag and its problems. In August of 2004, the Zuma RFID design was proposed and created. Such a chip includes user memory and has the capability to perform field writes, allowing a way to personalize the information-bearing content of RFID tags while reducing die area. In addition, this design has a 256-bit block non-volatile memory. It offers extremely low power, relatively fast write times, 100,000 cycle write endurance, and 10 year retention of data. The range performance is typically 11 meters for reads, and 8 meters for writes. However, the bandwidth requirements discourage the use of this design outside of the United States 53.

Another proposed architecture focuses on the network used by RFID tags for effective communication. This architecture, proposed in 2004 by Texas University, uses every physical object identified by an RFID tag to communicate over a standard LAN network. It focuses more so on the readers than on the tags, where the readers are continually picking up the tags’ information. Such readers are to be managed by a Reader Management Module (RMM), and for every tag the capture the electronic product code (EPC) of the tag read, the EPC of the reader that scanned the tag, and the reading timestamp. These readers are then connected to the Savants, which are distributed data routers, using a LAN connection. The Savants are organized in a tree like structure and each leaf node is called the Edge Savant, while each internal node is called the Internal Savant. Useful association is written in Physical Markup Language (PML), and a file using this language contains both static and dynamic data pertaining to an object and is stored in a server called the PML server. Such a server would reside at a level above the Savants. Several such servers can then communicate via a secure intra-network 46.

The static data collected includes the EPC class-level manufacturer data, the EPC Serial Level Manufacturer’s data, and the transaction documents, and it would be stored in a database called the Information Database (IDB). The dynamic data would include mobility data such as tracking and location, and it would be stored in mobility management registers. Finally, a dynamically changing Visitor Location Register (VLR) cache would be located at corresponding PML servers to keep information about a visiting object. This means that the RFID readers would sense the objects as they enter or leave their radio field and would accordingly notify the corresponding Savant who in turn would generate a notification message to the PML server. Based on those messages the information in the mobility registers would be updated. [2]

The IBM China Research labs propose a new solution to the security issues faced by RFID tags. The suggestion for read access control has been proposed for readers accessing a tag’s ID. The idea is that the tag has to first identify whether the reader is authentic. To do this the tag sends a random number to the reader, prompting the reader to respond to the tag with a function value of the random number and its own ID. The reader’s output for each query changes, disabling unauthorized eavesdroppers from passing this authentication process 19.

The latest state of the art in RFID technology for cargo tracking allows shippers to arm the device using a encrypted code. The RFID then transmits its location and arrival time, and it notifies officials of any unauthorized security breaches. This device also detects changes in its field, and functions on 2.4 GHz technology with a range of 30 meters for reading. The latest additions include additional RFID device attachments that can sense temperature, radiation, chemicals, etc. 67.

There are several challenges faced by the RFID industry, which need to be overcome to ensure uniform and effective RFID use.

One such “hard” problem is that the RFID’s rely heavily on either dedicated or unlicensed industrial, scientific, and medical (ISM) bands. This is a problem because the requirements around the world vary for these bands, hence inhibiting attempts to deploy these tags in the area of global trade. For instance, in the United States the FCC provides unlicensed spectrum in the 902-928 MHz band. In Europe there is a limiting range of 869.4 – 869.65 MHz. The Japanese have a temporary allowance of 950 – 956 MHz, and the regulations for RFID in China and Korea are in transition with a considered spectrum of 433 MHz for active and 900 MHz for passive tags. This means that no RFID technology will operate at the same frequency with equal performance anywhere in the world. Attempts to solve this problem look at designing frequency readers, but this adds to the cost, communication latency, and performance difference of the tags. Hence, there remains the need for a data management infrastructure to coordinate the transmission of data between different networks that are using different standards 5352.

RFID chips that are implemented using complimentary metal oxide semiconductor (CMOS) technology suffer from power variations. The tag’s power varies from minimum to maximum over a timeframe of three decades, creating challenging situations for power supply predictability. Furthermore, many used materials produce high levels of triboelectric charge, and more of this charge can be produced in manufacturing environments. In an attempt to circumvent this, current methods degrade the RF performance 535268.

Proximity of the RFID tags to water, metals, and certain types of plastics can detune the tags. This is because such materials form a parasitic capacitance with the RF circuits, diminishing their capability to collect and to reflect energy. This is why each RFID tag installation needs to be customized to its specific environment. For instance tags that are used near metals should use a patch antenna, and tags that are used near water or moisture should use dielectric spacers to increase the coupling distance. Also, RFID tags are relatively easy to jam using energy at the right frequency, and can be disrupted by being repeatedly interrogated, wearing the battery down. Lastly, personalizing each tag requires some form of non-volatile storage 535268.

Financially, it is not worth it to produce RFID’s aimed at the supply chain exceeding 1 mm squared. This is because the bulk of the cost of RFID’s is in the testing phase. Test costs alone can even be comparable to the product’s entire applied cost 53.

Some additional challenges include the fact that RFID’s must be physically recognized by any legitimate user. This means that they must be worldwide usable and hence accepted by any government’s regulatory agency. Furthermore, tags must be writable and lockable by intermediate and end users, yet they must provide a secure forward link to avoid eavesdropping, traffic analysis, spoofing, and denial of service. This is partly solved by encryption. Tags should also have the ability to be put to sleep while the product is in transit, denying access to readers that lack a legitimate need to know, requesting a password. Finally, there is a debate as to whether a tag should be disabled completely or partially when its ownership changes 534619.

Another challenge faced by RFID manufacturers is the debate over their effect on human health. In 1995 the European Telecommunications Standardization Institute (ETSI) sub-committee published the pre-standard ENV50166-2 advising that an antenna that is within 8 inches of the body should not exceed 10 watts per square meter in emissions when averaged over 6 minute intervals. The FCC follows these recommendations for North America 52.

The issue of privacy invasion is yet another challenge faced by RFID’s. This issue is relevant to tagging of cargo as well as to tagging of products for individual customers. The argument is that if an TFID tag would remain active after a purchase it would allow tracking of customers’ movements. This reasoning is a result of lack of understanding of the technology. However, relating to delivered cargo this issue is a valid concern. For instance a warehouse’s inventory that is labeled with unprotected tags may be monitored by competitors’ unauthorized readers. Encryption does not help much here because items can still be tracked by their fixed encryption code 52719.

To conclude, having examined the current state of the art and the “hard” problems regarding the use of RFID tags, they are non-the-less effective and low cost, and their benefits outweigh the problems, hence they are a good solution for cargo and general shipped item security.

4 ZigBee (IEEE 802.15.4)

ZigBee’s name comes from the zig-zag path of bees that form mesh networks between flowers 45. 4.1 Technology

“ZigBee” is a wireless networking technology designed for reliable, power-efficient, and low- latency communications between low-cost nodes 25. ZigBee was created in order to fill a void in the area of wireless monitoring and control for various commercial applications. Other protocols such as 802.11b and Bluetooth either waste a significant amount of power or are overly complicated for simple automation tasks. A comparison of ZigBee to various other wireless technologies is shown in Figure 6. ZigBee provides a low bandwidth alternative that can transmit simple instructions while conserving power to further the time the unit can operate off battery power before needing to be recharged. This technique allows small devices like sensors to operate efficiently while providing all necessary functionality for the specific application in which it is deployed. The many potential applications of ZigBee are shown in Figure 7.

TEXT INTERNET/AUDIO COMPRESSED MULTI-CHANNEL VIDEO DIGITAL VIDEO G N O L

802.11b 802.15.3/WIMEDIA

> 802.11a/HL2 & 802.11g E G N

A ZigBee R

Bluetooth 2 T R

O Bluetooth1 H S

LOW < ACTUAL THROUGHPUT > HIGH

Figure 6. Comparison of ZigBee to other wireless network protocols. Src: http://www.zigbee.org/en/resources/, © ZigBee Alliance, Inc. security HVAC TV AMR VCR lighting control DVD/CD access control BUILDING CONSUMER remote AUTOMATION ELECTRONICS

patient monitoring ZigBee mouse fitness Wireless Control that keyboard monitoring PERSONAL Simply Works PC & joystick HEALTH CARE PERIPHERALS

asset mgt security process RESIDENTIAL/ HVAC control LIGHT lighting control environmental INDUSTRIAL COMMERCIAL CONTROL CONTROL access control energy mgt lawn & garden irrigation

Figure 7. Various sample application of “ZigBee” technology. Src: http://www.zigbee.org/en/resources/, © ZigBee Alliance, Inc.

ZigBee is a combination of two standards: IEEE 802.15.4 and a standard established by the ZigBee Alliance, a non-profit organization that provides compliance and certification testing as well as branding of the “ZigBee” technology. The IEEE 802.15 Task Group 4 (TG4) was chartered to investigate a low data rate solution with multi-month to multi-year battery life and very low complexity. The 802.15.4 standard was approved in May 2003. IEEE 802.15.4 defines the lowest two levels of the protocol stack, the Physical and Media Access Control (MAC) layer. The ZigBee Alliance Platform focuses on the Application, Network/Security, and Application Framework Layers, but does work closely with the IEEE to ensure efficiency with the lower layers as well. The ZigBee Alliance ratified the first “ZigBee” standard in December 2004 251141. The upper level Application/Profiles is defined by Original Equipment Manufactuers (OEM), the user of the ZigBee protocol. A simpler slave-only protocol stack for small limited- function devices such as sensors also exists 25.

At the Physical level, ZigBee operates at three different frequencies: 2.4GHz for worldwide-use, 868MHz for use in Europe, and 915MHz for use in North America 2511. Each of these bands allows different data rates and numbers of channels, shown in Figure 8. Direct Sequence Spread Spectrum (DSSS) is also used at the physical level 11. At the MAC level, ZigBee is structured to provide three different types of data access: periodic data, intermittent data, and repetitive low latency data 41. Periodic data uses a beacon system where the sensor will wake up for the beacon, see if any messages are available and then go back to sleep. Intermittent data can either function in a beaconless system or the node can actually remain disconnected from the network and only reattach when it needs to transmit data. Low latency data can be handled through a method of Quality of Server (QoS) called guaranteed time slot (GTS), where a device can always be allocated time to transmit important data 41.

BAND COVERAGE DATA RATE # OF CHANNEL(S)

2.4 GHz ISM Worldwide 250 kbps 16

868 MHz Europe 20 kbps 1

915 MHz ISM Americas 40 kbps 10

Figure 8. ZigBee frequency ranges. Src: http://www.zigbee.org/en/resources/, © ZigBee Alliance, Inc.

The ZigBee network consists of two main types of devices: Full function devices (FFDs) and Reduced Function Devices (RFDs). These devices can form three main topologies: a star topology, mesh topology, and a cluster tree topology [Figure 9][Figure 10]. A ZigBee network requires that at least one FFD act as a network coordinator, or router, between other nodes. The FFDs and RFDs play different roles in each topology. The FFDs can function as nodes in any of the three different topologies, can talk to any other devices (FFD or RFD), and generally has access to a larger power source than RFDs. RFDs are limited to functioning as a leaf node in the network, and therefore must function in the star topology. RFDs also cannot become a network coordinator, contains simple internal mechanisms, and uses battery power 11. Both RFDs and FFDs can be implemented with extremely small amounts of memory, ranging from 16 to 60KB. These requirements are about a quarter of those necessary for Bluetooth 15. Mesh

Star

PAN coordinator Cluster Tree Full Function Device Reduced Function Device

Figure 9. ZigBee network topologies. Src: http://www.zigbee.org/en/resources/, © ZigBee Alliance, Inc.

Network coordinator Full Function node Reduced Function node

Communications flow Virtual links

Figure 10. “ZigBee” protocol logical network flow. Src: http://www.zigbee.org/en/resources/, © ZigBee Alliance, Inc.

Because ZigBee networks support mesh topologies, they are extremely robust in nature. The network is self-healing, allowing instant re-routing to a functional node if a nearby node fails. The simple nature of the devices keeps costs down, enabling the technology to be used for relatively simple and everyday tasks. Additionally, the addressing space allows up to 65,536 nodes, making broad ZigBee-based networks possible. Power conservation is at the heart of the ZigBee protocol. Sleep modes for the devices in the network allow them to conserve power when not in use. The design of the routing and communication protocols allows RFDs in the network to wake up to transmit necessary information and then instantly go to sleep, using very little battery power. The time it takes for a ZigBee device to join a network is typically 30ms, and the time it takes the node to wake up or go to sleep data is typically 15 ms 25. These access times are several orders of magnitude shorter than those associated with 802.11b or Bluetooth, both of which are measured in seconds 15. Additionally, even the FFDs don’t require large amounts of power. It is likely that a cell phone could adequately function as an FFD for a ZigBee network of small devices carried on a person 15.

Even though ZigBee focuses on saving power, it is still robust enough to form stable and powerful networks. Average distance per node is around 10m, although ranges of 100m direct line-of-sight have been implemented. The logical range of the network can be significantly extended if the information is relayed through multiple devices 15. Reliability is ensured through the use of carrier sense multiple access collision avoidance (CSMA-CA). This makes sure that collisions do not occur due to simultaneous transmissions by multiple nodes 15. For high importance node transmissions, a guaranteed time slot (GTS) is allotted to assure transmission of timely information. AES 128-bit security is built into ZigBee, making secure transmissions of sensitive data possible 1115.

4.2 Trade Study

The ZigBee Alliance was initially set up by eight promoter companies: Ember, Freescale, Honeywell, Invensys, Mitsubishi, Motorola, Philips, and Samsung. Currently, the list of member companies that are producing ZigBee-compliant products and solutions numbers over 150. These companies include semiconductor manufacturers, wireless IP providers, OEMs, and end users. The growth of the ZigBee Alliance from December 2002 to August 2004 is shown in Table 2. A list of some of the companies belonging to the ZigBee Alliance is shown in Table 3. Consumer ZigBee products are currently expected on the market as early as late 2005. The many potential ZigBee consumer products are shown in Figure 7.

“ZigBee Alliance” - Member Growth

Region Dec. 2002 Dec. 2003 August 2004 Asia/Pacific 3 (8%) 12 (19%) 17 (18%) Australia - - 1(1%) Europe/Middle East 9 (25%) 14 (22%) 28 (30%) North/South America 24 (67%) 37 (59%) 47 (51%) Total Member Companies 36 63 93 30%

Asia/Pacific

Europe/Middle East

North /South America

18% 51% Australia 1%

Table 2. Growth of “ZigBee” Alliance since 2002. Src: http://www.zigbee.org/en/resources/, © ZigBee Alliance, Inc.

ZigBee focuses on many applications that require low-cost devices in order to be cost-effective for commercial companies to produce. For example, few consumers are going to buy a $200 smoke alarm because of the wireless technology it contains. Many proprietary mesh or sensor- related solutions of the past have been proprietary technology, which usually passes the cost of research and development along to the consumer. This creates a market of technologically advanced but very expensive products. Since ZigBee is based on the IEEE 802.15.4 protocol this removes the proprietary nature of the low-level technology and instead forces companies to focus of producing the most reliable but low-cost silicon chip solution possible 15. Theoretically, mass production and competition then forces the cost of ZigBee products down to a level that the general consumer can afford. Also, the high numbers of small devices that could potentially utilize ZigBee like light switches outnumber more complex wireless devices like phones, making the possibility of mass consumption of products by consumers alluring to many commercial companies 15. Therefore, the design of this technology is aimed at producing wireless end products that are reliable, low-cost, power-efficient, and can support the robust communication of mesh networks.

Companies Involved with 802.15.4 and ZigBee Airbee Wireless Atmel Certicom Corp. Chipcon CompXs Danfoss Dust Networks Eaton EAZIX, Inc. Ember ENQ Semiconductor Figure 8 Wireless Freescale Semiconductor Helicomm Honeywell Invensys Leviton Manufacturing Company Link Plus Corp. Millennial Net Oki Semiconductor Philips Electronics (Lighting) Philips Semiconductors RAE Systems Renesas Technology Samsung Electronics Co., Ltd. ZMD AG Other ZigBee Alliance Members & Participants

Table 3. Companies involved with 802.15.4 and ZigBee. Src: http://www.zigbee.org/en/resources/.

A ZigBee implementation of a solution for securing international shipping containers was created by a company named RAE Systems 56. This solution uses sensors distributed around each container to detect radiation, motion, temperature, intrusion, and acceleration of the container during loading and unloading. Additionally, “RAEWatch” devices are the network coordinators (which also function as door lock sensors) of each container and can then connect to each other and route information to a network access point. This access point then relays the data to a satellite communicator and onto a Wide Area Network WAN where it is then passed to the final destination via the Internet. A diagram of this system is shown in Figure 11.

Figure 11. RAE Systems diagram of 802.15.4 “ZigBee” container security solution. Src: http://www.energyvortex.com/files/RAE_Sys._Securing_the_Supply_Chain.pdf.

RAE Systems launched a field test of this system in October 2004. A container with the ZigBee security system was shipped from California to Hawaii, and then returned from Hawaii to California in November 2004. The sensors properly monitored many incidents and properties of the container shipment, including motion, temperature, intrusion, acceleration, and even a simulated radiation leak 56. This information was successfully transferred to the main RAEWatch device in the container where it was stored and read upon container recovery. Since only one container was shipped inter-container mesh communication via the RAEWatch devices was not tested. Photographs from this test can be viewed in Figure 12.

Other companies including Savi, Identec Solutions, and Symbol have also been involved in designing ZigBee solutions for container security but more specific information on field tests could not be found. Figure 12. Photos from RAE Systems field test of 802.15.4 “ZigBee” container security solution, Oct. & November 2004. Src: http://www.energyvortex.com/files/RAE_Sys._Securing_the_Supply_Chain.pdf.

Various ZigBee products are currently available or in development 14:  Atmel (http://atmel.com/) o Products: . AT86RF210 Z-Link Transceiver . AT86ZL3201 Z-Link Controller  Chipcon (http://chipcon.com/) o Produces ZigBee compliant chips  Crossbow Technology, Inc. (http://xbow.com/) o Hardware runs TinyOS and is programmable. Can be used for classroom projects.  Ember (http://ember.com/) o Ember produces various ZigBee chips as well as enables developers to develop software.

Software products:  Ember (http://ember.com/) o Software Development kit for ZigBee OEM producers () o http://ember.com/products/tools/development.html  Figure 8 Wireless (http://www.figure8wireless.com/ ) o Z-Stack and Z-Tool are development tools for ZigBee-based applications.

4.3 Literature Review

The area of concern is ZigBee’s application, usability and development in the wireless market. When researching information about ZigBee from sources like IEEE, ZigBee Alliance, and numerous other publications and articles, it is easy to realize the cohesive conclusions and areas of theory and methodology. This review will seek to provide a summary on the areas of agreement and disagreement in the literature available on the ZigBee technology. Certain articles will not be referenced here due to their previous analysis in the ‘technology’ and ‘trade study’ sections of this paper.

Firstly, and most importantly, ZigBee is being designed at an accelerated rate because of its proven use and design 26. This accelerated production and adaptation is being fueled by its multipurpose capabilities. In researching current uses of the ZigBee technology, it is relevant to understand that it is not only used for securing cargo containers, as is illustrated in the topic of this paper. Instead, one of the founding uses of the technology is the lighting and home automation markets. Demand in this market for 2006 shipments is forecasted to be 80 million units, up from 1 million today. It is a common conclusion among many news articles that the growth is also due to the technologies low-power use and shortrange RF transmission capabilities. ZigBee is ideal for applications such as security sensors, light switches, smoke detectors and thermostats that require modest bit rates (250 kbits/second), a multiyear battery life and a low duty cycle (less than 0.1 percent) 1035.

To better understand the state of the art, it is also important to understand the theoretical uses of the technology. Imagine a hospital so well connected that a computer turns off lights and dials down the heat in rooms that it senses are unoccupied. A patient regaining mobility can wander the halls alone and the computer will monitor vital medical alerts. And in the sports lab, a hip- pack computer records leg loads measured by transducers in an athlete's shoe for each stride on a treadmill workout. Some of this is possible now with lots of wires and specialized equipment. But the coming ZigBee hardware and networks promise this and more, simply and inexpensively. This is possible because ZigBee's self-forming and self-healing mesh-network architecture lets data and control messages pass from one node to another by multiple paths. This feature extends the network range and improves data reliability. It may also be used to connect large, geographically dispersed medical networks with smaller networks (hospitals) linked to form a 'cluster-tree' network 71.

Many companies are working together to ensure ZigBee’s success and the ZigBee Alliance was formed to formalize this quest. The alliance aims to associate companies and work together to enable reliable, cost-effective, low-power, wirelessly networked monitoring and control products based on an open global standard 70. These goals are emphasized through the support and strategy planning of allied companies. For example, on the 28th of March 2005, Ember Corporation unveiled its ZigBee networking product roadmap for 2005 to help customers and partners better plan their future development projects 18. Ember plans mass volume production of Ember's ZigBee solutions for home control and automation, automatic meter reading, building and industrial controls, and other applications 18.

The competition in the wireless mesh networking industry is high. There are multiple emerging wireless network standards and systems with a menagerie of new names to learn, such as Wi-Fi, Bluetooth, ZigBee, WiMax, and WiMedia. Who succeeds will be based on a limited set of criteria including: power, range, redundancy, resiliency, and cost 456. ZigBee was deigned for low power usage, moderate range, high redundancy through multipath connections, and resiliency through mesh networking 45. These factors are important to consider because of lessons learned from the missteps of wireless rivals like Bluetooth 6. According to Bob Heile, chairman of the ZigBee Alliance, "We looked critically at Bluetooth and learned a lot from that 6." ZigBee learned that it is important to keep a fairly low profile until the product is standardized. Another lesson that ZigBee learned is that cost is a major driver of success. Initial ZigBee devices should cost about $5, with prices eventually falling to less than $1 6. In 2005, ZigBee announced their successes by describing their open global standard, and announcing that their membership has tripled from a year ago, and that they recently added 19 more member companies bring its total membership to 124 companies 69.

After considering the current state of the art, successes, theoretical uses, alternate uses, and competition; it is crucial to realize that much of ZigBee’s success has been realized recently. This recent success is due to the fact that the ZigBee standard was ratified within the last six months 9. Companies not involved in the process had to wait for the full ratification of the standard. That time has now come and all 100-plus companies active in the field can begin offering ZigBee-compliant products on the market. The reason the ZigBee Alliance postponed the release of the standard several times was to insure that the filial product would be complete and fool proof. This is no longer an issue; ZigBee Alliance has intended to make the specification publicly available. Pubic availability - whether it is open source or not - allows developers to use their creativity to the fullest. Publicly available standards promote creativity from developers and will ultimately promote the growth of the ZigBee market 9.

ZigBee, unlike many technologies, does not have many hard problems. When the ZigBee Alliance was formed, the co-founders and developers researched competing software (mentioned above). They looked at the weaknesses, including costs and performance, then designed their software to avoid those faults. This gave ZigBee the ability to design their software with less problems and complexities. By forming an Alliance of manufacturers and companies, ZigBee could illicit their customers needs and offer trial versions of the technology. This business plan gave ZigBee incremental feedback for re-design and problem avoidance. Ultimately, they finalized a version of ZigBee in early January, 2005.

One of the current problems with using ZigBee is finding the proper area of implementation. The hardware was designed to be open source and multiuse. This means that it can be adapted to many different products. Products will need to be created and adapted to operate with ZigBee.

ZigBee’s is often seen as a competitor of Bluetooth technology. In fact, research states that it has a technology and price advantages over Bluetooth that are, at best, marginal and unsubstantiated. Hence price is a problem for ZigBee because low prices necessitate high volumes. Furthermore, the difficulty of getting the wireless part and the processor part on the same chip adds to the cost 972. The ZigBee standard is very new, the future may change the outlook of this problem.

ZigBee Alliance members refuse to disclose information regarding actual power consumption during transmission. Low power claims are only substantiated by the low consumption during deep sleep of ZigBee 9. Since ZigBee is highly open source, failing to disclose certain aspects of the technology could create future development problems.

Recent research using ZigBee in Japan by Mitsubishi shows that there is a problem. The ZigBee technology signals cannot pass through building walls 51.

5 Mesh Networks (IEEE 802.11s)

5.1 Technology

IEEE 802.11s is the designation for Extended Service Set (ESS) Mesh Networking. The principle is similar to the way packets travel around the Internet: data moves from one device to another until it reaches a given destination. In general, mesh networking is implemented over a wireless local area network (LAN), thus the networking infrastructure is decentralized and inexpensive, since each node needs only transmit messages to the next node. Each node acts as a repeater to transmit data from nearby nodes to other nodes that are too far away to reach, resulting in a network that can span a large area, even over difficult terrain.

Since each node is connected to several other nodes, many routes are available to pass messages, making the network as a whole is very reliable. In order to accomplish this flexibility, routing must be dynamic. There are more than 70 competing routing schemes, falling into several categories:  Proactive (table-driven)  Reactive (on-demand)  Hierarchical  Geographical  Power aware  Multicast  Geographical Multicast (geocast)  Other

In order to accomplish any type of dynamic routing, each node must communicate its routing information to each neighboring device in near real-time, and each device must decide what to do with data it receives.

One of the primary advantages of mesh networks is bandwidth scalability. Provided the number of hops in the average path is kept low, the more devices in the network, the more bandwidth available. In order to prevent excessive hop counts, an architecture that includes multiple fixed base stations that connect to high-bandwidth terrestrial links can act as gateways to the Internet.

Mesh networks have the potential to be much cheaper than traditional infrastructure. They can also take a big step towards compensating for the shorter ranged nature of 802.11 (approximately 300 ft from an access point). The latest progress is posted on the IEEE P802.11 Task Group S’ website.

There are now a number of incompatible mesh wireless local area networks (MWLANs) from various vendors. Mesh networks under 802.11s are not yet standardized, but there is a strong push toward standardization throughout the 802.11 family. The process is expected to produce a firm proposal in late 2006 or early 2007, and ratified the following year. Organizations such as Intel, Motorola, and the U.S. Army are making the strongest push.

The drawbacks of mesh networks include the requirement of a lot of access points and thus expensive to create networks where none exist, such as dead spaces between groups. Also, since no routing scheme has been standardized, it is difficult to measure the bandwidth overhead from routing information. One of the other major problems is integration: there is no way to manage a mesh network and a traditional network as one unit, since they require a gateway between them. 5.2 Trade Study

Many commercial companies are currently pursuing MeshNet technology. The following is a list of vendors and a summary of the technology they offer 43:

1. Aeras Networks Aeras Networks provides equipment and services to domestic and international communications service providers, telephone operating companies, and private network operators. Their wireless radios provide broadband connectivity, and utilize the license-free radio frequency spectrum. The radios support various network topologies from simple point-to-point configurations to fully redundant ring or mesh networks. Aeras radios provide reliable, guaranteed bandwidth rates that can support a variety of broadband applications. The products meet carrier-class reliability and performance requirements and can be deployed within hours.

2. BelAir Networks BelAir Networks offers the lowest-cost network deployments for large wireless LANs, and is the only system that can deliver Wi-Fi access over large areas in dense urban environments using mesh networking. Current wireless networking options suffer reduced quality, capacity, and reach when they are stretched beyond a 100 ft. radius of an access point.

3. Cisco Systems Cisco has combined wireless and IP technology to creating anytime, anywhere connections to the Internet and enterprise networks. High-speed, secure wireless technology enables users to be constantly connected-even as they move between wireless cells or in and out of wired environments. Cisco, utilizing the strength of its recent acquisition, Airespace Inc., is moving into the emerging wireless mesh networking market. Airespace had already developed an outdoor access point to support multicast applications and the bridging of wired networks over a wireless backhaul.

4. CUWiN The Champaign-Urbana Community Wireless Network (CUWiN) releases a complete operating system for nodes in a wireless mesh network. Using a stock NetBSD as a base distribution and adding wireless drivers, routing code, and specialized systems, the software allows the nodes to work together to route traffic for each other. CUWiN also offers house-to-house wireless mesh for communities, and makes it possible for neighbors to share broadband Internet access and services.

5. Firetide Instant Mesh Networks Firetide produces high performance mesh nodes and features a high capacity, scalable, and robust wireless mesh backbone for outdoor and indoor networks. The mesh nodes, designed for maximum performance, scalability, and ease of use, work seamlessly between indoor and outdoor environments and can operate in the 2.4 GHz and 5 GHz spectrums, and with throughput up to 25 Mbps. The mesh management software provides real-time monitoring and remote management of the wireless mesh networks, and provides complete access to all mesh and individual node settings including security, VLAN, traffic prioritization, radio power controls, and network gateway interconnects.

6. Hopling Technologies Hopling is a global leader in wireless networking equipment for enterprises, operators and service providers, and is focused on bringing wireless solutions to the public-access market, including mesh networks. The company offers a complete line of future-proof indoor and outdoor wireless enabling products such as mesh routers, access points, gateways, multi-client bridges and management servers. Hopling Technologies also leverages the advantages of WiFi and WiMAX such as mobility, high throughput, low cost, and the ubiquitous of client devices. Adding the capabilities of automatic self installable wireless indoor and outdoor nodes, enterprises can now deploy a wireless meshed network solution in a matter of hours without the need for per node wiring or installation specialists.

7. MeshDynamics MeshDynamics offers software and systems for high performance wireless mesh networking applications. Their software enables a unique multi-radio, multi-channel backhaul path with high bandwidth and low latency over multiple hops, providing the best price/performance solution for dense metropolitan VoIP and mobile data.

8. Microsoft Mesh Networking Researchers at Microsoft are working to create wireless technologies that allow neighbors to connect their home networks together, which, when enough neighbors cooperate and forward each others packets, allows them to individually install an Internet "tap" (gateway) but instead can share faster, cost-effective Internet access via gateways that are distributed in their neighborhood. Packets dynamically find a route, hopping from one neighbor's node to another to reach the Internet through one of these gateways.

9. Motorola Mobile Mesh Networks Technology Motorola is leveraging patented and proven routing techniques originally developed for battlefield communications, allowing high performance and scalable broadband networks to be built at very low cost by pushing intelligence and decision making to the edge of the network. The technology supports both infrastructure and client meshing, and creates a robust and scalable network, while client meshing enables end users to instantly form a broadband wireless network among them (with or without the inclusion of network infrastructure). As users join the network, network coverage and throughput increase. Motorola’s networking technology is unique in that it supports simultaneous operation of infrastructure and client meshing while allowing clients to move seamlessly between infrastructure-based and client-based peer-to-peer networks. Self- forming, self-healing routing intelligence distributes clients among Access Points, eliminating bottlenecks and improving overall network performance.

10. Nortel Networks Wireless Mesh Network Solution Nortel extends the reach of wireless LANs securely and cost-effectively for enterprises and end- users, and offers service providers new opportunities to drive increased revenue generation. City governments and municipalities benefit from enhanced employee safety and efficiency as well as from an improved business climate. Mesh networks provide seamless roaming beyond traditional WLAN boundaries and provides easy deployment in areas that do not (or cannot) support a wired backhaul.

11. PacketHop PacketHop is introducing mobile mesh networking software that enable instant, secure general- purpose broadband connectivity. PacketHop delivers secure, scalable wireless access and high- end broadband capabilities to multiple markets, including automotive, consumer, enterprise, homeland security and home networking.

12. RoamAD RoamAD supplies technology for scalable, cost-effective metropolitan Wi-Fi networks, campus hotzones, and transportation Wi-Fi networks. Their infrastructure-mesh network design, coupled with its software-based platform that runs on commodity third-party hardware, provides indoor and outdoor Wi-Fi coverage in dense urban environments and over wide-areas.

13. Strix Systems Access/One Network The Strix Systems family of products represent the next generation of wireless LAN products, leaping past the traditional access point and switch architecture to mesh networks incorporating robust security and comprehensive management. They support all 802.11 RF technologies and offer multi-radio and multi-channel high performance managed mesh networking systems for indoor enterprise deployments and outdoor public safely, municipal and metropolitan networks. A comprehensive browser based management platform that allows IT administrators to control all key elements of their wireless network.

14. Tropos Networks Tropos Networks' cellular Wi-Fi solution includes indoor and outdoor Wi-Fi cells which run the Tropos Sphere network operating system, the Tropos Control element management system, a live 24/7 support program and professional site survey, design and deployment services. The Tropos cellular Wi-Fi system is based on distributed intelligence. Each cell communicates with other cells wirelessly through a lightweight protocol containing what they claim to be the industry's first cellular Wi-Fi mesh routing algorithm. The cells continuously monitor the quality of the wireless links and forward traffic in the best path to the wired gateway. In this way, the cells work together to optimize performance across the network. 5.3 Literature Review

Mesh network technology is still very early on the swell of the technology wave, however, considering the popularity of the rest of the IEEE 802.11 standards family and the active market interest in developing this technology, the wave is expected to be very large. IEEE 802.11s is not expected to be standardized until late 2007 or early 2008, mainly due to the number of open problems that need to be addressed before a standard can be established 54.

Mesh networks offer the potential for decentralizing network connectivity from the industry’s current reliance on the 100-ft. star topologies of the IEEE 802.11 standard wireless networking. The extension to the ad-hoc mesh topologies could provide connectivity to areas previously blacked out (i.e. on trains, along highways, in dense urban areas, etc.). In fact, the interest in mesh networking does not rest solely with 802.11 272861. IEEE 802.15 and 802.16 also have task groups working on wireless mesh networks 2934474849.

However, many open research problems exist 3. There are more than 70 competing routing protocols with different performance advantages and disadvantages, and no routing protocol has proven the best in all situations. For mesh networks where each node routes traffic independently, extra workload overhead is generated to route packets, and determining how much overhead is acceptable has not yet been determined. Even the acceptable transmission power levels and power consumption levels have not yet been determined.

Researchers are still unsure exactly how scalable mesh networks are in the first place, although theory suggests that the more nodes in the network, the more available bandwidth. However, theory also suggests that there is a minimum, maximum, and optimum node density that affects the performance of the network, although a generalized way to determine these values has not been defined. It is also possible that the current upper-level protocols are wholly inadequate to support a mesh network. 6 Risk Assessment

We chose to focus on the ZigBee technology (as discussed in Section 7), thus we evaluated only the risk associated with the components of a ZigBee solution to securing international shipping containers. The risk for each component was evaluated on a scale of 1 to 5, 5 being very risky, and 1 being very little risk. Each risk factor is more precisely defined in Table 4, which was taken from the course document slides.

Risk Factor Risk Category Risk Definition Basic concept/calculations 5 Feasible in theory have been done but not verified with data A lab set-up test, credible calculation model, or 4 Laboratory model/prototype or simulation model breadboard demonstrates a conceptual element A complete built design is available and tests confirm functions and performances, 3 Based on existing engineering but application to this domain is yet to be done

This function can be implemented by minor 2 Extrapolated from existing design modifications and recombinations of proven designs The exact design element 1 Proven design needed is already available (e.g. COTS)

Table 4. Risk assessment scale. Src: Course documentation.

The components that comprise the ZigBee system were then divided into hardware and software and evaluated individually. Table 5 shows the risk assessment for the ZigBee hardware components and Table 6 shows the risk assessment for the software components.

Hardware Risk Factor H1: Environmental Sensors 2 H2: MiniRAE 2000 (Wireless mesh sensor node) 3 H3: RF ID Sensors 2 H4: Lithium Battery 1 H5: Network Access Point 2 H6: Satellite Modem 1

Table 5. Risk Assessment for “ZigBee” Hardware solution.

Software Risk Factor S1: ZigBee Lower level Routing protocol 3 S2: Detecting and logging events triggered by sensors 2 S3: ZigBee Upper-level routing protocol 3 S4: Transferring data between Network Access 1 Pointa and Satellite Modem S5: WAN uplink by Satellite Modem 1

Table 6. Risk Assessment for “ZigBee” software solution.

Each component in the tables above was deemed essential to the operation of the ZigBee solution, thus breaking down the components into classes based on their criticality does not yield informative results. Table 7 illustrates both the hardware and software components according to their risk assessments.

Risk Assessment vs. Criticality Risk Factor Essential Components 5 4 H2: MiniRAE 2000 (Wireless mesh sensor node) 3 S1: ZigBee Lower level Routing protocol S3: ZigBee Upper-level routing protocol

H1: Environmental Sensors H3: RF ID Sensors 2 H5: Network Access Point S2: Detecting and logging events triggered by sensors

H4: Lithium Battery H6: Satellite Modem 1 S4: Transferring data between Network Access Point and Satellite Modem S4: WAN uplink by Satellite Modem.

Table 7. Risk Assessment vs. Criticality for components of “ZigBee” solution. 7 Conclusions and Recommendations

Our conclusion is that although the general acceptance and usefulness of RF ID technology make investments in the technology itself a good idea, RF ID technology by itself is insufficient for real-time monitoring of multimodal container security. Additionally, while “MeshNet” 802.11s technology has a large amount of potential, the technology is too immature to heavily invest at this point. In 2-5 years, when the technology has been standardized, 802.11s will most likely be an excellent investment. Therefore, our conclusion is that “ZigBee” 802.15.4 technology solutions are the best investment currently to solve the problem at hand. The technology has been field-tested on a limited basis in the specific application of container security, but there isn’t currently an overwhelming presence of companies focused towards this application. The technology of “ZigBee” and IEEE 802.15.4 has been standardized, is heavily backed by industry, and will be interoperable with future expansion and solutions.

8 References

[1] “GE Enters Global Cargo Security Market,” Wireless News, Coventry: Sep 13, 2004.

[2] Aaron Ricadela. “SENSORS EVERYWHERE,” InformationWeek, Manhasset: Jan 24, 2005., Iss. 1023; pp. 32, 5 p

[3] Akyildiz, X. Wang, and W. Wang. “Wireless mesh networks: a survey,” Elsevier Computer Networks Journal, 2005.

[4] Anne Eisenberg. “Cargo Containers' Electronic Sensor Says 'Do Not Disturb',” New York Times, New York, N.Y.: Jan 20, 2005.

[5] Anonymous. “GE Tests Cargo Container Security System,” Frontline Solutions, Duluth: Mar 2005.Vol. 6, Iss. 2; pp. 11, 2 pp.

[6] Avoiding Bluetooth's missteps Russ Arensman. Electronic Business. Highlands Ranch: Mar 2005.Vol.31, Iss. 3; pp. 16.

[7] B.J. Alfonsi; Privacy debate centers on radio frequency identification Security & Privacy Magazine, IEEE, Vol.2, Iss.2, Mar-Apr 2004 pp. 12- [8] Bob Moroz. “Understanding RFID” Canadian Transportation Logistics, Don Mills: May 2004. Vol. 107, Iss. 5; p. 26

[9] C. Evans-Pughe, "Bzzzz zzz [ZigBee wireless standard]" IEE Review, Vol.49, Iss.3, March 2003 Pages: 28- 31

[10] Chips square off on Zigbee Cedric Paillard. Electronic Engineering Times. Manhasset: Apr 4, 2005., Iss. 1365; pp. 66.

[11] Craig, William C. “ZigBee: Wireless Control That Simply Works,” 2004. URL at http://www.zigbee.org/en/resources/, last accessed May 2005.

[12] Craig, William C., “ZigBee: Wireless Control That Simply Works”. ZMD America, Inc. February, 2004.

[13] Crayton Harrison. “Wal-Mart Sees Future in RFID Technology, Leads Switch from Bar Code System,” Knight Ridder Tribune Business News, Washington: Dec 28, 2003

[14] Crick, Christopher. CPSC 536 web page, “IEEE 802.15.4 (ZigBee)”, Yale University. URL: http://www.eng.yale.edu/enalab/courses/eeng460a/homeworks/hw1_results/zigbee.html, last accessed April 2005.

[15] Cross, Pete. “Zeroing in on ZigBee (Part 1): Introduction to the Standard,” Circuit Cellular. Issue 175, February 2005. URL at http://www.circellar.com/library/print/0205/Cross175/Cross-175.pdf. Last accessed May 2005.

[16] D.W. Engels; Sarma, S.E. “The reader collision problem,” IEEE Systems, Man and Cybernetics, Vol.3, Iss., 6-9 Oct. 2002.

[17] Edward D. Murphy. “Maine ports will start to see 'smart' cargo containers,” Knight Ridder Tribune Business News, Washington, Feb 4, 2005.

[18] Ember Maps Out ZigBee Strategy for 2005 Wireless News. Coventry: Mar 28, 2005.

[19] Gao Xingxin; Zhe Xiang; Hao Wang; Jun Shen; Jian Huang; Song Song. “An approach to security and privacy of RFID system for supply chain,” IEEE E-Commerce Technology for Dynamic E-Business, Vol., Iss., 13-15 Sept. 2004 pp. 164- 68.

[20] Gary Macklin. “Device detects intrusions,” Refrigerated Transporter, Houston: Nov 2004.Vol. 40, Iss. 6; pp. 22

[21] GE Security. “CommerceGuard CSD,” 2005. URL: http://www.gesecurity.com/csd.

[22] GE Security. “CSD Retrofit Specs,” 2005. URL: http://www.gesecurity.com/csd. [23] GE Security. “Retrofit & Integrated CSD Comparison,” 2005. URL: http://www.gesecurity.com/csd.

[24] GE Security. “TESC Datasheet” 2005. URL: http://www.gesecurity.com/csd.

[25] Heile, Bob. “ZigBee Overview – Emerging Standards – Where Does ZigBee Fit?” October 2004. URL at http://www.zigbee.org/en/resources/, last accessed May 2005.

[26] HELICOMM LAUNCHES ZIPBEE-READY M2M NETWORK TERMINALS Worldwide Telecom. Boynton Beach: May 1, 2005.Vol.17, Iss. 5.

[27] IEEE 802.11 Standard Group Web Site. URL: http://www.ieee802.org/11/.

[28] IEEE 802.11 Task Group S. “Status of Project IEEE 802.11s: ESS Mesh Networking,” URL: http://grouper.ieee.org/groups/802/11/Reports/tgs_update.htm, 2005.

[29] IEEE 802.15 Standard Group Web Site. URL: http://www.ieee802.org/15/.

[30] IEEE 802.15 WPAN Task Group 4 (TG4). URL at http://ieee802.org/15/pub/TG4.html, accessed April 2005.

[31] IEEE 802.15 WPAN Task Group 4 (TG4). URL: http://ieee802.org/15/pub/TG4.html, last accessed April 2005.

[32] IEEE 802.15 WPAN Task Group 4b (TG4b). URL: http://grouper.ieee.org/groups/802/15/pub/TG4b.html, last accessed April 2005.

[33] IEEE 802.15 WPAN Task Group 4b (TG4b). URL: http://grouper.ieee.org/groups/802/15/pub/TG4b.html, last accessed April 2005.

[34] IEEE 802.16 Standard Group Web Site. URL: http://www.ieee802.org/16/.

[35] In Brief Anonymous. Electronic Engineering Times. Manhasset: Apr 4, 2005., Iss. 1365; pp. 66.

[36] Institute of Electricial & Electronics Engineers (IEEE) Wireless Standards Zone. URL at http://standards.ieee.org/wireless/, accessed April 2005.

[37] Institute of Electricial & Electronics Engineers (IEEE) Wireless Standards Zone. URL: http://standards.ieee.org/wireless/, last accessed April 2005.

[38] Interoperable ZigBee platforms roll Patrick Mannion. Electronic Engineering Times. Manhasset: Apr 11, 2005., Iss. 1366; pp. 8.

[39] J. Hauser, D. Baker, and W. Conner. “IEEE P802.11 Wireless LANs: Draft PAR for IEEE 802.11 ESS Mesh,” URL: http://www.ieee802.org/11/PARs/11-04-0054-02-0mes- par-ieee-802-11-ess-mesh.doc, 2003. [40] Kinney, P., “ZigBee Technology: Wireless Control that Simply Works, White Paper dated October 2, 2003.

[41] Kinney, Patrick. “ZigBee Technology: Wireless Control that Simply Works,” White Paper, dated October 2, 2003. URL at http://www.zigbee.org/en/resources/. Last accessed May 2005.

[42] Larry Greenemeier. “Secure Shipments,” InformationWeek, Manhasset: Jan 17, 2005, Iss. 1022; pp. 36, 1 pp.

[43] MeshNet (802.11s) Vendors, URL: http://dailywireless.org/modules.php? name=News&file=article&sid=3887, last accessed April 2005.

[44] National Strategy for Homeland Security (NSHS), Office of Homeland Security, Pavilion Press, Philadelphia, July 2002.

[45] No strings attached Dennis Brandl. Control Engineering. Barrington: Mar 2005.Vol.52, Iss. 3; pp. 16.

[46] P. De; Basu, K.; Das, S.K. “An ubiquitous architectural framework and protocol for object tracking using RFID tags Mobile and Ubiquitous Systems: Networking and Services,” MOBIQUITOUS 2004, The First Annual International Conference on, Vol., Iss., 22-26 Aug. 2004 Pp. 174- 182.

[47] P. Kinney. “IEEE 802.15 General Interest in Mesh Networking: Request for Information of a Mesh Network Study Group,” presentation slides, November 2003.

[48] P. Piggin, B. Lewis, and P. Whitehead. “Mesh Networks in Fixed Broadband Wireless Access: Multipoint Enhancements for the 802.16 Standard,” presentation slides, July 2003.

[49] P. Whitehead, P. Piggin, B. Lewis, and S. Lynch. “Mesh Extensions to IEEE 802.16 and 16a,” IEEE Proposal, May 2003.

[50] PacketHop Inc., Connectivity that Moves You: PacketHop Mobile Mesh Networking Whitepaper, 2003. URL: http://www.packethop.com/technology/gfx/PH_VisionWP.pdf, last accessed April 2005.

[51] Paul Kallender, Mitsubishi preps Zigbee for enterprise security apps URL: http://www.networkworld.com/news/2005/0216mitsupreps.html, IDG News Service, 02/16/05

[52] R. Bridgelall, “Enabling mobile commerce through pervasive communications with ubiquitous RF tags Wireless Communications and Networking,” IEEE WCNC 2003, Vol.3, Iss., 16-20 March 2003 Pp. 2041- 2046 vol.3.

[53] R. Glidden; Bockorick, C.; Cooper, S.; Diorio, C.; Dressler, D.; Gutnik, V.; Hagen, C.; Hara, D.; Hass, T.; Humes, T.; Hyde, J.; Oliver, R.; Onen, O.; Pesavento, A.; Sundstrom, K.; Thomas, M. “Design of ultra-low-cost UHF RFID tags for supply chain applications,” Communications Magazine, IEEE, Vol.42, Iss.8, Aug. 2004 Pp. 140- 151

[54] R. Goodwins. “Intel hangs mesh hopes on 802.11s,” ZDNet UK, URL: http://news.zdnet.co.uk/communications/wireless/0,39020348,39189953,00.htm, March 03, 2005.

[55] RAE Systems, Securing the Supply Chain: Container Security and Sea Trial Demonstration Results Whitepaper, January 2005. URL: http://www.energyvortex.com/files/RAE_Sys._Securing_the_Supply_Chain.pdf, last accessed April 2004.

[56] RAE Systems, Securing the Supply Chain: Container Security and Sea Trial Demonstration Results Whitepaper, January 2005. URL: http://www.energyvortex.com/files/RAE_Sys._Securing_the_Supply_Chain.pdf, last accessed April 2005.

[57] RAND, “Assessing Container Security: A Framework for Measuring Performance of the Global Supply Chain”, February 2005. URL: http://www.rand.org/pubs/technical_reports/2004/RAND_TR214.pdf, last accessed April 2005.

[58] Richard Lee. “GE's Wilton, Conn., unit debuts upgrades for container shipping security,” Knight Ridder Tribune Business News, Washington: Sep 14, 2004. pp. 1

[59] Ronald D. White. “California; Plan Unveiled to Speed Cargo Processing; A customs official says the use of wireless sensors inside shipping containers would increase security,” Los Angeles Times, Los Angeles, Feb 2, 2005.

[60] Ronald D. White. “Ports Load Up on High-Tech Gear; The latest in equipment is helping to expedite the movement of cargo through the busy Long Beach-L.A. complex,” Los Angeles Times, Los Angeles, Calif.: Sep 7, 2004. pp. C.1

[61] T. Jou and D. Eastlake. “ESS MESH Network Study Group Meeting Minutes,” May 2004.

[62] The 9/11 Commission Report: Final Report of the National Commission on Terrorist Attacks Upon the United States, W.W. Norton & Company, NewYork.

[63] The ZigBee Alliance. URL: http://www.zigbee.org, last accessed April 2005.

[64] Tom Kevan. “High-Tech Container Security,” Frontline Solutions, Duluth: Jul 2004. Vol. 5, Iss. 7; pp. 44

[65] Tom Kevan. “Theft and Terror Threats Push Sensors into Supply Chain,” Frontline Solutions, Duluth: Sep 2004.Vol. 5, Iss. 9; pp. 16, 4 pp. [66] Tom Kevan. “Active RFID Will Redefine Wireless Infrastructures,” Frontline Solutions, Duluth: Oct 2004.Vol. 5, Iss. 10; pp. 27, 3 pp.

[67] URL: http://www.frontlinetoday.com/frontline/article/articleDetail.jsp?id=143821.

[68] URL: http://www.technovelgy.com/ct/Technology-Article.asp?ArtNum=20.

[69] ZigBee Alliance Celebrates Successful Year Kyle Gargaro. Air Conditioning, Heating & Refrigeration News. Troy: Feb 14, 2005.Vol.224, Iss. 7; pp. 6.

[70] Zigbee Alliance May 3, 2005 URL: http://www.zigbee.org/en/index.asp.

[71] ZigBee Networks Open the Door to More Wireless Medical Devices William C Craig. Medical Design News. Cleveland: Apr 2005.Vol.5, Iss. 3; pp. 25.

[72] Zigbee starts to buzz IEE Review, Vol.50, Iss.11, Nov. 2004 pp.17.