C S S R 0 8’ 0 9 14 - 15 March 2009

C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

INVESTIGATING THE PERFORMANCE EFFECTS OF SPINS

PROTOCOLS OVER WIRELESS SENSOR NETWORK

Nurshahrily Idura Haji Ramli1, Nik Mariza Nik Abdull Malik2, Norzatul Bazamah Azman Shah3
and Raihana Md. Saidi4
1
Faculty of Information Technology and Quantitative Sciences, Universiti Teknologi MARA, Shah Alam, MALAYSIA
idura@tmsk.uitm.edu.my, nikmariza@tmsk.uitm.edu.my, norzatulb@perlis.uitm.edu.my, raihana@tmsk.uitm.edu.my,

ABSTRACT

Wireless Sensor Networks (WSN) is a sensing paradigm which in it are sensor nodes that forms a
network interconnected by wireless communication links. WSNs pose some unique security concerns in
comparison to their wired counterparts. The characteristics and architecture of a WSN which have
obvious limitations of processing power, storage, bandwidth and energy is a major challenge of
integrating security in the network. The SPINS protocols are proposed as a general infrastructure that
protects against many types of attacks in such networks. However, the evaluation of SPINS yields
impressive results of cost of energy for tasks executed by the sensor network. Most of the overhead,
about 20% of the total energy consumption, comes from the transmission of extra data. The overall
overhead consumption of power is less than 29%. However, previous researches seem to only have
addressed the security of the sensor nodes but not the effect of the security implemented to the base
station. This paper discusses the transmission bandwidth affected by these overheads caused by adding
SPINS to the WSN as well as the strength and stamina of the base station on the limitation of number
of sensors it can handle via OPNET Modular simulator. Considering the bottleneck that will definitely
exist as the network grows at the base station and the impact of the transmission load will have on the
bandwidth, the results of the drop rate of packets should the SPINS be adapted does not result a large
difference and the rate is more or less relates to the packets received at the base station. The number of
packets that the base station is able to process decreases with the increasing number of sensor nodes
constructed. In other words, the base station efficiency decreases with regards to congestion of the
network.

Keywords: Wireless Sensor Network (WSN), SPINS protocols, OPNET Modular simulator

1. INTRODUCTION

Wireless Sensor Network (WSN) constitutes a rapidly emerging area of research as it can be represented
as an alternative to the wired counterpart’s method of data transactions. The characteristics and abilities of
WSN which consist of sensors which are small in size can be formed into a network and run various
applications that are considered impossible if using the wired networks. As these fantastic features of
WSN would increase the effectiveness of operations to some applications, its limitations are a lot more
critical. The miniature size of the sensor itself contributes to limitations of processing power, bandwidth,
storage and energy. Information transaction that can be transferred has to be small in size to be able to fit
these limitations.

WSN today has been rapidly deployed in various applications, some of which are in applications that
offers ease to the consumer in their everyday lives such as sensors in smart spaces and even in
applications as serious as in medical sector and battlefields surveillance. Focusing on applications in
which accuracy, integrity and confidentiality is critically essential, security needs to play its role in
delivering just that. The main challenge is how to add security in WSN in some sensitive applications that
requires it with the consideration of all the limitations in WSN.

Paper number: 5982549

C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

The SPINS protocol are developed and tested on a prototype of SmartDust nodes, which is a component
of CITRIS (Centre for Information Technology Research in the Interest of Society) at the UC Berkeley.
The SPINS proposed a general, feasible security infrastructure that can be applied to various type of
WSN.

2. THE SPINS PROTOCOL OVERVIEW

As described in [1], SPINS (Security Protocol for Sensor Networks) were developed on a prototype of
SmartDust nodes, under the SmartDust program, which is one of the components of CITRIS. The
application tested on was based on the heating and air conditioning control in a building. However, SPINS
is proposed as a general security suite that can be applied to a variety of other applications as well.

The SPINS protocol has been adapted to SmartDust sensor nodes that has a storage capacity of 8 Kbytes
of instruction flash, 512 bytes RAM and EEPROM, communicates at 916 MHz radio with a bandwidth of
10 Kbps and using TinyOS as the operating system.

The sensor network is based on a tree topology where sensor nodes are connected and rooted at a base
station. The base station has a longer lifetime than the sensor nodes and have sufficient memory to
generate and store cryptography keys. It is the gateway for all aggregated information sent from the sensor
nodes that is meant to be transmitted to the external network back to the user.

As the nature of WSNs applies, the network is vulnerable to threats mostly during the transmission and is
even more vulnerable as it is using broadcast means to communicate. Cryptography is a method in
assuring secure transmission and it achieved by techniques of encryption, which is transforming the
readable plain text into cipher text which is a stream of bits that appears to be meaningless and unreadable.
Dealing with limitations in WSNs, SPINS can only afford to adapt symmetric cryptography algorithm
since other algorithms such as asymmetric algorithms would take up more memory and energy in terms of
key generation, storage and other constrains. SPINS utilizes RC5 as its block cipher and the counter mode
of the block cipher (CTR) as its encryption function [1, 13]. This function is used for both encryption and
decryption to save code space. This CTR is also used to provide data freshness [1].

Trust is put on the base station since the sensor nodes does not have enough choice due to its limitation of
storage and power. The base station in having sufficient storage and energy is capable of generating and
storing of keys. Each communication that takes place between two nodes will share a master secret key
generated by the base station that acts as a key distribution server.

The SPINS consist of two secure building blocks, SNEP (Secure Network Encryption Protocol) and
µTESLA (micro-Timed Efficient, Streaming, Loss-tolerant Authentication Protocol) to protect the
network from attacks and to optimize resource constrained environment as well as the communication
within.

2.1 SNEP

The SNEP protocol provides data confidentiality by using shared key cryptography. Generally, SNEP uses
a MAC (Message Authentication Code) that is generated by the bootstrapped secret key. This offers
‘semantic security’ which is a strong security property that prevents the message from being inferred by
the encrypted messages in other words prevents the inference of the content of the encrypted messages.
This implementation creates additional overheads to the network and to avoid this, SNEP uses a shared
counter between the sender and the receiver. SNEP achieves data confidentiality, data authentication and
data integrity by using this mechanism. Strong data freshness can also be obtained by adding a nonce,
which is an unpredictable bit string, and is generally implemented by incrementing counters as extra
information to the data before encryption [1].
Paper number: 5982549
C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

2.2 µTESLA

µTESLA is particularly a smaller or lighter implementation of TESLA protocol. It is specifically used to

provide efficient authenticated broadcast. In µTESLA, the base station’s key is periodically changed and
sent to the sensors after a certain delay time to provide asymmetry. MAC keys forms a key chain that can
be derived from each other. Any keys in the chain can be used to authenticate other keys as it travels
further through the chain. Each MAC key is assigned to a time interval so that the receiver knows the key
disclosure schedule to match the key with the encrypted message. However, this causes delay in the
processing of messages as the authentication can only be checked when the key is sent after the interval
time. Nevertheless, the limited lifetime of the key forces the key to be obsolete even when a malicious
node discovers it [1].

2.3 Evaluation of SPINS

The paper [1] had pointed out that SPINS protects against many types of attacks in such networks
however, the evaluation of SPINS yields impressive results in terms of cost of energy for tasks executed
by the sensor network. Most of the overhead, about 20% of the total energy consumption, comes from the
transmission of extra data. The overall overhead consumption of power is less than 29%. However, the
researches seem to only have addressed the security of the sensor nodes but not the effect of the security
implemented to the base station. Base stations in such a sensor network play a very important role, as it
has more capacity to aggregate the incoming data from all the sensors, and serves as a gateway to transmit
the data to an outside network it is connected to.

The overall overhead consumption of power is 29% and from that figure. The transmission bandwidth
affected by these overheads caused by adding SPINS to the WSN however have not been investigated.
The strength and stamina of the base station on the limitation of number of sensors it can handle are not
investigated as well. Since considering the bottleneck that will definitely exist as the network grows at the
base station and the impact of the transmission load will have on the bandwidth, this paper discovers just
that.

3.0 SIMULATION

The OPNET Modeler is used as the simulator to simulate the WSN. The software does not provide or
support simulation specifically for WSNs and so there are no predefined objects available to be used for
the simulation. Sensor nodes and processes are self defined and designed to suit the simulation purposes.

The network is setup in a tree topology having several sensor nodes, starting at a minimum quantity of 10
and increase as to test the limitation goes on and are all connected to a base station. Typically, there is a
two way communication link from each sensor node to the base station in order to transmit and receive
data in the network, however, for the purpose of this simulation only, packets are transmitted towards the
base station in a unidirectional way. In other words, each sensor node is assumed to be transmitting
packets to the base station and not receiving them. This is to find out the limit number of sensor nodes that
a single base station is capable of handling.

3.1 Simulation assumptions

Packet Size : 30 bytes (Data packets with no SPINS overheads)

39 bytes (Data packets with SPINS overheads)

Paper number: 5982549

C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

* As from [1] stating that overheads of SPINS takes up to 29% of 30

bytes data packet, SPINS would be causing an additional of
approximately 9 additional bytes.
Bandwidth : 10 kbps
Frequency : 916 MHz
BER (Bit Error Rate) : None
SNR (Signal to Noise Ratio) : None
Area : 10 km x 10 km (Campus Area)
Network : Wireless Sensor Network

4.0 RESULTS

Results collected for 10 sensor nodes transmitting packets to the base station:

Figure 1: packets with no SPINS overheads Figure 2: packets with SPINS overheads

Results collected for 30 sensor nodes transmitting packets to the base station:

Figure 3: packets with no SPINS overheads Figure 4: packets with SPINS overheads

Results collected for 50 sensor nodes transmitting packets to the base station:
Paper number: 5982549
C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

Figure 5: packets with no SPINS overheads Figure 6: packets with SPINS overheads

Results collected for 60 sensor nodes transmitting packets to the base station:

Figure 7: packets with no SPINS overheads Figure 8: packets with SPINS overheads

Results collected for 70 and 80 sensor nodes transmitting packets to the base station:

Figure 9: packets with no SPINS overheads Figure 10: packets with no SPINS overheads

Paper number: 5982549

C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

4.1 Analysis of results

Packets received at the base Packets dropped at the

100 station 100 base station
packets/s

packets/s
50 50

0 0
sensor nodes sensor nodes

NO SPINS NO SPINS

Figure 11: packets received graph Figure 12: packets dropped graph

In a WSN, the size of the packets to be transmitted is acceptable to only about 30 bytes. Assuming a WSN
with no security features, a sensor node will be transmitting 30 bytes of data packet without any other
overheads. Adding the SPINS protocols requires 29% of the total energy cost that consumes
approximately an additional of 9 bytes to be added together with the data packet [1].

The packets received and the packets dropped for data packets with and without the SPINS protocols
overheads in the graph more or less resembles each other. The base station that receives these packets
tends to drop more packets rather than receiving them. This applies to both the packets transmitted with
and without the SPINS protocols overheads starting at 10 sensor nodes. This indicates that at the point of
10 sensor nodes transmitting packets to the base station, congestion has already existed. The results of the
simulation starting from 10 sensor nodes has already in the area of the packet loss since the throughput
continue to decrease as the number of nodes increases.

Both simulations with and without the SPINS protocols overheads are set to have the same criteria only
differ in the size of the packet to represent the overheads. Since there are no BER or SNR being set in the
simulation, the factor that determines the packet loss and decreasing throughput in the WSN simulated
from the results collected are assumed to be congestion or load.

Figures 11 and 12 that accumulates or concludes the overall results collected clearly shows that from 10
sensor nodes to a total of 60 sensor nodes and 80 sensors on a WSN simulated are in the area of packet
loss as shown in figure 5.18. The graph draws a decreasing line representing the throughput that finally
drops to zero throughput, which is the point where the congestion collapse.

The received packet and the dropped packet rate decreases together with the throughput from the
deployment of 10 sensor nodes and 20 sensor nodes and so on until the point of congestion collapsed, but
there is a drastic fall at 30 sensor nodes for the simulation for packets transmitting data with the SPINS
protocols overheads. After the drastic fall, the decrease in throughput continues at a less drastic rate again
until the point of congestion collapsed that indicates the failure or breakdown of the base station. The
effect of congestion is felt the most at the addition or deployment of 30 sensor nodes for the simulation of
packets with the overheads. In general, from the results accumulated, the throughput for packets with the
overheads decreases at a higher rate than the packets without the overheads.

The comparison of the drop rate of packets should the SPINS be adapted or should it not be does not result
a large difference and the rate is more or less relates to the packets received at the base station. With only
an additional of 29% of the data packet, this result is expected.

Paper number: 5982549

C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

The number of packets that the base station is able to process decreases with the increasing number of
sensor nodes constructed. In other words, the base station efficiency decreases with regards to congestion
of the network. The base station failed at handling 60 sensor nodes transmitting data packets with the
SPINS protocols overheads but can still put up to 20 more sensor nodes at the limit of 80 sensor nodes for
data packets without the SPINS protocols overheads.

5.0 CONCLUSION

WSN’s development and realisation in various applications grows rapidly today as some applications
require the use of sensors to operate and function to deliver the needs of users. Its ability to perform
multiple functions and capability to combine data processing with multiple sensing and communicate
wirelessly made it not only efficient and low in cost but preferable to other technology in some particular
applications. However, these small in size sensors have limited power supply, low bandwidth and small
memory sizes. These disadvantages are inescapable due to the miniature architecture of the sensor and
more over makes it more vulnerable to security threats [2].

WSN’s application varies from as simple as controlling the air conditioner in a room to analyzing the
components of a human blood in medical applications and to more severe detecting enemies or danger in
battlefield surveillance military application. As these applications vary, the security level goes with them.
Applications such as controlling the air conditioner in a room might not need any security features in it but
security in military application for instance on the other hand can consider security as a crucial necessity.

Among the possible security threats in a WSN are insertion of malicious code, interception false message
injection and message replay and among the critical and necessary security requirements with respect to
the architecture and characteristics of WSN are data confidentiality, data authentication, data integrity and
data freshness. SPINS proposes a general security protocol for the WSN and consist of the SNEP and the
µTESLA protocols to achieve these requirements of security in WSN. As it is considered acceptable in
terms of performance to adapt the SPINS protocols to the WSN, the level of security that the SPINS
protocols apply is at the very minimum. As this is also the factor that the adaptation of the SPINS
protocols can be considered acceptable. Using the symmetric cryptography algorithm rather than more
secure algorithms such as asymmetric public key cryptography, or digital signature saves more memory
and space for the process of generating and storing the key. Energy for the computation and processing of
the security algorithm is also minimized. However, as a higher level of security might not be adequate to
apply in the WSN, applications which require maximum security such as in battlefield surveillance, the
SPINS protocols may not be sufficient. Considering the limitation that still have not been solved or
overcome, the security aspect in the area of WSN still needs much improvement.

This simulation is carried out to obtain the effect of SPINS protocols overheads on the WSN and to
discover the limitation of number of sensor nodes that the base station is able to handle for sensor nodes
transmitting packets with and without the overheads of the SPINS protocols. Certain evaluation or
consideration that should be put in future that could improve this area of research is to consider the
distance of communication between sensor nodes and the base station. Effectiveness and efficiency of a
transmission considering the limitation of distance is recommended for future work since the placement of
the sensor nodes in the WSN is also considered important.

The typical size of a packet transmitted in a WSN is limited to about 30 bytes. Future improvement on this
aspect could be on minimizing the data transmitted and more onto a much secure algorithm to be adapted
to the WSN. This is suggested to applications that demands high level of security. As this simulation was
done on the stage of existence of congestion, future improvement might be done to simulate the
throughput from the beginning until the congestion collapsed. Improvement can also be made in future for
this same simulation to be carried out to consider the factors of error, BER, SNR and other interference
that are common to the WSN.
Paper number: 5982549
C S S R 0 8’ 0 9 14 - 15 March 2009
C O N F E R E N C E ON S C I E N T I F I C & S O C I A L R E S E A R C H

REFERENCES

Adrian Perrig, Robert Szewczyk, J.D. Tygar, Victor Wen, David E. Culler: “SPINS:Security Protocols for
Sensor Networks”, Wireless Networks, vol.8, pp521-534, 2002.

I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci: “A Survey on Sensor Networks.” IEEE

Communications Magazine, August 2002.

Sasha Slijepceric, Miodrag Potkonjak, Vlasios Tsiatsis, Scott Zimbeck and Mani B. Srivastava: “On
Communication Security in Wireless Ad-Hoc Sensor Networks”, IEEE Computer Society, 2002.

Katayoun Sohrabi, Jay Gao, Vishal Ailawadhi, and Gregory J. Pottie: “Protocols for Self-Organization of
a Wireless Sensor Network”, IEEE Personal Communications Magazine. October, 2000.

Sameer Tilak, Nael B. Abu-Ghazaleh and Wendi Heinzelman: “A Taxonomy of Wireless Micro-Sensor
Network Models”, Mobile Computing and Communications Review, Volume 6, Number 2, pp28-
33, 2002.

Jeffery Undercoffer, Sasikanth Avancha, Anupam Joshi and John Pinkston: “Security for Sensor
Networks”, Department of Computer Science and Electrical Engineering University of Maryland
Baltimore County

Wayne W. Manges and Glenn O. Allgood: “How Secure Is Secure?” sensors online,
http://www.sensorsmag.com, February, 2002.

Mike Chen, Weidong Cui, Victor Wen, Alec Woo: "Security and Deployment Issues in a Sensor
Network," http://www.cs.berkeley.edu/wdc/classes/cs294-1-report.pdf, December 2000.

Ning Xu : “A Survey of Sensor Network Applications”, Computer Science Department University of

Southern California http://enl.usc.edu/~ningxu/papers/survey.pdf

SNEP: Data Confidentiality, Authentication, Integrity, and Freshness

http://www.ece.cmu.edu/~adrian/projects/mc2001/node15.html

µTESLA: Authenticated Broadcast

http://www.ece.cmu.edu/~adrian/projects/mc2001/node16.html

DARPA Sensit Project Self-Organizing Sensor Networks

http://www.eng.auburn.edu/users/lim/sensit.html

Anthony D. Wood, John A. Stankovic: “Denial of Service in Sensor Networks”, University of Virginia,
IEEE, 2002.

Andreas Savvides, Sung Park and Mani B. Srivastava: “On Modelling Networks of Wireless
Microsensors”, Electrical Engineering Department University of California, Los Angeles, 2001.

Levente Buttyan, Jean-Pierre Hubaux: “Report on a Working Session on Security in Wireless Ad Hoc
Networks”, Mobile Computing and Communications Review, Volume 6, Number 4, 2002.

Computer Networks, CS/ECE 757, University of Virginia, 2003 http://www.cs.virginia.edu/~cs757

Paper number: 5982549