IMPLEMENTING NETCONF AND YANG ON CUSTOM EMBEDDED SYSTEMS

Georges, Krister, Jahnstedt, Per

January 2023

Simple Network Management Protocol (SNMP) has been the traditional approach for configuring and monitoring network devices, but its limitations in security and automation have driven the exploration of alternative solutions. The Network Configuration Protocol (NETCONF) and Yet Another Next Generation (YANG) data modeling language significantly improve security and automation capabilities. This thesis aims to investigate the feasibility of implementing a NETCONF server on the Anybus CompactCom (ABCC) Industrial Internet of Things (IIoT) Security module, an embedded device with limited processing power and memory, running on a custom operating system, and using open source projects with MbedTLS as the cryptographic primitive library. The project will assess implementing a YANG model to describe the ABCC’s configurable interface, connecting with a NETCONF client to exchange capabilities, monitoring specific attributes or interfaces on the device, and invoking remote procedure call (RPC) commands to configure the ABCC settings. The goal is to provide a proof of concept and contribute to the growing trend of adopting NETCONF and YANG in the industry, particularly for the Industrial Internet of Things (IIoT) platform of Hardware Meets Software (HMS).

NETCONF

MbedTLS

YANG

Embedded

SNMP

XML

HMS

IETF

IIoT

ABCC

Wireshark

TLS

Porting

RTOS

IoT

Interoperability

Networking

Security

Protocols

C/C++

Embedded Linux

Configuration Management

Microcontroller

Microprocessor

Scalability

Hardware Interfaces

Hardware

Open source

QA

Data Modeling

System Integration

Automation

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

Embedded Systems

Inbäddad systemteknik

Telecommunications

Telekommunikation

Communication Systems

Kommunikationssystem

Computer Systems

Datorsystem

Odposlech moderních šifrovaných protokolů / Interception of Modern Encrypted Protocols

Marček, Ján

January 2012

This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.