Science Score: 44.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
✓CITATION.cff file
Found CITATION.cff file -
✓codemeta.json file
Found codemeta.json file -
✓.zenodo.json file
Found .zenodo.json file -
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (12.4%) to scientific vocabulary
Repository
IoT device security project using MQTT protocol
Basic Info
- Host: GitHub
- Owner: ShotaKameyama
- Language: HTML
- Default Branch: main
- Size: 311 KB
Statistics
- Stars: 1
- Watchers: 1
- Forks: 2
- Open Issues: 1
- Releases: 0
Metadata Files
README.md
Prerequisite
The following should be installed already before setup. - Python3 - Mosquitto Installed
how to install mosquitto
- MacOS:
brew install mosquitto - Linux:
- Debian:
apt-get update && apt-get install mosquitto - Windows:
Getting Started
Install Necessary Source Code and Libraries
git clone https://github.com/ShotaKameyama/ssa_iot.git`
cd ssa_iot
make install
Setup env variables and mosquitto config files.
As we use access controll using username and password, hence we use env variables to avoid info leakage by the source code.
chmod +x setup.sh
./setup.sh
This shell script will take care of the following:
1. Create Mosquitto Access Control List File: ./config/mosquitto.acl
2. Create Mosquitto User Credential File: ./config/mosquitto.pass
3. Create Mosquitto Config File: ./config/mosquitto.conf
4. Add Environment Variables to ~/.bash_profile
Basic Inforamtion
This IoT system consists of 4 instances: - MQTT braker - IoT Controller - IoT Camera - IoT DoorLock
You should start 4 instances parallel.
Instance 1
mosquitto -c config/mosquitto.conf
Instance 2
python3 iot_controller.py
Instance 3
python3 iot_client_doorlock.py
Instance 4
python3 iot_client_camera.py
How to read QR code?
Once you configured 4 instances, then you can start reading qr code using your USB camera.
python3 qr_read.py
Then read a qr file under static/qr
IoT Doorlock MQTT Publish
Alternatively, you can do the following to do the same.
Usage: iot_publish_doorlock.py <Request>
Publish Open Request Sample
python iot_publish_doorlock.py Open
Publish Close Request Sample
python iot_publish_doorlock.py Close
Virtualization
if you need a virtualization, you can use venv.
python3 -m venv pymyenv
. pymyenv/bin/activate
How to force authentication on Mosquitto
- run
mosquitto -c mosquitto.conf
if you don't have the mosquitto.conf file, make sure that you have run ./setup.sh.
How to enable TLS on Mosquitto
Requirement: Certificate Authority (CA) server – OpenSSL for the self-sign certificate in this case. It could be signed by an online CA server for the public trust certificate.
In the CA server:
Generate a CA server key pair with password protection.
openssl genrsa -des3 -out ca.key 4096
Request the certificate with the required information, including Country Name, State, Locality, Organization, Unit Name, CA server hostname (Common Name) and Email address.
openssl req -x509 -new -key ca.key -sha256 -days 365 -out ca.crt
In the Broker server:
Generate a broker server key pair with password protection.
openssl genrsa -out server.key 4096
Request the certificate with the required information, including Country Name, State, Locality, Organization, Unit Name, broker server hostname (Common Name) and Email address.
openssl req -new -key server.key -sha256 -days 365 -out server.csr
In the CA server (self-sign):
Copy the request file server.csr to the CA server to verify and sign the certificate.
openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 365 -sha256
In the Broker server
Copy the signed certificate file server.crt and CA server certificate ca.crt to the Broker server to the Keystore. Update the mosquito configuration file and the related IoT device to use TLS for the MQTT transaction.
How to run tests
Test Report Repository
The exported documents are published below: - Locust Result at static/reports/locust_report - Flake8 result at static/reports/flake8_report - Bandit result at static/reports/bandit_report
Guide Enforcement & SAST
PyLint/Flake8/Bandit are used for the test.
make lint
make flake8
make bandit
Perf Test
- run
locust - Open
http://0.0.0.0:8089/on your browser - Set the values and start the test
Prerequisite
- MacOS: You need to install the following libraries to pass
make installbrew install postgresqlbrew install librdkafkabrew install zbar- if M1 then run either of the following:
C_INCLUDE_PATH=/opt/homebrew/Cellar/librdkafka/1.8.2/include LIBRARY_PATH=/opt/homebrew/Cellar/librdkafka/1.8.2/lib pip install confluent_kafkaCPATH=/opt/homebrew/Cellar/librdkafka/1.8.2/include pip install confluent-kafka- Ref: confluent-kafka-python github issue
mkdir ~/lib && ln -s $(brew --prefix zbar)/lib/libzbar.dylib ~/lib/libzbar.dylib
How to contribute
To contribute to this project, follow these steps:
- Fork this repository.
- Create a branch:
git checkout -b <branch_name>. - Make your changes and check with:
make check - Commit them:
git commit -m '<commit_message>' - Push to the original branch:
git push origin <branch> - Create the pull request.
Alternatively see the GitHub documentation on creating a pull request.
Owner
- Name: Shota Kameyama
- Login: ShotaKameyama
- Kind: user
- Location: Tokyo, Japan
- Company: United Nations ESCAP
- Website: https://blog.shota-kameyama.com
- Twitter: shotakameyama
- Repositories: 3
- Profile: https://github.com/ShotaKameyama
Citation (CITATION.cff)
cff-version: 1.2.0
authors:
- family-names: Kameyama
given-names: Shota
- family-names: Mundy
given-names: Austin
- family-names: Chan
given-names: Ying
- family-names: Van Beek
given-names: Mathew
- family-names: Nova
given-names: Smiya
title: Uiversity of Essex Online Secure Systems Architecture Coding Output
# date-released: "2022-03-07"
GitHub Events
Total
Last Year
Dependencies
- flake8 *
- flake8-html *
- locust *
- locust-plugins *
- opencv-python *
- paho-mqtt *
- pyaml-env *
- pylint *
- pyzbar *
- mfrc522 *
- spidev *