ChirpOTLE: Using RIOT to Evaluate the Security of LoRaWAN
Frank started as a PhD student at the Secure Mobile Networking Lab (SEEMOO) at Technical University Darmstadt in 2020. His research focus is the security of LPWANs, particularly LoRaWAN, and the dynamic reconfiguration of IoT devices, focused on emergency scenarios. He discovered RIOT while working on his Master’s thesis and likes using it for research projects.
LoRaWAN is gaining momentum as an alternative to provide connectivity for smart cities, agriculture, industry, and many more. Thus, becoming part of — even critical — infrastructure, the question of the security and safety of the relatively new protocol arises. Scientific literature has shown potential attacks, but often only in theoretical work or as a proof-of-concept requiring specific hardware. Generic experimental tools for analyzing and evaluating the security threats for full-stack LoRaWANs are still rare, making it hard to validate claims about the security of realistic networks.
In this talk, we show how RIOT helps to fill the gap to make LoRaWAN security evaluation accessible. We present ChirpOTLE, a framework that provides a Python controller interface for orchestrating field nodes running a RIOT application. The node’s custom LoRa radio driver is optimized for security testing and supports time-critical tasks like reactive jamming to study even complex attack flows. Attacks can be verified using only off-the-shelf hardware. We conclude with a practical example of the interaction with the framework to confirm the applicability of an attack.