Ekaterina Kraeva, Department of Information Technology and Security Systems Russian State Hydrometeorological University, St. Petersburg, Russia, email@example.com
Tatiana Tatarnikova, Institute of Information Systems and Geotechnologies Russian State Hydrometeorological University
St. Petersburg, Russia, ORCID: [0000–0002–6419–0072]
Viktoria Miklush, Department of Information Technology and Security Systems Russian State Hydrometeorological University, St. Petersburg, Russia, firstname.lastname@example.org
Tatiana Timochkina, Department of Information Technology and Security Systems Russian State Hydrometeorological University
St. Petersburg, Russia, email@example.com
Ivan Palkin, Military training center Russian State Hydrometeorological University, St. Petersburg, Russia, firstname.lastname@example.org
Abstract — This paper presents the known types of smart home systems, as well as internet of things technologies for the implementation of smart home systems. The main vulnerabilities of the Internet of Things are discussed. A description and specifics of each vulnerability is provided. Measures to counter vulnerabilities that exist in smart home systems are proposed.
Keywords: home safety, smart home control system, internet of things, SmartThings products, vulnerabilities in the smart home system, vulnerability protection
© The Authors, published by CULTURAL-EDUCATIONAL CENTER, LLC, 2020
This work is licensed under Attribution-NonCommercial 4.0 International
Currently, the development of smart technologies is undergoing active development. That characterize the use of sensors and computing devices interacting in a dynamic decentralized environment to achieve a common goal — ensuring Their goal is to obtain and analyze information about environmental reality in order to provide users of the environment with new opportunities for interaction with the external environment .
The nature of the “smart environment” allows for conflicts between different devices and participants that may pursue opposite goals and have a different concept of the current situation, but at the same time operate in a common trusted information space security or effective management , .
As a rule, one can distinguish characteristic features of such environment :
• direct interaction between devices;
• remote device management;
• complex functionality of devices;
• “intelligence” of devices;
• a variety of networking standards.
One of the most common examples of the use of “smart environments” can be called “smart home” systems, which are the development of automatic building management systems.
The intelligent system “Smart Home” is a high-tech system that allows you to combine all communications into one system and put it under the control of artificial intelligence, programmable and customizable to all the needs and wishes of the owner.
The “brain” of the entire system is the controller. Thanks to various sensors, the processor “sees” what is happening in the house and reacts to changing parameters, changing the operating modes of the engineering systems of the house.
To date, the introduction of an intelligent building management system solves such problems as saving money during the operation of the building, ensuring comfortable performance of household and household processes in the building, and maintaining optimal environmental parameters in the premises.
The main tasks of the “smart home” include ,:
• prevention of duplication of functions of engineering systems and their mutually exclusive functioning (for example, heating and air conditioning systems);
• coordination of the operating modes of systems with daily changes in external temperature, weather conditions, habits of residents, etc.;
• energy consumption for maintaining the most comfortable environment only in those parts of the building and only at a time when it is necessary;
• fine-tuning the qualities of the internal environment in accordance with the current wishes of users;
• tracking violations in the operation of engineering systems, preventing the consequences of such violations, etc.
II. Literature Review and Research Methods
A review of the specialized literature, sites of manufacturers of elements for the design of the Internet of things systems, as well as the results of practical developments made it possible to single out the most Internet of things technologies suitable for implementing smart home systems.
Here is a systematization of the main products and controllers for building smart home systems.
Smart Home is technically a collection of device systems and managed by a control center.
Fig. 1 shows a typical smart home control system.
Figure 1. Smart home system management.
Smart home systems are of the following types:
• microclimate system (heating, ventilation, air conditioning, humidification, etc.);
• security system (security, fire alarms, access system, control of gas and water leaks, video surveillance);
• power supply system (backup systems, control overload of the power supply network, lighting system, control system of load elements, etc.);
• communication system (telephone, local area network, Internet, SMS alerts);
• remote control system.
• At present, the following promising technologies for combining smart home systems and devices on a common bus are most widely used:
• LanDriver is a universal platform for building control systems used in building automation. Designed to control internal and external systems. The LanDriver system consists of a central controller and modules connected by a bus (RS-485 standard). Managed equipment is connected to the modules. Focused on industrial use.
• EIB / KNX — The EIB system is distributed, control is carried out within the devices, it is autonomous and does not depend on the operability of the central controller. Devices exchange information on the EIB bus in accordance with their own protocol.
• AMX develops software and hardware for remote control of the media system, video surveillance system and a wide range of sensors, and also has closed data transfer protocols. Initially, its own data bus was used, the new equipment line uses standard Ethernet and Wi-Fi protocols, partially developed technologies for interfacing with EIB, LON and others.
• Z-wave, a wireless data technology developed for home automation. It uses low-power and miniature radio modules that are built into household appliances. The technology is based on cellular technology, each node of which is a receiver and transmitter, i. e. when an obstacle occurs, the signal will go through neighboring network nodes that are in range. Another advantage is the low power consumption, which together with the small size allows you to embed Z-wave in various household appliances.
Each of the systems listed above uses its own or third-party protocols for data exchange, depending on the tasks assigned to the system ,.
A. Main Products for the Smart Home
The most common smart home system solution is Samsung’s Smart Things. The technology allows you to control everything in the house from sensors — sensors, cameras, locks.
Key SmartThings products include the free SmartThings app, the SmartThings Hub controller, and various sensors, smart devices, and the IFTTT web service. SmartThings’ own mobile application allows users to automate and control their home environment using a mobile device.
The SmartThings Hub connects directly to your home Internet router and is compatible with communication protocols such as ZigBee, Z-Wave and IP-enabled devices.
There are two main wireless standards that cover all existing smart home products — ZigBee and Z-Wave. SmartThings Hub is equipped with receivers for both This means that there can be no problems connecting any devices.
Main products (sensors) SmartThings , , :
1) Outlet — SmartThings power connector.
Its main function is to adjust the on / off modes. The famous things that Outlet uses are lamps, heaters, coffee makers, and radios.
2) Multifunctional SmartThings Sensor.
The main function is the indication of the open / closed position. Known things that use SmartThings are the external or internal doors, as well as dressers or sideboards. Depending on the location, it may be responsible for access control, reliability or security. It can also be used to launch music and light.
A special property of this sensor is that it can pick up activity at the door. For example, sitting at the front door, it can tell when someone came or rang the doorbell. Also, the multifunction sensor can measure temperature.
3) SmartThings motion sensor.
It can distinguish the presence or movement of someone in the room. Also, the sensor can be programmed to turn on or off certain devices after a set time after the movement near it.
Currently, there are 37 brands that produce devices that work with SmartThings, which in total gives about 100 products, including burglar alarms, smoke detectors, doorbells, light bulbs, garage doors, kitchen appliances, sound panels, robots — vacuum cleaners, security cameras, thermostats, door locks, speakers and much more.
IFTTT (If This Then That) is a web service that allows you to create your own automation paths, including social networks, weather, other web services, other smart devices and everything that can be connected via IP.
The smart home solution from Xiaomi.
1) Xiaomi Smart Home Kit.
It includes a multi-functional control gateway (Xiaomi Gateway), a universal button (Wireless Switch), a motion sensor (Occupancy Sensor) and a sensor for opening doors and windows (Home Door / Window Sensors). The devices are interconnected via the ZigBee protocol, and are controlled through a gateway, which in turn connects to a Wi-Fi network.
2) Xiaomi Smart Home Gateway 2 is a smart home control gateway.
The importance of the gateway lies in its functionality, or rather, in the ability to combine devices operating on the energy-efficient ZigBee protocol into a single network with the ability to configure automation and control scenarios via a smartphone.
3) Xiaomi Smart Wireless Switch — button for smart home.
The button works according to the ZigBee protocol, the energy efficiency of which allows you to work for several years on one battery.
4) Xiaomi motion sensor.
5) Xiaomi presence sensor
It is one of the most popular devices in all automation systems. It can be used both in lighting control scenarios and in security scenarios. Since the sensor operates according to the ZigBee protocol, one of the control gateways is required for its operation. The sensor can also be actively used as an alarm sensor.
Such a set copes with several scenarios:
• Home alarm.
• The doorbell is the simplest scenario, the button is placed near the door, the gateway is plugged in and the doorbell is ready. You can also configure that a notification is sent when you call to the phone, and if you add another camera, we will receive a notification and a photo of the guest.
• Nightlight — Xiaomi Gateway has a built-in backlight, which, coupled with a motion sensor, will be an excellent backlight at night.
• Radio — the gateway has a built-in Internet radio function. You can set the radio to turn on instead of an alarm.
Xiaomi Smart Home is controlled through the Xiaomi MiHome app, available for both Android and iOS.
B. Microcontrollers Overview
1) Raspberry Pi
Raspberry Pi boards are full-featured computers . They have all the attributes of a real computer: memory and a graphics driver for output via HDMI, a dedicated processor. It runs a special version of the Linux operating system (OS). For this reason, most Raspberry Pi boards can easily install most programs for the Linux operating system .
Although the Raspberry Pi does not have an internal data storage, you can use smart cards as flash memory on this board that serves the entire system. Thus, you can quickly download various versions of the operating system or software updates for debugging. Due to the fact that the device provides independent network connectivity, it can also be configured for access via SSH, or transfer files to it via FTP.
Arduino boards are microcontrollers, not full-fledged computers. They do not have an operating system as such, Arduino simply executes the code interpreted by the firmware .
The main purpose of the Arduino board is to interact with sensors and device.
The power requirements for the two systems are very different. Raspberry Pi needs a constant voltage of 5V to work, moreover, the Raspberry Pi is completed by a software process — like a regular computer. Arduino, in turn, starts executing the code immediately after turning it on and stops working when you unplug the plug. To expand the functionality of the Arduino device, you connect the device either directly to the pin contacts of the Arduino board itself or to expansion cards (shields) for it. There are hundreds of different shields, each of which is designed to solve a specific problem, can interact with certain sensors, as well as with other shields, which together form a full-fledged control unit.
Both Raspberry Pi and Arduino have a set of interface ports, however, analog sensors are much easier to connect to Arduino. The microcontroller easily interprets various signals based on the code you wrote and reacts to them. Therefore, Arduino is perfect for those cases when it is planned to execute a series of commands or respond to sensor readings, depending on which the operation of servos and devices will be adjusted.
In turn, Raspberry Pi for effective interaction with such devices requires special software — this is probably an unnecessary complication if you just need to automate watering in the garden or store water at the right temperature. In many projects, Arduino and Raspberry Pi are used together, and Arduino acts as a control board on which the commands issued by the Raspberry Pi software are executed. Information from the sensors is fed to the Raspberry Pi, where it is recorded, or certain operations are performed in response to it.
Based on the analysis, Arduino is better to choose if the main task is to read sensor data, change values on the engine or other devices. Given the Arduino’s power requirements and the ease of maintenance of this system, the device can be operated on and off without interfering with its operation.
It is better to well on the Raspberry Pi when solving such tasks that it would be logical to carry out on a personal computer. The Raspberry Pi simplifies workflow management in a variety of situations: if you connect to the Internet to read or write data, play some kind of media information or connect to an external display.
3) Orange Pi
After the success of the Raspberry Pi boards, other developers began actively promoting their “Pi-like” single-board computer projects, among them there is the well-established Orange Pi family, which includes many different options and versions .
The main differences between the controllers within the family are in the amount of RAM, the presence of built-in Wi-Fi, as well as EMMС memory on the board.
The differences in price are due primarily to the brand, since the Raspberry Pi are the founders of this trend in technology. In Orange Pi, the processors used are cheaper than in Raspberry Pi, in addition, the Raspberry Pi processors are hotter, and the claimed 1.6 GHz, in fact this is not real, but a marketing operating frequency.
If we consider that the frequency recommended by the processor manufacturer is at 1.2 GHz, then we will consider the performance of the two families to be similar.
In addition, Orange Pi supports more operating systems.
The main result is a complete classification of vulnerabilities in the smart home system, built on the technology of the Internet of things. The following is a description and features of each vulnerability.
A.Inadequate Physical Security
This vulnerability implies the lack of physical protection measures for IoT devices, which allows potential attackers to obtain confidential information, which in the future can help implement a remote attack or gain local control over the device.
It is known that IoT devices are distributed in space and are often installed in public or insecure locations. This allows attackers to gain access to the device, thereby taking control of it or using it as an access point to other network nodes.
The following malicious activities are possible related to gaining physical access to IoT devices:
• IoT device spoofing — an attacker copies settings, for example, IP network, MAC address, etc. Spoofing device is a source of listening or reducing network performance;
• Hacking RFID reader;
• Installation of hardware bookmarks;
• Installing malware;
• Theft of confidential data;
• The failure of the IoT device.
B. Insecure Default Settings
Devices or IoT systems come with unsafe default settings or with restrictions for users to change configurations.
Despite the fact that the device can be implemented many smart functions, but the possibility of security configuration is not provided.
For example, it does not support checking passwords for reliability, it is not possible to create accounts with various rights — administrator and users, there are no settings for encryption, logging and notifying users about security events.
C. The Inability to Control the Device
The vulnerability is related to the lack of security support for running devices, including asset management, update management, secure decommissioning, system monitoring, and response.
IoT devices are most often a “black box”. The IoT devices do not have the ability to monitor the status of its work, the identification of working services and interactions with other devices.
Also not all manufacturers give users of IoT devices full control over the operating system (OS) and running applications. There is also no way to check the integrity and legitimacy of the downloaded software or install update patches on the OS.
During attacks, the firmware of the device can be reconfigured so that it can be repaired only by completely flashing the device. A similar disadvantage was used, for example, by Silex malware.
D. Insecure Data Transfer and Storage
Such vulnerability means the absence of encryption or control of access to sensitive data anywhere in the ecosystem, including during storage, during transmission or during processing.
Internet of things devices collect and store environmental data, including various personal information . If the compromised password can be replaced, then the stolen biometric data, such as a fingerprint, a picture of the retina of the eye, a face image, is no longer possible to replace.
At the same time, IoT devices can not only store data in unencrypted form, but also transmit it over the network. Transmission of data in clear form over a wireless network or transmission over the Internet makes this data vulnerable to intruders .
E. Low Privacy Protection
This vulnerability is related to the fact that the user’s personal information stored on the device or in the ecosystem is used insecurely, improperly or without permission.
This vulnerability echoes the previous one — all personal data must be stored and transmitted in a secure manner. But this vulnerability implies confidentiality in a deeper sense, namely in terms of protecting privacy secrets.
IoT devices collect information about what and who surrounds them, including this also applies to unsuspecting people. The stolen or incorrectly processed user data can either unintentionally discredit a person or be used in blackmail .
F. Use of Unsafe or Outdated Components
The vulnerability is based on the use of outdated or insecure software components or libraries that could allow a device to be compromised. This includes unsafe configuration of operating system platforms and the use of third-party software or hardware components from a compromised elements chain of building the Internet of things infrastructure ,.
One vulnerable component can affect the entire security configuration.
An independent information security researcher, Paul Marrapese, has discovered dozens of Chinese manufacturers of IoT equipment vulnerabilities that could be exploited for “Man in The Middle” attacks and device tampering. According to expert estimates, more than 2 million IP cameras, smart doorbells, baby monitors and other IoT devices are at risk.
The problem is contained in the iLnkP2P application P2P protocol. The application allows you to remotely control equipment through a mobile application, bypassing the limitations of firewalls. To connect, users scan the barcode on their device or enter the six-digit code indicated on it. For further work, authorization is no longer required.
This vulnerability has become a weak point of the technology. It will not be difficult for attackers to find vulnerable devices and intercept the information that it sends to the management servers. Since developers do not implement data encryption, attackers can learn the user password and establish control over the gadget. This will allow an attacker not only to spy on the owner of the hacked camera, but also to create extensive IoT botnets like Mirai and the like.
The researcher also notes that such devices can work for a long time with factory credentials and many unclosed vulnerabilities in the code. This circumstance simply relieves the attackers of the need to intercept the password.
Here is another example of IoT devices whose manufacturer does not fix their vulnerability.
If you go to some kind of shadow forum, you can find a great amount of data about hacked surveillance cameras (logins and passwords for accessing the camera). Moreover, many passwords are quite complex and meet the password policy. Hacking such a password can take a huge amount of time — sometimes up to several tens of years. Nonetheless, all these logins and passwords fell into the hands of attackers due to the vulnerabilities of video surveillance cameras.
This vulnerability has been around for more than 4 years and developers still do not fix it. Thus, tens of thousands of cameras around the world are exposed to this vulnerability.
G. Lack of Secure Update Mechanisms
This vulnerability means the inability to securely update the device. It includes the lack of firmware validation on the device, the lack of secure delivery (without encryption during transmission), the absence of mechanisms to prevent rollbacks, and the absence of notifications about security changes due to updates.
The inability to update the device itself is a security weakness. Failure to install the update means that the devices remain vulnerable for an indefinite time.
But in addition, the update itself and firmware may also be unsafe. For example, if encrypted channels are not used to receive the software, the update file is not encrypted or is not checked for integrity before installation, there is no anti-rollback protection (protection against a return to a previous, more vulnerable version), or there are no notifications about security changes due to updates.
H. Insecure Ecosystem Interfaces
Having an unsafe web interface, API, cloud or mobile interfaces in the ecosystem outside the device allows you to compromise the device or its related components. Common problems include lack of authentication or authorization, lack or weak encryption, and lack of input and output filtering.
Using unsafe web interfaces, API, cloud and mobile interfaces allows you to compromise the device or its related components even without connecting to it.
For example, Barracuda Labs conducted an analysis of the mobile application and web interface of one of the “smart” cameras and found vulnerabilities that allow to obtain a password for the Internet of things device:
• The mobile application ignored the validity of the server certificate.
• The web application was vulnerable to cross-site scripting.
• File crawling on the cloud server was possible.
• Device updates were not protected.
• The device ignored the validity of the server certificate.
I. Insecure Network Services
Unnecessary or insecure network services running on the device itself, especially open to the external network, jeopardizing confidentiality, integrity, authenticity, availability of information or allowing unauthorized remote control .
Unnecessary or insecure network services jeopardize device security, especially if they have access to the Internet.
Insecure network services may be susceptible to buffer overflow and DDoS attacks. Open network ports can be scanned for vulnerabilities and insecure connection services.
One of the most popular vectors of attacks and infection of IoT devices so far is the enumeration of passwords on non-disabled Telnet services and on SSH. After gaining access to these services, attackers can download malicious software to the device or gain access to valuable information.
J. Weak, Guessable, or Hard-Coded Passwords
The use of easily crackable, publicly available or immutable credentials, including backdoors in firmware or client software that provides unauthorized access to deployed systems.
Until then, the biggest vulnerability is the use of weak passwords, default passwords, or passwords leaked to the network.
Despite the obvious need to use a strong password, some users still do not change the default passwords.
We will discuss measures to counter the vulnerabilities that exist in smart home systems.
A. Inadequate Physical Security
The solution to this problem is to complicate physical access to devices. It is recommended to install IoT devices in protected areas, at a height or use anti-vandal lockers.
B. Insecure Default Settings
Manufacturers should enable the user to change the configuration. This will allow the user to change the settings in accordance with their desires.
C. The Inability to Control the Device
The solution to these problems can be the use of specialized software for managing devices of the Internet of things, for example, cloud solutions AWS, Google, IBM, etc.
D. Insecure Data Transfer and Storage
Certainly, the user can use secure communication channels for data transfer, however, the encryption functions of stored passwords, biometric and other important data must be implemented by the device manufacturer.
E. Low Privacy Protection
The policy guarantees that only the data necessary for the functioning of the device is collected, the availability of permission to store personal data, the personal data protection, as well as compliance with the rules for data storage. Otherwise, if these conditions are not observed, the user may have problems with the law.
F. Use of Unsafe or Outdated Components
To check if a particular device is vulnerable, you need to use the Shodan.
This search engine, which allows you to search for servers, cameras, printers, routers, control systems connected to the Internet. The appearance of the search engine interface Shodan is shown on the Fig. 2.
Figure 2. Shodan search engine operating interface.
Enter the following query into the search bar:
realm = “GoAhead”, domain = “:81”
Further in the main window of the interface a complete list of results is displayed, including:
• IP address;
• Internet Service Provider;
• when the record was added to the database;
• country in which the device is located;
Another auditing program for Internet-enabled devices is the Censys platform.
Censys helps information security professionals discover, track, and analyze IoT devices available from the Internet. Censys regularly checks every public IP address and popular domain names, oversees and complements the received data, and also makes them understandable through an interactive search engine and API.
A search engine implements three search categories:
• IPv4 hosts — a classic search for hosts as in Shodan;
• Alexa Top related websites — statistics on traffic to other sites;
• certificates — certificate base.
Censys regularly scans the following protocols:
• HTTP. Scan TCP ports 80, 8080, and 8000 for HTTP hosts.
• HTTPS. Scan TCP ports 443, 4443 and complete a handshake using the transport layer security protocol with responsive hosts.
• POP3, IMAP, SMTP, SMTPS. Port scanning for general mail protocols.
• SSH. Scan TCP port 22 handshake completion SSH.
• Telnet. Scan TCP ports 23 and 2323 of telnet handshake with hosts.
• Modbus, Tridium Fox. Scan frequently used industrial control systems and collect device data when available.
• DNS. Scan UDP port 53 and check if the DNS servers provide the correct entries.
• FTP. Scan TCP Port 21.
• CWMP. Scan client devices on CWMP
• AMQP. Scanning the system of message brokers on TCP port 5672.
• MQTT. Scan TCP ports 1883 and 8883 of the system of message brokers.
• Remote Desktop Protocol, VNC, PCAnywhere. Scan TCP ports 5632, 3389, and 5900 and 5901.
• Oracle, MySQL, Postgres, MSSQL. Scan TCP Ports 1521, 3306, 5432, and 1433.
• MongoDB. Scan TCP port 27017.
• IPP. Scan the printer over TCP port 631.
The appearance of the Censys window with search results on demand is shown on Fig. 3.
Figure 3. Appearance of Sensys window with search results on request.
Router Scan is a security audit utility. It is used to find devices connected to a Wi-Fi network, collect information on devices (access point name and password, encryption type, subnet mask, etc.), and also uses exploits that use vulnerabilities in network equipment. It is easy to use, but the scanning process can take a long amount of time. The program searches for devices in the specified range. The range does not have to be in the zone of the user himself using the program. The IP addresses under investigation can be located throughout the city, in neighboring cities or in another country.
There are several ways to search for vulnerable devices:
• an indication of the range in which vulnerable IP addresses are searched;
• attack of a single address;
Available manual search and automatic.
Information is obtained in two possible ways:
• The program will try to guess the login / password pair to the router from the list of standard passwords, thereby gaining access.
• Vulnerabilities (errors) will be used against the router model, which will allow you to obtain the necessary information, as well as bypass the user authorization process.
The interface of the Router Scan utility is shown on Fig. 4.
Figure 4. Router scan utility interface.
G. Lack of Secure Update Mechanisms
A solution to this problem is also on the side of the manufacturer. But you can check if your device is capable of updating at all. Make sure that the update files are downloaded from the verified server via an encrypted channel, and that your device uses a secure update installation architecture.
H. Insecure Ecosystem Interfaces
For protection, it is necessary to change the default user and password, make sure that the web interface is not subject to cross-site scripting, SQL injection or CSRF attacks.
Also, protection against password attacks by brute force should be implemented. For example, after three attempts to enter the password incorrectly, the account should be blocked and allow password recovery only through a hardware reset.
I. Insecure Network Services
Disable unnecessary network services. Implement a policy restricting access through open network ports.
J.Weak, Guessable, or Hard-Coded Passwords
The solution is to change the password.
When users purchase IoT devices, they think primarily about “smart” capabilities, not about security.
IoT security is currently not regulated by law.
The main problems of the Smart Home systems are revealed. The most common problem is the lack of authentication in these systems, as well as the lack of data encryption when they are processed inside the system or transferred to the server via the network, which gives more opportunities for attackers to penetrate the system. But also the policy of weak passwords in Smart Home systems can serve as a loophole for penetration.
 Atzor, L., Iera, A., & Morabito, G. The Internet of Things: a survey, in Computer Networks, no. 54 (15), 2010, pp. 2787–2805
 IEEE Std 802.11–2007, Revision of IEEE Std 802.11–1999. IEEE Standard for Information Technology-Telecommunications and information exchange between systems Local and metropolitan area network — Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. IEEE Computer Society, June 2007
 Hersent, O., Boswarthick, D., and Elloumi, O. The Internet of Things: Key Applications and Protocols, Willey Publ., 2012
 Tatarnikova, T. M. and Dziubenko, I. N. Wireless Sensor Network Clustering Model, in Wave Electronics and its Application in Information and Telecommunication Systems (WECONF), St. Petersburg, 2018, pp. 1–5, DOI: 10.1109/WECONF.2018.8604452
 Baranov, A., Somov, A., Spirjakin, D., Akbari, S., and Passerone, R. Perpetual operation of CO wireless sensor node with hybrid power supply, in Sensors and Actuators A: Physical, 2016, vol. 238, pp. 112–121
 Kellmereit, D. The Silent Intelligence: The Internet of Things, Publisher: DND Ventures LLC, 2013
 Hla Yin., M., and Win, Z. Fault Management Using Cluster-Based Protocol in Wireless Sensor Networks, in International Journal of Future Computer and Communication, 2014, vol. 2, no. 6, pp. 36–39
 Park, D.-S. Fault Tolerance and Energy Consumption Scheme of a Wireless Sensor Network, in International Journal of Distributed Sensor Networks, vol. 3, 7 p., 2013, DOI: 10.1155/2013/396850
 Sovetov, B. Y., Tatarnikova, T. M., and Cehanovsky, V. V. Detection System for Threats of the Presence of Hazardous Substance in the Environment, 2019 XXII International Conference on Soft Computing and Measurements (SCM)), St. Petersburg, Russia, 2019, pp. 121–124, DOI: 10.1109/SCM.2019.8903771
 Tatarnikova, T. M., and Dziubenko, I. N. IoT system for detecting dangerous substances by smell, in Information and Control Systems, vol. 2, 2018, pp. 84–90, DOI: 10.15217/issn1684–8853.2018.2.84
 Cicolani, J. Beginning Robotics with Raspberry Pi and Arduino, Apress Inc, 2018
 Chin, R. Arduino and Raspberry Pi Sensor Projects for the Evil Genius, McGraw-Hill Education TAB, 2017
 Bogatyrev, V. A., Bogatyrev, S. V., Parshutina, S. A., and Bogatyrev, A. V. Model and Interaction Eﬃciency of Computer Nodes Based on Transfer Reservation at Multipath Routing, in Wave Electronics and its Application in Information and Telecommunication Systems (WECONF), St. Petersburg, 2019, pp. 1–4, DOI: 10.1109/WECONF.2019.8840647
 Tatarnikova, T. M. and Poymanova, E. D. Energy Model of Data Storage Process, in Wave Electronics and its Application in Information and Telecommunication Systems (WECONF), Saint-Petersburg, Russia, 2019, pp. 1–4
 Tatarnikova, T. M. Limitations of information leakage through the non-obvious features of the Android 5 smartphone, in Information and Control Systems, vol. 5, 2019, pp. 24–29, DOI:10.31799/16848853–2019–5–24–29
 Liu, B., Dousse, O., Nain, Ph., and Towsley, D. Dynamic Coverage of Mobile Sensor Networks, in IEEE Trans. On Parallel and Distributed Systems, 2013, vol. 24, no 2, pp. 301–311,
 Dziubenko, I. N., and Tatarnikova, T. M. Algorithm for Solving Optimal Sensor Devices Placement Problem in Areas with Natural Obstacles, in Wave Electronics and its Application in Information and Telecommunication Systems (WECONF), St. Petersburg, 2018, pp. 1–5, DOI: 10.1109/WECONF.2018.8604325
 Bogatyrev, V. A. and Vinokurova, M. S. Control and Safety of Operation of Duplicated Computer Systems, in Communications in Computer and Information Science, IET – 2017, vol. 700, pp. 331–342