UPnP“ Design by Example
`A Software Developer's Guide to Universal Plug and Play
`
`M
`
`ichael Jeron
`
`imo and Jack Weast
`
` .m,
`O[0TB
`.,g
`for Eng
`meets,
`
`Ce
`rs, — T
`
`.,eT
`
`Page 1 of 109
`
`LG EXHIBIT 1010
`
`Page 1 of 109
`
`LG EXHIBIT 1010
`
`

`
`
`
`A Software Developer's Guide
`to Universal Plug and Play
`
`/V\ichc1eHeronimo
`Jack Weasf
`
`
`INTEL
`
`PRESS
`
`Page 2 of 109
`
`Page 2 of 109
`
`

`
`Copyright © 2003 Intel Corporation. All rights reserved.
`ISBN 0-9717861-1-9
`
`No part of this publication may be reproduced, stored in a retrieval system or trans-
`mitted in any form or by any means, electronic, mechanical, photocopying, recording,
`scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976
`United States Copyright Act, without either the prior written permission of the Pub-
`lisher or authorization through payment of the appropriate per—copy fee to the Copy-
`right Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400,
`fax (978) 750-4744. Requests to the Publisher for permission should be addressed to
`the Publisher, Intel Press, Intel Corporation, 2111 NE 25”‘ Avenue JF3~330, Hills-
`boro, OR 97124-5961. E-mail: intelpress@intel.com.
`
`This publication is designed to provide accurate and authoritative information in
`regard to the subject matter covered. It is sold with the understanding that the pub-
`lisher is not engaged in professional services. If professional advice or other expert
`assistance is required, the services of a competent professional person should be
`sought.
`
`trademarks,
`Intel Corporation may have patents or pending patent applications,
`copyrights, or other intellectual property rights that relate to the presented subject
`matter. The iurnishing of documents and other materials and information does not
`provide any license, express or implied, by estoppel or otherwise, to any such pat-
`ents, trademarks, copyrights, or other intellectual property rights.
`
`Intel may make changes to specifications, product descriptions, and plans at any
`time, without notice.
`
`Fictitious names of companies, products, people, characters, and/or data mentioned
`herein are not intended to represent any real individual, company, product, or event.
`
`Intel products are not intended for use in medical, life-saving, life—sustaining, critical
`control, or safety systems, or for use in nuclear facility applications.
`
`Intel and Pentium are registered trademarks of Intel Corporation.
`
`1‘ Other names and brands may be claimed as the property of others.
`
`This book is printed on acid~free paper.
`
`Publisher: Richard Bowles
`
`Editor: David J. Clark
`
`Managing Editor: David B. Spencer
`
`Content Manager: Stuart Goldstein
`
`Text Design: Marianne Phelps
`
`Composition: Octal Publishing, Incorporated
`
`Graphic Art: Donna Lawless (illustrations), Ted Cyrek (cover)
`
`Printed in the United States of America
`
`10 9 8 7 6 5 4 3 2 1
`
`First printing, April 2003
`
`Page 3 of 109
`
`Page 3 of 109
`
`

`
`To fenni. Thanks for believing in me. I appreciate your patience, sup-
`port, encouragement, and sacrifice during the many months it took
`to write this book.
`
`To Matty, Sean, and Portia. Thanksfor keeping me smiling. You ’re
`the best bunch of hefialumps a dad could have. C)
`To Jan andfohn (Nana and Papa). Thanks for taking care of the
`/eids during those Sunday afternoon writing sessions andfor provid-
`ing a home away from home.
`
`-—Michael
`
`To Papa. The original W/east engineer who started it all; it is your life
`story that has taught me the value of hard work and dedication
`against even the greatest of odds.
`To Aaron, whose natural ability to do everything better than your
`older brother continues to provide inspiration and drive for my own
`success.
`
`----]acle
`
`Page 4 of 109
`
`Page 4 of 109
`
`

`
`
`
`
`
`
`
`Page 5 of 109Page 5 of 109
`
`Page 5 of 109
`
`

`
`, Chapter
`
`It Just works
`
`It’s lcirzd offun to do the impossible.
`
`—-Walt Disney
`
`eople expect that when they bring a television or DVD player
`home, they can just plug it in, hook up a few cables, and the device
`will “just work.” These devices perform their functions well and are easy
`for consumers to install. PC peripherals, on the other hand, have not
`been as easy to install. Users must be concerned with gory details such
`as device drivers to get devices to work properly. Recently, Universal
`
`Serial Bus (USB) and P1ug—and-Play have improved the situation for PC
`peripherals so that devices can now be automatically detected and
`
`device drivers automatically installed. But networked devices, such as
`an Internet gateway or a networked printer, still require complicated
`manual setup and configuration.
`‘
`The UPnP1 standard brings the PC peripheral Plug-and-Play concept
`to the home network, with the same ease of use and automatic configu-
`ration that users have come to expect with Plug-and—Play devices. Just
`
`1 UPnP is a certification mark of the UPnP Irnplementers Corporation.
`
`Page 6 of 109
`
`Page 6 of 109
`
`

`
`
`
`UPnP Design by Example
`
`as devices can be plugged into the PC and automatically detected and
`
`configured, consumers of home networking equipment can now easily
`add UPnP devices to their home networks and have them just work.
`
`
`
`Why the ilPnP Standard?
`
`When USB devices are plugged into a PC they are automatically
`detected by the operating system, which loads the appropriate software
`and makes the device available for applications to use.This automatic
`
`detection and configuration of devices makes it easy for the end user to
`‘ add and use new devices.
`Similar to a PC and its peripherals, there are various home network
`ing devices, such as an Internet gateway or a networked printer, that
`the user may wish to connect to the local network. However, these
`
`devices usually require an administrator to configure them before they
`can he used. The difficulty of configuring home networking equipment
`
`has been a problem for consumers and a barrier to the adoption of
`home networking. With UPnP, users can add devices to the home net-
`
`work without installing drivers or configuring the devices before using
`them.
`
`
`
`The Foundation for Home Networking
`
`UPnP technology, along with other emerging technologies such as wire-
`
`less networking and high-speed Internet connections, is transforming
`the home. Many devices, such as digital televisions and home audio
`
`equipment, are becoming UPnP technology-enabled. In time, other
`existing networks in the home, such as the power line, home entertain-
`ment, and telephone networks, will have bridging software that auto
`matically makes devices on those networks appear as UPnP devices.The
`result will be a single, logical network of UPnP devices——a kind of
`
`“digital home platform” for entertainment, home automation, and other
`kinds of applications, as shown in Figure 1.1.
`
`Page 7 of 109
`
`Page 7 of 109
`
`

`
`Chapter 1: Must Works E 5
`
`UPnP network of devices
`
`
`
`Use devices
`
`
`
`Data
`Network
`
`Entertainment
`Network
`
`Power Line
`Network
`
`Communications
`Network
`
`Figure 1.! UPnP Technology Is the Foundation for Home Networking
`
`
`
`What Is the UFnP Standard?
`
`The UPnP architecture is designed to connect networked devices, such
`
`as PCs, entertainment equipment, and intelligent appliances. It defines a
`base set of standards for all devices to adhere to and conventions for
`
`describing devices and the services they provide.
`The UPnP architecture leverages existing standards such as TCP/IP,
`HTTP, and XML instead of inventing new underlying mechanisms.The
`architecture consists of a set of standardized protocols that each UPnP
`technology-enabled device implements to provide for discovery, con-
`trol, and data transfer between UPnP devices. UPnP technology can be
`
`‘
`
`supported on any common operating system or hardware platform, and
`it Works with almost any type of physical networking 1nedia—vVired or
`Wireless-—pr0viding maximum user and developer choice.
`The UPnP architecture provides:
`
`E Device Corznectivity. The UPnP architecture defines the protocols
`for devices to interact with other devices. UPnP devices can join
`and leave the network transparently, advertise their services, dis-
`cover other devices and services, send events, and control other
`devices.
`
`Page 8 of 109
`
`Page 8 of 109
`
`

`
`
`
`UPnP Design by Example
`
`g Ad—Hoc Networking. UPnP devices can come together to form a
`network dynamically, without the need for dedicated networking
`infrastructure services, such as a server to manage address assign-
`
`ment. These acZ~l9oc networks are created on-the~fly and enable
`device connectivity without manual configuration.
`
`Zero—C0nfigumtz'on Networ/es. The UPnP architecture supports
`zero-configuration networking where the user is not required to
`
`configure devices before they are used on the netw0rk.The non~
`technical user will find it simple to add and use devices.
`
`Smndczrds-Based Architecture. The UPnP architecture is based on
`
`open standards, including a foundation of existing and proposed
`standard Internet Engineering Task Force (IETF) and World Wide
`Web Consortium (W3C) protocols such as IP, TCP, UDP, HTTP,
`XML, and SOAP. Leveraging existing Internet—based technologies
`simplifies the design of UPnP devices.
`
`Plczzfomn Independence. The UPnP architecture is primarily a set
`of protocols and is not an API definition. The UPnP architecture
`keeps the implementation of the protocols private and does not
`require vendors to develop their implementations on any specific
`operating system,
`language, or hardware. With this approach, ~
`
`UPnP devices can be developed on any platform——a desirable trait
`in a network full of devices from many vendors, including con-
`
`sumer electronics companies.
`
`Media and Device Independence. UPnP technology can run on
`any medium for which there is an IP stack, including phone lines,
`power lines, Ethernet, RF, and IEEE 1394.
`
`Progmm1natz'c and Manual Device Control. The UPnP architec~
`ture enables applications to programmatically control home net-
`working devices. In addition, users can manually control devices
`using the devices browser—based administrative interface.
`2
`
`
`
`User Scenarios
`
`Many futuristic automation scenarios can be developed using UPnP
`devices. Here are a couple of examples that illustrate the power and
`flexibility of UPnP technology in the home of the future.
`
`Page 9 of 109
`
`Page 9 of 109
`
`

`
`Chopierl: h‘J'ustW'orks E 7
`
`Watching a fifiovie
`
`Arriving home after a long day at work, George decides to watch a
`movie. He happens to be in the kitchen getting a glass of juice from the
`fridge, so he calls up a list of recent movies on the screen near to him
`on the kitchen counter. George checks out some previews and then
`selects the movie to watcl1.The movie selection“ program turns on the
`home theater system and automatically starts the movie.The controlling
`program also dims the lights and adjusts the volume of the speakers. Set-
`
`tling in, George watches the movie for a while.Twenty minutes later, an
`alert pops up on the home theater screen indicating activity in the front
`yard. George puts the porch camera on the screen and sees the local
`
`pizza delivery man walking up the path to his door, delivering the pizza
`ordered earlier. George meets the delivery man at the door, takes the
`
`pizza, pays him, including a generous tip, and returns to the home the-
`ater room. Some time after the delivery man leaves, the kitchen‘ lights
`and porch lights turn themselves off to conserve energy, having not
`detected any motion.
`
`Home Maintenance
`
`Every New Year’s Day, Shannon does home maintenance_W'ith her wire-
`less PDA in hand, she walks through her house, examining the status of
`various systems and devices.The PDA displays the list of systems to be
`inspected in the house and tells Shannon what to look for, displaying
`instructions and pictures as needed.
`Shannon starts in the garage with the water heater. She uses her PDA
`to View the operational parameters of the water heater. Using that infor-
`mation, she optimizes the heater’s energy use, updating the heater’s set-
`tings to monitor activity over a period of time and anticipate peak loads
`
`and off periods.
`Shannon moves on to the kitchen where she uses the PDA to review
`
`the state of the dishwasher and the refrigerator. The dishwasher hasn’t
`
`been working very well lately, so she uses the PDA to invoke the dish-
`washers self—test.The test doesn’t turn up any problems, so she calls up
`
`the dishwasher mam1al.The manual has a troubleshooting section that
`
`Shannon reads to find out what might be the problem. Shannon doesn’t
`
`find any answers, so she uses the PDA to send an e-mail message to the
`manufacturer explaining the problem.
`Shannon continues through the house, inspecting, calibrating, and
`making notes of things that she needs to buy for the house. She eventu-
`ally completes this year’s maintenance inspection and goes to the store
`
`to pick up the items she needs.
`
`Page 10 of 109
`
`Page 10 of 109
`
`

`
`
`
`UPnP Design by Example
`
`Key Themes
`
`With a little playful daydreaming, you can probably envision many more
`scenarios like these that simplify life in the home, limited only by your
`imagination. Some key themes appear in many of the scenarios, such as
`automation, where devices automatically respond to events generated
`
`from other devices, and convenience, where the user is able to easily
`accomplish tasks.‘While the scenarios seem futuristic, one thing is cer-
`tain-—~having a standard, open platform for home networking will
`inspire creativity. The UPnP standard is the underlying technology to
`help make scenarios like these real.
`Let’s take a step back from the future now and take a look at the
`UPnP Forum, the organization responsible for the UPnP standards.
`
`
`
`The UPnP Forum
`
`Microsoft Corporation introduced the UPnP initiative at the Consumer
`Electronics Show in January of 1999. The initiative was originally
`supported by companies such as Microsoft, Intel, Hewlett~Packard,
`Compaq, Dell, and many others, and was considered the next phase of
`the Plug-and-Play initiative introduced by Intel, Compaq, and Microsoft
`in 1992.
`
`To guide the creation of the standards, a cross~industry group, the
`UPnP Forum, was created.Today, the Forum consists of more than 550
`
`companies, including industry leaders in consumer electronics, comput~
`ing, home automation, home security, appliances, printing, photography,
`
`computer networking, and mobile products.
`The primary activities of the UPnP Forum include:
`
`3 Defining device standards based on the UPnP architecture
`
`3 Providing for the certification of devices
`
`E Facilitating joint member promotion of UPnP
`
`Device descriptions are XML documents, based on a device description
`document schema, that describe a particular kind of device. By defining
`and publishing UPnP device descriptions, members of the UPnP Forum
`create standard building blocks for home networking. The standards
`defined by the UPnP Forum are platforrnneutral. Membership and par
`ticipation in the design of device schema templates are open to any
`member companies. Companies interested in standardizing particular
`device classes are encouraged to join the UPnP Forum and participate in
`working committees to design schema templates. for their devices.
`
`Page 11 of 109
`
`Page 11 of 109
`
`

`
`Chdpterl: ltlust Works E 9
`
`Vendors can irnplernent devices that conforni to these standards, but
`they must then demonstrate that their devices pass the tests in order to
`
`receive a logo for their device.The UPnP Forum provides the means for
`vendors to certify their devices.
`The UPnP Forum also seeks to promote the UPnP standard in the
`industry and with the general public. It provides a framework for com-
`panies to get together and define building block standards: both techni-
`cal standards, like the UPnP architecture, and legal standards, such as a
`
`broadly signed and carefully scoped joint development agreement.
`These technical and marketing objectives are pursued to advance the
`entire home networking industry.
`
`A Brief History of UPnP
`
`The core UPnP architecture was originally developed by Microsoft and
`contributed to the UPnP Forum in the form of the ‘UPnP Device Archi-
`
`tecture specification. The specification was approved by UPnP Forum
`Technical Committee on June 13, 2000. Version 1 of the specification
`enumerates the UPnP core protocols and establishes the foundation that
`working committees use to develop their specific devices.
`
`Table 1.1 gives a timeline of activity in the UPnP Fortun.
`
`Table 1.1 UPnP Timeline 1
`
`
`
`Date Event
`
`1/99
`
`UPnP standard publicly announced
`
`10/99 UPnP Iorum officially formed
`
`6/O0
`
`UPnP version 1 architecture finalized
`
`6/OO Microsoft Windows’ ME with UPnP version 1 support ships ‘
`
`7/OO
`
`lnte|’s open source UPnP SDK released
`
`5/O1
`
`UPnP version 1 ‘toolkits announced
`
`10/O1 Microsoft Windows XP with UPnP version 1 support ships
`
`11/O1
`
`First UPnP device standard published
`
`12/O1
`
`First UPnP-enabled devices ship
`
`1/O2’ Microsoft Windows CE with UPnP version 1 support ships
`
`Page 12 of 109
`
`Page 12 of 109
`
`

`
` UPnP Design by Example
`
`
`
`The Committees oi the EPttP Forest
`
`The UPnP Forum consists of four organizational elernents.Three are per-
`
`manent committees: the Steering Committee, the Technical Committee,
`and the Marketing Committee.The fourth is a set of Working Commit-
`tees formed as needed by participants to define standard device types.
`
`Steering Committee
`
`The UPnP Steering Committee is the high—level directing body of the
`UPnP Forum. It has about 20 members from various companies, includ-
`ing Microsoft. The composition of the Steering Committee can change
`over time as new members are added.The Steering Committee provides
`business leadership and makes decisions for the UPnP Forum. As the
`organization’s management team, the Steering Committee oversees the
`working committees for defining device descriptions (DCPS). The Steer-
`ing Committee launched a separate company, the UPnP Implementer’s
`Corporation (UIC), responsible for the certification of devices.
`
`Technical Committee
`
`The UPnP Technical Committee is a group of technical representatives
`
`from various companies who process technical issues from working
`committees. The Technical Committee reviews these issues and pro-
`
`duces architectural requirements. They are responsible for the “big
`picture” technically for the UPnP standard.
`
`Marketing Committee
`
`The UPnP Marketing Committee undertakes joint member promotion of
`the UPnP standard, including representing the UPnP Forum at industry
`trade shows.
`
`Working Committees
`
`The nitty-gritty technical work gets done in the Working Committees
`of the UPnP Forum. These groups define the device descriptions that
`describe the interfaces that
`the device provides to the network.
`The working committees define the syntax and semantics of a particular
`device type so that implementations of that device type will be inter-
`changeable.
`
`Page 13 of 109
`
`Page 13 of 109
`
`

`
`Chapter it iilusi Works E T5
`
`To start a new Working committee in the UPnP Forum, members
`
`must first make a proposal to the UPnP Steering Committee.The pro-
`
`posal consists of a set of user scenarios to demonstiate the usefulness of
`the new device type, a schedule of the proposed work, and a commit-
`ment from three independent groups to implement the device type.
`Having multiple independent implementations demonstrates interoper-
`ability of the new device type standard.The group is formed with a par-
`ticular charter, expressed as a set of objectives to be accomplished.
`Once the group satisfies their charter, its Work is complete and the
`group is disbanded. If the group decides to continue work on a sub—
`
`sequent version of the device type, the group must be re-chartered and
`meet the same requirements as any other new group to be chartered.
`This process is summarized in Figure 1.2.
`
`Descriptions
`
`Device and
`Service
`
` WC Creates
`
`
`
`“
`
`OK’d by Steering
`Committee?
`
`C
`
`Yes
`
` Proposal
`
`
`
`Working
`Committee
`Chartered
`
`
`
` 45-day
`
`Review Period
`
`Approved
`Standard
`
`
`Figure L2 Standardization Process Flowchart for UPnP Device Descriptions
`
`Page 14 of 109
`
`Page 14 of 109
`
`

`
` UPnP Design by Example
`
`All Working committees follow the same basic timeline.The Working
`
`committee members first collaborate to design the device description.
`This process usually involves Weekly conference calls and periodic face-
`to—face meetings as the groups members Work through the issues with
`the design for the device type. Once the device description is cont
`pletely designed, test suite development can begin. Sample implementa~
`tions are typically developed, tracking the development of the standard.
`Once the test suites are finalized, the implementations can be validated.
`
`Vi/orking committees often gather for interoperability events to test their
`independent implementations against one another. After the implemen-
`tations pass the test suites, the standard moves to the Steering Committee
`for a final audit. Upon passing this audit, the standard goes into a 45-day
`review period. At the close of this period, it becomes an approved
`standard of the UP11P Forum. Figure 1.2 illustrates the standardization
`process followed by Working committees of the UPnP Forum.
`
`
`
`Currently, the UPnP Forum has many working committees, including
`
`Internet Gateways, Audio/Video, Home Automation, Printers and
`Imaging, Remote I/O, and Security. The committees are formed to meet
`specific objectives and then are disbanded when their work is done.
`They are often re~chartered to meet new objectives, but must meet the
`same criteria as a new Working committee, including commitment from
`
`Page 15 of 109
`
`Page 15 of 109
`
`

`
`Chopterl: h‘JustWorks E 13
`
`three independent groups to implement the device type. For a list of
`committees at any give time, visit the UPnP Forum web site at http://
`www.upnp.org.
`
`
`
`Security and the 15%? Arthiieciure
`
`UPnP technology helps to make networking automatic—people will
`bring home networking devices, turn them on, and have them just
`work, with no technical expertise required. One potential impediment
`
`to this vision, however, is the need for security. There is a trade-off
`between security and ease of use. Implementing security tends to
`
`require administration—setting up passwords, defining access control
`lists, and so on—which gets the user involved again and makes the pro
`cess of using networked devices less automatic.
`In Version I of the UPHP architecture, there is no built~i11 security: All
`UPnP devices on the network can be controlled by any control points.
`Recently though, a new working committee of the UPnP Forum has
`been established that is developing a standard security infrastructure
`compatible with current and future versions of the UPnP architecture.
`
`The UPnP Security Working Committee
`
`The UPnP architecture enables simple networking in the home and
`small office. “Home and small office” can include many different set-
`tings, from single~family homes, apartments, college dorms, and hotel
`
`rooms to a local coffee shop providing wireless Internet access for its
`customers. UPnP devices will enter and leave these dynamic network
`environments and, as always, unscrupulous people will look for oppor~
`tunities to take advantage of a lack of security.
`The UPnP Security working committee is a new group in the UPnP
`Forum that has been chartered to provide a security solution for the
`UPnP architecture that will be common to all device types. The Security
`working committee includes members from Intel, Microsoft, Siemens,
`IBM, Sony, and others. In early 2001, the group specified the require-
`ments for a UPnP security solution and defined the user scenarios it
`
`intends to support.
`Securing the UPnP architecture may eventually expand the use of
`UPnP technology to new fields, such as providing high—value services.
`The security solution developed by the working committee will give
`users choice and control over their network, but will introduce an
`
`Page 16 of 109
`
`Page 16 of 109
`
`

`
` UPnP Design by Example
`
`inevitable tradeoff: security with configuration versus no security with
`
`no configuration.The group will undoubtedly try to strike a balance and
`minimize the configuration required in its security solution.
`
`Requirements of the Securinz Solution
`
`The UPnP security solution will use standard encryption and digital
`signature algorithms to protect all of the UPnP protocols. It will include
`a powerful trust model with non-public key infrastructure authorization
`certificates, avoiding the heavy infrastructure requirements associated
`with public key infrastructure (PKI) solutions. It will also be sensitive to
`the processing capabilities likely to be found on networking devices
`and will require only moderate processing power to implement.
`
`The UPnP Security working committee will introduce security con-
`cepts to the basic UPnP architecture.These additions will likely include
`
`principals, permissions, authorization certificates, and access control
`lists. In addition, the Security working committee will also specify how
`to secure the basic UPnP protocols, including discovery, control, event-
`ing, and presentation. For example, digital signatures and encryption
`will be used to maintain confidentiality and to enforce any access con-
`
`trol policy.
`
`The SSDP Service Bug
`
`Even with a system that has been designed to be secure, security vulner-
`abilities can arise from weaknesses in the implernentation.These vulner~
`abilities can result in denial—of-service attacks, preventing systems from
`being able to offer their services, or provide on opening for an intruder
`to gain unauthorized access. Microsoft Windows ME and Windows XP
`
`contain an implementation of the UPnP protocols and a corresponding
`API that allows developers to create UPnP control points and devices.
`Microsoft’s Internet Gateway implementation, for example, uses this
`API to provide the services required of a UPnP Internet Gateway device.
`Unfortunately, there were two bugs discovered with the implementa-
`tion of the UPnP protocols shipped with these operating systems2
`(which since have been fixed with subsequent service packs). Both
`bugs involve how UPnP technology-capable computers handle the dis-
`covery of new UPnP devices on the network.
`
`2 The bugs are also present on Windows 98 and Windows 98SE systems that have the Internet
`Connection Sharing client installed.
`
`Page 17 of 109
`
`Page 17 of 109
`
`

`
`Chapter 1:
`
`ltJusfWorl<s E 15
`
`The first bug is an unchecked buffer in the implementation of the
`Simple Service Discovery Protocol (SSDP). When the SSDP service
`receives a message from a device that has joined the network, the code
`processing the messages does not check the input for length. An
`unchecked buffer, one of the most common and most serious of imple-
`mentation flaws, allows an attacker to provide more data on an input
`channel (an SSDP socket in this case) than is expected, overwriting the
`program stack and allowing the attacker to run any arbitrary code in the
`context of the application. In this case, the attacker could cause code to
`be run in the context of the SSDP service, which has system privileges
`on Windows XP.
`
`The bug’s official title was: “Unchecked Buffer in Universal Plug and
`
`Play Can Lead to System Compromise” and was documented in
`Microsoft Security Bulletin MSO1-059, Which was originally posted on
`December 20, 2001, at the following URL:
`
`http : //www.m'i crosoft . com/technet/treev1'ew/
`default . asp?u r1 =/ I technet/securi ty/bul 1 eti n/MS@l~@S9 . asp.
`
`The second bug introduced by the implementation of the SSDP service
`
`provides an opportunity for attackers to use the service to perform two
`kinds of denial-of-service attacks-—a distributed denial-of-service attack
`
`where many hosts simultaneously request a device description docu-
`
`ment from a single host, and a simple denial-of—serVice attack where
`many devices may simultaneously request a device description from a
`single host. The details of these attacks are contained in the Security
`Bulletin.
`
` The UPnP lmplemetaiefls Corporation
`
`The UPnP Implementer’s Corporation (UIC) is an independent non-
`profit corporation created by the UPnP Steering Committee that admin-
`isters the UPnP device certification process.
`The UIC owns and licenses the UPnP certification mark. Companies
`with devices that pass conformance tests may license the UPnP logo
`for use with their device.The UIC licenses conformance tests to UIC mem-
`
`bers, reviews test results, and issues certificates of conformity to
`devices that pass the tests.The UIC tests cover the device-dependent
`features specified in the UPnP device standard and the device
`independent features specified in the UPnP version 1.0 architecture.
`
`Page 18 of 109
`
`Page 18 of 109
`
`

`
`ié E UPnP Design by Example
`
`
`
`Summary
`
`
`
`The UPIIP standard helps to reduce complexity and simplify home
`networking for the end user.
`
`UPnP technology—based products “just work” when they are con-
`nected to the network.
`
`The UPnP architecture is the unifying device abstraction layer for
`
`the home of the future, with proxies and bridges spanning to
`other networks in the home, such as the power line, telephone
`line, and home entertainment networks.
`
`With the UPnP architecture, the same kind of open, standard
`
`design target we have enjoyed with PC peripherals is coming to
`the home networking platform.
`
`UPnP standards will allow devices from different Vendors to inter~
`
`operate.
`
`UPnP Forum working committees define standard XML-based
`
`device and service types that devices may implement.
`
`Work has begun in the Security Working committee of the UPnP
`Forum to define a security solution for the current and any future
`versions of the UPnP architecture.
`
`Page 19 of 109
`
`Page 19 of 109
`
`

`
` Chapter
`
` oncepts
`
`Tbe mother can‘ is cz1'cI9z'tecture.Wz'tIaout an czrclfitecture of
`our own we have no soul of our own civilization.
`
`—~Frank Lloyd Wright
`
`here are a few basic concepts introduced. by the UPnP architecture.
`This chapter introduces these concepts and the underlying UPnP
`object model, describing each of the different UPnP entities and their
`corresponding roles and responsibilities. Once you understand this basic
`object model, you will see some of the common activities that occur on
`a network of UPnP devices, activities that form the building blocks for
`
`futuristic scenarios like those in the previous chapter. The chapter then
`delves a bit further into UPnP technology, reviewing the UPnP protocol
`stack and giving a quick overview of each protocol that is part of the
`UPnP device architecture.
`
` Terminelogy
`
`Devices, services, and control points are the basic abstractions of the
`UPnP device architecture. A UPnP device can be any entity on the net-
`work that implements the protocols required by the UPnP architecture.
`Because UPnP standardizes the protocols through which a device
`
`17
`
`Page 20 of 109
`
`Page 20 of 109
`
`

`
`
`
`UPnP Design by Example
`
`communicates rather than the‘APIs that a programmer uses, any entity
`that behaves as a UPnP device by speaking the required protocols is a
`UPnP device.Thus, a device either can be a dedicated physical device,
`such as an Internet gateway, or a logical device, such as a PC, that has
`
`implemented the functionality required of an Internet gateway
`A UPnP device contains zero or more services. A sew/'z'ce is a unit of
`
`functionality implemented by a device. Each service has a set of meth~
`ods, or actions, each with a set of optional input and output parameters
`and an optional return ‘value, much like a function in the C program
`ming language.The specifics of a service, as defined by a UPnP Forum
`Working committee, define each action in detail, listing its required
`input and output parameters and Whether the action returns a value.
`
`
`
`The services that a device must implement are determined by the
`
`device’s type.The Working committees of the UPnP Forum standardize
`the set of services that particular device types must support. 1 For exam-
`ple, an audio rendering device, such as a CD player, might have a
`service that provides the ability to play, stop, and pause audio content.
`A controlpomt is an entity on the network that Works with the func-
`
`tionality provided by a device. In the terminology of client/server coin-
`puting, the control point is the client and the device is the server.
`Control points can invoke actions on services, providing any required
`input parameters and receiving any output parameters and possibly a
`return value. Control points can also request that devices notify them
`when the device state changes. Figure 2.1 shows a control point invole
`ing an action on a UPnP device.The device has implemented a single
`
`UPnP device type that contains two services.
`
`1 Nonstandard device types may have any set of services and methods as defined by their imple-
`menter. It is possible to create proprietary devices and services using UPnP techn