Wireless sensor networks (WSNs) are frequently deployed unattended and can be easily captured or compromised. Once compromised, intrusion prevention methods such as encryption can no longer provide any protection, as a compromised node is considered a legitimate node and possesses the secret key for decryption. Compromised nodes are essentially inside attackers and can perform various attacks to break the functionality of the system. Thus, for safety-critical WSNs, intrusion detection techniques must be used to detect and remove inside attackers and fault tolerance techniques must be used to tolerate inside attackers to prevent security failure.

In this dissertation research, we develop a class of dynamic redundancy management algorithms for redundancy management of multisource multipath routing for fault and intrusion tolerance, and majority voting for intrusion detection, with the goal of maximizing the WSN lifetime while satisfying application quality-of-service and security requirements, for base station based WSNs, homogeneous clustered WSNs, and heterogeneous clustered WSNs. By means of a novel model-based analysis methodology based on probability theory, we model the tradeoff between energy consumption vs. reliability, timeliness and security gain, and identify the optimal multisource multipath redundancy level and intrusion detection settings for maximizing the lifetime of the WSN while satisfying application quality-of-service requirements. A main contribution of our research dissertation is that our dynamic redundancy management protocol design addresses the issues of "how many paths to use" and "what paths to use" in multisource multipath routing for intrusion tolerance. Another contribution is that we take an integrated approach combining intrusion detection and tolerance in the protocol design to address the issue of "how much intrusion detection is enough" to prevent security failure and prolong the WSN lifetime time.

We demonstrate resiliency of our dynamic redundancy management protocol design for intrusion detection and tolerance against sophisticated attacker behaviors, including selective and random capture, as well as persistent, random, opportunistic and insidious attacks, by model-based performance analysis with results supported by extensive simulation based on ns3.