The Internet of Things (IoT), connecting large numbers of small embedded devices to the internet, is currently being deployed in critical society infrastructures, factories, hospitals, smart buildings, and so on. In this situation, security concerns must be taken very seriously.
Compromised or faulty IoT components and systems can cause catastrophic damage to individuals, companies, and society. However, existing software for IoT has not been designed with security as a main objective, but rather to cope with constrained memory, power, processing, and bandwidth resources. Consequently, techniques are need by which software for IoT can achieve the highest level of security and safety.
Such techniques are being developed in other domains, in particular for mainstream computing systems, but IoT devices feature peculiar characteristics by which they cannot be directly applied.
The goal of aSSIsT is to develop techniques which are compatible with the characteristics of the IoT domain, in particular techniques
- for analyzing security properties of software,
- for ensuring that security protocols provide their expected service, and
- for augmenting existing software bases with isolation, device protection, and mechanisms for mitigation intrusions.
The results will be demonstrated by providing secure versions of Contiki, the leading open-source OS for IoT, and DTLS and TSCH, to important protocols in the standard IoT stack.