A Holistic Systems Security Approach Featuring Thin Secure Elements for Resilient IoT Deployments (original) (raw)
Related papers
On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids
Energies, 2021
The 5G communication network will underpin a vast number of new and emerging services, paving the way for unprecedented performance and capabilities in mobile networks. In this setting, the Internet of Things (IoT) will proliferate, and IoT devices will be included in many 5G application contexts, including the Smart Grid. Even though 5G technology has been designed by taking security into account, design provisions may be undermined by software-rooted vulnerabilities in IoT devices that allow threat actors to compromise the devices, demote confidentiality, integrity and availability, and even pose risks for the operation of the power grid critical infrastructures. In this paper, we assess the current state of the vulnerabilities in IoT software utilized in smart grid applications from a source code point of view. To that end, we identified and analyzed open-source software that is used in the power grid and the IoT domain that varies in characteristics and functionality, ranging fr...
Access Publications, 2024
The Internet of Things (IoT) has revolutionized various domains, offering connectivity and data sharing among diverse devices and services. However, this interconnectedness poses significant security challenges, primarily centered around confidentiality, integrity, and availability. This paper investigates the security issues embedded in the layers of IoT architecture, ranging from the perception layer to the application layer. By leveraging the Defense-in-Depth security mechanism, we propose a comprehensive approach to fortify IoT systems against cyber threats. The Defense-in-Depth strategy is illustrated through a layered model, addressing security concerns at the perimeter, host, OS/application, and data layers. The study explores various security measures applicable to each layer, emphasizing the need for a multi-faceted approach to ensure the robustness of IoT security.
A Study of Threats, Vulnerabilities and Countermeasures: An IoT Perspective
Shanlax International Journal of Arts, Science and Humanities
IoT or the Internet of things refers to all the physical devices connected to the internet. IoT consists of computing devices that are web-enabled and have the capability of sensing, collecting, and sending data. IoT provides the ability to remote control appliances and has many more applications. Since IoT is becoming a big part of society, it is necessary to ensure that these devices provide adequate security measures. This paper discusses various security issues in IoT systems like threats, vulnerabilities and some countermeasures which can be used to provide some security. Developing a secure device is now more important than ever, as with the increase in digitization, much of a user’s data is available on these devices. Securing data is a primary concern in any system, as internet-enabled devices are easier to hack. The idea of this paper is to spread awareness and improve the security of IoT devices.
Energies
In recent years, people have witnessed numerous Internet of Things (IoT)-based attacks with the exponential increase in the number of IoT devices. Alongside this, the means to secure IoT-based applications are maturing slower than our budding dependence on them. Moreover, the vulnerabilities in an IoT system are exploited in chains to penetrate deep into the network and yield more adverse aftereffects. To mitigate these issues, this paper gives unique insights for handling the growing vulnerabilities in common IoT devices and proposes a threat architecture for IoT, addressing threats in the context of a three-layer IoT reference architecture. Furthermore, the vulnerabilities exploited at the several IoT attack surfaces and the challenges they exert are explored. Thereafter, the challenges in quantifying the IoT vulnerabilities with the existing framework are also analyzed. The study also covers a case study on the Intelligent Transportation System, covering road transport and traffi...
Proposed Embedded Security Framework for Internet of Things (IoT)
Proceedings of the 2nd International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE 2011), February 28 – March 3, 2011, Chennai, India., 2011
IoT is going to be an established part of life by extending the communication and networking anytime, anywhere. Security requirements for IoT will certainly underline the importance of properly formulated, implemented, and enforced security policies throughout their life-cycle. This paper gives a detailed survey and analysis of embedded security, especially in the area of IoT. Together with the conventional security solutions, the paper highlights the need to provide in-built security in the device itself to provide a flexible infrastructure for dynamic prevention, detection, diagnosis, isolation, and countermeasures against successful breaches. Based on this survey and analysis, the paper defines the security needs taking into account computational time, energy consumption and memory requirements of the devices. Finally, this paper proposes an embedded security framework as a feature of software/hardware co-design methodology.
Embedded Security for Internet of Things
Proceedings of the 2nd National Conference on Emerging Trends and Applications in Computer Science (NCETACS), March 4 -5, 2011, Shillong, India, pp. 50 - 55., 2011
Internet of Things (IoT) consists of several tiny devices connected together to form a collaborative computing environment. IoT imposes peculiar constraints in terms of connectivity, computational power and energy budget, which makes it significantly different from those contemplated by the canonical doctrine of security in distributed systems. In order to circumvent the problem of security in IoT domain, networks and devices need to be secured. In this paper, we consider the embedded device security only, assuming that network security is properly in place. It can be noticed that the existence of tiny computing devices that form ubiquity in IoT domain are very much vulnerable to different security attacks. In this work, we provide the requirements of embedded security, the solutions to resist different attacks and the technology for defying temper proofing of the embedded devices by the concept of trusted computing. Our paper attempts to address the issue of security for data at rest. Addressing this issue is equivalent to addressing the security issue of the hardware platform. Our work also partially helps in addressing securing data in transit.
Design Space Exploration for Ultra-Low-Energy and Secure IoT MCUs
ACM Transactions on Embedded Computing Systems, 2020
This article explores the design space of secure communication in ultra-low-energy IoT devices based on Micro-Controller Units (MCUs). It tries to identify, benchmark, and compare security-related design choices in a Commercial-Off-The-Shelf (COTS) embedded IoT system which contributes to the energy consumption. We conduct a study over a large group of software crypto algorithms: symmetric, stream, hash, AEAD, MAC, digital signature, and key exchange. A comprehensive report of the targeted optimization attributes (memory, performance, and specifically energy) will be presented from over 450 experiments and 170 different crypto source codes. The article also briefly explores a few system-related choices which can affect the energy consumption of secure communication, namely, architecture choice, communication bandwidth, signal strength, and processor frequency. In the end, the article gives an overview of the obtained results and the contribution of all. Finally, it shows, in a case ...
Algorithms for Sensor Systems, 2015
Smart objects are devices with computational and communication capabilities connected to the Internet forming the so called Internet of Things (IoT). The IoT enables many applications, for instance outdoor lighting control, smart energy and water management, or environmental sensing in a smart city environment. Security in such scenarios remains an open challenge due to the resource-constrained nature of devices and networks or the multiple ways in which opponents can attack the system during the lifecycle of a smart object. This paper firstly reviews security and operational goals in an IoT scenario inspired in a smart city environment. Then, we present a comprehensive and lightweight security architecture to secure the IoT throughout the lifecycle of a device. Our solution relies on the lightweight HIMMO scheme as the building stone and shows how HIMMO is not only efficient resource-wise, but that it enables advanced IoT protocols and deployments. Our design and analysis show that our HIMMO-based security architecture can be easily integrated in existing communication protocols such as IEEE 802.15.4 or OMA LWM2M providing a number of advantages that existing solutions cannot provide both performance and operation-wise.
The IoTAC Software Security-by-Design Platform: Concept, Challenges, and Preliminary Overview
2022 18th International Conference on the Design of Reliable Communication Networks (DRCN)
Critical everyday activities handled by modern IoT Systems imply that security is of major concern both for the endusers and the industry. Securing the IoT System Architecture is commonly used to strengthen its resilience to malicious attacks. However, the security of software running on the IoT must be considered as well, since the exploitation of its vulnerabilities can infringe the security of the overall system, regardless of how secure its architecture may be. Thus, we present an IoT Software Security-by-Design (SSD) Platform, which provides mechanisms for monitoring and optimizing the security of IoT software applications throughout their development lifecycle, to validate the broader security of the IoT software. This paper describes the proposed SSD platform that leverages security information from all phases of development, using novel mechanisms that have been implemented, and which can lead to a holistic security evaluation and future security certification.