1 / 11

IoTSafe : A Safe & Verified Security Controller for Internet-of - T hings

IoTSafe : A Safe & Verified Security Controller for Internet-of - T hings. Tianlong Yu. IoT is an impending security disaster. overheat. b reak-in. crash. fire. IoT devices cause physical damage !!!. Current approaches fail to secure IoT. ✗. ✗. Attacker. Embedded Controller.

rochelles
Download Presentation

IoTSafe : A Safe & Verified Security Controller for Internet-of - T hings

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IoTSafe: A Safe & VerifiedSecurity Controllerfor Internet-of-Things Tianlong Yu

  2. IoT is an impending security disaster overheat break-in crash fire IoT devices cause physical damage!!!

  3. Current approaches fail to secure IoT ✗ ✗ Attacker Embedded Controller User No physical context Unfixable Flaws - Resource - Management - Longevity

  4. IoTSafeSecurity Controller Security Controller Attacker User 1. Reset device to safe state 2. Stop potential attacker

  5. Project Goals • Room Temperature • Model ✔Verified Safety Hybrid Program KeYmaeraX • Implementation • on OpenDayLight IoTSafe Controller IoT APIs Security Appliances APIs Message Verifier with Snort

  6. Hybrid Program Desired Temperature Td Security Controller Attacker User Message Verifier Te T1 Safety 20<=T1<=24 By Newton’s cooling law:

  7. Hybrid Program Design /* Controller actions */ If can overheated/overcooled in tc time Block user/attacker Td change Reset Td to a safe value /* User/Attacker Actions */ If user/attacker can change Td Non-deterministic Td in (Tdmin, Tdmax) /* Temperature change in tc time */ Differential equation to describe T change P1 Event-triggered or time-triggered? P2 User/attacker actions? P3 Controller Actions? check every tc time

  8. Hybrid Program Design How to predict overheat/overcool? How to set Td to safety value? Stop temperature change How to describe temperature change?

  9. Verification with KeYmaera X

  10. Implementation on SDN controller overheat/overcool FW: lock T; Reset Td; FSM FW: allow T; IoTSafe Controller normal SDN IoT APIs NFV Security Server Internet IoT Gateway Home Network

  11. Discussion & Future Works IoT Device Model Security Policy Synthesizer KeYmaeraX Hybrid Program Automatic Translation? Automatic Verification? IoTSafe Controller

More Related