The recent advancement in the Internet-of-Things (IoT) domain has substantially transformed many important sectors (e.g., manufacturing, healthcare, smart-home) by introducing programmable IoT platforms to fulfill their varying business needs. Such programmable platforms facilitate a user to bring together a collection of low-powered IoT devices to automatically carry out customized tasks at hand by installing various native and third-party automation apps. Unfortunately, many of these existing programmable IoT platforms do not provide adequate in-built security measures (e.g., fine-grained access control) to thwart risks from misbehaving (rogue/faulty) apps. As a result, a misbehaving app can exercise unrestricted access to the devices and thus, transition the IoT system to an undesirable and/or unsafe state. This can lead to financial loss, fatal consequences, or environmental disasters. This project focuses on defending IoT systems against such threats by preventing native and third-party apps from administering unexpected operations on IoT devices. The project develops a platform-agnostic solution, which has the potential to substantially improve the overall security, privacy and safety of existing programmable IoT systems. The foundational techniques developed in this project are also applicable to a variety of networked systems (e.g., mission-/safety-critical systems).
To develop an effective solution, this collaborative research project relies on the insight that undesirable state transitions of the IoT system can be viewed as violations of the system's desired stateful invariants or policies. The system is expected to comply with these policies to ensure its safety, security, and privacy guarantees. The core objective of this research is to create a policy-guided defense mechanism which prevents an IoT system from entering into an undesired state, even at the presence of misbehaving apps, by dynamically enforcing user-defined policies at runtime. This project realizes the project's objective through three research thrusts. The first thrust designs a unified, expressive policy language to capture user-defined rich stateful policies, which would dictate the expected behavior of a system. The second thrust develops a software-defined overlay which not only generalizes heterogeneous IoT devices connected through several network technologies but also enables a platform-agnostic policy enforcement approach. The third thrust devises the necessary techniques to realize the high-level foundational developments from the preceding thrusts for real-world IoT ecosystems (e.g., smart-home, industrial control systems). With the goal of developing a competitive cybersecurity workforce, the theories and prototypes developed in this project are used to educate undergraduate and graduate students on the inherent design trade-offs in building practical, secure and resilient systems.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
