The Internet-of-Things (IoT) has quickly moved from concept to reality, with estimates that the number of deployed IoT devices will rise to 25 billion in 2020. However, studies show that many IoT devices have serious security vulnerabilities. Moreover, the limitations of IoT devices and scale of networks of IoT devices often make traditional IT security approaches impractical. This project takes a first-principles approach to rethinking network security and address these concerns for IoT networks: (1) scalable alternatives to simple perimeter defenses; (2) new methods to manage security in deployed networks of IoT devices; and (3) new security policies with sufficient generality to administer IoT devices and networks in many diverse use-cases.
By providing a principled architecture to secure IoT deployments, the project will help realize the full potential societal benefits of IoT. The project will result in the development of novel open-source tools, modeling abstractions, algorithms, and prototype implementations that will reduce the time to deploy novel IoT security solutions, and make the results of the project available to the community. The project's PIs will engage in educational and outreach activities to train the next generation talent for the emerging area of IoT. In particular, the PIs plan to integrate the interdisciplinary research ideas into courses spanning security, networking, systems and cyber-physical systems. The project will also actively encourage participation from underrepresented groups. Finally, the tools and measurements generated by this project will inform and accelerate the industry transition to pervasive IoT deployments that are safe and secure.
