338 research outputs found
Discovering Physical Interaction Vulnerabilities in IoT Deployments
Internet of Things (IoT) applications drive the behavior of IoT deployments
according to installed sensors and actuators. It has recently been shown that
IoT deployments are vulnerable to physical interactions, caused by design flaws
or malicious intent, that can have severe physical consequences. Yet, extant
approaches to securing IoT do not translate the app source code into its
physical behavior to evaluate physical interactions. Thus, IoT consumers and
markets do not possess the capability to assess the safety and security risks
these interactions present. In this paper, we introduce the IoTSeer security
service for IoT deployments, which uncovers undesired states caused by physical
interactions. IoTSeer operates in four phases (1) translation of each actuation
command and sensor event in an app source code into a hybrid I/O automaton that
defines an app's physical behavior, (2) combining apps in a novel composite
automaton that represents the joint physical behavior of interacting apps, (3)
applying grid-based testing and falsification to validate whether an IoT
deployment conforms to desired physical interaction policies, and (4)
identification of the root cause of policy violations and proposing patches
that guide users to prevent them. We use IoTSeer in an actual house with 13
actuators and six sensors with 37 apps and demonstrate its effectiveness and
performance
A run-time verification framework for smart grid applications implemented on simulation frameworks
Smart grid applications are implemented and tested with simulation frameworks as the developers usually do not have access to large sensor networks to be used as a test bed. The developers are forced to map the implementation onto these frameworks which results in a deviation between the architecture and the code. On its turn this deviation makes it hard to verify behavioral constraints that are described at the architectural level. We have developed the ConArch toolset to support the automated verification of architecture-level behavioral constraints. A key feature of ConArch is programmable mapping for architecture to the implementation. Here, developers implement queries to identify the points in the target program that correspond to architectural interactions. ConArch generates runtime observers that monitor the flow of execution between these points and verifies whether this flow conforms to the behavioral constraints. We illustrate how the programmable mappings can be exploited for verifying behavioral constraints of a smart grid application that is implemented with two simulation frameworks. © 2013 IEEE
SIFT: Building an Internet of safe Things
As the number of connected devices explodes, the use scenarios of these devices and data have multiplied. Many of these scenarios, e.g., home automation, require tools beyond data visualizations, to express user intents and to ensure interactions do not cause undesired effects in the physical world. We present SIFT, a safety-centric programming platform for connected devices in IoT environments. First, to simplify programming, users express high-level intents in declarative IoT apps. The system then decides which sensor data and operations should be combined to satisfy the user requirements. Second, to ensure safety and compliance, the system verifies whether conflicts or policy violations can occur within or between apps. Through an office deployment, user studies, and trace analysis using a large-scale dataset from a commercial IoT app authoring platform, we demonstrate the power of SIFT and highlight how it leads to more robust and reliable IoT apps
Formal aspects of component software
This is the pre-proceedings of 6th International Workshop on Formal Aspects of Component Software (FACS'09)
Interim research assessment 2003-2005 - Computer Science
This report primarily serves as a source of information for the 2007 Interim Research Assessment Committee for Computer Science at the three technical universities in the Netherlands. The report also provides information for others interested in our research activities
- …