IRIS

The Internet of Things (IoT) creates value by connecting digital processes to the physical world using embedded sensors, actuators and wireless networks. The IoT is increasingly intertwined with critical industrial processes, yet contemporary IoT devices offer limited security features, creating a large new attack surface and inhibiting the adoption of IoT technologies. Hardware security modules address this problem, however, their use increases the cost of embedded IoT devices. Furthermore, millions of IoT devices are already deployed without hardware security support. This paper addresses this problem by introducing a Security MicroVisor (SμV) middleware, which provides memory isolation and custom security operations using software virtualisation and assembly-level code verification. We showcase SμV by implementing a key security feature: remote attestation. Evaluation shows extremely low overhead in terms of memory, performance and battery lifetime for a representative IoT device.

SµV - the Security MicroVisor: a virtualisation-based security middleware for the Internet of Things / Daniels, Wilfried; Hughes, Danny; Ammar, Mahmoud; Crispo, Bruno; Matthys, Nelson; Joosen, Wouter. - (2017), pp. 36-42. (Intervento presentato al convegno Middleware 17 tenutosi a Las Vegas, NV nel 11th-15th December 2017) [10.1145/3154448.3154454].

SµV - the Security MicroVisor: a virtualisation-based security middleware for the Internet of Things

Bruno Crispo;
2017-01-01

Abstract

The Internet of Things (IoT) creates value by connecting digital processes to the physical world using embedded sensors, actuators and wireless networks. The IoT is increasingly intertwined with critical industrial processes, yet contemporary IoT devices offer limited security features, creating a large new attack surface and inhibiting the adoption of IoT technologies. Hardware security modules address this problem, however, their use increases the cost of embedded IoT devices. Furthermore, millions of IoT devices are already deployed without hardware security support. This paper addresses this problem by introducing a Security MicroVisor (SμV) middleware, which provides memory isolation and custom security operations using software virtualisation and assembly-level code verification. We showcase SμV by implementing a key security feature: remote attestation. Evaluation shows extremely low overhead in terms of memory, performance and battery lifetime for a representative IoT device.
2017
Middleware 17: Proceedings of the 2017 International Middleware Conference (IndustrialTrack)
New York
ACM
978-1-4503-5200-0
2-s2.0-85041237637
WOS:000494946500006
Daniels, Wilfried; Hughes, Danny; Ammar, Mahmoud; Crispo, Bruno; Matthys, Nelson; Joosen, Wouter
SµV - the Security MicroVisor: a virtualisation-based security middleware for the Internet of Things / Daniels, Wilfried; Hughes, Danny; Ammar, Mahmoud; Crispo, Bruno; Matthys, Nelson; Joosen, Wouter. - (2017), pp. 36-42. (Intervento presentato al convegno Middleware 17 tenutosi a Las Vegas, NV nel 11th-15th December 2017) [10.1145/3154448.3154454].
File in questo prodotto:
File Dimensione Formato  
crispo security micro.pdf

accesso aperto

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 636.92 kB
Formato Adobe PDF
Visualizza/Apri
636.92 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/200422
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 20
  • ???jsp.display-item.citation.isi??? 14
social impact