Hardware Supported Cybersecurity for IoT

Abstract

Within the past decade, the number of IoT devices introduced in the market has increased dramatically. This trend is expected to continue at a rapid pace. However, the massive deployment of IoT devices has led to significant security and privacy concerns given that security is often treated as an afterthought for IoT systems. Security issues may come at different levels, from deployment issues that leave devices exposed to the internet with default credentials, to implementation issues where manufacturers incorrectly employ existing protocols or develop proprietary ones for communications that have not been examined for their sanity. While existing cybersecurity and network security solutions can help protect IoT, they often suffer from limited on-board/on-chip resources. To mitigate this problem, researchers have developed multiple solutions based on a top-down (relying on the cloud for IoT data processing and authentication) or a bottom-up (leveraging hardware modifications for efficient cybersecurity protection). In this talk, I will first introduce the emerging security and privacy challenges in the IoT domain. I will then focus on the bottom-up solutions on IoT protection and will present our recent research effort in microarchitecture-supported IoT runtime attack detection and device attestation. The developed methods will lead to a design-for-security flow towards trusted IoT and their applications.