Security for the Internet of Things

Point of contact

  • Benjamin Smith, INRIA-Saclay
  • Maryline Laurent, SAMOVAR-Telecom SudParis

Summary

Even well-established techniques and principles in Cybersecurity take on a new dimension when we move from the world of the classical internet to the Internet of Things (IoT).

On one hand, the extremely limited resources of low-end IoT devices – severely limited computational power and memory, intermittent connectivity, and above all, extremely strict constraints on energy and battery use – render many cutting-edge techniques inapplicable. On the other hand, the overwhelming scale and heterogeneity of IoT – there are no dominant platforms, operating systems, or even hardware architectures – means that there can be no one-size-fits-all solution to common, well-identified, and even universal security problems. Even the simplest tasks, like secure software updates and cryptographic key management, both of which are taken for granted in real-world Cybersecurity, become hard problems and the subject of active research when we move to low-end IoT devices.

Formal methods therefore have a crucial role in the security analysis of existing IoT systems, and in the development of new, secure replacements.

Keywords

low-end IoT devices, secure software updates, key management

Researchers involved or interested

  • Maryline Laurent, Samovar
  • Jean Leneutre, LTCI
  • Olivier Levillain, Samovar
  • Rida Khatoun, LTCI
  • Houda Labiod, LTCI
  • Pascal Urien, LTCI