Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Defining Actionable Rules for Verifying IOT Safety and Security

Published

Author(s)

Kayla Ibrahim, Suryadipta Majumdar, Daniel Bastos, Anoop Singhal

Abstract

Internet of Things (IoT) is being widely adopted in recent years. Security, however, has lagged behind, as evidenced by the increasing number of attacks that use IoT devices (e.g., an arson that uses a smart oven, burglary via a smart lock). Therefore, the transparency and accountability of those devices very often become questionable. To that end, formally verifying the system state of those devices against desirable security rules might be a promising solution. However, there is a significant gap between the high-level security recommendations (e.g., NISTIR 8228, NISTIR 8259, OWASP IoT guidance, UK code of practice, and ENISA good practices) for IoT, and the low-level system data (e.g., sensor data, logs, configurations) in IoT devices. This poster aims to bridge this gap and design a technique to automatically define actionable security rules based on those high-level recommendations and to enable the verification of those low-level implementations of IoT devices.
Proceedings Title
41st IEEE Symposium on Security and Privacy
Conference Dates
May 18-20, 2020
Conference Location
San Francisco, CA, US
Conference Title
41st IEEE Symposium on Security and Privacy 2020

Keywords

IoT, security rules, verification

Citation

Ibrahim, K. , Majumdar, S. , Bastos, D. and Singhal, A. (2020), Defining Actionable Rules for Verifying IOT Safety and Security, 41st IEEE Symposium on Security and Privacy, San Francisco, CA, US, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=930071 (Accessed December 3, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created May 17, 2020, Updated October 12, 2021