A security architecture for the Internet of Things

Ever since the birth of the Internet in the seventies, the number of devices connected to this network has been growing exponentially. While the Internet was initially a network of generalpurpose computers, it is now common to find consumer products that contain embedded technology to have Internet connectivity. An even more recent trend is that a wide variety of devices, including industrial control systems, robots, cars, but also small sensors are connected to the Internet. This "Internet of Things" (IoT) is estimated to grow to 26 billion Internet-connected units by 2020. A substantial fraction of the devices in the IoT will be small, resource-constrained, and embedded, and as a consequence new security primitives to support secure distributed applications on the IoT need to be designed. The main goal of this proposal is the development of a security architecture for applications running on this IoT. The project starts from the premise that many security vulnerabilities can be avoided if reasoning about security properties of application software can be done on the basis of the source-code. In other words, one can reason about security of an application without worrying about layer-below attacks. The project develops a number of security building blocks (as hardware or operating system functions, or as cryptographic algorithms or protocols) and integrates them into a security architecture for IoT applications that supports such source-based reasoning about security.