APPIOTS

Research project summary: 

It is expected there will be nearly 50 billion IoT/embedded connected devices by 2020. These devices are expected to be present in all commercial and organizational verticals, as well as in all aspects of private individuals' modern lives. Therefore, the security and privacy aspects of IoT/embedded devices are of paramount importance. The Mirai botnet demonstrated in 2016 the largest (more than 1 Terra-bit/second Tbps) DDoS (Distributed Denial of Service) attack in modern history, and it was composed of less than 200,000 vulnerable and compromised IoT/embedded devices [MIRAI1], which is less than 0.0004% of envisioned 50 billion IoT devices. At the same time, the recent US DHS compromise of Boeing 757 in 2017 revealed that fixing 1 line of code in critical IoT/embedded devices (e.g., avionics) may cost up to 1 million USD and may take up to 1 year to pass all tests and (re)certifications [BOEING1].

The objective of this project is to investigate the commercialization potential of our advanced automated methods and tools for addressing vulnerabilities in software and firmware of IoT/embedded devices. One of the aims of this project is to find a customer base for new software security products and services, which will provide the following capabilities:

  • Identification of vulnerabilities using multiple advanced analysis techniques at various stages of software/firmware life-cycle; confirmation of identified vulnerabilities by performing targeted tests on the vulnerable components and by demonstrating that a compromise would have been possible.
  • Elimination of the vulnerability using auto-healing and auto-patching techniques specific to each class of vulnerabilities; extra features that can bring additional value to certain customer segments (e.g., IoT malware investigation for anti-virus companies).
  • All the features supported and provided by scalable and AI-powered techniques.

Timetable

01.07.2018-31.12.2019

Funding

Business Finland

Responsible Leader

Andrei Costin