References & Citations
Computer Science > Cryptography and Security
Title: MAVERICK: An App-independent and Platform-agnostic Approach to Enforce Policies in IoT Systems at Runtime
(Submitted on 2 Feb 2023 (v1), last revised 18 Apr 2023 (this version, v2))
Abstract: Many solutions have been proposed to curb unexpected behavior of automation apps installed on programmable IoT platforms by enforcing safety policies at runtime. However, all prior work addresses a weaker version of the actual problem due to a simpler, unrealistic threat model. These solutions are not general enough as they are heavily dependent on the installed apps and catered to specific IoT platforms. Here, we address a stronger version of the problem via a realistic threat model, where (i) undesired cyber actions can come from not only automation platform backends (e.g., SmartThings) but also close-sourced third-party services (e.g., IFTTT), and (ii) physical actions (e.g., user interactions) on devices can move the IoT system to an undesirable state. We propose a runtime mechanism, dubbed Maverick, which employs an app-independent, platform-agnostic mediator to enforce policies against all undesired cyber actions and applies corrective-actions to bring the IoT system back to a safe state from an unsafe state transition. Maverick is equipped with a policy language capable of expressing rich temporal invariants and an automated toolchain that includes a policy synthesizer and a policy analyzer for user assistance. We implemented Maverick in a prototype and showed its efficacy in both physical and virtual testbeds, incurring minimal overhead.
Submission history
From: M. Hammad Mazhar [view email][v1] Thu, 2 Feb 2023 22:39:48 GMT (8032kb,D)
[v2] Tue, 18 Apr 2023 16:45:46 GMT (8143kb,D)
Link back to: arXiv, form interface, contact.