Techniques for Building Robust and User Customizable IoT Systems
Date
Authors
ORCID
Journal Title
Journal ISSN
Volume Title
Publisher
item.page.doi
Abstract
In the last decade, billions of new IoT devices have been developed by different providers using either their proprietary architecture or standard architecture like IoT M2M, AWS IoT, and AT&T M2X. Many of these IoT systems are rigid with no user customization, and a user can configure only a few parameters in the IoT system. We present a user-customizable IoT architecture that enables users to build and customize IoT systems based on their requirements without writing any code. User customization is performed in two ways: hardware customization and software customization. In hardware customization, a user can add/remove IoT sensors/actuators, to/from the IoT system without knowing any hardware details of those sensors/actuators. For software customization, the user can create tasks without writing any code. We have designed a rule engine, which converts user-desired actions into computer code as a part of software customization. We design a concept called self-aware sensor/actuator to achieve user customization. A self-aware sensor/actuator is a sensor/actuator aware of its type, attributes, capabilities, and constraints and provides a mechanism to the users to customize tasks using these parameters. In the later part of this dissertation, we describe the robustness and security of the user-customizable IoT system. An IoT environment containing a large number of sensing and actuating devices increases the chances of creating conflicting and incomplete rules. We introduce a new conflict called independent conflict and incompleteness in a boolean function based rule structure. We have developed conflict resolution methods for different types of rule conflicts. We have tested our user-customizable IoT architecture and its robustness in several real-life scenarios. Authentication of the IoT device is one of the important aspects of securing an IoT system. We design mechanisms to secure the authentication process between 1) an IoT server and an IoT device and 2) a user and an IoT device. Our approach, secure vault, prevents sidechannel attacks on mutual authentication between an IoT server and an IoT. We introduce a variant of the client puzzle named login puzzle, which prevents a mass capture of IoT devices from the DDoS malwares. We calculated that the famous Mirai attack, which acquired 64500 devices in 20 hours, would have taken two months if all the IoT devices were using the login puzzle.