HOME NEWS ABOUT ACTIVITIES TEAM OUTPUTS AND DISSEMINATION FUNDING HOST AND CONTACT

 SECUR IoT ESIGN
Towards the assurance of SECURity by dESIGN of the Internet of Things

 NEWS

Candidatures for a post-doc and for researchers with the Ms.C. degree now open.
For information regarding candidatures for the 2 scholarships for researchers with an Ms.C. degree, please see:

For information regarding candidatures for the post-doc position, please see: 1 August 2018


Our very first paper accepted for publication in the context of this project: Security Threats and Possible Countermeasures in Applications Covering Different Industry Domains. Full reference in OUTPUTS AND DISSEMINATION
17 July 2018


Project started in 1 July 2018. The ResearchGate and Twitter accounts were lauched with the kick-off.
1 July 2018


ABOUT  SECUR IoT ESIGN

Towards the assurance of SECURity by dESIGN of the Internet of Things

Today, the Internet of Things (IoT) is considered as one of the major forces driving innovation, growing at a breathtaking pace and opening the door to a wide panoply of potential new applications as well as business possibilities. Nonetheless, it is also a well established fact that it lacks maturity when it comes to security, falling behind other areas of Information and Communication Technology (ICT).

This project aims to address the problem of IoT security at its core and proposes finding the means to guarantee that security controls and mechanisms are taken into consideration and effectively embedded during the design and ­­development of a new device or solution for the IoT. The goals of the project include mitigating vulnerabilities and reducing the window of opportunity for threat actors, as well as providing an appropriate level of protection against security attacks.

Achieving these objectives will require (i) studying the software engineering processes and system development cycles particularized for the specific areas of IoT, (ii) identifying the points in which security aspects and mechanisms should be taken into consideration or integrated, and (iii) proposing how such a consolidation can be materialized in a rigorous, transparent (meaning friendly for system architects and developers) and verifiable manner.

To guarantee the tenacity of this project, the research work will be complemented with tasks dedicated to surveying the state-of-the-art, identification of use cases for the technology to be developed and prototyping a set of software tools, which shall serve as proof of concept and as one of the main outcomes of the project. The objective is that these tools will facilitate the security engineering process, without jeopardizing rigour, and also the integration of the security mechanisms and validation tests for the designers and developers of IoT devices or solutions.

The Work Plan is divided into five research or development activities and one management, dissemination and exploitation activity. The first activity covers technological surveillance aspects and analysis of the specialized literature, preparing the groundwork for activities 2, 3 and 4, and thereby allowing these to be focused in specific research lines: security engineering for IoT; mapping of security requirements and technology; and auditing of IoT software and systems. Activity 5 is fully dedicated to the prototyping of the framework of tools that materialize the research efforts and produced knowledge. This activity includes a task devoted to the prototyping of the tools for each one of the research activities 2, 3 and 4, benefiting the alignment and compartmentalization of the work.

Apart from the generated knowledge and the prototyped software tools (to be publicly released as an open-source project), the project will partially be on the basis of three PhDs. Other visible outputs include four papers for international journals, three peer-reviewed book chapters and two papers for international conferences. A preliminary exploitation plan for the generated knowledge and framework of tools will be made during the lifespan of the project.

 SECUR IoT ESIGN is a 3-years project starting in 1 July 2018 and ending in 30 June 2021. It constitutes an estimated total investment of 239.976,58€ and received funding of 203.979,82€ from FCT/COMPETE/FEDER (Reference Number POCI-01-0145-FEDER-030657).

 ACTIVITIES

1 - State of the Art on IoT and Security
Starting at month 0 and ending at month 12.

~ 10%

2 - Security Engineering for the IoT
Starting at month 4 and ending at month 30.

0%

3 - Mapping of Security Requirements and Technology
Starting at month 4 and ending at month 30.

0%

4 - Testing and Auditing of IoT Systems
Starting at month 13 and ending at month 36.

0%

5 - Framework of Tools
Starting at month 4 and ending at month 36.

0%

6 - Project Management, Dissemination and Exploitation
Starting at month 1 and ending at month 36.

0%

 TEAM

Pedro R. M. Inácio

Pedro R. M. Inácio

Principal Investigator | Leader of Activity 6

Main Research Topics:
Computer Security
Programming of Mobile Devices

Home | e-mail
Mário M. Freire

Mário M. Freire

Leader of Activity 1

Main Research Topics:
Computer Systems and Networks
Security and privacy in computer systems

Home | e-mail
Post-Doc

Post-Doc Researcher

Leader of Activity 5

Main Research Topics:
Main Topic 1 (TBD)
Main Topic 2 (TBD)

Site (TBD) | e-mail (TBD)
Bernardo Sequeiros

Bernardo Sequeiros

Ph.D. Student | Leader of Activity 2

Main Research Topics:
Security in IoT
Security Audits

Site (TBD) | e-mail
Ph.D. Student 1

Ph.D. Student 1

Leader of Activity 3

Main Research Topics:
Main Topic 1 (TBD)
Main Topic 2 (TBD)

Site (TBD) | e-mail (TBD)
Ph.D. Student 2

Ph.D. Student 2

Leader of Activity 4

Main Research Topics:
Main Topic 1 (TBD)
Main Topic 2 (TBD)

Site (TBD) | e-mail (TBD)

 OUTPUTS AND DISSEMINATION

Musa Samaila, João B. F. Sequeiros, Mário M. Freire, and Pedro R. M. Inácio, Security Threats and Possible Countermeasures in Applications Covering Different Industry Domains, in Proceedings of The 2nd International Workshop on Security and Forensics of IoT (IoT-SECFOR 2018), held in conjunction with the 13th International Conference on Availability, Reliability and Security (ARES 2018), August 27-30, 2018.

 FUNDING

Portugal 2020 Fundação para a Ciência e Tecnologia Compete 2020 Fundo Europeu de Desenvolvimento Regional

 HOST AND CONTACT

Instituto de Telecomunicações

If interested in the project, feel free to drop us an e-mail or swing by for a cup of   .

Instituto de Telecomunicações - Delegação da Covilhã,
Universidade da Beira Interior, Portugal
Phone: +351 275 242081
Email: inacio@di.ubi.pt