HOME NEWS ABOUT ACTIVITIES TEAM OUTPUTS AND DISSEMINATION FUNDING HOST AND CONTACT

 SECUR IoT ESIGN
Towards the assurance of SECURity by dESIGN of the Internet of Things

 NEWS

Our project is the subject of this month's "Project Snapshot" of the IT newsletter. More information here.
25 January 2021


Our paper A Preliminary Evaluation of the SRE and SBPG Components of the IoT-HarPSecA Framework  was accepted and presented at the Global Internet of Things Summit (GIoTS 2020) conference. Full reference in OUTPUTS AND DISSEMINATION
22 April 2020


Our lasted paper was accepted for publication in the context of this project: A Framework and Roadmap for Secure Design and Development of Devices and Applications in the IoT Space. Full reference in OUTPUTS AND DISSEMINATION
22 April 2020


All open positions for the SECURIoTESIGN project are now closed. Thank you, to those who applied for a position.
23 January 2020


Candidatures for a post-doc and for researchers with the Ms.C. degree were opened in the second half of 2018.
22 January 2020


Our very first paper accepted for publication in the context of this project: Security Threats and Possible Countermeasures in Applications Covering Different Industry Domains. Full reference in OUTPUTS AND DISSEMINATION
17 July 2018


Project started in 1 July 2018. The ResearchGate and Twitter accounts were lauched with the kick-off.
1 July 2018


ABOUT  SECUR IoT ESIGN

Towards the assurance of SECURity by dESIGN of the Internet of Things

Today, the Internet of Things (IoT) is considered as one of the major forces driving innovation, growing at a breathtaking pace and opening the door to a wide panoply of potential new applications as well as business possibilities. Nonetheless, it is also a well established fact that it lacks maturity when it comes to security, falling behind other areas of Information and Communication Technology (ICT).

This project aims to address the problem of IoT security at its core and proposes finding the means to guarantee that security controls and mechanisms are taken into consideration and effectively embedded during the design and ­­development of a new device or solution for the IoT. The goals of the project include mitigating vulnerabilities and reducing the window of opportunity for threat actors, as well as providing an appropriate level of protection against security attacks.

Achieving these objectives will require (i) studying the software engineering processes and system development cycles particularized for the specific areas of IoT, (ii) identifying the points in which security aspects and mechanisms should be taken into consideration or integrated, and (iii) proposing how such a consolidation can be materialized in a rigorous, transparent (meaning friendly for system architects and developers) and verifiable manner.

To guarantee the tenacity of this project, the research work will be complemented with tasks dedicated to surveying the state-of-the-art, identification of use cases for the technology to be developed and prototyping a set of software tools, which shall serve as proof of concept and as one of the main outcomes of the project. The objective is that these tools will facilitate the security engineering process, without jeopardizing rigour, and also the integration of the security mechanisms and validation tests for the designers and developers of IoT devices or solutions.

The Work Plan is divided into five research or development activities and one management, dissemination and exploitation activity. The first activity covers technological surveillance aspects and analysis of the specialized literature, preparing the groundwork for activities 2, 3 and 4, and thereby allowing these to be focused in specific research lines: security engineering for IoT; mapping of security requirements and technology; and auditing of IoT software and systems. Activity 5 is fully dedicated to the prototyping of the framework of tools that materialize the research efforts and produced knowledge. This activity includes a task devoted to the prototyping of the tools for each one of the research activities 2, 3 and 4, benefiting the alignment and compartmentalization of the work.

Apart from the generated knowledge and the prototyped software tools (to be publicly released as an open-source project), the project will partially be on the basis of three PhDs. Other visible outputs include four papers for international journals, three peer-reviewed book chapters and two papers for international conferences. A preliminary exploitation plan for the generated knowledge and framework of tools will be made during the lifespan of the project.

 SECUR IoT ESIGN is a 3-years project starting in 1 July 2018 and ending in 30 June 2021. It constitutes an estimated total investment of 239.976,58€ and received funding of 203.979,82€ from FCT/COMPETE/FEDER (Reference Number POCI-01-0145-FEDER-030657).

 ACTIVITIES

1 - State of the Art on IoT and Security
Starting at month 0 and ending at month 12.

100%

2 - Security Engineering for the IoT
Starting at month 4 and ending at month 30.

100%

3 - Mapping of Security Requirements and Technology
Starting at month 4 and ending at month 30.

~70%

4 - Testing and Auditing of IoT Systems
Starting at month 13 and ending at month 36.

50%

5 - Framework of Tools
Starting at month 4 and ending at month 36.

80%

6 - Project Management, Dissemination and Exploitation
Starting at month 1 and ending at month 36.

60%

 TEAM

Pedro R. M. Inácio

Pedro R. M. Inácio

Principal Investigator | Leader of Activity 6

Main Research Topics:
Computer Security
Programming of Mobile Devices

Home | e-mail
Mário M. Freire

Mário M. Freire

Leader of Activity 1

Main Research Topics:
Computer Systems and Networks
Security and privacy in computer systems

Home | e-mail
Tiago M. C. Simões

Tiago M. C. Simões

Post-Doc Researcher | Leader of Activity 5

Main Research Topics:
Security in IoT
Network and Applications

Site (TBD) | e-mail
Bernardo Sequeiros

Bernardo Sequeiros

Ph.D. Student | Leader of Activity 2

Main Research Topics:
Security in IoT
Security Audits

Site (TBD) | e-mail
Bernardo Sequeiros

Musa Samaila

Ph.D. Student | Leader of Activity 3

Main Research Topics:
Security in IoT
Security Frameworks

Site (TBD) | e-mail
Francisco Chimuco

Francisco Chimuco

Ph.D. Student

Main Research Topics:
Cloud Security
Cloud and Mobile Computing

Site (TBD) | e-mail
Joana C. A. N. da Costa

Joana C. A. N. da Costa

M.S. Student

Main Research Topics:
Security in IoT
Security and Privacy

Site (TBD) | e-mail
Carolina G. Lopes

Carolina G. Lopes

M.S. Student

Main Research Topics:
Security in IoT
Security and Privacy

Site (TBD) | e-mail

 OUTPUTS AND DISSEMINATION

Vinícius de Miranda Rios, Pedro R. M. Inácio, Damien Magoni, Mário M. Freire, Detection of reduction-of-quality DDoS attacks using Fuzzy Logic and machine learning algorithms, Computer Networks, vol. 186, pp. 107792, 2021.

Musa G. Samaila, Carolina Lopes, Édi Aires, João B. F. Sequeiros, Tiago Simões, Mário M. Freire, Pedro R. M. Inácio, A Preliminary Evaluation of the SRE and SBPG Components of the IoT-HarPSecA Framework, Global Internet of Things Summit (GIoTS 2020), pp. 1-7, Dublin, Ireland, June 2020.

Musa G. Samaila, João B. F. Sequeiros, Tiago Simões, Mário M. Freire and Pedro R. M. Inácio, IoT-HarPSecA: A Framework and Roadmap for Secure Design and Development of Devices and Applications in the IoT Space, IEEE Access, vol. 8, pp. 16462-16494, 2020.

João B. F. Sequeiros, Francisco Chimuco, Musa G. Samaila, Mário M. Freire and Pedro R. M. Inácio, Attack and System Modeling Applied to IoT, Cloud and Mobile Ecosystems: Embedding Security by Design, ACM Computing Surveys (CSUR), vol. 53, pp. 1-32, 2020.

Musa G. Samaila, João B. F. Sequeiros, Mário M. Freire, and Pedro R. M. Inácio, IoT-HarPSecA: A Framework for Facilitating the Design and Development of Secure IoT Devices, in Proceedings of The 2nd International Workshop on Security and Forensics of IoT (IoT-SECFOR 2019), held in conjunction with the 14th International Conference on Availability, Reliability and Security (ARES 2019), Canterbury, United Kingdom, August 26-29, 2019.

Musa G. Samaila, João B. F. Sequeiros, Mário M. Freire, and Pedro R. M. Inácio, Security Threats and Possible Countermeasures in Applications Covering Different Industry Domains, in Proceedings of The 2nd International Workshop on Security and Forensics of IoT (IoT-SECFOR 2018), held in conjunction with the 13th International Conference on Availability, Reliability and Security (ARES 2018), August 27-30, 2018.

Musa G. Samaila, Miguel Neto, Diogo A. B. Fernandes, Mário M. Freire, and Pedro R. M. Inácio, Challenges of Securing Internet of Things Devices: A Survey, Wiley Security and Privacy (SPY), 1(2):20, May 2018.

Musa G. Samaila, João B. F. Sequeiros, Acácio F. P. P. Correia, Mário M. Freire, Pedro R. M. Inácio, "A Quick Perspective on the Current State of IoT Security: A Survey." Networks of the Future Chapman and Hall/CRC, pp. 431-464, 2017.

Software de código aberto, Security Requirements Elicitation Module. Este módulo pode ser consultado na seguinte Hiperligação.

Software de código aberto, Security Best Pratice Guidelines Module. Este módulo pode ser consultado na seguinte Hiperligação.

Software de código aberto, Lightweight Criptographic Algorithm Recommendation Module. Este módulo pode ser consultado na seguinte Hiperligação.

Software de código aberto, The IoT-HarPSecA framework. Esta framework pode ser consultada na seguinte Hiperligação.

 FUNDING

Portugal 2020 Fundação para a Ciência e Tecnologia Compete 2020 Fundo Europeu de Desenvolvimento Regional

 HOST AND CONTACT

Instituto de Telecomunicações

If interested in the project, feel free to drop us an e-mail or swing by for a cup of   .

Instituto de Telecomunicações - Delegação da Covilhã,
Universidade da Beira Interior, Portugal
Phone: +351 275 242081
Email: inacio@di.ubi.pt