IoT Security


Interconnecting embedded devices with the Internet leads to the so-called Internet of things. The Internet of things is envisioned to realize fascinating applications, such as smart cities, industrial monitoring, and precision agriculture. These applications will involve large numbers of wireless embedded devices that communicate with each other and remote hosts using IPv6.

However, in contrast to smartphones or desktop computers, typical IoT devices are merely equipped with microcontrollers that have a few kilobytes of RAM and program memory. Moreover, most IoT devices run on batteries or do energy harvesting. To address these constraints, the IETF is in the course of standardizing a lightweight IPv6-based protocol stack for IoT devices.


The security challenges in this area are diverse. On the one hand, IoT devices can be attacked from the Internet. On the other hand, IoT devices are often deployed outdoors in hostile environments and communicate wirelessly. Consequently, IoT devices require protection from both remote and local attackers.

That said, many security issues persist. In our research, we aim at securing aforementioned protocol stack by the IETF, which is shown below. This stack is being implemented by a range of operating systems, such as Contiki, OpenWSN, RIOT, and mbed OS. In particular, we aim for lightweight and energy-efficient security solutions to meet the constraints of IoT devices.