APPIOTS


Main funder

Funder's project number1758/31/2018


Funds granted by main funder (€)

  • 392 000,00


Funding program


Project timetable

Project start date01/07/2018

Project end date31/12/2019


Summary

It is expected there will be nearly 50 billion IoT/embedded connected devices by 2020. These devices are expected to be present in all commercial and organizational verticals, as well as in all aspects of private individuals' modern lives. Therefore, the security and privacy aspects of IoT/embedded devices are of paramount importance. The Mirai botnet demonstrated in 2016 the largest DDoS attack (1+ Tbps) in modern history, and it was composed of less than 200 thousand vulnerable and compromised IoT/embedded devices [MIRAI1], which is less than 0.0004% of envisioned 50 billion IoT devices. At the same time, the recent US DHS compromise of Boeing 757 in 2017 revealed that fixing 1 line of code in critical IoT/embedded devices (e.g., avionics) may cost up to 1 million USD and may take up to 1 year to pass all tests and recertifications [BOEING1].

The objective of this project is to investigate the commercialization potential of our advanced automated methods and tools for addressing vulnerabilities in software and firmware of IoT/embedded devices. One of the aims of this project is to find a customer base for new software security services, informed by our research, which will provide the following capabilities: identification of vulnerabilities using multiple advanced analysis techniques at various stages of software/firmware life-cycle; confirmation of identified vulnerabilities by performing targeted tests on the vulnerable components and by demonstrating that a compromise would have been possible; elimination of the vulnerability using auto-healing and auto-patching techniques specific to each class of vulnerabilities; extra features that can bring additional value to certain customer segments (e.g., IoT malware investigation for antivirus companies); all the features supported and provided by scalable and AI-powered techniques.


Principal Investigator


Primary responsible unit


Follow-up groups

Profiling areaCyber security (University of Jyväskylä JYU)


Related publications and other outputs


Last updated on 2022-06-07 at 12:40