CerberOS: a resource-secure OS for sharing IoT devices

To continue to grow, the Internet of Things (IoT) requiresscalable and secure system software solutions for resourceconstrained devices. To maximize return on investment ofthese devices, IoT platforms should support multiple thirdparty applications and adaptation of software over time.However, realizing the vision of shared IoT platforms demands not only strong guarantees on the confidentiality andintegrity of application data, but also guarantees on the use ofcritical resources such as computation, sensors and energy.We refer to this vision as resource security. Prior researchon Operating Systems (OS) for tiny IoT devices has focusedon miniaturizing core functionality such as scheduling andcommunication and does not consider resource security. Toaddress this problem, we introduce CerberOS, a resourcesecure OS for sharing IoT devices. CerberOS enables multiple applications on constrained IoT devices while, for thefirst time, guaranteeing data confidentiality, integrity and secure resource management. Our approach is based upon thetwin pillars of virtualization, which isolates applications, andcontracts, which control application resource usage. Evaluation shows that CerberOS supports the secure coexistenceof up to seven applications on a representative IoT devicewith a memory usage of 40KB ROM and 5KB RAM whilepreserving multi-year battery lifetimes.

ISBN:978-0-9949886-1-4

Jaar van publicatie:2017

Toegankelijkheid:Closed