Loading Events

« All Events

  • This event has passed.

Certified Security by Design for the Internet of Things

January 12, 2017 @ 12:00 - 13:00 EST

Incorporating security into the design of components used in the Internet of Things (IoT) is essential for securing the operations of the IoT and the cyber-physical infrastructure upon which society depends. The pervasiveness of the IoT and its part in critical infrastructure requires incorporating security into the design of components from the start. Given the increasing functionality, interconnectedness, and use of the IoT within critical infrastructure, securing the integrity of command and control (C2) within the IoT is essential.

There are several challenges to incorporating security into the design of IoT components from the start. These challenges include (1) precisely describing confidentiality and integrity policies in ways that are amenable to formal reasoning, (2) maintaining logical consistency among confidentiality and integrity policies and implementation at all levels of abstraction, from high-level behavioral descriptions at the user level, down to implementations at the level of state machines and transition systems, (3) Incorporating confidentiality and integrity policies into current design flows, and (4) providing certifiers with compelling evidence of security that they can quickly and easily reproduce and verify for correctness.

Together, the above are the challenges of design, accountability, consistency, and verifiability across multiple levels of abstraction. Fortunately, this is not the first time the electrical and computer engineering profession has faced these challenges. In fact, the IoT is compelling evidence of successfully meeting the challenges of design, accountability, consistency, and verifiability across multiple levels of abstraction. To learn and draw inspiration from the past, we need only look back to the 1970s and 1980s when the challenges of designing and implementing very large scale integrated (VLSI) circuits were encountered and overcome.

Watch the Recorded Webinar


Shiu-Kai Chin
Shiu-Kai Chin is a Professor at Syracuse University. He has devised, with Prof. Susan Older, Certified Security by Design (CSBD) to apply formal logic and tools to design and verify trustworthy systems. Together, they wrote the textbook Access Control, Security, and Trust: A Logical Approach, CRC Press, 2010. JP Morgan Chase used CSBD to verify the logic of its SWIFT protocols for commercial transactions. The Air Force Research Laboratory uses CSBD to assure missions in cyberspace. Shiu-Kai was a research scientist in the Defensive Information Warfare Branch of the Air Force Research Laboratory (AFRL). He is an instructor in the AFRL Advanced Course in Engineering (ACE) Cybersecurity Boot Camp. He has taught the full span of ACE since its inception in 2003. Prior to joining Syracuse University, Shiu-Kai was a senior engineer and program manager at General Electric. He is a graduate of the 3.5 year GE ACE. His GE products include a nuclear fuel-rod monitor, a memory manager for a heart imaging system, and a custom radiation-hard processor and transceiver for controlling radars.


January 12, 2017
12:00 - 13:00
Event Category:
Event Tags:



Reader Interactions

Leave a Comment