Mahmoud Ammar

Bio: Mahmoud Ammar is an academic researcher from Katholieke Universiteit Leuven. The author has contributed to research in topics: Attack surface & Virtualization. The author has an hindex of 7, co-authored 18 publications receiving 545 citations. Previous affiliations of Mahmoud Ammar include Huawei & Ford Motor Company.

Internet of Things: A survey on the security of IoT frameworks

Abstract: The Internet of Things (IoT) is heavily affecting our daily lives in many domains, ranging from tiny wearable devices to large industrial systems. Consequently, a wide variety of IoT applications have been developed and deployed using different IoT frameworks. An IoT framework is a set of guiding rules, protocols, and standards which simplify the implementation of IoT applications. The success of these applications mainly depends on the ecosystem characteristics of the IoT framework, with the emphasis on the security mechanisms employed in it, where issues related to security and privacy are pivotal. In this paper, we survey the security of the main IoT frameworks, a total of 8 frameworks are considered. For each framework, we clarify the proposed architecture, the essentials of developing third-party smart apps, the compatible hardware, and the security features. Comparing security architectures shows that the same standards used for securing communications, whereas different methodologies followed for providing other security properties.

SIMPLE: A Remote Attestation Approach for Resource-constrained IoT devices

Abstract: Remote Attestation (RA) is a security service that detects malware presence on remote IoT devices by verifying their software integrity by a trusted party (verifier). There are three main types of RA: software (SW)-, hardware (HW)-, and hybrid (SW/HW)-based. Hybrid techniques obtain secure RA with minimal hardware requirements imposed on the architectures of existing microcontrollers units (MCUs). In recent years, considerable attention has been devoted to hybrid techniques since prior software-based ones lack concrete security guarantees in a remote setting, while hardware-based approaches are too costly for low-end MCUs. However, one key problem is that many already deployed IoT devices neither satisfy minimal hardware requirements nor support hardware modifications, needed for hybrid RA.This paper bridges the gap between software-based and hybrid RA by proposing a novel RA scheme based on software virtualization. In particular, it proposes a new scheme, called SIMPLE, which meets the minimal hardware requirements needed for secure RA via reliable software. SIMPLE depends on a formally-verified software-based memory isolation technique, called Security MicroVisor (Sμ V). Its reliability is achieved by extending the formally-verified safety and correctness properties to cover the entire software architecture of SIMPLE. Furthermore, SIMPLE is used to construct SIMPLE+, an efficient swarm attestation scheme for static and dynamic heterogeneous IoT networks. We implement and evaluate SIMPLE and SIMPLE+ on Atmel AVR architecture, a common MCU platform.

SμV - the security microvisor: a virtualisation-based security middleware for the internet of things

Abstract: The Internet of Things (IoT) creates value by connecting digital processes to the physical world using embedded sensors, actuators and wireless networks. The IoT is increasingly intertwined with critical industrial processes, yet contemporary IoT devices offer limited security features, creating a large new attack surface and inhibiting the adoption of IoT technologies. Hardware security modules address this problem, however, their use increases the cost of embedded IoT devices. Furthermore, millions of IoT devices are already deployed without hardware security support. This paper addresses this problem by introducing a Security MicroVisor (SμV) middleware, which provides memory isolation and custom security operations using software virtualisation and assembly-level code verification. We showcase SμV by implementing a key security feature: remote attestation. Evaluation shows extremely low overhead in terms of memory, performance and battery lifetime for a representative IoT device.

S $\mu$ μ V—The Security MicroVisor: A Formally-Verified Software-Based Security Architecture for the Internet of Things

Abstract: The Internet of Things (IoT) is shaped by the increasing number of low-cost Internet-connected embedded devices that are becoming ubiquitous in every aspect of modern life. With their cost-sensitive design, integrating hardware-based security mechanisms into such devices is undesirable. Therefore, securing these devices is a particularly difficult challenge, especially, due to their growing popularity as attack targets, via remote malware infestations. The vast majority of such devices are bare-metal, where they execute programs in fully-accessible and unprotected memories without any operating system and even without including any form of security. This is beside the fact that IoT operating systems offer little or no protection. This paper addresses this problem through the concept of a Security MicroVisor (S$\mu$μV), which provides embedded devices that lack hardware-based memory protection units with memory isolation using software virtualisation and assembly-level code verification. More specifically, our contribution is two-fold. First, we propose S$\mu$μV as a software-based memory isolation technique. We then formally verify the software architecture, written in C, to prove that it is memory-safe and crash-free. Second, we propose a software-based remote attestation, as an example of a fundamental security service that can be implemented on top of S$\mu$μV, to detect malware-infected devices. We first describe the design and implementation of S$\mu$μV. Then, we highlight the formal verification of software architecture, and characterize the remote attestation protocol. We evaluate the S$\mu$μV implementation using an 8-bit AVR microcontroller that is widely used in IoT devices. Evaluation results show that S$\mu$μV provides strong security guarantees while maintaining extremely low overhead in terms of memory footprint, performance, and power consumption. Furthermore, we extend the performance evaluation also to the remote attestation scheme, illustrating its limited overhead.

SPEED: Secure Provable Erasure for Class-1 IoT Devices

Abstract: The Internet of Things (IoT) consists of embedded devices that sense and manage our environment in a growing range of applications. Large-scale IoT systems such as smart cities require significant investment in both equipment and personnel. To maximize return on investment, IoT platforms should support multiple third-party applications and adaptation of infrastructure over time. Realizing the vision of shared IoT platforms demands strong security guarantees. That is particularly challenging considering the limited capability and resource constraints of many IoT devices. In this paper, we present SPEED, an approach to secure erasure with verifiability in IoT. Secure erasure is a fundamental property when it comes to share an IoT platform with other users which guarantees the cleanness of a device's memory at the beginning of the application deployment as well as at the time of releasing the underlying IoT device. SPEED relies on two security primitives: memory isolation and distance bounding protocol. We evaluate the performance of SPEED by implementing it on a simple bare-metal IoT device belongs to Class-1. Our evaluation results show a limited overhead in terms of memory footprint, time, and energy consumption.

Digital Twin: Values, Challenges and Enablers From a Modeling Perspective

Abstract: Digital twin can be defined as a virtual representation of a physical asset enabled through data and simulators for real-time prediction, optimization, monitoring, controlling, and improved decision making. Recent advances in computational pipelines, multiphysics solvers, artificial intelligence, big data cybernetics, data processing and management tools bring the promise of digital twins and their impact on society closer to reality. Digital twinning is now an important and emerging trend in many applications. Also referred to as a computational megamodel, device shadow, mirrored system, avatar or a synchronized virtual prototype, there can be no doubt that a digital twin plays a transformative role not only in how we design and operate cyber-physical intelligent systems, but also in how we advance the modularity of multi-disciplinary systems to tackle fundamental barriers not addressed by the current, evolutionary modeling practices. In this work, we review the recent status of methodologies and techniques related to the construction of digital twins mostly from a modeling perspective. Our aim is to provide a detailed coverage of the current challenges and enabling technologies along with recommendations and reflections for various stakeholders.

Applications of Blockchains in the Internet of Things: A Comprehensive Survey

Abstract: The blockchain technology has revolutionized the digital currency space with the pioneering cryptocurrency platform named Bitcoin. From an abstract perspective, a blockchain is a distributed ledger capable of maintaining an immutable log of transactions happening in a network. In recent years, this technology has attracted significant scientific interest in research areas beyond the financial sector, one of them being the Internet of Things (IoT). In this context, the blockchain is seen as the missing link toward building a truly decentralized, trustless, and secure environment for the IoT and, in this survey, we aim to shape a coherent and comprehensive picture of the current state-of-the-art efforts in this direction. We start with fundamental working principles of blockchains and how blockchain-based systems achieve the characteristics of decentralization, security, and auditability. From there, we build our narrative on the challenges posed by the current centralized IoT models, followed by recent advances made both in industry and research to solve these challenges and effectively use blockchains to provide a decentralized, secure medium for the IoT.

Sii-Mobility: An IoT/IoE Architecture to Enhance Smart City Mobility and Transportation Services.

Abstract: The new Internet of Things/Everything (IoT/IoE) paradigm and architecture allows one to rethink the way Smart City infrastructures are designed and managed, but on the other hand, a number of problems have to be solved. In terms of mobility the cities that embrace the sensoring era can take advantage of this disruptive technology to improve the quality of life of their citizens, also thanks to the rationalization in the use of their resources. In Sii-Mobility, a national smart city project on mobility and transportation, a flexible platform has been designed and here, in this paper, is presented. It permits one to set up heterogeneous and complex scenarios that integrate sensors/actuators as IoT/IoE in an overall Big Data, Machine Learning and Data Analytics scenario. A detailed and complex case-study has been presented to validate the solution in the context of a system that dynamically reverse the traveling direction of a road segment, with all the safety conditions in place. This case study composes several building blocks of the IoT platform, which demonstrate that a flexible and dynamic set-up is possible, supporting security, safety, local, cloud and mixed solutions.

A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues

Abstract: Today is the era of the Internet of Things (IoT). The recent advances in hardware and information technology have accelerated the deployment of billions of interconnected, smart and adaptive devices in critical infrastructures like health, transportation, environmental control, and home automation. Transferring data over a network without requiring any kind of human-to-computer or human-to-human interaction, brings reliability and convenience to consumers, but also opens a new world of opportunity for intruders, and introduces a whole set of unique and complicated questions to the field of Digital Forensics. Although IoT data could be a rich source of evidence, forensics professionals cope with diverse problems, starting from the huge variety of IoT devices and non-standard formats, to the multi-tenant cloud infrastructure and the resulting multi-jurisdictional litigations. A further challenge is the end-to-end encryption which represents a trade-off between users’ right to privacy and the success of the forensics investigation. Due to its volatile nature, digital evidence has to be acquired and analyzed using validated tools and techniques that ensure the maintenance of the Chain of Custody. Therefore, the purpose of this paper is to identify and discuss the main issues involved in the complex process of IoT-based investigations, particularly all legal, privacy and cloud security challenges. Furthermore, this work provides an overview of the past and current theoretical models in the digital forensics science. Special attention is paid to frameworks that aim to extract data in a privacy-preserving manner or secure the evidence integrity using decentralized blockchain-based solutions. In addition, the present paper addresses the ongoing Forensics-as-a-Service (FaaS) paradigm, as well as some promising cross-cutting data reduction and forensics intelligence techniques. Finally, several other research trends and open issues are presented, with emphasis on the need for proactive Forensics Readiness strategies and generally agreed-upon standards.