SIoT: Securing Internet of Things through distributed systems analysis

Abstract

The Internet of Things (IoT) is increasingly more relevant. This growing importance calls for tools able to provide users with correct, reliable and secure systems. In this paper, we claim that traditional approaches to analyze distributed systems are not expressive enough to address this challenge. As a solution to this problem, we present SIoT, a tool to analyze security aspects of distributed IoT programs and thus protect them against buffer overflow attacks. Our key insight is to look at a distributed system as a single body, and not as separate programs that exchange messages. We then can crosscheck information inferred from different nodes. To construct this global view of a distributed system, we introduce a novel algorithm that discovers inter-program links efficiently. Such links let us build an inter-program view, a knowledge that we can thus forward to a traditional buffer overflow static analysis tool. We prove that our algorithm always terminates and it correctly models the semantics of a distributed system. We have implemented our solution on top of the LLVM compiler, and have used it to secure five ContikiOS applications against buffer overflow attacks. Our solution produces code as safe as the code secured by more traditional analyses; however, applications instrumented by our solution have less than 6% of runtime and program size overhead on average.