TAPInspector: Safety and Liveness Verification of Concurrent Trigger-Action IoT Systems

Trigger-action programming (TAP) is a popular end-user programming framework that can simplify the Internet of Things (IoT) automation with simple trigger-action rules. However, it also introduces new security and safety threats. A lot of advanced techniques have been proposed to address this proble...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:arXiv.org
Hlavní autoři: Yu, Yinbo, Liu, Jiajia
Médium: Paper
Jazyk:angličtina
Vydáno: Ithaca Cornell University Library, arXiv.org 06.05.2022
Témata:
Concurrency
Internet of Things
Optimization
Safety
Security
Semantics
Slicing
Verification
ISSN:2331-8422
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Trigger-action programming (TAP) is a popular end-user programming framework that can simplify the Internet of Things (IoT) automation with simple trigger-action rules. However, it also introduces new security and safety threats. A lot of advanced techniques have been proposed to address this problem. Rigorously reasoning about the security of a TAP-based IoT system requires a well-defined model and verification method both against rule semantics and physical-world features, e.g., concurrency, rule latency, extended action, tardy attributes, and connection-based rule interactions, which has been missing until now. By analyzing these features, we find 9 new types of rule interaction vulnerabilities and validate them on two commercial IoT platforms. We then present TAPInspector, a novel system to detect these interaction vulnerabilities in concurrent TAP-based IoT systems. It automatically extracts TAP rules from IoT apps, translates them into a hybrid model by model slicing and state compression, and performs semantic analysis and model checking with various safety and liveness properties. Our experiments corroborate that TAPInspector is practical: it identifies 533 violations related to rule interaction from 1108 real-world market IoT apps and is at least 60000 times faster than the baseline without optimization.
Bibliografie:SourceType-Working Papers-1
ObjectType-Working Paper/Pre-Print-1
content type line 50
ISSN:2331-8422
DOI:10.48550/arxiv.2102.01468