Bringing security to the ‘Wild West’ of smart-home devices

Bringing security to the ‘Wild West’ of smart-home devices

Bringing security to the ‘Wild West’ of smart-home devices

Denys Poshyvanyk likens the state of smart-home devices today to the “Wild West, ” a chaotic situation that contributes to concerns of security and trust among users and potential customers.To get more news about safe lock, you can visit securamsys.com official website.

“We’re talking about literally billions of devices,” he said. “There are all these different vendors. And all these different vendors have their own operating systems. They have their own development processes. They have their own certification processes.”

Adwait Nadkarni says the human element adds another layer of complexity to the situation.

“We don’t really understand how consumers automate their homes,” he said. “We don’t understand what people want to do with the devices they have. We don’t even understand what the most common smart-home devices are.”

Nadkarni and Poshyvanyk are professors in William Mary’s Department of Computer Science. They recently received funding from the National Science Foundation to bring law and order — or at least greater security — to the Wild West of home automation.

“Our hope is that eventually that our work will lead to more practical systems — systems that will prevent the threats that you actually see in the wild. That will then lead to an increase in consumer confidence,” Nadkarni said. “But that's not something that we can have right now.”

The goal of Nadkarni and Poshyvanyk is to bring their expertise as computer scientists to collect and analyze data on how people are using the cyber-physical devices that comprise what has become known as Internet of Things.

Home automation may not exactly be in its infancy, but it may be helpful to think of it as being in a precocious toddlerhood. Nadkarni says most consumers of smart-home devices begin with single items — a video doorbell, a smart lock, a security camera.

“But true home automation goes a little beyond that,” he explained. “Now, you have people configuring these devices to work together. Let’s say you want to use a security camera, but you don’t want to be monitored when you’re home. So, you turn the camera on when you leave and off when you’re home. That can be automated.”

And your security camera can be linked — through automation — to your smart speaker, your smart phone, and so on. Nadkarni explained that software that comes with most modern smart-home devices allows the user to self-configure the automation.

“Most modern platforms such as Nest allow you to essentially just configure such automation,” he said. “Using trigger-action programs, you just have to say that if this particular thing happens, then let that thing happen.”

A previous survey conducted by Nadkarni and Poshyvanyk revealed that most smart-device users want to automate their homes, and seem to want to take the DIY route to automation. Homeowners may download automation apps offered by non-vendors, but both Nadkarni and Poshyvanyk believe that users may prefer the routines that they can configure for themselves, over those imagined by third-party developers (i.e., “IoT apps”).

“Our intuition is that people aren't using these IoT apps, which is why we need to study these user-driven routines created by users in order to truly understand what's happening,” Nadkarni said.

Poshyvanyk says the first step in the project is to collect data. Then he and Nadkarni will mine the raw data and test cases, that is, scenarios of home automation that security analysts could use to test existing security systems for both normal security weakness as well as stress testing for extreme cases.

“The beauty of this project is that we're trying to combine ideas from two fields, security and software engineering,” Poshyvanyk said. “We’re obviously relying on security, domain knowledge and expertise to work with the data. But we're also relying on some of the techniques from software engineering and natural language processing to be able to use this data.”


freeamfva

1242 Blog posts

Comments