An Innovative Approach to Internet of Things (IoT) Security at the Edge
Created March 2022
Internet of Things (IoT) devices can provide useful capabilities, but many have known security vulnerabilities that have been exploited by malicious actors. The SEI KalKi security platform leverages software-defined networking (SDN) and network function virtualization (NFV) to enable secure integration of IoT devices into Department of Defense (DoD) networks, even devices that are not fully trusted or configurable.
IoT Devices: Great Promise, Great Security Challenges
Commercial Internet of Things (IoT) devices, aka “smart” devices, are evolving rapidly to provide new and potentially useful capabilities. The DoD recognizes the rapid pace at which the IoT marketplace is evolving, the role IoT devices play in gathering data to inform decision making, and the urgency to embrace IoT technology to match its adversaries.
The DoD currently uses IoT devices in supervisory control and data acquisition (SCADA) systems. The DoD is also interested in using such devices in edge-enabled and tactical systems.
However, the DoD has been slow to adopt IoT devices and is reluctant to use them in tactical systems and other sensitive environments because
- Supply chains are not always secure or trustworthy.
- Not all IoT device manufacturers follow secure development practices.
- Not all devices allow software updates to address security vulnerabilities.
- The dynamic nature of the current IoT device market results in inconsistent installation of security patches.
- There are very few IoT security standards that are widely implemented by IoT devices.
- Not all IoT devices can be fully trusted or configurable to meet security standards.
Furthermore, several high-profile IoT-related security incidents have occurred in recent years due to the limitations of existing network-protection systems. Current solutions, such as gateways and firewalls, can become compromised, and static firewalls are not device specific and cannot adapt to changing security states.
KalKi: A High-Assurance Software-Defined IoT Security Platform
The SEI developed the KalKi platform to address security concerns with IoT devices.
KalKi moves part of security enforcement to the network to enable the integration of IoT devices into DoD systems and networks by creating an IoT security infrastructure that is provably resilient to a collection of prescribed threats. It uses
- SDN and NFV to create a highly dynamic IoT security framework
- überSpark (a framework for building secure software stacks) to incrementally develop and verify security properties of elements of the software-defined IoT security infrastructure
SDN allows network configuration to be more efficient and adaptive than traditional network management. NFV allows KalKi to protect networks with greater flexibility and without the typical cost and complexity of physical network protection units.
KalKi adapts network defenses for each IoT device based on active monitoring of (1) traffic to and from each IoT device and (2) variables sensed by each device.
The current version of KalKi allows the DoD to take full advantage of commercial IoT devices—even IoT devices that are not fully trusted or configurable—with
- customizable security policies to meet the unique needs of each device and network
- efficient monitoring of device-specific vulnerabilities
- limited interference between security policies
- agile response to rapidly changing security needs
Initial experiments show that the KalKi platform performs well, scales well, and remains resilient in the presence of a powerful attacker. Our next steps focus on simplifying the integration of new devices and policies, increasing performance, and reducing resource utilization with particular emphasis on
- scaling to support larger scenarios and different field experiments to advance the evolution of KalKi
- incorporating artificial-intelligence and machine-learning techniques that can more intelligently detect new attacks or vulnerabilities as well as reduce IoT device integration time by automatically generating security measures or policy definitions based on learning of normal and abnormal IoT device behaviors
- extending überSpark implementation of sensitive components as “µobjects”—low-level system constructs that are protected from other untrusted system components and that allow only authorized components to communicate with them (This effort is to strengthen components of the system that, if attacked, would compromise the full system, including the main controller that contains the state machines used to control the network defenses for each IoT device.)
We are seeking collaborators to pilot and extend this work. If interested, please contact us.
Engineering of Edge Software Systems: A Report from the November 2022 SEI Workshop on Software Systems at the Edge
June 30, 2023 White Paper
Based on a workshop with thought leaders in the field, this report identifies recommended areas of focus for engineering software systems at the...read
July 30, 2021 Conference Paper
This paper discusses KalKi++, an evolution of KalKi that improves the performance, scalability and usability of the platform by orders of...read
June 15, 2020 Blog Post
Commercial Internet of things (IoT) devices are evolving rapidly, providing new and potentially useful capabilities. These devices can be a valuable source of...read