This work examines how to get safety and security in Internet of Things (IoT) systems where multiple devices (things), each designed in isolation from others, are brought together to form a networked system, controlled via one or more software applications ("apps"). "Things" in an IoT environment can include simple devices such as switches, lightbulbs, smart locks, thermostats, and safety alarms as well as complex systems such as appliances, smartphones, and cars. Software IoT "apps" can monitor and control multiple devices in homes, cars, cities, and businesses, providing significant benefits such as energy efficiency, security, safety, and user convenience. Unfortunately, programmable IoT systems also introduce new risks, including enabling remote control by hackers of devices in smart homes, cars, and cities, via buggy IoT apps. Testing IoT apps to remove bugs is currently challenging due to a variety of physical devices with which such apps may interact, including devices that were not even available during app development. The proposed work will help develop techniques for testing IoT apps efficiently and for enforcing safety and security constraints on their run-time behavior. More specifically, the proposed work is centered around three technical thrusts: 1) creating virtual device models to help efficiently test IoT apps systematically without knowing the precise details of physical devices that the apps will control in advance; 2) automating test development for an IoT app to check safety and security specifications against a flexible set of devices; and 3) providing support for enforcement of specifications at run-time for security and safety assertions. The work includes extensive experimentation and evaluation using diverse devices and will represent a significant advance in hardening this important spaces

The objective of this research is to (1) gain insights into the challenges of securing interactions in Internet of Things (IoT)deployments, (2) develop a practical framework that mitigates security and privacy threats to IoT interactions, and (3) validate the proposed framework in a medium-scale IoT testbed and through user studies. The emerging IoT computing paradigm promises novel applications in almost all sectors by enabling interactions between users, sensors, and actuators. These interactions can take the form of device-to-device (e.g., Bluetooth Low Energy (BLE)) or human-to-device (e.g., voice control). By exploiting vulnerabilities in these interaction surfaces, an adversary can gain unauthorized access to the IoT, which enables tracking, profiling and posing harm to the user. With the thousands of diverse IoT manufacturers, developers, and devices, it is very challenging, if not impossible, to ensure all devices are properly secured at production and kept up-to-date after production. IoT users and administrators have to place their trust in a set of devices, with the least secure device breaking the security chain. By shifting the trust base from the various manufacturers and developers to a single framework under the user's control, deploying IoT devices will be more feasible and less vulnerable. The proposed framework will help advance the national health, prosperity and welfare, and also secure the national defense. Securing IoT interface surfaces as case studies will be integrated in graduate-level courses, and used to train (especially underrepresented and female) students with interdisciplinary topics that require a balanced mix of theory and practice, thus developing human resources in the nationally needed areas.The proposed research will also significantly advance the understanding of the challenges to secure IoT interaction surfaces in practice, thus promoting the progress of science. This project will establish a general direction to secure interactions in the current and future IoT deployments. It will offer an additional protection layer in the cases where security cannot be properly built-in and maintained.

Scaling the Internet of Things (IoT) to billions and possibly trillions of "things" requires transformative advances in the science, technology, and engineering of cyber-physical systems (CPS), with none more pressing or challenging than the power problem. Consider that if every device in a 1 trillion IoT network had a battery that lasted for a full five years, over 500 million batteries would need to be changed every day. Clearly, a battery-powered IoT is not feasible at this scale due to both human resource logistics and environmental concerns. There is a need for a battery-less approach that dependably meets functionality requirements using energy harvested from the physical world. This project brings together experts in materials, devices, circuits, and systems to pursue a holistic approach to self-powered wireless devices deployed in real-world environments and IoT systems and applications. In addition, educational and outreach activities will help develop the workforce for this relatively new field with the holistic, materials-to-systems perspective that will be necessary to lead innovation in this space.A critical challenge that this project addresses is that both optimal device operation and energy harvester efficiency are heavily dependent on physical world dynamics, and thus, self-powered devices that are statically configured or that just respond to instantaneous conditions are unlikely to provide the dependability required for many IoT systems and applications. To address this fundamental and critically enabling challenge, data collections will be performed to study the physical world dynamics that impact device operation and harvester efficiency, such as ambient conditions, electromagnetic interference, and human behavior. This scientific study will lead to the development of dynamic models that will, in turn, be used to develop algorithms to dynamically configure devices and harvesters based not only on past and current conditions but also on predictions of future conditions. These algorithms will then be used to dynamically configure technological innovations in ultra-low power device operation and ultra-high efficiency energy harvesting to engineer and operate dependable self-powered things for the IoT.