Martin secures your devices
The Internet of Things requires a large number of small, inexpensive devices to be connected. To do this with a sufficient level of security is a major challenge that Martin Gunnarsson has taken on. He defends his PhD thesis “Efficient Security Protocols for Constrained Devices” on March 21 at 9.15 at LTH, Lund University.
Read more about the dissertation.
Download the thesis.
What is your thesis about?
Connected digital computing devices have spread to virtually all aspects of society. As of 2021, there are more connected things, i.e., small computers, on the internet than people. These small computers power a wide variety of things in our society, from household appliances and vehicles to power plants. One important sector that is becoming increasingly connected to the internet is manufacturing.
Industry 4.0, for example, predicts and outlines a more flexible future of manufacturing. Smaller series of custom products can be produced efficiently with distributed connected control systems without requiring complex and time-consuming retooling. Such trends in manufacturing point to a more connected, decentralized, and agile future.
The future of connected devices is scale and decentralization. Since devices are deployed at scale, they must be cheap to manufacture, deploy, and run. Wireless and battery-powered devices can decrease the cost of installation by 30-60%. Many devices being added to networks today are constrained devices, that is, devices with limited computational power, memory, and network bandwidth. Many constrained devices are also battery-powered and need to preserve energy.
Often the public is only made aware that a device is connected when a cyber attack disrupts that device's operation. The move from connected computers, servers, and networking equipment to connected Smart Manufacturing, Smart Grid, and other cyber-physical systems has moved the risks of cyber attacks from loss of capability and data to the risk of physical harm, loss of property, or even life. Technologies exist that mitigate the risk of connected IT infrastructures, and these technologies may not be suited to deployment in connected constrained devices. The limited performance of the constrained device can make such technologies too resource-intensive to be feasible. There can be thousands of sensors and actuators in a factory or a wireless sensor network, and solutions must be able to handle many deployed devices. This thesis addresses the need for efficient security protocols for new decentralized connected systems, and demonstrates that it is possible to implement and deploy secure and efficient protocols in the setting of constrained devices.
What is the most fascinating or interesting with your thesis subject?
The Internet of Things (IoT) has a poor reputation from a security aspect. An often-given reason is that IoT devices are not powerful enough to run adequate security measures. It is inspiring that my research has helped mitigate these shortfalls. I especially like working close to the hardware on low-performance devices where efficiency is critical and formal protocol verification.
How will your results be of use in the future?
Protocols we evaluated and implemented in my thesis are being deployed in products today. Our research on a security architecture based on the Digital Twin concept has been widely cited and used in further research in the field.
What are your plans?
I have a job lined up in the industry. Putting everything I have learned in academia into practice will be very exciting. I want to continue working with securing the connected devices that power our society.