SafeThings 2019

IEEE Workshop on the Internet of Safe Things

Co-located with Oakland 2019 »

May 23rd, 2019 - San Francisco, California, USA

The Internet of Things (IoT) has become increasingly popular and innovative. With the rise of connected devices, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. IoT based cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems and the larger number of attack vectors on these systems. These safety risks can arise in the context of use of medical devices, smart home appliance control, smart car design or conflicts in policy execution at a societal scale.

The Internet of Safe Things workshop seeks to bring together researchers to create solutions for the development of safe cyber-physical systems. As safety is inherently linked with the security and privacy of a system, we also seek contributions in these areas that address safety concerns. We seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and creates tools, algorithms, frameworks, and systems that help in the development of safe systems.

We seek contributions across domains - autonomous vehicles, smart homes, medical devices, smart grid; and across disciplines - systems, control, human-computer interaction, security, reliability, machine learning, and verification.


Program Agenda

7:30AM - 8:30AM: Breakfast - Garden
7:30AM - 11:00AM: Registration - Seacliff Foyer
8:45AM - 9:00AM: Workshops Opening Remarks - Seacliff CD
10:15AM - 10:45AM: Workshops Break (30 Minutes) - Seacliff Foyer
10:45AM - 12:30PM: Session 1: Robotics and Automotive Security - Seacliff CD

ROS-Defender: Dynamic Security Policy Enforcement for Robotic Applications (PDF)
Sean Rivera, Sofiane Lagraa, Cristina Nita-Rotaru, Sheila Becker and Radu State

Resilience of Multi-Robot Systems to Physical Masquerade Attacks (PDF)
Kacper Wardega, Roberto Tron and Wenchao Li

Ensuring the Safe and Secure Operation of Electronic Control Units in Road Vehicles (PDF)
Florian Kohnhäuser, Dominik Püllen and Stefan Katzenbeisser

Are Self-Driving Cars Secure? Evasion Attacks against Deep Neural Networks for Steering Angle Prediction (PDF)
Alesia Chernikova, Alina Oprea, Cristina Nita-Rotaru and Baekgyu Kim

12:30PM - 1:30PM: Workshops Lunch - Garden

Note: We will have a lunch table for Women in Privacy. This is jointly organized with two workshops: IWPE and ConPro.

1:30PM - 3:15PM: Session 2: Device-level Security and Privacy - Seacliff CD

Analysis of the Susceptibility of Smart Home Programming Platforms to End User Error (PDF)
Mitali Palekar, Earlence Fernandes and Franziska Roesner

Smart Speaker Privacy Control - Acoustic Tagging for Personal Voice Assistants (PDF)
Peng Cheng, Ibrahim Ethem Bagci, Jeff Yan and Utz Roedig

When Smart Devices Are Stupid: Negative Experiences Using Home Smart Devices (PDF)
Weijia He, Jesse Martinez, Roshni Padhi, Lefan Zhang and Blase Ur

Side Channel Attacks in Computation Offloading Systems with GPU Virtualization (PDF)
Sihang Liu, Yizhou Wei, Jianfeng Chi, Faysal Hossain Shezan and Yuan Tian

3:15PM - 3:45PM: Workshops Break and Poster/Demo Session (30 Minutes) - Seacliff Foyer
3:45PM - 5:30PM: Session 3: IoT-level Security and Privacy - Seacliff CD

SpyCon: Adaptation Based Spyware in Human-in-the-Loop IoT (PDF)
Salma Elmalaki, Bo-Jhang Ho, Moustafa Alzantot, Yasser Shoukry and Mani Srivastava

Devil in the Detail: Attack Scenarios in Industrial Applications (PDF)
Simon Duque Anton, Alexander Hafner and Hans Dieter Schotten

IOTFLA : A secured and privacy-preserving smart home architecture implementing federated learning (PDF)
Ulrich Matchi Aivodji, Sebastien Gambs and Alexandre Martin

A Study of Vulnerability Analysis of Popular Smart Devices Through Their Companion Apps (PDF)
Davino Mauro Junior, Luis Melo, Harvey Lu, Marcelo d'Amorim and Atul Prakash

5:30PM - 5:45PM: Workshops Closing Remarks - Seacliff CD
Happy Hour (joint with ConPro workshop) - Gott's Roadside

Keynote

Title: Challenges and Opportunities in Securing 64kB Computers.

Abstract:
Low-power microcontrollers are increasingly prevalent in the Internet of Things. These devices have extreme memory constraints—typically 16-512 kB of RAM. They also lack hardware features, such as virtual memory, that are integral to the design of modern operating systems. These constraints preclude traditional isolation abstractions, such as processes or microkernel services, leading to systems in which every line of code is fully trusted. Luckily, there are new tools we can use to address these limitations. Type-safe and low-resource programming languages, like Rust, can help us build more compartmentalized kernels, while new hardware protection mechanisms available in modern microcontrollers allow us to isolate arbitrary code. I will present Tock, an operating system for low-memory microcontrollers, that uses these tools to provide a familiar and convenient environment for running untrusted applications. Beyond isolation, I’ll discuss some of the challenges and opportunities in defining and enforcing meaningful security policies for in these settings.

Bio:
Amit Levy is an Assistant Professor of Computer Science at Princeton University. His research centers on extensibility and security in practical systems. Amit is an author and maintainer of the Tock operating system, the co-founder and CEO of MemCachier, and holds a PhD in Computer Science from Stanford in 2018.


List of Accepted Papers

Papers:

Analysis of the Susceptibility of Smart Home Programming Platforms to End User Error (PDF)
Mitali Palekar, Earlence Fernandes and Franziska Roesner

Side Channel Attacks in Computation Offloading Systems with GPU Virtualization (PDF)
Sihang Liu, Yizhou Wei, Jianfeng Chi, Faysal Hossain Shezan and Yuan Tian

A Study of Vulnerability Analysis of Popular Smart Devices Through Their Companion Apps (PDF)
Davino Mauro Junior, Luis Melo, Harvey Lu, Marcelo d'Amorim and Atul Prakash

SpyCon: Adaptation Based Spyware in Human-in-the-Loop IoT (PDF)
Salma Elmalaki, Bo-Jhang Ho, Moustafa Alzantot, Yasser Shoukry and Mani Srivastava

ROS-Defender: Dynamic Security Policy Enforcement for Robotic Applications (PDF)
Sean Rivera, Sofiane Lagraa, Cristina Nita-Rotaru, Sheila Becker and Radu State

Resilience of Multi-Robot Systems to Physical Masquerade Attacks (PDF)
Kacper Wardega, Roberto Tron and Wenchao Li

Ensuring the Safe and Secure Operation of Electronic Control Units in Road Vehicles (PDF)
Florian Kohnhäuser, Dominik Püllen and Stefan Katzenbeisser

Are Self-Driving Cars Secure? Evasion Attacks against Deep Neural Networks for Steering Angle Prediction (PDF)
Alesia Chernikova, Alina Oprea, Cristina Nita-Rotaru and Baekgyu Kim

Devil in the Detail: Attack Scenarios in Industrial Applications (PDF)
Simon Duque Anton, Alexander Hafner and Hans Dieter Schotten

Smart Speaker Privacy Control - Acoustic Tagging for Personal Voice Assistants (PDF)
Peng Cheng, Ibrahim Ethem Bagci, Jeff Yan and Utz Roedig

When Smart Devices Are Stupid: Negative Experiences Using Home Smart Devices (PDF)
Weijia He, Jesse Martinez, Roshni Padhi, Lefan Zhang and Blase Ur

IOTFLA : A secured and privacy-preserving smart home architecture implementing federated learning (PDF)
Ulrich Matchi Aivodji, Sebastien Gambs and Alexandre Martin


Posters and Demos:

Poster: Exploit Delivery to Consumer IoT Devices using WiFi Pineapple
Alek Mieczkowski, Islam Obaidat, K. Virgil English, Glenn Um, Gavin Sroczynski and Meera Sridhar

Poster: IoT Two Factor Neurometric Authentication System using Wearable EEG
Angel Rodriguez, Sara Rampazzi and Kevin Fu

Poster: Privacy-Preserving IoT Remote Control using DNS with LTE based On-Demand Triggering
Yong Jin, Masahiko Tomoishi, Kenji Fujikawa and Ved P Kafle

Demo: An Emulator-based Active Protection System against IoT Malware
Shin-Ming Cheng and Sheng-Hao Ma


Important Dates

Paper/Poster/Demo Submission Deadline: 02/01/2019 AoE, UTC-12 (The deadline is extended due to severe weather conditions)
Acceptance Notifications to Authors: 02/25/2019
Publication-ready Paper Submission Deadline: 03/11/2019 03/18/2019 AoE, UTC-12


Call for Papers

As the traditionally segregated systems are brought online for next-generation connected applications, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. Cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems. These safety risks arise because of information that distracts users while driving, software errors in medical devices, corner cases in data-driven control, compromised sensors in drones or conflicts in societal policies.

Accordingly, the Internet of Safe Things workshop (or SafeThings, for brevity) seeks to bring researchers and practitioners that are actively exploring system design, modeling, verification, authentication approaches to provide safety guarantees in the Internet of Things (IoT). The workshop welcomes contributions that integrate hardware and software systems provided by disparate vendors, particularly those that have humans in the loop. As safety is inherently linked with the security and privacy, we also seek contributions in these areas that address safety concerns. With the SafeThings workshop, we seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and create tools, algorithms, frameworks, and systems that help in the development of safe systems.

SafeThings workshop covers safety topics as it relates to an individual’s health (physical, mental), the society (air pollution, toxicity, disaster events), or the environment (species preservation, global warming, oil spills). The workshop considers safety from a human perspective, and thus, does not include topics such as thread safety or memory safety in its scope.

Our workshop will cover, but not limit itself to, the following subject categories:

Our workshop will cover, but not limit itself to, the following domains​:


Call for Posters and Demos

If you would like to share a provocative opinion, an interesting preliminary work, or a cool idea that will spark discussion about IoT safety, the poster and demo section is a perfect venue to introduce new or ongoing work. Poster and demo presenters will have the opportunity to discuss their work, get exposure, and receive feedback from attendees.


Submission Instruction

Submitted papers must be in English, unpublished, and must not be currently under review for any other publication. Submissions must follow the official IEEE Conference Proceedings format. Full papers must be at most 6 single-spaced, double column 8.5” x 11” pages. Posters and Demos must be at most 1 single-spaced, double column 8.5” x 11” page, and have "poster" or "demo" in their titles. All figures, references, and appendices must fit within these limits. Papers that do not meet the size and formatting requirements will not be reviewed. All papers must be in Adobe Portable Document Format (PDF) and submitted through the web submission form via EasyChair (submission link below). The review process is single-blind.

Full Papers: 6 pages
Posters and Demos: 1 page (with "poster" or "demo" in the title)
Submission link: https://easychair.org/conferences/?conf=safethings2019


Presentation Form

All accepted submissions will be presented at the workshop and included in the IEEE workshop proceedings.
One author of each accepted paper is required to attend the workshop and present the paper for it to be included in the proceedings.


Organization

Organizing Committee

General Chair

Yuan Tian (University of Virginia)

Program Committee Chairs

Atul Prakash (University of Michigan)

Yasser Shoukry (University of Maryland, College Park)

Publicity Chair

Meiyi Ma (University of Virginia)

Web Chair

Tu Le (University of Virginia)

Technical Program Committee

Gail-Joon Ahn (Arizona State University)

Gedare Bloom (Howard University)

Adam Doupé (Arizona State University)

Kassem Fawaz (University of Wisconsin, Madison)

Earlence Fernandes (University of Washington)

Jun Han (National University of Singapore)

Richard Han (University of Colorado, Boulder)

Byoungyoung Lee (Seoul National University)

Uichin Lee (Korea Advanced Institute of Science and Technology)

Insup Lee (University of Pennsylvania)

Joseph Maguire (University of Glasgow)

Shrirang Mare (University of Washington)

Patrick McDaniel (Pennsylvania State University)

Shaunak Mishra (Yahoo! Research)

Miroslav Pajic (Duke University)

Amir Rahmati (Stony Brook University)

Sara Rampazzi (University of Michigan)

Aanjhan Ranganathan (Northeastern University)

Henrik Sandberg (KTH Royal Institute of Technology)

Huasong Shan (JD.com American Technologies Corporation)

Paulo Tabuada (University of California, Los Angeles)

Blase Ur (University of Chicago)

Joao P. Vilela (University of Coimbra)

Saman Zonouz (Rutgers University)

Steering Committee

Bharathan Balaji (Amazon)

Robin Kravets (University of Illinois, Urbana Champaign)

Mani Srivastava (University of California, Los Angeles)

John A. Stankovic (University of Virginia)

Patrick Tague (Carnegie Mellon University)