Umesh Bellur

Sourav Das, Nitin Awathare, Ling Ren et al.

Proof-of-Work~(PoW) based blockchains typically allocate only a tiny fraction (e.g., less than 1% for Ethereum) of the average interarrival time~($\mathbb{I}$) between blocks for validating transactions. A trivial increase in validation time~($τ$) introduces the popularly known Verifier's Dilemma, and as we demonstrate, causes more forking and increases unfairness. Large $τ$ also reduces the tolerance for safety against a Byzantine adversary. Solutions that offload validation to a set of non-chain nodes (a.k.a. off-chain approaches) suffer from trust issues that are non-trivial to resolve. In this paper, we present Tuxedo, the first on-chain protocol to theoretically scale $τ/\mathbb{I} \approx 1$ in PoW blockchains. The key innovation in Tuxedo is to separate the consensus on the ordering of transactions from their execution. We achieve this by allowing miners to delay validation of transactions in a block by up to $ζ$ blocks, where $ζ$ is a system parameter. We perform security analysis of Tuxedo considering all possible adversarial strategies in a synchronous network with end-to-end delay $Δ$ and demonstrate that Tuxedo achieves security equivalent to known results for longest chain PoW Nakamoto consensus. Additionally, we also suggest a principled approach for practical choices of parameter $ζ$ as per the application requirement. Our prototype implementation of Tuxedo atop Ethereum demonstrates that it can scale $τ$ without suffering the harmful effects of naive scaling in existing blockchains.

Sourav Das, Samuel Wedaj, Kolin Paul et al.

The proliferation of application specific cyber-physical systems coupled with the emergence of a variety of attacks on such systems (malware such as Mirai and Hajime) underlines the need to secure such networks. Most existing security efforts have focused on only detection of the presence of malware. However given the ability of most attacks to spread through the network once they infect a few devices, it is important to contain the spread of a virus and at the same time systematically cleanse the impacted nodes using the communication capabilities of the network. Toward this end, we present Airmed - a method and system to not just detect corruption of the application software on a IoT node, but to self correct itself using its neighbors. Airmed's decentralized mechanisms prevent the spread of self-propagating malware and can also be used as a technique for updating application code on such IoT devices. Among the novelties of Airmed are a novel bloom-filter technique along with hardware support to identify position of the malware program from the benign application code, an adaptive self-check for computational efficiency, and a uniform random-backoff and stream signatures for secure and bandwidth efficient code exchange to correct corrupted devices. We assess the performance of Airmed, using the embedded systems security architecture of TrustLite in the OMNeT++ simulator. The results show that Airmed scales up to thousands of devices, ensures guaranteed update of the entire network, and can recover 95% of the nodes in 10 minutes in both internal and external propagation models. Moreover, we evaluate memory and communication costs and show that Airmed is efficient and incurs very low overhead.

Pankesh Patel, Tie Luo, Umesh Bellur

A critical challenge is to enable IoT application development with minimal effort from various stakeholders involved in the development process. Several approaches to tacking this challenge have been proposed in the fields of wireless sensor networks and ubiquitous and pervasive computing, regarded as precursors to the modern day of IoT. However, although existing approaches provide a wide range of features, stakeholders have specific application development requirements and choosing an appropriate approach requires thorough evaluations on different aspects. To date, this aspect has been investigated to a limited extend. In view of this, this paper provides an extensive set of evaluations based on our previous work on IoT application development framework. Specifically, we evaluate our approach in terms of (1) development effort: the effort required to create a new application, (2) reusability: the extend to which software artifacts can be reused during application development, (3) expressiveness: the characteristics of IoT applications that can be modeled using our approach, (4) memory metrics: the amount of memory and storage a device needs to consume in order to run an application under our framework, and (5) comparison of our approach with state of the art in IoT application development on various dimensions, which does not only provide a comprehensive view of state of the art, but also guides developers in selecting an approach given application requirements in hand. We believe that the above different aspects provide the research community with insight into evaluating, selecting, and developing useful IoT frameworks and applications.