UCLA

Internet-of-Things (IoTs) have developed for more than one decade since their first appearance. At their early stage, IoT devices are generally developed as sensor extensions, which are not capable of performing complicated computing tasks. Hence, offloading the computational tasks to the cloud servers is the only option to learn the information from the sensory data. However, with the rapid evolution of the technologies in the field of System-on-Chip (SoC), more complex computational tasks are now able to be performed on IoT devices, which is inevitably facing multi-tenancy requirements. For example, a UAV-as-a-Service can be used by different users to perform object detection and traffic monitoring tasks. Unfortunately, current multi-tenancy edge systems face several issues from the security of the sensors and actuators and the safety of their cyber-physical environment.

In this dissertation, we build an edge computing framework to address the security and safety problems of current multi-tenancy edge systems. This framework focuses on a broad category of IoT devices with sensors and actuators, including both rich computing resource devices with powerful edge processors such as ARM Cortex-A series processors and bare-metal IoT devices with only microcontrollers such as ARM Cortex-M series processors. The first part of this work focuses on securing the sensors and the actuators at the edge. More specifically, we propose PROTC and VirtSense that utilize the hardware-assisted trusted execution environment (TEE) such as ARM TrustZone to isolated the actuation and sensing service from the untrusted execution environment. Furthermore, for those bare-metal IoT devices that the hardware-assisted TEE is not available, we design Aerogel that utilizes WebAssembly (Wasm) initially designed for secure JavaScript execution environment in web browsers, to protect the sensors and actuators. Our results show that the protection of Aerogel introduces 0.14% to 1.04% overhead to our benchmark tasks.

After the sensors have been adequately secured, the second part of this dissertation focuses on the data usage from the sensors by preventing the applications from extracting unexpected information from the sensory data, which could ultimately lead to the leakage of users' privacy. To achieve such a goal, we design a performant and secure runtime named SecDeep that protects the inference libraries' integrity and sensor data's confidentiality by leveraging the TEE to securely host the deep learning code and the drivers of sensors, actuators, and the edge accelerator. Our results indicate that with the assistance of the edge accelerator, SecDeep achieves 16 to 172 times faster performance than without using it while still providing data protection.

Although ensuring the security of the IoT devices can mitigate the safety issues, not all safety issues are caused by security problems such as the user's misconfiguration. We propose RemedIoT in the third part of this dissertation, which tackles the IoT device actuation conflicts by introducing actuation programming abstractions to provide remedial actions of those conflicts. Our evaluations on RemedIoT shows that around 80% of device conflicts can be provided remedial actions.