INSIOTA

INSIOTA provides an integrated platform, automating a range of IT-Security tests on computer systems and networks. The constant tests help ensure any gap is detected and can be mitigated before a real attacker can abuse them. While the underlying infrastructure of the platform is environment-agnostic, the focus of the project is on systems part of the “Internet of Things” (IoT). With the initial testbed set in the context of a smart city, the systems have to be protected in an environment physically open, and therefore exposed to a number of possible attacks.

The target environment for the INSIOTA testbed is located in the public space of a European city, monitoring the quality of the environment in a “Smart Street”. A number of criteria are critical in this context, as the street contains one of few bridges in a city of 100.000 inhabitants, connecting a Police Department to a Fire Brigade on either side. The criteria notably include traffic information and air quality, gathered by sensors connected to an Internet service.
The INSIOTA platform is being extended with a solution for the offline analysis of firmware images for these sensors, with the objective to help protect the infrastructure in case of physical compromise of the sensors deployed publicly.

INSIOTA provides an integrated platform, automating a range of IT– Security tests on computer systems and networks. The constant tests help ensure any gap is detected and can be mitigated before a real attacker can abuse them. While the underlying infrastructure of the platform is environment–agnostic, the focus of the project is on systems part of the “Internet of Things.” (IoT)

The target environment for the INSIoTA testbed was located in the public space of a European city, monitoring the quality of the environment in a “Smart Street.” Criteria like traffic information and air quality were critical in this context, as the street contained one of few bridges in a city of 100.000 inhabitants, connecting a Police Department to a Fire Brigade on either side. The INSIoTA platform was extended as a solution for the offline analysis of firmware images for these sensors, in order to help protect the infrastructure deployed in case of physical compromise of the sensors deployed publicly.

As a result of this project the sensors for this environment can be analysed for the presence of security vulnerabilities prior to deployment, thereby streamlining quality control and strengthening the security posture without requiring additional manpower.