IoT Security Configurability with Security-by-Contract

Alberto Giaretta, Nicola Dragoni, Fabio Massacci

Research output: Contribution to journalJournal articleResearchpeer-review

123 Downloads (Pure)


Cybersecurity is one of the biggest challenges in the Internet of Things (IoT) domain, as well as one of its most embarrassing failures. As a matter of fact, nowadays IoT devices still exhibit various shortcomings. For example, they lack secure default configurations and sufficient security configurability. They also lack rich behavioural descriptions, failing to list provided and required services. To answer this problem, we envision a future where IoT devices carry behavioural contracts and Fog nodes store network policies. One requirement is that contract consistency must be easy to prove. Moreover, contracts must be easy to verify against network policies. In this paper, we propose to combine the security-by-contract (S × C) paradigm with Fog computing to secure IoT devices. Following our previous work, first we formally define the pillars of our proposal. Then, by means of a running case study, we show that we can model communication flows and prevent information leaks. Last, we show that our contribution enables a holistic approach to IoT security, and that it can also prevent unexpected chains of events.
Original languageEnglish
Article number4121
JournalSensors (Basel, Switzerland)
Issue number19
Number of pages26
Publication statusPublished - 2019


  • IoT
  • Configurability
  • Fog computing
  • Security-by-contract
  • Security

Cite this