The Internet of Things (IoT) is a key component for the next disrup-tive technologies. However, IoT merges together several diverse software layers:embedded, enterprise, and cloud programs interact with each other. In addition,security and privacy vulnerabilities of IoT software might be particularly danger-ous due to the pervasiveness and physical nature of these systems. During the lastdecades, static analysis, and in particular taint analysis, has been widely applied todetect software vulnerabilities. Unfortunately, these analyses assume that softwareis entirely written in a single programming language, and they are not immediatelysuitable to detect IoT vulnerabilities where many different software components,written in different programming languages, interact. This paper discusses how toleverage existing static taint analyses to a cross-programming language scenario.

Cross-Programming Language Taint Analysis for the IoT Ecosystem

Pietro Ferrara;Amit Kr Mandal;Agostino Cortesi;
2019-01-01

Abstract

The Internet of Things (IoT) is a key component for the next disrup-tive technologies. However, IoT merges together several diverse software layers:embedded, enterprise, and cloud programs interact with each other. In addition,security and privacy vulnerabilities of IoT software might be particularly danger-ous due to the pervasiveness and physical nature of these systems. During the lastdecades, static analysis, and in particular taint analysis, has been widely applied todetect software vulnerabilities. Unfortunately, these analyses assume that softwareis entirely written in a single programming language, and they are not immediatelysuitable to detect IoT vulnerabilities where many different software components,written in different programming languages, interact. This paper discusses how toleverage existing static taint analyses to a cross-programming language scenario.
File in questo prodotto:
File Dimensione Formato  
1104-3330-1-PB.pdf

accesso aperto

Tipologia: Versione dell'editore
Licenza: Accesso gratuito (solo visione)
Dimensione 328.07 kB
Formato Adobe PDF
328.07 kB Adobe PDF Visualizza/Apri

I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10278/3720831
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? ND
social impact