iRECOVer: Patch your IoT on-the-fly

In this paper, we propose a holistic solution for the security management of the Internet of Things (IoT) devices. Following the “security-by-design” principle, we propose RECOnfigurable microserVices-based IoT (iRECOVer), where each IoT device has a fully modular software adopting a Microservices-based architecture. This architecture at the device level leads to a new generation of IoT devices, where an IoT device is composed of a set of programmable functional modules that can be plugged-in/out of the device dynamically. iRECOVer enables patching vulnerable modules of devices by unplugging and replacing them with secure and patched modules on-the-fly, with zero or minimal device downtime. Furthermore, the security management of deployed IoT devices is automated by supporting the remote activation/deactivation of modules inside the device. We also discuss how iRECOVer supports heterogeneous IoT devices by incorporating a custom-designed mitigation solution for each device. These mitigation solutions may consist of modules provided by different vendors or publicly available and verified modules, therefore reducing the development efforts as well as catering for the prevailing lack of security expertise in the IoT industry. We present an experimental evaluation of our solution by measuring the benefits in terms of reduced mitigation time, performance, and impact on device functionality. Our results, when compared with existing approaches, indicate that the proposed solution is able to achieve on-the-fly mitigation of deployed IoT devices in negligible time, while incurring a low CPU load and additionally requiring, on average, only 4.5% of the device’s memory.