Microsoft Research’s Project Sorpis is exploring ways to secure low cost IoT devices

Due to the significant drops in the cost of connectivity, nowadays many electronic devices are getting connected to the Internet. In the coming years, there will be tens of billions of these devices are controlled by microcontrollers. The problem here is that current microcontrollers are not prepared for the security threats posed by the internet connectivity.

Microsoft Research’s Project Sopris team is now exploring ways to secure the vast number of low-cost internet connected devices coming online. They have also published a report titled “The Seven Properties of Highly Secure Devices” outlining their research. They have tested different approaches to device security from silicon to software and they think that optimal device security must be rooted in hardware but kept up-to-date through evolving software.

To test their Sopris security kit, Sopris team has announced a new challenge for the security community. They are going to select 150 security experts to test their Sopris security kit and they will offer bounties ranging from $2,500 to $15,000 USD for submissions of eligible security vulnerabilities that achieve the impact described below.

Privilege EscalationInformation DisclosureRemote Code Execution
User SpaceN/A$2,500$5,000
Kernel: Normal World$2,500$5,000$10,000
Kernel: Secure World$5,000$10,000$15,000
Secure Silicon$10,000$15,000$15,000

You can read their technical report here. Learn more about this challenge here.

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.

Via Related