Language-based permissions in embedded systems

Abstract

Embedded devices connected to the Internet are at risk of being targeted by malware attacks that may either use the vulnerable devices as part of a bot-net or as a source of sensitive data leaks. Securing embedded devices with access control could make devices less susceptible to attacks. This thesis investigates the usefulness and applicability of role based access control in an embedded system when using a query engine based on the logic programming languageDatalogonaFreeRTOS-platform. Ourfindingsshowthatimplementingaccess control into a preexisting codebase can be done efficiently but we recognize that the query engine needs to perform the evaluation faster to meet real-time requirements. We discuss possible causes to the slow evaluation and future improvements that could increase the performance.