In this talk, I will discuss how to ensure IoT implementations adhere to safety, security, and privacy properties using a range of analysis techniques. In particular, I will introduce two systems for automated security and privacy analysis of IoT source code: A static taint analysis system, which characterizes the use and potential misuse of sensitive data and uncovers privacy issues in IoT applications; and a system for formal verification of IoT applications via model checking for safety and security. Through this research, we develop formally grounded methods for analysis of IoT applications and enable developers, markets, and consumers to identify threats to security and privacy.

Biography: Berkay Celik is a Ph.D. candidate in Computer Science and Engineering at the Pennsylvania State University, advised by Prof. Patrick McDaniel. Berkay has researched a variety of security topics, including machine learning systems, network security, and privacy enhancing technologies. He earned his M.S. at Penn State with a major in Computer Science and Engineering and a minor in Computational Science. His dissertation is in the area of Internet of Things (IoT), particularly the construction of systems that ensure safety, security, and privacy in commodity IoT applications through program analysis. He expects to earn his Ph.D. in Spring 2019. Berkay has had several internships in industry, including at VMware and Vencore Labs.