As network infrastructures around the globe continue to mature, the declining cost of sensor components has given rise to a surge of Internet of Things (IoT) devices, which has itself become an important driving force for current global economic growth. According to research from the McKinsey Global Institute, the overall IoT market is estimated to reach US$4-11trillion by 2025. But behind the prospering business prospects lies the equally concerning problem of growing IT security threats. Currently, IoT devices have become a preferred target of hacker groups, who use them as a convenient relay to launch volumetric and distributed denial-of-service (DDoS) attacks to demand ransoms or achieve specific political objectives, posing an unprecedented threat to businesses or countries.

Most vulnerabilities in IoT devices stem from unchanged default passwords or firmware problems that result in loopholes hackers can exploit. In other words, these vulnerabilities can be solved simply by changing passwords or updating firmware. However, a large number of vulnerable IoT devices in the network environment can be a burdensome load for maintenance personnel to handle. To combat this, the Integrated Digital Services Laboratory (IDSL) of National Taiwan University of Science and Technology (Taiwan Tech) - a team dedicated to solving security problems by combining information technology (IT) tools with the latest trend developments - released an automated patch management software and corresponding security protocols a few years ago to help enterprises quickly address this problem.

Nai-Wei Lo, dean at the College of Management, Taiwan Tech, says that unchanged default passwords and firmware vulnerabilities are common security problems of IoT devices and that their automated patch finder is the result of the first phase of their research. Considering that different security issues are faced by IoT devices in smart cities, smart factories, and smart medical environments, the team's second phase of research will focus on designing dedicated security solutions for different types of devices. For example, in the context of smart medical environments, it is necessary to guarantee both data security and patient safety, so solutions developed must be able to identify participants while meeting the requirements above.

With the continuous emergence of innovative technologies in recent years, IDSL has decided to focus its current research efforts on the fields of information security (InfoSec), IoT, cloud computing, crowdsensing, crowdsourcing, blockchain, edge computing, and 5G security, among others. The IDSL team is committed to the design and research of advanced InfoSec technologies and systems within the context of emerging network environments and innovative applications. Take blockchain technology as an example: while the current market applications are mainly centered around cryptocurrency transactions and smart contracts, IDSL instead chose to engage in the development of applications for Industry 4.0 and payment systems, as well as address potential IT security issues that may arise in the future.

Offering pro bono aid to Eden Social Welfare Foundation in the spirit of social responsibility

IDSL has not only achieved significant results in industry-academia collaboration projects but has also engaged in extensive, fruitful partnerships with major electronic brands like Cimforce and Sunnic Technology & Merchandise Inc. For example, the smart school system developed in collaboration with Sunnic Technology & Merchandise Inc is a platform that chiefly uses various IoT technologies to manage school security and enable printing from mobile phones and renting meeting rooms online. Since the system's services are almost completely automated, it is a near-zero-touch service model that is very well suited to the new normal of the post-pandemic era.

On the other hand, IDSL has also undertaken pro bono app development for Eden Social Welfare Foundation's EHome bot, fulfilling university social responsibility (USR) and setting an example for other educational institutions. Lo says that because Eden Social Welfare Foundation is dedicated to helping the physically challenged and disadvantaged, they saw fit to establish the EHome bot platform with funding from the public, which provides accommodations at lower prices or free of charge to disadvantaged citizens when they travel to northern Taiwan for medical reasons. In order to help the foundation solve the problem of having to manually manage a large number of rental accommodations, the IDSL team spent one year and assigned six postgraduate students to design EHome bot. This innovative app allows the rental, management, and cleaning of rooms to be streamlined through the LINE mobile messenger app. Upon completion in June 2021, ownership of the app was transferred to the foundation's Information Management Office at no cost.

In recent years, InfoSec issues have not only received increasing public attention but even become a matter of national security, attracting more and more industry players around the world to invest in the field. Information systems are developed by a large number of engineers and this process invariably gives rise to a variety of security issues. Since its establishment, IDSL has accumulated considerable experience and expertise in both IT and InfoSec. By working with Taiwan Tech's Global Research and Industry Alliance (TAItech GLORIA), GLORIA's networking experts are able to help match the IDSL team with like-minded enterprises to join forces. Furthermore, GLORIA also carries out promotion and commercialization of research results with support from the Ministry of Science and Technology, thereby assisting the team in transferring its accumulated R&D results to private enterprises. In the future, GLORIA will continue to help the team deepen industry-academia collaboration, cultivate industry-ready professionals, and strengthen the global competitiveness of Taiwan's InfoSec industry.