Building Trust in a Connected World
In this blog Masoom Rabbani explains his research with Remote Attestation (RA) which could be the next big thing in security for IoT devices. This is also a call for test pilots to the research in Remote Attestation.
Dr Masoom Rabbani is Assistant Professor in Computer and Network Systems at the Department of Computer Science and Engineering at Chalmers University of Technology in Göteborg.
When I first encountered the concept of smart infrastructure, it wasn’t in a research paper or in a high-tech lab, it was at a local municipal conference in Padova, Italy. Officials enthusiastically presented visions of sustainable living powered by connected technologies. Smart dishwashers would reuse water to flush toilets, sensors would monitor energy use, and connected homes would become greener homes. It was inspiring but also incomplete. No one mentioned security. That moment stuck with me.
References:
- Cybersecurity Ventures (2020): Cybercrime To Cost The World $10.5 Trillion Annually By 2025.
- Lee Mathews: Criminals Hacked A Fish Tank To Steal Data From A Casino, Forbes.
- Statista (2025). ”Number of Internet of Things (IoT) connections worldwide from 2022 to 2023, with forecasts from 2024 to 2033.”
- Dagens Nyheter (2010). Riktad virusattack mot Irans kärnkraftsanläggning.
Remote Attestation
If our water, energy, and healthcare systems are becoming more connected, who is ensuring they remain safe from tampering or misuse? That question now defines my research and professional path: making connected systems trustworthy through a technology called Remote Attestation (RA). As I start my research career in Sweden, I hope to connect with professional municipal workers, water-management technicians and healthcare providers who may benefit from what we’re developing and help bring these tools into the real world.
The risks lurking in connected systems
If you’re a nurse relying on smart medical devices, a municipal worker managing city sensors, a doctor overseeing patient tech, or a water technician controlling treatment systems, you’re already using the Internet of Things (IoT), everyday objects linked to the internet. These tools save time, cut costs, and improve lives. But they’re also targets.
Real examples hit close to home:
- A casino’s network was breached through a hacked fish tank thermostat (Lee Mathews, Forbes) – a proof that even small devices can expose big systems. Imagine a hospital’s patient data leaking the same way.
- The Mirai malware turned home cameras and routers into a cyberweapon, crashing internet services worldwide. Any Swedish smart city could face similar chaos.
- Stuxnet sabotaged Iran’s nuclear programme by targeting connected industrial systems (Dagens Nyheter, 2010). What if a water treatment plant is next?
With 39.6 billion IoT devices projected globally by 2033 (Statista, 2025) and cybercrime costs nearing $10.5 trillion annually (Cybersecurity Ventures, 2020), unsecured systems threaten healthcare, infrastructure, and public safety. Your work depends on tools you can trust and systems that can help ensure we have safe connections.
Remote Attestation: A simple, powerful fix
So, what is Remote Attestation? It’s like a security handshake. A trusted system, let’s say, a hospital server or municipal control hub asks a device (a heart monitor, a traffic sensor, a water valve) to prove it’s running the right software and hasn’t been hacked. The device sends back a digital “thumbs up” that’s checked against what’s expected. If it matches, you know it’s safe to use.
Unlike bulky antivirus programs, RA is lightweight perfect for small, low-power devices common in healthcare, water management and city networks. It doesn’t guess at threats; it confirms integrity with certainty. And this research is now ready for prime time, ripe for testing in real-world settings.
How Remote Assistation could be used:
- Healthcare Professionals: Nurses and doctors could rely on RA to ensure patient monitors or insulin pumps are secure, protecting care and privacy without extra hassle.
- Municipal Workers: In Sweden’s smart cities, RA could verify that streetlights, waste sensors, or energy grids are uncompromised, keeping services smooth and sustainable.
- Water Technicians: RA could check that pumps and sensors in treatment plants are tamper-free, preventing contamination or outages.
- Emergency Teams: Drones aiding rescues could use RA to prove they’re under control, not hijacked mid-mission.
Time to test research in real life – a call for test pilots
Remote Attestation has evolved beyond theory. It’s now at a stage where real-world pilots in hospitals, water systems, or city infrastructure can show its worth. Sweden, with its knack for innovation and public service, is the perfect place to start. If you would like to try this concept in your area of work you could get in touch and together, we can test RA in your environment, mdmasoom.rabbani@chalmers.se
