Kill switch design pattern for microservice architectures on internet of things devices

Abstract

Containers and virtual machines are being adopted to develop embedded Linux Internet-of-Things applications. Consumer Internet-of-Things devices have been notoriously insecure due to loss of continued software support. To help prevent this, we propose the ‘kill switch’ pattern. By defining operation levels for microservice-based virtualized application components and their respective communication paths, application functionality can be dynamically modified to an essential state. This thesis contributes: a formalized definition of the proposed design pattern for virtualized microservice applications; and an algorithm for handling the operation level mode change. We illustrate with three example realizations: a generic microservice-based model-view-controller application, an example system utilizing the Suricata intrusion detection system to generate events, and a modified Docker Engine implementation. Use cases, scenarios, and general application design processes are discussed, with suggested areas of future work.