Today, so-called "smart'' (and often interconnected) devices are propagating into many spheres of life, including: critical infrastructure, industrial control, transportation, as well as home and office automation. These devices are "smart'' since they incorporate specialized computing capabilities. However, they are not general-purpose computers and thus can not take advantage of sophisticated security features, such as anti-malware tools. At the same time, as the well-known Stuxnet incident illustrated, smart devices represent attractive attack targets, and their compromise poses real threats both to security and privacy. Recent attacks on thermostats, cars and other gadgets demonstrate viability and potential danger of inadequate security. Preventing remote malware attacks on smart devices is a formidable challenge that requires resources and features which incur certain (sometimes prohibitive) costs. For stand-alone devices, the only realistic defense is attack detection and subsequent disinfection. This prompts the need for so-called "remote attestation", a security service that involves a trusted entity (verifier) checking software integrity of a remote and possibly infected device (prover). The first part of this talk will consider this simple setting and describe recent work in designing remote attestation techniques that aim to minimize requirements needed to support this service, especially for low-end devices. The second part will broaden the scope to systems of interconnected devices, such as drone swarms, building automation systems and automotive components. Remote attestation of grouped and networked devices is challenging because of scale and increased chances of device capture and physical attacks. To this end, this talk will overview some recent results in scalable remote attestation of networked devices and methods for mitigating physical attacks.