Abstract. Internet of Things (IoT) can be seen as the main driver towards an era of ubiquitous computing. Taking into account the scale of IoT, the number of security issues that emerge are unprecedented, therefore the need for proposing new methodologies for elaborating about security in IoT systems is undoubtedly crucial and this is recognised by both academia and the industry alike. In this work we present Apparatus, a conceptual model for reasoning about security in IoT systems through the lens of Security Requirements Engineering. Apparatus is architecture-oriented and describes an IoT system as a cluster of nodes that share network connections. The information of the system is documented in a textual manner, using Javascript Notation Object (JSON) format, in order to elicit security requirements. To demonstrate its usage the security requirements of a temperature monitor system are identified and a first application of Apparatus is exhibited.
This paper proposes a conceptual model to support decision makers during security analysis of Internet of Things (IoT) systems. The world is entering an era of ubiquitous computing with IoT being the main driver. Taking into account the scale of IoT, the number of security issues that are arising are unprecedented. Both academia and industry require methodologies that will enable reasoning about security in IoT system in a concise and holistic manner. The proposed conceptual model addresses a number of challenges in modeling IoT to support security analysis. The model is based on an architecture-oriented approach that incorporates sociotechnical concepts into the security analysis of an IoT system. To demonstrate the usage of the proposed conceptual model, we perform a security analysis on a small scale smart home example.
The technological leap of smart technologies and the Internet of Things has advanced the conventional model of the electrical power and energy systems into a new digital era, widely known as the Smart Grid. The advent of Smart Grids provides multiple benefits, such as self-monitoring, self-healing and pervasive control. However, it also raises crucial cybersecurity and privacy concerns that can lead to devastating consequences, including cascading effects with other critical infrastructures or even fatal accidents. This paper introduces a novel architecture, which will increase the Smart Grid resiliency, taking full advantage of the Software-Defined Networking (SDN) technology. The proposed architecture called SDN-microSENSE architecture consists of three main tiers: (a) Risk assessment, (b) intrusion detection and correlation and (c) self-healing. The first tier is responsible for evaluating dynamically the risk level of each Smart Grid asset. The second tier undertakes to detect and correlate security events and, finally, the last tier mitigates the potential threats, ensuring in parallel the normal operation of the Smart Grid. It is noteworthy that all tiers of the SDN-microSENSE architecture interact with the SDN controller either for detecting or mitigating intrusions.
Internet of Things (IoT) systems are ubiquitous, highly complex and dynamic event-based systems. These characteristics make their security analysis challenging. Security in IoT requires domain-specific methodologies and tools. The proposed methodologies need to be able to capture information from software and hardware constructs to security and social constructs. In this paper, in addition to refining the modeling language of the Apparatus Framework, we propose a class-based notation of the modeling language and a structured approach to transition between different models. Apparatus is a security framework developed to facilitate security analysis in IoT systems. We demonstrate the application of the framework by analyzing the security of smart public transport system. The security analysis and visualization of the system are facilitated by a software application that is developed as part of the Apparatus Framework.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.