Security Risk Estimation and Management in Autonomous Driving Vehicles

Affia, Abasi-amefon O.; Matulevičius, Raimundas; Tõnisson, Rando

doi:10.1007/978-3-030-79108-7_2

Cited by 4 publications

(6 citation statements)

References 18 publications

(19 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To study the security aspects and possible risks with IoTHDs, we apply information systems security risk management (ISSRM) concepts, defined by Dubois et al [89], that define the asset, risk, and risk treatment-related concepts to guide security risk management. We selected the ISSRM method because it supported systematic asset identification and functional decomposition of the system [90,91] when compared to other risk management methods used for IoT systems, such as NIST (National Institute of Standards and Technology) [92], OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation Method) [93], and TARA (Threat Assessment and Remediation Analysis) [94]. Affia et al [95] provides a more detailed comparison of these methods.…”

Section: Security Risk Managementmentioning

confidence: 99%

IoT Health Devices: Exploring Security Risks in the Connected Landscape

Affia

Finch

Jung

et al. 2023

IoT

View full text Add to dashboard Cite

The concept of the Internet of Things (IoT) spans decades, and the same can be said for its inclusion in healthcare. The IoT is an attractive target in medicine; it offers considerable potential in expanding care. However, the application of the IoT in healthcare is fraught with an array of challenges, and also, through it, numerous vulnerabilities that translate to wider attack surfaces and deeper degrees of damage possible to both consumers and their confidence within health systems, as a result of patient-specific data being available to access. Further, when IoT health devices (IoTHDs) are developed, a diverse range of attacks are possible. To understand the risks in this new landscape, it is important to understand the architecture of IoTHDs, operations, and the social dynamics that may govern their interactions. This paper aims to document and create a map regarding IoTHDs, lay the groundwork for better understanding security risks in emerging IoTHD modalities through a multi-layer approach, and suggest means for improved governance and interaction. We also discuss technological innovations expected to set the stage for novel exploits leading into the middle and latter parts of the 21st century.

show abstract

Section: Security Risk Managementmentioning

confidence: 99%

IoT Health Devices: Exploring Security Risks in the Connected Landscape

Affia

Finch

Jung

et al. 2023

IoT

View full text Add to dashboard Cite

show abstract

“…The IoT system architecture covers how software and hardware components act and work mutually in gathering, processing, storing, distributing, and using information from distributed sources to perform specific tasks and make decisions that meet their design objectives (Affia et al, 2021;Lombardi et al, 2021). Due to the heterogeneous nature of IoT components, each of which depends on different design specifications and system requirements, no standard approach for IoT deployments fits all use-cases (Kumar and Mallick, 2018).…”

Section: Iot System Architecture Perspective To Security Risk Managementmentioning

confidence: 99%

“…Depending on the use case, various network protocols such as CoAP, Zigbee, 3G, LAN, Bluetooth, RFID, or NFC (Kumar and Mallick, 2018) can be used. Additionally, the network layer comprises the communication infrastructure and supporting protocols allowing end-users and objects to interact (Affia et al, 2021).…”

Section: Network Layer: •mentioning

confidence: 99%

IoT Security Risk Management: A Framework and Teaching Approach

Affia¹,

Nolte²,

Matulevičius³

2023

Informatics in Education

View full text Add to dashboard Cite

While Internet of Things (IoT) devices have increased in popularity and usage, their users have become more susceptible to cyber-attacks, thus emphasizing the need to manage the resulting security risks. However, existing works reveal research gaps in IoT security risk management frameworks where the IoT architecture – building blocks of the system – are not adequately considered for analysis. Also, security risk management includes complex tasks requiring appropriate training and teaching methods to be applied effectively. To address these points, we first proposed a security risk management framework that captures the IoT architecture perspective as an input to further security risk management activities. We then proposed a hackathon learning model as a practical approach to teach hackathon participants to apply the IoT security risk management framework. To evaluate the benefits of the framework and the hackathon learning model, we conducted an action research study that integrated the hackathon learning model into a cybersecurity course, where students learn how to apply the framework. Our findings show that the IoT-ARM framework was beneficial in guiding students towards IoT security risk management and producing repeatable outcomes. Additionally, the study demonstrated the applicability of the hackathon model and its interventions in supporting the learning of IoT security risk management and applying the proposed framework to real-world scenarios.

show abstract

“…Research such as [33][34][35][36][37] has paid great attention to influence and acceptance factors. In contrast, [8,[38][39][40][41][42][43][44][45][46] have focused on cybersecurity challenges and evaluations. Drawing parallelism from cybersecurity, risk assessment, security management techniques, security impacts and effects, and threat analysis has been beneficial for quantifying security.…”

Section: Two-factor Authentication (2fmentioning

confidence: 99%

Self-Aware Cybersecurity Architecture for Autonomous Vehicles: Security through System-Level Accountability

Adu-Kyere,

Nigussie,

Isoaho

2023

Sensors

View full text Add to dashboard Cite

The inherent dynamism of recent technological advancements in intelligent vehicles has seen multitudes of noteworthy security concerns regarding interactions and data. As future mobility embraces the concept of vehicles-to-everything, it exacerbates security complexities and challenges concerning dynamism, adaptiveness, and self-awareness. It calls for a transition from security measures relying on static approaches and implementations. Therefore, to address this transition, this work proposes a hierarchical self-aware security architecture that effectively establishes accountability at the system level and further illustrates why such a proposed security architecture is relevant to intelligent vehicles. The article provides (1) a comprehensive understanding of the self-aware security concept, with emphasis on its hierarchical security architecture that enables system-level accountability, and (2) a deep dive into each layer supported by algorithms and a security-specific in-vehicle black box with external virtual security operation center (VSOC) interactions. In contrast to the present in-vehicle security measures, this architecture introduces characteristics and properties that enact self-awareness through system-level accountability. It implements hierarchical layers that enable real-time monitoring, analysis, decision-making, and in-vehicle and remote site integration regarding security-related decisions and activities.

show abstract

Security Risk Estimation and Management in Autonomous Driving Vehicles

Cited by 4 publications

References 18 publications

IoT Health Devices: Exploring Security Risks in the Connected Landscape

IoT Health Devices: Exploring Security Risks in the Connected Landscape

IoT Security Risk Management: A Framework and Teaching Approach

Self-Aware Cybersecurity Architecture for Autonomous Vehicles: Security through System-Level Accountability

Contact Info

Product

Resources

About