Towards model co-evolution across self-adaptation steps for combined safety and security analysis

Witte, Thomas; Groner, Raffaela; Raschke, Alexander; Tichy, Matthias; Pekaric, Irdin; Felderer, Michael

doi:10.1145/3524844.3528062

Cited by 4 publications

(1 citation statement)

References 26 publications

(37 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Witte et al [40] propose the Attack-Fault-Trees modeling approach to analyze security issues, while Yuan et al [41] provide a taxonomy, patterns, and tactics for self-protecting software systems, and propose the Architecture-Based Self-Protection approach [42] for web applications. The Anomaly Behavior Analysis Intrusion Detection System [43], [44] is used to detect known and unknown attacks in smart cyber infrastructures.…”

Section: Related Workmentioning

confidence: 99%

A Distributed MAPE-K Framework for Self-Protective IoT Devices

Riegler

Sametinger

Vierhauser

2023

2023 IEEE/ACM 18th Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS)

View full text Add to dashboard Cite

Internet of Things (IoT) devices have become ubiquitous in our everyday life, with security becoming an evergrowing issue as more and more cyber-attack incidents being reported, primarily due to deficiencies in existing security mechanisms. However, while, for example, cloud-based applications, or industrial automation systems of systems possess significant resources for monitoring health, and determining their status and correct behavior at runtime, IoT devices operate with limited hardware capabilities and under tight resource constraints, making monitoring, analysis, and response activities a challenging endeavor. Following the NIST Cybersecurity Framework, IoT devices need to identify, protect, detect, respond, and recover from cyber-attacks, unauthorized access, and other security threats. A common way to provide self-adaptation to changing conditions is the MAPE-K loop with four pivotal phases: Monitor, Analyze, Plan, and Execute. This paper presents DSec4IoT, a "Distributed MAPE-K Framework for Self-Protective IoT Devices". Our framework leverages the idea of distributed MAPE-K patterns and establishes a model for managing and controlling Self-Protective IoT Devices. We evaluate our approach by simulating port scans and performing adaptation activities. Results have confirmed that DSec4IoT can be easily applied to detect and mitigate them.

show abstract