Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Lukas Alexander Gressl; Michael Krisper; Christian Steger; Ulrich Neffe

doi:10.1007/978-3-030-54549-9_25

Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Lukas Alexander Gressl, Michael Krisper, Christian Steger, Ulrich Neffe

Institut für Technische Informatik (4480)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework’s feasibility and performance by revisiting an industry partner’s potential system design of a future IoT device.

Originalsprache	englisch
Titel	Computer Safety, Reliability, and Security
Untertitel	39th International Conference, SAFECOMP 2020, Proceedings
Redakteure/-innen	António Casimiro, Pedro Ferreira, Frank Ortmeier, Friedemann Bitsch
Herausgeber (Verlag)	Springer
Seiten	372-386
Seitenumfang	15
ISBN (Print)	9783030545482
DOIs	https://doi.org/10.1007/978-3-030-54549-9_25
Publikationsstatus	Veröffentlicht - 31 Juli 2020
Veranstaltung	39th International Conference on Computer Safety, Reliability and Security: SAFECOMP 2020 - Lisbon, Virtual, Portugal Dauer: 15 Sept. 2020 → 18 Sept. 2020

Publikationsreihe

Name	Lecture Notes in Computer Science
Band	12234
ISSN (Print)	0302-9743
ISSN (elektronisch)	1611-3349

Konferenz

Konferenz	39th International Conference on Computer Safety, Reliability and Security
Kurztitel	SAFECOMP 2020
Land/Gebiet	Portugal
Ort	Lisbon, Virtual
Zeitraum	15/09/20 → 18/09/20

ASJC Scopus subject areas

Allgemeine Computerwissenschaft
Hardware und Architektur

Fields of Expertise

Information, Communication & Computing

Treatment code (Nähere Zuordnung)

Application

Zugriff auf Dokument

10.1007/978-3-030-54549-9_25

Andere Dateien und Links

http://www.scopus.com/inward/record.url?scp=85090095990&partnerID=8YFLogxK

UB Smart - UWB basierende Smart Access Plattform
Steger, C., Gadringer, M. E., Witrisal, K., Veit, D., Leitgeb, E., Gressl, L. A. & Ess, A.
1/02/17 → 29/02/20
Projekt: Forschungsprojekt

Towards an Automated Exploration of Secure IoT/CPS Design-Variants
Michael Krisper (Redner/in)
17 Sept. 2020
Aktivität: Vortrag oder Präsentation › Vortrag bei Konferenz oder Fachtagung › Science to science

Dieses zitieren

Gressl, L. A., Krisper, M., Steger, C., & Neffe, U. (2020). Towards an Automated Exploration of Secure IoT/CPS Design-Variants. in A. Casimiro, P. Ferreira, F. Ortmeier, & F. Bitsch (Hrsg.), Computer Safety, Reliability, and Security : 39th International Conference, SAFECOMP 2020, Proceedings (S. 372-386). (Lecture Notes in Computer Science; Band 12234). Springer. https://doi.org/10.1007/978-3-030-54549-9_25

Towards an Automated Exploration of Secure IoT/CPS Design-Variants. / Gressl, Lukas Alexander; Krisper, Michael ; Steger, Christian et al.
Computer Safety, Reliability, and Security : 39th International Conference, SAFECOMP 2020, Proceedings. Hrsg. / António Casimiro; Pedro Ferreira; Frank Ortmeier; Friedemann Bitsch. Springer, 2020. S. 372-386 (Lecture Notes in Computer Science; Band 12234).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Gressl, LA, Krisper, M , Steger, C & Neffe, U 2020, Towards an Automated Exploration of Secure IoT/CPS Design-Variants. in A Casimiro, P Ferreira, F Ortmeier & F Bitsch (Hrsg.), Computer Safety, Reliability, and Security : 39th International Conference, SAFECOMP 2020, Proceedings. Lecture Notes in Computer Science, Bd. 12234, Springer, S. 372-386, 39th International Conference on Computer Safety, Reliability and Security, Lisbon, Virtual, Portugal, 15/09/20. https://doi.org/10.1007/978-3-030-54549-9_25

Gressl, Lukas Alexander ; Krisper, Michael ; Steger, Christian et al. / Towards an Automated Exploration of Secure IoT/CPS Design-Variants. Computer Safety, Reliability, and Security : 39th International Conference, SAFECOMP 2020, Proceedings. Hrsg. / António Casimiro ; Pedro Ferreira ; Frank Ortmeier ; Friedemann Bitsch. Springer, 2020. S. 372-386 (Lecture Notes in Computer Science).

@inproceedings{152ef357e32546909fda3d792cea119d,

title = "Towards an Automated Exploration of Secure IoT/CPS Design-Variants",

abstract = "The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework{\textquoteright}s feasibility and performance by revisiting an industry partner{\textquoteright}s potential system design of a future IoT device.",

keywords = "Cyber security, Embedded system design, Secure CPS, Secure embedded consumer devices, Secure IoT systems",

author = "Gressl, {Lukas Alexander} and Michael Krisper and Christian Steger and Ulrich Neffe",

year = "2020",

month = jul,

day = "31",

doi = "10.1007/978-3-030-54549-9_25",

language = "English",

isbn = "9783030545482",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "372--386",

editor = "Ant{\'o}nio Casimiro and Pedro Ferreira and Frank Ortmeier and Friedemann Bitsch",

booktitle = "Computer Safety, Reliability, and Security",

note = "39th International Conference on Computer Safety, Reliability and Security : SAFECOMP 2020, SAFECOMP 2020 ; Conference date: 15-09-2020 Through 18-09-2020",

}

TY - GEN

T1 - Towards an Automated Exploration of Secure IoT/CPS Design-Variants

AU - Gressl, Lukas Alexander

AU - Krisper, Michael

AU - Steger, Christian

AU - Neffe, Ulrich

PY - 2020/7/31

Y1 - 2020/7/31

N2 - The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework’s feasibility and performance by revisiting an industry partner’s potential system design of a future IoT device.

AB - The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework’s feasibility and performance by revisiting an industry partner’s potential system design of a future IoT device.

KW - Cyber security

KW - Embedded system design

KW - Secure CPS

KW - Secure embedded consumer devices

KW - Secure IoT systems

UR - http://www.scopus.com/inward/record.url?scp=85090095990&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-54549-9_25

DO - 10.1007/978-3-030-54549-9_25

M3 - Conference paper

SN - 9783030545482

T3 - Lecture Notes in Computer Science

SP - 372

EP - 386

BT - Computer Safety, Reliability, and Security

A2 - Casimiro, António

A2 - Ferreira, Pedro

A2 - Ortmeier, Frank

A2 - Bitsch, Friedemann

PB - Springer

T2 - 39th International Conference on Computer Safety, Reliability and Security

Y2 - 15 September 2020 through 18 September 2020

ER -

Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Abstract

Publikationsreihe

Konferenz

ASJC Scopus subject areas

Fields of Expertise

Treatment code (Nähere Zuordnung)

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Projekte

UB Smart - UWB basierende Smart Access Plattform

Aktivitäten

Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Dieses zitieren