Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Lukas Alexander Gressl, Michael Krisper, Christian Steger, Ulrich Neffe

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework’s feasibility and performance by revisiting an industry partner’s potential system design of a future IoT device.
Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security
Subtitle of host publication39th International Conference, SAFECOMP 2020, Proceedings
EditorsAntónio Casimiro, Pedro Ferreira, Frank Ortmeier, Friedemann Bitsch
Number of pages15
ISBN (Print)9783030545482
Publication statusPublished - 31 Jul 2020
EventThe 39th International Conference on Computer Safety, Reliability and Security - Virtuell, Portugal
Duration: 15 Sep 202018 Sep 2020

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceThe 39th International Conference on Computer Safety, Reliability and Security
Abbreviated titleSAFECOMP 2020


  • Cyber security
  • Embedded system design
  • Secure CPS
  • Secure embedded consumer devices
  • Secure IoT systems

ASJC Scopus subject areas

  • Computer Science(all)
  • Hardware and Architecture

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application

Fingerprint Dive into the research topics of 'Towards an Automated Exploration of Secure IoT/CPS Design-Variants'. Together they form a unique fingerprint.

Cite this