Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Lukas Alexander Gressl, Michael Krisper, Christian Steger, Ulrich Neffe

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework’s feasibility and performance by revisiting an industry partner’s potential system design of a future IoT device.
Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security
Subtitle of host publication39th International Conference, SAFECOMP 2020, Proceedings
EditorsAntónio Casimiro, Pedro Ferreira, Frank Ortmeier, Friedemann Bitsch
PublisherSpringer
Pages372-386
Number of pages15
ISBN (Print)9783030545482
DOIs
Publication statusPublished - 31 Jul 2020
Event39th International Conference on Computer Safety, Reliability and Security: SAFECOMP 2020 - Lisbon, Virtual, Portugal
Duration: 15 Sep 202018 Sep 2020

Publication series

NameLecture Notes in Computer Science
Volume12234
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference39th International Conference on Computer Safety, Reliability and Security
Abbreviated titleSAFECOMP 2020
Country/TerritoryPortugal
CityLisbon, Virtual
Period15/09/2018/09/20
Other15th Workshop on Dependable Smart Embedded and Cyber-Physical Systems and Systems-of-Systems, DECSoS 2020, 1st International Workshop on Dependable Development-Operation Continuum Methods for Dependable Cyber-Physical Systems, DepDevOps 2020, 1st International Workshop on Underpinnings for Safe Distributed AI, USDAI 2020, and 3rd International Workshop on Artificial Intelligence Safety Engineering, WAISE 2020, held in conjunction with the 39th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2020

Keywords

  • Cyber security
  • Embedded system design
  • Secure CPS
  • Secure embedded consumer devices
  • Secure IoT systems

ASJC Scopus subject areas

  • Computer Science(all)
  • Hardware and Architecture

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application

Fingerprint

Dive into the research topics of 'Towards an Automated Exploration of Secure IoT/CPS Design-Variants'. Together they form a unique fingerprint.

Cite this