Designing and assessing the security of IoT systems is very challenging, mainly due to the fact that new threats and vulnerabilities affecting IoT devices are continually discovered and published. Moreover, new (typically low-cost) devices are continuously plugged-in into IoT systems, thus introducing unpredictable security issues. This paper proposes a methodology aimed at automating the threat modeling and risk analysis processes for an IoT system. Such methodology enables to identify existing threats and related countermeasures and relies upon an open catalogue, built in the context of EU projects, for gathering information about threats and vulnerabilities of the IoT system under analysis. In order to validate the proposed methodology, we applied it to a real case study, based on a commercial smart home application.
CITATION STYLE
Rak, M., Casola, V., De Benedictis, A., & Villano, U. (2019). Automated risk analysis for IOT systems. In Lecture Notes on Data Engineering and Communications Technologies (Vol. 24, pp. 265–275). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-02607-3_24
Mendeley helps you to discover research relevant for your work.