1,456 research outputs found
Cyber-Physical Systems: a multi-criteria assessment for Internet-of-Things (IoT) systems
This research work was partially supported by funds provided by the European Commission in the scope of FoF/H2020-636909 C2NET, FoF/H2020-723710 vf-OS and ICT/H2020-825631 ZDMP.This article addresses a multi-criteria decision problem regarding the more suitable device (system) to perform a task for cyber-physical systems. New embedded systems provided everyday makes engineersâ decision very difficult. Components are proposed to formally describe solutions, criteria, constraints and priorities, taking into account usersâ specific aspects. To materialise all formal descriptions, a model-driven approach is followed, allowing the design of enablers for interoperability with standards. It is enabled the use of different software languages and decision methods. Proposed framework enables a better Internet-of-Things system selection, and therefore stakeholders can perform a more suitable design of their cyber-physical enterprise systems.authorsversioninpres
Recommended from our members
Secure Remote Attestation for Safety-Critical Embedded and IoT Devices
In recent years, embedded and cyber-physical systems (CPS), under the guise of Internet-of-Things (IoT), have entered many aspects of daily life. Despite many benefits, this develop-ment also greatly expands the so-called attack surface and turns these newly computerizedgadgets into attractive attack targets. One key component in securing IoT devices is malwaredetection, which is typically attained with (secure) remote attestation. Remote attestationis a distinct security service that allows a trusted verifier to verify the internal state of aremote untrusted device. Remote attestation is especially relevant for low/medium-end em-bedded devices that are incapable of protecting themselves against malware infection. Assafety-critical IoT devices become commonplace, it is crucial for remote attestation not tointerfere with the deviceâs normal operations. In this dissertation, we identify major issues inreconciling remote attestation and safety-critical application needs. We show that existingattestation techniques require devices to perform uninterruptible (atomic) operations duringattestation. Such operations can be time-consuming and thus may be harmful to the deviceâssafety-critical functionality. On the other hand, simply relaxing security requirements of re-mote attestation can lead to other vulnerabilities. To resolve this conflict, this dissertationpresents the design, implementation, and evaluation of several mitigation techniques. In par-ticular, we propose two light-weight techniques capable of providing interruptible attestationmodality. In contrast to traditional techniques, our proposed techniques allow interrupts tooccur during attestation while ensuring malware detection via shuffled memory traversals ormemory locking mechanisms. Another type of techniques pursued in this dissertation aimsto minimize the real-time computation overhead during attestation. We propose using peri-odic self-measurements to measure and record the deviceâs state, resulting in more flexiblescheduling of the attestation process and also in no real-time burden as part of its interactionwith verifier. This technique is particularly suitable for swarm settings with a potentiallylarge number of safety-critical devices. Finally, we develop a remote attestation HYDRAarchitecture, based on a formally verified component, and use it as a building block in ourproposed mitigation techniques. We believe that this architecture may be of independentinterest
Optimising a defence-aware threat modelling diagram incorporating a defence-in-depth approach for the internet-of-things
Modern technology has proliferated into just about every aspect of life while improving the quality of life. For instance, IoT technology has significantly improved over traditional systems, providing easy life, time-saving, financial saving, and security aspects. However, security weaknesses associated with IoT technology can pose a significant threat to the human factor. For instance, smart doorbells can make household life easier, save time, save money, and provide surveillance security. Nevertheless, the security weaknesses in smart doorbells could be exposed to a criminal and pose a danger to the life and money of the household. In addition, IoT technology is constantly advancing and expanding and rapidly becoming ubiquitous in modern society. In that case, increased usage and technological advancement create security weaknesses that attract cybercriminals looking to satisfy their agendas.
Perfect security solutions do not exist in the real world because modern systems are continuously improving, and intruders frequently attempt various techniques to discover security flaws and bypass existing security control in modern systems. In that case, threat modelling is a great starting point in understanding the threat landscape of the system and its weaknesses. Therefore, the threat modelling field in computer science was significantly improved by implementing various frameworks to identify threats and address them to mitigate them. However, most mature threat modelling frameworks are implemented for traditional IT systems that only consider software-related weaknesses and do not address the physical attributes. This approach may not be practical for IoT technology because it inherits software and physical security weaknesses. However, scholars employed mature threat modelling frameworks such as STRIDE on IoT technology because mature frameworks still include security concepts that are significant for modern technology. Therefore, mature frameworks cannot be ignored but are not efficient in addressing the threat associated with modern systems.
As a solution, this research study aims to extract the significant security concept of matured threat modelling frameworks and utilise them to implement robust IoT threat modelling frameworks. This study selected fifteen threat modelling frameworks from among researchers and the defence-in-depth security concept to extract threat modelling techniques. Subsequently, this research study conducted three independent reviews to discover valuable threat modelling concepts and their usefulness for IoT technology. The first study deduced that integration of threat modelling approach software-centric, asset-centric, attacker-centric and data-centric with defence-in-depth is valuable and delivers distinct benefits. As a result, PASTA and TRIKE demonstrated four threat modelling approaches based on a classification scheme. The second study deduced the features of a threat modelling framework that achieves a high satisfaction level toward defence-in-depth security architecture. Under evaluation criteria, the PASTA framework scored the highest satisfaction value. Finally, the third study deduced IoT systematic threat modelling techniques based on recent research studies. As a result, the STRIDE framework was identified as the most popular framework, and other frameworks demonstrated effective capabilities valuable to IoT technology.
Respectively, this study introduced Defence-aware Threat Modelling (DATM), an IoT threat modelling framework based on the findings of threat modelling and defence-in-depth security concepts. The steps involved with the DATM framework are further described with figures for better understatement. Subsequently, a smart doorbell case study is considered for threat modelling using the DATM framework for validation. Furthermore, the outcome of the case study was further assessed with the findings of three research studies and validated the DATM framework. Moreover, the outcome of this thesis is helpful for researchers who want to conduct threat modelling in IoT environments and design a novel threat modelling framework suitable for IoT technology
Securing Node-RED Applications
Trigger-Action Platforms (TAPs) play a vital role in fulfilling the promise of the Internet of Things (IoT) by seamlessly connecting otherwise unconnected devices and services. While enabling novel and exciting applications across a variety of services, security and privacy issues must be taken into consideration because TAPs essentially act as persons-in-the-middle between trigger and action services. The issue is further aggravated since the triggers and actions on TAPs are mostly provided by third parties extending the trust beyond the platform providers. Node-RED, an open-source JavaScript-driven TAP, provides the opportunity for users to effortlessly employ and link nodes via a graphical user interface. Being built upon Node.js, third-party developers can extend the platformâs functionality through publishing nodes and their wirings, known as flows. This paper proposes an essential model for Node-RED, suitable to reason about nodes and flows, be they benign, vulnerable, or malicious. We expand on attacks discovered in recent work, ranging from exfiltrating data from unsuspecting users to taking over the entire platform by misusing sensitive APIs within nodes. We present a formalization of a runtime monitoring framework for a core language that soundly and transparently enforces fine-grained allowlist policies at module-, API-, value-, and context-level. We introduce the monitoring framework for Node-RED that isolates nodes while permitting them to communicate via well-defined API calls complying with the policy specified for each node
Microservice Transition and its Granularity Problem: A Systematic Mapping Study
Microservices have gained wide recognition and acceptance in software
industries as an emerging architectural style for autonomic, scalable, and more
reliable computing. The transition to microservices has been highly motivated
by the need for better alignment of technical design decisions with improving
value potentials of architectures. Despite microservices' popularity, research
still lacks disciplined understanding of transition and consensus on the
principles and activities underlying "micro-ing" architectures. In this paper,
we report on a systematic mapping study that consolidates various views,
approaches and activities that commonly assist in the transition to
microservices. The study aims to provide a better understanding of the
transition; it also contributes a working definition of the transition and
technical activities underlying it. We term the transition and technical
activities leading to microservice architectures as microservitization. We then
shed light on a fundamental problem of microservitization: microservice
granularity and reasoning about its adaptation as first-class entities. This
study reviews state-of-the-art and -practice related to reasoning about
microservice granularity; it reviews modelling approaches, aspects considered,
guidelines and processes used to reason about microservice granularity. This
study identifies opportunities for future research and development related to
reasoning about microservice granularity.Comment: 36 pages including references, 6 figures, and 3 table
Software Development Support for Shared Sensing Infrastructures: A Generative and Dynamic Approach
International audienceSensors networks are the backbone of large sensing infras-tructures such as Smart Cities or Smart Buildings. Classical approaches suffer from several limitations hampering developers' work (e.g., lack of sensor sharing, lack of dynamicity in data collection policies, need to dig inside big data sets, absence of reuse between implementation platforms). This paper presents a tooled approach that tackles these issues. It couples (i) an abstract model of developers' requirements in a given infrastructure to (ii) timed automata and code generation techniques, to support the efficient deployment of reusable data collection policies on different infrastructures. The approach has been validated on several real-world scenarios and is currently experimented on an academic campus
A Multi-Criteria Framework to Assist on the Design of Internet-of-Things Systems
The Internet-of-Things (IoT), considered as Internet first real evolution, has become
immensely important to society due to revolutionary business models with the potential
to radically improve Human life. Manufacturers are engaged in developing embedded
systems (IoT Systems) for different purposes to address this new variety of application
domains and services. With the capability to agilely respond to a very dynamic market
offer of IoT Systems, the design phase of IoT ecosystems can be enhanced. However,
select the more suitable IoT System for a certain task is currently based on stakeholderâs
knowledge, normally from lived experience or intuition, although it does not mean that
a proper decision is being made. Furthermore, the lack of methods to formally describe
IoT Systems characteristics, capable of being automatically used by methods is also an
issue, reinforced by the growth of available information directly connected to Internet
spread.
Contributing to improve IoT Ecosystems design phase, this PhD work proposes a
framework capable of fully characterise an IoT System and assist stakeholderâs on the decision
of which is the proper IoT System for a specific task. This enables decision-makers
to perform a better reasoning and more aware analysis of diverse and very often contradicting
criteria. It is also intended to provide methods to integrate energy consumptionsimulation
tools and address interoperability with standards, methods or systems within
the IoT scope. This is addressed using a model-driven based framework supporting a
high openness level to use different software languages and decision methods, but also
for interoperability with other systems, tools and methods
- âŠ