A TRUST-BY-DESIGN FRAMEWORK FOR THE INTERNET OF THINGS

Similar documents
(Project Number ) SecSoN Workshop, ACM SIGCOMM 2018 Budapest, 24 August Mike Surridge, University of Southampton IT Innovation Centre

Featuring Trust and Reputation Management Systems for Constrained Hardware Devices*

Mobile Security Fall 2012

Open to the World. Dr. Anne Haglund-Morrissey Senior Policy Officer - Japan Desk DG Research and Innovation

Tax data analysis with secure computing. Dan Bogdanov, PhD Head of the Department of Privacy Technologies

5G-ENSURE Workshop, ETSI Security Week Sophia Antipolis, 16 June Mike Surridge, University of Southampton IT Innovation Centre

ELECTRONIC BANKING & ONLINE AUTHENTICATION

R&D on Trust & Security. Vilija Juceviciene European Commission Information Society and Media Directorate General Unit F5 - Trust & Security

ENISA EU Threat Landscape

Cyber security: a building block of the Digital Single Market

Development, Analysis and Evaluation of Cyber Resilience Strategies

Secure Societies in 2015

The UK s National Cyber Security Strategy

THE CHAIN OF TRUST. Keeping Computing Systems More Secure. Authors: Richard Wilkins, Ph.D. Phoenix Technologies, Ltd.

R&D to shape the networks and services of the future

WP2 Metrics of Cyber Security

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

An Integrated Framework for Multi-layer Certification-based Assurance

Security Enhancements

Illinois Cyber Navigator Program

IoT privacy risk management in ANASTACIA project

Client Computing Security Standard (CCSS)

PROJECT HIGHLIGHTS, EXPECTED IMPACT & FUTURE DIRECTIONS

Tool-Supported Cyber-Risk Assessment

Soumya Kanti Datta Research Engineer

Research Infrastructures and Horizon 2020

Agenda. 1. 5G Brasil Structure 2. Scenarios 3. Vertical Markets 4. Technological Trends 5. 5G at Inatel 6. Conclusions

How to return control over user data back to the user The rethink framework

European Responsible Care Forum. Security & Safe Maintenance

EU Research for Secure Societies

Introductory Speech to the Ramboll Event on the future of ENISA. Speech by ENISA s Executive Director, Prof. Dr. Udo Helmbrecht

Securing Europe s IoT Devices and Services

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

NIS Standardisation ENISA view

WP6 D6.2 Project website

GlobalPlatform Trusted Execution Environment (TEE) for Mobile

Adaptive Dispatching of Incidences based on Reputation for SCADA Systems

A Universal Micro-Server Ecosystem Exceeding the Energy and Performance Scaling Boundaries

UCD Centre for Cybersecurity & Cybercrime Investigation

The Industrial Internet: Opportunities, Disruptions and Standards. Stephen Mellor Chief Technical Officer Industrial Internet Consortium

Bringing EU Cybersecurity & privacy research results closer to the market

ESET SMART SECURITY 10

EXAMINATION [The sum of points equals to 100]

SCOTT Methodology for Building Blocks and Use Cases

SECURED SECurity at the network EDge

FlexLogIC Manufacturing innovation by PragmatIC

Cybercrime what is the hidden nature of digital criminal activities nowadays?

Teradata and Protegrity High-Value Protection for High-Value Data

A European Perspective on Smart Grids

VdTÜV Statement on the Communication from the EU Commission A Digital Single Market Strategy for Europe

Testimony of Gerard Keegan CTIA. Before the South Carolina Joint Bond Review Special Subcommittee July 26, 2018

Lecture Embedded System Security Introduction to Trusted Computing

The exida. IEC Functional Safety and. IEC Cybersecurity. Certification Programs

SEC-04-DRS-2017: Broadband communication systems

Social Value Creation via IoT

Opportunities for collaboration in Big Data between US and EU

White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

Odyssey Entertainment Marketing, LLC Privacy Policy

Advanced Systems Security: Ordinary Operating Systems

The EU Cybersecurity Package: Implications for ENISA Dr. Steve Purser Head of ENISA Core Operations Athens, 30 th January 2018

Research Infrastructures and Horizon 2020

Work Package 6 Dissemination and Exploitation Involved Partners: Planet Media, City Passenger, LTU, CTI

Trust in the Internet of Things From Personal Experience to Global Reputation. 1 Nguyen Truong PhD student, Liverpool John Moores University

A GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING

Innovation policy for Industry 4.0

An Anomaly-Based Intrusion Detection System for the Smart Grid Based on CART Decision Tree

TREDISEC Framework. March Co-funded by the Horizon 2020 Framework Programme of the European Union

Smart Gas Grids. Manuel Sánchez, Ph.D. Team Leader Smart Grids Directorate General for Energy European Commission

An Integrated Platform for Increased FLEXIbility in smart TRANSmission grids with STORage Entities and large penetration of Renewable Energy Sources

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

CS 307: Software Engineering. Lecture 10: Software Design and Architecture

Tolbert Family SPADE Foundation Privacy Policy

CTI Capability Maturity Model Marco Lourenco

MASP Chapter on Safety and Security

Moving from Prevention to Detection March 2017

NRENs and IoT Security: Challenges and Opportunities. Karen O Donoghue TICAL 2018 Cartagena 4 September 2018

Linux Network Administration

Strategic Transport Research and Innovation Agenda - STRIA

Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013

Towards new avenues in EU-US ICT collaboration:

French & American Educational System. Collaboration between Rutgers & Paris 6. M.S. : Distributed Systems & Applications

Guard Your Business with the Best Network Security. ds-inc.com (609)

Control System Security for Social Infrastructure

National Cybersecurity Center of Excellence

WHOIS Accuracy Study Findings, Public Comments, and Discussion

Enhancing Critical Infrastructure Protection with innovative SECurity framework

Patient Information Security

WP3: Policy and Best Practice Harmonisation

Package of initiatives on Cybersecurity

Secure Societies Work Programme Call

Cybersecurity Engineering and Assurance for Connected and Automated Vehicles

New Business Opportunities Through Evolved OSS/BSS. SEMAFOUR vision on unified Self-Management

Applying the Semantic Web Layers to Access Control

Featured Articles II Security Platforms Hitachi s Security Solution Platforms for Social Infrastructure

Upcoming EC Systems Research Perspectives

Challenges and Opportunities in Cyber Physical System Research

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

Webinar on 5G funding opportunities for EU-US collaboration in Horizon 2020

The Future of Solid State Lighting in Europe

In this policy, whenever you see the words we, us, our, it refers to Ashby Concert Band Registered Charity Number

Transcription:

A TRUST-BY-DESIGN FRAMEWORK FOR THE INTERNET OF THINGS ESR3 - Davide Ferraris PhD Student @ University of Malaga, NICS lab Tutors: Prof. Javier Lopez, Dr. Carmen Fernandez Gago 1

Contents Introduction o Trust o Internet of Things Architecture Framework o K Model o Transversal Activities Use Case Scenario Conclusion 2

Introduction Introduction o Trust o Internet of Things Architecture Framework o K Model o Transversal Activities Use Case Scenario Conclusion 3

Trust Trust is difficult to define because: To believe that someone is good and honest and will not harm you, or that something is safe and reliable. Trustor and Trustee 4

Internet of Things 20.4 billions of devices will be connected by 2020 (https://www.gartner.com/newsroom/id/3598917) Heterogeneity Dinamicity Communication Trust is needed 5

Architecture Framework Introduction o Trust o Internet of Things Architecture Framework o K Model o Transversal Activities Use Case Scenario Conclusion 6

K Model 7

Context Always present Environment Services Properties (alone or composition) Dynamic 8

K Model 9

Need Characteristics of trust Type of Architecture Protocols 10

K Model 11

Requirements IEEE 830-1993 specification 12

Requirement Specification 13

K Model 14

Model SysML Trust Models o Evaluation o Decision 15

K Model 16

Development Top Down approach Bottom Up approach Depending on the previous and following phases Core of the framework Developer centric approach 17

K Model 18

Verification Check if the entity has been built right Verification of the functionalities Verification of the requirements related to the system Developer point of view Intermediate product 19

K Model 20

Validation Check if the right entity has been built The need must be met Validation of the requirements related to Real system environment Customer point of view Final product 21

K Model 22

Utilization Trust@run.time Dynamicity of IoT must face with devices that (Join, Stay, Leave) the System 23

K Model (links) 24

Architecture Framework Introduction o Trust o Internet of Things Architecture Framework o K Model o Transversal Activities Use Case Scenario Conclusion 25

Transversal Activities Documentation Metrics Decision Gates Traceability Threat Analysis Risk Management Decision-Making 26

Documentation Connection Justification Procedures Guide Verba volant, scripta manent 27

Metrics Trust Metrics Performance Efficiency Measures 28

Decision Gates They permit to move between phases Back-Up in case something goes wrong 29

Traceability Connection between o Phases o Requirements o Activities and Phases Control Domino effects Help against Unintended Consequences 30

Threat Analysis Attacks o Internal o External Malfunctions Malwares 31

Risk Management Likelihood Severity Detectability 32

Decision Making Connected to many phases o Requirement o Model o Development o Utilization 33

Use Case Scenario Introduction o Trust o Internet of Things Architecture Framework o K Model o Transversal Activities Use Case Scenario Conclusion 34

Smart Cake Machine Smart Hub Smart Supermarke t Smart Fridge Smart Cake Machine 35

Smart Cake Machine Context o Smart Home o Trusted Smart entities Need o Smart Cake Machine Requirements o Security Requirement o Trust Requirement o Usability Requirement Models o Trusted ClassDiagram o Trusted RequirementDiagram 36

Smart Cake Machine Development o Top Down Verification o Verify the correct functionalities of the Smart Cake Machine Validation o Validate it in the cooperation with Smart Fridge and Smart Supermarkets Utilization o Join the Smart Home o Deal with join and leaving Smart devices 37

Conclusion Introduction o Trust o Internet of Things Architecture Framework o K Model o Transversal Activities Use Case Scenario Conclusion 38

Conclusion IoT has brought new security challenges Trust as a key Software, Security and System Engineering approach to ensure trust in an entity Trust and other security properties are included in the whole life cycle K-Model Transversal Activities 39

Future Work Validation of the Framework We will expand the phases of the framework Application to a real complex IoT scenario Application in an IoT System 40

Questions? Thanks to the European Commission, NeCS Project and to the university of Malaga for the opportunity given to me. This project has received funding from the European Union s Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement No. 675320. This work reflects only the author s view and the Research Executive Agency is not responsible for any use that may be made of the information it contains. 41

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback