Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices

Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices

IoT systems contribute to digital transformation through the development of smart concepts. However, the IoT has also generated new security challenges that require security tools to be adapted, such as risk analysis methodologies. With this in mind, the purpose of our study is based on the followin...

Full description

Bibliographic Details
Main Authors: Roberto Omar Andrade, Sang Guun Yoo, Iván Ortiz-Garces, Jhonattan Barriga
Format: Article
Language:English
Published: MDPI AG 2022-03-01
Series:Applied Sciences
Subjects:
IoT security
risk analysis
attack graphs
security modeling
Online Access:https://www.mdpi.com/2076-3417/12/6/2976
Description
Summary:IoT systems contribute to digital transformation through the development of smart concepts. However, the IoT has also generated new security challenges that require security tools to be adapted, such as risk analysis methodologies. With this in mind, the purpose of our study is based on the following question: Which factors of IoT devices should be considered within risk assessment methodologies? We have addressed our study with a 4-phase design-research methodology (DRM) that allows us, based on systematic literature review, to experiment and draw upon expert judgment; as a final product, we obtain a risk assessment methodology based on the characteristics of IoT devices. At the end of this study, we establish seven main constructs—Organization, Risk Behaviors, Dependency, Attack Surface, Susceptibility, Severity and Uncertainty—over which security risk in IoT systems can be evaluated.
ISSN:2076-3417

Similar Items