Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices
IoT systems contribute to digital transformation through the development of smart concepts. However, the IoT has also generated new security challenges that require security tools to be adapted, such as risk analysis methodologies. With this in mind, the purpose of our study is based on the followin...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-03-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/12/6/2976 |
| _version_ | 1797447168893648896 |
|---|---|
| author | Roberto Omar Andrade Sang Guun Yoo Iván Ortiz-Garces Jhonattan Barriga |
| author_facet | Roberto Omar Andrade Sang Guun Yoo Iván Ortiz-Garces Jhonattan Barriga |
| author_sort | Roberto Omar Andrade |
| collection | DOAJ |
| description | IoT systems contribute to digital transformation through the development of smart concepts. However, the IoT has also generated new security challenges that require security tools to be adapted, such as risk analysis methodologies. With this in mind, the purpose of our study is based on the following question: Which factors of IoT devices should be considered within risk assessment methodologies? We have addressed our study with a 4-phase design-research methodology (DRM) that allows us, based on systematic literature review, to experiment and draw upon expert judgment; as a final product, we obtain a risk assessment methodology based on the characteristics of IoT devices. At the end of this study, we establish seven main constructs—Organization, Risk Behaviors, Dependency, Attack Surface, Susceptibility, Severity and Uncertainty—over which security risk in IoT systems can be evaluated. |
| first_indexed | 2024-03-09T13:51:00Z |
| format | Article |
| id | doaj.art-4d128bbab64048cbaf84a425d88c15b2 |
| institution | Directory Open Access Journal |
| issn | 2076-3417 |
| language | English |
| last_indexed | 2024-03-09T13:51:00Z |
| publishDate | 2022-03-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj.art-4d128bbab64048cbaf84a425d88c15b22023-11-30T20:49:35ZengMDPI AGApplied Sciences2076-34172022-03-01126297610.3390/app12062976Security Risk Analysis in IoT Systems through Factor Identification over IoT DevicesRoberto Omar Andrade0Sang Guun Yoo1Iván Ortiz-Garces2Jhonattan Barriga3Escuela Politécnica Nacional, Facultad de Ingeniería de Sistemas, Quito 170525, EcuadorEscuela Politécnica Nacional, Facultad de Ingeniería de Sistemas, Quito 170525, EcuadorEscuela de Ingeniería en Tecnologías de la Información, FICA (Facultad de Ingenierías y Ciencias Aplicadas), Universidad de Las Américas, Quito 170125, EcuadorEscuela Politécnica Nacional, Facultad de Ingeniería de Sistemas, Quito 170525, EcuadorIoT systems contribute to digital transformation through the development of smart concepts. However, the IoT has also generated new security challenges that require security tools to be adapted, such as risk analysis methodologies. With this in mind, the purpose of our study is based on the following question: Which factors of IoT devices should be considered within risk assessment methodologies? We have addressed our study with a 4-phase design-research methodology (DRM) that allows us, based on systematic literature review, to experiment and draw upon expert judgment; as a final product, we obtain a risk assessment methodology based on the characteristics of IoT devices. At the end of this study, we establish seven main constructs—Organization, Risk Behaviors, Dependency, Attack Surface, Susceptibility, Severity and Uncertainty—over which security risk in IoT systems can be evaluated.https://www.mdpi.com/2076-3417/12/6/2976IoT securityrisk analysisattack graphssecurity modeling |
| spellingShingle | Roberto Omar Andrade Sang Guun Yoo Iván Ortiz-Garces Jhonattan Barriga Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices Applied Sciences IoT security risk analysis attack graphs security modeling |
| title | Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices |
| title_full | Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices |
| title_fullStr | Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices |
| title_full_unstemmed | Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices |
| title_short | Security Risk Analysis in IoT Systems through Factor Identification over IoT Devices |
| title_sort | security risk analysis in iot systems through factor identification over iot devices |
| topic | IoT security risk analysis attack graphs security modeling |
| url | https://www.mdpi.com/2076-3417/12/6/2976 |
| work_keys_str_mv | AT robertoomarandrade securityriskanalysisiniotsystemsthroughfactoridentificationoveriotdevices AT sangguunyoo securityriskanalysisiniotsystemsthroughfactoridentificationoveriotdevices AT ivanortizgarces securityriskanalysisiniotsystemsthroughfactoridentificationoveriotdevices AT jhonattanbarriga securityriskanalysisiniotsystemsthroughfactoridentificationoveriotdevices |