A Design Exploration Framework for Secure IoT-Systems

Lukas Alexander Gressl, Christian Steger, Ralph Peter Weissnegger, Andreas Daniel Sinnhofer, Alexander Rech

Publikation: KonferenzbeitragPaperBegutachtung

Abstract

Cybersecurity is vital for embedded systems, especially for Internet of Things (IoT) systems. IoT systems have become essential in our daily lives, as they are usable for various application areas. They are usually small, connected with other systems, and perform a wide range of tasks. They are subject to multiple constraints in terms of performance, power consumption, chip area, etc. Attackers often target such devices as they are in constant interaction with each other or connected to the internet during private data processing. Cybersecurity, thus, plays a vital role in the design of IoT systems. Hence, designing secure IoT systems is a complex task, particularly for designers with limited security know-how. Security measures increase both computation time and power consumption, creating a conflict between these constraints, which must be solved by the designers. Balancing these constraints is a highly complex task. In this paper, we propose a new approach for considering security constraints in design space exploration, including possible security attacks on embedded systems. The method simplifies the consideration of security requirements at the start of the system design. We introduce a security attack based design space exploration framework, capable of finding the optimal design for an IoT system, based on its architectural, behavioral, and security attack description. The paper shows the feasibility and benefits of the framework, employing a secure sensor use case.

Originalspracheenglisch
Seiten1-8
Seitenumfang8
DOIs
PublikationsstatusVeröffentlicht - Juni 2020
Veranstaltung2020 International Conference on Cyber Security and Protection of Digital Services - Virtuell
Dauer: 15 Juni 202019 Juni 2020

Konferenz

Konferenz2020 International Conference on Cyber Security and Protection of Digital Services
KurztitelCyber Security 2020
OrtVirtuell
Zeitraum15/06/2019/06/20

ASJC Scopus subject areas

  • Informationssysteme und -management
  • Information systems
  • Sicherheit, Risiko, Zuverlässigkeit und Qualität
  • Computernetzwerke und -kommunikation

Dieses zitieren