Towards an Automated Exploration of Secure IoT/CPS Design-Variants

Lukas Alexander Gressl, Michael Krisper, Christian Steger, Ulrich Neffe

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


The advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) enabled a new class of connected, smart, and interactive devices. With their continuous connectivity and their access to valuable information in both the digital and physical world, they are highly attractive targets for security attackers. Integrating them into the industry and our daily used devices adds new attack surfaces. These potential threats call for special care of security vulnerabilities during the design of IoT devices and CPS. Due to their resource-constrained nature, designing secure IoT devices and CPS poses a complex task, considering the selectable hardware components and task implementation alternatives. Researchers proposed a range of automatic design tools to support system designers in their task of finding the optimal hardware selection and task implementations. Said tools offer a limited way of modeling attack scenarios for a system under design. The framework proposed in this paper aims at closing this gap, offering system designers a way to consider security attacks and security risks during the early phase of system design. It offers designers the possibility to model security constraints from the view of potential attackers, assessing the probability of successful security attacks and the resulting security risk, alike. We demonstrate the framework’s feasibility and performance by revisiting an industry partner’s potential system design of a future IoT device.
Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security
Subtitle of host publication39th International Conference, SAFECOMP 2020, Proceedings
EditorsAntónio Casimiro, Pedro Ferreira, Frank Ortmeier, Friedemann Bitsch
Number of pages15
ISBN (Print)9783030545482
Publication statusPublished - 31 Jul 2020
Event39th International Conference on Computer Safety, Reliability and Security: SAFECOMP 2020 - Lisbon, Virtual, Portugal
Duration: 15 Sept 202018 Sept 2020

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference39th International Conference on Computer Safety, Reliability and Security
Abbreviated titleSAFECOMP 2020
CityLisbon, Virtual
Other15th Workshop on Dependable Smart Embedded and Cyber-Physical Systems and Systems-of-Systems, DECSoS 2020, 1st International Workshop on Dependable Development-Operation Continuum Methods for Dependable Cyber-Physical Systems, DepDevOps 2020, 1st International Workshop on Underpinnings for Safe Distributed AI, USDAI 2020, and 3rd International Workshop on Artificial Intelligence Safety Engineering, WAISE 2020, held in conjunction with the 39th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2020


  • Cyber security
  • Embedded system design
  • Secure CPS
  • Secure embedded consumer devices
  • Secure IoT systems

ASJC Scopus subject areas

  • Computer Science(all)
  • Hardware and Architecture

Fields of Expertise

  • Information, Communication & Computing

Treatment code (Nähere Zuordnung)

  • Application


Dive into the research topics of 'Towards an Automated Exploration of Secure IoT/CPS Design-Variants'. Together they form a unique fingerprint.

Cite this