Modern distributed systems consist of a multi-layer architecture of IoT, edge, and cloud nodes. Together, they are revolutionizing our lives, bringing intelligence to existing processes (e.g., smart grids) and enabling novel, efficient and effective processes (e.g., remote surgery). This transition however does not come without drawbacks, due to the ever-increasing reliance on devices whose security and safety are, at least, questionable. In this context, research is in its infancy, struggling to adapt successful practices applied, for instance, in cloud systems. Security of modern IoT systems still relies on old-fashioned approaches, mostly static assessments considering only very specific parts of the target system, rather than assessing the system as a whole. In this paper, we put forward the idea of security assurance for IoT, as a higher-level assurance process evaluating the target system at different layers and different moments of its lifecycle, then implemented by a flexible assurance framework. The quality of our approach is evaluated in a real- world smart lighting system.

Security Assurance in Modern IoT Systems / N. Bena, R. Bondaruc, A. Polimeno (IEEE VEHICULAR TECHNOLOGY CONFERENCE). - In: 2022 IEEE 95th Vehicular Technology Conference: (VTC2022-Spring)[s.l] : IEEE, 2022. - ISBN 978-1-6654-8243-1. - pp. 1-5 (( Intervento presentato al 4. convegno Workshop on Connected Intelligence for IoT and Industrial IoT Applications (C3IA) tenutosi a Helsinki nel 2022 [10.1109/VTC2022-Spring54318.2022.9860757].

Security Assurance in Modern IoT Systems

N. Bena;A. Polimeno
2022

Abstract

Modern distributed systems consist of a multi-layer architecture of IoT, edge, and cloud nodes. Together, they are revolutionizing our lives, bringing intelligence to existing processes (e.g., smart grids) and enabling novel, efficient and effective processes (e.g., remote surgery). This transition however does not come without drawbacks, due to the ever-increasing reliance on devices whose security and safety are, at least, questionable. In this context, research is in its infancy, struggling to adapt successful practices applied, for instance, in cloud systems. Security of modern IoT systems still relies on old-fashioned approaches, mostly static assessments considering only very specific parts of the target system, rather than assessing the system as a whole. In this paper, we put forward the idea of security assurance for IoT, as a higher-level assurance process evaluating the target system at different layers and different moments of its lifecycle, then implemented by a flexible assurance framework. The quality of our approach is evaluated in a real- world smart lighting system.
Assurance; Cloud-Edge; IoT; Security
Settore INF/01 - Informatica
H20_RIA19EDAMI_01 - Cyber security cOmpeteNce fOr Research anD Innovation (CONCORDIA) - DAMIANI, ERNESTO - H20_RIA - Horizon 2020_Research & Innovation Action/Innovation Action - 2019
RL_DG-UNI20PRISO_01 - MIND FoodS HUB - RISO, PATRIZIA - RL_DG-UNI - Bandi DG Università, ricerca e open innovation - 2020
Book Part (author)
File in questo prodotto:
File Dimensione Formato  
BBP.C3IA.VTC2022S.pdf

accesso riservato

Tipologia: Publisher's version/PDF
Dimensione 325.24 kB
Formato Adobe PDF
325.24 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
BBP.C3IA.VTC2022S.pdf

accesso aperto

Tipologia: Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione 257.59 kB
Formato Adobe PDF
257.59 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/938531
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact