The Library
A holistic systems security approach featuring thin secure elements for resilient IoT deployments
Tools
Tools
Tools
Ramalingam, Soodamani, Gan, Hock, Epiphaniou, Gregory and Mistretta, Emilio (2020) A holistic systems security approach featuring thin secure elements for resilient IoT deployments. Sensors, 20 (18). 5252. doi:10.3390/s20185252
|
PDF
WRAP-Holistic-systems-security-approach-thin-secure-resilient-IoT-deployments-Epiphaniou-2020.pdf - Published Version - Requires a PDF viewer. Available under License Creative Commons Attribution 4.0. Download (6Mb) | Preview |
|
![[img]](http://wrap.warwick.ac.uk/style/images/fileicons/application_msword.png) |
Microsoft Word
Thin Secure Elements-V1-S_Ramalingam et al_HG3108_1.docx - Accepted Version Embargoed item. Restricted access to Repository staff only Download (2082Kb) |
Official URL: https://doi.org/10.3390/s20185252
Abstract
IoT systems differ from traditional Internet systems in that they are different in scale, footprint, power requirements, cost and security concerns that are often overlooked. IoT systems inherently present different fail-safe capabilities than traditional computing environments while their threat landscapes constantly evolve. Further, IoT devices have limited collective security measures in place. Therefore, there is a need for different approaches in threat assessments to incorporate the interdependencies between different IoT devices. In this paper, we run through the design cycle to provide a security-focused approach to the design of IoT systems using a use case, namely, an intelligent solar-panel project called Daedalus. We utilise STRIDE/DREAD approaches to identify vulnerabilities using a thin secure element that is an embedded, tamper proof microprocessor chip that allows the storage and processing of sensitive data. It benefits from low power demand and small footprint as a crypto processor as well as is compatible with IoT requirements. Subsequently, a key agreement based on an asymmetric cryptographic scheme, namely B-SPEKE was used to validate and authenticate the source. We find that end-to-end and independent stand-alone procedures used for validation and encryption of the source data originating from the solar panel are cost-effective in that the validation is carried out once and not several times in the chain as is often the case. The threat model proved useful not so much as a panacea for all threats but provided the framework for the consideration of known threats, and therefore appropriate mitigation plans to be deployed.
| Item Type: | Journal Article | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Alternative Title: | |||||||||||||
| Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software T Technology > TK Electrical engineering. Electronics Nuclear engineering |
||||||||||||
| Divisions: | Faculty of Science > WMG (Formerly the Warwick Manufacturing Group) | ||||||||||||
| Library of Congress Subject Headings (LCSH): | Internet of things , Internet of things -- Safety measures, Embedded computer systems, Embedded computer systems -- Design and construction, Embedded Internet devices | ||||||||||||
| Journal or Publication Title: | Sensors | ||||||||||||
| Publisher: | MDPI AG | ||||||||||||
| ISSN: | 1424-8220 | ||||||||||||
| Official Date: | 14 September 2020 | ||||||||||||
| Dates: |
|
||||||||||||
| Volume: | 20 | ||||||||||||
| Number: | 18 | ||||||||||||
| Article Number: | 5252 | ||||||||||||
| DOI: | 10.3390/s20185252 | ||||||||||||
| Status: | Peer Reviewed | ||||||||||||
| Publication Status: | Published | ||||||||||||
| Access rights to Published version: | Open Access | ||||||||||||
| RIOXX Funder/Project Grant: |
|
||||||||||||
| Related URLs: |
Request changes or add full text files to a record
Repository staff actions (login required)
 |
View Item |
