Publisher DOI: 10.1145/3538969.3538970
Title: STRIPED: A Threat Analysis Method for IoT Systems
Language: English
Authors: Srikumar, Kamakshi 
Kashish, Komal 
Eggers, Kolja 
Díaz Ferreyra, Nicolás  
Koch, Julian  
Schüppstuhl, Thorsten  
Scandariato, Riccardo 
Keywords: IIoT; IoT; physical threats; security; STRIDE; threat analysis
Issue Date: Aug-2022
Source: 17th International Conference on Availability, Reliability and Security (ARES 2022)
Abstract (english): 
Currently, IoT systems display a poor level of security, as 50% of IoT devices are vulnerable to severe attacks, according to research. In an attempt to ameliorate the situation, we propose STRIPED, a threat analysis technique that focuses particularly on threat scenarios involving IoT devices that can be physically accessed by attackers. We evaluate STRIPED in a two-pronged way. First, we assess its performance compared to STRIDE (from which STRIPED is derived) in the context of a case study from the manufacturing industry. Second, we gather the feedback of 8 security experts working in a large, multinational company that specializes in secure IoT products for the domains of automotive, industrial, mobile and smart-home applications. These initial evaluation attempts provide encouraging evidence and suggest our method is a step in the right direction of facilitating security-by-design in IoT systems, especially industrial ones.
Conference: 17th International Conference on Availability, Reliability and Security, ARES 2022 
URI: http://hdl.handle.net/11420/13577
ISBN: 978-145039670-7
Institute: Software Security E-22 
Document Type: Chapter/Article (Proceedings)
Appears in Collections:Publications without fulltext

Show full item record

Page view(s)

34
checked on Dec 4, 2022

Google ScholarTM

Check

Add Files to Item

Note about this record

Cite this record

Export

Items in TORE are protected by copyright, with all rights reserved, unless otherwise indicated.