A TRUST-BY-DESIGN FRAMEWORK FOR THE INTERNET OF THINGS

ESR3 - Davide Ferraris

PhD Student @ University of Malaga, NICS lab

Tutors: Prof. Javier Lopez , Dr. Carmen Fernandez Gago

29 August 2018 1

Contents Introduction

o Trust

o Internet of Things

Architecture Frameworko K Model

o Transversal Activities

Use Case Scenario

Conclusion

29 August 2018 2

Introduction Introduction

o Trust

o Internet of Things

Architecture Frameworko K Model

o Transversal Activities

Use Case Scenario

Conclusion

29 August 2018 3

Trust

Trust is difficult to define because:

“To believe that someone is good and honest and will not harm you, or that something is safe and reliable”.

Trustor and Trustee

29 August 2018 4

Internet of Things 20.4 billions of devices will be connected by 2020 (https://www.gartner.com/newsroom/id/3598917)

Heterogeneity

Dinamicity

Communication

Trust is needed

29 August 2018 5

Architecture Framework Introduction

o Trust

o Internet of Things

Architecture Frameworko K Model

o Transversal Activities

Use Case Scenario

Conclusion

29 August 2018 6

K Model

29 August 2018 7

Context Always present

Environment

Services

Properties (alone or composition)

Dynamic

29 August 2018 8

K Model

29 August 2018 9

Need Characteristics of trust

Type of Architecture

Protocols

29 August 2018 10

K Model

29 August 2018 11

Requirements IEEE 830-1993 specification

29 August 2018 12

Requirement Specification

29 August 2018 13

K Model

29 August 2018 14

Model SysML

Trust Modelso Evaluationo Decision

29 August 2018 15

K Model

29 August 2018 16

Development Top Down approach

Bottom Up approach

Depending on the previous and following phases

Core of the framework

Developer centric approach

29 August 2018 17

K Model

29 August 2018 18

Verification Check if “the entity has been built right”

Verification of the functionalities

Verification of the requirements related to the system

Developer point of view

Intermediate product

29 August 2018 19

K Model

29 August 2018 20

Validation Check if “the right entity has been built”

The need must be met

Validation of the requirements related to Real system environment

Customer point of view

Final product

29 August 2018 21

K Model

29 August 2018 22

Utilization Trust@run.time

Dynamicity of IoT must face with devices that (Join, Stay, Leave) the System

29 August 2018 23

K Model (links)

29 August 2018 24

Architecture Framework Introduction

o Trust

o Internet of Things

Architecture Frameworko K Model

o Transversal Activities

Use Case Scenario

Conclusion

29 August 2018 25

Transversal Activities Documentation

Metrics

Decision Gates

Traceability

Threat Analysis

Risk Management

Decision-Making

29 August 2018 26

Documentation Connection

Justification

Procedures

Guide

“Verba volant, scripta manent”

29 August 2018 27

Metrics Trust Metrics

Performance

Efficiency

Measures

29 August 2018 28

Decision Gates They permit to move between phases

Back-Up in case something goes wrong

29 August 2018 29

Traceability Connection between

o Phaseso Requirementso Activities and Phases

Control Domino effects

Help against Unintended Consequences

29 August 2018 30

Threat Analysis Attacks

o Internalo External

Malfunctions

Malwares

29 August 2018 31

Risk Management Likelihood

Severity

Detectability

29 August 2018 32

Decision Making Connected to many phases

o Requiremento Modelo Developmento Utilization

29 August 2018 33

Use Case Scenario Introduction

o Trust

o Internet of Things

Architecture Frameworko K Model

o Transversal Activities

Use Case Scenario

Conclusion

29 August 2018 34

Smart Cake Machine

29 August 2018 35

Smart Supermarket

Smart Cake Machine

Smart Fridge

Smart Hub

Smart Cake Machine Context

o Smart Homeo Trusted Smart entities

Needo Smart Cake Machine

Requirementso Security Requiremento Trust Requiremento Usability Requirement

Modelso Trusted ClassDiagramo Trusted RequirementDiagram

29 August 2018 36

Smart Cake Machine Development

o Top Down

Verificationo Verify the correct functionalities of the Smart Cake Machine

Validationo Validate it in the cooperation with Smart Fridge and Smart Supermarkets

Utilizationo Join the Smart Homeo Deal with join and leaving Smart devices

29 August 2018 37

Conclusion Introduction

o Trust

o Internet of Things

Architecture Frameworko K Model

o Transversal Activities

Use Case Scenario

Conclusion

29 August 2018 38

Conclusion IoT has brought new security challenges

Trust as a key

Software, Security and System Engineering approach to ensure trust in an entity

Trust and other security properties are included in the whole life cycle

K-Model

Transversal Activities

29 August 2018 39

Future Work Validation of the Framework

We will expand the phases of the framework

Application to a real complex IoT scenario

Application in an IoT System

29 August 2018 40

Questions?

Thanks to the European Commission, NeCS Project and to the university of Malaga for the opportunity given to me.

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement No. 675320.

This work reflects only the author’s view and the Research Executive Agency is not responsible for any use that may be made of the information it contains.

29 August 2018 41