A TRUST-BY-DESIGN FRAMEWORK FOR THE INTERNET OF THINGS
ESR3 - Davide Ferraris
PhD Student @ University of Malaga, NICS lab
Tutors: Prof. Javier Lopez , Dr. Carmen Fernandez Gago
29 August 2018 1
Contents Introduction
o Trust
o Internet of Things
Architecture Frameworko K Model
o Transversal Activities
Use Case Scenario
Conclusion
29 August 2018 2
Introduction Introduction
o Trust
o Internet of Things
Architecture Frameworko K Model
o Transversal Activities
Use Case Scenario
Conclusion
29 August 2018 3
Trust
Trust is difficult to define because:
“To believe that someone is good and honest and will not harm you, or that something is safe and reliable”.
Trustor and Trustee
29 August 2018 4
Internet of Things 20.4 billions of devices will be connected by 2020 (https://www.gartner.com/newsroom/id/3598917)
Heterogeneity
Dinamicity
Communication
Trust is needed
29 August 2018 5
Architecture Framework Introduction
o Trust
o Internet of Things
Architecture Frameworko K Model
o Transversal Activities
Use Case Scenario
Conclusion
29 August 2018 6
K Model
29 August 2018 7
Context Always present
Environment
Services
Properties (alone or composition)
Dynamic
29 August 2018 8
K Model
29 August 2018 9
Need Characteristics of trust
Type of Architecture
Protocols
29 August 2018 10
K Model
29 August 2018 11
Requirements IEEE 830-1993 specification
29 August 2018 12
Requirement Specification
29 August 2018 13
K Model
29 August 2018 14
Model SysML
Trust Modelso Evaluationo Decision
29 August 2018 15
K Model
29 August 2018 16
Development Top Down approach
Bottom Up approach
Depending on the previous and following phases
Core of the framework
Developer centric approach
29 August 2018 17
K Model
29 August 2018 18
Verification Check if “the entity has been built right”
Verification of the functionalities
Verification of the requirements related to the system
Developer point of view
Intermediate product
29 August 2018 19
K Model
29 August 2018 20
Validation Check if “the right entity has been built”
The need must be met
Validation of the requirements related to Real system environment
Customer point of view
Final product
29 August 2018 21
K Model
29 August 2018 22
Utilization [email protected]
Dynamicity of IoT must face with devices that (Join, Stay, Leave) the System
29 August 2018 23
K Model (links)
29 August 2018 24
Architecture Framework Introduction
o Trust
o Internet of Things
Architecture Frameworko K Model
o Transversal Activities
Use Case Scenario
Conclusion
29 August 2018 25
Transversal Activities Documentation
Metrics
Decision Gates
Traceability
Threat Analysis
Risk Management
Decision-Making
29 August 2018 26
Documentation Connection
Justification
Procedures
Guide
“Verba volant, scripta manent”
29 August 2018 27
Metrics Trust Metrics
Performance
Efficiency
Measures
29 August 2018 28
Decision Gates They permit to move between phases
Back-Up in case something goes wrong
29 August 2018 29
Traceability Connection between
o Phaseso Requirementso Activities and Phases
Control Domino effects
Help against Unintended Consequences
29 August 2018 30
Threat Analysis Attacks
o Internalo External
Malfunctions
Malwares
29 August 2018 31
Risk Management Likelihood
Severity
Detectability
29 August 2018 32
Decision Making Connected to many phases
o Requiremento Modelo Developmento Utilization
29 August 2018 33
Use Case Scenario Introduction
o Trust
o Internet of Things
Architecture Frameworko K Model
o Transversal Activities
Use Case Scenario
Conclusion
29 August 2018 34
Smart Cake Machine
29 August 2018 35
Smart Supermarket
Smart Cake Machine
Smart Fridge
Smart Hub
Smart Cake Machine Context
o Smart Homeo Trusted Smart entities
Needo Smart Cake Machine
Requirementso Security Requiremento Trust Requiremento Usability Requirement
Modelso Trusted ClassDiagramo Trusted RequirementDiagram
29 August 2018 36
Smart Cake Machine Development
o Top Down
Verificationo Verify the correct functionalities of the Smart Cake Machine
Validationo Validate it in the cooperation with Smart Fridge and Smart Supermarkets
Utilizationo Join the Smart Homeo Deal with join and leaving Smart devices
29 August 2018 37
Conclusion Introduction
o Trust
o Internet of Things
Architecture Frameworko K Model
o Transversal Activities
Use Case Scenario
Conclusion
29 August 2018 38
Conclusion IoT has brought new security challenges
Trust as a key
Software, Security and System Engineering approach to ensure trust in an entity
Trust and other security properties are included in the whole life cycle
K-Model
Transversal Activities
29 August 2018 39
Future Work Validation of the Framework
We will expand the phases of the framework
Application to a real complex IoT scenario
Application in an IoT System
29 August 2018 40
Questions?
Thanks to the European Commission, NeCS Project and to the university of Malaga for the opportunity given to me.
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement No. 675320.
This work reflects only the author’s view and the Research Executive Agency is not responsible for any use that may be made of the information it contains.
29 August 2018 41