University of Hertfordshire Research Archive

        JavaScript is disabled for your browser. Some features of this site may not work without it.

        Browse

        All of UHRABy Issue DateAuthorsTitlesThis CollectionBy Issue DateAuthorsTitles

        Arkivum Files

        My Downloads
        View Item 
        • UHRA Home
        • University of Hertfordshire
        • Research publications
        • View Item
        • UHRA Home
        • University of Hertfordshire
        • Research publications
        • View Item

        A Holistic Systems Security Approach Featuring Thin Secure Elements for Resilient IoT Deployments

        View/Open
        sensors_20_05252_v2.pdf (PDF, 6Mb)
        Author
        Ramalingam, Soodamani
        Gan, Hock
        Epiphaniou, Gregory
        Mistretta, Emilio
        Attention
        2299/23197
        Abstract
        IoT systems differ from traditional Internet systems in that they are different in scale, footprint, power requirements, cost and security concerns that are often overlooked. IoT systems inherently present different fail-safe capabilities than traditional computing environments while their threat landscapes constantly evolve. Further, IoT devices have limited collective security measures in place. Therefore, there is a need for different approaches in threat assessments to incorporate the interdependencies between different IoT devices. In this paper, we run through the design cycle to provide a security-focused approach to the design of IoT systems using a use case, namely, an intelligent solar-panel project called Daedalus. We utilise STRIDE/DREAD approaches to identify vulnerabilities using a thin secure element that is an embedded, tamper proof microprocessor chip that allows the storage and processing of sensitive data. It benefits from low power demand and small footprint as a crypto processor as well as is compatible with IoT 29 requirements. Subsequently, a key agreement based on an asymmetric cryptographic scheme, namely B-SPEKE was used to validate and authenticate the source. We find that end-to-end and independent stand-alone procedures used for validation and encryption of the source data originating from the solar panel are cost-effective in that the validation is carried out once and not several times in the chain as is often the case. The threat model proved useful not so much as a panacea for all threats but provided the framework for the consideration of known threats, and therefore appropriate mitigation plans to be deployed.
        Publication date
        2020-09-14
        Published in
        Sensors
        Published version
        https://doi.org/10.3390/s20185252
        Other links
        http://hdl.handle.net/2299/23197
        Metadata
        Show full item record
        Keep in touch

        © 2019 University of Hertfordshire

        I want to...

        • Apply for a course
        • Download a Prospectus
        • Find a job at the University
        • Make a complaint
        • Contact the Press Office

        Go to...

        • Accommodation booking
        • Your student record
        • Bayfordbury
        • KASPAR
        • UH Arts

        The small print

        • Terms of use
        • Privacy and cookies
        • Criminal Finances Act 2017
        • Modern Slavery Act 2015
        • Sitemap

        Find/Contact us

        • T: +44 (0)1707 284000
        • E: ask@herts.ac.uk
        • Where to find us
        • Parking
        • hr
        • qaa
        • stonewall
        • AMBA
        • ECU Race Charter
        • disability confident
        • AthenaSwan