Threat Modelling of IoT Systems Using Distributed Ledger Technologies and IOTA

Authors: Damianou, A., Khan, M.A., Marios Angelopoulos, C. and Katos, V.

Journal: Proceedings - 17th Annual International Conference on Distributed Computing in Sensor Systems, DCOS 2021

Pages: 404-413

ISBN: 9781665439299

DOI: 10.1109/DCOSS52077.2021.00070

Abstract:

Internet of Things has emerged as a key techno-logical enabler for broader socio-technical and socio-economic paradigms, such as smart cities and Circular Economy. However, IoT systems are characterised by constraints and limitations which in order to be overcome they need to be deployed in conjunction and in synergy with other emerging ICT. Distributed Ledger Technologies (DLT) can help overcome challenges pertaining to data immutability, timeliness and security. However, the use of DLT does not satisfactorily mitigate security risks and vulnerabilities per se and currently cybersecurity aspects of IoT systems are addressed in a fragmented way. Furthermore, the conflict between the resource demanding Blockchains and the highly constrained nature of IoT devices hinders implementation efforts of corresponding systems. We consider networked systems that comprise both IoT and DLT technologies via the prism of Intelligent Transportation Systems (ITS). We elicit a three-tier threat model identifying attack vectors at the Device, the Network and the DLT layers. The identified attacks are then ranked by using the DREAD ranking scheme. The use of the threat model is demonstrated on a novel proof-of-concept IoT networked system implemented using the IOTA Tangle distributed ledger, where it helps to critically appraise the design of the system against the most critical attacks. Furthermore, the developed system is among the first in the literature to demonstrate the synergy of IoT and DLT on actual constrained embedded devices. The performance evaluation provides insights showing that such systems can be efficient and suitable for real-life deployment.

http://eprints.bournemouth.ac.uk/36971/

Source: Scopus

Threat Modelling of IoT Systems Using Distributed Ledger Technologies and IOTA

Authors: Damianou, A., Khan, M.A., Angelopoulos, C.M., Katos, V. and SOC, I.C.

Journal: 17TH ANNUAL INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING IN SENSOR SYSTEMS (DCOSS 2021)

Pages: 404-413

ISSN: 2325-2936

DOI: 10.1109/DCOSS52077.2021.00070

http://eprints.bournemouth.ac.uk/36971/

Source: Web of Science (Lite)

Threat Modelling of IoT Systems Using Distributed Ledger Technologies and IOTA

Authors: Damianou, A., Khan, M.A., Angelopoulos, C.M. and Katos, V.

Conference: 17th International Conference on Distributed Computing in Sensor Systems (DCOSS)

Pages: 404-413

ISBN: 9781665439299

ISSN: 2325-2936

Abstract:

Internet of Things has emerged as a key techno-logical enabler for broader socio-technical and socio-economic paradigms, such as smart cities and Circular Economy. However, IoT systems are characterised by constraints and limitations which in order to be overcome they need to be deployed in conjunction and in synergy with other emerging ICT. Distributed Ledger Technologies (DLT) can help overcome challenges pertaining to data immutability, timeliness and security. However, the use of DLT does not satisfactorily mitigate security risks and vulnerabilities per se and currently cybersecurity aspects of IoT systems are addressed in a fragmented way. Furthermore, the conflict between the resource demanding Blockchains and the highly constrained nature of IoT devices hinders implementation efforts of corresponding systems. We consider networked systems that comprise both IoT and DLT technologies via the prism of Intelligent Transportation Systems (ITS). We elicit a three-tier threat model identifying attack vectors at the Device, the Network and the DLT layers. The identified attacks are then ranked by using the DREAD ranking scheme. The use of the threat model is demonstrated on a novel proof-of-concept IoT networked system implemented using the IOTA Tangle distributed ledger, where it helps to critically appraise the design of the system against the most critical attacks. Furthermore, the developed system is among the first in the literature to demonstrate the synergy of IoT and DLT on actual constrained embedded devices. The performance evaluation provides insights showing that such systems can be efficient and suitable for real-life deployment.

http://eprints.bournemouth.ac.uk/36971/

Source: BURO EPrints