6th International Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR)
Cyber Security Research
10th-12th September 2019
We report on the evaluation of an efficient and scalable verification method that assures runtime security of real-time Internet of Things (IoT) applications with strict performance requirements. Modeling known threats at abstract but practical level is key to assure security of efficient and scalable IoT applications. To this end, the method classifies set of known attacks into computational, data integrity and communication attacks. Then, each attack class is decomposed into declarative properties and definitive properties. A declarative property specifies an attack as a single big-step relation between initial and final state by ignoring intermediate states, while a definitive property specifies an attack as a sequence of numerous small-step relations considering all intermediate states between initial and final state. Finally, the declarative properties are translated into runtime security monitor that assures protection of the application execution against known threats without defying runtime application’s performance requirements. in particular, we evaluate the methodology through its application to an energy management application of smart home.