Building Confidence using Beliefs and Arguments in Security Class Evaluations for IoT (long version)

Abstract

We have previously proposed a security classification methodology for IoT systems and have applied it to the smart grid and smart home domain. This method departs from classical risk analysis and certification methods in that it caters for security at design time and for the system designers’ needs to know what protection mechanisms to use for the connectivity and exposure that their system under development requires. Though this method can be used for certification, after the system was built, much of the benefit comes in using it to decide what security features to choose to reach the desired security class. However, similarly to many risk analysis methods, this methodology is unable to assure the evaluation results by properly justifying the assessment. In this work we add two confidence parameters: belief and uncertainty to the assessment tree of arguments of a class. Thus, the final result will now be a tuple <C, B, U>, where C is the class to which the system under consideration belongs, along with a belief measure B in the evaluation aspects of C, and the uncertainty U in the evaluation details. Looking at the confidence parameters tells how well the security assessment is justified. To exemplify this enhanced security classification methodology, we systematically apply it to two control mechanisms for a Smart Home Energy Management Systems.