Security Risk Assessment of IoT Environments with Attack Graph Models (SECRIS)
Partners: Building Research Establishment
IoT environments are vulnerable: many devices can be accessed physically and are not designed with security in mind. It is often impractical to patch all the vulnerabilities or to eliminate all possible threats. Unlike more traditional computing systems IoT environments bring together the physical, human and cyber aspects of a system. Each can be used to compromise the other and each can contribute towards monitoring and protecting the other. Given the complexity of possible attacks, techniques for identifying and assessing the security risk are needed. In traditional networked environments attack graphs have been proven as a powerful tool for representing the different paths through which a system can be compromised. In this project we propose to design a new generation of attack graph models capable of describing the attack surface of modern IoT infrastructures for smart buildings. In SECRIS we investigate new mechanisms to reduce the complexity of the attack graph representations and efficient algorithms for their analysis, particularly focusing on smart buildings as a case-study.
- To define new attack graph representations that can enable the analysis of the propagation of threats across the physical, human, and cyber aspects of the system.
- To define mechanisms to efficiently re-generate attack graph models in highly dynamic environments, as it is the case of IoT infrastructures and smart buildings.
- To develop inference algorithms for risk analysis for this new generation of attack graphs, scalable and appropriate for dynamic systems where devices can frequently join or leave the system.
- To investigate vulnerabilities in smart buildings including their human, physical and cyber aspects.