Formal UML-based Modeling and Analysis for Securing Location-based IoT Applications

Cardenas, Hector; Zimmerman, Ryan D.; Viesca, Antonio Rosales; Lail, Mustafa Al; Pérez, Alfredo

doi:10.1109/mass56207.2022.00109

Cited by 1 publication

(1 citation statement)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some other approaches have indeed considered the security issue, but in terms of implementation, whereas our proposal considers security in terms of requirements specification. [27] proposed a process and a tool to apply formal methods in IoT applications using the Unified Modeling Language (UML). They developed a plug-in tool that validates UML software models to design secure software applications.…”

Section: Related Workmentioning

confidence: 99%

Semiotics: An Approach to Model Security Scenarios for IoT-Based Agriculture Software

Hurtado,

Antonelli,

López

et al. 2024

TecnoL.

View full text Add to dashboard Cite

Agriculture is a vital human activity that contributes to sustainable development. A few decades ago, the agricultural sector adopted the Internet of Things (IoT), which has played a relevant role in precision and smart farming. The IoT developments in agriculture require that numerous connected devices work cooperatively. This increases the vulnerability of IoT devices, mainly because they lack the necessary built-in security because of their context and computational capacity. Other security threats to these devices are related to data storage and processing connected to edge or cloud servers. To ensure that IoT-based solutions meet functional and non-functional requirements, particularly those concerning security, software companies should adopt a security-focused approach to their software requirements specification. This paper proposes a method for specifying security scenarios, integrating requirements and architecture viewpoints into the context of IoT for agricultural solutions. The method comprises four steps: (i) describe scenarios for the intended software, (ii) describe scenarios with incorrect uses of the system, (iii) translate these scenarios into security scenarios using a set of rules, and (iv) improve the security scenarios. This paper also describes a prototype application that employs the proposed algorithm to strengthen the incorrect use scenario based on the correct use scenario. Then, the expert can complete the information for the analysis and subsequent derivation of the security scenario. In addition, this paper describes a preliminary validation of our approach. The results show that the proposed approach enables software engineers to define and analyze security scenarios in the IoT and agricultural contexts with good results. A survey administered to five security experts found that the proposed security scenario method is generally useful for specifying agricultural IoT solutions but needs improvement in different areas.

show abstract

Section: Related Workmentioning

confidence: 99%