RISS

Resilient Information Systems Security

SECRIS: Security Risk Assessment of IoT Environments with Attack Graph Models

IoT environments are vulnerable: many devices can be accessed physically and are not designed with security in mind. It is often impractical to patch all the vulnerabilities or to eliminate all possible threats. Unlike more traditional computing systems IoT environments bring together the physical, human and cyber aspects of a system. Each can be used to compromise the other and each can contribute towards monitoring and protecting the other. Given the complexity of possible attacks, techniques for identifying and assessing the security risk are needed. In traditional networked environments attack graphs have been proven as a powerful tool for representing […]