A Security Requirements Library for the Development of Internet of Things (IoT) Applications

Abstract

In today’s era, there is a rapid increase in the demand for IoT applications. Thus, securing the information content delivered among various entities involved in the IoT applications development has become an important issue. It is also identified that there is a high cost of implementing a secured IoT application as it requires efforts, skills and knowledge to understand the security concern, especially when developers and requirement engineers do not have any formal training in software engineering and eliciting security requirements. In addition, requirements engineers who are unfamiliar with the IoT applications confront problems to elicit accurate security requirements to avoid misinterpretations. Motivated by these issues, this paper presents the development of a new IoT security requirements library of security requirement for the development of IoT applications. Using an industry scenario, the utilities of the library demonstrated the elicitation of security requirements for each of the IoT attributes of specific business applications domains.