Effective Threat and Security Modelling Approach to Devise Security Rating of Diverse IoT Devices

Abstract

IoT is an emerging connected technology, opening venues to a plethora of new service and computing models. Estimates from market leading industry estimate that IoT will grow tremendously reaching to a whooping trillion connected devices by year 2035. The identification and deployment of right level of security for an IoT is a significant challenge due to highly diverse application use cases (home automation, consumer electronics, medical devices, intelligent transport system, power grid, autonomous vehicle, industrial control critical infrastructure, etc.), their deployment scenarios, attack surface, and possible threat models. There is a strong need for effective threat and security modelling approach to devise security rating of diverse IoT devices. The aim of this research work is to explore and evaluate research work done till now, which will further form a basis to formulate a process-driven effective threat and security modelling approach that can be used to evaluate, assess and quantify the security of IoT devices based on the on-board safety, security, and data protection mechanisms. Data collected from couple of uptodate research and their conclusion has been discussed to provide a brief overview and an in-depth understanding of the research progress in this area.