Abstract
The past couple of years have marked continued growth in the applications and services of the Internet of Things (IoT). This has attracted the attention of new operators as well as institutional, corporate, and private investors in every sector of the economy, and as a result, new businesses are springing up rapidly. These include many start-up companies that are producing various kinds of useful IoT devices and Smart Applications (smart apps). While this can be seen as a boost for innovation in the IoT, some of these companies produce IoT devices and smart apps with security vulnerabilities. In this paper, we propose the IoT Hardware Platform Security Advisor (IoT-HarPSecA), a security framework intended to provide support to such IoT producers. IoT-HarPSecA offers three functionality features, namely security requirement elicitation, security best practice guidelines for secure development, and above all, a feature that recommends specific LightWeight Cryptographic Algorithms (LWCAs) for both software and hardware implementations. Accordingly, IoT-HarPSecA is composed of three main components, namely Security Requirements Elicitation (SRE) component, Security Best Practice Guidelines (SBPG) component, and LightWeight Cryptographic Algorithms Recommendation (LWCAR) component, each of them servicing one of the aforementioned features. We implement a command-line tool in C++ to serve as an interface between users and the proposed framework. IoT-HarPSecA can be employed during the early stages of IoT systems design, and it can also be used to facilitate the implementation of security in existing IoT systems. This paper presents a detailed description, design, and implementation of the SRE, SBPG, and LWCAR components of the proposed framework. Using real-world practical scenarios, we show how IoT-HarPSecA can be used to elicit security requirements and recommend appropriate LWCAs based on user inputs. While a full performance evaluation of the SRE and SBPG components is beyond the scope of this paper, we present a detailed performance evaluation of the LWCAR component, which shows that IoT-HarPSecA can serve as a roadmap for secure IoT development.
Highlights
Internet of Things (IoT) devices are becoming increasingly popular and their applications can be found in almost everyThe associate editor coordinating the review of this manuscript and approving it for publication was Muhammad Maaz Rehan .field of human activity, which contributed greatly to the mass adoption of the IoT technology
We propose the IoT Hardware Platform Security Advisor (IoT-HarPSecA), a security framework aimed at facilitating the design and implementation of secure IoT devices and smart apps
In the introduction, the major questions and concerns of non-security experts involved in the design and development of IoT devices and smart apps may include: (1) how to identify the security requirements of an IoT system, (2) what specific security best practice guidelines to follow for the design of a particular IoT system, (3) which security mechanism to choose for a given security requirement, and (4) what cryptographic algorithms provide the right mechanisms for a given set of security requirements
Summary
Internet of Things (IoT) devices are becoming increasingly popular and their applications can be found in almost every. Field of human activity, which contributed greatly to the mass adoption of the IoT technology They include new smart consumer products and legacy infrastructure systems that have been around for years but only recently embedded with the technology that enabled them to connect to the Internet. While some established companies are often reluctant to give security their highest priority in a quest to offer competitive prices and reduce time to market [9], many engineers and developers in IoT start-up companies, as well as electronics hobbyists, lack security expertise [5] This presents a major challenge in the development of secure IoT devices and smart apps. Design and implementation of the SRE, SBPG, and LWCAR components of the IoT-HarPSecA framework tool;.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
