Abstract
There are more and more applications of sensors in today’s world. Moreover, sensor systems are getting more complex and they are used for many high-risk security-critical purposes. Security assurance is a key issue for sensors and for other information technology (IT) products. Still, sensor security facilities and methodologies are relatively poor compared to other IT products. That is why a methodical approach to the sensor IT security is needed, i.e., risk management, implementation of countermeasures, vulnerability removal, and security evaluation and certification. The author proposes to apply the main security assurance methodology specified in ISO/IEC 15408 Common Criteria to solve specific security problems of sensors. A new Common Criteria compliant method is developed which specifies the vulnerability assessment process and related data in a structured way. The input/output data of the introduced elementary evaluation processes are modeled as ontology classes to work out knowledge bases. The validation shows that sensor-specific knowledge can be acquired during the vulnerability assessment process and then placed in knowledge bases and used. The method can be applied in different IT products, especially those with few certifications, such as sensors. The presented methodology will be implemented in a software tool in the future.
Highlights
This paper concerns the security assurance of intelligent sensors and sensor systems and is focused on the assessment and removal of their security weaknesses, called vulnerabilities.Sensors are electronic devices based on microcontrollers
Basic terms related to the Common Criteria methodology, especially the vulnerability assessment approach, which are the foundation of the presented system vulnerability assessment method (SVAM) method; the state of the art related to the paper’s content, including all research threads in the paper: Common Criteria applications in sensors, vulnerability assessment, and knowledge engineering applications in security
The information technology (IT) security development process of an IT product called Target of Evaluation (TOE); after different security analyses, a document is prepared, called Security Target (ST); the ST embraces the security problem definition (SPD) and its solution by specifying security objectives (SO), security requirements, and functions; security functional requirements (SFRs), derived from SOs, describe how security measures should work in the operational environment; EAL-related security assurance requirements (SARs) determine how much assurance one can have in the IT product; the ST comprises TOE security functions (TSFs) which meet SFRs; the TSFs are implemented on the claimed EAL; the TOE development process
Summary
This paper concerns the security assurance of intelligent sensors and sensor systems and is focused on the assessment and removal of their security weaknesses, called vulnerabilities.Sensors are electronic devices based on microcontrollers. This paper concerns the security assurance of intelligent sensors and sensor systems and is focused on the assessment and removal of their security weaknesses, called vulnerabilities. Intelligent sensors can process measured values and may be organized in sensor systems. They use network technologies for integration, i.e., the wireless technology. Concerns the IT product (TOE) and its documentation; the security evaluation process conducted according to CEM in an independent laboratory (ITSEF), supervised by the given national certification body [6]. The results of the first two processes are called evaluation evidences They are transferred together with the TOE to the ITSEF. Part 3 of the CC standard [5] includes components to express security assurance requirements (SARs) of this product. The components described in both parts are grouped by families, which, in turn, are grouped by classes, e.g.,: the “FDP” functional class concerns the user data protection, its family “FDP_ACC” concerns the access control policy, and the family component “FDP_ACC.2” expresses the issue of “Complete access control”; the assurance class “ATE” concerns tests, its family “ATE_DPT” (depth of testing) deals with the level of details to which the security functions are tested by the developer; component “ATE_DPT. Testing: basic design” provides assurance that the TSF subsystems behave and interact as described in the TOE design and the security architecture description
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
