Toward the automation of threat modeling and risk assessment in IoT systems

Di Martino, 2018, Internet of things reference architectures, security and interoperability: a survey, Interne. Things, 1–2, 99, 10.1016/j.iot.2018.08.008 Internet of Things Reference Architecture (IoT RA). ISO/IEC CD 30141:20160910(E). ISO; 2016. Geneva, Switzerland. Rak, 2019, Automated risk analysis for iot systems OWASP, The OWASP Risk Rating Methodology Wiki Page, https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology (accessed 20 May 2019). I. Gartner, Forecast: Internet of things endpoints and associated services, worldwide, 2017, (https://www.gartner.com/doc/3840665/forecast-internet-things--endpoints). Kolias, 2017, Ddos in the IoT: Mirai and other botnets, Computer, 50, 80, 10.1109/MC.2017.201 Khan, 2018, Five acts of consumer behavior: A potential security and privacy threat to internet of things, 1 Weyrich, 2016, Reference architectures for the internet of things, IEEE Softw., 33, 112, 10.1109/MS.2016.20 Yaqoob, 2017, Internet of things architecture: Recent advances, taxonomy, requirements, and open challenges, IEEE Wirel. Commun., 24, 10, 10.1109/MWC.2017.1600421 Borgia, 2014, The internet of things vision: Key features, applications and open issues, Comput. Commun., 54, 1, 10.1016/j.comcom.2014.09.008 Xu, 2014, Internet of things in industries: a survey, IEEE Trans. Indust. Inf., 10, 2233, 10.1109/TII.2014.2300753 S.-W. Lin (Thingswise), M. Crawford (SAP) and M. Stephen (IIC), eds. The Industrial Internet of Things Volume G1: Reference Architecture. Report no. IIC:PUB:G1:V1.80:20170131. Industrial Internet Consortium, 2017. F. Carrez, eds. Deliverable D1.5 Final architectural reference model for the IoT v3.0. IoT-A Consortium, 2013. 2015 Minoli, 2017, IoT security (IoTSec) considerations, requirements, and architectures, 1006 Zhao, 2013, A survey on the internet of things security, 663 Yang, 2017, A survey on security and privacy issues in internet-of-things, IEEE Internet Things J., 4, 1250, 10.1109/JIOT.2017.2694844 Mosenia, 2017, A comprehensive study of security of internet-of-things, IEEE Trans. Emerg. Top. Comput., 5, 586, 10.1109/TETC.2016.2606384 Rizvi, 2018, Securing the internet of things (iot): a security taxonomy for iot, 163 Alaba, 2017, Internet of Things security: a survey, J. Netw. Comput. Appl., 88, 10, 10.1016/j.jnca.2017.04.002 Riahi Sfar, 2018, A roadmap for security challenges in the Internet of Things, Dig. Commun. Netw., 4, 118, 10.1016/j.dcan.2017.04.003 Sicari, 2015, Security, privacy and trust in Internet of Things: The road ahead, Comput. Netw., 76, 146, 10.1016/j.comnet.2014.11.008 Roman, 2013, On the features and challenges of security and privacy in distributed internet of things, Comput. Netw., 57, 2266, 10.1016/j.comnet.2012.12.018 Kasinathan, 2013, Denial-of-Service detection in 6LoWPAN based Internet of Things, 600 Hodo, 2016, Threat analysis of iot networks using artificial neural network intrusion detection system, 1 Lewis, 2018, Using graph databases to assess the security of thingernets based on the thingabilities and thingertivity of things, 1 National Institute of Standards and Technology, 2013, SP 800–53 Rev 4: Recommended Security and Privacy Controls for Federal Information Systems and Organizations MicroBees, The MicroBees web site, 2018. Rak, 2017, Security assurance of (multi-)cloud application with security SLA composition, Lect. Notes Comput. Sci., 10232, 786, 10.1007/978-3-319-57186-7_57 Casola, 2018, Security-by-design in multi-cloud applications: an optimization approach, Inf. Sci., 454–455, 344, 10.1016/j.ins.2018.04.081 Microsoft Corporation, The STRIDE Threat Model, 2016 https://docs.microsoft.com/en-us/previous-versions/commerce-server/ee823878(v=cs.20). Casola, 2018, Towards automated penetration testing for cloud applications, 24