A case for iot security assurance

Claudio A. Ardagna, Ernesto Damiani, Julian Schütte, Philipp Stephanow

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

10 Scopus citations


Today the proliferation of ubiquitous devices interacting with the external environment and connected by means of wired/wireless communication technologies points to the definition of a new vision of ICT called Internet of Things (IoT). In IoT, sensors and actuators, possibly embedded in more powerful devices, such as smartphones, interact with the surrounding environment. They collect information and supply it across networks to platforms where IoT applications are built. IoT services are then made available to final customers through these platforms. Needless to say, IoT scenario revolutionizes the concept of security, which becomes even more critical than before. Security protection must consider millions of devices that are under control of external entities, freshness and integrity of data that are produced by the latter devices, and heterogeneous environments and contexts that co-exist in the same IoT environment. These aspects make the need of a systematic way of assessing the quality and security of IoT systems evident, introducing the need of rethinking existing assurance methods to fit the IoT-based services. In this chapter, we discuss and analyze challenges in the design and development of assurance methods in IoT, focusing on traditional CIA properties, and provide a first process for the development of continuous assurance methods for IoT services. We also design a conceptual framework for IoT security assurance evaluation.

Original languageBritish English
Title of host publicationInternet of Things
Number of pages18
StatePublished - 2018

Publication series

NameInternet of Things
ISSN (Print)2199-1073
ISSN (Electronic)2199-1081


Dive into the research topics of 'A case for iot security assurance'. Together they form a unique fingerprint.

Cite this