issuhub.com

Internet of Things Architecture

(Elliott) #1

211


Element to protect Risk D/R/E/A/D rating Examples of Causes Mitigation and relevant Design Choices (for the latter see

Section 5.2.10)

content. security

Attacker alters sensor

device so that monitoring

of a Physical Entity fails.

L/M/L/L/H

enforce weak security

Not specifically targeted. Sensitive physical values may be monitored by a

large number of sensors, or sensor integrity can be remotely verified.

Disclosure of device

configuration information

L/L/L/L/H

enforce weak security

Not specifically targeted. Unlinkability between different actions of the

same device, provided by the Identity Management Functional Component

(see Section 4.2.2.7), will mitigate the criticality of this threat.

DC P.1: use of temporary identity to provide unlinkability

Device identification L/M/M/L/H

enforce medium

security

Attacker bypasses in-place

pseudonymity scheme and

identifies a device as

providing access to certain

data.

Adequate protection scheme requiring partial pre-knowledge of each other

before a tag can be read by a reader (the tag will only answer to a "known"

reader).

Attacker physically

disables leaf device

(local).

L/H/H/L/L

enforce weak security

Tag destruction Not specifically targeted. Typically addressable through physical

investigation (identify the attacker through traces left by the physical

attack; e.g. triangulation of a destructive electromagnetic pulse).

Attacker physically

disables leaf device

(remote).

M/H/L/H/L

enforce weak security

Tag destruction by remote

electromagnetic means

Not specifically targeted. Typically addressable through physical

investigation.

Attacker prevents proper

communication to an

actuator.

M/H/L/M/L

enforce medium

security

Denial-of-service detection / reaction scheme (security by design).

DC A.16- 17 : autonomous security

Intermediary devices Compromised

intermediary devices alter

data passing through.

M/H/M/M/L

enforce medium

security

End-to-end security scheme provided by the Key Exchange and

Management Functional Component (see Section 4.2.2.7), and enforced

by the relevant protocol security function.

Remote monitoring of intermediary devices can be another means of
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.