AI Augmented Security by Design for Internet of Things
Augmenting Security by Design within Model-based Internet of Things systems engineering (MBSE) using Context-aware AI Techniques
Internet of Things (IoT) systems take full advantage of the heterogenous nodes available, taking into consideration their strengths (e.g., mobility and sensors etc.) and their constraints (e.g., compute and communications etc.). In order to produce an effective IoT system different expertise is required to cooperate (e.g., frontend, backend and databases) ensuring the system is fully supported across the available nodes. Due to the complexities, non-functional requirements, such as security, safety and privacy tend to be overlooked or an afterthought.
It has been estimated that as of 2020 there is over 50 billion connected devices1, 40 per cent of which, are IoT. These IoT devices are used by more than 65 per cent of enterprises and will account for more than 25 per cent of their identified attacks. Therefore, the ability to introduce and validate non-functional requirements throughout the development lifecycle is paramount. Current system modelling languages and tools are limited in their ability to capture and validate non-functional requirements against the system design. Advancements in Artificial Intelligence (AI) algorithms, around constraint satisfaction problem, opens the possibility to validate and propose system design using these techniques. The use of security patterns permits the users to define and reuse security controls within the system. This allows for a consistent approach based either on a particular physical component or service provided. The system shall be able to consume all the define security patterns and propose controls and connections to ensure compliance. If the system detects that there has been a violation against a defined security pattern, an alert is presented to the user detailing the violation, the rational and potential remediation action.
This project’s primary aim is to develop an interactive design methodology which can be used to reduce the cognitive burden of system and security engineers. The developed tool will have the ability to validate and propose system design taking into consideration non-functional requirements (i.e., security). Our secondary aim is to explore whether such a tool could also develop novice engineers’ security knowledge (e.g., university students). This project is composed of three main objectives:
- Review existing notations, models, languages and tools that facilitate capturing non-function requirements (i.e., security);
- Develop a tool that can validate and propose system design;
- Evaluate the effectiveness as a tool for augmenting security and system engineer’s capability and knowledge.
PETRAS National Centre of Excellence for IoT Systems Cybersecurity is a consortium of eleven
leading UK universities which will work together over the next three years to explore
issues in privacy, ethics, trust, reliability, acceptability, and security.
Obeo provides open modeling software solutions to create and transform complex systems. Obeo is a provider of Open Source technologies such as Sirius (graphic modeling) and Acceleo (code generation), Obeo markets Obeo Designer and Obeo SmartEA software solutions (mapping and strategic business transformation).