A Language for Analyzing Security of IOT Systems

Abstract

The control and protection of a user data is a very important aspect in the design and deployment of the Internet of Things (IoT). In this paper we propose a security-based modelling language for IoT systems, which explicitly represents data access controls. The language leverages the analysis of potential security failures resulting from a series of interactions between heterogeneous components of a system. We implemented a tool that automatically transforms IoT models into BIP models, which can then be simulated and analyzed for security guarantees. We illustrate the features of our language with a use-case inspired by an industrial scenario.