{"title":"以计量应用程序为例的嵌入式设备风险管理","authors":"O. Guillen, R. Brederlow, Ralph Ledwa, G. Sigl","doi":"10.1145/2668322.2668328","DOIUrl":null,"url":null,"abstract":"Along with the rise in use of everyday life electronic products that collect and communicate personal data, there is an increasing need for adequate security. The use of ultra-low-power MCUs in such applications provides a clear advantage in terms of energy consumption. However, given their general-purpose nature and low-power needs, security has not been the main focus in the past. This work places emphasis on methodologically analyzing open security gaps at a system level and providing a score for each vulnerability found. Such vulnerability scores help prioritize the efforts towards building a secure system and balancing the trade-off between suitable protection and minimal cost. The work presented uses as an example an abstraction of metering applications implemented using a general purpose microcontroller. The presented approach makes use of the Common Vulnerability Scoring System open framework to quantify the impact of possible vulnerabilities and prioritize their remediation based on their relevancy.","PeriodicalId":434126,"journal":{"name":"WESS '14","volume":"64 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Risk management in embedded devices using metering applications as example\",\"authors\":\"O. Guillen, R. Brederlow, Ralph Ledwa, G. Sigl\",\"doi\":\"10.1145/2668322.2668328\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Along with the rise in use of everyday life electronic products that collect and communicate personal data, there is an increasing need for adequate security. The use of ultra-low-power MCUs in such applications provides a clear advantage in terms of energy consumption. However, given their general-purpose nature and low-power needs, security has not been the main focus in the past. This work places emphasis on methodologically analyzing open security gaps at a system level and providing a score for each vulnerability found. Such vulnerability scores help prioritize the efforts towards building a secure system and balancing the trade-off between suitable protection and minimal cost. The work presented uses as an example an abstraction of metering applications implemented using a general purpose microcontroller. The presented approach makes use of the Common Vulnerability Scoring System open framework to quantify the impact of possible vulnerabilities and prioritize their remediation based on their relevancy.\",\"PeriodicalId\":434126,\"journal\":{\"name\":\"WESS '14\",\"volume\":\"64 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-10-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"WESS '14\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2668322.2668328\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"WESS '14","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2668322.2668328","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Risk management in embedded devices using metering applications as example
Along with the rise in use of everyday life electronic products that collect and communicate personal data, there is an increasing need for adequate security. The use of ultra-low-power MCUs in such applications provides a clear advantage in terms of energy consumption. However, given their general-purpose nature and low-power needs, security has not been the main focus in the past. This work places emphasis on methodologically analyzing open security gaps at a system level and providing a score for each vulnerability found. Such vulnerability scores help prioritize the efforts towards building a secure system and balancing the trade-off between suitable protection and minimal cost. The work presented uses as an example an abstraction of metering applications implemented using a general purpose microcontroller. The presented approach makes use of the Common Vulnerability Scoring System open framework to quantify the impact of possible vulnerabilities and prioritize their remediation based on their relevancy.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
