loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Rauli Kaksonen 1 ; Kimmo Halunen 1 ; 2 ; Marko Laakso 1 and Juha Röning 1

Affiliations: 1 University of Oulu, Oulu, Finland ; 2 National Defence University of Finland, Department of Military Technology, Finland

Keyword(s): IoT, Security standard, Testing, Automation, Security tools, ETSI EN 303 645, ETSI TS 103 701

Abstract: Cybersecurity standards play a vital role in safeguarding the Internet of Things (IoT). Currently, standard compliance is assessed through manual reviews by security experts, a process which cost and delay is often too high. This research delves into the potential of automating IoT security standard testing, focusing on the ETSI TS 103 701 test specification for the ETSI EN 303 645 standard. From the test specification, 56 tests are relevant for the network attack threat model and considered for automation. The results are promising: basic network security tools can automate 52% of these tests, and advanced tools can push that number up to 70%. For full test coverage, custom tooling is required. The approach is validated by creating a test verdict automation for a real-world IoT product. Test automation is an investment, but the results indicate it can streamline security standard verification, especially for product updates and variants. The automation can use data from other testi ng activities to reduce effort. Automating the security standard testing would enable the certification of a large number of IoT products for their lifetime. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.141

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Kaksonen, R., Halunen, K., Laakso, M. and Röning, J. (2024). Automating IoT Security Standard Testing by Common Security Tools. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-683-5; ISSN 2184-4356, SciTePress, pages 42-53. DOI: 10.5220/0012345900003648

@conference{icissp24,
author={Rauli Kaksonen and Kimmo Halunen and Marko Laakso and Juha Röning},
title={Automating IoT Security Standard Testing by Common Security Tools},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP},
year={2024},
pages={42-53},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012345900003648},
isbn={978-989-758-683-5},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - ICISSP
TI - Automating IoT Security Standard Testing by Common Security Tools
SN - 978-989-758-683-5
IS - 2184-4356
AU - Kaksonen, R.
AU - Halunen, K.
AU - Laakso, M.
AU - Röning, J.
PY - 2024
SP - 42
EP - 53
DO - 10.5220/0012345900003648
PB - SciTePress